[strongSwan-dev] Failing to clean up deleted SA state in a timely way?
Philip Prindeville
philipp_subx at redfish-solutions.com
Wed Jan 7 23:07:48 CET 2015
I'm new to the Strongswan code base, so I might ask a couple of obvious
questions. Apologies in advance.
I'm seeing the following scenario when using L2TP-over-IPsec. The
client is deliberately flapping the connection (every 60s) as part of a
test suite.
Logs at the bottom.
From what I can tell, the smoking gun is here:
Dec 16 04:18:26 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #37: cannot install eroute -- it is in use for "remote-access-mac-zzz"[32] 114.242.248.202:4195 #32
or shortly after, i.e. that the creation of a new SA failed because the
eroute from the previous SA hadn't yet been pruned.
This is 4.5.2 and yes, we do plan to migrate to 5.1.3 (or later) in the
next 6 months, but for now I REALLY need to resolve this issue.
Where does the eroute get deleted as part of the SA cleanup, and how do
I make all of that happen more aggressively? It wasn't clear if more
pluto threads were needed, but even after bumping pluto.threads to 16
from 4 I'm still seeing this, so the problem lies elsewhere.
Another possibility is that there's insufficient thread safety around
the SA creation/deletion, but that's just a theory. As I said, I'm not
very familiar with the code base.
Where, given these logs, should I be looking for a bug?
Thanks,
-Philip
Dec 16 04:12:35 clyy pluto[4461]: Starting IKEv1 pluto daemon (strongSwan 4.5.2) THREADS SMARTCARD VENDORID CISCO_QUIRKS
Dec 16 04:12:35 clyy pluto[4461]: including NAT-Traversal patch (Version 0.6c)
Dec 16 04:12:35 clyy pluto[4461]: failed to load pkcs11 module '/usr/lib/opensc-pkcs11.so'
Dec 16 04:12:35 clyy ipsec_starter[4460]: pluto (4461) started after 20 ms
Dec 16 04:12:36 clyy pluto[4461]: Changing to directory '/etc/ipsec.d/crls'
Dec 16 04:12:36 clyy pluto[4461]: listening for IKE messages
Dec 16 04:12:36 clyy pluto[4461]: adding interface eth2/eth2 10.191.191.6:500
Dec 16 04:12:36 clyy pluto[4461]: adding interface eth2/eth2 10.191.191.6:4500
Dec 16 04:12:36 clyy pluto[4461]: adding interface eth1/eth1 172.16.137.1:500
Dec 16 04:12:36 clyy pluto[4461]: adding interface eth1/eth1 172.16.137.1:4500
Dec 16 04:12:36 clyy pluto[4461]: adding interface eth0/eth0 123.126.34.32:500
Dec 16 04:12:36 clyy pluto[4461]: adding interface eth0/eth0 123.126.34.32:4500
Dec 16 04:12:36 clyy pluto[4461]: adding interface eth0/eth0 123.126.34.25:500
Dec 16 04:12:36 clyy pluto[4461]: adding interface eth0/eth0 123.126.34.25:4500
Dec 16 04:12:36 clyy pluto[4461]: adding interface lo/lo 127.0.0.1:500
Dec 16 04:12:36 clyy pluto[4461]: adding interface lo/lo 127.0.0.1:4500
Dec 16 04:12:36 clyy pluto[4461]: adding interface lo/lo ::1:500
Dec 16 04:12:36 clyy pluto[4461]: loading secrets from "/etc/ipsec.secrets"
Dec 16 04:12:36 clyy pluto[4461]: loading secrets from "/etc/dmvpn.secrets"
Dec 16 04:12:36 clyy pluto[4461]: loaded PSK secret for 123.126.34.25 %any
Dec 16 04:12:36 clyy pluto[4461]: added connection description "remote-access-win-aaa"
Dec 16 04:12:36 clyy pluto[4461]: added connection description "remote-access-mac-zzz"
Dec 16 04:12:36 clyy pluto[4461]: the protocol must be the same for leftport and rightport
Dec 16 04:12:42 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:12:42 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:12:42 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:12:42 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:12:42 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:12:42 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:12:42 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:12:42 clyy pluto[4461]: "remote-access-mac-zzz"[1] 114.242.248.202:63744 #1: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:12:42 clyy pluto[4461]: "remote-access-mac-zzz"[1] 114.242.248.202:63744 #1: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:12:42 clyy pluto[4461]: "remote-access-mac-zzz"[1] 114.242.248.202:63744 #1: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:12:42 clyy pluto[4461]: "remote-access-mac-zzz"[2] 114.242.248.202:63744 #1: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:12:42 clyy pluto[4461]: "remote-access-mac-zzz"[2] 114.242.248.202:4195 #1: sent MR3, ISAKMP SA established
Dec 16 04:12:42 clyy pluto[4461]: "remote-access-mac-zzz"[2] 114.242.248.202:4195 #2: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:12:42 clyy pluto[4461]: "remote-access-mac-zzz"[2] 114.242.248.202:4195 #2: responding to Quick Mode
Dec 16 04:12:42 clyy pluto[4461]: "remote-access-mac-zzz"[2] 114.242.248.202:4195 #2: IPsec SA established {ESP=>0x9481f553 <0xc0bfa97b NATOA=192.168.43.62}
Dec 16 04:13:00 clyy pluto[4461]: "remote-access-mac-zzz"[2] 114.242.248.202:4195 #1: received Delete SA(0x9481f553) payload: deleting IPSEC State #2
Dec 16 04:13:00 clyy pluto[4461]: "remote-access-mac-zzz"[2] 114.242.248.202:4195 #1: received Delete SA payload: deleting ISAKMP State #1
Dec 16 04:13:00 clyy pluto[4461]: "remote-access-mac-zzz"[2] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:13:04 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:13:04 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:13:04 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:13:04 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:13:04 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:13:04 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:13:04 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:13:04 clyy pluto[4461]: "remote-access-mac-zzz"[3] 114.242.248.202:63744 #3: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:13:04 clyy pluto[4461]: "remote-access-mac-zzz"[3] 114.242.248.202:63744 #3: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:13:04 clyy pluto[4461]: "remote-access-mac-zzz"[3] 114.242.248.202:63744 #3: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:13:04 clyy pluto[4461]: "remote-access-mac-zzz"[4] 114.242.248.202:63744 #3: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:13:04 clyy pluto[4461]: "remote-access-mac-zzz"[4] 114.242.248.202:4195 #3: sent MR3, ISAKMP SA established
Dec 16 04:13:04 clyy pluto[4461]: "remote-access-mac-zzz"[4] 114.242.248.202:4195 #4: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:13:04 clyy pluto[4461]: "remote-access-mac-zzz"[4] 114.242.248.202:4195 #4: responding to Quick Mode
Dec 16 04:13:04 clyy pluto[4461]: "remote-access-mac-zzz"[4] 114.242.248.202:4195 #4: IPsec SA established {ESP=>0xbea9203d <0xc6834ea5 NATOA=192.168.43.62}
Dec 16 04:13:14 clyy pluto[4461]: "remote-access-mac-zzz"[4] 114.242.248.202:4195 #3: received Delete SA(0xbea9203d) payload: deleting IPSEC State #4
Dec 16 04:13:14 clyy pluto[4461]: "remote-access-mac-zzz"[4] 114.242.248.202:4195 #3: received Delete SA payload: deleting ISAKMP State #3
Dec 16 04:13:14 clyy pluto[4461]: "remote-access-mac-zzz"[4] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:13:20 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:13:20 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:13:20 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:13:20 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:13:20 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:13:20 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:13:20 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:13:20 clyy pluto[4461]: "remote-access-mac-zzz"[5] 114.242.248.202:63744 #5: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:13:20 clyy pluto[4461]: "remote-access-mac-zzz"[5] 114.242.248.202:63744 #5: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:13:20 clyy pluto[4461]: "remote-access-mac-zzz"[5] 114.242.248.202:63744 #5: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:13:20 clyy pluto[4461]: "remote-access-mac-zzz"[6] 114.242.248.202:63744 #5: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:13:20 clyy pluto[4461]: "remote-access-mac-zzz"[6] 114.242.248.202:4195 #5: sent MR3, ISAKMP SA established
Dec 16 04:13:20 clyy pluto[4461]: "remote-access-mac-zzz"[6] 114.242.248.202:4195 #6: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:13:20 clyy pluto[4461]: "remote-access-mac-zzz"[6] 114.242.248.202:4195 #6: responding to Quick Mode
Dec 16 04:13:21 clyy pluto[4461]: "remote-access-mac-zzz"[6] 114.242.248.202:4195 #6: IPsec SA established {ESP=>0xaf13eb1c <0xc16c29a3 NATOA=192.168.43.62}
Dec 16 04:13:38 clyy pluto[4461]: "remote-access-mac-zzz"[6] 114.242.248.202:4195 #5: received Delete SA(0xaf13eb1c) payload: deleting IPSEC State #6
Dec 16 04:13:38 clyy pluto[4461]: "remote-access-mac-zzz"[6] 114.242.248.202:4195 #5: received Delete SA payload: deleting ISAKMP State #5
Dec 16 04:13:38 clyy pluto[4461]: "remote-access-mac-zzz"[6] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:13:42 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:13:42 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:13:42 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:13:42 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:13:42 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:13:42 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:13:42 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:13:42 clyy pluto[4461]: "remote-access-mac-zzz"[7] 114.242.248.202:63744 #7: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:13:44 clyy pluto[4461]: "remote-access-mac-zzz"[7] 114.242.248.202:63744 #7: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:13:44 clyy pluto[4461]: "remote-access-mac-zzz"[7] 114.242.248.202:63744 #7: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:13:44 clyy pluto[4461]: "remote-access-mac-zzz"[8] 114.242.248.202:63744 #7: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:13:44 clyy pluto[4461]: "remote-access-mac-zzz"[8] 114.242.248.202:4195 #7: sent MR3, ISAKMP SA established
Dec 16 04:13:44 clyy pluto[4461]: "remote-access-mac-zzz"[8] 114.242.248.202:4195 #8: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:13:44 clyy pluto[4461]: "remote-access-mac-zzz"[8] 114.242.248.202:4195 #8: responding to Quick Mode
Dec 16 04:13:44 clyy pluto[4461]: "remote-access-mac-zzz"[8] 114.242.248.202:4195 #8: IPsec SA established {ESP=>0xcd6f1655 <0xc6b08892 NATOA=192.168.43.62}
Dec 16 04:13:56 clyy pluto[4461]: "remote-access-mac-zzz"[8] 114.242.248.202:4195 #7: received Delete SA(0xcd6f1655) payload: deleting IPSEC State #8
Dec 16 04:13:56 clyy pluto[4461]: "remote-access-mac-zzz"[8] 114.242.248.202:4195 #7: received Delete SA payload: deleting ISAKMP State #7
Dec 16 04:13:56 clyy pluto[4461]: "remote-access-mac-zzz"[8] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:14:03 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:14:03 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:14:03 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:14:03 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:14:03 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:14:03 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:14:03 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:14:03 clyy pluto[4461]: "remote-access-mac-zzz"[9] 114.242.248.202:63744 #9: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:14:03 clyy pluto[4461]: "remote-access-mac-zzz"[9] 114.242.248.202:63744 #9: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:14:03 clyy pluto[4461]: "remote-access-mac-zzz"[9] 114.242.248.202:63744 #9: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:14:03 clyy pluto[4461]: "remote-access-mac-zzz"[10] 114.242.248.202:63744 #9: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:14:03 clyy pluto[4461]: "remote-access-mac-zzz"[10] 114.242.248.202:4195 #9: sent MR3, ISAKMP SA established
Dec 16 04:14:03 clyy pluto[4461]: "remote-access-mac-zzz"[10] 114.242.248.202:4195 #10: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:14:03 clyy pluto[4461]: "remote-access-mac-zzz"[10] 114.242.248.202:4195 #10: responding to Quick Mode
Dec 16 04:14:03 clyy pluto[4461]: "remote-access-mac-zzz"[10] 114.242.248.202:4195 #10: IPsec SA established {ESP=>0x7c861506 <0xc98d8d9c NATOA=192.168.43.62}
Dec 16 04:14:12 clyy pluto[4461]: "remote-access-mac-zzz"[10] 114.242.248.202:4195 #9: received Delete SA(0x7c861506) payload: deleting IPSEC State #10
Dec 16 04:14:12 clyy pluto[4461]: "remote-access-mac-zzz"[10] 114.242.248.202:4195 #9: received Delete SA payload: deleting ISAKMP State #9
Dec 16 04:14:12 clyy pluto[4461]: "remote-access-mac-zzz"[10] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:14:18 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:14:18 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:14:18 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:14:18 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:14:18 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:14:18 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:14:18 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:14:18 clyy pluto[4461]: "remote-access-mac-zzz"[11] 114.242.248.202:63744 #11: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:14:18 clyy pluto[4461]: "remote-access-mac-zzz"[11] 114.242.248.202:63744 #11: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:14:18 clyy pluto[4461]: "remote-access-mac-zzz"[11] 114.242.248.202:63744 #11: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:14:18 clyy pluto[4461]: "remote-access-mac-zzz"[12] 114.242.248.202:63744 #11: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:14:18 clyy pluto[4461]: "remote-access-mac-zzz"[12] 114.242.248.202:4195 #11: sent MR3, ISAKMP SA established
Dec 16 04:14:18 clyy pluto[4461]: "remote-access-mac-zzz"[12] 114.242.248.202:4195 #12: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:14:18 clyy pluto[4461]: "remote-access-mac-zzz"[12] 114.242.248.202:4195 #12: responding to Quick Mode
Dec 16 04:14:18 clyy pluto[4461]: "remote-access-mac-zzz"[12] 114.242.248.202:4195 #12: IPsec SA established {ESP=>0xea771e89 <0xca3ff51c NATOA=192.168.43.62}
Dec 16 04:14:35 clyy pluto[4461]: "remote-access-mac-zzz"[12] 114.242.248.202:4195 #11: received Delete SA(0xea771e89) payload: deleting IPSEC State #12
Dec 16 04:14:35 clyy pluto[4461]: "remote-access-mac-zzz"[12] 114.242.248.202:4195 #11: received Delete SA payload: deleting ISAKMP State #11
Dec 16 04:14:35 clyy pluto[4461]: "remote-access-mac-zzz"[12] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:14:38 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:14:38 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:14:38 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:14:38 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:14:38 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:14:38 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:14:38 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:14:38 clyy pluto[4461]: "remote-access-mac-zzz"[13] 114.242.248.202:63744 #13: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:14:38 clyy pluto[4461]: "remote-access-mac-zzz"[13] 114.242.248.202:63744 #13: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:14:38 clyy pluto[4461]: "remote-access-mac-zzz"[13] 114.242.248.202:63744 #13: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:14:38 clyy pluto[4461]: "remote-access-mac-zzz"[14] 114.242.248.202:63744 #13: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:14:38 clyy pluto[4461]: "remote-access-mac-zzz"[14] 114.242.248.202:4195 #13: sent MR3, ISAKMP SA established
Dec 16 04:14:38 clyy pluto[4461]: "remote-access-mac-zzz"[14] 114.242.248.202:4195 #14: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:14:38 clyy pluto[4461]: "remote-access-mac-zzz"[14] 114.242.248.202:4195 #14: responding to Quick Mode
Dec 16 04:14:38 clyy pluto[4461]: "remote-access-mac-zzz"[14] 114.242.248.202:4195 #14: IPsec SA established {ESP=>0x2224e8b1 <0xced8b37a NATOA=192.168.43.62}
Dec 16 04:14:52 clyy pluto[4461]: "remote-access-mac-zzz"[14] 114.242.248.202:4195 #13: received Delete SA(0x2224e8b1) payload: deleting IPSEC State #14
Dec 16 04:14:52 clyy pluto[4461]: "remote-access-mac-zzz"[14] 114.242.248.202:4195 #13: received Delete SA payload: deleting ISAKMP State #13
Dec 16 04:14:52 clyy pluto[4461]: "remote-access-mac-zzz"[14] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:14:57 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:14:57 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:14:57 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:14:57 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:14:57 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:14:57 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:14:57 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:14:57 clyy pluto[4461]: "remote-access-mac-zzz"[15] 114.242.248.202:63744 #15: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:14:57 clyy pluto[4461]: "remote-access-mac-zzz"[15] 114.242.248.202:63744 #15: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:14:57 clyy pluto[4461]: "remote-access-mac-zzz"[15] 114.242.248.202:63744 #15: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:14:57 clyy pluto[4461]: "remote-access-mac-zzz"[16] 114.242.248.202:63744 #15: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:14:57 clyy pluto[4461]: "remote-access-mac-zzz"[16] 114.242.248.202:4195 #15: sent MR3, ISAKMP SA established
Dec 16 04:14:58 clyy pluto[4461]: "remote-access-mac-zzz"[16] 114.242.248.202:4195 #16: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:14:58 clyy pluto[4461]: "remote-access-mac-zzz"[16] 114.242.248.202:4195 #16: responding to Quick Mode
Dec 16 04:14:58 clyy pluto[4461]: "remote-access-mac-zzz"[16] 114.242.248.202:4195 #16: IPsec SA established {ESP=>0xc2402feb <0xce95db17 NATOA=192.168.43.62}
Dec 16 04:15:07 clyy pluto[4461]: "remote-access-mac-zzz"[16] 114.242.248.202:4195 #15: received Delete SA(0xc2402feb) payload: deleting IPSEC State #16
Dec 16 04:15:07 clyy pluto[4461]: "remote-access-mac-zzz"[16] 114.242.248.202:4195 #15: received Delete SA payload: deleting ISAKMP State #15
Dec 16 04:15:07 clyy pluto[4461]: "remote-access-mac-zzz"[16] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:15:11 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:15:11 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:15:11 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:15:11 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:15:11 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:15:11 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:15:11 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:15:11 clyy pluto[4461]: "remote-access-mac-zzz"[17] 114.242.248.202:63744 #17: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:15:11 clyy pluto[4461]: "remote-access-mac-zzz"[17] 114.242.248.202:63744 #17: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:15:11 clyy pluto[4461]: "remote-access-mac-zzz"[17] 114.242.248.202:63744 #17: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:15:11 clyy pluto[4461]: "remote-access-mac-zzz"[18] 114.242.248.202:63744 #17: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:15:11 clyy pluto[4461]: "remote-access-mac-zzz"[18] 114.242.248.202:4195 #17: sent MR3, ISAKMP SA established
Dec 16 04:15:11 clyy pluto[4461]: "remote-access-mac-zzz"[18] 114.242.248.202:4195 #18: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:15:11 clyy pluto[4461]: "remote-access-mac-zzz"[18] 114.242.248.202:4195 #18: responding to Quick Mode
Dec 16 04:15:11 clyy pluto[4461]: "remote-access-mac-zzz"[18] 114.242.248.202:4195 #18: IPsec SA established {ESP=>0x05c27517 <0xc0495c56 NATOA=192.168.43.62}
Dec 16 04:15:24 clyy pluto[4461]: "remote-access-mac-zzz"[18] 114.242.248.202:4195 #17: received Delete SA(0x05c27517) payload: deleting IPSEC State #18
Dec 16 04:15:24 clyy pluto[4461]: "remote-access-mac-zzz"[18] 114.242.248.202:4195 #17: received Delete SA payload: deleting ISAKMP State #17
Dec 16 04:15:24 clyy pluto[4461]: "remote-access-mac-zzz"[18] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:15:28 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:15:28 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:15:28 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:15:28 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:15:28 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:15:28 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:15:28 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:15:28 clyy pluto[4461]: "remote-access-mac-zzz"[19] 114.242.248.202:63744 #19: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:15:28 clyy pluto[4461]: "remote-access-mac-zzz"[19] 114.242.248.202:63744 #19: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:15:29 clyy pluto[4461]: "remote-access-mac-zzz"[19] 114.242.248.202:63744 #19: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:15:29 clyy pluto[4461]: "remote-access-mac-zzz"[20] 114.242.248.202:63744 #19: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:15:29 clyy pluto[4461]: "remote-access-mac-zzz"[20] 114.242.248.202:4195 #19: sent MR3, ISAKMP SA established
Dec 16 04:15:29 clyy pluto[4461]: "remote-access-mac-zzz"[20] 114.242.248.202:4195 #20: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:15:29 clyy pluto[4461]: "remote-access-mac-zzz"[20] 114.242.248.202:4195 #20: responding to Quick Mode
Dec 16 04:15:29 clyy pluto[4461]: "remote-access-mac-zzz"[20] 114.242.248.202:4195 #20: IPsec SA established {ESP=>0x463c8995 <0xcf905a99 NATOA=192.168.43.62}
Dec 16 04:15:34 clyy pluto[4461]: "remote-access-mac-zzz"[20] 114.242.248.202:4195 #19: received Delete SA(0x463c8995) payload: deleting IPSEC State #20
Dec 16 04:15:34 clyy pluto[4461]: "remote-access-mac-zzz"[20] 114.242.248.202:4195 #19: received Delete SA payload: deleting ISAKMP State #19
Dec 16 04:15:34 clyy pluto[4461]: "remote-access-mac-zzz"[20] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:15:37 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:15:37 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:15:37 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:15:37 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:15:37 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:15:37 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:15:37 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:15:37 clyy pluto[4461]: "remote-access-mac-zzz"[21] 114.242.248.202:63744 #21: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:15:37 clyy pluto[4461]: "remote-access-mac-zzz"[21] 114.242.248.202:63744 #21: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:15:37 clyy pluto[4461]: "remote-access-mac-zzz"[21] 114.242.248.202:63744 #21: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:15:37 clyy pluto[4461]: "remote-access-mac-zzz"[22] 114.242.248.202:63744 #21: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:15:37 clyy pluto[4461]: "remote-access-mac-zzz"[22] 114.242.248.202:4195 #21: sent MR3, ISAKMP SA established
Dec 16 04:15:37 clyy pluto[4461]: "remote-access-mac-zzz"[22] 114.242.248.202:4195 #22: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:15:37 clyy pluto[4461]: "remote-access-mac-zzz"[22] 114.242.248.202:4195 #22: responding to Quick Mode
Dec 16 04:15:37 clyy pluto[4461]: "remote-access-mac-zzz"[22] 114.242.248.202:4195 #22: IPsec SA established {ESP=>0x07ed7736 <0xcdadafd4 NATOA=192.168.43.62}
Dec 16 04:15:53 clyy pluto[4461]: "remote-access-mac-zzz"[22] 114.242.248.202:4195 #21: received Delete SA(0x07ed7736) payload: deleting IPSEC State #22
Dec 16 04:15:53 clyy pluto[4461]: "remote-access-mac-zzz"[22] 114.242.248.202:4195 #21: received Delete SA payload: deleting ISAKMP State #21
Dec 16 04:15:53 clyy pluto[4461]: "remote-access-mac-zzz"[22] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:15:55 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:15:55 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:15:55 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:15:55 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:15:55 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:15:55 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:15:55 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:15:55 clyy pluto[4461]: "remote-access-mac-zzz"[23] 114.242.248.202:63744 #23: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:15:55 clyy pluto[4461]: "remote-access-mac-zzz"[23] 114.242.248.202:63744 #23: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:15:55 clyy pluto[4461]: "remote-access-mac-zzz"[23] 114.242.248.202:63744 #23: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:15:55 clyy pluto[4461]: "remote-access-mac-zzz"[24] 114.242.248.202:63744 #23: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:15:55 clyy pluto[4461]: "remote-access-mac-zzz"[24] 114.242.248.202:4195 #23: sent MR3, ISAKMP SA established
Dec 16 04:15:55 clyy pluto[4461]: "remote-access-mac-zzz"[24] 114.242.248.202:4195 #24: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:15:55 clyy pluto[4461]: "remote-access-mac-zzz"[24] 114.242.248.202:4195 #24: responding to Quick Mode
Dec 16 04:15:55 clyy pluto[4461]: "remote-access-mac-zzz"[24] 114.242.248.202:4195 #24: IPsec SA established {ESP=>0xa1482bc7 <0xc04a4a43 NATOA=192.168.43.62}
Dec 16 04:16:11 clyy pluto[4461]: "remote-access-mac-zzz"[24] 114.242.248.202:4195 #23: received Delete SA(0xa1482bc7) payload: deleting IPSEC State #24
Dec 16 04:16:11 clyy pluto[4461]: "remote-access-mac-zzz"[24] 114.242.248.202:4195 #23: received Delete SA payload: deleting ISAKMP State #23
Dec 16 04:16:11 clyy pluto[4461]: "remote-access-mac-zzz"[24] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:16:14 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:16:14 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:16:14 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:16:14 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:16:14 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:16:14 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:16:14 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:16:14 clyy pluto[4461]: "remote-access-mac-zzz"[25] 114.242.248.202:63744 #25: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:16:14 clyy pluto[4461]: "remote-access-mac-zzz"[25] 114.242.248.202:63744 #25: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:16:14 clyy pluto[4461]: "remote-access-mac-zzz"[25] 114.242.248.202:63744 #25: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:16:14 clyy pluto[4461]: "remote-access-mac-zzz"[26] 114.242.248.202:63744 #25: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:16:14 clyy pluto[4461]: "remote-access-mac-zzz"[26] 114.242.248.202:4195 #25: sent MR3, ISAKMP SA established
Dec 16 04:16:14 clyy pluto[4461]: "remote-access-mac-zzz"[26] 114.242.248.202:4195 #26: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:16:14 clyy pluto[4461]: "remote-access-mac-zzz"[26] 114.242.248.202:4195 #26: responding to Quick Mode
Dec 16 04:16:14 clyy pluto[4461]: "remote-access-mac-zzz"[26] 114.242.248.202:4195 #26: IPsec SA established {ESP=>0x0142be64 <0xc4918cce NATOA=192.168.43.62}
Dec 16 04:16:19 clyy pluto[4461]: "remote-access-mac-zzz"[26] 114.242.248.202:4195 #25: received Delete SA(0x0142be64) payload: deleting IPSEC State #26
Dec 16 04:16:19 clyy pluto[4461]: "remote-access-mac-zzz"[26] 114.242.248.202:4195 #25: received Delete SA payload: deleting ISAKMP State #25
Dec 16 04:16:19 clyy pluto[4461]: "remote-access-mac-zzz"[26] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:16:24 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:16:24 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:16:24 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:16:24 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:16:24 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:16:24 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:16:24 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:16:24 clyy pluto[4461]: "remote-access-mac-zzz"[27] 114.242.248.202:63744 #27: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:16:24 clyy pluto[4461]: "remote-access-mac-zzz"[27] 114.242.248.202:63744 #27: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:16:24 clyy pluto[4461]: "remote-access-mac-zzz"[27] 114.242.248.202:63744 #27: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:16:24 clyy pluto[4461]: "remote-access-mac-zzz"[28] 114.242.248.202:63744 #27: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:16:24 clyy pluto[4461]: "remote-access-mac-zzz"[28] 114.242.248.202:4195 #27: sent MR3, ISAKMP SA established
Dec 16 04:16:24 clyy pluto[4461]: "remote-access-mac-zzz"[28] 114.242.248.202:4195 #28: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:16:24 clyy pluto[4461]: "remote-access-mac-zzz"[28] 114.242.248.202:4195 #28: responding to Quick Mode
Dec 16 04:16:24 clyy pluto[4461]: "remote-access-mac-zzz"[28] 114.242.248.202:4195 #28: IPsec SA established {ESP=>0xd1ee4463 <0xcad106e5 NATOA=192.168.43.62}
Dec 16 04:16:46 clyy pluto[4461]: "remote-access-mac-zzz"[28] 114.242.248.202:4195 #27: received Delete SA(0xd1ee4463) payload: deleting IPSEC State #28
Dec 16 04:16:46 clyy pluto[4461]: "remote-access-mac-zzz"[28] 114.242.248.202:4195 #27: received Delete SA payload: deleting ISAKMP State #27
Dec 16 04:16:46 clyy pluto[4461]: "remote-access-mac-zzz"[28] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:16:49 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:16:49 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:16:49 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:16:49 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:16:49 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:16:49 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:16:49 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:16:49 clyy pluto[4461]: "remote-access-mac-zzz"[29] 114.242.248.202:63744 #29: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:16:49 clyy pluto[4461]: "remote-access-mac-zzz"[29] 114.242.248.202:63744 #29: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:16:49 clyy pluto[4461]: "remote-access-mac-zzz"[29] 114.242.248.202:63744 #29: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:16:49 clyy pluto[4461]: "remote-access-mac-zzz"[30] 114.242.248.202:63744 #29: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:16:49 clyy pluto[4461]: "remote-access-mac-zzz"[30] 114.242.248.202:4195 #29: sent MR3, ISAKMP SA established
Dec 16 04:16:49 clyy pluto[4461]: "remote-access-mac-zzz"[30] 114.242.248.202:4195 #30: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:16:49 clyy pluto[4461]: "remote-access-mac-zzz"[30] 114.242.248.202:4195 #30: responding to Quick Mode
Dec 16 04:16:49 clyy pluto[4461]: "remote-access-mac-zzz"[30] 114.242.248.202:4195 #30: IPsec SA established {ESP=>0x58dfdaeb <0xc50e0340 NATOA=192.168.43.62}
Dec 16 04:17:01 clyy pluto[4461]: "remote-access-mac-zzz"[30] 114.242.248.202:4195 #29: received Delete SA(0x58dfdaeb) payload: deleting IPSEC State #30
Dec 16 04:17:01 clyy pluto[4461]: "remote-access-mac-zzz"[30] 114.242.248.202:4195 #29: received Delete SA payload: deleting ISAKMP State #29
Dec 16 04:17:01 clyy pluto[4461]: "remote-access-mac-zzz"[30] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:17:04 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:17:04 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:17:04 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:17:04 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:17:04 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:17:04 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:17:04 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:17:04 clyy pluto[4461]: "remote-access-mac-zzz"[31] 114.242.248.202:63744 #31: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:17:04 clyy pluto[4461]: "remote-access-mac-zzz"[31] 114.242.248.202:63744 #31: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:17:04 clyy pluto[4461]: "remote-access-mac-zzz"[31] 114.242.248.202:63744 #31: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:17:04 clyy pluto[4461]: "remote-access-mac-zzz"[32] 114.242.248.202:63744 #31: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:17:04 clyy pluto[4461]: "remote-access-mac-zzz"[32] 114.242.248.202:4195 #31: sent MR3, ISAKMP SA established
Dec 16 04:17:04 clyy pluto[4461]: "remote-access-mac-zzz"[32] 114.242.248.202:4195 #32: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:17:04 clyy pluto[4461]: "remote-access-mac-zzz"[32] 114.242.248.202:4195 #32: responding to Quick Mode
Dec 16 04:17:04 clyy pluto[4461]: "remote-access-mac-zzz"[32] 114.242.248.202:4195 #32: IPsec SA established {ESP=>0xcfaedc63 <0xc9ed4acd NATOA=192.168.43.62}
Dec 16 04:17:13 clyy pluto[4461]: "remote-access-mac-zzz"[32] 114.242.248.202:4195 #31: received Delete SA payload: deleting ISAKMP State #31
Dec 16 04:17:16 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:17:16 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:17:16 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:17:16 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:17:16 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:17:16 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:17:16 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:17:16 clyy pluto[4461]: "remote-access-mac-zzz"[33] 114.242.248.202:63744 #33: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:17:16 clyy pluto[4461]: "remote-access-mac-zzz"[33] 114.242.248.202:63744 #33: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:17:16 clyy pluto[4461]: "remote-access-mac-zzz"[33] 114.242.248.202:63744 #33: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:17:16 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:63744 #33: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:17:16 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #33: sent MR3, ISAKMP SA established
Dec 16 04:17:17 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #34: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:17:17 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #34: responding to Quick Mode
Dec 16 04:17:17 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #34: cannot install eroute -- it is in use for "remote-access-mac-zzz"[32] 114.242.248.202:4195 #32
Dec 16 04:17:19 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #33: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 16 04:17:19 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #33: sending encrypted notification INVALID_MESSAGE_ID to 114.242.248.202:4195
Dec 16 04:17:26 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #33: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 16 04:17:26 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #33: sending encrypted notification INVALID_MESSAGE_ID to 114.242.248.202:4195
Dec 16 04:17:34 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #33: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 16 04:17:34 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #33: sending encrypted notification INVALID_MESSAGE_ID to 114.242.248.202:4195
Dec 16 04:17:51 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #33: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 16 04:17:51 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #33: sending encrypted notification INVALID_MESSAGE_ID to 114.242.248.202:4195
Dec 16 04:18:08 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #33: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 16 04:18:08 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #33: sending encrypted notification INVALID_MESSAGE_ID to 114.242.248.202:4195
Dec 16 04:18:21 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195 #33: received Delete SA payload: deleting ISAKMP State #33
Dec 16 04:18:21 clyy pluto[4461]: "remote-access-mac-zzz"[34] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:18:24 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:18:24 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:18:24 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:18:24 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:18:24 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:18:24 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:18:24 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:18:24 clyy pluto[4461]: "remote-access-mac-zzz"[35] 114.242.248.202:63744 #35: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:18:26 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 16 04:18:26 clyy pluto[4461]: packet from 114.242.248.202:63744: received Vendor ID payload [RFC 3947]
Dec 16 04:18:26 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 16 04:18:26 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 16 04:18:26 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 16 04:18:26 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 16 04:18:26 clyy pluto[4461]: packet from 114.242.248.202:63744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 16 04:18:26 clyy pluto[4461]: "remote-access-mac-zzz"[35] 114.242.248.202:63744 #36: responding to Main Mode from unknown peer 114.242.248.202:63744
Dec 16 04:18:26 clyy pluto[4461]: "remote-access-mac-zzz"[35] 114.242.248.202:63744 #36: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 16 04:18:26 clyy pluto[4461]: "remote-access-mac-zzz"[35] 114.242.248.202:63744 #36: Peer ID is ID_IPV4_ADDR: '192.168.43.62'
Dec 16 04:18:26 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: sent MR3, ISAKMP SA established
Dec 16 04:18:26 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #37: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 16 04:18:26 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #37: responding to Quick Mode
Dec 16 04:18:26 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #37: cannot install eroute -- it is in use for "remote-access-mac-zzz"[32] 114.242.248.202:4195 #32
Dec 16 04:18:28 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 16 04:18:28 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: sending encrypted notification INVALID_MESSAGE_ID to 114.242.248.202:4195
Dec 16 04:18:31 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 16 04:18:31 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: sending encrypted notification INVALID_MESSAGE_ID to 114.242.248.202:4195
Dec 16 04:18:36 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 16 04:18:36 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: sending encrypted notification INVALID_MESSAGE_ID to 114.242.248.202:4195
Dec 16 04:18:44 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 16 04:18:44 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: sending encrypted notification INVALID_MESSAGE_ID to 114.242.248.202:4195
Dec 16 04:19:00 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 16 04:19:00 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: sending encrypted notification INVALID_MESSAGE_ID to 114.242.248.202:4195
Dec 16 04:19:16 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 16 04:19:16 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: sending encrypted notification INVALID_MESSAGE_ID to 114.242.248.202:4195
Dec 16 04:19:29 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195 #36: received Delete SA payload: deleting ISAKMP State #36
Dec 16 04:19:29 clyy pluto[4461]: "remote-access-mac-zzz"[36] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
Dec 16 04:19:34 clyy pluto[4461]: "remote-access-mac-zzz"[35] 114.242.248.202:4195 #35: max number of retransmissions (2) reached STATE_MAIN_R1
Dec 16 04:19:34 clyy pluto[4461]: "remote-access-mac-zzz"[35] 114.242.248.202:4195: deleting connection "remote-access-mac-zzz" instance with peer 114.242.248.202 {isakmp=#0/ipsec=#0}
actually, an earlier test run had failed with slightly different
logging, notably:
Dec 6 15:28:44 yzcl pluto[15136]: deleting policy 101.39.118.88/32[udp/l2f] === 123.126.34.24/32[udp/l2f] fwd failed, not found
...
Dec 6 15:29:03 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226 #6: cannot install eroute -- it is in use for "remote-access-mac-zzz"[4] 101.39.118.88:61226 #4
...
Dec 6 16:28:50 yzcl pluto[15136]: deleting policy 101.39.118.88/32[udp/l2f] === 123.126.34.24/32[udp/l2f] fwd failed, not found
and here's the totality of the logs:
Dec 6 15:28:23 yzcl pluto[15136]: packet from 101.39.118.88:61744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 6 15:28:23 yzcl pluto[15136]: packet from 101.39.118.88:61744: received Vendor ID payload [RFC 3947]
Dec 6 15:28:23 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 6 15:28:23 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 6 15:28:23 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 6 15:28:23 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 6 15:28:23 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 6 15:28:23 yzcl pluto[15136]: "remote-access-mac-zzz"[1] 101.39.118.88:61744 #1: responding to Main Mode from unknown peer 101.39.118.88:61744
Dec 6 15:28:23 yzcl pluto[15136]: "remote-access-mac-zzz"[1] 101.39.118.88:61744 #1: Oakley Transform [AES_CBC (256), HMAC_SHA1, ECP_384] refused due to strict flag
Dec 6 15:28:23 yzcl pluto[15136]: "remote-access-mac-zzz"[1] 101.39.118.88:61744 #1: Oakley Transform [AES_CBC (128), HMAC_SHA1, ECP_256] refused due to strict flag
Dec 6 15:28:23 yzcl pluto[15136]: "remote-access-mac-zzz"[1] 101.39.118.88:61744 #1: Oakley Transform [AES_CBC (256), HMAC_SHA1, MODP_2048] refused due to strict flag
Dec 6 15:28:23 yzcl pluto[15136]: "remote-access-mac-zzz"[1] 101.39.118.88:61744 #1: Oakley Transform [3DES_CBC (192), HMAC_SHA1, MODP_2048] refused due to strict flag
Dec 6 15:28:23 yzcl pluto[15136]: "remote-access-mac-zzz"[1] 101.39.118.88:61744 #1: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 6 15:28:23 yzcl pluto[15136]: "remote-access-mac-zzz"[1] 101.39.118.88:61744 #1: Peer ID is ID_IPV4_ADDR: '192.168.1.100'
Dec 6 15:28:23 yzcl pluto[15136]: "remote-access-mac-zzz"[2] 101.39.118.88:61744 #1: deleting connection "remote-access-mac-zzz" instance with peer 101.39.118.88 {isakmp=#0/ipsec=#0}
Dec 6 15:28:23 yzcl pluto[15136]: | NAT-T: new mapping 101.39.118.88:61744/61226)
Dec 6 15:28:23 yzcl pluto[15136]: "remote-access-mac-zzz"[2] 101.39.118.88:61226 #1: sent MR3, ISAKMP SA established
Dec 6 15:28:23 yzcl pluto[15136]: "remote-access-mac-zzz"[2] 101.39.118.88:61226 #2: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 6 15:28:23 yzcl pluto[15136]: "remote-access-mac-zzz"[2] 101.39.118.88:61226 #2: IPSec Transform [AES_CBC (128), HMAC_SHA1] refused due to strict flag
Dec 6 15:28:23 yzcl pluto[15136]: "remote-access-mac-zzz"[2] 101.39.118.88:61226 #2: responding to Quick Mode
Dec 6 15:28:23 yzcl pluto[15136]: "remote-access-mac-zzz"[2] 101.39.118.88:61226 #2: IPsec SA established {ESP=>0x074ce1fe <0xc708a1b2 NATOA=192.168.1.100}
Dec 6 15:28:44 yzcl pluto[15136]: "remote-access-mac-zzz"[2] 101.39.118.88:61226 #1: received Delete SA(0x074ce1fe) payload: deleting IPSEC State #2
Dec 6 15:28:44 yzcl pluto[15136]: deleting policy 101.39.118.88/32[udp/l2f] === 123.126.34.24/32[udp/l2f] fwd failed, not found
Dec 6 15:28:44 yzcl pluto[15136]: "remote-access-mac-zzz"[2] 101.39.118.88:61226 #1: received Delete SA payload: deleting ISAKMP State #1
Dec 6 15:28:44 yzcl pluto[15136]: "remote-access-mac-zzz"[2] 101.39.118.88:61226: deleting connection "remote-access-mac-zzz" instance with peer 101.39.118.88 {isakmp=#0/ipsec=#0}
Dec 6 15:28:50 yzcl pluto[15136]: packet from 101.39.118.88:61744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 6 15:28:50 yzcl pluto[15136]: packet from 101.39.118.88:61744: received Vendor ID payload [RFC 3947]
Dec 6 15:28:50 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 6 15:28:50 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 6 15:28:50 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 6 15:28:50 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 6 15:28:50 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 6 15:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[3] 101.39.118.88:61744 #3: responding to Main Mode from unknown peer 101.39.118.88:61744
Dec 6 15:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[3] 101.39.118.88:61744 #3: Oakley Transform [AES_CBC (256), HMAC_SHA1, ECP_384] refused due to strict flag
Dec 6 15:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[3] 101.39.118.88:61744 #3: Oakley Transform [AES_CBC (128), HMAC_SHA1, ECP_256] refused due to strict flag
Dec 6 15:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[3] 101.39.118.88:61744 #3: Oakley Transform [AES_CBC (256), HMAC_SHA1, MODP_2048] refused due to strict flag
Dec 6 15:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[3] 101.39.118.88:61744 #3: Oakley Transform [3DES_CBC (192), HMAC_SHA1, MODP_2048] refused due to strict flag
Dec 6 15:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[3] 101.39.118.88:61744 #3: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 6 15:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[3] 101.39.118.88:61744 #3: Peer ID is ID_IPV4_ADDR: '192.168.1.100'
Dec 6 15:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[4] 101.39.118.88:61744 #3: deleting connection "remote-access-mac-zzz" instance with peer 101.39.118.88 {isakmp=#0/ipsec=#0}
Dec 6 15:28:50 yzcl pluto[15136]: | NAT-T: new mapping 101.39.118.88:61744/61226)
Dec 6 15:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[4] 101.39.118.88:61226 #3: sent MR3, ISAKMP SA established
Dec 6 15:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[4] 101.39.118.88:61226 #4: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 6 15:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[4] 101.39.118.88:61226 #4: IPSec Transform [AES_CBC (128), HMAC_SHA1] refused due to strict flag
Dec 6 15:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[4] 101.39.118.88:61226 #4: responding to Quick Mode
Dec 6 15:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[4] 101.39.118.88:61226 #4: IPsec SA established {ESP=>0x6510e7d1 <0xc4b13d73 NATOA=192.168.1.100}
Dec 6 15:28:56 yzcl pluto[15136]: "remote-access-mac-zzz"[4] 101.39.118.88:61226 #3: received Delete SA payload: deleting ISAKMP State #3
Dec 6 15:29:03 yzcl pluto[15136]: packet from 101.39.118.88:61744: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 6 15:29:03 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 6 15:29:03 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [FRAGMENTATION]
Dec 6 15:29:03 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 6 15:29:03 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 6 15:29:03 yzcl pluto[15136]: packet from 101.39.118.88:61744: ignoring Vendor ID payload [IKE CGA version 1]
Dec 6 15:29:03 yzcl pluto[15136]: "remote-access-mac-zzz"[5] 101.39.118.88:61744 #5: responding to Main Mode from unknown peer 101.39.118.88:61744
Dec 6 15:29:03 yzcl pluto[15136]: "remote-access-mac-zzz"[5] 101.39.118.88:61744 #5: Oakley Transform [AES_CBC (256), HMAC_SHA1, ECP_384] refused due to strict flag
Dec 6 15:29:03 yzcl pluto[15136]: "remote-access-mac-zzz"[5] 101.39.118.88:61744 #5: Oakley Transform [AES_CBC (128), HMAC_SHA1, ECP_256] refused due to strict flag
Dec 6 15:29:03 yzcl pluto[15136]: "remote-access-mac-zzz"[5] 101.39.118.88:61744 #5: Oakley Transform [AES_CBC (256), HMAC_SHA1, MODP_2048] refused due to strict flag
Dec 6 15:29:03 yzcl pluto[15136]: "remote-access-mac-zzz"[5] 101.39.118.88:61744 #5: Oakley Transform [3DES_CBC (192), HMAC_SHA1, MODP_2048] refused due to strict flag
Dec 6 15:29:03 yzcl pluto[15136]: "remote-access-mac-zzz"[5] 101.39.118.88:61744 #5: NAT-Traversal: Result using RFC 3
Dec 6 15:29:03 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226 #5: sent MR3, ISAKMP SA established
Dec 6 15:29:03 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226 #6: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 6 15:29:03 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226 #6: IPSec Transform [AES_CBC (128), HMAC_SHA1] refused due to strict flag
Dec 6 15:29:03 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226 #6: responding to Quick Mode
Dec 6 15:29:03 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226 #6: cannot install eroute -- it is in use for "remote-access-mac-zzz"[4] 101.39.118.88:61226 #4
Dec 6 15:29:05 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226 #5: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 6 15:29:05 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226 #5: sending encrypted notification INVALID_MESSAGE_ID to 101.39.118.88:61226
Dec 6 15:29:08 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226 #5: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 6 15:29:08 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226 #5: sending encrypted notification INVALID_MESSAGE_ID to 101.39.118.88:61226
Dec 6 15:29:12 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226 #5: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 6 15:29:12 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226 #5: sending encrypted notification INVALID_MESSAGE_ID to 101.39.118.88:61226
Dec 6 15:29:12 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226 #5: received Delete SA payload: deleting ISAKMP State #5
Dec 6 15:29:12 yzcl pluto[15136]: "remote-access-mac-zzz"[6] 101.39.118.88:61226: deleting connection "remote-access-mac-zzz" instance with peer 101.39.118.88 {isakmp=#0/ipsec=#0}
Dec 6 15:37:51 yzcl pluto[15136]: packet from 101.39.118.88:62250: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 6 15:37:51 yzcl pluto[15136]: packet from 101.39.118.88:62250: received Vendor ID payload [RFC 3947]
Dec 6 15:37:51 yzcl pluto[15136]: packet from 101.39.118.88:62250: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Dec 6 15:37:51 yzcl pluto[15136]: packet from 101.39.118.88:62250: ignoring Vendor ID payload [FRAGMENTATION]
Dec 6 15:37:51 yzcl pluto[15136]: packet from 101.39.118.88:62250: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 6 15:37:51 yzcl pluto[15136]: packet from 101.39.118.88:62250: ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 6 15:37:51 yzcl pluto[15136]: packet from 101.39.118.88:62250: ignoring Vendor ID payload [IKE CGA version 1]
Dec 6 15:37:51 yzcl pluto[15136]: "remote-access-mac-zzz"[7] 101.39.118.88:62250 #7: responding to Main Mode from unknown peer 101.39.118.88:62250
Dec 6 15:37:51 yzcl pluto[15136]: "remote-access-mac-zzz"[7] 101.39.118.88:62250 #7: Oakley Transform [AES_CBC (256), HMAC_SHA1, ECP_384] refused due to strict flag
Dec 6 15:37:51 yzcl pluto[15136]: "remote-access-mac-zzz"[7] 101.39.118.88:62250 #7: Oakley Transform [AES_CBC (128), HMAC_SHA1, ECP_256] refused due to strict flag
Dec 6 15:37:51 yzcl pluto[15136]: "remote-access-mac-zzz"[7] 101.39.118.88:62250 #7: Oakley Transform [AES_CBC (256), HMAC_SHA1, MODP_2048] refused due to strict flag
Dec 6 15:37:51 yzcl pluto[15136]: "remote-access-mac-zzz"[7] 101.39.118.88:62250 #7: Oakley Transform [3DES_CBC (192), HMAC_SHA1, MODP_2048] refused due to strict flag
Dec 6 15:37:51 yzcl pluto[15136]: "remote-access-mac-zzz"[7] 101.39.118.88:62250 #7: NAT-Traversal: Result using RFC 3947: peer is NATed
Dec 6 15:37:51 yzcl pluto[15136]: "remote-access-mac-zzz"[7] 101.39.118.88:62250 #7: Peer ID is ID_IPV4_ADDR: '192.168.1.100'
Dec 6 15:37:51 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62250 #7: deleting connection "remote-access-mac-zzz" instance with peer 101.39.118.88 {isakmp=#0/ipsec=#0}
Dec 6 15:37:51 yzcl pluto[15136]: | NAT-T: new mapping 101.39.118.88:62250/62251)
Dec 6 15:37:51 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62251 #7: sent MR3, ISAKMP SA established
Dec 6 15:37:51 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62251 #8: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
Dec 6 15:37:51 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62251 #8: IPSec Transform [AES_CBC (128), HMAC_SHA1] refused due to strict flag
Dec 6 15:37:51 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62251 #8: responding to Quick Mode
Dec 6 15:37:51 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62251 #8: cannot install eroute -- it is in use for "remote-access-mac-zzz"[4] 101.39.118.88:61226 #4
Dec 6 15:37:53 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62251 #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 6 15:37:53 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62251 #7: sending encrypted notification INVALID_MESSAGE_ID to 101.39.118.88:62251
Dec 6 15:37:56 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62251 #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 6 15:37:56 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62251 #7: sending encrypted notification INVALID_MESSAGE_ID to 101.39.118.88:62251
Dec 6 15:38:00 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62251 #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 6 15:38:00 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62251 #7: sending encrypted notification INVALID_MESSAGE_ID to 101.39.118.88:62251
Dec 6 15:38:06 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62251 #7: received Delete SA payload: deleting ISAKMP State #7
Dec 6 15:38:06 yzcl pluto[15136]: "remote-access-mac-zzz"[8] 101.39.118.88:62251: deleting connection "remote-access-mac-zzz" instance with peer 101.39.118.88 {isakmp=#0/ipsec=#0}
Dec 6 16:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[4] 101.39.118.88:61226 #4: IPsec SA expired (--dontrekey)
Dec 6 16:28:50 yzcl pluto[15136]: deleting policy 101.39.118.88/32[udp/l2f] === 123.126.34.24/32[udp/l2f] fwd failed, not found
Dec 6 16:28:50 yzcl pluto[15136]: "remote-access-mac-zzz"[4] 101.39.118.88:61226: deleting connection "remote-access-mac-zzz" instance with peer 101.39.118.88 {isakmp=#0/ipsec=#0}
More information about the Dev
mailing list