[strongSwan] tunnel established, but no internet connectivity on iPhone

Naveen pncbose at yahoo.com
Wed Sep 17 09:11:28 CEST 2014


Hi, 

I have been using strong swan 5.1.2 for quite some time as a gateway for iPhone vpn clients. this is all working great. 
Suddenly today, my iPhone stopped connecting to internet even though the vpn tunnel is established. i can see that tunnel established both on phone logs and server logs. i am pasting logs below.

>From phone console logs:
1. vpn tunnel establishment seems pretty normal
2. if i turn off the vpn, vpn disconnect log has some issues

>From server logs:
1. during connection - looks like policy already exists once this state - "policy 0.0.0.0/0 === 10.10.128.2/32 out  (mark 0/0x00000000) already exists, increasing refcount"
2. during disconnection - can't delete the policy once in this state - "policy still used by another CHILD_SA, not removed"

Here are some things i tried:
a. I restarted strongswan - didn't help
b. i manually flushed/deleted xfrm policies by using commands ip xfrm policy flush and ip xfrm policy deleteall - didn't do any good
c. checked ipsec listcounters - found that ikeInInvalidSpi and ikeChildSaRekey are non-zero.

Any help would be greatly appreciated, thanks in advance
- Naveen


my ipsec.conf
----------------
config setup
    # uniqueids=never
    # plutodebug=all
    # crlcheckinterval=600
    # strictcrlpolicy=yes
    # cachecrls=yes
    # nat_traversal=yes
    # charonstart=no
    # plutostart=no

# Add connections here.

conn %default
       keyexchange=ikev1
       auto=add
       authby=xauthrsasig
       xauth=server

conn ios_client
      left=%any
      leftsubnet=0.0.0.0/0
      #leftfirewall=yes
      leftcert=serverCert.pem
      right=%any
      rightsourceip=10.10.0.0/21
      rightid="C=US, O=Self, CN=*"



VPN Gateway / strongswan logs during connection:
-----------------------------------------------------------
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[NET] received packet: from 108.226.162.131[500] to server_ip[500] (668 bytes)
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V V V V V V V ]
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received NAT-T (RFC 3947) vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received draft-ietf-ipsec-nat-t-ike vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received draft-ietf-ipsec-nat-t-ike-08 vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received draft-ietf-ipsec-nat-t-ike-07 vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received draft-ietf-ipsec-nat-t-ike-06 vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received draft-ietf-ipsec-nat-t-ike-05 vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received draft-ietf-ipsec-nat-t-ike-04 vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received draft-ietf-ipsec-nat-t-ike-02 vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received XAuth vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received Cisco Unity vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received FRAGMENTATION vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] received DPD vendor ID
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[IKE] 108.226.162.131 is initiating a Main Mode IKE_SA
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[ENC] generating ID_PROT response 0 [ SA V V V ]
Sep 17 05:09:15 a18-03-01 charon-MAX: 03[NET] sending packet: from server_ip[500] to 108.226.162.131[500] (136 bytes)
Sep 17 05:09:16 a18-03-01 charon-MAX: 06[NET] received packet: from 108.226.162.131[500] to server_ip[500] (292 bytes)
Sep 17 05:09:16 a18-03-01 charon-MAX: 06[ENC] parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
Sep 17 05:09:16 a18-03-01 charon-MAX: 06[IKE] remote host is behind NAT
Sep 17 05:09:16 a18-03-01 charon-MAX: 06[IKE] sending cert request for "C=US, O=Self, CN=Dev Server CA"
Sep 17 05:09:16 a18-03-01 charon-MAX: 06[ENC] generating ID_PROT response 0 [ KE No CERTREQ NAT-D NAT-D ]
Sep 17 05:09:16 a18-03-01 charon-MAX: 06[NET] sending packet: from server_ip[500] to 108.226.162.131[500] (370 bytes)
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[NET] received packet: from 108.226.162.131[4500] to server_ip[4500] (1276 bytes)
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[ENC] parsed ID_PROT request 0 [ ID CERT SIG CERTREQ N(INITIAL_CONTACT) ]
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[IKE] ignoring certificate request without data
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[IKE] received end entity cert "C=US, O=Self, CN=i18bc3e54cba14fa3adce4297629a9a63"
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[CFG] looking for XAuthInitRSA peer configs matching server_ip...108.226.162.131[C=US, O=Self, CN=i18bc3e54cba14fa3adce4297629a9a63]
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[CFG] selected peer config "ios_client"
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[CFG]   using certificate "C=US, O=Self, CN=i18bc3e54cba14fa3adce4297629a9a63"
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[CFG]   using trusted ca certificate "C=US, O=Self, CN=Dev Server CA"
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[CFG] checking certificate status of "C=US, O=Self, CN=i18bc3e54cba14fa3adce4297629a9a63"
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[CFG] certificate status is not available
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[CFG]   reached self-signed root ca with a path length of 0
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[IKE] authentication of 'C=US, O=Self, CN=i18bc3e54cba14fa3adce4297629a9a63' with RSA successful
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[IKE] authentication of 'C=US, O=Self, CN=server_dns' (myself) successful
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[IKE] sending end entity cert "C=US, O=Self, CN=server_dns"
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[ENC] generating ID_PROT response 0 [ ID CERT SIG ]
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[NET] sending packet: from server_ip[4500] to 108.226.162.131[4500] (1276 bytes)
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[ENC] generating TRANSACTION request 2204276323 [ HASH CPRQ(X_USER X_PWD) ]
Sep 17 05:09:16 a18-03-01 charon-MAX: 04[NET] sending packet: from server_ip[4500] to 108.226.162.131[4500] (76 bytes)
Sep 17 05:09:16 a18-03-01 charon-MAX: 08[NET] received packet: from 108.226.162.131[4500] to server_ip[4500] (124 bytes)
Sep 17 05:09:16 a18-03-01 charon-MAX: 08[ENC] parsed TRANSACTION response 2204276323 [ HASH CPRP(X_USER X_PWD) ]
Sep 17 05:09:16 a18-03-01 charon-MAX: 08[IKE] XAuth authentication of 'i18bc3e54cba14fa3adce4297629a9a63' successful
Sep 17 05:09:16 a18-03-01 charon-MAX: 08[ENC] generating TRANSACTION request 2600414014 [ HASH CPS(X_STATUS) ]
Sep 17 05:09:16 a18-03-01 charon-MAX: 08[NET] sending packet: from server_ip[4500] to 108.226.162.131[4500] (76 bytes)
Sep 17 05:09:17 a18-03-01 charon-MAX: 05[NET] received packet: from 108.226.162.131[4500] to server_ip[4500] (76 bytes)
Sep 17 05:09:17 a18-03-01 charon-MAX: 05[ENC] parsed TRANSACTION response 2600414014 [ HASH CPA(X_STATUS) ]
Sep 17 05:09:17 a18-03-01 charon-MAX: 05[IKE] IKE_SA ios_client[5] established between server_ip[C=US, O=Self, CN=server_dns]...108.226.162.131[C=US, O=Self, CN=i18bc3e54cba14fa3adce4297629a9a63]
Sep 17 05:09:17 a18-03-01 charon-MAX: 05[IKE] scheduling reauthentication in 10027s
Sep 17 05:09:17 a18-03-01 charon-MAX: 05[IKE] maximum IKE_SA lifetime 10567s
Sep 17 05:09:17 a18-03-01 charon-MAX: 09[NET] received packet: from 108.226.162.131[4500] to server_ip[4500] (172 bytes)
Sep 17 05:09:17 a18-03-01 charon-MAX: 09[ENC] unknown attribute type (28683)
Sep 17 05:09:17 a18-03-01 charon-MAX: 09[ENC] parsed TRANSACTION request 799928909 [ HASH CPRQ(ADDR MASK DNS NBNS EXP VER U_BANNER U_DEFDOM U_SPLITDNS U_SPLITINC U_LOCALLAN U_PFS U_SAVEPWD U_FWTYPE U_BKPSRV (28683)) ]
Sep 17 05:09:17 a18-03-01 charon-MAX: 09[IKE] peer requested virtual IP %any
Sep 17 05:09:17 a18-03-01 charon-MAX: 09[CFG] assigning new lease to 'i18bc3e54cba14fa3adce4297629a9a63'
Sep 17 05:09:17 a18-03-01 charon-MAX: 09[CHD]  sfloadbalancer acquire new address 10.10.128.2 from 10.10.128.0/22 for lease i18bc3e54cba14fa3adce4297629a9a63
Sep 17 05:09:17 a18-03-01 charon-MAX: 09[IKE] assigning virtual IP 10.10.128.2 to peer 'i18bc3e54cba14fa3adce4297629a9a63'
Sep 17 05:09:17 a18-03-01 charon-MAX: 09[CHD] sfloadbalancer create_attribute_enumerator
Sep 17 05:09:17 a18-03-01 charon-MAX: 09[ENC] generating TRANSACTION response 799928909 [ HASH CPRP(ADDR DNS DNS) ]
Sep 17 05:09:17 a18-03-01 charon-MAX: 09[NET] sending packet: from server_ip[4500] to 108.226.162.131[4500] (92 bytes)
Sep 17 05:09:17 a18-03-01 charon-MAX: 11[NET] received packet: from 108.226.162.131[4500] to server_ip[4500] (300 bytes)
Sep 17 05:09:17 a18-03-01 charon-MAX: 11[ENC] parsed QUICK_MODE request 1190983258 [ HASH SA No ID ID ]
Sep 17 05:09:17 a18-03-01 charon-MAX: 11[KNL] getting SPI for reqid {4}
Sep 17 05:09:17 a18-03-01 charon-MAX: 11[KNL] got SPI c40cd352 for reqid {4}
Sep 17 05:09:17 a18-03-01 charon-MAX: 11[ENC] generating QUICK_MODE response 1190983258 [ HASH SA No ID ID ]
Sep 17 05:09:17 a18-03-01 charon-MAX: 11[NET] sending packet: from server_ip[4500] to 108.226.162.131[4500] (172 bytes)
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[NET] received packet: from 108.226.162.131[4500] to server_ip[4500] (60 bytes)
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[ENC] parsed QUICK_MODE request 1190983258 [ HASH ]
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] adding SAD entry with SPI c40cd352 and reqid {4}  (mark 0/0x00000000)
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL]   using encryption algorithm AES_CBC with key size 128
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL]   using integrity algorithm HMAC_SHA1_96 with key size 160
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL]   using replay window of 32 packets
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] adding SAD entry with SPI 090480e7 and reqid {4}  (mark 0/0x00000000)
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL]   using encryption algorithm AES_CBC with key size 128
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL]   using integrity algorithm HMAC_SHA1_96 with key size 160
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL]   using replay window of 32 packets
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] adding policy 0.0.0.0/0 === 10.10.128.2/32 out  (mark 0/0x00000000)
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] adding policy 10.10.128.2/32 === 0.0.0.0/0 in  (mark 0/0x00000000)
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] adding policy 10.10.128.2/32 === 0.0.0.0/0 fwd  (mark 0/0x00000000)
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] getting a local address in traffic selector 0.0.0.0/0
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] using host %any
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] using server_local_ip as nexthop to reach 108.226.162.131
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] server_ip is on interface bond0
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] installing route: 10.10.128.2/32 via server_local_ip src %any dev bond0
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] getting iface index for bond0
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] policy 0.0.0.0/0 === 10.10.128.2/32 out  (mark 0/0x00000000) already exists, increasing refcount
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] updating policy 0.0.0.0/0 === 10.10.128.2/32 out  (mark 0/0x00000000)
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] policy 10.10.128.2/32 === 0.0.0.0/0 in  (mark 0/0x00000000) already exists, increasing refcount
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] updating policy 10.10.128.2/32 === 0.0.0.0/0 in  (mark 0/0x00000000)
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] policy 10.10.128.2/32 === 0.0.0.0/0 fwd  (mark 0/0x00000000) already exists, increasing refcount
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] updating policy 10.10.128.2/32 === 0.0.0.0/0 fwd  (mark 0/0x00000000)
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] getting a local address in traffic selector 0.0.0.0/0
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] using host %any
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] using server_local_ip as nexthop to reach 108.226.162.131
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[KNL] server_ip is on interface bond0
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[IKE] CHILD_SA ios_client{4} established with SPIs c40cd352_i 090480e7_o and TS 0.0.0.0/0 === 10.10.128.2/32
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[CHD] sfupdown connection up
Sep 17 05:09:17 a18-03-01 charon-MAX: 10[CHD] clientId fetch success with Try1-XAuth1:i18bc3e54cba14fa3adce4297629a9a63
Sep 17 05:09:19 a18-03-01 charon-MAX: 14[NET] received packet: from 50.161.45.101[4500] to server_ip[4500] (92 bytes)
Sep 17 05:09:19 a18-03-01 charon-MAX: 14[ENC] parsed INFORMATIONAL_V1 request 106010779 [ HASH N(DPD) ]
Sep 17 05:09:19 a18-03-01 charon-MAX: 14[ENC] generating INFORMATIONAL_V1 request 736058675 [ HASH N(DPD_ACK) ]
Sep 17 05:09:19 a18-03-01 charon-MAX: 14[NET] sending packet: from server_ip[4500] to 50.161.45.101[4500] (92 bytes)




VPN Gateway / strongswan logs during vpn disconnect:
---------------------------------------------------------------
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[NET] received packet: from 108.226.162.131[4500] to server_ip[4500] (76 bytes)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[ENC] parsed INFORMATIONAL_V1 request 2126946462 [ HASH D ]
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[IKE] received DELETE for ESP CHILD_SA with SPI 0a34ddd0
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] querying SAD entry with SPI c6b877d9  (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] querying SAD entry with SPI 0a34ddd0  (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[IKE] closing CHILD_SA ios_client{34} with SPIs c6b877d9_i (883 bytes) 0a34ddd0_o (2037 bytes) and TS 0.0.0.0/0 === 10.10.128.4/32
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[CHD] sfupdown connection down
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[CHD] clientId fetch success with Try1-XAuth1:i18bc3e54cba14fa3adce4297629a9a63
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] deleting SAD entry with SPI c6b877d9  (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] deleted SAD entry with SPI c6b877d9 (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] deleting SAD entry with SPI 0a34ddd0  (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] deleted SAD entry with SPI 0a34ddd0 (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] deleting policy 0.0.0.0/0 === 10.10.128.4/32 out  (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] policy still used by another CHILD_SA, not removed
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] updating policy 0.0.0.0/0 === 10.10.128.4/32 out  (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] deleting policy 10.10.128.4/32 === 0.0.0.0/0 in  (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] policy still used by another CHILD_SA, not removed
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] updating policy 10.10.128.4/32 === 0.0.0.0/0 in  (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] deleting policy 10.10.128.4/32 === 0.0.0.0/0 fwd  (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] policy still used by another CHILD_SA, not removed
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] updating policy 10.10.128.4/32 === 0.0.0.0/0 fwd  (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] getting a local address in traffic selector 0.0.0.0/0
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] using host %any
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] using server_local_ip as nexthop to reach 108.226.162.131
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] server_ip is on interface bond0
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] deleting policy 0.0.0.0/0 === 10.10.128.4/32 out  (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] deleting policy 10.10.128.4/32 === 0.0.0.0/0 in  (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] deleting policy 10.10.128.4/32 === 0.0.0.0/0 fwd  (mark 0/0x00000000)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[KNL] getting iface index for bond0
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[NET] received packet: from 108.226.162.131[4500] to server_ip[4500] (92 bytes)
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[ENC] parsed INFORMATIONAL_V1 request 2991813150 [ HASH D ]
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[IKE] received DELETE for IKE_SA ios_client[46]
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[IKE] deleting IKE_SA ios_client[46] between server_ip[C=US, O=Self, CN=server_dns]...108.226.162.131[C=US, O=Self, CN=i18bc3e54cba14fa3adce4297629a9a63]
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[CFG] lease 10.10.128.4 by 'i18bc3e54cba14fa3adce4297629a9a63' went offline
Sep 17 04:48:24 a18-03-01 charon-MAX: 14[CHD] sfloadbalancer release address 10.10.128.4 from 10.10.128.0/22



phone logs during disconnection:
--------------------------------------
Sep 16 17:58:31 Naveens-iPhone5 configd[56] <Notice>: SCNC: stop, triggered by (1967) Preferences, type IPSec, reason User Requested
Sep 16 17:58:31 Naveens-iPhone5 configd[56] <Notice>: IPSec disconnecting from server_ip
Sep 16 17:58:31 Naveens-iPhone5 kernel[0] <Debug>: SIOCPROTODETACH_IN6: utun0 error=6
Sep 16 17:58:31 Naveens-iPhone5 configd[56] <Error>: ioctl(SIOCGIFFLAGS) failed: Device not configured
Sep 16 17:58:31 Naveens-iPhone5 configd[56] <Error>: SCNC Controller: service_ending_verify_primaryservice, waiting for PrimaryService. status = 1.
Sep 16 17:58:31 Naveens-iPhone5 configd[56] <Notice>: network changed: v4(en0:192.168.0.102, pdp_ip0, utun0-:10.10.128.4) DNS! Proxy!
Sep 16 17:58:31 Naveens-iPhone5 configd[56] <Notice>: network changed.
Sep 16 17:58:31 Naveens-iPhone5 configd[56] <Error>: SCNC Controller: ipv4_state_changed, done waiting for ServiceID.
Sep 16 17:58:31 Naveens-iPhone5 racoon[2375] <Notice>: IPSec disconnecting from server server_ip
Sep 16 17:58:31 Naveens-iPhone5 racoon[2375] <Error>: failed to send vpn_control message: Broken pipe
Sep 16 17:58:31 Naveens-iPhone5 mDNSResponder[32] <Error>: getExtendedFlags: SIOCGIFEFLAGS failed, errno = 6 (Device not configured)
Sep 16 17:58:31 Naveens-iPhone5 racoon[2375] <Warning>: glob found no matches for path "/var/run/racoon/*.conf"
Sep 16 17:58:31 Naveens-iPhone5 racoon[2375] <Notice>: IPSec disconnecting from server server_ip
Sep 16 17:58:31 Naveens-iPhone5 racoon[2375] <Error>: pfkey DELETE failed: No such file or directory
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140917/e86a2ce9/attachment-0001.html>


More information about the Users mailing list