[strongSwan] IPSEC SA Dropping for no apparent reason

Turnbough, Bradley E. bturnbough at belcan.com
Wed Feb 18 18:02:12 CET 2015 

We started having issues with a IPSEC B2B tunnel dropping.  When I issue the 'up' command, it brings the tunnel up, and provides me with the following info (sanitized for security).

hostname.belcan.com:root:/root>ipsec up business-sa-01
initiating Main Mode IKE_SA business-sa-01[80] to e.f.g.h
generating ID_PROT request 0 [ SA V V V V ]
sending packet: from a.b.c.d[500] to e.f.g.h[500] (184 bytes)
received packet: from e.f.g.h[500] to a.b.c.d[500] (124 bytes)
parsed ID_PROT response 0 [ SA V V ]
received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
received FRAGMENTATION vendor ID
generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
sending packet: from a.b.c.d[500] to e.f.g.h[500] (244 bytes)
received packet: from e.f.g.h[500] to a.b.c.d[500] (304 bytes)
parsed ID_PROT response 0 [ KE No V V V V NAT-D NAT-D ]
received Cisco Unity vendor ID
received XAuth vendor ID
received unknown vendor ID: 7d:ca:d5:4e:05:4a:3e:5f:17:19:85:e5:b3:6c:bc:0e
received unknown vendor ID: 1f:07:f7:0e:aa:65:14:d3:b0:fa:96:54:2a:50:01:00
local host is behind NAT, sending keep alives
generating ID_PROT request 0 [ ID HASH ]
sending packet: from a.b.c.d[4500] to e.f.g.h[4500] (68 bytes)
received packet: from e.f.g.h[4500] to a.b.c.d[4500] (84 bytes)
parsed ID_PROT response 0 [ ID HASH V ]
received DPD vendor ID
IKE_SA business-sa-01[80] established between a.b.c.d[a.b.c.d]...e.f.g.h[e.f.g.h]
scheduling reauthentication in 10193s
maximum IKE_SA lifetime 10733s
generating QUICK_MODE request 2145900863 [ HASH SA No ID ID ]
sending packet: from a.b.c.d[4500] to e.f.g.h[4500] (204 bytes)
received packet: from e.f.g.h[4500] to a.b.c.d[4500] (164 bytes)
parsed QUICK_MODE response 2145900863 [ HASH SA No ID ID ]
connection 'business-sa-01' established successfully


Can someone please tell me if there is anything in there that is a problem or looks suspicious?

Thanks,

Brad Turnbough
_____________________________________________________________ This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated.

More information about the Users mailing list