[strongSwan] not all subnets get a tunnel

Averlon GmbH (in Gründung) info at averlon.net
Fri Sep 18 07:33:59 CEST 2015


Dear Mr. Kuntze,

IKEV2 did stated only "connecting" but nothing happend.
Probably there must be something set on the lancom - but I do not know what - I will check the docu.

Then I have changed to separate configs as listed here:

+++
# ipsec.conf - strongSwan IPsec configuration file

# basic configuration

config setup
        # strictcrlpolicy=yes
        # uniqueids = no
        charondebug="ike 0, knl 0, cfg 1"
conn %default
        ikelifetime=60m
        keylife=20m
        rekeymargin=3m
        keyingtries=1
        # keyexchange=ikev1
        authby=secret
        mobike=no

# Add connections here.
conn averlon_109
        authby=secret
        keyexchange=ikev1
        left=%defaultroute
        leftsubnet=192.168.114.0/24
        leftid=@f42252s2.av.loc
        right=aoffice.dyndns.biz
        rightsubnet=192.168.109.0/24
        rightid=@f42252r2.av.loc
        rightallowany=yes
        dpdaction=restart
        lifetime = 1h
        margintime = 9m
        rekeyfuzz = 100%
        auto=start

conn averlon_110
        authby=secret
        keyexchange=ikev1
        left=%defaultroute
        leftsubnet=192.168.114.0/24
        leftid=@f42252s2.av.loc
        right=aoffice.dyndns.biz
        rightsubnet=192.168.110.0/24
        rightid=@f42252r2.av.loc
        rightallowany=yes
        dpdaction=restart
        lifetime = 1h
        margintime = 9m
        rekeyfuzz = 100%
        auto=start

conn averlon_111
        authby=secret
        keyexchange=ikev1
        left=%defaultroute
        leftsubnet=192.168.114.0/24
        leftid=@f42252s2.av.loc
        right=aoffice.dyndns.biz
        rightsubnet=192.168.111.0/24
        rightid=@f42252r2.av.loc
        rightallowany=yes
        dpdaction=restart
        lifetime = 1h
        margintime = 9m
        rekeyfuzz = 100%
        auto=start
+++

The result is still, that one channel, 110 will not get up.
I am far away from having an understanding of the details of VPN or specially IKE.

Thanks for help
Regards
Karl-Heinz Fischbach

+++
00[DMN] Starting IKE charon daemon (strongSwan 5.1.2, Linux 3.13.0-63-generic, x86_64)
00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
00[CFG] loading crls from '/etc/ipsec.d/crls'
00[CFG] loading secrets from '/etc/ipsec.secrets'
00[CFG]   loaded IKE secret for @f42252s2.av.loc %any
00[LIB] loaded plugins: charon test-vectors aes rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints pkcs1 pkcs7 pkcs8 pkcs12 pem openssl xcbc cmac hmac ctr ccm gcm attr kernel-netlink resolve socket-default stroke updown eap-identity addrblock
00[LIB] unable to load 5 plugin features (5 due to unmet dependencies)
00[LIB] dropped capabilities, running as uid 0, gid 0
00[JOB] spawning 16 worker threads
05[CFG] received stroke: add connection 'averlon_109'
05[CFG] left nor right host is our side, assuming left=local
05[CFG] added configuration 'averlon_109'
05[CFG] received stroke: initiate 'averlon_109'
05[IKE] initiating Main Mode IKE_SA averlon_109[1] to 78.210.27.54
05[ENC] generating ID_PROT request 0 [ SA V V V V ]
05[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (220 bytes)
05[CFG] received stroke: add connection 'averlon_110'
05[CFG] left nor right host is our side, assuming left=local
05[CFG] added child to existing configuration 'averlon_109'
05[CFG] received stroke: initiate 'averlon_110'
05[CFG] received stroke: add connection 'averlon_111'
05[CFG] left nor right host is our side, assuming left=local
05[CFG] added child to existing configuration 'averlon_109'
05[CFG] received stroke: initiate 'averlon_111'
06[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (180 bytes)
06[ENC] parsed ID_PROT response 0 [ SA V V V V V ]
06[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
06[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
06[IKE] received NAT-T (RFC 3947) vendor ID
06[ENC] received unknown vendor ID: ee:ef:a3:78:09:e3:2a:d4:de:4f:6b:01:0c:26:a6:40
06[IKE] received DPD vendor ID
06[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
06[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (236 bytes)
08[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (236 bytes)
08[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
08[ENC] generating ID_PROT request 0 [ ID HASH ]
08[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
07[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (100 bytes)
07[ENC] parsed ID_PROT response 0 [ ID HASH N(INITIAL_CONTACT) ]
07[IKE] IKE_SA averlon_109[1] established between 178.254.10.102[f42252s2.av.loc]...78.210.27.54[f42252r2.av.loc]
07[IKE] scheduling reauthentication in 2538s
07[IKE] maximum IKE_SA lifetime 3078s
07[ENC] generating QUICK_MODE request 3690169088 [ HASH SA No ID ID ]
07[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (228 bytes)
09[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (164 bytes)
09[ENC] parsed QUICK_MODE response 3690169088 [ HASH SA No ID ID ]
09[IKE] CHILD_SA averlon_109{1} established with SPIs cf1edce8_i 13deb868_o and TS 192.168.114.0/24 === 192.168.109.0/24
09[ENC] generating QUICK_MODE request 3690169088 [ HASH ]
09[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (52 bytes)
09[ENC] generating QUICK_MODE request 1046467223 [ HASH SA No ID ID ]
09[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (228 bytes)
12[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (164 bytes)
12[ENC] parsed QUICK_MODE response 1046467223 [ HASH SA No ID ID ]
12[IKE] CHILD_SA averlon_110{2} established with SPIs c6963d17_i 515e067e_o and TS 192.168.114.0/24 === 192.168.110.0/24
12[ENC] generating QUICK_MODE request 1046467223 [ HASH ]
12[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (52 bytes)
12[ENC] generating QUICK_MODE request 2690634128 [ HASH SA No ID ID ]
12[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (228 bytes)
14[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (164 bytes)
14[ENC] parsed QUICK_MODE response 2690634128 [ HASH SA No ID ID ]
14[IKE] CHILD_SA averlon_111{3} established with SPIs c2702dac_i c35a51f9_o and TS 192.168.114.0/24 === 192.168.111.0/24
14[ENC] generating QUICK_MODE request 2690634128 [ HASH ]
14[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (52 bytes)
10[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (452 bytes)
10[ENC] parsed ID_PROT request 0 [ SA V V V V V ]
10[ENC] received unknown vendor ID: ee:ef:a3:78:09:e3:2a:d4:de:4f:6b:01:0c:26:a6:40
10[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
10[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
10[IKE] received NAT-T (RFC 3947) vendor ID
10[IKE] received DPD vendor ID
10[IKE] 78.210.27.54 is initiating a Main Mode IKE_SA
10[ENC] generating ID_PROT response 0 [ SA V V V ]
10[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (140 bytes)
09[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (220 bytes)
09[ENC] parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
09[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
09[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (236 bytes)
11[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
11[ENC] parsed ID_PROT request 0 [ ID HASH ]
11[CFG] looking for pre-shared key peer configs matching 178.254.10.102...78.210.27.54[f42252r2.av.loc]
11[CFG] selected peer config "averlon_109"
11[IKE] IKE_SA averlon_109[2] established between 178.254.10.102[f42252s2.av.loc]...78.210.27.54[f42252r2.av.loc]
11[IKE] scheduling reauthentication in 2708s
11[IKE] maximum IKE_SA lifetime 3248s
11[ENC] generating ID_PROT response 0 [ ID HASH ]
11[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
13[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
13[ENC] parsed QUICK_MODE request 728795655 [ HASH SA No ID ID ]
13[IKE] received 28800s lifetime, configured 3600s
13[IKE] received 2000000000 lifebytes, configured 0
13[IKE] detected rekeying of CHILD_SA averlon_110{2}
13[ENC] generating QUICK_MODE response 728795655 [ HASH SA No ID ID ]
13[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
14[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
14[ENC] parsed QUICK_MODE request 1629942854 [ HASH SA No ID ID ]
14[IKE] CHILD_SA averlon_110{2} established with SPIs c13a86ca_i b23644bc_o and TS 192.168.114.0/24 === 192.168.110.0/24
15[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
15[ENC] parsed QUICK_MODE request 2318397260 [ HASH SA No ID ID ]
15[IKE] no matching CHILD_SA config found
15[ENC] generating INFORMATIONAL_V1 request 1464982412 [ HASH N(INVAL_ID) ]
15[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
16[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
16[ENC] parsed QUICK_MODE request 3177397259 [ HASH SA No ID ID ]
16[IKE] no matching CHILD_SA config found
16[ENC] generating INFORMATIONAL_V1 request 3925950414 [ HASH N(INVAL_ID) ]
16[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
05[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
05[ENC] parsed QUICK_MODE request 1465010945 [ HASH SA No ID ID ]
05[IKE] received 28800s lifetime, configured 3600s
05[IKE] received 2000000000 lifebytes, configured 0
05[IKE] detected rekeying of CHILD_SA averlon_110{2}
05[ENC] generating QUICK_MODE response 1465010945 [ HASH SA No ID ID ]
05[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
06[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
06[ENC] parsed QUICK_MODE request 1834666359 [ HASH SA No ID ID ]
06[IKE] CHILD_SA averlon_110{2} established with SPIs c70989f8_i 53eddadb_o and TS 192.168.114.0/24 === 192.168.110.0/24
08[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
08[ENC] parsed QUICK_MODE request 1290177257 [ HASH SA No ID ID ]
08[IKE] received 28800s lifetime, configured 3600s
08[IKE] received 2000000000 lifebytes, configured 0
08[IKE] detected rekeying of CHILD_SA averlon_110{2}
08[ENC] generating QUICK_MODE response 1290177257 [ HASH SA No ID ID ]
08[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
07[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
07[ENC] parsed QUICK_MODE request 2199161235 [ HASH SA No ID ID ]
07[IKE] CHILD_SA averlon_110{2} established with SPIs c18d0fc7_i 69bee1c5_o and TS 192.168.114.0/24 === 192.168.110.0/24
10[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
10[ENC] parsed QUICK_MODE request 587263583 [ HASH SA No ID ID ]
10[IKE] received 28800s lifetime, configured 3600s
10[IKE] received 2000000000 lifebytes, configured 0
10[IKE] detected rekeying of CHILD_SA averlon_111{3}
10[ENC] generating QUICK_MODE response 587263583 [ HASH SA No ID ID ]
10[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
09[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
09[ENC] parsed QUICK_MODE request 479807828 [ HASH SA No ID ID ]
09[IKE] CHILD_SA averlon_111{3} established with SPIs c638587c_i 73c03e80_o and TS 192.168.114.0/24 === 192.168.111.0/24
11[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
11[ENC] parsed QUICK_MODE request 342045890 [ HASH SA No ID ID ]
11[IKE] no matching CHILD_SA config found
11[ENC] generating INFORMATIONAL_V1 request 2333672104 [ HASH N(INVAL_ID) ]
11[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
12[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
12[ENC] parsed QUICK_MODE request 565206458 [ HASH SA No ID ID ]
12[IKE] no matching CHILD_SA config found
12[ENC] generating INFORMATIONAL_V1 request 723054419 [ HASH N(INVAL_ID) ]
12[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
13[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
13[ENC] parsed QUICK_MODE request 3040563559 [ HASH SA No ID ID ]
13[IKE] received 28800s lifetime, configured 3600s
13[IKE] received 2000000000 lifebytes, configured 0
13[IKE] detected rekeying of CHILD_SA averlon_111{3}
13[ENC] generating QUICK_MODE response 3040563559 [ HASH SA No ID ID ]
13[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
14[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
14[ENC] parsed QUICK_MODE request 4090550132 [ HASH SA No ID ID ]
14[IKE] CHILD_SA averlon_111{3} established with SPIs c944e4f2_i 55281d69_o and TS 192.168.114.0/24 === 192.168.111.0/24
15[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
15[ENC] parsed QUICK_MODE request 3704706495 [ HASH SA No ID ID ]
15[IKE] received 28800s lifetime, configured 3600s
15[IKE] received 2000000000 lifebytes, configured 0
15[IKE] detected rekeying of CHILD_SA averlon_111{3}
15[ENC] generating QUICK_MODE response 3704706495 [ HASH SA No ID ID ]
15[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
16[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
16[ENC] parsed QUICK_MODE request 1823261520 [ HASH SA No ID ID ]
16[IKE] CHILD_SA averlon_111{3} established with SPIs c74ccbea_i a0c2aff5_o and TS 192.168.114.0/24 === 192.168.111.0/24
05[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
05[ENC] parsed QUICK_MODE request 934423260 [ HASH SA No ID ID ]
05[IKE] received 28800s lifetime, configured 3600s
05[IKE] received 2000000000 lifebytes, configured 0
05[IKE] detected rekeying of CHILD_SA averlon_111{3}
05[ENC] generating QUICK_MODE response 934423260 [ HASH SA No ID ID ]
05[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
06[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
06[ENC] parsed QUICK_MODE request 881746739 [ HASH SA No ID ID ]
06[IKE] CHILD_SA averlon_111{3} established with SPIs c7c59d61_i 80a678db_o and TS 192.168.114.0/24 === 192.168.111.0/24
08[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
08[ENC] parsed QUICK_MODE request 590010543 [ HASH SA No ID ID ]
08[IKE] no matching CHILD_SA config found
08[ENC] generating INFORMATIONAL_V1 request 490697787 [ HASH N(INVAL_ID) ]
08[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
07[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
07[ENC] parsed QUICK_MODE request 3422827684 [ HASH SA No ID ID ]
07[IKE] no matching CHILD_SA config found
07[ENC] generating INFORMATIONAL_V1 request 4038460681 [ HASH N(INVAL_ID) ]
07[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
10[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
10[ENC] parsed QUICK_MODE request 3178636289 [ HASH SA No ID ID ]
10[IKE] received 28800s lifetime, configured 3600s
10[IKE] received 2000000000 lifebytes, configured 0
10[IKE] detected rekeying of CHILD_SA averlon_111{3}
10[ENC] generating QUICK_MODE response 3178636289 [ HASH SA No ID ID ]
10[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
09[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
09[ENC] parsed QUICK_MODE request 144024872 [ HASH SA No ID ID ]
09[IKE] CHILD_SA averlon_111{3} established with SPIs cb935aac_i 95aa7226_o and TS 192.168.114.0/24 === 192.168.111.0/24
11[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
11[ENC] parsed QUICK_MODE request 2638837414 [ HASH SA No ID ID ]
11[IKE] received 28800s lifetime, configured 3600s
11[IKE] received 2000000000 lifebytes, configured 0
11[IKE] detected rekeying of CHILD_SA averlon_111{3}
11[ENC] generating QUICK_MODE response 2638837414 [ HASH SA No ID ID ]
11[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
12[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
12[ENC] parsed QUICK_MODE request 888695819 [ HASH SA No ID ID ]
12[IKE] CHILD_SA averlon_111{3} established with SPIs c5d34f08_i 60de8be8_o and TS 192.168.114.0/24 === 192.168.111.0/24
13[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
13[ENC] invalid HASH_V1 payload length, decryption failed?
13[ENC] could not decrypt payloads
13[IKE] message parsing failed
13[ENC] generating INFORMATIONAL_V1 request 3069888884 [ HASH N(PLD_MAL) ]
13[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
13[IKE] QUICK_MODE request with message ID 728795655 processing failed
14[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
14[ENC] invalid HASH_V1 payload length, decryption failed?
14[ENC] could not decrypt payloads
14[IKE] message parsing failed
14[ENC] generating INFORMATIONAL_V1 request 3587965051 [ HASH N(PLD_MAL) ]
14[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
14[IKE] QUICK_MODE request with message ID 1465010945 processing failed
14[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
14[ENC] invalid HASH_V1 payload length, decryption failed?
14[ENC] could not decrypt payloads
14[IKE] message parsing failed
14[ENC] generating INFORMATIONAL_V1 request 1285829243 [ HASH N(PLD_MAL) ]
14[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
14[IKE] QUICK_MODE request with message ID 1290177257 processing failed
16[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
16[ENC] invalid HASH_V1 payload length, decryption failed?
16[ENC] could not decrypt payloads
16[IKE] message parsing failed
16[ENC] generating INFORMATIONAL_V1 request 4244976531 [ HASH N(PLD_MAL) ]
16[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
16[IKE] QUICK_MODE request with message ID 587263583 processing failed
05[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
05[ENC] invalid HASH_V1 payload length, decryption failed?
05[ENC] could not decrypt payloads
05[IKE] message parsing failed
05[ENC] generating INFORMATIONAL_V1 request 1466042657 [ HASH N(PLD_MAL) ]
05[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
05[IKE] QUICK_MODE request with message ID 3040563559 processing failed
06[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
06[ENC] invalid HASH_V1 payload length, decryption failed?
06[ENC] could not decrypt payloads
06[IKE] message parsing failed
06[ENC] generating INFORMATIONAL_V1 request 485019922 [ HASH N(PLD_MAL) ]
06[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
06[IKE] QUICK_MODE request with message ID 3704706495 processing failed
08[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
08[ENC] invalid HASH_V1 payload length, decryption failed?
08[ENC] could not decrypt payloads
08[IKE] message parsing failed
08[ENC] generating INFORMATIONAL_V1 request 2344308014 [ HASH N(PLD_MAL) ]
08[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
08[IKE] QUICK_MODE request with message ID 934423260 processing failed
07[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
07[ENC] invalid HASH_V1 payload length, decryption failed?
07[ENC] could not decrypt payloads
07[IKE] message parsing failed
07[ENC] generating INFORMATIONAL_V1 request 1300159113 [ HASH N(PLD_MAL) ]
07[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
07[IKE] QUICK_MODE request with message ID 3178636289 processing failed
10[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
10[ENC] invalid HASH_V1 payload length, decryption failed?
10[ENC] could not decrypt payloads
10[IKE] message parsing failed
10[ENC] generating INFORMATIONAL_V1 request 1052567480 [ HASH N(PLD_MAL) ]
10[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
10[IKE] QUICK_MODE request with message ID 2638837414 processing failed
08[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
08[ENC] parsed QUICK_MODE request 1629942854 [ HASH SA No ID ID ]
08[IKE] received 28800s lifetime, configured 3600s
08[IKE] received 2000000000 lifebytes, configured 0
08[IKE] detected rekeying of CHILD_SA averlon_109{1}
08[ENC] generating QUICK_MODE response 1629942854 [ HASH SA No ID ID ]
08[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
07[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
07[ENC] parsed QUICK_MODE request 2318397260 [ HASH SA No ID ID ]
07[IKE] CHILD_SA averlon_109{1} established with SPIs c3956ee9_i b68918ff_o and TS 192.168.114.0/24 === 192.168.109.0/24
10[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
10[ENC] parsed QUICK_MODE request 3177397259 [ HASH SA No ID ID ]
10[IKE] no matching CHILD_SA config found
10[ENC] generating INFORMATIONAL_V1 request 412915614 [ HASH N(INVAL_ID) ]
10[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
09[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
09[ENC] parsed QUICK_MODE request 1834666359 [ HASH SA No ID ID ]
09[IKE] received 28800s lifetime, configured 3600s
09[IKE] received 2000000000 lifebytes, configured 0
09[IKE] detected rekeying of CHILD_SA averlon_109{1}
09[ENC] generating QUICK_MODE response 1834666359 [ HASH SA No ID ID ]
09[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
11[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
11[ENC] parsed QUICK_MODE request 2199161235 [ HASH SA No ID ID ]
11[IKE] CHILD_SA averlon_109{1} established with SPIs cc0147e9_i f83f198e_o and TS 192.168.114.0/24 === 192.168.109.0/24
12[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
12[ENC] parsed QUICK_MODE request 479807828 [ HASH SA No ID ID ]
12[IKE] received 28800s lifetime, configured 3600s
12[IKE] received 2000000000 lifebytes, configured 0
12[IKE] detected rekeying of CHILD_SA averlon_109{1}
12[ENC] generating QUICK_MODE response 479807828 [ HASH SA No ID ID ]
12[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
13[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
13[ENC] parsed QUICK_MODE request 342045890 [ HASH SA No ID ID ]
13[IKE] CHILD_SA averlon_109{1} established with SPIs ce89f5ae_i 7aadd307_o and TS 192.168.114.0/24 === 192.168.109.0/24
15[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
15[ENC] parsed QUICK_MODE request 565206458 [ HASH SA No ID ID ]
15[IKE] no matching CHILD_SA config found
15[ENC] generating INFORMATIONAL_V1 request 176763271 [ HASH N(INVAL_ID) ]
15[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
14[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
14[ENC] parsed QUICK_MODE request 4090550132 [ HASH SA No ID ID ]
14[IKE] received 28800s lifetime, configured 3600s
14[IKE] received 2000000000 lifebytes, configured 0
14[IKE] detected rekeying of CHILD_SA averlon_109{1}
14[ENC] generating QUICK_MODE response 4090550132 [ HASH SA No ID ID ]
14[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
16[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
16[ENC] parsed QUICK_MODE request 1823261520 [ HASH SA No ID ID ]
16[IKE] CHILD_SA averlon_109{1} established with SPIs ce953270_i bcfd8379_o and TS 192.168.114.0/24 === 192.168.109.0/24
05[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
05[ENC] parsed QUICK_MODE request 881746739 [ HASH SA No ID ID ]
05[IKE] received 28800s lifetime, configured 3600s
05[IKE] received 2000000000 lifebytes, configured 0
05[IKE] detected rekeying of CHILD_SA averlon_110{2}
05[ENC] generating QUICK_MODE response 881746739 [ HASH SA No ID ID ]
05[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
06[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
06[ENC] parsed QUICK_MODE request 590010543 [ HASH SA No ID ID ]
06[IKE] CHILD_SA averlon_110{2} established with SPIs c6696491_i 05b004dd_o and TS 192.168.114.0/24 === 192.168.110.0/24
08[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
08[ENC] parsed QUICK_MODE request 3422827684 [ HASH SA No ID ID ]
08[IKE] no matching CHILD_SA config found
08[ENC] generating INFORMATIONAL_V1 request 953951924 [ HASH N(INVAL_ID) ]
08[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
07[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
07[ENC] parsed QUICK_MODE request 144024872 [ HASH SA No ID ID ]
07[IKE] received 28800s lifetime, configured 3600s
07[IKE] received 2000000000 lifebytes, configured 0
07[IKE] detected rekeying of CHILD_SA averlon_110{2}
07[ENC] generating QUICK_MODE response 144024872 [ HASH SA No ID ID ]
07[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
10[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
10[ENC] parsed QUICK_MODE request 888695819 [ HASH SA No ID ID ]
10[IKE] CHILD_SA averlon_110{2} established with SPIs cce67299_i 2fe55ed3_o and TS 192.168.114.0/24 === 192.168.110.0/24
09[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
09[ENC] invalid HASH_V1 payload length, decryption failed?
09[ENC] could not decrypt payloads
09[IKE] message parsing failed
09[ENC] generating INFORMATIONAL_V1 request 2514808684 [ HASH N(PLD_MAL) ]
09[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
09[IKE] QUICK_MODE request with message ID 1629942854 processing failed
11[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
11[ENC] invalid HASH_V1 payload length, decryption failed?
11[ENC] could not decrypt payloads
11[IKE] message parsing failed
11[ENC] generating INFORMATIONAL_V1 request 3337634053 [ HASH N(PLD_MAL) ]
11[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
11[IKE] QUICK_MODE request with message ID 1834666359 processing failed
12[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
12[ENC] invalid HASH_V1 payload length, decryption failed?
12[ENC] could not decrypt payloads
12[IKE] message parsing failed
12[ENC] generating INFORMATIONAL_V1 request 2026881897 [ HASH N(PLD_MAL) ]
12[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
12[IKE] QUICK_MODE request with message ID 479807828 processing failed
13[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
13[ENC] invalid HASH_V1 payload length, decryption failed?
13[ENC] could not decrypt payloads
13[IKE] message parsing failed
13[ENC] generating INFORMATIONAL_V1 request 2276931040 [ HASH N(PLD_MAL) ]
13[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
13[IKE] QUICK_MODE request with message ID 4090550132 processing failed
15[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
15[ENC] invalid HASH_V1 payload length, decryption failed?
15[ENC] could not decrypt payloads
15[IKE] message parsing failed
15[ENC] generating INFORMATIONAL_V1 request 2314635905 [ HASH N(PLD_MAL) ]
15[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
15[IKE] QUICK_MODE request with message ID 881746739 processing failed
14[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
14[ENC] invalid HASH_V1 payload length, decryption failed?
14[ENC] could not decrypt payloads
14[IKE] message parsing failed
14[ENC] generating INFORMATIONAL_V1 request 1027796435 [ HASH N(PLD_MAL) ]
14[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
14[IKE] QUICK_MODE request with message ID 144024872 processing failed
12[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
12[ENC] parsed INFORMATIONAL_V1 request 2403093741 [ HASH D ]
12[IKE] received DELETE for ESP CHILD_SA with SPI 515e067e
12[IKE] closing CHILD_SA averlon_110{2} with SPIs c6963d17_i (0 bytes) 515e067e_o (0 bytes) and TS 192.168.114.0/24 === 192.168.110.0/24
13[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
13[ENC] parsed INFORMATIONAL_V1 request 1990649254 [ HASH D ]
13[IKE] received DELETE for ESP CHILD_SA with SPI b23644bc
13[IKE] closing CHILD_SA averlon_110{2} with SPIs c13a86ca_i (0 bytes) b23644bc_o (0 bytes) and TS 192.168.114.0/24 === 192.168.110.0/24
15[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
15[ENC] parsed INFORMATIONAL_V1 request 1785601898 [ HASH D ]
15[IKE] received DELETE for ESP CHILD_SA with SPI 53eddadb
15[IKE] closing CHILD_SA averlon_110{2} with SPIs c70989f8_i (0 bytes) 53eddadb_o (0 bytes) and TS 192.168.114.0/24 === 192.168.110.0/24
14[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
14[ENC] parsed INFORMATIONAL_V1 request 3012648107 [ HASH D ]
14[IKE] received DELETE for ESP CHILD_SA with SPI c35a51f9
14[IKE] closing CHILD_SA averlon_111{3} with SPIs c2702dac_i (0 bytes) c35a51f9_o (0 bytes) and TS 192.168.114.0/24 === 192.168.111.0/24
16[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
16[ENC] parsed INFORMATIONAL_V1 request 557152791 [ HASH D ]
16[IKE] received DELETE for ESP CHILD_SA with SPI 73c03e80
16[IKE] closing CHILD_SA averlon_111{3} with SPIs c638587c_i (0 bytes) 73c03e80_o (0 bytes) and TS 192.168.114.0/24 === 192.168.111.0/24
05[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
05[ENC] parsed INFORMATIONAL_V1 request 240299602 [ HASH D ]
05[IKE] received DELETE for ESP CHILD_SA with SPI 55281d69
05[IKE] closing CHILD_SA averlon_111{3} with SPIs c944e4f2_i (0 bytes) 55281d69_o (0 bytes) and TS 192.168.114.0/24 === 192.168.111.0/24
06[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
06[ENC] parsed INFORMATIONAL_V1 request 435632355 [ HASH D ]
06[IKE] received DELETE for ESP CHILD_SA with SPI a0c2aff5
06[IKE] closing CHILD_SA averlon_111{3} with SPIs c74ccbea_i (0 bytes) a0c2aff5_o (0 bytes) and TS 192.168.114.0/24 === 192.168.111.0/24
08[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
08[ENC] parsed INFORMATIONAL_V1 request 3979848461 [ HASH D ]
08[IKE] received DELETE for ESP CHILD_SA with SPI 80a678db
08[IKE] closing CHILD_SA averlon_111{3} with SPIs c7c59d61_i (0 bytes) 80a678db_o (0 bytes) and TS 192.168.114.0/24 === 192.168.111.0/24
07[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
07[ENC] parsed INFORMATIONAL_V1 request 1830887904 [ HASH D ]
07[IKE] received DELETE for ESP CHILD_SA with SPI 95aa7226
07[IKE] closing CHILD_SA averlon_111{3} with SPIs cb935aac_i (0 bytes) 95aa7226_o (0 bytes) and TS 192.168.114.0/24 === 192.168.111.0/24
10[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
10[ENC] parsed QUICK_MODE request 2318397260 [ HASH SA No ID ID ]
10[IKE] no matching CHILD_SA config found
10[ENC] generating INFORMATIONAL_V1 request 2803276516 [ HASH N(INVAL_ID) ]
10[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
09[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
09[ENC] parsed QUICK_MODE request 3177397259 [ HASH SA No ID ID ]
09[IKE] no matching CHILD_SA config found
09[ENC] generating INFORMATIONAL_V1 request 108496847 [ HASH N(INVAL_ID) ]
09[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
11[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
11[ENC] parsed QUICK_MODE request 2199161235 [ HASH SA No ID ID ]
11[IKE] received 28800s lifetime, configured 3600s
11[IKE] received 2000000000 lifebytes, configured 0
11[IKE] detected rekeying of CHILD_SA averlon_109{1}
11[ENC] generating QUICK_MODE response 2199161235 [ HASH SA No ID ID ]
11[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
12[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
12[ENC] parsed QUICK_MODE request 342045890 [ HASH SA No ID ID ]
12[IKE] CHILD_SA averlon_109{1} established with SPIs c4a14149_i 1edbc7a0_o and TS 192.168.114.0/24 === 192.168.109.0/24
13[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
13[ENC] parsed QUICK_MODE request 565206458 [ HASH SA No ID ID ]
13[IKE] no matching CHILD_SA config found
13[ENC] generating INFORMATIONAL_V1 request 2293567313 [ HASH N(INVAL_ID) ]
13[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
15[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
15[ENC] parsed QUICK_MODE request 1823261520 [ HASH SA No ID ID ]
15[IKE] received 28800s lifetime, configured 3600s
15[IKE] received 2000000000 lifebytes, configured 0
15[IKE] detected rekeying of CHILD_SA averlon_109{1}
15[ENC] generating QUICK_MODE response 1823261520 [ HASH SA No ID ID ]
15[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
14[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
14[ENC] parsed QUICK_MODE request 590010543 [ HASH SA No ID ID ]
14[IKE] CHILD_SA averlon_109{1} established with SPIs c3d6f98c_i c110f110_o and TS 192.168.114.0/24 === 192.168.109.0/24
16[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
16[ENC] parsed QUICK_MODE request 3422827684 [ HASH SA No ID ID ]
16[IKE] no matching CHILD_SA config found
16[ENC] generating INFORMATIONAL_V1 request 3372047623 [ HASH N(INVAL_ID) ]
16[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
05[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
05[ENC] parsed QUICK_MODE request 888695819 [ HASH SA No ID ID ]
05[IKE] received 28800s lifetime, configured 3600s
05[IKE] received 2000000000 lifebytes, configured 0
05[IKE] detected rekeying of CHILD_SA averlon_110{2}
05[ENC] generating QUICK_MODE response 888695819 [ HASH SA No ID ID ]
05[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
06[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
06[ENC] invalid HASH_V1 payload length, decryption failed?
06[ENC] could not decrypt payloads
06[IKE] message parsing failed
06[ENC] generating INFORMATIONAL_V1 request 4281125268 [ HASH N(PLD_MAL) ]
06[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
06[IKE] QUICK_MODE request with message ID 2199161235 processing failed
08[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
08[ENC] invalid HASH_V1 payload length, decryption failed?
08[ENC] could not decrypt payloads
08[IKE] message parsing failed
08[ENC] generating INFORMATIONAL_V1 request 3313356339 [ HASH N(PLD_MAL) ]
08[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
08[IKE] QUICK_MODE request with message ID 1823261520 processing failed
07[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
07[ENC] invalid HASH_V1 payload length, decryption failed?
07[ENC] could not decrypt payloads
07[IKE] message parsing failed
07[ENC] generating INFORMATIONAL_V1 request 3185155740 [ HASH N(PLD_MAL) ]
07[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
07[IKE] QUICK_MODE request with message ID 888695819 processing failed
13[IKE] sending retransmit 1 of response message ID 888695819, seq 21
13[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (188 bytes)
15[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (60 bytes)
15[ENC] invalid HASH_V1 payload length, decryption failed?
15[ENC] could not decrypt payloads
15[IKE] message parsing failed
15[ENC] generating INFORMATIONAL_V1 request 534717635 [ HASH N(PLD_MAL) ]
15[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
15[IKE] QUICK_MODE request with message ID 888695819 processing failed
14[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
14[ENC] parsed INFORMATIONAL_V1 request 4005371887 [ HASH D ]
14[IKE] received DELETE for ESP CHILD_SA with SPI 13deb868
14[IKE] closing CHILD_SA averlon_109{1} with SPIs cf1edce8_i (0 bytes) 13deb868_o (0 bytes) and TS 192.168.114.0/24 === 192.168.109.0/24
16[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
16[ENC] parsed INFORMATIONAL_V1 request 1387870266 [ HASH D ]
16[IKE] received DELETE for ESP CHILD_SA with SPI b68918ff
16[IKE] closing CHILD_SA averlon_109{1} with SPIs c3956ee9_i (0 bytes) b68918ff_o (0 bytes) and TS 192.168.114.0/24 === 192.168.109.0/24
05[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
05[ENC] parsed INFORMATIONAL_V1 request 4191948066 [ HASH D ]
05[IKE] received DELETE for ESP CHILD_SA with SPI f83f198e
05[IKE] closing CHILD_SA averlon_109{1} with SPIs cc0147e9_i (0 bytes) f83f198e_o (0 bytes) and TS 192.168.114.0/24 === 192.168.109.0/24
06[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
06[ENC] parsed INFORMATIONAL_V1 request 612101760 [ HASH D ]
06[IKE] received DELETE for ESP CHILD_SA with SPI 7aadd307
06[IKE] closing CHILD_SA averlon_109{1} with SPIs ce89f5ae_i (0 bytes) 7aadd307_o (0 bytes) and TS 192.168.114.0/24 === 192.168.109.0/24
08[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
08[ENC] parsed INFORMATIONAL_V1 request 430140926 [ HASH D ]
08[IKE] received DELETE for ESP CHILD_SA with SPI 69bee1c5
08[IKE] closing CHILD_SA averlon_110{2} with SPIs c18d0fc7_i (0 bytes) 69bee1c5_o (0 bytes) and TS 192.168.114.0/24 === 192.168.110.0/24
07[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
07[ENC] parsed INFORMATIONAL_V1 request 3159328871 [ HASH D ]
07[IKE] received DELETE for ESP CHILD_SA with SPI 05b004dd
07[IKE] closing CHILD_SA averlon_110{2} with SPIs c6696491_i (0 bytes) 05b004dd_o (0 bytes) and TS 192.168.114.0/24 === 192.168.110.0/24
10[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
10[ENC] parsed QUICK_MODE request 2318397260 [ HASH SA No ID ID ]
10[IKE] no matching CHILD_SA config found
10[ENC] generating INFORMATIONAL_V1 request 235457446 [ HASH N(INVAL_ID) ]
10[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
11[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
11[ENC] parsed QUICK_MODE request 3177397259 [ HASH SA No ID ID ]
11[IKE] no matching CHILD_SA config found
11[ENC] generating INFORMATIONAL_V1 request 57535664 [ HASH N(INVAL_ID) ]
11[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
12[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
12[ENC] parsed QUICK_MODE request 342045890 [ HASH SA No ID ID ]
12[IKE] no matching CHILD_SA config found
12[ENC] generating INFORMATIONAL_V1 request 2195903886 [ HASH N(INVAL_ID) ]
12[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
13[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
13[ENC] parsed QUICK_MODE request 565206458 [ HASH SA No ID ID ]
13[IKE] no matching CHILD_SA config found
13[ENC] generating INFORMATIONAL_V1 request 3594072932 [ HASH N(INVAL_ID) ]
13[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
15[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
15[ENC] parsed QUICK_MODE request 590010543 [ HASH SA No ID ID ]
15[IKE] no matching CHILD_SA config found
15[ENC] generating INFORMATIONAL_V1 request 1333364366 [ HASH N(INVAL_ID) ]
15[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
14[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (572 bytes)
14[ENC] parsed QUICK_MODE request 3422827684 [ HASH SA No ID ID ]
14[IKE] no matching CHILD_SA config found
14[ENC] generating INFORMATIONAL_V1 request 568339569 [ HASH N(INVAL_ID) ]
14[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
08[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
08[ENC] parsed INFORMATIONAL_V1 request 738378461 [ HASH D ]
08[IKE] received DELETE for ESP CHILD_SA with SPI bcfd8379
08[IKE] closing CHILD_SA averlon_109{1} with SPIs ce953270_i (0 bytes) bcfd8379_o (0 bytes) and TS 192.168.114.0/24 === 192.168.109.0/24
07[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
07[ENC] parsed INFORMATIONAL_V1 request 2141573401 [ HASH D ]
07[IKE] received DELETE for ESP CHILD_SA with SPI 1edbc7a0
07[IKE] closing CHILD_SA averlon_109{1} with SPIs c4a14149_i (0 bytes) 1edbc7a0_o (0 bytes) and TS 192.168.114.0/24 === 192.168.109.0/24
09[NET] received packet: from 78.210.27.54[500] to 178.254.10.102[500] (76 bytes)
09[ENC] parsed INFORMATIONAL_V1 request 1978372479 [ HASH D ]
09[IKE] received DELETE for ESP CHILD_SA with SPI 2fe55ed3
09[IKE] closing CHILD_SA averlon_110{2} with SPIs cce67299_i (0 bytes) 2fe55ed3_o (0 bytes) and TS 192.168.114.0/24 === 192.168.110.0/24
00[DMN] signal of type SIGINT received. Shutting down
00[IKE] closing CHILD_SA averlon_111{3} with SPIs c5d34f08_i (0 bytes) 60de8be8_o (0 bytes) and TS 192.168.114.0/24 === 192.168.111.0/24
00[IKE] sending DELETE for ESP CHILD_SA with SPI c5d34f08
00[ENC] generating INFORMATIONAL_V1 request 1477498805 [ HASH D ]
00[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
00[IKE] closing CHILD_SA averlon_109{1} with SPIs c3d6f98c_i (0 bytes) c110f110_o (0 bytes) and TS 192.168.114.0/24 === 192.168.109.0/24
00[IKE] sending DELETE for ESP CHILD_SA with SPI c3d6f98c
00[ENC] generating INFORMATIONAL_V1 request 3274093299 [ HASH D ]
00[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (76 bytes)
00[IKE] deleting IKE_SA averlon_109[2] between 178.254.10.102[f42252s2.av.loc]...78.210.27.54[f42252r2.av.loc]
00[IKE] sending DELETE for IKE_SA averlon_109[2]
00[ENC] generating INFORMATIONAL_V1 request 1833883343 [ HASH D ]
00[NET] sending packet: from 178.254.10.102[500] to 78.210.27.54[500] (92 bytes)
+++

Mit freundlichenGrüßen / Kind Regards
Hr./Mr. Karl-Heinz Fischbach
Heiglstr. 4
85661 Forstinning
Germany

Tel.: +49 (8121) 7922532
mobile: +49 (171) 5570660
e-Mail: info at averlon.net
Skype: khfischbach
jabber: averlon at jabber.org
Homepage: www.averlon.net
Xing:www.xing.com/profile/KarlHeinz_Fischbach2
LinkedIn:www.linkedin.com/in/karlheinzfischbach
Signatur:
Diese e-mail ist unter Umständensigniert. Die Signatur entspricht dem Deutschen Signaturgesetz und entsprechenden europäischen Regelungen.
Important Note:
This e-mail may contain trade secrets or privileged, undisclosed orotherwise confidential information. If you have received this e-mail in error, you are hereby notified that any review, copying or distributionof it is strictly prohibited. Please inform us immediately and destroy the original transmittal.

-----Ursprüngliche Nachricht-----
Von: Noel Kuntze [mailto:noel at familie-kuntze.de] 
Gesendet: Donnerstag, 17. September 2015 20:57
An: Averlon GmbH (in Gründung) <info at averlon.net>; users at lists.strongswan.org
Betreff: Re: [strongSwan] not all subnets get a tunnel


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Am 17.09.2015 um 19:29 schrieb Averlon GmbH (in Gründung):
>        rightsubnet=192.168.110.0/24,192.168.109.0/24
Why do you expect this to work?
With IKEv1, you can only tunnel traffic between parts of subnets, not arbitrary groups.
For the latter, you need to use IKEv2.
To alleviate the problem, you need to configure a second configuration for the same peer, but with the other subnet pair.

- -- 

Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJV+w0EAAoJEDg5KY9j7GZYPIAP/14jw0RWF10T4jDW1o0ONUso
doihuW8ZBJvb0ql9toUGOeDsyc2mn+HAa2yJxfAww/vXIVX9VlVxwjb1vZtBLQxW
+/SaQSjPuu8s9BPH5cZ+8J9FtJVqs4xO3KueUoiwBILDscOyYVHR4YOTI8snhyvA
+DDgc11V3GEqcT09b1Aj2+PQ7XtqOWnOc02O2MBFcytbUwP+J50UqsAn6P2RsGY8
rgCWSDGp7nMdmuKS2TEPJQER//6CWF567A+fLWo4mpJapy4nTI3E0wTmVTa9XRzx
MEx2j1SFM8+QK0kOcqKlEoQHH6u4VXonyzJMk2uUaSsMBU6cArOJTKT8LxEZ9LVW
QKIiIM0a21nZ6m02rpL/XJjlIXFn37oqf1P6zuOZZvpvrsIbmnviRVQfAYfp6aIA
8U2cgjry85zMC0PbNI/ZisxHPUBy61X8R1xLJUSk4D4tpCoa2pddzwvyi6gcUUPC
LGLXObKwC+KObTUO1K6KLqDzYvePoEmU6rLrF8vbaYn2G5gryz2X2cggwESwcJbQ
VKpnQcOgI9dOHcJ13HNn5g5oNsxnWSsBHrqCjERiQqvwTg6DdVIPH4SvH4DC9Wba
TqRg+clGa4iKZDEJSZGEe1eZdk3wd+mwcxedq4BXRh5Qtugy7P+OpZKj0azdEkz5
jVeI1/pElOAmm8196yBw
=mtvs
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6184 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150918/e7e564c7/attachment-0001.bin>


More information about the Users mailing list