[strongSwan] OSx 10.10 built-in VPN client - CISCO IPSec

Amitava Shee amitava.shee at gmail.com
Mon Apr 25 15:02:03 CEST 2016


I have been able to connect to a new instance of StrongSwan using the
StrongSwan osx client (IKEv2 EAP).

I was hoping to use Yosemite's built-in VPN client (Cisco IPsec). I have
configured it with the following

Server Address: vpn.example.com
Account name: alice
Authentication Settings ... -> Shared Secret : xxxxx

When I try to connect, I can see osx racoon logs but no trace on the server
log

amitava:~ amitava$ sudo tail -f /var/log/raccon.log
Password:

Apr 22 09:20:40 amitava.local racoon[88160] <Info>: racoon launched by
launchd.
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: my interface: ::1 (lo0)
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: my interface:
127.0.0.1 (lo0)
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: my interface:
fe80::1%lo0 (lo0)
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: my interface:
fe80::a299:9bff:fe07:459b%en0 (en0)
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: my interface:
10.21.121.98 (en0)
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: my interface:
fe80::e814:c6ff:fed5:c5bd%awdl0 (awdl0)
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: my interface:
fe80::d7f6:ef10:ad21:2127%utun0 (utun0)
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: my interface:
192.168.99.1 (vboxnet0)
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: my interface:
10.20.30.1 (vboxnet1)
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: configuring default
isakmp port.
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: 18 addrs are
configured successfully
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: 10.20.30.1[500] used as
isakmp port (fd=8)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: 10.20.30.1[4500] used
as isakmp port (fd=9)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: 192.168.99.1[500] used
as isakmp port (fd=10)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: 192.168.99.1[4500] used
as isakmp port (fd=11)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>:
fe80::d7f6:ef10:ad21:2127%utun0[500] used as isakmp port (fd=12)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>:
fe80::d7f6:ef10:ad21:2127%utun0[4500] used as isakmp port (fd=13)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>:
fe80::e814:c6ff:fed5:c5bd%awdl0[500] used as isakmp port (fd=14)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>:
fe80::e814:c6ff:fed5:c5bd%awdl0[4500] used as isakmp port (fd=15)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: 10.21.121.98[500] used
as isakmp port (fd=16)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: 10.21.121.98[4500] used
as isakmp port (fd=17)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>:
fe80::a299:9bff:fe07:459b%en0[500] used as isakmp port (fd=18)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>:
fe80::a299:9bff:fe07:459b%en0[4500] used as isakmp port (fd=19)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: fe80::1%lo0[500] used
as isakmp port (fd=20)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: fe80::1%lo0[4500] used
as isakmp port (fd=21)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: 127.0.0.1[500] used as
isakmp port (fd=22)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: 127.0.0.1[4500] used as
isakmp port (fd=23)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: ::1[500] used as isakmp
port (fd=24)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: ::1[4500] used as
isakmp port (fd=25)
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: found launchd socket.
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: pfkey X_SPDDUMP
failed: No such file or directory
Apr 22 09:20:40 amitava.local racoon[88160] <Notice>: accepted connection
on vpn control socket.
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: received bind command
on vpn control socket.
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: received connect
command on vpn control socket.
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: configuration found
for 192.168.99.101[62465].
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: accept a request to
establish IKE-SA: 192.168.99.101
Apr 22 09:20:40 amitava.local racoon[88160] <Notice>: IPSec connecting to
server 192.168.99.101
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: start search for
IKE-Session. target 192.168.99.101[500].
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: New IKE-Session to
192.168.99.101[500].
Apr 22 09:20:40 amitava.local racoon[88160] <Notice>: Connecting.
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: *** New Phase 1
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: ****** state changed
to: IKEv1 ident I start
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: ===
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: initiate new phase 1
negotiation: 10.21.121.98[500]<=>192.168.99.101[500]
Apr 22 09:20:40 amitava.local racoon[88160] <Info>: begin Identity
Protection mode.
Apr 22 09:20:40 amitava.local racoon[88160] <Notice>: IPSec Phase 1 started
(Initiated by me).
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: new cookie:
7e1dcd6e5dddfe92
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len
288, next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 16,
next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 16,
next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 16,
next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 16,
next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 16,
next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 16,
next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 16,
next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 16,
next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 16,
next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 16,
next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 8,
next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 16,
next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 20,
next type 13
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: add payload of len 16,
next type 0
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: 596 bytes from
10.21.121.98[500] to 192.168.99.101[500]
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: sockname
10.21.121.98[500]
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: send packet from
10.21.121.98[500]
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: send packet to
192.168.99.101[500]
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: @@@@@@ data being sent:

7e1dcd6e 5dddfe92 00000000 00000000 01100200 00000000 00000254 0d000124
00000001 00000001 00000118 01010008 03000024 01010000 800b0001 800c0e10
80010007 800e0100 8003fde9 80020002 80040002 03000024 02010000 800b0001
800c0e10 80010007 800e0080 8003fde9 80020002 80040002 03000024 03010000
800b0001 800c0e10 80010007 800e0100 8003fde9 80020001 80040002 03000024
04010000 800b0001 800c0e10 80010007 800e0080 8003fde9 80020001 80040002
03000020 05010000 800b0001 800c0e10 80010005 8003fde9 80020002 80040002
03000020 06010000 800b0001 800c0e10 80010005 8003fde9 80020001 80040002
03000020 07010000 800b0001 800c0e10 80010001 8003fde9 80020002 80040002
00000020 08010000 800b0001 800c0e10 80010001 8003fde9 80020001 80040002
0d000014 4a131c81 07035845 5c5728f2 0e95452f 0d000014 4df37928 e9fc4fd1
b3262170 d515c662 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014
439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f
02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e
ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56
0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e
086381b5 ec427b1f 0d00000c 09002689 dfd6b712 0d000014 12f5f28c 457168a9
702d9fe2 74cc0100 0d000018 4048b7d5 6ebce885 25e7de7f 00d6c2d3 80000000
00000014 afcad713 68a1f1c9 6b8696fc 77570100
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: 1 times of 596 bytes
message will be sent to 192.168.99.101[500]
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: Resend Phase 1 packet
7e1dcd6e5dddfe92:0000000000000000
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: ****** state changed
to: IKEv1 ident I msg1 sent
Apr 22 09:20:40 amitava.local racoon[88160] <Notice>: IKE Packet: transmit
success. (Initiator, Main-Mode message 1).
Apr 22 09:20:40 amitava.local racoon[88160] <Notice>: >>>>> phase change
status = Phase 1 started by us
Apr 22 09:20:40 amitava.local racoon[88160] <Debug>: vpn control writing 20
bytes
Apr 22 09:20:43 amitava.local racoon[88160] <Debug>: 596 bytes from
10.21.121.98[500] to 192.168.99.101[500]
Apr 22 09:20:43 amitava.local racoon[88160] <Debug>: sockname
10.21.121.98[500]
Apr 22 09:20:43 amitava.local racoon[88160] <Debug>: send packet from
10.21.121.98[500]
Apr 22 09:20:43 amitava.local racoon[88160] <Debug>: send packet to
192.168.99.101[500]
Apr 22 09:20:43 amitava.local racoon[88160] <Debug>: @@@@@@ data being sent:

7e1dcd6e 5dddfe92 00000000 00000000 01100200 00000000 00000254 0d000124
00000001 00000001 00000118 01010008 03000024 01010000 800b0001 800c0e10
80010007 800e0100 8003fde9 80020002 80040002 03000024 02010000 800b0001
800c0e10 80010007 800e0080 8003fde9 80020002 80040002 03000024 03010000
800b0001 800c0e10 80010007 800e0100 8003fde9 80020001 80040002 03000024
04010000 800b0001 800c0e10 80010007 800e0080 8003fde9 80020001 80040002
03000020 05010000 800b0001 800c0e10 80010005 8003fde9 80020002 80040002
03000020 06010000 800b0001 800c0e10 80010005 8003fde9 80020001 80040002
03000020 07010000 800b0001 800c0e10 80010001 8003fde9 80020002 80040002
00000020 08010000 800b0001 800c0e10 80010001 8003fde9 80020001 80040002
0d000014 4a131c81 07035845 5c5728f2 0e95452f 0d000014 4df37928 e9fc4fd1
b3262170 d515c662 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014
439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f
02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e
ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56
0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e
086381b5 ec427b1f 0d00000c 09002689 dfd6b712 0d000014 12f5f28c 457168a9
702d9fe2 74cc0100 0d000018 4048b7d5 6ebce885 25e7de7f 00d6c2d3 80000000
00000014 afcad713 68a1f1c9 6b8696fc 77570100
Apr 22 09:20:43 amitava.local racoon[88160] <Debug>: 1 times of 596 bytes
message will be sent to 192.168.99.101[500]
Apr 22 09:20:43 amitava.local racoon[88160] <Notice>: IKE Packet: transmit
success. (Phase 1 Retransmit).
Apr 22 09:20:43 amitava.local racoon[88160] <Debug>: Resend Phase 1 packet
7e1dcd6e5dddfe92:0000000000000000
Apr 22 09:20:46 amitava.local racoon[88160] <Debug>: 596 bytes from
10.21.121.98[500] to 192.168.99.101[500]
Apr 22 09:20:46 amitava.local racoon[88160] <Debug>: sockname
10.21.121.98[500]
Apr 22 09:20:46 amitava.local racoon[88160] <Debug>: send packet from
10.21.121.98[500]
Apr 22 09:20:46 amitava.local racoon[88160] <Debug>: send packet to
192.168.99.101[500]
Apr 22 09:20:46 amitava.local racoon[88160] <Debug>: @@@@@@ data being sent:

7e1dcd6e 5dddfe92 00000000 00000000 01100200 00000000 00000254 0d000124
00000001 00000001 00000118 01010008 03000024 01010000 800b0001 800c0e10
80010007 800e0100 8003fde9 80020002 80040002 03000024 02010000 800b0001
800c0e10 80010007 800e0080 8003fde9 80020002 80040002 03000024 03010000
800b0001 800c0e10 80010007 800e0100 8003fde9 80020001 80040002 03000024
04010000 800b0001 800c0e10 80010007 800e0080 8003fde9 80020001 80040002
03000020 05010000 800b0001 800c0e10 80010005 8003fde9 80020002 80040002
03000020 06010000 800b0001 800c0e10 80010005 8003fde9 80020001 80040002
03000020 07010000 800b0001 800c0e10 80010001 8003fde9 80020002 80040002
00000020 08010000 800b0001 800c0e10 80010001 8003fde9 80020001 80040002
0d000014 4a131c81 07035845 5c5728f2 0e95452f 0d000014 4df37928 e9fc4fd1
b3262170 d515c662 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014
439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f
02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e
ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56
0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e
086381b5 ec427b1f 0d00000c 09002689 dfd6b712 0d000014 12f5f28c 457168a9
702d9fe2 74cc0100 0d000018 4048b7d5 6ebce885 25e7de7f 00d6c2d3 80000000
00000014 afcad713 68a1f1c9 6b8696fc 77570100
Apr 22 09:20:46 amitava.local racoon[88160] <Debug>: 1 times of 596 bytes
message will be sent to 192.168.99.101[500]
Apr 22 09:20:46 amitava.local racoon[88160] <Notice>: IKE Packet: transmit
success. (Phase 1 Retransmit).
Apr 22 09:20:46 amitava.local racoon[88160] <Debug>: Resend Phase 1 packet
7e1dcd6e5dddfe92:0000000000000000
Apr 22 09:20:49 amitava.local racoon[88160] <Debug>: 596 bytes from
10.21.121.98[500] to 192.168.99.101[500]
Apr 22 09:20:49 amitava.local racoon[88160] <Debug>: sockname
10.21.121.98[500]
Apr 22 09:20:49 amitava.local racoon[88160] <Debug>: send packet from
10.21.121.98[500]
Apr 22 09:20:49 amitava.local racoon[88160] <Debug>: send packet to
192.168.99.101[500]
Apr 22 09:20:49 amitava.local racoon[88160] <Debug>: @@@@@@ data being sent:

7e1dcd6e 5dddfe92 00000000 00000000 01100200 00000000 00000254 0d000124
00000001 00000001 00000118 01010008 03000024 01010000 800b0001 800c0e10
80010007 800e0100 8003fde9 80020002 80040002 03000024 02010000 800b0001
800c0e10 80010007 800e0080 8003fde9 80020002 80040002 03000024 03010000
800b0001 800c0e10 80010007 800e0100 8003fde9 80020001 80040002 03000024
04010000 800b0001 800c0e10 80010007 800e0080 8003fde9 80020001 80040002
03000020 05010000 800b0001 800c0e10 80010005 8003fde9 80020002 80040002
03000020 06010000 800b0001 800c0e10 80010005 8003fde9 80020001 80040002
03000020 07010000 800b0001 800c0e10 80010001 8003fde9 80020002 80040002
00000020 08010000 800b0001 800c0e10 80010001 8003fde9 80020001 80040002
0d000014 4a131c81 07035845 5c5728f2 0e95452f 0d000014 4df37928 e9fc4fd1
b3262170 d515c662 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014
439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f
02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e
ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56
0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e
086381b5 ec427b1f 0d00000c 09002689 dfd6b712 0d000014 12f5f28c 457168a9
702d9fe2 74cc0100 0d000018 4048b7d5 6ebce885 25e7de7f 00d6c2d3 80000000
00000014 afcad713 68a1f1c9 6b8696fc 77570100
Apr 22 09:20:49 amitava.local racoon[88160] <Debug>: 1 times of 596 bytes
message will be sent to 192.168.99.101[500]
Apr 22 09:20:49 amitava.local racoon[88160] <Notice>: IKE Packet: transmit
success. (Phase 1 Retransmit).
Apr 22 09:20:49 amitava.local racoon[88160] <Debug>: Resend Phase 1 packet
7e1dcd6e5dddfe92:0000000000000000
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: received disconnect
command on vpn control socket.
Apr 22 09:20:50 amitava.local racoon[88160] <Notice>: IPSec disconnecting
from server 192.168.99.101
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: in
ike_session_purgephXbydstaddrwop... purging Phase 1 and related Phase 2
structures
Apr 22 09:20:50 amitava.local racoon[88160] <Info>: ISAKMP-SA expired
10.21.121.98[500]-192.168.99.101[500] spi:7e1dcd6e5dddfe92:0000000000000000
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: ****** state changed
to: Phase 1 expired
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: no ph1bind replacement
found. NULL ph1.
Apr 22 09:20:50 amitava.local racoon[88160] <Error>: failed to send
vpn_control message: Broken pipe
Apr 22 09:20:50 amitava.local racoon[88160] <Info>: caught signal 13
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: ==== Got usr1 signal -
re-parsing configuration.
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: ==== flush negotiating
sessions.
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: flushing ph2 handles:
ignore_estab_or_assert 1...
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: Flushing Phase 1
handles: ignore_estab_or_assert 1...
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: already stopped
ike_session_stopped_by_controller.
Apr 22 09:20:50 amitava.local racoon[88160] <Notice>: Disconnecting.
(Connection tried to negotiate for, 9.969584 seconds).
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: Freeing IKE-Session to
192.168.99.101[500].
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: ===== parsing
configuration
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: reading configuration
file /etc/racoon/racoon.conf
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: lifetime = 60
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: lifebyte = 0
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: encklen=0
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: p:1 t:1
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: 3DES-CBC(5)
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: SHA(2)
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: 1024-bit MODP group(2)
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: pre-shared key(1)
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>:
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: hmac(modp1024)
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: filename:
/var/run/racoon/*.conf
Apr 22 09:20:50 amitava.local racoon[88160] <Warning>: glob found no
matches for path "/var/run/racoon/*.conf"
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: parse succeeded.
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: vpn_control socket
closed by peer.
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: received disconnect
all command.
Apr 22 09:20:50 amitava.local racoon[88160] <Notice>: IPSec disconnecting
from server 192.168.99.101
Apr 22 09:20:50 amitava.local racoon[88160] <Debug>: vpncontrol_close_comm.
Apr 22 09:20:53 amitava.local racoon[88160] <Debug>: performing auto exit
Apr 22 09:20:53 amitava.local racoon[88160] <Debug>: Flushing Phase 1
handles: ignore_estab_or_assert 0...
Apr 22 09:20:53 amitava.local racoon[88160] <Debug>: vpncontrol_close.
Apr 22 09:20:53 amitava.local racoon[88160] <Info>: racoon shutdown


However, no log entry shows up on the server side

[root at localhost ~]# journalctl -u strongswan -f
-- Logs begin at Tue 2016-04-19 11:16:35 EDT. --
Apr 19 17:49:31 localhost.localdomain charon[3303]: 09[KNL] deleting policy
10.42.42.1/32 === 0.0.0.0/0 fwd  (mark 0/0x00000000)
Apr 19 17:49:31 localhost.localdomain charon[3303]: 09[KNL] getting iface
index for enp0s3
Apr 19 17:49:31 localhost.localdomain charon[3303]: 09[KNL] deleting SAD
entry with SPI c3e97114  (mark 0/0x00000000)
Apr 19 17:49:31 localhost.localdomain charon[3303]: 09[KNL] deleted SAD
entry with SPI c3e97114 (mark 0/0x00000000)
Apr 19 17:49:31 localhost.localdomain charon[3303]: 09[KNL] deleting SAD
entry with SPI 131aff59  (mark 0/0x00000000)
Apr 19 17:49:31 localhost.localdomain charon[3303]: 09[KNL] deleted SAD
entry with SPI 131aff59 (mark 0/0x00000000)
Apr 19 17:49:31 localhost.localdomain charon[3303]: 09[CFG] lease
10.42.42.1 by 'alice' went offline
Apr 19 17:49:31 localhost.localdomain charon[3303]: 09[MGR] check-in and
destroy of IKE_SA successful
Apr 19 17:49:31 localhost.localdomain charon[3303]: 16[NET] sending packet:
from 192.168.99.101[4500] to 192.168.99.1[65137]
Apr 19 17:52:03 localhost.localdomain charon[3303]: 03[MGR] checkout IKE_SA




-- the log entries above are from previous ones - the space between is the
silence.

Has anyone been successful at connecting pre-El Capitan 10.10.x with
StrongSwan?

Thanks & Regards,
Amitava
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160425/5fe1d2da/attachment-0001.html>


More information about the Users mailing list