[strongSwan] Windows 8.1 IKEv2 fails to create new child_sa
Roger Skjetlein
rskjetlein at netrunner.nu
Mon Jan 18 13:42:48 CET 2016
Hi,
I have client which is using windows 8.1 and it seems like there is a
problem with rekeying since it deletes the child_sa and does not request a
new child_sa on beforehand deleting the old one.
Jan 18 08:44:12 adm-ravpn1-p charon: 11[IKE] <...|10119> peer requested
virtual IP %any
Jan 18 08:44:12 adm-ravpn1-p charon: 11[CFG] <...|10119> reassigning
offline lease to '...'
Jan 18 08:44:12 adm-ravpn1-p charon: 11[IKE] <...|10119> assigning virtual
IP 25.0.8.33 to peer '...'
Jan 18 08:44:12 adm-ravpn1-p charon: 11[IKE] <...|10119> peer requested
virtual IP %any6
Jan 18 08:44:12 adm-ravpn1-p charon: 11[IKE] <...|10119> no virtual IP
found for %any6 requested by '...'
Jan 18 08:44:12 adm-ravpn1-p charon: 11[IKE] <...|10119> CHILD_SA ...{5174}
established with SPIs ce101a81_i b0c9ce20_o and TS 10.10.10.0/24
90.90.90.16/28 20.20.20.0/28 === 25.0.8.33/32
Jan 18 08:44:12 adm-ravpn1-p charon: 11[CFG] <...|10119> sending RADIUS
Accounting-Request to server 'primary'
Jan 18 08:44:12 adm-ravpn1-p charon: 11[CFG] <...|10119> received RADIUS
Accounting-Response from server 'primary'
Jan 18 08:44:12 adm-ravpn1-p charon: 11[ENC] <...|10119> generating
IKE_AUTH response 5 [ AUTH CPRP(ADDR DNS DNS) SA TSi TSr N(MOBIKE_SUP)
N(NO_ADD_ADDR) ]
Jan 18 08:44:12 adm-ravpn1-p charon: 11[NET] <...|10119> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (260 bytes)
Jan 18 08:58:03 adm-ravpn1-p charon: 05[NET] <...|10119> received packet:
from 1.1.1.1[4500] to 2.2.2.2[4500] (68 bytes)
Jan 18 08:58:03 adm-ravpn1-p charon: 05[ENC] <...|10119> parsed
INFORMATIONAL request 6 [ D ]
Jan 18 08:58:03 adm-ravpn1-p charon: 05[IKE] <...|10119> received DELETE
for ESP CHILD_SA with SPI b0c9ce20
Jan 18 08:58:03 adm-ravpn1-p charon: 05[IKE] <...|10119> closing CHILD_SA
...{5174} with SPIs ce101a81_i (168051 bytes) b0c9ce20_o (1893327 bytes)
and TS 10.10.10.0/24 90.90.90.16/28 20.20.20.0/28 === 25.0.8.33/32
Jan 18 08:58:03 adm-ravpn1-p charon: 05[IKE] <...|10119> sending DELETE for
ESP CHILD_SA with SPI ce101a81
Jan 18 08:58:03 adm-ravpn1-p charon: 05[IKE] <...|10119> CHILD_SA closed
Jan 18 08:58:03 adm-ravpn1-p charon: 05[ENC] <...|10119> generating
INFORMATIONAL response 6 [ D ]
Jan 18 08:58:03 adm-ravpn1-p charon: 05[NET] <...|10119> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
Jan 18 08:58:04 adm-ravpn1-p charon: 09[NET] <...|10119> received packet:
from 1.1.1.1[4500] to 2.2.2.2[4500] (68 bytes)
Jan 18 08:58:04 adm-ravpn1-p charon: 09[ENC] <...|10119> parsed
INFORMATIONAL request 6 [ D ]
Jan 18 08:58:04 adm-ravpn1-p charon: 09[IKE] <...|10119> received
retransmit of request with ID 6, retransmitting response
Jan 18 08:58:04 adm-ravpn1-p charon: 09[NET] <...|10119> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
Jan 18 08:58:05 adm-ravpn1-p charon: 12[NET] <...|10119> received packet:
from 1.1.1.1[4500] to 2.2.2.2[4500] (68 bytes)
Jan 18 08:58:05 adm-ravpn1-p charon: 12[ENC] <...|10119> parsed
INFORMATIONAL request 6 [ D ]
Jan 18 08:58:05 adm-ravpn1-p charon: 12[IKE] <...|10119> received
retransmit of request with ID 6, retransmitting response
Jan 18 08:58:05 adm-ravpn1-p charon: 12[NET] <...|10119> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
Jan 18 08:58:08 adm-ravpn1-p charon: 07[NET] <...|10119> received packet:
from 1.1.1.1[4500] to 2.2.2.2[4500] (68 bytes)
Jan 18 08:58:08 adm-ravpn1-p charon: 07[ENC] <...|10119> parsed
INFORMATIONAL request 6 [ D ]
Jan 18 08:58:08 adm-ravpn1-p charon: 07[IKE] <...|10119> received
retransmit of request with ID 6, retransmitting response
Jan 18 08:58:08 adm-ravpn1-p charon: 07[NET] <...|10119> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
Jan 18 08:58:15 adm-ravpn1-p charon: 05[NET] <...|10119> received packet:
from 1.1.1.1[4500] to 2.2.2.2[4500] (68 bytes)
Jan 18 08:58:15 adm-ravpn1-p charon: 05[ENC] <...|10119> parsed
INFORMATIONAL request 6 [ D ]
Jan 18 08:58:15 adm-ravpn1-p charon: 05[IKE] <...|10119> received
retransmit of request with ID 6, retransmitting response
Jan 18 08:58:15 adm-ravpn1-p charon: 05[NET] <...|10119> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
Jan 18 08:58:29 adm-ravpn1-p charon: 13[NET] <...|10119> received packet:
from 1.1.1.1[4500] to 2.2.2.2[4500] (68 bytes)
Jan 18 08:58:29 adm-ravpn1-p charon: 13[ENC] <...|10119> parsed
INFORMATIONAL request 6 [ D ]
Jan 18 08:58:29 adm-ravpn1-p charon: 13[IKE] <...|10119> received
retransmit of request with ID 6, retransmitting response
Jan 18 08:58:29 adm-ravpn1-p charon: 13[NET] <...|10119> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
Jan 18 08:58:57 adm-ravpn1-p charon: 09[NET] <...|10119> received packet:
from 1.1.1.1[4500] to 2.2.2.2[4500] (68 bytes)
Jan 18 08:58:57 adm-ravpn1-p charon: 09[ENC] <...|10119> parsed
INFORMATIONAL request 6 [ D ]
Jan 18 08:58:57 adm-ravpn1-p charon: 09[IKE] <...|10119> received
retransmit of request with ID 6, retransmitting response
Jan 18 08:58:57 adm-ravpn1-p charon: 09[NET] <...|10119> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
Jan 18 12:55:09 adm-ravpn1-p charon: 09[ENC] <...|10157> parsed
INFORMATIONAL request 10 [ D ]
Jan 18 12:55:09 adm-ravpn1-p charon: 09[IKE] <...|10157> received DELETE
for ESP CHILD_SA with SPI c50d652e
Jan 18 12:55:09 adm-ravpn1-p charon: 09[IKE] <...|10157> closing CHILD_SA
...{5252} with SPIs c5d2eead_i (2037 bytes) c50
d652e_o (12245 bytes) and TS 10.10.10.0/24 30.40.30.0/24 30.30.30.0/28
90.90.90.16/28 20.20.20.0/28 === 25.0.8.32/32
Jan 18 12:55:09 adm-ravpn1-p charon: 09[IKE] <...|10157> sending DELETE for
ESP CHILD_SA with SPI c5d2eead
Jan 18 12:55:09 adm-ravpn1-p charon: 09[IKE] <...|10157> CHILD_SA closed
Jan 18 12:55:09 adm-ravpn1-p charon: 09[ENC] <...|10157> generating
INFORMATIONAL response 10 [ D ]
Jan 18 12:55:09 adm-ravpn1-p charon: 09[NET] <...|10157> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
Jan 18 12:55:10 adm-ravpn1-p charon: 07[NET] <...|10157> received packet:
from 1.1.1.1[4500] to 2.2.2.2[4500] (68 bytes)
Jan 18 12:55:10 adm-ravpn1-p charon: 07[ENC] <...|10157> parsed
INFORMATIONAL request 10 [ D ]
Jan 18 12:55:10 adm-ravpn1-p charon: 07[IKE] <...|10157> received
retransmit of request with ID 10, retransmitting response
Jan 18 12:55:10 adm-ravpn1-p charon: 07[NET] <...|10157> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
Jan 18 12:55:11 adm-ravpn1-p charon: 04[NET] <...|10157> received packet:
from 1.1.1.1[4500] to 2.2.2.2[4500] (68 bytes)
Jan 18 12:55:11 adm-ravpn1-p charon: 04[ENC] <...|10157> parsed
INFORMATIONAL request 10 [ D ]
Jan 18 12:55:11 adm-ravpn1-p charon: 04[IKE] <...|10157> received
retransmit of request with ID 10, retransmitting response
Jan 18 12:55:11 adm-ravpn1-p charon: 04[NET] <...|10157> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
Jan 18 12:55:14 adm-ravpn1-p charon: 15[NET] <...|10157> received packet:
from 1.1.1.1[4500] to 2.2.2.2[4500] (68 bytes)
Jan 18 12:55:14 adm-ravpn1-p charon: 15[ENC] <...|10157> parsed
INFORMATIONAL request 10 [ D ]
Jan 18 12:55:14 adm-ravpn1-p charon: 15[IKE] <...|10157> received
retransmit of request with ID 10, retransmitting response
Jan 18 12:55:14 adm-ravpn1-p charon: 15[NET] <...|10157> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
Jan 18 12:55:21 adm-ravpn1-p charon: 10[NET] <...|10157> received packet:
from 1.1.1.1[4500] to 2.2.2.2[4500] (68 bytes)
Jan 18 12:55:21 adm-ravpn1-p charon: 10[ENC] <...|10157> parsed
INFORMATIONAL request 10 [ D ]
Jan 18 12:55:21 adm-ravpn1-p charon: 10[IKE] <...|10157> received
retransmit of request with ID 10, retransmitting response
Jan 18 12:55:21 adm-ravpn1-p charon: 10[NET] <...|10157> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
Jan 18 12:55:35 adm-ravpn1-p charon: 05[NET] <...|10157> received packet:
from 1.1.1.1[4500] to 2.2.2.2[4500] (68 bytes)
Jan 18 12:55:35 adm-ravpn1-p charon: 05[ENC] <...|10157> parsed
INFORMATIONAL request 10 [ D ]
Jan 18 12:55:35 adm-ravpn1-p charon: 05[IKE] <...|10157> received
retransmit of request with ID 10, retransmitting response
Jan 18 12:55:35 adm-ravpn1-p charon: 05[NET] <...|10157> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
Jan 18 12:56:03 adm-ravpn1-p charon: 15[NET] <...|10157> received packet:
from 1.1.1.1[4500] to 2.2.2.2[4500] (68 bytes)
Jan 18 12:56:03 adm-ravpn1-p charon: 15[ENC] <...|10157> parsed
INFORMATIONAL request 10 [ D ]
Jan 18 12:56:03 adm-ravpn1-p charon: 15[IKE] <...|10157> received
retransmit of request with ID 10, retransmitting response
Jan 18 12:56:03 adm-ravpn1-p charon: 15[NET] <...|10157> sending packet:
from 2.2.2.2[4500] to 1.1.1.1[4500] (68 bytes)
RS
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160118/558be2b1/attachment.html>
More information about the Users
mailing list