[strongSwan] R: help with connection
Davide Zanon
davide.zanon at universiis.com
Tue May 10 14:06:07 CEST 2016
Sorry the log's got all mixed up, here's the correct output.
In the meanwhile I'll write on IPfire support forum too to see if they got some clue on what's going on.
[root at firewall ~]# ipsec up CSAP
initiating Main Mode IKE_SA CSAP[3] to PEER_IP
generating ID_PROT request 0 [ SA V V V V V V ]
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 1 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 2 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 3 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 4 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 5 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
giving up after 5 retransmits
peer not responding, trying again (2/0)
initiating Main Mode IKE_SA CSAP[3] to PEER_IP
generating ID_PROT request 0 [ SA V V V V V V ]
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 1 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 2 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 3 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
destroying IKE_SA in state CONNECTING without notification
establishing connection 'CSAP' failed
/var/log/messages
May 9 09:12:39 firewall charon: 03[NET] error writing to socket: Invalid argument
May 9 09:13:21 firewall charon: 08[IKE] sending retransmit 5 of request message ID 0, seq 1
May 9 09:13:21 firewall charon: 08[NET] sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
May 9 09:13:21 firewall charon: 03[NET] error writing to socket: Invalid argument
May 9 09:14:37 firewall charon: 06[IKE] giving up after 5 retransmits
May 9 09:14:37 firewall charon: 06[IKE] peer not responding, trying again (2/0)
May 9 09:14:37 firewall charon: 06[IKE] initiating Main Mode IKE_SA CSAP[3] to PEER_IP
May 9 09:14:37 firewall charon: 06[IKE] initiating Main Mode IKE_SA CSAP[3] to PEER_IP
May 9 09:14:37 firewall charon: 06[ENC] generating ID_PROT request 0 [ SA V V V V V V ]
May 9 09:14:37 firewall charon: 06[NET] sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
May 9 09:14:37 firewall charon: 03[NET] error writing to socket: Invalid argument
May 9 09:14:41 firewall charon: 07[IKE] sending retransmit 1 of request message ID 0, seq 1
May 9 09:14:41 firewall charon: 07[NET] sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
May 9 09:14:41 firewall charon: 03[NET] error writing to socket: Invalid argument
May 9 09:14:48 firewall charon: 10[IKE] sending retransmit 2 of request message ID 0, seq 1
May 9 09:14:48 firewall charon: 10[NET] sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
May 9 09:14:48 firewall charon: 03[NET] error writing to socket: Invalid argument
May 9 09:15:01 firewall charon: 05[IKE] sending retransmit 3 of request message ID 0, seq 1
May 9 09:15:01 firewall charon: 05[NET] sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
May 9 09:15:01 firewall charon: 03[NET] error writing to socket: Invalid argument
May 9 09:15:19 firewall charon: 15[CFG] received stroke: terminate 'CSAP'
May 9 09:15:19 firewall charon: 14[IKE] destroying IKE_SA in state CONNECTING without notification
May 9 09:15:19 firewall charon: 06[CFG] received stroke: terminate 'CSAP'
May 9 09:15:20 firewall charon: 06[CFG] no IKE_SA named 'CSAP' found
(here I stopped it manually from another console)
Thanks
More information about the Users
mailing list