[strongSwan] R: help with connection

Davide Zanon davide.zanon at universiis.com
Tue May 10 14:06:07 CEST 2016 

Sorry the log's got all mixed up, here's the correct output.
In the meanwhile I'll write on IPfire support forum too to see if they got some clue on what's going on.

[root at firewall ~]# ipsec up CSAP
initiating Main Mode IKE_SA CSAP[3] to PEER_IP
generating ID_PROT request 0 [ SA V V V V V V ]
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 1 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 2 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 3 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 4 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 5 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
giving up after 5 retransmits
peer not responding, trying again (2/0)
initiating Main Mode IKE_SA CSAP[3] to PEER_IP
generating ID_PROT request 0 [ SA V V V V V V ]
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 1 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 2 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
sending retransmit 3 of request message ID 0, seq 1
sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
destroying IKE_SA in state CONNECTING without notification
establishing connection 'CSAP' failed


/var/log/messages

May  9 09:12:39 firewall charon: 03[NET] error writing to socket: Invalid argument 
May  9 09:13:21 firewall charon: 08[IKE] sending retransmit 5 of request message ID 0, seq 1 
May  9 09:13:21 firewall charon: 08[NET] sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes) 
May  9 09:13:21 firewall charon: 03[NET] error writing to socket: Invalid argument 
May  9 09:14:37 firewall charon: 06[IKE] giving up after 5 retransmits 
May  9 09:14:37 firewall charon: 06[IKE] peer not responding, trying again (2/0) 
May  9 09:14:37 firewall charon: 06[IKE] initiating Main Mode IKE_SA CSAP[3] to PEER_IP 
May  9 09:14:37 firewall charon: 06[IKE] initiating Main Mode IKE_SA CSAP[3] to PEER_IP 
May  9 09:14:37 firewall charon: 06[ENC] generating ID_PROT request 0 [ SA V V V V V V ] 
May  9 09:14:37 firewall charon: 06[NET] sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes) 
May  9 09:14:37 firewall charon: 03[NET] error writing to socket: Invalid argument 
May  9 09:14:41 firewall charon: 07[IKE] sending retransmit 1 of request message ID 0, seq 1 
May  9 09:14:41 firewall charon: 07[NET] sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes)
May  9 09:14:41 firewall charon: 03[NET] error writing to socket: Invalid argument 
May  9 09:14:48 firewall charon: 10[IKE] sending retransmit 2 of request message ID 0, seq 1 
May  9 09:14:48 firewall charon: 10[NET] sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes) 
May  9 09:14:48 firewall charon: 03[NET] error writing to socket: Invalid argument 
May  9 09:15:01 firewall charon: 05[IKE] sending retransmit 3 of request message ID 0, seq 1 
May  9 09:15:01 firewall charon: 05[NET] sending packet: from MY_PUBLIC_IP[500] to PEER_IP[500] (320 bytes) 
May  9 09:15:01 firewall charon: 03[NET] error writing to socket: Invalid argument 
May  9 09:15:19 firewall charon: 15[CFG] received stroke: terminate 'CSAP' 
May  9 09:15:19 firewall charon: 14[IKE] destroying IKE_SA in state CONNECTING without notification 
May  9 09:15:19 firewall charon: 06[CFG] received stroke: terminate 'CSAP' 
May  9 09:15:20 firewall charon: 06[CFG] no IKE_SA named 'CSAP' found
(here I stopped it manually from another console)


Thanks

More information about the Users mailing list