[strongSwan] Tunnel Randomly shutdown

DRUILHE, Thomas (SOPRA STERIA GROUP SA) thomas.t.druilhe.external at airbus.com
Thu Nov 15 13:27:14 CET 2018


Hi,

I got a problem with strongswan on a new system. I'm already using strongswan and i'm trying to use the same configuration on new system.
But randomly tunnel shutdown and restart.
Here is ipsec.conf file:


# ipsec.conf - strongSwan IPsec configuration file

config setup
        charondebug="all"
        uniqueids=yes
        strictcrlpolicy=no
conn %default
conn tunnel
        leftupdown=/etc/strongswan.d/updown.sh
        leftid=petittestaplug
        leftsourceip=%config
        right=XX.XX.XX.XX
        rightsubnet=0.0.0.0/0
        esp=aes256-sha512-modp4096!
        ike=aes256-sha512-modp4096!
        keyingtries=%forever
        ikelifetime=24h
        lifetime=8h
        dpddelay=30
        dpdtimeout=120
        dpdaction=restart
        authby=secret
        auto=start
        keyexchange=ikev2
        forceencaps=yes

And here it's my log file for charon :

Tue, 2018-05-08 21:06 00[DMN] Starting IKE charon daemon (strongSwan 5.3.2, Linux 4.1.15-2.1.0+g30278ab, armv7l)
Tue, 2018-05-08 21:06 00[LIB] plugin 'aes': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'des': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'rc2': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'sha1': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'sha2': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'md5': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'random': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'nonce': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'x509': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'revocation': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'constraints': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'pubkey': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'pkcs1': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'pkcs7': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'pkcs8': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'pkcs12': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'pgp': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'dnskey': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'sshkey': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'pem': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'openssl': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'fips-prf': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'gmp': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'xcbc': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'cmac': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'hmac': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'curl': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] using SQLite 3.11.0, thread safety 1
Tue, 2018-05-08 21:06 00[LIB] plugin 'sqlite': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'attr': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'kernel-netlink': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'resolve': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'socket-default': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'stroke': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'updown': loaded successfully
Tue, 2018-05-08 21:06 00[LIB] plugin 'xauth-generic': loaded successfully
Tue, 2018-05-08 21:06 00[KNL] known interfaces and IP addresses:
Tue, 2018-05-08 21:06 00[KNL]   lo
Tue, 2018-05-08 21:06 00[KNL]     127.0.0.1
Tue, 2018-05-08 21:06 00[KNL]     ::1
Tue, 2018-05-08 21:06 00[KNL]   eth0
Tue, 2018-05-08 21:06 00[KNL]     192.168.1.5
Tue, 2018-05-08 21:06 00[KNL]     169.254.84.217
Tue, 2018-05-08 21:06 00[KNL]     fe80::201:2ff:fe03:405
Tue, 2018-05-08 21:06 00[KNL]   eth1
Tue, 2018-05-08 21:06 00[KNL]     10.203.51.158
Tue, 2018-05-08 21:06 00[KNL]     fe80::2c67:1dff:fefb:c708
Tue, 2018-05-08 21:06 00[LIB] feature PUBKEY:DSA in plugin 'pem' has unmet dependency: PUBKEY:DSA
Tue, 2018-05-08 21:06 00[LIB] feature FETCHER:https:// in plugin 'curl' has unmet dependency: CUSTOM:gcrypt-threading
Tue, 2018-05-08 21:06 00[LIB] feature PRIVKEY:DSA in plugin 'pem' has unmet dependency: PRIVKEY:DSA
Tue, 2018-05-08 21:06 00[LIB] feature PRIVKEY:BLISS in plugin 'pem' has unmet dependency: PRIVKEY:BLISS
Tue, 2018-05-08 21:06 00[LIB] feature CERT_DECODE:X509_OCSP_REQUEST in plugin 'pem' has unmet dependency: CERT_DECODE:X509_OCSP_REQUEST
Tue, 2018-05-08 21:06 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Tue, 2018-05-08 21:06 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Tue, 2018-05-08 21:06 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Tue, 2018-05-08 21:06 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Tue, 2018-05-08 21:06 00[CFG] loading crls from '/etc/ipsec.d/crls'
Tue, 2018-05-08 21:06 00[CFG] loading secrets from '/etc/ipsec.secrets'
Tue, 2018-05-08 21:06 00[CFG]   loaded IKE secret for XX.XX.XX.XX
Tue, 2018-05-08 21:06 00[LIB] loaded plugins: charon aes des rc2 sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp xcbc cmac hmac curl sqlite attr kernel-netlink resolve socket-default stroke updown xauth-generic
Tue, 2018-05-08 21:06 00[LIB] unable to load 5 plugin features (5 due to unmet dependencies)
Tue, 2018-05-08 21:06 00[JOB] spawning 16 worker threads
Tue, 2018-05-08 21:06 01[LIB] created thread 01 [16106]
Tue, 2018-05-08 21:06 02[LIB] created thread 02 [16107]
Tue, 2018-05-08 21:06 03[LIB] created thread 03 [16108]
Tue, 2018-05-08 21:06 04[LIB] created thread 04 [16109]
Tue, 2018-05-08 21:06 05[LIB] created thread 05 [16110]
Tue, 2018-05-08 21:06 06[LIB] created thread 06 [16111]
Tue, 2018-05-08 21:06 07[LIB] created thread 07 [16112]
Tue, 2018-05-08 21:06 08[LIB] created thread 08 [16113]
Tue, 2018-05-08 21:06 09[LIB] created thread 09 [16114]
Tue, 2018-05-08 21:06 10[LIB] created thread 10 [16115]
Tue, 2018-05-08 21:06 11[LIB] created thread 11 [16116]
Tue, 2018-05-08 21:06 12[LIB] created thread 12 [16117]
Tue, 2018-05-08 21:06 13[LIB] created thread 13 [16118]
Tue, 2018-05-08 21:06 14[LIB] created thread 14 [16119]
Tue, 2018-05-08 21:06 15[LIB] created thread 15 [16120]
Tue, 2018-05-08 21:06 16[LIB] created thread 16 [16121]
Tue, 2018-05-08 21:06 05[CFG] received stroke: add connection 'tunnel'
Tue, 2018-05-08 21:06 05[CFG] conn tunnel
Tue, 2018-05-08 21:06 05[CFG]   left=%any
Tue, 2018-05-08 21:06 05[CFG]   leftsourceip=%config
Tue, 2018-05-08 21:06 05[CFG]   leftauth=psk
Tue, 2018-05-08 21:06 05[CFG]   leftid=petittestaplug
Tue, 2018-05-08 21:06 05[CFG]   leftupdown=/etc/strongswan.d/updown.sh
Tue, 2018-05-08 21:06 05[CFG]   right=XX.XX.XX.XX
Tue, 2018-05-08 21:06 05[CFG]   rightsubnet=0.0.0.0/0
Tue, 2018-05-08 21:06 05[CFG]   rightauth=psk
Tue, 2018-05-08 21:06 05[CFG]   ike=aes256-sha512-modp4096!
Tue, 2018-05-08 21:06 05[CFG]   esp=aes256-sha512-modp4096!
Tue, 2018-05-08 21:06 05[CFG]   dpddelay=30
Tue, 2018-05-08 21:06 05[CFG]   dpdtimeout=120
Tue, 2018-05-08 21:06 05[CFG]   dpdaction=3
Tue, 2018-05-08 21:06 05[CFG]   mediation=no
Tue, 2018-05-08 21:06 05[CFG]   keyexchange=ikev2
Tue, 2018-05-08 21:06 05[KNL] XX.XX.XX.XX is not a local address or the interface is down
Tue, 2018-05-08 21:06 05[CFG] left nor right host is our side, assuming left=local
Tue, 2018-05-08 21:06 05[CFG] added configuration 'tunnel'
Tue, 2018-05-08 21:06 06[CFG] received stroke: initiate 'tunnel'
Tue, 2018-05-08 21:06 06[KNL] <tunnel|1> using 10.203.51.158 as address to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1> queueing IKE_VENDOR task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1> queueing IKE_INIT task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1> queueing IKE_NATD task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1> queueing IKE_CERT_PRE task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1> queueing IKE_AUTH task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1> queueing IKE_CERT_POST task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1> queueing IKE_CONFIG task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1> queueing IKE_AUTH_LIFETIME task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1> queueing IKE_MOBIKE task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1> queueing CHILD_CREATE task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1> activating new tasks
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1>   activating IKE_VENDOR task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1>   activating IKE_INIT task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1>   activating IKE_NATD task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1>   activating IKE_CERT_PRE task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1>   activating IKE_AUTH task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1>   activating IKE_CERT_POST task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1>   activating IKE_CONFIG task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1>   activating CHILD_CREATE task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1>   activating IKE_AUTH_LIFETIME task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1>   activating IKE_MOBIKE task
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1> initiating IKE_SA tunnel[1] to XX.XX.XX.XX
Tue, 2018-05-08 21:06 06[IKE] <tunnel|1> IKE_SA tunnel[1] state change: CREATED => CONNECTING
Tue, 2018-05-08 21:06 06[LIB] <tunnel|1> size of DH secret exponent: 4095 bits
Tue, 2018-05-08 21:06 06[CFG] <tunnel|1> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096
Tue, 2018-05-08 21:06 06[ENC] <tunnel|1> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
Tue, 2018-05-08 21:06 06[NET] <tunnel|1> sending packet: from 10.203.51.158[500] to XX.XX.XX.XX[500] (704 bytes)
Tue, 2018-05-08 21:06 13[NET] <tunnel|1> received packet: from XX.XX.XX.XX[500] to 10.203.51.158[500] (712 bytes)
Tue, 2018-05-08 21:06 13[ENC] <tunnel|1> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(MULT_AUTH) ]
Tue, 2018-05-08 21:06 13[IKE] <tunnel|1> received SIGNATURE_HASH_ALGORITHMS notify
Tue, 2018-05-08 21:06 13[CFG] <tunnel|1> selecting proposal:
Tue, 2018-05-08 21:06 13[CFG] <tunnel|1>   proposal matches
Tue, 2018-05-08 21:06 13[CFG] <tunnel|1> received proposals: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096
Tue, 2018-05-08 21:06 13[CFG] <tunnel|1> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096
Tue, 2018-05-08 21:06 13[CFG] <tunnel|1> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096
Tue, 2018-05-08 21:06 13[IKE] <tunnel|1> faking NAT situation to enforce UDP encapsulation
Tue, 2018-05-08 21:06 13[IKE] <tunnel|1> reinitiating already active tasks
Tue, 2018-05-08 21:06 13[IKE] <tunnel|1>   IKE_CERT_PRE task
Tue, 2018-05-08 21:06 13[IKE] <tunnel|1>   IKE_AUTH task
Tue, 2018-05-08 21:06 13[IKE] <tunnel|1> authentication of 'petittestaplug' (myself) with pre-shared key
Tue, 2018-05-08 21:06 13[IKE] <tunnel|1> successfully created shared key MAC
Tue, 2018-05-08 21:06 13[IKE] <tunnel|1> building INTERNAL_IP4_DNS attribute
Tue, 2018-05-08 21:06 13[IKE] <tunnel|1> establishing CHILD_SA tunnel
Tue, 2018-05-08 21:06 13[CFG] <tunnel|1> proposing traffic selectors for us:
Tue, 2018-05-08 21:06 13[CFG] <tunnel|1>  0.0.0.0/0
Tue, 2018-05-08 21:06 13[CFG] <tunnel|1> proposing traffic selectors for other:
Tue, 2018-05-08 21:06 13[CFG] <tunnel|1>  0.0.0.0/0
Tue, 2018-05-08 21:06 13[CFG] <tunnel|1> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_512_256/NO_EXT_SEQ
Tue, 2018-05-08 21:06 13[KNL] <tunnel|1> got SPI cc5e5f23
Tue, 2018-05-08 21:06 13[ENC] <tunnel|1> generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
Tue, 2018-05-08 21:06 13[NET] <tunnel|1> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (352 bytes)
Tue, 2018-05-08 21:06 08[NET] <tunnel|1> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (336 bytes)
Tue, 2018-05-08 21:06 08[ENC] <tunnel|1> parsed IKE_AUTH response 1 [ IDr AUTH CPRP(ADDR) SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) ]
Tue, 2018-05-08 21:06 08[IKE] <tunnel|1> authentication of 'XX.XX.XX.XX' with pre-shared key successful
Tue, 2018-05-08 21:06 08[IKE] <tunnel|1> IKE_SA tunnel[1] established between 10.203.51.158[petittestaplug]...XX.XX.XX.XX[XX.XX.XX.XX]
Tue, 2018-05-08 21:06 08[IKE] <tunnel|1> IKE_SA tunnel[1] state change: CONNECTING => ESTABLISHED
Tue, 2018-05-08 21:06 08[IKE] <tunnel|1> scheduling reauthentication in 85600s
Tue, 2018-05-08 21:06 08[IKE] <tunnel|1> maximum IKE_SA lifetime 86140s
Tue, 2018-05-08 21:06 08[IKE] <tunnel|1> processing INTERNAL_IP4_ADDRESS attribute
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:06 08[IKE] <tunnel|1> installing new virtual IP 10.3.0.51
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> virtual IP 10.3.0.51 installed on eth1
Tue, 2018-05-08 21:06 08[CFG] <tunnel|1> selecting proposal:
Tue, 2018-05-08 21:06 08[CFG] <tunnel|1>   proposal matches
Tue, 2018-05-08 21:06 08[CFG] <tunnel|1> received proposals: ESP:AES_CBC_256/HMAC_SHA2_512_256/NO_EXT_SEQ
Tue, 2018-05-08 21:06 08[CFG] <tunnel|1> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_512_256/MODP_4096/NO_EXT_SEQ
Tue, 2018-05-08 21:06 08[CFG] <tunnel|1> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_512_256/NO_EXT_SEQ
Tue, 2018-05-08 21:06 08[CFG] <tunnel|1> selecting traffic selectors for us:
Tue, 2018-05-08 21:06 08[CFG] <tunnel|1>  config: 10.3.0.51/32, received: 10.3.0.51/32 => match: 10.3.0.51/32
Tue, 2018-05-08 21:06 08[CFG] <tunnel|1> selecting traffic selectors for other:
Tue, 2018-05-08 21:06 08[CFG] <tunnel|1>  config: 0.0.0.0/0, received: XX.XX.XX.XX/24 => match: XX.XX.XX.XX/24
Tue, 2018-05-08 21:06 08[CFG] <tunnel|1>  config: 0.0.0.0/0, received: 192.168.200.20/32 => match: 192.168.200.20/32
Tue, 2018-05-08 21:06 08[CHD] <tunnel|1>   using AES_CBC for encryption
Tue, 2018-05-08 21:06 08[CHD] <tunnel|1>   using HMAC_SHA2_512_256 for integrity
Tue, 2018-05-08 21:06 08[CHD] <tunnel|1> adding inbound ESP SA
Tue, 2018-05-08 21:06 08[CHD] <tunnel|1>   SPI 0xcc5e5f23, src XX.XX.XX.XX dst 10.203.51.158
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> adding SAD entry with SPI cc5e5f23 and reqid {1}  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1>   using encryption algorithm AES_CBC with key size 256
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1>   using integrity algorithm HMAC_SHA2_512_256 with key size 512
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1>   using replay window of 32 packets
Tue, 2018-05-08 21:06 08[CHD] <tunnel|1> adding outbound ESP SA
Tue, 2018-05-08 21:06 08[CHD] <tunnel|1>   SPI 0xc0ad8380, src 10.203.51.158 dst XX.XX.XX.XX
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> adding SAD entry with SPI c0ad8380 and reqid {1}  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1>   using encryption algorithm AES_CBC with key size 256
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1>   using integrity algorithm HMAC_SHA2_512_256 with key size 512
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1>   using replay window of 32 packets
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> adding policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> adding policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> adding policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> using host 10.3.0.51
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> installing route: XX.XX.XX.XX/24 via 10.203.51.157 src 10.3.0.51 dev eth1
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> getting iface index for eth1
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> updating policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> updating policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> updating policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> using host 10.3.0.51
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> adding policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> adding policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> adding policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> using host 10.3.0.51
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> installing route: 192.168.200.20/32 via 10.203.51.157 src 10.3.0.51 dev eth1
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> getting iface index for eth1
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> updating policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> updating policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> updating policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> using host 10.3.0.51
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:06 08[IKE] <tunnel|1> CHILD_SA tunnel{1} established with SPIs cc5e5f23_i c0ad8380_o and TS 10.3.0.51/32 === XX.XX.XX.XX/24 192.168.200.20/32
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:06 06[KNL] getting iface index for eth1
Tue, 2018-05-08 21:06 06[KNL] getting iface index for eth1
Tue, 2018-05-08 21:06 08[KNL] <tunnel|1> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:06 08[IKE] <tunnel|1> received AUTH_LIFETIME of 85410s, scheduling reauthentication in 84870s
Tue, 2018-05-08 21:06 08[IKE] <tunnel|1> peer supports MOBIKE
Tue, 2018-05-08 21:06 08[IKE] <tunnel|1> got additional MOBIKE peer address: 100.66.0.85
Tue, 2018-05-08 21:06 08[IKE] <tunnel|1> activating new tasks
Tue, 2018-05-08 21:06 08[IKE] <tunnel|1> nothing to initiate
Tue, 2018-05-08 21:06 09[NET] <tunnel|1> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:06 09[ENC] <tunnel|1> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:06 09[ENC] <tunnel|1> generating INFORMATIONAL response 0 [ ]
Tue, 2018-05-08 21:06 09[NET] <tunnel|1> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:06 13[KNL] <tunnel|1> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 13[KNL] <tunnel|1> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 13[KNL] <tunnel|1> querying policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 13[KNL] <tunnel|1> querying policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:06 13[KNL] <tunnel|1> querying SAD entry with SPI cc5e5f23  (mark 0/0x00000000)
Tue, 2018-05-08 21:07 12[NET] <tunnel|1> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:07 12[ENC] <tunnel|1> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:07 12[IKE] <tunnel|1> received retransmit of request with ID 0, retransmitting response
Tue, 2018-05-08 21:07 12[NET] <tunnel|1> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:07 09[NET] <tunnel|1> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:07 09[ENC] <tunnel|1> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:07 09[IKE] <tunnel|1> received retransmit of request with ID 0, retransmitting response
Tue, 2018-05-08 21:07 09[NET] <tunnel|1> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:07 13[NET] <tunnel|1> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:07 13[ENC] <tunnel|1> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:07 13[IKE] <tunnel|1> received retransmit of request with ID 0, retransmitting response
Tue, 2018-05-08 21:07 13[NET] <tunnel|1> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:07 14[KNL] <tunnel|1> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:07 14[KNL] <tunnel|1> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:07 14[KNL] <tunnel|1> querying policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:07 14[KNL] <tunnel|1> querying policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:07 14[KNL] <tunnel|1> querying SAD entry with SPI cc5e5f23  (mark 0/0x00000000)
Tue, 2018-05-08 21:07 10[NET] <tunnel|1> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:07 10[ENC] <tunnel|1> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:07 10[IKE] <tunnel|1> received retransmit of request with ID 0, retransmitting response
Tue, 2018-05-08 21:07 10[NET] <tunnel|1> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:07 11[KNL] <tunnel|1> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:07 11[KNL] <tunnel|1> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:07 11[KNL] <tunnel|1> querying policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:07 11[KNL] <tunnel|1> querying policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:07 11[KNL] <tunnel|1> querying SAD entry with SPI cc5e5f23  (mark 0/0x00000000)
Tue, 2018-05-08 21:08 13[KNL] <tunnel|1> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:08 13[KNL] <tunnel|1> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:08 13[KNL] <tunnel|1> querying policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:08 13[KNL] <tunnel|1> querying policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:08 13[KNL] <tunnel|1> querying SAD entry with SPI cc5e5f23  (mark 0/0x00000000)
Tue, 2018-05-08 21:08 13[IKE] <tunnel|1> sending DPD request
Tue, 2018-05-08 21:08 13[IKE] <tunnel|1> queueing IKE_DPD task
Tue, 2018-05-08 21:08 13[IKE] <tunnel|1> activating new tasks
Tue, 2018-05-08 21:08 13[IKE] <tunnel|1>   activating IKE_DPD task
Tue, 2018-05-08 21:08 13[ENC] <tunnel|1> generating INFORMATIONAL request 2 [ ]
Tue, 2018-05-08 21:08 13[NET] <tunnel|1> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:08 15[IKE] <tunnel|1> retransmit 1 of request with message ID 2
Tue, 2018-05-08 21:08 15[NET] <tunnel|1> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:08 10[IKE] <tunnel|1> retransmit 2 of request with message ID 2
Tue, 2018-05-08 21:08 10[NET] <tunnel|1> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:08 13[NET] <tunnel|1> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:08 13[ENC] <tunnel|1> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:08 13[IKE] <tunnel|1> received retransmit of request with ID 0, retransmitting response
Tue, 2018-05-08 21:08 13[NET] <tunnel|1> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:08 13[IKE] <tunnel|1> retransmit 3 of request with message ID 2
Tue, 2018-05-08 21:08 13[NET] <tunnel|1> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:09 06[IKE] <tunnel|1> retransmit 4 of request with message ID 2
Tue, 2018-05-08 21:09 06[NET] <tunnel|1> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:09 14[IKE] <tunnel|1> retransmit 5 of request with message ID 2
Tue, 2018-05-08 21:09 14[NET] <tunnel|1> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> giving up after 5 retransmits
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> using 10.203.51.158 as address to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> installing new virtual IP 10.3.0.51
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> virtual IP 10.3.0.51 is already installed on eth1
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> restarting CHILD_SA tunnel
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> queueing IKE_VENDOR task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> queueing IKE_INIT task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> queueing IKE_NATD task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> queueing IKE_CERT_PRE task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> queueing IKE_AUTH task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> queueing IKE_CERT_POST task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> queueing IKE_CONFIG task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> queueing IKE_AUTH_LIFETIME task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> queueing IKE_MOBIKE task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> queueing CHILD_CREATE task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> activating new tasks
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1>   activating IKE_VENDOR task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1>   activating IKE_INIT task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1>   activating IKE_NATD task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1>   activating IKE_CERT_PRE task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1>   activating IKE_AUTH task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1>   activating IKE_CERT_POST task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1>   activating IKE_CONFIG task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1>   activating CHILD_CREATE task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1>   activating IKE_AUTH_LIFETIME task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1>   activating IKE_MOBIKE task
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> initiating IKE_SA tunnel[2] to XX.XX.XX.XX
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> IKE_SA tunnel[2] state change: CREATED => CONNECTING
Tue, 2018-05-08 21:11 09[LIB] <tunnel|1> size of DH secret exponent: 4095 bits
Tue, 2018-05-08 21:11 09[CFG] <tunnel|1> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096
Tue, 2018-05-08 21:11 09[ENC] <tunnel|1> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
Tue, 2018-05-08 21:11 09[NET] <tunnel|1> sending packet: from 10.203.51.158[500] to XX.XX.XX.XX[500] (704 bytes)
Tue, 2018-05-08 21:11 09[IKE] <tunnel|1> IKE_SA tunnel[1] state change: ESTABLISHED => DESTROYING
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> policy still used by another CHILD_SA, not removed
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> updating policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> policy still used by another CHILD_SA, not removed
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> updating policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> policy still used by another CHILD_SA, not removed
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> updating policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> using host 10.3.0.51
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> getting iface index for eth1
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> policy still used by another CHILD_SA, not removed
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> updating policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> policy still used by another CHILD_SA, not removed
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> updating policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> policy still used by another CHILD_SA, not removed
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> updating policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> using host 10.3.0.51
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> getting iface index for eth1
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting SAD entry with SPI cc5e5f23  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleted SAD entry with SPI cc5e5f23 (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting SAD entry with SPI c0ad8380  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleted SAD entry with SPI c0ad8380 (mark 0/0x00000000)
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> deleting virtual IP 10.3.0.51
Tue, 2018-05-08 21:11 09[KNL] <tunnel|1> virtual IP 10.3.0.51 used by other SAs, not deleting
Tue, 2018-05-08 21:11 14[IKE] <tunnel|2> retransmit 1 of request with message ID 0
Tue, 2018-05-08 21:11 14[NET] <tunnel|2> sending packet: from 10.203.51.158[500] to XX.XX.XX.XX[500] (704 bytes)
Tue, 2018-05-08 21:11 06[NET] <tunnel|2> received packet: from XX.XX.XX.XX[500] to 10.203.51.158[500] (712 bytes)
Tue, 2018-05-08 21:11 06[ENC] <tunnel|2> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(MULT_AUTH) ]
Tue, 2018-05-08 21:11 06[IKE] <tunnel|2> received SIGNATURE_HASH_ALGORITHMS notify
Tue, 2018-05-08 21:11 06[CFG] <tunnel|2> selecting proposal:
Tue, 2018-05-08 21:11 06[CFG] <tunnel|2>   proposal matches
Tue, 2018-05-08 21:11 06[CFG] <tunnel|2> received proposals: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096
Tue, 2018-05-08 21:11 06[CFG] <tunnel|2> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096
Tue, 2018-05-08 21:11 06[CFG] <tunnel|2> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096
Tue, 2018-05-08 21:11 06[IKE] <tunnel|2> faking NAT situation to enforce UDP encapsulation
Tue, 2018-05-08 21:11 06[IKE] <tunnel|2> reinitiating already active tasks
Tue, 2018-05-08 21:11 06[IKE] <tunnel|2>   IKE_CERT_PRE task
Tue, 2018-05-08 21:11 06[IKE] <tunnel|2>   IKE_AUTH task
Tue, 2018-05-08 21:11 06[IKE] <tunnel|2> authentication of 'petittestaplug' (myself) with pre-shared key
Tue, 2018-05-08 21:11 06[IKE] <tunnel|2> successfully created shared key MAC
Tue, 2018-05-08 21:11 06[IKE] <tunnel|2> building INTERNAL_IP4_DNS attribute
Tue, 2018-05-08 21:11 06[IKE] <tunnel|2> establishing CHILD_SA tunnel{1}
Tue, 2018-05-08 21:11 06[CFG] <tunnel|2> proposing traffic selectors for us:
Tue, 2018-05-08 21:11 06[CFG] <tunnel|2>  0.0.0.0/0
Tue, 2018-05-08 21:11 06[CFG] <tunnel|2> proposing traffic selectors for other:
Tue, 2018-05-08 21:11 06[CFG] <tunnel|2>  0.0.0.0/0
Tue, 2018-05-08 21:11 06[CFG] <tunnel|2> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_512_256/NO_EXT_SEQ
Tue, 2018-05-08 21:11 06[KNL] <tunnel|2> got SPI c5356a2a
Tue, 2018-05-08 21:11 06[ENC] <tunnel|2> generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
Tue, 2018-05-08 21:11 06[NET] <tunnel|2> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (368 bytes)
Tue, 2018-05-08 21:11 05[NET] <tunnel|2> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (336 bytes)
Tue, 2018-05-08 21:11 05[ENC] <tunnel|2> parsed IKE_AUTH response 1 [ IDr AUTH CPRP(ADDR) SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) ]
Tue, 2018-05-08 21:11 05[IKE] <tunnel|2> authentication of 'XX.XX.XX.XX' with pre-shared key successful
Tue, 2018-05-08 21:11 05[IKE] <tunnel|2> IKE_SA tunnel[2] established between 10.203.51.158[petittestaplug]...XX.XX.XX.XX[XX.XX.XX.XX]
Tue, 2018-05-08 21:11 05[IKE] <tunnel|2> IKE_SA tunnel[2] state change: CONNECTING => ESTABLISHED
Tue, 2018-05-08 21:11 05[IKE] <tunnel|2> scheduling reauthentication in 85660s
Tue, 2018-05-08 21:11 05[IKE] <tunnel|2> maximum IKE_SA lifetime 86200s
Tue, 2018-05-08 21:11 05[IKE] <tunnel|2> processing INTERNAL_IP4_ADDRESS attribute
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> deleting virtual IP 10.3.0.51
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:11 05[IKE] <tunnel|2> installing new virtual IP 10.3.0.51
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> virtual IP 10.3.0.51 installed on eth1
Tue, 2018-05-08 21:11 05[CFG] <tunnel|2> selecting proposal:
Tue, 2018-05-08 21:11 05[CFG] <tunnel|2>   proposal matches
Tue, 2018-05-08 21:11 05[CFG] <tunnel|2> received proposals: ESP:AES_CBC_256/HMAC_SHA2_512_256/NO_EXT_SEQ
Tue, 2018-05-08 21:11 05[CFG] <tunnel|2> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_512_256/MODP_4096/NO_EXT_SEQ
Tue, 2018-05-08 21:11 05[CFG] <tunnel|2> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_512_256/NO_EXT_SEQ
Tue, 2018-05-08 21:11 05[CFG] <tunnel|2> selecting traffic selectors for us:
Tue, 2018-05-08 21:11 05[CFG] <tunnel|2>  config: 10.3.0.51/32, received: 10.3.0.51/32 => match: 10.3.0.51/32
Tue, 2018-05-08 21:11 05[CFG] <tunnel|2> selecting traffic selectors for other:
Tue, 2018-05-08 21:11 05[CFG] <tunnel|2>  config: 0.0.0.0/0, received: XX.XX.XX.XX/24 => match: XX.XX.XX.XX/24
Tue, 2018-05-08 21:11 05[CFG] <tunnel|2>  config: 0.0.0.0/0, received: 192.168.200.20/32 => match: 192.168.200.20/32
Tue, 2018-05-08 21:11 05[CHD] <tunnel|2>   using AES_CBC for encryption
Tue, 2018-05-08 21:11 05[CHD] <tunnel|2>   using HMAC_SHA2_512_256 for integrity
Tue, 2018-05-08 21:11 05[CHD] <tunnel|2> adding inbound ESP SA
Tue, 2018-05-08 21:11 05[CHD] <tunnel|2>   SPI 0xc5356a2a, src XX.XX.XX.XX dst 10.203.51.158
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> adding SAD entry with SPI c5356a2a and reqid {1}  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2>   using encryption algorithm AES_CBC with key size 256
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2>   using integrity algorithm HMAC_SHA2_512_256 with key size 512
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2>   using replay window of 32 packets
Tue, 2018-05-08 21:11 05[CHD] <tunnel|2> adding outbound ESP SA
Tue, 2018-05-08 21:11 05[CHD] <tunnel|2>   SPI 0xc7cb02f8, src 10.203.51.158 dst XX.XX.XX.XX
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> adding SAD entry with SPI c7cb02f8 and reqid {1}  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2>   using encryption algorithm AES_CBC with key size 256
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2>   using integrity algorithm HMAC_SHA2_512_256 with key size 512
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2>   using replay window of 32 packets
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> adding policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> adding policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> adding policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> using host 10.3.0.51
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> installing route: XX.XX.XX.XX/24 via 10.203.51.157 src 10.3.0.51 dev eth1
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> getting iface index for eth1
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> updating policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> updating policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> updating policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> using host 10.3.0.51
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> adding policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> adding policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> adding policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> using host 10.3.0.51
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> installing route: 192.168.200.20/32 via 10.203.51.157 src 10.3.0.51 dev eth1
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> getting iface index for eth1
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> updating policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> updating policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> updating policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> using host 10.3.0.51
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:11 05[IKE] <tunnel|2> CHILD_SA tunnel{2} established with SPIs c5356a2a_i c7cb02f8_o and TS 10.3.0.51/32 === XX.XX.XX.XX/24 192.168.200.20/32
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:11 05[KNL] <tunnel|2> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:11 10[KNL] getting iface index for eth1
Tue, 2018-05-08 21:11 10[KNL] getting iface index for eth1
Tue, 2018-05-08 21:11 05[IKE] <tunnel|2> received AUTH_LIFETIME of 85587s, scheduling reauthentication in 85047s
Tue, 2018-05-08 21:11 05[IKE] <tunnel|2> peer supports MOBIKE
Tue, 2018-05-08 21:11 05[IKE] <tunnel|2> got additional MOBIKE peer address: 100.66.0.85
Tue, 2018-05-08 21:11 05[IKE] <tunnel|2> activating new tasks
Tue, 2018-05-08 21:11 05[IKE] <tunnel|2> nothing to initiate
Tue, 2018-05-08 21:11 11[NET] <tunnel|2> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:11 11[ENC] <tunnel|2> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:11 11[ENC] <tunnel|2> generating INFORMATIONAL response 0 [ ]
Tue, 2018-05-08 21:11 11[NET] <tunnel|2> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:11 08[KNL] <tunnel|2> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 08[KNL] <tunnel|2> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 08[KNL] <tunnel|2> querying policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 08[KNL] <tunnel|2> querying policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 08[KNL] <tunnel|2> querying SAD entry with SPI c5356a2a  (mark 0/0x00000000)
Tue, 2018-05-08 21:11 13[NET] <tunnel|2> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:11 13[ENC] <tunnel|2> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:11 13[IKE] <tunnel|2> received retransmit of request with ID 0, retransmitting response
Tue, 2018-05-08 21:11 13[NET] <tunnel|2> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:11 14[NET] <tunnel|2> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:11 14[ENC] <tunnel|2> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:11 14[IKE] <tunnel|2> received retransmit of request with ID 0, retransmitting response
Tue, 2018-05-08 21:11 14[NET] <tunnel|2> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:12 08[NET] <tunnel|2> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:12 08[ENC] <tunnel|2> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:12 08[IKE] <tunnel|2> received retransmit of request with ID 0, retransmitting response
Tue, 2018-05-08 21:12 08[NET] <tunnel|2> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:12 05[KNL] <tunnel|2> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:12 05[KNL] <tunnel|2> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:12 05[KNL] <tunnel|2> querying policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:12 05[KNL] <tunnel|2> querying policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:12 05[KNL] <tunnel|2> querying SAD entry with SPI c5356a2a  (mark 0/0x00000000)
Tue, 2018-05-08 21:12 14[NET] <tunnel|2> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:12 14[ENC] <tunnel|2> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:12 14[IKE] <tunnel|2> received retransmit of request with ID 0, retransmitting response
Tue, 2018-05-08 21:12 14[NET] <tunnel|2> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:12 11[KNL] <tunnel|2> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:12 11[KNL] <tunnel|2> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:12 11[KNL] <tunnel|2> querying policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:12 11[KNL] <tunnel|2> querying policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:12 11[KNL] <tunnel|2> querying SAD entry with SPI c5356a2a  (mark 0/0x00000000)
Tue, 2018-05-08 21:13 15[KNL] <tunnel|2> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:13 15[KNL] <tunnel|2> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:13 15[KNL] <tunnel|2> querying policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:13 15[KNL] <tunnel|2> querying policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:13 15[KNL] <tunnel|2> querying SAD entry with SPI c5356a2a  (mark 0/0x00000000)
Tue, 2018-05-08 21:13 15[IKE] <tunnel|2> sending DPD request
Tue, 2018-05-08 21:13 15[IKE] <tunnel|2> queueing IKE_DPD task
Tue, 2018-05-08 21:13 15[IKE] <tunnel|2> activating new tasks
Tue, 2018-05-08 21:13 15[IKE] <tunnel|2>   activating IKE_DPD task
Tue, 2018-05-08 21:13 15[ENC] <tunnel|2> generating INFORMATIONAL request 2 [ ]
Tue, 2018-05-08 21:13 15[NET] <tunnel|2> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:13 12[IKE] <tunnel|2> retransmit 1 of request with message ID 2
Tue, 2018-05-08 21:13 12[NET] <tunnel|2> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:13 08[IKE] <tunnel|2> retransmit 2 of request with message ID 2
Tue, 2018-05-08 21:13 08[NET] <tunnel|2> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:13 05[NET] <tunnel|2> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:13 05[ENC] <tunnel|2> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:13 05[IKE] <tunnel|2> received retransmit of request with ID 0, retransmitting response
Tue, 2018-05-08 21:13 05[NET] <tunnel|2> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:13 15[IKE] <tunnel|2> retransmit 3 of request with message ID 2
Tue, 2018-05-08 21:13 15[NET] <tunnel|2> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:13 15[IKE] <tunnel|2> retransmit 4 of request with message ID 2
Tue, 2018-05-08 21:13 15[NET] <tunnel|2> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:14 11[IKE] <tunnel|2> retransmit 5 of request with message ID 2
Tue, 2018-05-08 21:14 11[NET] <tunnel|2> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> giving up after 5 retransmits
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> using 10.203.51.158 as address to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> installing new virtual IP 10.3.0.51
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> virtual IP 10.3.0.51 is already installed on eth1
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> restarting CHILD_SA tunnel
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> queueing IKE_VENDOR task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> queueing IKE_INIT task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> queueing IKE_NATD task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> queueing IKE_CERT_PRE task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> queueing IKE_AUTH task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> queueing IKE_CERT_POST task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> queueing IKE_CONFIG task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> queueing IKE_AUTH_LIFETIME task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> queueing IKE_MOBIKE task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> queueing CHILD_CREATE task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> activating new tasks
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2>   activating IKE_VENDOR task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2>   activating IKE_INIT task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2>   activating IKE_NATD task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2>   activating IKE_CERT_PRE task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2>   activating IKE_AUTH task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2>   activating IKE_CERT_POST task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2>   activating IKE_CONFIG task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2>   activating CHILD_CREATE task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2>   activating IKE_AUTH_LIFETIME task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2>   activating IKE_MOBIKE task
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> initiating IKE_SA tunnel[3] to XX.XX.XX.XX
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> IKE_SA tunnel[3] state change: CREATED => CONNECTING
Tue, 2018-05-08 21:15 07[LIB] <tunnel|2> size of DH secret exponent: 4095 bits
Tue, 2018-05-08 21:15 07[CFG] <tunnel|2> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096
Tue, 2018-05-08 21:15 07[ENC] <tunnel|2> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
Tue, 2018-05-08 21:15 07[NET] <tunnel|2> sending packet: from 10.203.51.158[500] to XX.XX.XX.XX[500] (704 bytes)
Tue, 2018-05-08 21:15 07[IKE] <tunnel|2> IKE_SA tunnel[2] state change: ESTABLISHED => DESTROYING
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> policy still used by another CHILD_SA, not removed
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> updating policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> policy still used by another CHILD_SA, not removed
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> updating policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> policy still used by another CHILD_SA, not removed
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> updating policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> using host 10.3.0.51
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> getting iface index for eth1
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> policy still used by another CHILD_SA, not removed
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> updating policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> policy still used by another CHILD_SA, not removed
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> updating policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> policy still used by another CHILD_SA, not removed
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> updating policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> using host 10.3.0.51
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> getting iface index for eth1
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting SAD entry with SPI c5356a2a  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleted SAD entry with SPI c5356a2a (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting SAD entry with SPI c7cb02f8  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleted SAD entry with SPI c7cb02f8 (mark 0/0x00000000)
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> deleting virtual IP 10.3.0.51
Tue, 2018-05-08 21:15 07[KNL] <tunnel|2> virtual IP 10.3.0.51 used by other SAs, not deleting
Tue, 2018-05-08 21:15 13[IKE] <tunnel|3> retransmit 1 of request with message ID 0
Tue, 2018-05-08 21:15 13[NET] <tunnel|3> sending packet: from 10.203.51.158[500] to XX.XX.XX.XX[500] (704 bytes)
Tue, 2018-05-08 21:15 05[NET] <tunnel|3> received packet: from XX.XX.XX.XX[500] to 10.203.51.158[500] (712 bytes)
Tue, 2018-05-08 21:15 05[ENC] <tunnel|3> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(MULT_AUTH) ]
Tue, 2018-05-08 21:15 05[IKE] <tunnel|3> received SIGNATURE_HASH_ALGORITHMS notify
Tue, 2018-05-08 21:15 05[CFG] <tunnel|3> selecting proposal:
Tue, 2018-05-08 21:15 05[CFG] <tunnel|3>   proposal matches
Tue, 2018-05-08 21:15 05[CFG] <tunnel|3> received proposals: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096
Tue, 2018-05-08 21:15 05[CFG] <tunnel|3> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096
Tue, 2018-05-08 21:15 05[CFG] <tunnel|3> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096
Tue, 2018-05-08 21:15 05[IKE] <tunnel|3> faking NAT situation to enforce UDP encapsulation
Tue, 2018-05-08 21:15 05[IKE] <tunnel|3> reinitiating already active tasks
Tue, 2018-05-08 21:15 05[IKE] <tunnel|3>   IKE_CERT_PRE task
Tue, 2018-05-08 21:15 05[IKE] <tunnel|3>   IKE_AUTH task
Tue, 2018-05-08 21:15 05[IKE] <tunnel|3> authentication of 'petittestaplug' (myself) with pre-shared key
Tue, 2018-05-08 21:15 05[IKE] <tunnel|3> successfully created shared key MAC
Tue, 2018-05-08 21:15 05[IKE] <tunnel|3> building INTERNAL_IP4_DNS attribute
Tue, 2018-05-08 21:15 05[IKE] <tunnel|3> establishing CHILD_SA tunnel{1}
Tue, 2018-05-08 21:15 05[CFG] <tunnel|3> proposing traffic selectors for us:
Tue, 2018-05-08 21:15 05[CFG] <tunnel|3>  0.0.0.0/0
Tue, 2018-05-08 21:15 05[CFG] <tunnel|3> proposing traffic selectors for other:
Tue, 2018-05-08 21:15 05[CFG] <tunnel|3>  0.0.0.0/0
Tue, 2018-05-08 21:15 05[CFG] <tunnel|3> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_512_256/NO_EXT_SEQ
Tue, 2018-05-08 21:15 05[KNL] <tunnel|3> got SPI c8c62ab8
Tue, 2018-05-08 21:15 05[ENC] <tunnel|3> generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
Tue, 2018-05-08 21:15 05[NET] <tunnel|3> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (368 bytes)
Tue, 2018-05-08 21:15 16[NET] <tunnel|3> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (336 bytes)
Tue, 2018-05-08 21:15 16[ENC] <tunnel|3> parsed IKE_AUTH response 1 [ IDr AUTH CPRP(ADDR) SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) ]
Tue, 2018-05-08 21:15 16[IKE] <tunnel|3> authentication of 'XX.XX.XX.XX' with pre-shared key successful
Tue, 2018-05-08 21:15 16[IKE] <tunnel|3> IKE_SA tunnel[3] established between 10.203.51.158[petittestaplug]...XX.XX.XX.XX[XX.XX.XX.XX]
Tue, 2018-05-08 21:15 16[IKE] <tunnel|3> IKE_SA tunnel[3] state change: CONNECTING => ESTABLISHED
Tue, 2018-05-08 21:15 16[IKE] <tunnel|3> scheduling reauthentication in 85533s
Tue, 2018-05-08 21:15 16[IKE] <tunnel|3> maximum IKE_SA lifetime 86073s
Tue, 2018-05-08 21:15 16[IKE] <tunnel|3> processing INTERNAL_IP4_ADDRESS attribute
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> deleting virtual IP 10.3.0.51
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:15 16[IKE] <tunnel|3> installing new virtual IP 10.3.0.51
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> virtual IP 10.3.0.51 installed on eth1
Tue, 2018-05-08 21:15 16[CFG] <tunnel|3> selecting proposal:
Tue, 2018-05-08 21:15 16[CFG] <tunnel|3>   proposal matches
Tue, 2018-05-08 21:15 16[CFG] <tunnel|3> received proposals: ESP:AES_CBC_256/HMAC_SHA2_512_256/NO_EXT_SEQ
Tue, 2018-05-08 21:15 16[CFG] <tunnel|3> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_512_256/MODP_4096/NO_EXT_SEQ
Tue, 2018-05-08 21:15 16[CFG] <tunnel|3> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_512_256/NO_EXT_SEQ
Tue, 2018-05-08 21:15 16[CFG] <tunnel|3> selecting traffic selectors for us:
Tue, 2018-05-08 21:15 16[CFG] <tunnel|3>  config: 10.3.0.51/32, received: 10.3.0.51/32 => match: 10.3.0.51/32
Tue, 2018-05-08 21:15 16[CFG] <tunnel|3> selecting traffic selectors for other:
Tue, 2018-05-08 21:15 16[CFG] <tunnel|3>  config: 0.0.0.0/0, received: XX.XX.XX.XX/24 => match: XX.XX.XX.XX/24
Tue, 2018-05-08 21:15 16[CFG] <tunnel|3>  config: 0.0.0.0/0, received: 192.168.200.20/32 => match: 192.168.200.20/32
Tue, 2018-05-08 21:15 16[CHD] <tunnel|3>   using AES_CBC for encryption
Tue, 2018-05-08 21:15 16[CHD] <tunnel|3>   using HMAC_SHA2_512_256 for integrity
Tue, 2018-05-08 21:15 16[CHD] <tunnel|3> adding inbound ESP SA
Tue, 2018-05-08 21:15 16[CHD] <tunnel|3>   SPI 0xc8c62ab8, src XX.XX.XX.XX dst 10.203.51.158
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> adding SAD entry with SPI c8c62ab8 and reqid {1}  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3>   using encryption algorithm AES_CBC with key size 256
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3>   using integrity algorithm HMAC_SHA2_512_256 with key size 512
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3>   using replay window of 32 packets
Tue, 2018-05-08 21:15 16[CHD] <tunnel|3> adding outbound ESP SA
Tue, 2018-05-08 21:15 16[CHD] <tunnel|3>   SPI 0xcad07b3f, src 10.203.51.158 dst XX.XX.XX.XX
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> adding SAD entry with SPI cad07b3f and reqid {1}  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3>   using encryption algorithm AES_CBC with key size 256
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3>   using integrity algorithm HMAC_SHA2_512_256 with key size 512
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3>   using replay window of 32 packets
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> adding policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> adding policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> adding policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> using host 10.3.0.51
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> installing route: XX.XX.XX.XX/24 via 10.203.51.157 src 10.3.0.51 dev eth1
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> getting iface index for eth1
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> updating policy 10.3.0.51/32 === XX.XX.XX.XX/24 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> updating policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> updating policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> using host 10.3.0.51
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> adding policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> adding policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> adding policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> using host 10.3.0.51
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> installing route: 192.168.200.20/32 via 10.203.51.157 src 10.3.0.51 dev eth1
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> getting iface index for eth1
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> updating policy 10.3.0.51/32 === 192.168.200.20/32 out  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> updating policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000) already exists, increasing refcount
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> updating policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> getting a local address in traffic selector 10.3.0.51/32
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> using host 10.3.0.51
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> using 10.203.51.157 as nexthop to reach XX.XX.XX.XX/32
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:15 16[IKE] <tunnel|3> CHILD_SA tunnel{3} established with SPIs c8c62ab8_i cad07b3f_o and TS 10.3.0.51/32 === XX.XX.XX.XX/24 192.168.200.20/32
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:15 16[KNL] <tunnel|3> 10.203.51.158 is on interface eth1
Tue, 2018-05-08 21:15 06[KNL] getting iface index for eth1
Tue, 2018-05-08 21:15 06[KNL] getting iface index for eth1
Tue, 2018-05-08 21:15 16[IKE] <tunnel|3> received AUTH_LIFETIME of 85688s, scheduling reauthentication in 85148s
Tue, 2018-05-08 21:15 16[IKE] <tunnel|3> peer supports MOBIKE
Tue, 2018-05-08 21:15 16[IKE] <tunnel|3> got additional MOBIKE peer address: 100.66.0.85
Tue, 2018-05-08 21:15 16[IKE] <tunnel|3> activating new tasks
Tue, 2018-05-08 21:15 16[IKE] <tunnel|3> nothing to initiate
Tue, 2018-05-08 21:16 16[NET] <tunnel|3> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:16 16[ENC] <tunnel|3> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:16 16[ENC] <tunnel|3> generating INFORMATIONAL response 0 [ ]
Tue, 2018-05-08 21:16 16[NET] <tunnel|3> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:16 10[KNL] <tunnel|3> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:16 10[KNL] <tunnel|3> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:16 10[KNL] <tunnel|3> querying policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:16 10[KNL] <tunnel|3> querying policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:16 10[KNL] <tunnel|3> querying SAD entry with SPI c8c62ab8  (mark 0/0x00000000)
Tue, 2018-05-08 21:16 12[NET] <tunnel|3> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:16 12[ENC] <tunnel|3> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:16 12[IKE] <tunnel|3> received retransmit of request with ID 0, retransmitting response
Tue, 2018-05-08 21:16 12[NET] <tunnel|3> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:16 14[NET] <tunnel|3> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:16 14[ENC] <tunnel|3> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:16 14[IKE] <tunnel|3> received retransmit of request with ID 0, retransmitting response
Tue, 2018-05-08 21:16 14[NET] <tunnel|3> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:16 07[NET] <tunnel|3> received packet: from XX.XX.XX.XX[4500] to 10.203.51.158[4500] (96 bytes)
Tue, 2018-05-08 21:16 07[ENC] <tunnel|3> parsed INFORMATIONAL request 0 [ ]
Tue, 2018-05-08 21:16 07[IKE] <tunnel|3> received retransmit of request with ID 0, retransmitting response
Tue, 2018-05-08 21:16 07[NET] <tunnel|3> sending packet: from 10.203.51.158[4500] to XX.XX.XX.XX[4500] (96 bytes)
Tue, 2018-05-08 21:16 16[KNL] <tunnel|3> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:16 16[KNL] <tunnel|3> querying policy XX.XX.XX.XX/24 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:16 16[KNL] <tunnel|3> querying policy 192.168.200.20/32 === 10.3.0.51/32 in  (mark 0/0x00000000)
Tue, 2018-05-08 21:16 16[KNL] <tunnel|3> querying policy 192.168.200.20/32 === 10.3.0.51/32 fwd  (mark 0/0x00000000)
Tue, 2018-05-08 21:16 16[KNL] <tunnel|3> querying SAD entry with SPI c8c62ab8  (mark 0/0x00000000)


Tunnel is established and for an unknown reason he delete the virtual ip and re establish tunnel.

Why he is doing that ? I don't find any explanation.
So if you could help me on this I will appreciate a lot !

Best Regards,

Thomas

The information in this e-mail is confidential. The contents may not be disclosed or used by anyone other than the addressee. Access to this e-mail by anyone else is unauthorised.
If you are not the intended recipient, please notify Airbus immediately and delete this e-mail.
Airbus cannot accept any responsibility for the accuracy or completeness of this e-mail as it has been sent over public networks. If you have any concerns over the content of this message or its Accuracy or Integrity, please contact Airbus immediately.
All outgoing e-mails from Airbus are checked using regularly updated virus scanning software but you should take whatever measures you deem to be appropriate to ensure that this message and any attachments are virus free.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20181115/f3b4dca0/attachment-0001.html>


More information about the Users mailing list