[strongSwan] no response from port 4500, port 500 is ok
Modster, Anthony
Anthony.Modster at Teledyne.com
Fri Feb 4 21:02:44 CET 2022
Hello
Case 1: no response from port 4500, port 500 is ok
We have a case were charon does not respond to port 4500 (500 is ok).
Charon is our IPSEC client on Linux.
Using strongswan 5.8.2
The IPSEC server is Windows 2012R2
* Sending packet on 500
* 2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[NET] sending packet: from 10.147.180.160[500] to 76.80.106.138[500] (480 bytes)
* 2022 Feb 3 20:04:48+00:00 wglng-2294 charon [info] 14[NET] received packet: from 76.80.106.138[500] to 10.147.180.160[500] (492 bytes)
* Sending packet on 4500, but no reply
* 2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[NET] sending packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
* 2022 Feb 3 20:04:53+00:00 wglng-2294 charon [info] 09[IKE] retransmit 1 of request with message ID 1
Our tcpdump capture does show 4500 being received
* See dod-ipsec-error-for-strongswan-edit.csv
This problem does not happen all the time.
When it does happen, it will persist and not clear.
2022 Feb 3 19:58:07+00:00 wglng-2294 charon [info] 00[DMN] Starting IKE charon daemon (strongSwan 5.8.2, Linux 2.6.32.46.cge-TDY711999J-3+, mips64)
2022 Feb 3 19:58:07+00:00 wglng-2294 charon [info] 00[NET] could not open socket: Address family not supported by protocol
2022 Feb 3 19:58:07+00:00 wglng-2294 charon [info] 00[NET] could not open IPv6 socket, IPv6 disabled
2022 Feb 3 19:58:07+00:00 wglng-2294 charon [info] 00[KNL] received netlink error: Address family not supported by protocol (124)
2022 Feb 3 19:58:07+00:00 wglng-2294 charon [info] 00[KNL] unable to create IPv6 routing table rule
2022 Feb 3 19:58:07+00:00 wglng-2294 charon [info] 00[CFG] loaded 0 RADIUS server configurations
2022 Feb 3 19:58:07+00:00 wglng-2294 charon [info] 00[CFG] no threshold configured for systime-fix, disabled
2022 Feb 3 19:58:07+00:00 wglng-2294 charon [info] 00[LIB] loaded plugins: charon ldap aes des rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl gcrypt fips-prf gmp curve25519 xcbc cmac hmac ntru drbg curl files attr kernel-netlink resolve socket-default vici updown eap-identity eap-mschapv2 eap-dynamic eap-radius eap-tls eap-peap xauth-generic xauth-eap error-notify counters
2022 Feb 3 19:58:07+00:00 wglng-2294 charon [info] 00[LIB] dropped capabilities, running as uid 0, gid 0
2022 Feb 3 19:58:07+00:00 wglng-2294 charon [info] 00[JOB] spawning 16 worker threads
2022 Feb 3 19:58:09+00:00 wglng-2294 charon [info] 14[CFG] vici client 1 connected
2022 Feb 3 19:58:09+00:00 wglng-2294 charon [info] 04[CFG] vici client 1 requests: clear-creds
2022 Feb 3 19:58:09+00:00 wglng-2294 charon [info] 09[CFG] vici client 1 disconnected
2022 Feb 3 19:58:11+00:00 wglng-2294 charon [info] 15[CFG] vici client 2 connected
2022 Feb 3 19:58:11+00:00 wglng-2294 charon [info] 14[CFG] vici client 2 registered for: ike-updown
2022 Feb 3 19:58:11+00:00 wglng-2294 charon [info] 06[CFG] vici client 2 registered for: child-updown
2022 Feb 3 19:58:12+00:00 wglng-2294 charon [info] 11[CFG] vici client 3 connected
2022 Feb 3 19:58:12+00:00 wglng-2294 charon [info] 04[CFG] vici client 3 requests: flush-certs
2022 Feb 3 19:58:12+00:00 wglng-2294 charon [info] 10[CFG] vici client 3 disconnected
2022 Feb 3 19:58:12+00:00 wglng-2294 charon [info] 11[CFG] vici client 4 connected
2022 Feb 3 19:58:12+00:00 wglng-2294 charon [info] 03[CFG] vici client 4 requests: get-keys
2022 Feb 3 19:58:12+00:00 wglng-2294 charon [info] 11[CFG] vici client 4 requests: get-shared
2022 Feb 3 19:58:12+00:00 wglng-2294 charon [info] 06[CFG] vici client 4 requests: load-cert
2022 Feb 3 19:58:12+00:00 wglng-2294 charon [info] 06[CFG] loaded certificate \'C=CA, O=Carillon Information Security Inc., OU=TEST, OU=Aircraft, OU=Teledyne Controls, CN=RA02294-219.auth\'
2022 Feb 3 19:58:12+00:00 wglng-2294 charon [info] 14[CFG] vici client 4 requests: load-cert
2022 Feb 3 19:58:12+00:00 wglng-2294 charon [info] 14[CFG] loaded certificate \'C=CA, O=Carillon Information Security Inc., OU=TEST Certification Authorities, CN=TEST CIS Signing CA1\'
2022 Feb 3 19:58:12+00:00 wglng-2294 charon [info] 11[CFG] vici client 4 requests: load-cert
2022 Feb 3 19:58:12+00:00 wglng-2294 charon [info] 11[CFG] loaded certificate \'C=CA, O=Carillon Information Security Inc., OU=TEST Certification Authorities, CN=TEST cisRCA1\'
2022 Feb 3 19:58:13+00:00 wglng-2294 charon [info] 08[CFG] vici client 4 requests: load-key
2022 Feb 3 19:58:13+00:00 wglng-2294 charon [info] 08[CFG] loaded RSA private key
2022 Feb 3 19:58:14+00:00 wglng-2294 charon [info] 03[CFG] vici client 4 requests: load-key
2022 Feb 3 19:58:14+00:00 wglng-2294 charon [info] 03[CFG] loaded RSA private key
2022 Feb 3 19:58:14+00:00 wglng-2294 charon [info] 10[CFG] vici client 4 disconnected
2022 Feb 3 19:58:15+00:00 wglng-2294 charon [info] 09[CFG] vici client 5 connected
2022 Feb 3 19:58:15+00:00 wglng-2294 charon [info] 11[CFG] vici client 5 requests: get-authorities
2022 Feb 3 19:58:15+00:00 wglng-2294 charon [info] 10[CFG] vici client 5 requests: load-authority
2022 Feb 3 19:58:15+00:00 wglng-2294 charon [info] 10[CFG] authority Org1-sca1:
2022 Feb 3 19:58:15+00:00 wglng-2294 charon [info] 10[CFG] cacert = C=CA, O=Carillon Information Security Inc., OU=TEST Certification Authorities, CN=TEST CIS Signing CA1
2022 Feb 3 19:58:15+00:00 wglng-2294 charon [info] 10[CFG] crl_uris = file:///etc/swanctl/ourCrl/Org1.scacrl1
2022 Feb 3 19:58:15+00:00 wglng-2294 charon [info] 11[CFG] vici client 5 requests: load-authority
2022 Feb 3 19:58:15+00:00 wglng-2294 charon [info] 11[CFG] authority Org1-ta:
2022 Feb 3 19:58:15+00:00 wglng-2294 charon [info] 11[CFG] cacert = C=CA, O=Carillon Information Security Inc., OU=TEST Certification Authorities, CN=TEST cisRCA1
2022 Feb 3 19:58:15+00:00 wglng-2294 charon [info] 09[CFG] vici client 5 disconnected
2022 Feb 3 19:58:35+00:00 wglng-2294 charon [info] 06[CFG] vici client 6 connected
2022 Feb 3 19:58:35+00:00 wglng-2294 charon [info] 07[CFG] vici client 6 registered for: list-sa
2022 Feb 3 19:58:35+00:00 wglng-2294 charon [info] 05[CFG] vici client 6 requests: list-sas
2022 Feb 3 19:58:35+00:00 wglng-2294 charon [info] 10[CFG] vici client 6 disconnected
2022 Feb 3 20:00:35+00:00 wglng-2294 charon [info] 07[CFG] vici client 7 connected
2022 Feb 3 20:00:35+00:00 wglng-2294 charon [info] 16[CFG] vici client 7 registered for: list-sa
2022 Feb 3 20:00:35+00:00 wglng-2294 charon [info] 09[CFG] vici client 7 requests: list-sas
2022 Feb 3 20:00:35+00:00 wglng-2294 charon [info] 15[CFG] vici client 7 disconnected
2022 Feb 3 20:00:38+00:00 wglng-2294 charon [info] 16[CFG] vici client 8 connected
2022 Feb 3 20:00:38+00:00 wglng-2294 charon [info] 04[CFG] vici client 8 registered for: list-sa
2022 Feb 3 20:00:38+00:00 wglng-2294 charon [info] 08[CFG] vici client 8 requests: list-sas
2022 Feb 3 20:00:38+00:00 wglng-2294 charon [info] 15[CFG] vici client 8 disconnected
2022 Feb 3 20:00:40+00:00 wglng-2294 charon [info] 16[CFG] vici client 9 connected
2022 Feb 3 20:00:40+00:00 wglng-2294 charon [info] 14[CFG] vici client 9 registered for: list-sa
2022 Feb 3 20:00:40+00:00 wglng-2294 charon [info] 08[CFG] vici client 9 requests: list-sas
2022 Feb 3 20:00:40+00:00 wglng-2294 charon [info] 15[CFG] vici client 9 disconnected
2022 Feb 3 20:00:43+00:00 wglng-2294 charon [info] 16[CFG] vici client 10 connected
2022 Feb 3 20:00:43+00:00 wglng-2294 charon [info] 03[CFG] vici client 10 registered for: list-sa
2022 Feb 3 20:00:43+00:00 wglng-2294 charon [info] 11[CFG] vici client 10 requests: list-sas
2022 Feb 3 20:00:43+00:00 wglng-2294 charon [info] 16[CFG] vici client 10 disconnected
2022 Feb 3 20:03:43+00:00 wglng-2294 charon [info] 03[CFG] vici client 11 connected
2022 Feb 3 20:03:43+00:00 wglng-2294 charon [info] 11[CFG] vici client 11 registered for: list-sa
2022 Feb 3 20:03:43+00:00 wglng-2294 charon [info] 07[CFG] vici client 11 requests: list-sas
2022 Feb 3 20:03:43+00:00 wglng-2294 charon [info] 05[CFG] vici client 11 disconnected
2022 Feb 3 20:03:51+00:00 wglng-2294 charon [info] 09[CFG] vici client 12 connected
2022 Feb 3 20:03:51+00:00 wglng-2294 charon [info] 08[CFG] vici client 12 registered for: list-sa
2022 Feb 3 20:03:51+00:00 wglng-2294 charon [info] 07[CFG] vici client 12 requests: list-sas
2022 Feb 3 20:03:51+00:00 wglng-2294 charon [info] 05[CFG] vici client 12 disconnected
2022 Feb 3 20:04:37+00:00 wglng-2294 charon [info] 09[KNL] 10.147.180.160 appeared on ppp0
2022 Feb 3 20:04:37+00:00 wglng-2294 charon [info] 10[KNL] 10.147.180.160 disappeared from ppp0
2022 Feb 3 20:04:37+00:00 wglng-2294 charon [info] 15[KNL] 10.147.180.160 appeared on ppp0
2022 Feb 3 20:04:37+00:00 wglng-2294 charon [info] 16[KNL] interface ppp0 activated
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 15[CFG] vici client 13 connected
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] vici client 13 requests: load-conn
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] conn sgateway1-radio0:
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] child sgateway1-radio0:
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] rekey_time = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] life_time = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] rand_time = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] rekey_bytes = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] life_bytes = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] rand_bytes = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] rekey_packets = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] life_packets = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] rand_packets = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] updown = /usr/lib32/ipsec/_updown_tdy.py
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] hostaccess = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] ipcomp = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] mode = TUNNEL
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] policies = 1
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] policies_fwd_out = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] dpd_action = restart
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] start_action = clear
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] close_action = clear
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] reqid = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] tfc = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] priority = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] interface = (null)
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] if_id_in = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] if_id_out = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] mark_in = 0/0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] mark_in_sa = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] mark_out = 0/0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] set_mark_in = 0/0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] set_mark_out = 0/0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] inactivity = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] proposals = ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] local_ts = dynamic
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] remote_ts = 172.16.207.159/32
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] hw_offload = no
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] sha256_96 = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] copy_df = 1
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] copy_ecn = 1
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] copy_dscp = out
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] version = 2
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] local_addrs = 10.147.180.160
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] remote_addrs = 76.80.106.138
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] local_port = 500
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] remote_port = 500
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] send_certreq = 1
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] send_cert = CERT_SEND_IF_ASKED
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] ppk_id = (null)
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] ppk_required = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] mobike = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] aggressive = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] dscp = 0x00
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] encap = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] dpd_delay = 40
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] dpd_timeout = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] fragmentation = 2
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] childless = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] unique = UNIQUE_NO
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] keyingtries = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] reauth_time = 14400
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] rekey_time = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] over_time = 1440
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] rand_time = 1440
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] proposals = IKE:AES_CBC_256/HMAC_SHA2_384_192/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] if_id_in = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] if_id_out = 0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] vips:
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] %any
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] local:
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] id = RA02294-219 at teledyne.com<mailto:RA02294-219 at teledyne.com>
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] class = EAP
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] cert = C=CA, O=Carillon Information Security Inc., OU=TEST, OU=Aircraft, OU=Teledyne Controls, CN=RA02294-219.auth
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] remote:
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] class = public key
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] id = C=CA, O=Carillon Information Security Inc., OU=TEST, OU=Devices, OU=Aircraft Operator Ground Stations, OU=Teledyne Controls, CN=ELS-VPAPP-WGL08 - ID
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] added vici connection: sgateway1-radio0
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 10[CFG] vici client 14 connected
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 04[CFG] vici client 14 requests: initiate
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 04[CFG] vici initiate CHILD_SA \'sgateway1-radio0\'
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 11[CFG] vici client 13 disconnected
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing IKE_VENDOR task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing IKE_INIT task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing IKE_NATD task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing IKE_CERT_PRE task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing IKE_AUTH task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing IKE_CERT_POST task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing IKE_CONFIG task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing IKE_AUTH_LIFETIME task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing CHILD_CREATE task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] activating new tasks
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] activating IKE_VENDOR task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] activating IKE_INIT task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] activating IKE_NATD task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] activating IKE_CERT_PRE task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] activating IKE_AUTH task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] activating IKE_CERT_POST task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] activating IKE_CONFIG task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] activating CHILD_CREATE task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] activating IKE_AUTH_LIFETIME task
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] initiating IKE_SA sgateway1-radio0[1] to 76.80.106.138
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] initiating IKE_SA sgateway1-radio0[1] to 76.80.106.138
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] IKE_SA sgateway1-radio0[1] state change: CREATED => CONNECTING
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[CFG] configured proposals: IKE:AES_CBC_256/HMAC_SHA2_384_192/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[CFG] sending supported signature hash algorithms: sha256 sha384 sha512 identity
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
2022 Feb 3 20:04:46+00:00 wglng-2294 charon [info] 03[NET] sending packet: from 10.147.180.160[500] to 76.80.106.138[500] (480 bytes)
2022 Feb 3 20:04:48+00:00 wglng-2294 charon [info] 14[NET] received packet: from 76.80.106.138[500] to 10.147.180.160[500] (492 bytes)
2022 Feb 3 20:04:48+00:00 wglng-2294 charon [info] 14[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) V V ]
2022 Feb 3 20:04:48+00:00 wglng-2294 charon [info] 14[IKE] received MS NT5 ISAKMPOAKLEY v9 vendor ID
2022 Feb 3 20:04:48+00:00 wglng-2294 charon [info] 14[IKE] received MS-Negotiation Discovery Capable vendor ID
2022 Feb 3 20:04:48+00:00 wglng-2294 charon [info] 14[CFG] selecting proposal:
2022 Feb 3 20:04:48+00:00 wglng-2294 charon [info] 14[CFG] proposal matches
2022 Feb 3 20:04:48+00:00 wglng-2294 charon [info] 14[CFG] received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb 3 20:04:48+00:00 wglng-2294 charon [info] 14[CFG] configured proposals: IKE:AES_CBC_256/HMAC_SHA2_384_192/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb 3 20:04:48+00:00 wglng-2294 charon [info] 14[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] local host is behind NAT, sending keep alives
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] remote host is behind NAT
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] reinitiating already active tasks
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] IKE_CERT_PRE task
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] IKE_AUTH task
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] sending cert request for \"C=CA, O=Carillon Information Security Inc., OU=TEST Certification Authorities, CN=TEST cisRCA1\"
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] sending cert request for \"C=CA, O=Carillon Information Security Inc., OU=TEST Certification Authorities, CN=TEST CIS Signing CA1\"
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] building INTERNAL_IP4_DNS attribute
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[CFG] proposing traffic selectors for us:
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[CFG] 0.0.0.0/0
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[CFG] proposing traffic selectors for other:
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[CFG] 172.16.207.159/32
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[CFG] configured proposals: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] establishing CHILD_SA sgateway1-radio0{1}
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] establishing CHILD_SA sgateway1-radio0{1}
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ IDr CPRQ(ADDR DNS) SA TSi TSr N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
2022 Feb 3 20:04:49+00:00 wglng-2294 charon [info] 14[NET] sending packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb 3 20:04:53+00:00 wglng-2294 charon [info] 09[IKE] retransmit 1 of request with message ID 1
2022 Feb 3 20:04:53+00:00 wglng-2294 charon [info] 09[NET] sending packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb 3 20:04:56+00:00 wglng-2294 charon [info] 10[CFG] vici client 14 disconnected
2022 Feb 3 20:04:57+00:00 wglng-2294 charon [info] 07[IKE] retransmit 2 of request with message ID 1
2022 Feb 3 20:04:57+00:00 wglng-2294 charon [info] 07[NET] sending packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb 3 20:05:01+00:00 wglng-2294 charon [info] 15[IKE] retransmit 3 of request with message ID 1
2022 Feb 3 20:05:01+00:00 wglng-2294 charon [info] 15[NET] sending packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb 3 20:05:05+00:00 wglng-2294 charon [info] 11[IKE] retransmit 4 of request with message ID 1
2022 Feb 3 20:05:05+00:00 wglng-2294 charon [info] 11[NET] sending packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb 3 20:05:09+00:00 wglng-2294 charon [info] 14[IKE] retransmit 5 of request with message ID 1
2022 Feb 3 20:05:09+00:00 wglng-2294 charon [info] 14[NET] sending packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 06[KNL] creating delete job for CHILD_SA ESP/0xc4e46da5/10.147.180.160
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 06[JOB] CHILD_SA ESP/0xc4e46da5/10.147.180.160 not found for delete
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] giving up after 5 retransmits
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] peer not responding, trying again (2/0)
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] IKE_SA sgateway1-radio0[1] state change: CONNECTING => CREATED
2022 Feb 3 20:05:13+00:00 wglng-2294 IPSecCfgIfManager [notice] bool ErrorNotifyMonitor::ProcessEvents() rx message is new or changed type=6 name=sgateway1-radio0 id=C=CA, O=Carillon Information Security Inc., OU=TEST, OU=Devices, OU=Aircraft Operator Ground Stations, OU=Teledyne Controls, CN=ELS-VPAPP-WGL08 - ID ip=76.80.106.138[4500] str=IKE message retransmission timed out.
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] queueing IKE_VENDOR task
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] queueing IKE_INIT task
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] queueing IKE_NATD task
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] activating new tasks
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] activating IKE_VENDOR task
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] activating IKE_INIT task
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] activating IKE_NATD task
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] activating IKE_CERT_PRE task
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] activating IKE_AUTH task
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] activating IKE_CERT_POST task
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] activating IKE_CONFIG task
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] activating CHILD_CREATE task
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] activating IKE_AUTH_LIFETIME task
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] initiating IKE_SA sgateway1-radio0[1] to 76.80.106.138
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] initiating IKE_SA sgateway1-radio0[1] to 76.80.106.138
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] IKE_SA sgateway1-radio0[1] state change: CREATED => CONNECTING
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[CFG] configured proposals: IKE:AES_CBC_256/HMAC_SHA2_384_192/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[CFG] sending supported signature hash algorithms: sha256 sha384 sha512 identity
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
2022 Feb 3 20:05:13+00:00 wglng-2294 charon [info] 04[NET] sending packet: from 10.147.180.160[500] to 76.80.106.138[500] (480 bytes)
2022 Feb 3 20:05:15+00:00 wglng-2294 charon [info] 05[NET] received packet: from 76.80.106.138[500] to 10.147.180.160[500] (492 bytes)
2022 Feb 3 20:05:15+00:00 wglng-2294 charon [info] 05[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) V V ]
2022 Feb 3 20:05:15+00:00 wglng-2294 charon [info] 05[IKE] received MS NT5 ISAKMPOAKLEY v9 vendor ID
2022 Feb 3 20:05:15+00:00 wglng-2294 charon [info] 05[IKE] received MS-Negotiation Discovery Capable vendor ID
2022 Feb 3 20:05:15+00:00 wglng-2294 charon [info] 05[CFG] selecting proposal:
2022 Feb 3 20:05:15+00:00 wglng-2294 charon [info] 05[CFG] proposal matches
2022 Feb 3 20:05:15+00:00 wglng-2294 charon [info] 05[CFG] received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb 3 20:05:15+00:00 wglng-2294 charon [info] 05[CFG] configured proposals: IKE:AES_CBC_256/HMAC_SHA2_384_192/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb 3 20:05:15+00:00 wglng-2294 charon [info] 05[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] reinitiating already active tasks
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] IKE_CERT_PRE task
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] IKE_AUTH task
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] sending cert request for \"C=CA, O=Carillon Information Security Inc., OU=TEST Certification Authorities, CN=TEST cisRCA1\"
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] sending cert request for \"C=CA, O=Carillon Information Security Inc., OU=TEST Certification Authorities, CN=TEST CIS Signing CA1\"
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] building INTERNAL_IP4_DNS attribute
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[CFG] proposing traffic selectors for us:
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[CFG] 0.0.0.0/0
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[CFG] proposing traffic selectors for other:
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[CFG] 172.16.207.159/32
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[CFG] configured proposals: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] establishing CHILD_SA sgateway1-radio0{2}
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] establishing CHILD_SA sgateway1-radio0{2}
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ IDr CPRQ(ADDR DNS) SA TSi TSr N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
2022 Feb 3 20:05:16+00:00 wglng-2294 charon [info] 05[NET] sending packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb 3 20:05:20+00:00 wglng-2294 charon [info] 10[IKE] retransmit 1 of request with message ID 1
2022 Feb 3 20:05:20+00:00 wglng-2294 charon [info] 10[NET] sending packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb 3 20:05:24+00:00 wglng-2294 charon [info] 16[IKE] retransmit 2 of request with message ID 1
2022 Feb 3 20:05:24+00:00 wglng-2294 charon [info] 16[NET] sending packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb 3 20:05:28+00:00 wglng-2294 charon [info] 15[IKE] retransmit 3 of request with message ID 1
2022 Feb 3 20:05:28+00:00 wglng-2294 charon [info] 15[NET] sending packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb 3 20:05:32+00:00 wglng-2294 charon [info] 11[IKE] retransmit 4 of request with message ID 1
2022 Feb 3 20:05:32+00:00 wglng-2294 charon [info] 11[NET] sending packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb 3 20:05:36+00:00 wglng-2294 charon [info] 03[IKE] retransmit 5 of request with message ID 1
2022 Feb 3 20:05:36+00:00 wglng-2294 charon [info] 03[NET] sending packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb 3 20:05:40+00:00 wglng-2294 charon [info] 14[KNL] creating delete job for CHILD_SA ESP/0xc30ca743/10.147.180.160
2022 Feb 3 20:05:40+00:00 wglng-2294 charon [info] 14[JOB] CHILD_SA ESP/0xc30ca743/10.147.180.160 not found for delete
2022 Feb 3 20:05:40+00:00 wglng-2294 charon [info] 06[IKE] giving up after 5 retransmits
2022 Feb 3 20:05:40+00:00 wglng-2294 charon [info] 06[IKE] peer not responding, trying again (3/0)
Thanks
Teledyne Confidential; Commercially Sensitive Business Data
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20220204/7f9dda7d/attachment-0001.html>
More information about the Users
mailing list