<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Paul,<br>
<br>
I'm still running 3.6rc1 and it failed 5 times last night, possibly
triggered by the far router which perhaps went throutgh an IP change
(noise on the line?).<br>
<br>
From the logs:<br>
<br>
<tt>Oct 6 19:25:27 server pluto[28831]: "PaulIn"[3] 88.104.19.209
#962: the peer proposed: 172.17.2.0/24:0/0 ->
192.168.30.0/24:0/0</tt><tt><br>
</tt><tt>Oct 6 19:25:27 server pluto[28831]: "PaulIn"[3]
88.104.19.209 #979: responding to Quick Mode proposal
{msgid:31ee695f}</tt><tt><br>
</tt><tt>Oct 6 19:25:27 server pluto[28831]: "PaulIn"[3]
88.104.19.209 #979: us:
172.17.2.0/24===82.19.147.85<82.19.147.85>[@Nick]</tt><tt><br>
</tt><tt>Oct 6 19:25:27 server pluto[28831]: "PaulIn"[3]
88.104.19.209 #979: them: 88.104.19.209===192.168.30.0/24</tt><tt><br>
</tt><tt>Oct 6 19:25:27 server pluto[28831]: "PaulIn"[3]
88.104.19.209 #979: keeping refhim=4294901761 during rekey</tt><tt><br>
</tt><tt>Oct 6 19:25:27 server pluto[28831]: "PaulIn"[3]
88.104.19.209 #979: transition from state STATE_QUICK_R0 to state
STATE_QUICK_R1</tt><tt><br>
</tt><tt>Oct 6 19:25:27 server pluto[28831]: "PaulIn"[3]
88.104.19.209 #979: STATE_QUICK_R1: sent QR1, inbound IPsec SA
installed, expecting QI2</tt><tt><br>
</tt><tt>Oct 6 19:25:27 server pluto[28831]: "PaulIn"[3]
88.104.19.209 #979: Dead Peer Detection (RFC 3706): enabled</tt><tt><br>
</tt><tt>Oct 6 19:25:27 server pluto[28831]: "PaulIn"[3]
88.104.19.209 #979: transition from state STATE_QUICK_R1 to state
STATE_QUICK_R2</tt><tt><br>
</tt><tt>Oct 6 19:25:27 server pluto[28831]: "PaulIn"[3]
88.104.19.209 #979: STATE_QUICK_R2: IPsec SA established tunnel
mode {ESP=>0x95f5a6d9 <0xffec7f13 xfrm=AES_256-HMAC_SHA1
NATOA=none NATD=none DPD=enabled}</tt><tt><br>
</tt><tt>Oct 6 19:34:50 server pluto[28831]: "MumIn" #976: ESP
traffic information: in=0B out=33KB</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: af+type of ISAKMP Oakley attribute has an
unknown value: 16384</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: responding to Main Mode from unknown peer
80.6.166.163</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: policy does not allow Extended Authentication
(XAUTH) of initiator (we are responder). Attribute
OAKLEY_AUTHENTICATION_METHOD</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: policy does not allow Extended Authentication
(XAUTH) of initiator (we are responder). Attribute
OAKLEY_AUTHENTICATION_METHOD</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: 1DES is not encryption</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: OAKLEY_DES_CBC is not supported. Attribute
OAKLEY_ENCRYPTION_ALGORITHM</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: 1DES is not encryption</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: OAKLEY_DES_CBC is not supported. Attribute
OAKLEY_ENCRYPTION_ALGORITHM</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: policy does not allow OAKLEY_RSA_SIG
authentication. Attribute OAKLEY_AUTHENTICATION_METHOD</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: policy does not allow OAKLEY_RSA_SIG
authentication. Attribute OAKLEY_AUTHENTICATION_METHOD</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: 1DES is not encryption</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: OAKLEY_DES_CBC is not supported. Attribute
OAKLEY_ENCRYPTION_ALGORITHM</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: 1DES is not encryption</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: OAKLEY_DES_CBC is not supported. Attribute
OAKLEY_ENCRYPTION_ALGORITHM</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: no acceptable Oakley Transform</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163 #980: sending notification NO_PROPOSAL_CHOSEN to
80.6.166.163:500</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: "PaulIn"[4]
80.6.166.163: deleting connection "PaulIn" instance with peer
80.6.166.163 {isakmp=#0/ipsec=#0}</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: next payload type of ISAKMP Message has an
unknown value: 133</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: ASSERTION FAILED at
/home/build/rpmbuild/BUILD/libreswan-3.6rc1/programs/pluto/demux.c:196:
case 0 unexpected</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: using kernel interface: netkey</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: interface lo/lo 127.0.0.1</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: interface lo/lo 127.0.0.1</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: interface eth0/eth0 82.19.147.85</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: interface eth0/eth0 82.19.147.85</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: interface eth1/eth1 172.17.2.1</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: interface eth1/eth1 172.17.2.1</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: interface tun0/tun0 10.8.0.1</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: interface tun0/tun0 10.8.0.1</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: interface tun1/tun1 10.8.10.1</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: interface tun1/tun1 10.8.10.1</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: FIPS=disabled</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: SElinux=disabled</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: config setup options:</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: configdir=/etc, configfile=/etc/ipsec.conf,
secrets=/etc/ipsec.secrets, ipsecdir=/etc/ipsec.d,
dumpdir=/var/run/pluto</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: sbindir=/usr/sbin, libdir=/usr/libexec/ipsec,
libexecdir=/usr/libexec/ipsec</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: nhelpers=-1, uniqueids=yes, retransmits=yes,
force_busy=no</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: ikeport=500, strictcrlpolicy=no,
crlcheckinterval=0, listen=<any></tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: secctx_attr_value=0</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: %myid = (none)</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: debug none</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: nat_traversal=yes, keep_alive=20,
nat_ikeport=4500, disable_port_floating=no</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: virtual_private (%priv):</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: - allowed 3 subnets: 10.0.0.0/8, 192.168.0.0/16,
172.16.0.0/12</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: - disallowed 1 subnet: 172.17.2.0/24</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: ESP algorithms supported:</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=2, name=ESP_DES,
ivlen=8, keysizemin=64, keysizemax=64</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=3, name=ESP_3DES,
ivlen=8, keysizemin=192, keysizemax=192</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=6, name=ESP_CAST,
ivlen=8, keysizemin=40, keysizemax=128</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=7, name=ESP_BLOWFISH,
ivlen=8, keysizemin=40, keysizemax=448</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=11, name=ESP_NULL,
ivlen=0, keysizemin=0, keysizemax=0</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=12, name=ESP_AES,
ivlen=8, keysizemin=128, keysizemax=256</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=13, name=ESP_AES_CTR,
ivlen=8, keysizemin=128, keysizemax=256</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=14,
name=ESP_AES_CCM_A, ivlen=8, keysizemin=128, keysizemax=256</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=15,
name=ESP_AES_CCM_B, ivlen=8, keysizemin=128, keysizemax=256</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=16,
name=ESP_AES_CCM_C, ivlen=8, keysizemin=128, keysizemax=256</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=18,
name=ESP_AES_GCM_A, ivlen=8, keysizemin=160, keysizemax=288</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=19,
name=ESP_AES_GCM_B, ivlen=12, keysizemin=160, keysizemax=288</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=20,
name=ESP_AES_GCM_C, ivlen=16, keysizemin=160, keysizemax=288</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=22, name=ESP_CAMELLIA,
ivlen=8, keysizemin=128, keysizemax=256</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=252, name=ESP_SERPENT,
ivlen=8, keysizemin=128, keysizemax=256</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP encrypt: id=253, name=ESP_TWOFISH,
ivlen=8, keysizemin=128, keysizemax=256</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP auth attr: id=1,
name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP auth attr: id=2,
name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP auth attr: id=5,
name=AUTH_ALGORITHM_HMAC_SHA2_256, keysizemin=256, keysizemax=256</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP auth attr: id=6,
name=AUTH_ALGORITHM_HMAC_SHA2_384, keysizemin=384, keysizemax=384</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP auth attr: id=7,
name=AUTH_ALGORITHM_HMAC_SHA2_512, keysizemin=512, keysizemax=512</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP auth attr: id=8,
name=AUTH_ALGORITHM_HMAC_RIPEMD, keysizemin=160, keysizemax=160</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP auth attr: id=9,
name=AUTH_ALGORITHM_AES_CBC, keysizemin=128, keysizemax=128</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm ESP auth attr: id=251,
name=AUTH_ALGORITHM_NULL_KAME, keysizemin=0, keysizemax=0</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: IKE algorithms supported:</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE encrypt: id=0, name=(null),
blocksize=16, keydeflen=131</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE encrypt: id=5,
name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE encrypt: id=7,
name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE hash: id=1, name=OAKLEY_MD5,
hashsize=16</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE hash: id=2, name=OAKLEY_SHA1,
hashsize=20</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE hash: id=4, name=OAKLEY_SHA2_256,
hashsize=32</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE hash: id=5, name=OAKLEY_SHA2_384,
hashsize=48</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE hash: id=6, name=OAKLEY_SHA2_512,
hashsize=64</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE dh group: id=2,
name=OAKLEY_GROUP_MODP1024, bits=1024</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE dh group: id=5,
name=OAKLEY_GROUP_MODP1536, bits=1536</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE dh group: id=14,
name=OAKLEY_GROUP_MODP2048, bits=2048</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE dh group: id=15,
name=OAKLEY_GROUP_MODP3072, bits=3072</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE dh group: id=16,
name=OAKLEY_GROUP_MODP4096, bits=4096</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE dh group: id=17,
name=OAKLEY_GROUP_MODP6144, bits=6144</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE dh group: id=18,
name=OAKLEY_GROUP_MODP8192, bits=8192</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE dh group: id=22,
name=OAKLEY_GROUP_DH22, bits=1024</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE dh group: id=23,
name=OAKLEY_GROUP_DH23, bits=2048</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: algorithm IKE dh group: id=24,
name=OAKLEY_GROUP_DH24, bits=2048</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: stats db_ops: {curr_cnt, total_cnt, maxsz}
:context={0,0,0} trans={0,0,0} attrs={0,0,0} </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: Connection list:</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn":
172.17.2.0/24===82.19.147.85[@Nick]---82.19.147.1...82.30.103.217<82.30.103.217>===192.168.10.0/24;
erouted; eroute owner: #978</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": oriented; my_ip=172.17.2.1;
their_ip=unset;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": xauth info: us:none, them:none,
my_xauthuser=[any]; their_xauthuser=[any]; ;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": modecfg info: us:none, them:none,
modecfg policy:push, dns1:unset, dns2:unset;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": labeled_ipsec:no, loopback:no; </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": policy_label:unset; </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": ike_life: 86400s; ipsec_life: 86400s;
rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": sha2_truncbug:no; initial_contact:no;
cisco_unity:no;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": policy:
PSK+ENCRYPT+TUNNEL+PFS+DONTREKEY+IKEv2ALLOW+SAREFTRACK+IKE_FRAG; </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": prio: 24,24; interface: eth0; metric:
0, mtu: unset;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": dpd: action:clear; delay:30;
timeout:120; nat-t: force_encaps:no; nat_keepalive:yes;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": newest ISAKMP SA: #975; newest IPsec
SA: #978; </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": IKE algorithms wanted:
AES_CBC(7)_256-SHA1(2)_000-MODP2048(14)</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": IKE algorithms found:
AES_CBC(7)_256-SHA1(2)_160-MODP2048(14)</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": IKE algorithm newest:
AES_CBC_256-SHA1-MODP2048</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": ESP algorithms wanted:
AES(12)_256-MD5(1)_000, AES(12)_256-SHA1(2)_000</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": ESP algorithms loaded:
AES(12)_256-MD5(1)_128, AES(12)_256-SHA1(2)_160</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "MumIn": ESP algorithm newest:
AES_256-HMAC_SHA1; pfsgroup=<Phase1></tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn":
172.17.2.0/24===82.19.147.85<82.19.147.85>[@Nick]...%any===192.168.30.0/24;
unrouted; eroute owner: #0</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": oriented; my_ip=172.17.2.1;
their_ip=unset;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": xauth info: us:none, them:none,
my_xauthuser=[any]; their_xauthuser=[any]; ;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": modecfg info: us:none, them:none,
modecfg policy:push, dns1:unset, dns2:unset;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": labeled_ipsec:no, loopback:no; </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": policy_label:unset; </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": ike_life: 86400s; ipsec_life:
86400s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": sha2_truncbug:no;
initial_contact:no; cisco_unity:no;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": policy:
PSK+ENCRYPT+TUNNEL+PFS+DONTREKEY+IKEv2ALLOW+SAREFTRACK+IKE_FRAG; </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": prio: 24,24; interface: eth0;
metric: 0, mtu: unset;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": dpd: action:clear; delay:30;
timeout:120; nat-t: force_encaps:no; nat_keepalive:yes;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": newest ISAKMP SA: #0; newest IPsec
SA: #0; </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": IKE algorithms wanted:
AES_CBC(7)_256-SHA1(2)_000-MODP2048(14)</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": IKE algorithms found:
AES_CBC(7)_256-SHA1(2)_160-MODP2048(14)</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": ESP algorithms wanted:
AES(12)_256-SHA1(2)_000</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn": ESP algorithms loaded:
AES(12)_256-SHA1(2)_160</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]:
172.17.2.0/24===82.19.147.85<82.19.147.85>[@Nick]...88.104.19.209===192.168.30.0/24;
erouted; eroute owner: #979</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: oriented; my_ip=172.17.2.1;
their_ip=unset;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: xauth info: us:none, them:none,
my_xauthuser=[any]; their_xauthuser=[any]; ;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: modecfg info: us:none, them:none,
modecfg policy:push, dns1:unset, dns2:unset;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: labeled_ipsec:no, loopback:no; </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: policy_label:unset; </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: ike_life: 86400s; ipsec_life:
86400s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: sha2_truncbug:no;
initial_contact:no; cisco_unity:no;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: policy:
PSK+ENCRYPT+TUNNEL+PFS+DONTREKEY+IKEv2ALLOW+SAREFTRACK+IKE_FRAG; </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: prio: 24,24; interface: eth0;
metric: 0, mtu: unset;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: dpd: action:clear; delay:30;
timeout:120; nat-t: force_encaps:no; nat_keepalive:yes;</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: newest ISAKMP SA: #962; newest
IPsec SA: #979; </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: IKE algorithms wanted:
AES_CBC(7)_256-SHA1(2)_000-MODP2048(14)</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: IKE algorithms found:
AES_CBC(7)_256-SHA1(2)_160-MODP2048(14)</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: IKE algorithm newest:
AES_CBC_256-SHA1-MODP2048</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: ESP algorithms wanted:
AES(12)_256-SHA1(2)_000</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: ESP algorithms loaded:
AES(12)_256-SHA1(2)_160</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: "PaulIn"[3]: ESP algorithm newest:
AES_256-HMAC_SHA1; pfsgroup=<Phase1></tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: Total IPsec connections: loaded 3, active 2</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: State list:</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: #978: "MumIn":500 STATE_QUICK_R2 (IPsec SA
established); EVENT_SA_EXPIRE in 1398s; newest IPSEC; eroute
owner; isakmp#975; idle; import:not set</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: #978: "MumIn" <a class="moz-txt-link-abbreviated" href="mailto:esp.33658701@82.30.103.217">esp.33658701@82.30.103.217</a>
<a class="moz-txt-link-abbreviated" href="mailto:esp.706ba2e5@82.19.147.85">esp.706ba2e5@82.19.147.85</a> <a class="moz-txt-link-abbreviated" href="mailto:tun.0@82.30.103.217">tun.0@82.30.103.217</a> <a class="moz-txt-link-abbreviated" href="mailto:tun.0@82.19.147.85">tun.0@82.19.147.85</a>
ref=0 refhim=4294901761 Traffic: ESPin=5KB ESPout=38KB!
ESPmax=4194303B </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: #975: "MumIn":500 STATE_MAIN_R3 (sent MR3,
ISAKMP SA established); EVENT_SA_EXPIRE in 23434s; newest ISAKMP;
lastdpd=11s(seq in:17967 out:0); idle; import:not set</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: #979: "PaulIn"[3] 88.104.19.209:500
STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 1432s;
newest IPSEC; eroute owner; isakmp#962; idle; import:not set</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: #979: "PaulIn"[3] 88.104.19.209
<a class="moz-txt-link-abbreviated" href="mailto:esp.95f5a6d9@88.104.19.209">esp.95f5a6d9@88.104.19.209</a> <a class="moz-txt-link-abbreviated" href="mailto:esp.ffec7f13@82.19.147.85">esp.ffec7f13@82.19.147.85</a>
<a class="moz-txt-link-abbreviated" href="mailto:tun.0@88.104.19.209">tun.0@88.104.19.209</a> <a class="moz-txt-link-abbreviated" href="mailto:tun.0@82.19.147.85">tun.0@82.19.147.85</a> ref=0 refhim=4294901761
Traffic: ESPin=2KB ESPout=0B! ESPmax=4194303B </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: #962: "PaulIn"[3] 88.104.19.209:500
STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_EXPIRE
in 5561s; newest ISAKMP; lastdpd=8s(seq in:4474 out:0); idle;
import:not set</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: Shunt list:</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: </tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: ABORT at
/home/build/rpmbuild/BUILD/libreswan-3.6rc1/programs/pluto/demux.c:196</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server pluto[28831]: packet from
80.6.166.163:500: ABORT at
/home/build/rpmbuild/BUILD/libreswan-3.6rc1/programs/pluto/demux.c:196</tt><tt><br>
</tt><tt>Oct 6 20:01:47 server pluto[23487]: nss directory
plutomain: /etc/ipsec.d</tt><tt><br>
</tt><tt>Oct 6 20:01:47 server pluto[23487]: NSS Initialized</tt><tt><br>
</tt><tt>etc</tt><br>
<br>
and <br>
<br>
<tt>Oct 6 20:01:35 server ipsec__plutorun: !pluto failure!: exited
with error status 134 (signal 6)</tt><tt><br>
</tt><tt>Oct 6 20:01:35 server ipsec__plutorun: restarting IPsec
after pause...</tt><tt><br>
</tt><tt>Oct 6 20:01:47 server ipsec__plutorun: Starting Pluto
subsystem...</tt><tt><br>
</tt><tt>Oct 6 20:01:48 server ipsec__plutorun: !pluto failure!:
exited with error status 134 (signal 6)</tt><tt><br>
</tt><tt>Oct 6 20:01:48 server ipsec__plutorun: restarting IPsec
after pause...</tt><tt><br>
</tt><tt>etc</tt><br>
<br>
This happened 5 times last night and I've never seen it before.<br>
<br>
Note all logs with process owner pluto go into the first file, the
rest go into /var/log/secure as normal. This is achieved using
rsyslogd rather than modifying libreswan.<br>
<br>
Regards,<br>
<br>
Nick<br>
</body>
</html>