/var/log/auth.log: # Startup of OpenSwan: Jun 6 15:54:43 neptun pluto[1426]: Starting Pluto (Openswan Version 2.6.23; Vendor ID OEm@kgSFEH@\177) pid:1426 Jun 6 15:54:43 neptun pluto[1426]: Setting NAT-Traversal port-4500 floating to on Jun 6 15:54:43 neptun pluto[1426]: port floating activation criteria nat_t=1/port_float=1Jun 6 15:54:43 neptun pluto[1426]: including NAT-Traversal patch (Version 0.6c) Jun 6 15:54:43 neptun pluto[1426]: using /dev/urandom as source of random entropyJun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0) Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC: Ok (ret=0)Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC: Ok (ret=0) Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0) Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC: Ok (ret=0) Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok (ret=0) Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok (ret=0) Jun 6 15:54:43 neptun pluto[1426]: starting up 1 cryptographic helpers Jun 6 15:54:43 neptun pluto[1426]: started helper pid=1429 (fd:7)Jun 6 15:54:43 neptun pluto[1426]: Using Linux 2.6 IPsec interface code on 2.6.32-31-generic (experimental code) Jun 6 15:54:43 neptun pluto[1429]: using /dev/urandom as source of random entropy Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): Activating : Ok (ret=0)Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names Jun 6 15:54:43 neptun pluto[1426]: ike_alg_add(): ERROR: Algorithm already existsJun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): Activating : FAILED (ret=-17) Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names Jun 6 15:54:43 neptun pluto[1426]: ike_alg_add(): ERROR: Algorithm already exists Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): Activating : FAILED (ret=-17)Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names Jun 6 15:54:43 neptun pluto[1426]: ike_alg_add(): ERROR: Algorithm already exists Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): Activating : FAILED (ret=-17) Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names Jun 6 15:54:43 neptun pluto[1426]: ike_alg_add(): ERROR: Algorithm already exists Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): Activating : FAILED (ret=-17) Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names Jun 6 15:54:43 neptun pluto[1426]: ike_alg_add(): ERROR: Algorithm already exists Jun 6 15:54:43 neptun pluto[1426]: ike_alg_register_enc(): Activating : FAILED (ret=-17) Jun 6 15:54:43 neptun pluto[1426]: Changed path to directory '/etc/ipsec.d/cacerts' Jun 6 15:54:43 neptun pluto[1426]: Changed path to directory '/etc/ipsec.d/aacerts' Jun 6 15:54:43 neptun pluto[1426]: Changed path to directory '/etc/ipsec.d/ocspcerts' Jun 6 15:54:43 neptun pluto[1426]: Changing to directory '/etc/ipsec.d/crls' Jun 6 15:54:43 neptun pluto[1426]: Warning: empty directory Jun 6 15:54:43 neptun pluto[1426]: added connection description "L2TP-PSK-NAT" Jun 6 15:54:43 neptun pluto[1426]: added connection description "L2TP-PSK-noNAT" Jun 6 15:54:43 neptun pluto[1426]: added connection description "passthrough-for-non-l2tp" Jun 6 15:54:43 neptun pluto[1426]: listening for IKE messages Jun 6 15:54:43 neptun pluto[1426]: NAT-Traversal: Trying new style NAT-T Jun 6 15:54:43 neptun pluto[1426]: NAT-Traversal: ESPINUDP(1) setup failed for new style NAT-T family IPv4 (errno=19) Jun 6 15:54:43 neptun pluto[1426]: NAT-Traversal: Trying old style NAT-T Jun 6 15:54:43 neptun pluto[1426]: adding interface tun0/tun0 10.8.0.1:500 Jun 6 15:54:43 neptun pluto[1426]: adding interface tun0/tun0 10.8.0.1:4500 Jun 6 15:54:43 neptun pluto[1426]: adding interface eth0/eth0 192.168.0.108:500 Jun 6 15:54:43 neptun pluto[1426]: adding interface eth0/eth0 192.168.0.108:4500 Jun 6 15:54:43 neptun pluto[1426]: adding interface lo/lo 127.0.0.1:500 Jun 6 15:54:43 neptun pluto[1426]: adding interface lo/lo 127.0.0.1:4500 Jun 6 15:54:43 neptun pluto[1426]: adding interface lo/lo ::1:500 Jun 6 15:54:43 neptun pluto[1426]: loading secrets from "/etc/ipsec.secrets" # 1. Login: Jun 6 15:55:41 neptun pluto[1426]: packet from 91.57.150.43:500: received Vendor ID payload [RFC 3947] method set to=109 Jun 6 15:55:41 neptun pluto[1426]: packet from 91.57.150.43:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike] method set to=110 Jun 6 15:55:41 neptun pluto[1426]: packet from 91.57.150.43:500: ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8] Jun 6 15:55:41 neptun pluto[1426]: packet from 91.57.150.43:500: ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582] Jun 6 15:55:41 neptun pluto[1426]: packet from 91.57.150.43:500: ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285] Jun 6 15:55:41 neptun pluto[1426]: packet from 91.57.150.43:500: ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee] Jun 6 15:55:41 neptun pluto[1426]: packet from 91.57.150.43:500: ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b] Jun 6 15:55:41 neptun pluto[1426]: packet from 91.57.150.43:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 110 Jun 6 15:55:41 neptun pluto[1426]: packet from 91.57.150.43:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 110 Jun 6 15:55:41 neptun pluto[1426]: packet from 91.57.150.43:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110 Jun 6 15:55:41 neptun pluto[1426]: packet from 91.57.150.43:500: received Vendor ID payload [Dead Peer Detection] Jun 6 15:55:41 neptun pluto[1426]: "L2TP-PSK-NAT"[1] 91.57.150.43 #1: responding to Main Mode from unknown peer 91.57.150.43 Jun 6 15:55:41 neptun pluto[1426]: "L2TP-PSK-NAT"[1] 91.57.150.43 #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 Jun 6 15:55:41 neptun pluto[1426]: "L2TP-PSK-NAT"[1] 91.57.150.43 #1: STATE_MAIN_R1: sent MR1, expecting MI2 Jun 6 15:55:42 neptun pluto[1426]: "L2TP-PSK-NAT"[1] 91.57.150.43 #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): both are NATed Jun 6 15:55:42 neptun pluto[1426]: "L2TP-PSK-NAT"[1] 91.57.150.43 #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 Jun 6 15:55:42 neptun pluto[1426]: "L2TP-PSK-NAT"[1] 91.57.150.43 #1: STATE_MAIN_R2: sent MR2, expecting MI3 Jun 6 15:55:42 neptun pluto[1426]: "L2TP-PSK-NAT"[1] 91.57.150.43 #1: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000 Jun 6 15:55:42 neptun pluto[1426]: "L2TP-PSK-NAT"[1] 91.57.150.43 #1: Main mode peer ID is ID_IPV4_ADDR: '10.10.10.111' Jun 6 15:55:42 neptun pluto[1426]: "L2TP-PSK-NAT"[1] 91.57.150.43 #1: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT" Jun 6 15:55:42 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #1: deleting connection "L2TP-PSK-NAT" instance with peer 91.57.150.43 {isakmp=#0/ipsec=#0} Jun 6 15:55:42 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 Jun 6 15:55:42 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #1: new NAT mapping for #1, was 91.57.150.43:500, now 91.57.150.43:4500 Jun 6 15:55:42 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp1024} Jun 6 15:55:42 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #1: Dead Peer Detection (RFC 3706): enabled Jun 6 15:55:43 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #1: the peer proposed: 89.0.47.206/32:17/1701 -> 10.10.10.111/32:17/0 Jun 6 15:55:43 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #2: responding to Quick Mode proposal {msgid:020a7080} Jun 6 15:55:43 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #2: us: 192.168.0.108<192.168.0.108>[+S=C]:17/1701---192.168.0.1 Jun 6 15:55:43 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #2: them: 91.57.150.43[10.10.10.111,+S=C]:17/61418 Jun 6 15:55:43 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 Jun 6 15:55:43 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #2: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 Jun 6 15:55:43 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #2: Dead Peer Detection (RFC 3706): enabled Jun 6 15:55:43 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 Jun 6 15:55:43 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #2: STATE_QUICK_R2: IPsec SA established transport mode {ESP/NAT=>0x069b6d07 <0x4534cd5a xfrm=AES_256-HMAC_SHA1 NATOA=none NATD=91.57.150.43:4500 DPD=enabled} # 2. Login: Jun 6 15:56:43 neptun pluto[1426]: ERROR: asynchronous network error report on eth0 (sport=4500) for message to 91.57.150.43 port 4500, complainant 91.57.150.43: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Jun 6 15:57:13 neptun pluto[1426]: ERROR: asynchronous network error report on eth0 (sport=4500) for message to 91.57.150.43 port 4500, complainant 91.57.150.43: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Jun 6 15:57:17 neptun pluto[1426]: packet from 91.57.150.43:500: received Vendor ID payload [RFC 3947] method set to=109 Jun 6 15:57:17 neptun pluto[1426]: packet from 91.57.150.43:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike] method set to=110 Jun 6 15:57:17 neptun pluto[1426]: packet from 91.57.150.43:500: ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8] Jun 6 15:57:17 neptun pluto[1426]: packet from 91.57.150.43:500: ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582] Jun 6 15:57:17 neptun pluto[1426]: packet from 91.57.150.43:500: ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285] Jun 6 15:57:17 neptun pluto[1426]: packet from 91.57.150.43:500: ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee] Jun 6 15:57:17 neptun pluto[1426]: packet from 91.57.150.43:500: ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b] Jun 6 15:57:17 neptun pluto[1426]: packet from 91.57.150.43:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 110 Jun 6 15:57:17 neptun pluto[1426]: packet from 91.57.150.43:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 110 Jun 6 15:57:17 neptun pluto[1426]: packet from 91.57.150.43:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110 Jun 6 15:57:17 neptun pluto[1426]: packet from 91.57.150.43:500: received Vendor ID payload [Dead Peer Detection] Jun 6 15:57:17 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #3: responding to Main Mode from unknown peer 91.57.150.43 Jun 6 15:57:17 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #3: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 Jun 6 15:57:17 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #3: STATE_MAIN_R1: sent MR1, expecting MI2 Jun 6 15:57:17 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #3: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): both are NATed Jun 6 15:57:17 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #3: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 Jun 6 15:57:17 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #3: STATE_MAIN_R2: sent MR2, expecting MI3 Jun 6 15:57:17 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #3: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000 Jun 6 15:57:17 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #3: Main mode peer ID is ID_IPV4_ADDR: '10.10.10.111' Jun 6 15:57:17 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #3: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 Jun 6 15:57:17 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #3: new NAT mapping for #3, was 91.57.150.43:500, now 91.57.150.43:4500 Jun 6 15:57:17 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #3: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp1024} Jun 6 15:57:17 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #3: Dead Peer Detection (RFC 3706): enabled Jun 6 15:57:18 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #3: the peer proposed: 89.0.47.206/32:17/1701 -> 10.10.10.111/32:17/61418 Jun 6 15:57:18 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #4: responding to Quick Mode proposal {msgid:6c2ebcb0} Jun 6 15:57:18 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #4: us: 192.168.0.108<192.168.0.108>[+S=C]:17/1701---192.168.0.1 Jun 6 15:57:18 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #4: them: 91.57.150.43[10.10.10.111,+S=C]:17/61418 Jun 6 15:57:18 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #4: keeping refhim=4294901761 during rekey Jun 6 15:57:18 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #4: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 Jun 6 15:57:18 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #4: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 Jun 6 15:57:18 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #4: Dead Peer Detection (RFC 3706): enabled Jun 6 15:57:18 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #4: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 Jun 6 15:57:18 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #4: STATE_QUICK_R2: IPsec SA established transport mode {ESP/NAT=>0x0c47ac30 <0xb87c81ae xfrm=AES_256-HMAC_SHA1 NATOA=none NATD=91.57.150.43:4500 DPD=enabled} Jun 6 15:57:43 neptun pluto[1426]: ERROR: asynchronous network error report on eth0 (sport=4500) for message to 91.57.150.43 port 4500, complainant 91.57.150.43: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Jun 6 15:58:14 neptun pluto[1426]: ERROR: asynchronous network error report on eth0 (sport=4500) for message to 91.57.150.43 port 4500, complainant 91.57.150.43: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Jun 6 15:58:43 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #1: DPD: No response from peer - declaring peer dead Jun 6 15:58:43 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43 #1: DPD: Clearing Connection Jun 6 15:58:43 neptun pluto[1426]: "L2TP-PSK-NAT" #2: deleting state (STATE_QUICK_R2) Jun 6 15:58:43 neptun pluto[1426]: "L2TP-PSK-NAT" #1: deleting state (STATE_MAIN_R3) Jun 6 15:58:43 neptun pluto[1426]: "L2TP-PSK-NAT" #4: deleting state (STATE_QUICK_R2) Jun 6 15:58:43 neptun pluto[1426]: "L2TP-PSK-NAT" #4: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@192.168.0.108 was too long: 168 > 36 Jun 6 15:58:43 neptun pluto[1426]: | raw_eroute result=0 Jun 6 15:58:43 neptun pluto[1426]: "L2TP-PSK-NAT" #3: deleting state (STATE_MAIN_R3) Jun 6 15:58:43 neptun pluto[1426]: "L2TP-PSK-NAT"[2] 91.57.150.43: deleting connection "L2TP-PSK-NAT" instance with peer 91.57.150.43 {isakmp=#0/ipsec=#0} Jun 6 15:58:43 neptun pluto[1426]: "L2TP-PSK-NAT": netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy eroute_connection delete inbound was too long: 100 > 36 Jun 6 15:58:43 neptun pluto[1426]: "L2TP-PSK-NAT": netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy eroute_connection delete inbound was too long: 100 > 36 Jun 6 15:58:43 neptun pluto[1426]: ERROR: asynchronous network error report on eth0 (sport=4500) for message to 91.57.150.43 port 4500, complainant 91.57.150.43: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]