VPN IPsec não reconecta após queda
-
Tenho uma VPN IPsec entre kerio control e Pfsense
O servidor é o Kerio control e o cliente Pfsense
Estou com um problema estranho, quando desativo a VPN do lado do server, ao reativar a VPN não volta a conectar.
O Pfsense continua mostrando a VPN como ativa porem perde os registros SA.Segue log.
Jun 6 08:53:49 charon 06[CFG] vici client 7865 connected Jun 6 08:53:49 charon 06[CFG] vici client 7865 connected Jun 6 08:53:49 charon 06[CFG] vici client 7865 registered for: list-sa Jun 6 08:53:49 charon 06[CFG] vici client 7865 registered for: list-sa Jun 6 08:53:49 charon 05[CFG] vici client 7865 requests: list-sas Jun 6 08:53:49 charon 05[CFG] vici client 7865 requests: list-sas Jun 6 08:53:49 charon 06[CFG] vici client 7865 disconnected Jun 6 08:53:49 charon 06[CFG] vici client 7865 disconnected Jun 6 08:53:55 charon 05[CFG] vici client 7866 connected Jun 6 08:53:55 charon 05[CFG] vici client 7866 connected Jun 6 08:53:55 charon 09[CFG] vici client 7866 registered for: list-sa Jun 6 08:53:55 charon 09[CFG] vici client 7866 registered for: list-sa Jun 6 08:53:55 charon 05[CFG] vici client 7866 requests: list-sas Jun 6 08:53:55 charon 05[CFG] vici client 7866 requests: list-sas Jun 6 08:53:55 charon 05[CFG] vici client 7866 disconnected Jun 6 08:53:55 charon 05[CFG] vici client 7866 disconnected Jun 6 08:53:58 charon 05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes) Jun 6 08:53:58 charon 05[NET] <con1000|112> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes) Jun 6 08:53:58 charon 05[ENC] parsed INFORMATIONAL_V1 request 3077046638 [ HASH D ] Jun 6 08:53:58 charon 05[ENC] <con1000|112> parsed INFORMATIONAL_V1 request 3077046638 [ HASH D ] Jun 6 08:53:58 charon 05[IKE] received DELETE for ESP CHILD_SA with SPI cebb53ef Jun 6 08:53:58 charon 05[IKE] <con1000|112> received DELETE for ESP CHILD_SA with SPI cebb53ef Jun 6 08:53:58 charon 05[CHD] CHILD_SA con1000{3859} state change: INSTALLED => DELETING Jun 6 08:53:58 charon 05[CHD] <con1000|112> CHILD_SA con1000{3859} state change: INSTALLED => DELETING Jun 6 08:53:58 charon 05[IKE] closing CHILD_SA con1000{3859} with SPIs c07c6d8c_i (22848 bytes) cebb53ef_o (41344 bytes) and TS 10.2.2.0/24|/0 === 10.1.1.0/24|/0 Jun 6 08:53:58 charon 05[IKE] <con1000|112> closing CHILD_SA con1000{3859} with SPIs c07c6d8c_i (22848 bytes) cebb53ef_o (41344 bytes) and TS 10.2.2.0/24|/0 === 10.1.1.0/24|/0 Jun 6 08:53:58 charon 05[CHD] CHILD_SA con1000{3859} state change: DELETING => DESTROYING Jun 6 08:53:58 charon 05[CHD] <con1000|112> CHILD_SA con1000{3859} state change: DELETING => DESTROYING Jun 6 08:53:58 charon 09[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes) Jun 6 08:53:58 charon 09[NET] <con1000|112> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes) Jun 6 08:53:58 charon 09[ENC] parsed INFORMATIONAL_V1 request 1817637594 [ HASH D ] Jun 6 08:53:58 charon 09[ENC] <con1000|112> parsed INFORMATIONAL_V1 request 1817637594 [ HASH D ] Jun 6 08:53:58 charon 09[IKE] received DELETE for IKE_SA con1000[112] Jun 6 08:53:58 charon 09[IKE] <con1000|112> received DELETE for IKE_SA con1000[112] Jun 6 08:53:58 charon 09[IKE] deleting IKE_SA con1000[112] between 192.168.11.158[192.168.11.158]...192.168.10.139[192.168.10.139] Jun 6 08:53:58 charon 09[IKE] <con1000|112> deleting IKE_SA con1000[112] between 192.168.11.158[192.168.11.158]...192.168.10.139[192.168.10.139] Jun 6 08:53:58 charon 09[IKE] IKE_SA con1000[112] state change: ESTABLISHED => DELETING Jun 6 08:53:58 charon 09[IKE] <con1000|112> IKE_SA con1000[112] state change: ESTABLISHED => DELETING Jun 6 08:53:58 charon 09[IKE] IKE_SA con1000[112] state change: DELETING => DELETING Jun 6 08:53:58 charon 09[IKE] <con1000|112> IKE_SA con1000[112] state change: DELETING => DELETING Jun 6 08:53:58 charon 09[IKE] IKE_SA con1000[112] state change: DELETING => DESTROYING Jun 6 08:53:58 charon 09[IKE] <con1000|112> IKE_SA con1000[112] state change: DELETING => DESTROYING Jun 6 08:53:58 charon 09[KNL] creating acquire job for policy 192.168.11.158/32|/0 === 192.168.10.139/32|/0 with reqid {16} Jun 6 08:53:58 charon 09[KNL] creating acquire job for policy 192.168.11.158/32|/0 === 192.168.10.139/32|/0 with reqid {16} Jun 6 08:53:58 charon 05[IKE] queueing ISAKMP_VENDOR task Jun 6 08:53:58 charon 05[IKE] <con1000|113> queueing ISAKMP_VENDOR task Jun 6 08:53:58 charon 05[IKE] queueing ISAKMP_CERT_PRE task Jun 6 08:53:58 charon 05[IKE] <con1000|113> queueing ISAKMP_CERT_PRE task Jun 6 08:53:58 charon 05[IKE] queueing MAIN_MODE task Jun 6 08:53:58 charon 05[IKE] <con1000|113> queueing MAIN_MODE task Jun 6 08:53:58 charon 05[IKE] queueing ISAKMP_CERT_POST task Jun 6 08:53:58 charon 05[IKE] <con1000|113> queueing ISAKMP_CERT_POST task Jun 6 08:53:58 charon 05[IKE] queueing ISAKMP_NATD task Jun 6 08:53:58 charon 05[IKE] <con1000|113> queueing ISAKMP_NATD task Jun 6 08:53:58 charon 05[IKE] queueing QUICK_MODE task Jun 6 08:53:58 charon 05[IKE] <con1000|113> queueing QUICK_MODE task Jun 6 08:53:58 charon 05[IKE] activating new tasks Jun 6 08:53:58 charon 05[IKE] <con1000|113> activating new tasks Jun 6 08:53:58 charon 05[IKE] activating ISAKMP_VENDOR task Jun 6 08:53:58 charon 05[IKE] <con1000|113> activating ISAKMP_VENDOR task Jun 6 08:53:58 charon 05[IKE] activating ISAKMP_CERT_PRE task Jun 6 08:53:58 charon 05[IKE] <con1000|113> activating ISAKMP_CERT_PRE task Jun 6 08:53:58 charon 05[IKE] activating MAIN_MODE task Jun 6 08:53:58 charon 05[IKE] <con1000|113> activating MAIN_MODE task Jun 6 08:53:58 charon 05[IKE] activating ISAKMP_CERT_POST task Jun 6 08:53:58 charon 05[IKE] <con1000|113> activating ISAKMP_CERT_POST task Jun 6 08:53:58 charon 05[IKE] activating ISAKMP_NATD task Jun 6 08:53:58 charon 05[IKE] <con1000|113> activating ISAKMP_NATD task Jun 6 08:53:58 charon 05[IKE] sending XAuth vendor ID Jun 6 08:53:58 charon 05[IKE] <con1000|113> sending XAuth vendor ID Jun 6 08:53:58 charon 05[IKE] sending DPD vendor ID Jun 6 08:53:58 charon 05[IKE] <con1000|113> sending DPD vendor ID Jun 6 08:53:58 charon 05[IKE] sending FRAGMENTATION vendor ID Jun 6 08:53:58 charon 05[IKE] <con1000|113> sending FRAGMENTATION vendor ID Jun 6 08:53:58 charon 05[IKE] sending NAT-T (RFC 3947) vendor ID Jun 6 08:53:58 charon 05[IKE] <con1000|113> sending NAT-T (RFC 3947) vendor ID Jun 6 08:53:58 charon 05[IKE] sending draft-ietf-ipsec-nat-t-ike-02\n vendor ID Jun 6 08:53:58 charon 05[IKE] <con1000|113> sending draft-ietf-ipsec-nat-t-ike-02\n vendor ID Jun 6 08:53:58 charon 05[IKE] initiating Main Mode IKE_SA con1000[113] to 192.168.10.139 Jun 6 08:53:58 charon 05[IKE] <con1000|113> initiating Main Mode IKE_SA con1000[113] to 192.168.10.139 Jun 6 08:53:58 charon 05[IKE] IKE_SA con1000[113] state change: CREATED => CONNECTING Jun 6 08:53:58 charon 05[IKE] <con1000|113> IKE_SA con1000[113] state change: CREATED => CONNECTING Jun 6 08:53:58 charon 05[CFG] configured proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048 Jun 6 08:53:58 charon 05[CFG] <con1000|113> configured proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048 Jun 6 08:53:58 charon 05[ENC] generating ID_PROT request 0 [ SA V V V V V ] Jun 6 08:53:58 charon 05[ENC] <con1000|113> generating ID_PROT request 0 [ SA V V V V V ] Jun 6 08:53:58 charon 05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (180 bytes) Jun 6 08:53:58 charon 05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (180 bytes) Jun 6 08:53:58 charon 05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (160 bytes) Jun 6 08:53:58 charon 05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (160 bytes) Jun 6 08:53:58 charon 05[ENC] parsed ID_PROT response 0 [ SA V V V V ] Jun 6 08:53:58 charon 05[ENC] <con1000|113> parsed ID_PROT response 0 [ SA V V V V ] Jun 6 08:53:58 charon 05[IKE] received XAuth vendor ID Jun 6 08:53:58 charon 05[IKE] <con1000|113> received XAuth vendor ID Jun 6 08:53:58 charon 05[IKE] received DPD vendor ID Jun 6 08:53:58 charon 05[IKE] <con1000|113> received DPD vendor ID Jun 6 08:53:58 charon 05[IKE] received FRAGMENTATION vendor ID Jun 6 08:53:58 charon 05[IKE] <con1000|113> received FRAGMENTATION vendor ID Jun 6 08:53:58 charon 05[IKE] received NAT-T (RFC 3947) vendor ID Jun 6 08:53:58 charon 05[IKE] <con1000|113> received NAT-T (RFC 3947) vendor ID Jun 6 08:53:58 charon 05[CFG] selecting proposal: Jun 6 08:53:58 charon 05[CFG] <con1000|113> selecting proposal: Jun 6 08:53:58 charon 05[CFG] proposal matches Jun 6 08:53:58 charon 05[CFG] <con1000|113> proposal matches Jun 6 08:53:58 charon 05[CFG] received proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048 Jun 6 08:53:58 charon 05[CFG] <con1000|113> received proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048 Jun 6 08:53:58 charon 05[CFG] configured proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048 Jun 6 08:53:58 charon 05[CFG] <con1000|113> configured proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048 Jun 6 08:53:58 charon 05[CFG] selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048 Jun 6 08:53:58 charon 05[CFG] <con1000|113> selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048 Jun 6 08:53:58 charon 05[IKE] reinitiating already active tasks Jun 6 08:53:58 charon 05[IKE] <con1000|113> reinitiating already active tasks Jun 6 08:53:58 charon 05[IKE] ISAKMP_VENDOR task Jun 6 08:53:58 charon 05[IKE] <con1000|113> ISAKMP_VENDOR task Jun 6 08:53:58 charon 05[IKE] MAIN_MODE task Jun 6 08:53:58 charon 05[IKE] <con1000|113> MAIN_MODE task Jun 6 08:53:58 charon 05[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ] Jun 6 08:53:58 charon 05[ENC] <con1000|113> generating ID_PROT request 0 [ KE No NAT-D NAT-D ] Jun 6 08:53:58 charon 05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (372 bytes) Jun 6 08:53:58 charon 05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (372 bytes) Jun 6 08:53:58 charon 05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (372 bytes) Jun 6 08:53:58 charon 05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (372 bytes) Jun 6 08:53:58 charon 05[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ] Jun 6 08:53:58 charon 05[ENC] <con1000|113> parsed ID_PROT response 0 [ KE No NAT-D NAT-D ] Jun 6 08:53:58 charon 05[IKE] reinitiating already active tasks Jun 6 08:53:58 charon 05[IKE] <con1000|113> reinitiating already active tasks Jun 6 08:53:58 charon 05[IKE] ISAKMP_VENDOR task Jun 6 08:53:58 charon 05[IKE] <con1000|113> ISAKMP_VENDOR task Jun 6 08:53:58 charon 05[IKE] MAIN_MODE task Jun 6 08:53:58 charon 05[IKE] <con1000|113> MAIN_MODE task Jun 6 08:53:58 charon 05[ENC] generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ] Jun 6 08:53:58 charon 05[ENC] <con1000|113> generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ] Jun 6 08:53:58 charon 05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (108 bytes) Jun 6 08:53:58 charon 05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (108 bytes) Jun 6 08:53:58 charon 05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes) Jun 6 08:53:58 charon 05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes) Jun 6 08:53:58 charon 05[ENC] parsed ID_PROT response 0 [ ID HASH ] Jun 6 08:53:58 charon 05[ENC] <con1000|113> parsed ID_PROT response 0 [ ID HASH ] Jun 6 08:53:58 charon 05[IKE] IKE_SA con1000[113] established between 192.168.11.158[192.168.11.158]...192.168.10.139[192.168.10.139] Jun 6 08:53:58 charon 05[IKE] <con1000|113> IKE_SA con1000[113] established between 192.168.11.158[192.168.11.158]...192.168.10.139[192.168.10.139] Jun 6 08:53:58 charon 05[IKE] IKE_SA con1000[113] state change: CONNECTING => ESTABLISHED Jun 6 08:53:58 charon 05[IKE] <con1000|113> IKE_SA con1000[113] state change: CONNECTING => ESTABLISHED Jun 6 08:53:58 charon 05[IKE] activating new tasks Jun 6 08:53:58 charon 05[IKE] <con1000|113> activating new tasks Jun 6 08:53:58 charon 05[IKE] activating QUICK_MODE task Jun 6 08:53:58 charon 05[IKE] <con1000|113> activating QUICK_MODE task Jun 6 08:53:58 charon 05[CFG] configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ Jun 6 08:53:58 charon 05[CFG] <con1000|113> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ Jun 6 08:53:58 charon 05[CFG] configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ Jun 6 08:53:58 charon 05[CFG] <con1000|113> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ Jun 6 08:53:58 charon 05[CFG] proposing traffic selectors for us: Jun 6 08:53:58 charon 05[CFG] <con1000|113> proposing traffic selectors for us: Jun 6 08:53:58 charon 05[CFG] 10.2.2.0/24|/0 Jun 6 08:53:58 charon 05[CFG] <con1000|113> 10.2.2.0/24|/0 Jun 6 08:53:58 charon 05[CFG] proposing traffic selectors for other: Jun 6 08:53:58 charon 05[CFG] <con1000|113> proposing traffic selectors for other: Jun 6 08:53:58 charon 05[CFG] 10.1.1.0/24|/0 Jun 6 08:53:58 charon 05[CFG] <con1000|113> 10.1.1.0/24|/0 Jun 6 08:53:58 charon 05[ENC] generating QUICK_MODE request 2925514357 [ HASH SA No ID ID ] Jun 6 08:53:58 charon 05[ENC] <con1000|113> generating QUICK_MODE request 2925514357 [ HASH SA No ID ID ] Jun 6 08:53:58 charon 05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (172 bytes) Jun 6 08:53:58 charon 05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (172 bytes) Jun 6 08:53:58 charon 05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes) Jun 6 08:53:58 charon 05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes) Jun 6 08:53:58 charon 05[ENC] parsed INFORMATIONAL_V1 request 3295040018 [ HASH N(INVAL_ID) ] Jun 6 08:53:58 charon 05[ENC] <con1000|113> parsed INFORMATIONAL_V1 request 3295040018 [ HASH N(INVAL_ID) ] Jun 6 08:53:58 charon 05[IKE] received INVALID_ID_INFORMATION error notify Jun 6 08:53:58 charon 05[IKE] <con1000|113> received INVALID_ID_INFORMATION error notify Jun 6 08:53:58 charon 05[CHD] CHILD_SA con1000{3860} state change: CREATED => DESTROYING Jun 6 08:53:58 charon 05[CHD] <con1000|113> CHILD_SA con1000{3860} state change: CREATED => DESTROYING Jun 6 08:54:01 charon 09[CFG] vici client 7867 connected Jun 6 08:54:01 charon 08[CFG] vici client 7867 registered for: list-sa Jun 6 08:54:01 charon 09[CFG] vici client 7867 connected Jun 6 08:54:01 charon 08[CFG] vici client 7867 registered for: list-sa Jun 6 08:54:01 charon 08[CFG] vici client 7867 requests: list-sas Jun 6 08:54:01 charon 08[CFG] vici client 7867 requests: list-sas Jun 6 08:54:01 charon 08[CFG] vici client 7867 disconnected Jun 6 08:54:01 charon 08[CFG] vici client 7867 disconnected Jun 6 08:54:07 charon 07[CFG] vici client 7868 connected Jun 6 08:54:07 charon 07[CFG] vici client 7868 connected Jun 6 08:54:07 charon 13[CFG] vici client 7868 registered for: list-sa Jun 6 08:54:07 charon 13[CFG] vici client 7868 registered for: list-sa Jun 6 08:54:07 charon 07[CFG] vici client 7868 requests: list-sas Jun 6 08:54:07 charon 07[CFG] vici client 7868 requests: list-sas Jun 6 08:54:07 charon 05[CFG] vici client 7868 disconnected Jun 6 08:54:07 charon 05[CFG] vici client 7868 disconnected Jun 6 08:54:08 charon 05[IKE] sending DPD request Jun 6 08:54:08 charon 05[IKE] <con1000|113> sending DPD request Jun 6 08:54:08 charon 05[IKE] queueing ISAKMP_DPD task Jun 6 08:54:08 charon 05[IKE] <con1000|113> queueing ISAKMP_DPD task Jun 6 08:54:08 charon 05[IKE] activating new tasks Jun 6 08:54:08 charon 05[IKE] <con1000|113> activating new tasks Jun 6 08:54:08 charon 05[IKE] activating ISAKMP_DPD task Jun 6 08:54:08 charon 05[IKE] <con1000|113> activating ISAKMP_DPD task Jun 6 08:54:08 charon 05[ENC] generating INFORMATIONAL_V1 request 2257420365 [ HASH N(DPD) ] Jun 6 08:54:08 charon 05[ENC] <con1000|113> generating INFORMATIONAL_V1 request 2257420365 [ HASH N(DPD) ] Jun 6 08:54:08 charon 05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (92 bytes) Jun 6 08:54:08 charon 05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (92 bytes) Jun 6 08:54:08 charon 05[IKE] activating new tasks Jun 6 08:54:08 charon 05[IKE] <con1000|113> activating new tasks Jun 6 08:54:08 charon 05[IKE] nothing to initiate Jun 6 08:54:08 charon 05[IKE] <con1000|113> nothing to initiate Jun 6 08:54:08 charon 05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes) Jun 6 08:54:08 charon 05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes) Jun 6 08:54:08 charon 05[ENC] parsed INFORMATIONAL_V1 request 3545185375 [ HASH N(DPD_ACK) ] Jun 6 08:54:08 charon 05[ENC] <con1000|113> parsed INFORMATIONAL_V1 request 3545185375 [ HASH N(DPD_ACK) ] Jun 6 08:54:08 charon 05[IKE] activating new tasks Jun 6 08:54:08 charon 05[IKE] <con1000|113> activating new tasks Jun 6 08:54:08 charon 05[IKE] nothing to initiate Jun 6 08:54:08 charon 05[IKE] <con1000|113> nothing to initiate Jun 6 08:54:10 charon 05[KNL] creating acquire job for policy 192.168.11.158/32|/0 === 192.168.10.139/32|/0 with reqid {16} Jun 6 08:54:10 charon 05[KNL] creating acquire job for policy 192.168.11.158/32|/0 === 192.168.10.139/32|/0 with reqid {16} Jun 6 08:54:10 charon 07[IKE] queueing QUICK_MODE task Jun 6 08:54:10 charon 07[IKE] <con1000|113> queueing QUICK_MODE task Jun 6 08:54:10 charon 07[IKE] activating new tasks Jun 6 08:54:10 charon 07[IKE] <con1000|113> activating new tasks Jun 6 08:54:10 charon 07[IKE] activating QUICK_MODE task Jun 6 08:54:10 charon 07[IKE] <con1000|113> activating QUICK_MODE task Jun 6 08:54:10 charon 07[CFG] configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ Jun 6 08:54:10 charon 07[CFG] <con1000|113> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ Jun 6 08:54:10 charon 07[CFG] configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ Jun 6 08:54:10 charon 07[CFG] <con1000|113> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ Jun 6 08:54:10 charon 07[CFG] proposing traffic selectors for us: Jun 6 08:54:10 charon 07[CFG] <con1000|113> proposing traffic selectors for us: Jun 6 08:54:10 charon 07[CFG] 10.2.2.0/24|/0 Jun 6 08:54:10 charon 07[CFG] <con1000|113> 10.2.2.0/24|/0 Jun 6 08:54:10 charon 07[CFG] proposing traffic selectors for other: Jun 6 08:54:10 charon 07[CFG] <con1000|113> proposing traffic selectors for other: Jun 6 08:54:10 charon 07[CFG] 10.1.1.0/24|/0 Jun 6 08:54:10 charon 07[CFG] <con1000|113> 10.1.1.0/24|/0 Jun 6 08:54:10 charon 07[ENC] generating QUICK_MODE request 232060376 [ HASH SA No ID ID ] Jun 6 08:54:10 charon 07[ENC] <con1000|113> generating QUICK_MODE request 232060376 [ HASH SA No ID ID ] Jun 6 08:54:10 charon 07[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (172 bytes) Jun 6 08:54:10 charon 07[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (172 bytes) Jun 6 08:54:10 charon 07[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes) Jun 6 08:54:10 charon 07[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes) Jun 6 08:54:10 charon 07[ENC] parsed INFORMATIONAL_V1 request 2551075680 [ HASH N(INVAL_ID) ] Jun 6 08:54:10 charon 07[ENC] <con1000|113> parsed INFORMATIONAL_V1 request 2551075680 [ HASH N(INVAL_ID) ] Jun 6 08:54:10 charon 07[IKE] received INVALID_ID_INFORMATION error notify Jun 6 08:54:10 charon 07[IKE] <con1000|113> received INVALID_ID_INFORMATION error notify Jun 6 08:54:10 charon 07[CHD] CHILD_SA con1000{3861} state change: CREATED => DESTROYING Jun 6 08:54:10 charon 07[CHD] <con1000|113> CHILD_SA con1000{3861} state change: CREATED => DESTROYING Jun 6 08:54:13 charon 05[CFG] vici client 7869 connected Jun 6 08:54:13 charon 05[CFG] vici client 7869 connected Jun 6 08:54:13 charon 08[CFG] vici client 7869 registered for: list-sa Jun 6 08:54:13 charon 08[CFG] vici client 7869 registered for: list-sa Jun 6 08:54:13 charon 07[CFG] vici client 7869 requests: list-sas Jun 6 08:54:13 charon 07[CFG] vici client 7869 requests: list-sas Jun 6 08:54:13 charon 07[CFG] vici client 7869 disconnected Jun 6 08:54:13 charon 07[CFG] vici client 7869 disconnected Jun 6 08:54:19 charon 05[CFG] vici client 7870 connected Jun 6 08:54:19 charon 05[CFG] vici client 7870 connected Jun 6 08:54:19 charon 10[CFG] vici client 7870 registered for: list-sa Jun 6 08:54:19 charon 10[CFG] vici client 7870 registered for: list-sa Jun 6 08:54:19 charon 05[CFG] vici client 7870 requests: list-sas Jun 6 08:54:19 charon 05[CFG] vici client 7870 requests: list-sas Jun 6 08:54:19 charon 07[CFG] vici client 7870 disconnected Jun 6 08:54:19 charon 07[CFG] vici client 7870 disconnected Jun 6 08:54:21 charon 07[IKE] sending DPD request Jun 6 08:54:21 charon 07[IKE] <con1000|113> sending DPD request Jun 6 08:54:21 charon 07[IKE] queueing ISAKMP_DPD task Jun 6 08:54:21 charon 07[IKE] <con1000|113> queueing ISAKMP_DPD task Jun 6 08:54:21 charon 07[IKE] activating new tasks Jun 6 08:54:21 charon 07[IKE] <con1000|113> activating new tasks Jun 6 08:54:21 charon 07[IKE] activating ISAKMP_DPD task Jun 6 08:54:21 charon 07[IKE] <con1000|113> activating ISAKMP_DPD task Jun 6 08:54:21 charon 07[ENC] generating INFORMATIONAL_V1 request 4279125103 [ HASH N(DPD) ] Jun 6 08:54:21 charon 07[ENC] <con1000|113> generating INFORMATIONAL_V1 request 4279125103 [ HASH N(DPD) ] Jun 6 08:54:21 charon 07[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (92 bytes) Jun 6 08:54:21 charon 07[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (92 bytes) Jun 6 08:54:21 charon 07[IKE] activating new tasks Jun 6 08:54:21 charon 07[IKE] <con1000|113> activating new tasks Jun 6 08:54:21 charon 07[IKE] nothing to initiate Jun 6 08:54:21 charon 07[IKE] <con1000|113> nothing to initiate Jun 6 08:54:21 charon 07[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes) Jun 6 08:54:21 charon 07[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes) Jun 6 08:54:21 charon 07[ENC] parsed INFORMATIONAL_V1 request 4279903309 [ HASH N(DPD_ACK) ] Jun 6 08:54:21 charon 07[ENC] <con1000|113> parsed INFORMATIONAL_V1 request 4279903309 [ HASH N(DPD_ACK) ] Jun 6 08:54:21 charon 07[IKE] activating new tasks Jun 6 08:54:21 charon 07[IKE] <con1000|113> activating new tasks Jun 6 08:54:21 charon 07[IKE] nothing to initiate Jun 6 08:54:21 charon 07[IKE] <con1000|113> nothing to initiate Jun 6 08:54:22 charon 07[KNL] creating acquire job for policy 192.168.11.158/32|/0 === 192.168.10.139/32|/0 with reqid {16} Jun 6 08:54:22 charon 07[KNL] creating acquire job for policy 192.168.11.158/32|/0 === 192.168.10.139/32|/0 with reqid {16} Jun 6 08:54:22 charon 05[IKE] queueing QUICK_MODE task Jun 6 08:54:22 charon 05[IKE] <con1000|113> queueing QUICK_MODE task Jun 6 08:54:22 charon 05[IKE] activating new tasks Jun 6 08:54:22 charon 05[IKE] <con1000|113> activating new tasks Jun 6 08:54:22 charon 05[IKE] activating QUICK_MODE task Jun 6 08:54:22 charon 05[IKE] <con1000|113> activating QUICK_MODE task Jun 6 08:54:22 charon 05[CFG] configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ Jun 6 08:54:22 charon 05[CFG] <con1000|113> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ Jun 6 08:54:22 charon 05[CFG] configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ Jun 6 08:54:22 charon 05[CFG] <con1000|113> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ Jun 6 08:54:22 charon 05[CFG] proposing traffic selectors for us: Jun 6 08:54:22 charon 05[CFG] <con1000|113> proposing traffic selectors for us: Jun 6 08:54:22 charon 05[CFG] 10.2.2.0/24|/0 Jun 6 08:54:22 charon 05[CFG] <con1000|113> 10.2.2.0/24|/0 Jun 6 08:54:22 charon 05[CFG] proposing traffic selectors for other: Jun 6 08:54:22 charon 05[CFG] <con1000|113> proposing traffic selectors for other: Jun 6 08:54:22 charon 05[CFG] 10.1.1.0/24|/0 Jun 6 08:54:22 charon 05[CFG] <con1000|113> 10.1.1.0/24|/0 Jun 6 08:54:22 charon 05[ENC] generating QUICK_MODE request 3232594732 [ HASH SA No ID ID ] Jun 6 08:54:22 charon 05[ENC] <con1000|113> generating QUICK_MODE request 3232594732 [ HASH SA No ID ID ] Jun 6 08:54:22 charon 05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (172 bytes) Jun 6 08:54:22 charon 05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (172 bytes) Jun 6 08:54:22 charon 05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes) Jun 6 08:54:22 charon 05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes) Jun 6 08:54:22 charon 05[ENC] parsed INFORMATIONAL_V1 request 3898705547 [ HASH N(INVAL_ID) ] Jun 6 08:54:22 charon 05[ENC] <con1000|113> parsed INFORMATIONAL_V1 request 3898705547 [ HASH N(INVAL_ID) ] Jun 6 08:54:22 charon 05[IKE] received INVALID_ID_INFORMATION error notify Jun 6 08:54:22 charon 05[IKE] <con1000|113> received INVALID_ID_INFORMATION error notify Jun 6 08:54:22 charon 05[CHD] CHILD_SA con1000{3862} state change: CREATED => DESTROYING Jun 6 08:54:22 charon 05[CHD] <con1000|113> CHILD_SA con1000{3862} state change: CREATED => DESTROYING Jun 6 08:54:25 charon 07[CFG] vici client 7871 connected Jun 6 08:54:25 charon 07[CFG] vici client 7871 connected Jun 6 08:54:25 charon 15[CFG] vici client 7871 registered for: list-sa Jun 6 08:54:25 charon 15[CFG] vici client 7871 registered for: list-sa Jun 6 08:54:25 charon 05[CFG] vici client 7871 requests: list-sas Jun 6 08:54:25 charon 05[CFG] vici client 7871 requests: list-sas Jun 6 08:54:25 charon 15[CFG] vici client 7871 disconnected Jun 6 08:54:25 charon 15[CFG] vici client 7871 disconnected Jun 6 08:54:31 charon 05[CFG] vici client 7872 connected Jun 6 08:54:31 charon 05[CFG] vici client 7872 connected Jun 6 08:54:31 charon 11[CFG] vici client 7872 registered for: list-sa Jun 6 08:54:31 charon 11[CFG] vici client 7872 registered for: list-sa Jun 6 08:54:31 charon 05[CFG] vici client 7872 requests: list-sas Jun 6 08:54:31 charon 05[CFG] vici client 7872 requests: list-sas Jun 6 08:54:31 charon 05[CFG] vici client 7872 disconnected Jun 6 08:54:31 charon 05[CFG] vici client 7872 disconnected Jun 6 08:54:33 charon 05[IKE] sending DPD request Jun 6 08:54:33 charon 05[IKE] <con1000|113> sending DPD request Jun 6 08:54:33 charon 05[IKE] queueing ISAKMP_DPD task Jun 6 08:54:33 charon 05[IKE] <con1000|113> queueing ISAKMP_DPD task Jun 6 08:54:33 charon 05[IKE] activating new tasks Jun 6 08:54:33 charon 05[IKE] <con1000|113> activating new tasks Jun 6 08:54:33 charon 05[IKE] activating ISAKMP_DPD task Jun 6 08:54:33 charon 05[IKE] <con1000|113> activating ISAKMP_DPD task Jun 6 08:54:33 charon 05[ENC] generating INFORMATIONAL_V1 request 2116311108 [ HASH N(DPD) ] Jun 6 08:54:33 charon 05[ENC] <con1000|113> generating INFORMATIONAL_V1 request 2116311108 [ HASH N(DPD) ] Jun 6 08:54:33 charon 05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (92 bytes) Jun 6 08:54:33 charon 05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (92 bytes) Jun 6 08:54:33 charon 05[IKE] activating new tasks Jun 6 08:54:33 charon 05[IKE] <con1000|113> activating new tasks Jun 6 08:54:33 charon 05[IKE] nothing to initiate Jun 6 08:54:33 charon 05[IKE] <con1000|113> nothing to initiate Jun 6 08:54:33 charon 05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes) Jun 6 08:54:33 charon 05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes) Jun 6 08:54:33 charon 05[ENC] parsed INFORMATIONAL_V1 request 51743917 [ HASH N(DPD_ACK) ] Jun 6 08:54:33 charon 05[ENC] <con1000|113> parsed INFORMATIONAL_V1 request 51743917 [ HASH N(DPD_ACK) ] Jun 6 08:54:33 charon 05[IKE] activating new tasks Jun 6 08:54:33 charon 05[IKE] <con1000|113> activating new tasks Jun 6 08:54:33 charon 05[IKE] nothing to initiate Jun 6 08:54:33 charon 05[IKE] <con1000|113> nothing to initiate