Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPsec keeps rebuilding tunnel (tunnel is functioning)

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 316 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Remie2000
      last edited by Remie2000

      Hi,

      For some days it is bottering me that my IPsec tunnel keeps rebuilding (Make-before-break) every 1-4 minutes.

      What can cause this? My pfsense box is connected via IPsec to a checkpoint firewall R80.3

      Here is the log from the pfsense side, if needed I also can retrieve some information from the Checkpoint firewall but it will be very basic as we do not have the monitoring blade enabled.

      Remote side: 123.123.123.123
      My side: 66.66.66.66

      Nov 29 08:40:09	charon		12[IKE] <con1000|589> QUICK_MODE request with message ID 629079685 processing failed
Nov 29 08:40:09	charon		12[NET] <con1000|589> sending packet: from 66.66.66.66[500] to 123.123.123.123[500] (76 bytes)
Nov 29 08:40:09	charon		12[ENC] <con1000|589> generating INFORMATIONAL_V1 request 1693616416 [ HASH N(INVAL_HASH) ]
Nov 29 08:40:09	charon		12[IKE] <con1000|589> integrity check failed
Nov 29 08:40:09	charon		12[ENC] <con1000|589> received HASH payload does not match
Nov 29 08:40:09	charon		12[ENC] <con1000|589> parsed QUICK_MODE request 629079685 [ HASH SA No KE ID ID ]
Nov 29 08:40:09	charon		12[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:40:08	charon		12[IKE] <con1000|589> received retransmit of request with ID 2539962585, but no response to retransmit
Nov 29 08:40:08	charon		12[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (60 bytes)
Nov 29 08:40:08	charon		12[IKE] <con1000|589> received retransmit of request with ID 2539962585, but no response to retransmit
Nov 29 08:40:08	charon		12[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (60 bytes)
Nov 29 08:40:08	charon		12[IKE] <con1000|589> CHILD_SA con1000{1365} established with SPIs c56135f4_i fee89d72_o and TS 192.168.80.0/24|/0 === 172.27.0.0/16|/0
Nov 29 08:40:08	charon		12[ENC] <con1000|589> parsed QUICK_MODE request 2539962585 [ HASH ]
Nov 29 08:40:08	charon		12[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (60 bytes)
Nov 29 08:40:08	charon		12[NET] <con1000|589> sending packet: from 66.66.66.66[500] to 123.123.123.123[500] (380 bytes)
Nov 29 08:40:08	charon		12[ENC] <con1000|589> generating QUICK_MODE response 2539962585 [ HASH SA No KE ID ID ]
Nov 29 08:40:08	charon		12[IKE] <con1000|589> detected rekeying of CHILD_SA con1000{1363}
Nov 29 08:40:08	charon		12[CFG] <con1000|589> selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_1536/NO_EXT_SEQ
Nov 29 08:40:08	charon		12[ENC] <con1000|589> parsed QUICK_MODE request 2539962585 [ HASH SA No KE ID ID ]
Nov 29 08:40:08	charon		12[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (380 bytes)
Nov 29 08:40:07	charon		12[IKE] <con1000|589> received retransmit of request with ID 4218072038, but no response to retransmit
Nov 29 08:40:07	charon		12[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (60 bytes)
Nov 29 08:40:07	charon		12[IKE] <con1000|589> received retransmit of request with ID 4218072038, but no response to retransmit
Nov 29 08:40:07	charon		12[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (60 bytes)
Nov 29 08:40:07	charon		12[IKE] <con1000|589> CHILD_SA con1000{1364} established with SPIs c1795beb_i d29426f8_o and TS 192.168.80.0/24|/0 === 172.27.30.0/24|/0
Nov 29 08:40:07	charon		12[ENC] <con1000|589> parsed QUICK_MODE request 4218072038 [ HASH ]
Nov 29 08:40:07	charon		12[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (60 bytes)
Nov 29 08:40:07	charon		12[NET] <con1000|589> sending packet: from 66.66.66.66[500] to 123.123.123.123[500] (380 bytes)
Nov 29 08:40:07	charon		12[ENC] <con1000|589> generating QUICK_MODE response 4218072038 [ HASH SA No KE ID ID ]
Nov 29 08:40:07	charon		12[IKE] <con1000|589> detected rekeying of CHILD_SA con1000{1362}
Nov 29 08:40:07	charon		12[CFG] <con1000|589> selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_1536/NO_EXT_SEQ
Nov 29 08:40:07	charon		12[ENC] <con1000|589> parsed QUICK_MODE request 4218072038 [ HASH SA No KE ID ID ]
Nov 29 08:40:07	charon		12[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (380 bytes)
Nov 29 08:40:07	charon		12[IKE] <con1000|589> received retransmit of request with ID 629079685, but no response to retransmit
Nov 29 08:40:07	charon		12[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:40:07	charon		12[NET] <con1000|588> sending packet: from 66.66.66.66[500] to 123.123.123.123[500] (92 bytes)
Nov 29 08:40:07	charon		12[ENC] <con1000|588> generating INFORMATIONAL_V1 request 3448951922 [ HASH D ]
Nov 29 08:40:07	charon		12[IKE] <con1000|588> sending DELETE for IKE_SA con1000[588]
Nov 29 08:40:07	charon		12[IKE] <con1000|588> deleting IKE_SA con1000[588] between 66.66.66.66[123.123.123.123]...123.123.123.123[123.123.123.123]
Nov 29 08:40:05	charon		08[IKE] <con1000|589> received retransmit of request with ID 629079685, but no response to retransmit
Nov 29 08:40:05	charon		08[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:40:03	charon		08[IKE] <con1000|589> received retransmit of request with ID 629079685, but no response to retransmit
Nov 29 08:40:03	charon		08[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:40:01	charon		08[IKE] <con1000|589> received retransmit of request with ID 629079685, but no response to retransmit
Nov 29 08:40:01	charon		08[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:59	charon		12[IKE] <con1000|589> received retransmit of request with ID 629079685, but no response to retransmit
Nov 29 08:39:59	charon		12[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:57	charon		12[NET] <con1000|589> sending packet: from 66.66.66.66[500] to 123.123.123.123[500] (76 bytes)
Nov 29 08:39:57	charon		12[ENC] <con1000|589> generating INFORMATIONAL_V1 request 2865172304 [ HASH N(INVAL_ID) ]
Nov 29 08:39:57	charon		12[IKE] <con1000|589> no matching CHILD_SA config found for 123.123.123.123/32|/0 === 66.66.66.66/32|/0
Nov 29 08:39:57	charon		12[ENC] <con1000|589> parsed QUICK_MODE request 629079685 [ HASH SA No KE ID ID ]
Nov 29 08:39:57	charon		12[NET] <con1000|589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:57	charon		01[NET] <con1000|589> sending packet: from 66.66.66.66[500] to 123.123.123.123[500] (76 bytes)
Nov 29 08:39:57	charon		01[ENC] <con1000|589> generating ID_PROT response 0 [ ID HASH ]
Nov 29 08:39:57	charon		01[IKE] <con1000|589> DPD not supported by peer, disabled
Nov 29 08:39:57	charon		01[IKE] <con1000|589> maximum IKE_SA lifetime 86259s
Nov 29 08:39:57	charon		01[IKE] <con1000|589> scheduling reauthentication in 85719s
Nov 29 08:39:57	charon		01[IKE] <con1000|589> IKE_SA con1000[589] established between 66.66.66.66[123.123.123.123]...123.123.123.123[123.123.123.123]
Nov 29 08:39:57	charon		01[IKE] <con1000|588> schedule delete of duplicate IKE_SA for peer '123.123.123.123' due to uniqueness policy and suspected reauthentication
Nov 29 08:39:57	charon		01[IKE] <con1000|588> detected reauth of existing IKE_SA, adopting 6 children and 0 virtual IPs
Nov 29 08:39:57	charon		01[CFG] <589> selected peer config "con1000"
Nov 29 08:39:57	charon		01[CFG] <589> looking for pre-shared key peer configs matching 66.66.66.66...123.123.123.123[123.123.123.123]
Nov 29 08:39:57	charon		01[ENC] <589> parsed ID_PROT request 0 [ ID HASH ]
Nov 29 08:39:57	charon		01[NET] <589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (76 bytes)
Nov 29 08:39:57	charon		01[NET] <589> sending packet: from 66.66.66.66[500] to 123.123.123.123[500] (260 bytes)
Nov 29 08:39:57	charon		01[ENC] <589> generating ID_PROT response 0 [ KE No ]
Nov 29 08:39:57	charon		01[ENC] <589> parsed ID_PROT request 0 [ KE No ]
Nov 29 08:39:57	charon		01[NET] <589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (248 bytes)
Nov 29 08:39:57	charon		01[NET] <589> sending packet: from 66.66.66.66[500] to 123.123.123.123[500] (144 bytes)
Nov 29 08:39:57	charon		01[ENC] <589> generating ID_PROT response 0 [ SA V V V ]
Nov 29 08:39:57	charon		01[CFG] <589> selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536
Nov 29 08:39:57	charon		01[IKE] <589> 123.123.123.123 is initiating a Main Mode IKE_SA
Nov 29 08:39:57	charon		01[ENC] <589> received unknown vendor ID: f4:ed:19:e0:c1:14:eb:51:6f:aa:ac:0e:e3:7d:af:28:07:b4:38:1f:00:00:00:01:00:00:13:8d:5f:c3:50:4d:00:00:00:00:18:09:00:00
Nov 29 08:39:57	charon		01[IKE] <589> received FRAGMENTATION vendor ID
Nov 29 08:39:57	charon		01[ENC] <589> parsed ID_PROT request 0 [ SA V V ]
Nov 29 08:39:57	charon		01[NET] <589> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (152 bytes)
Nov 29 08:39:53	charon		09[IKE] <con1000|588> received retransmit of request with ID 2520848250, but no response to retransmit
Nov 29 08:39:53	charon		09[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:49	charon		09[IKE] <con1000|588> received retransmit of request with ID 2520848250, but no response to retransmit
Nov 29 08:39:49	charon		09[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:45	charon		09[IKE] <con1000|588> received retransmit of request with ID 2520848250, but no response to retransmit
Nov 29 08:39:45	charon		09[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:41	charon		09[IKE] <con1000|588> received retransmit of request with ID 2520848250, but no response to retransmit
Nov 29 08:39:41	charon		09[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:37	charon		09[IKE] <con1000|588> received retransmit of request with ID 2520848250, but no response to retransmit
Nov 29 08:39:37	charon		09[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:33	charon		09[IKE] <con1000|588> received retransmit of request with ID 2520848250, but no response to retransmit
Nov 29 08:39:33	charon		09[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:31	charon		06[IKE] <con1000|588> received retransmit of request with ID 2520848250, but no response to retransmit
Nov 29 08:39:31	charon		06[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:29	charon		05[IKE] <con1000|588> received retransmit of request with ID 2520848250, but no response to retransmit
Nov 29 08:39:29	charon		05[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:27	charon		05[IKE] <con1000|588> received retransmit of request with ID 2520848250, but no response to retransmit
Nov 29 08:39:27	charon		05[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:25	charon		09[IKE] <con1000|588> received retransmit of request with ID 2520848250, but no response to retransmit
Nov 29 08:39:25	charon		09[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:23	charon		09[IKE] <con1000|588> received retransmit of request with ID 2520848250, but no response to retransmit
Nov 29 08:39:23	charon		09[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:39:21	charon		09[NET] <con1000|588> sending packet: from 66.66.66.66[500] to 123.123.123.123[500] (76 bytes)
Nov 29 08:39:21	charon		09[ENC] <con1000|588> generating INFORMATIONAL_V1 request 1579580626 [ HASH N(INVAL_ID) ]
Nov 29 08:39:21	charon		09[IKE] <con1000|588> no matching CHILD_SA config found for 123.123.123.123/32|/0 === 66.66.66.66/32|/0
Nov 29 08:39:21	charon		09[ENC] <con1000|588> parsed QUICK_MODE request 2520848250 [ HASH SA No KE ID ID ]
Nov 29 08:39:21	charon		09[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:38:53	charon		10[IKE] <con1000|588> received retransmit of request with ID 229971642, but no response to retransmit
Nov 29 08:38:53	charon		10[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:38:49	charon		13[IKE] <con1000|588> received retransmit of request with ID 229971642, but no response to retransmit
Nov 29 08:38:49	charon		13[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:38:48	charon		08[KNL] creating rekey job for CHILD_SA ESP/0x36d8fc8d/123.123.123.123
Nov 29 08:38:45	charon		14[IKE] <con1000|588> received retransmit of request with ID 229971642, but no response to retransmit
Nov 29 08:38:45	charon		14[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:38:41	charon		14[IKE] <con1000|588> received retransmit of request with ID 229971642, but no response to retransmit
Nov 29 08:38:41	charon		14[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:38:37	charon		13[IKE] <con1000|588> received retransmit of request with ID 229971642, but no response to retransmit
Nov 29 08:38:37	charon		13[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:38:33	charon		06[IKE] <con1000|588> received retransmit of request with ID 229971642, but no response to retransmit
Nov 29 08:38:33	charon		06[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:38:31	charon		06[IKE] <con1000|588> received retransmit of request with ID 229971642, but no response to retransmit
Nov 29 08:38:31	charon		06[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:38:29	charon		06[IKE] <con1000|588> received retransmit of request with ID 229971642, but no response to retransmit
Nov 29 08:38:29	charon		06[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:38:27	charon		06[IKE] <con1000|588> received retransmit of request with ID 229971642, but no response to retransmit
Nov 29 08:38:27	charon		06[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:38:25	charon		06[IKE] <con1000|588> received retransmit of request with ID 229971642, but no response to retransmit
Nov 29 08:38:25	charon		06[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:38:23	charon		06[IKE] <con1000|588> received retransmit of request with ID 229971642, but no response to retransmit
Nov 29 08:38:23	charon		06[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:38:21	charon		06[NET] <con1000|588> sending packet: from 66.66.66.66[500] to 123.123.123.123[500] (76 bytes)
Nov 29 08:38:21	charon		06[ENC] <con1000|588> generating INFORMATIONAL_V1 request 1007734773 [ HASH N(INVAL_ID) ]
Nov 29 08:38:21	charon		06[IKE] <con1000|588> no matching CHILD_SA config found for 123.123.123.123/32|/0 === 66.66.66.66/32|/0
Nov 29 08:38:21	charon		06[ENC] <con1000|588> parsed QUICK_MODE request 229971642 [ HASH SA No KE ID ID ]
Nov 29 08:38:21	charon		06[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:37:53	charon		11[IKE] <con1000|588> received retransmit of request with ID 599001464, but no response to retransmit
Nov 29 08:37:53	charon		11[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:37:49	charon		07[IKE] <con1000|588> received retransmit of request with ID 599001464, but no response to retransmit
Nov 29 08:37:49	charon		07[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:37:45	charon		09[IKE] <con1000|588> received retransmit of request with ID 599001464, but no response to retransmit
Nov 29 08:37:45	charon		09[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:37:41	charon		09[IKE] <con1000|588> received retransmit of request with ID 599001464, but no response to retransmit
Nov 29 08:37:41	charon		09[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:37:37	charon		09[IKE] <con1000|588> received retransmit of request with ID 599001464, but no response to retransmit
Nov 29 08:37:37	charon		09[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:37:33	charon		09[IKE] <con1000|588> received retransmit of request with ID 599001464, but no response to retransmit
Nov 29 08:37:33	charon		09[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:37:31	charon		01[IKE] <con1000|588> received retransmit of request with ID 599001464, but no response to retransmit
Nov 29 08:37:31	charon		01[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:37:29	charon		01[IKE] <con1000|588> received retransmit of request with ID 599001464, but no response to retransmit
Nov 29 08:37:29	charon		01[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:37:27	charon		01[IKE] <con1000|588> received retransmit of request with ID 599001464, but no response to retransmit
Nov 29 08:37:27	charon		01[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:37:25	charon		12[IKE] <con1000|588> received retransmit of request with ID 599001464, but no response to retransmit
Nov 29 08:37:25	charon		12[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:37:23	charon		12[IKE] <con1000|588> received retransmit of request with ID 599001464, but no response to retransmit
Nov 29 08:37:23	charon		12[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:37:21	charon		10[NET] <con1000|588> sending packet: from 66.66.66.66[500] to 123.123.123.123[500] (76 bytes)
Nov 29 08:37:21	charon		10[ENC] <con1000|588> generating INFORMATIONAL_V1 request 3988895226 [ HASH N(INVAL_ID) ]
Nov 29 08:37:21	charon		10[IKE] <con1000|588> no matching CHILD_SA config found for 123.123.123.123/32|/0 === 66.66.66.66/32|/0
Nov 29 08:37:21	charon		10[ENC] <con1000|588> parsed QUICK_MODE request 599001464 [ HASH SA No KE ID ID ]
Nov 29 08:37:21	charon		10[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:36:53	charon		08[IKE] <con1000|588> received retransmit of request with ID 4210477810, but no response to retransmit
Nov 29 08:36:53	charon		08[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:36:49	charon		14[IKE] <con1000|588> received retransmit of request with ID 4210477810, but no response to retransmit
Nov 29 08:36:49	charon		14[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:36:45	charon		15[IKE] <con1000|588> received retransmit of request with ID 4210477810, but no response to retransmit
Nov 29 08:36:45	charon		15[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:36:41	charon		15[IKE] <con1000|588> received retransmit of request with ID 4210477810, but no response to retransmit
Nov 29 08:36:41	charon		15[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:36:37	charon		14[IKE] <con1000|588> received retransmit of request with ID 4210477810, but no response to retransmit
Nov 29 08:36:37	charon		14[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:36:33	charon		06[IKE] <con1000|588> received retransmit of request with ID 4210477810, but no response to retransmit
Nov 29 08:36:33	charon		06[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:36:31	charon		06[IKE] <con1000|588> received retransmit of request with ID 4210477810, but no response to retransmit
Nov 29 08:36:31	charon		06[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:36:29	charon		06[IKE] <con1000|588> received retransmit of request with ID 4210477810, but no response to retransmit
Nov 29 08:36:29	charon		06[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:36:27	charon		14[IKE] <con1000|588> received retransmit of request with ID 4210477810, but no response to retransmit
Nov 29 08:36:27	charon		14[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:36:25	charon		14[IKE] <con1000|588> received retransmit of request with ID 4210477810, but no response to retransmit
Nov 29 08:36:25	charon		14[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:36:23	charon		11[IKE] <con1000|588> received retransmit of request with ID 4210477810, but no response to retransmit
Nov 29 08:36:23	charon		11[NET] <con1000|588> received packet: from 123.123.123.123[500] to 66.66.66.66[500] (364 bytes)
Nov 29 08:36:21	charon		11[NET] <con1000|588> sending packet: from 66.66.66.66[500] to 123.123.123.123[500] (76 bytes)
Nov 29 08:36:21	charon		11[ENC] <con1000|588> generating INFORMATIONAL_V1 request 2974829592 [ HASH N(INVAL_ID) ]
Nov 29 08:36:21	charon		11[IKE] <con1000|588> no matching CHILD_SA config found for 123.123.123.123/32|/0 === 66.66.66.66/32|/0
Nov 29 08:36:21	charon		11[ENC] <con1000|588> parsed QUICK_MODE request 4210477810 [ HASH SA No KE ID ID ]

      Screenshots of my config. All IP addresses and PSK have been changed for this topic.

      Phase 1

      alt text

      alt text

      Phase 2 (Blurred some sensitive information in some labels)

      alt text

      alt text

      Advanced IPSec settings

      alt text

      Can somebody explain to me what is happening here? If more information is needed from the remote side please let me know. I need to retrieve the information then but it can take a while before I have it.

      Every help is really appreciated!

      Thanks,

      Remie

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.