Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSEC dropping every 124 seconds

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 270 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rafamello
      last edited by

      Guys, I have a client that uses IPSEC to connect your network to his client
      and this VPN goes down every 124 seconds
      I looked in the logs and found nothing abnormal
      any tips on how to check if the problem is here or on the dlee client?

      when it falls, this log appears:

      eb 10 16:04:36 charon 10[CFG] vici client 487 registered for: list-sa
      Feb 10 16:04:36 charon 10[CFG] vici client 487 requests: list-sas
      Feb 10 16:04:36 charon 10[CFG] vici client 487 disconnected
      Feb 10 16:04:40 charon 10[IKE] <con4000|30> sending DPD request
      Feb 10 16:04:40 charon 10[IKE] <con4000|30> queueing ISAKMP_DPD task
      Feb 10 16:04:40 charon 10[IKE] <con4000|30> activating new tasks
      Feb 10 16:04:40 charon 10[IKE] <con4000|30> activating ISAKMP_DPD task
      Feb 10 16:04:40 charon 10[ENC] <con4000|30> generating INFORMATIONAL_V1 request 140947474 [ HASH N(DPD) ]
      Feb 10 16:04:40 charon 10[NET] <con4000|30> sending packet: from 177.0.0.X[500] to 177.0.0.X[500] (92 bytes)
      Feb 10 16:04:40 charon 10[IKE] <con4000|30> activating new tasks
      Feb 10 16:04:40 charon 10[IKE] <con4000|30> nothing to initiate
      Feb 10 16:04:41 charon 14[CFG] vici client 488 connected
      Feb 10 16:04:41 charon 11[CFG] vici client 488 registered for: list-sa
      Feb 10 16:04:41 charon 10[CFG] vici client 488 requests: list-sas
      Feb 10 16:04:41 charon 10[CFG] vici client 488 disconnected
      Feb 10 16:04:45 charon 11[IKE] <con4000|30> sending DPD request
      Feb 10 16:04:45 charon 11[IKE] <con4000|30> queueing ISAKMP_DPD task
      Feb 10 16:04:45 charon 11[IKE] <con4000|30> activating new tasks
      Feb 10 16:04:45 charon 11[IKE] <con4000|30> activating ISAKMP_DPD task
      Feb 10 16:04:45 charon 11[ENC] <con4000|30> generating INFORMATIONAL_V1 request 50296017 [ HASH N(DPD) ]
      Feb 10 16:04:45 charon 11[NET] <con4000|30> sending packet: from 1177.0.0.X[500] to 177.0.0.X[500] (92 bytes)
      Feb 10 16:04:45 charon 11[IKE] <con4000|30> activating new tasks
      Feb 10 16:04:45 charon 11[IKE] <con4000|30> nothing to initiate
      Feb 10 16:04:46 charon 13[CFG] vici client 489 connected
      Feb 10 16:04:46 charon 11[CFG] vici client 489 registered for: list-sa
      Feb 10 16:04:46 charon 11[CFG] vici client 489 requests: list-sas
      Feb 10 16:04:46 charon 08[CFG] vici client 489 disconnected
      Feb 10 16:04:50 charon 08[IKE] <con4000|30> sending DPD request
      Feb 10 16:04:50 charon 08[IKE] <con4000|30> queueing ISAKMP_DPD task
      Feb 10 16:04:50 charon 08[IKE] <con4000|30> activating new tasks
      Feb 10 16:04:50 charon 08[IKE] <con4000|30> activating ISAKMP_DPD task
      Feb 10 16:04:50 charon 08[ENC] <con4000|30> generating INFORMATIONAL_V1 request 4259876321 [ HASH N(DPD) ]
      Feb 10 16:04:50 charon 08[NET] <con4000|30> sending packet: from 177.0.0.X[500] to 177.0.0.X[500] (92 bytes)
      Feb 10 16:04:50 charon 08[IKE] <con4000|30> activating new tasks
      Feb 10 16:04:50 charon 08[IKE] <con4000|30> nothing to initiate
      Feb 10 16:04:51 charon 13[CFG] vici client 490 connected
      Feb 10 16:04:51 charon 08[CFG] vici client 490 registered for: list-sa
      Feb 10 16:04:51 charon 06[CFG] vici client 490 requests: list-sas
      Feb 10 16:04:51 charon 08[CFG] vici client 490 disconnected

      eb 10 16:05:06 charon 15[CFG] <con4000|31> 192.168.4.0/24|/0
      Feb 10 16:05:06 charon 15[ENC] <con4000|31> generating QUICK_MODE request 674283457 [ HASH SA No KE ID ID ]
      Feb 10 16:05:06 charon 15[NET] <con4000|31> sending packet: from 177.0.0.X[500] to 177.0.0.X[500] (492 bytes)
      Feb 10 16:05:06 charon 15[NET] <con4000|31> received packet: from 177.0.0.X[500] to 177.0.0.X[500] (444 bytes)
      Feb 10 16:05:06 charon 15[ENC] <con4000|31> parsed QUICK_MODE response 674283457 [ HASH SA No KE ID ID ]
      Feb 10 16:05:06 charon 15[CFG] <con4000|31> selecting proposal:
      Feb 10 16:05:06 charon 15[CFG] <con4000|31> no acceptable ENCRYPTION_ALGORITHM found
      Feb 10 16:05:06 charon 15[CFG] <con4000|31> selecting proposal:
      Feb 10 16:05:06 charon 15[CFG] <con4000|31> no acceptable ENCRYPTION_ALGORITHM found
      Feb 10 16:05:06 charon 15[CFG] <con4000|31> selecting proposal:
      Feb 10 16:05:06 charon 15[CFG] <con4000|31> proposal matches
      Feb 10 16:05:06 charon 15[CFG] <con4000|31> received proposals: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ
      Feb 10 16:05:06 charon 15[CFG] <con4000|31> configured proposals: ESP:AES_CBC_256/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ
      Feb 10 16:05:06 charon 15[CFG] <con4000|31> selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ
      Feb 10 16:05:06 charon 15[IKE] <con4000|31> received 28800s lifetime, configured 0s
      Feb 10 16:05:06 charon 15[CHD] <con4000|31> CHILD_SA con4000{70} state change: CREATED => INSTALLING
      Feb 10 16:05:06 charon 15[CHD] <con4000|31> using AES_CBC for encryption
      Feb 10 16:05:06 charon 15[CHD] <con4000|31> using HMAC_SHA1_96 for integrity
      Feb 10 16:05:06 charon 15[CHD] <con4000|31> adding inbound ESP SA
      Feb 10 16:05:06 charon 15[CHD] <con4000|31> SPI 0xc660eb20, src 1177.0.0.X dst 177.0.0.X
      Feb 10 16:05:06 charon 15[CHD] <con4000|31> adding outbound ESP SA
      Feb 10 16:05:06 charon 15[CHD] <con4000|31> SPI 0xc5847ece, src 177.0.0.X dst 177.0.0.X
      Feb 10 16:05:06 charon 15[IKE] <con4000|31> CHILD_SA con4000{70} established with SPIs c660eb20_i c5847ece_o and TS 192.168.175.0/24|/0 === 192.168.4.0/24|/0
      Feb 10 16:05:06 charon 15[CHD] <con4000|31> CHILD_SA con4000{70} state change: INSTALLING => INSTALLED
      Feb 10 16:05:06 charon 15[IKE] <con4000|31> reinitiating already active tasks
      Feb 10 16:05:06 charon 15[IKE] <con4000|31> QUICK_MODE task
      Feb 10 16:05:06 charon 15[ENC] <con4000|31> generating QUICK_MODE request 674283457 [ HASH ]
      Feb 10 16:05:06 charon 15[NET] <con4000|31> sending packet: from 177.101.216.30[500] to 177.0.0.X[500] (60 bytes)
      Feb 10 16:05:06 charon 15[IKE] <con4000|31> activating new tasks
      Feb 10 16:05:06 charon 15[IKE] <con4000|31> nothing to initiate
      Feb 10 16:05:06 charon 16[CFG] vici client 493 connected
      Feb 10 16:05:06 charon 15[CFG] vici client 493 registered for: list-sa
      Feb 10 16:05:06 charon 12[CFG] vici client 493 requests: list-sas

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.