Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    What Does This Mean

    Scheduled Pinned Locked Moved IPsec
    3 Posts 3 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      anking
      last edited by

      Time Process PID Message
      Feb 19 15:12:25 charon 07[NET] received packet: from 103.46.209.154[500] to 10.20.0.2[500]
      Feb 19 15:12:25 charon 07[NET] waiting for data on sockets
      Feb 19 15:12:25 charon 12[MGR] checkout IKEv1 SA by message with SPIs 7ba7c04f2b6e9753_i 0000000000000000_r
      Feb 19 15:12:25 charon 12[MGR] created IKE_SA (unnamed)[3]
      Feb 19 15:12:25 charon 12[NET] <3> received packet: from 103.46.209.154[500] to 10.20.0.2[500] (771 bytes)
      Feb 19 15:12:25 charon 12[IKE] <3> received FRAGMENTATION vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> received NAT-T (RFC 3947) vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> received draft-ietf-ipsec-nat-t-ike vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> received draft-ietf-ipsec-nat-t-ike-08 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> received draft-ietf-ipsec-nat-t-ike-07 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> received draft-ietf-ipsec-nat-t-ike-06 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> received draft-ietf-ipsec-nat-t-ike-05 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> received draft-ietf-ipsec-nat-t-ike-04 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> received draft-ietf-ipsec-nat-t-ike-02 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> received XAuth vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> received Cisco Unity vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> received DPD vendor ID
      Feb 19 15:12:25 charon 12[IKE] <3> 103.46.209.154 is initiating a Aggressive Mode IKE_SA
      Feb 19 15:12:25 charon 12[IKE] <3> IKE_SA (unnamed)[3] state change: CREATED => CONNECTING
      Feb 19 15:12:25 charon 12[IKE] <3> no proposal found
      Feb 19 15:12:25 charon 12[IKE] <3> queueing INFORMATIONAL task
      Feb 19 15:12:25 charon 12[IKE] <3> activating new tasks
      Feb 19 15:12:25 charon 12[IKE] <3> activating INFORMATIONAL task
      Feb 19 15:12:25 charon 12[NET] <3> sending packet: from 10.20.0.2[500] to 103.46.209.154[500] (56 bytes)
      Feb 19 15:12:25 charon 12[MGR] <3> checkin and destroy IKE_SA (unnamed)[3]
      Feb 19 15:12:25 charon 04[NET] sending packet: from 10.20.0.2[500] to 103.46.209.154[500]
      Feb 19 15:12:25 charon 12[IKE] <3> IKE_SA (unnamed)[3] state change: CONNECTING => DESTROYING
      Feb 19 15:12:25 charon 12[MGR] checkin and destroy of IKE_SA successful
      Feb 19 15:12:25 charon 07[NET] received packet: from 103.46.209.154[500] to 10.20.0.2[500]
      Feb 19 15:12:25 charon 07[NET] waiting for data on sockets
      Feb 19 15:12:25 charon 12[MGR] checkout IKEv1 SA by message with SPIs c24d4bc5c9ba68b2_i 0000000000000000_r
      Feb 19 15:12:25 charon 12[MGR] created IKE_SA (unnamed)[4]
      Feb 19 15:12:25 charon 12[NET] <4> received packet: from 103.46.209.154[500] to 10.20.0.2[500] (771 bytes)
      Feb 19 15:12:25 charon 12[IKE] <4> received FRAGMENTATION vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> received NAT-T (RFC 3947) vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> received draft-ietf-ipsec-nat-t-ike vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> received draft-ietf-ipsec-nat-t-ike-08 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> received draft-ietf-ipsec-nat-t-ike-07 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> received draft-ietf-ipsec-nat-t-ike-06 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> received draft-ietf-ipsec-nat-t-ike-05 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> received draft-ietf-ipsec-nat-t-ike-04 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> received draft-ietf-ipsec-nat-t-ike-02 vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> received XAuth vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> received Cisco Unity vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> received DPD vendor ID
      Feb 19 15:12:25 charon 12[IKE] <4> 103.46.209.154 is initiating a Aggressive Mode IKE_SA
      Feb 19 15:12:25 charon 12[IKE] <4> IKE_SA (unnamed)[4] state change: CREATED => CONNECTING
      Feb 19 15:12:25 charon 12[LIB] <4> size of DH secret exponent: 1023 bits
      Feb 19 15:12:25 charon 12[IKE] <con1|4>sending XAuth vendor ID
      Feb 19 15:12:25 charon 12[IKE] <con1|4>sending DPD vendor ID
      Feb 19 15:12:25 charon 12[IKE] <con1|4>sending Cisco Unity vendor ID
      Feb 19 15:12:25 charon 12[IKE] <con1|4>sending FRAGMENTATION vendor ID
      Feb 19 15:12:25 charon 12[IKE] <con1|4>sending NAT-T (RFC 3947) vendor ID
      Feb 19 15:12:25 charon 12[NET] <con1|4>sending packet: from 10.20.0.2[500] to 103.46.209.154[500] (428 bytes)
      Feb 19 15:12:25 charon 12[MGR] <con1|4>checkin IKE_SA con1[4]
      Feb 19 15:12:25 charon 04[NET] sending packet: from 10.20.0.2[500] to 103.46.209.154[500]
      Feb 19 15:12:25 charon 12[MGR] <con1|4>checkin of IKE_SA successful
      Feb 19 15:12:29 charon 12[MGR] checkout IKEv1 SA with SPIs c24d4bc5c9ba68b2_i f79e3272d7218d04_r
      Feb 19 15:12:29 charon 12[MGR] IKE_SA con1[4] successfully checked out
      Feb 19 15:12:29 charon 12[IKE] <con1|4>sending retransmit 1 of response message ID 0, seq 1
      Feb 19 15:12:29 charon 12[NET] <con1|4>sending packet: from 10.20.0.2[500] to 103.46.209.154[500] (428 bytes)
      Feb 19 15:12:29 charon 12[MGR] <con1|4>checkin IKE_SA con1[4]
      Feb 19 15:12:29 charon 04[NET] sending packet: from 10.20.0.2[500] to 103.46.209.154[500]
      Feb 19 15:12:29 charon 12[MGR] <con1|4>checkin of IKE_SA successful
      Feb 19 15:12:36 charon 12[MGR] checkout IKEv1 SA with SPIs c24d4bc5c9ba68b2_i f79e3272d7218d04_r
      Feb 19 15:12:36 charon 12[MGR] IKE_SA con1[4] successfully checked out
      Feb 19 15:12:36 charon 12[IKE] <con1|4>sending retransmit 2 of response message ID 0, seq 1
      Feb 19 15:12:36 charon 12[NET] <con1|4>sending packet: from 10.20.0.2[500] to 103.46.209.154[500] (428 bytes)
      Feb 19 15:12:36 charon 12[MGR] <con1|4>checkin IKE_SA con1[4]
      Feb 19 15:12:36 charon 04[NET] sending packet: from 10.20.0.2[500] to 103.46.209.154[500]
      Feb 19 15:12:36 charon 12[MGR] <con1|4>checkin of IKE_SA successful
      Feb 19 15:12:49 charon 02[MGR] checkout IKEv1 SA with SPIs c24d4bc5c9ba68b2_i f79e3272d7218d04_r
      Feb 19 15:12:49 charon 02[MGR] IKE_SA con1[4] successfully checked out
      Feb 19 15:12:49 charon 02[IKE] <con1|4>sending retransmit 3 of response message ID 0, seq 1
      Feb 19 15:12:49 charon 02[NET] <con1|4>sending packet: from 10.20.0.2[500] to 103.46.209.154[500] (428 bytes)
      Feb 19 15:12:49 charon 02[MGR] <con1|4>checkin IKE_SA con1[4]
      Feb 19 15:12:49 charon 04[NET] sending packet: from 10.20.0.2[500] to 103.46.209.154[500]
      Feb 19 15:12:49 charon 02[MGR] <con1|4>checkin of IKE_SA successful
      Feb 19 15:12:55 charon 02[MGR] checkout IKEv1 SA with SPIs 7ba7c04f2b6e9753_i b49a71955a2f7a35_r
      Feb 19 15:12:55 charon 02[MGR] IKE_SA checkout not successful
      Feb 19 15:12:55 charon 06[MGR] checkout IKEv1 SA with SPIs c24d4bc5c9ba68b2_i f79e3272d7218d04_r
      Feb 19 15:12:55 charon 06[MGR] IKE_SA con1[4] successfully checked out
      Feb 19 15:12:55 charon 06[MGR] <con1|4>checkin and destroy IKE_SA con1[4]
      Feb 19 15:12:55 charon 06[IKE] <con1|4>IKE_SA con1[4] state change: CONNECTING => DESTROYING
      Feb 19 15:12:55 charon 06[MGR] checkin and destroy of IKE_SA successful
      Feb 19 15:13:12 charon 06[MGR] checkout IKEv1 SA with SPIs c24d4bc5c9ba68b2_i f79e3272d7218d04_r
      Feb 19 15:13:12 charon 06[MGR] IKE_SA checkout not successful
      Feb 19 15:25:04 charon 07[NET] received packet: from 172.30.3.163[500] to 10.20.0.2[500]
      Feb 19 15:25:04 charon 07[NET] waiting for data on sockets
      Feb 19 15:25:04 charon 11[MGR] checkout IKEv1 SA by message with SPIs 72c13bb99d21bb9e_i 0000000000000000_r
      Feb 19 15:25:04 charon 11[MGR] created IKE_SA (unnamed)[5]
      Feb 19 15:25:04 charon 11[NET] <5> received packet: from 172.30.3.163[500] to 10.20.0.2[500] (1183 bytes)
      Feb 19 15:25:04 charon 11[IKE] <5> received XAuth vendor ID
      Feb 19 15:25:04 charon 11[IKE] <5> received draft-ietf-ipsec-nat-t-ike-00 vendor ID
      Feb 19 15:25:04 charon 11[IKE] <5> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
      Feb 19 15:25:04 charon 11[IKE] <5> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
      Feb 19 15:25:04 charon 11[IKE] <5> received NAT-T (RFC 3947) vendor ID
      Feb 19 15:25:04 charon 11[IKE] <5> received FRAGMENTATION vendor ID
      Feb 19 15:25:04 charon 11[IKE] <5> received DPD vendor ID
      Feb 19 15:25:04 charon 11[IKE] <5> received Cisco Unity vendor ID
      Feb 19 15:25:04 charon 11[IKE] <5> 172.30.3.163 is initiating a Aggressive Mode IKE_SA
      Feb 19 15:25:04 charon 11[IKE] <5> IKE_SA (unnamed)[5] state change: CREATED => CONNECTING
      Feb 19 15:25:04 charon 11[LIB] <5> size of DH secret exponent: 1023 bits
      Feb 19 15:25:04 charon 11[IKE] <con1|5>sending XAuth vendor ID
      Feb 19 15:25:04 charon 11[IKE] <con1|5>sending DPD vendor ID
      Feb 19 15:25:04 charon 11[IKE] <con1|5>sending Cisco Unity vendor ID
      Feb 19 15:25:04 charon 11[IKE] <con1|5>sending FRAGMENTATION vendor ID
      Feb 19 15:25:04 charon 11[IKE] <con1|5>sending NAT-T (RFC 3947) vendor ID
      Feb 19 15:25:04 charon 11[NET] <con1|5>sending packet: from 10.20.0.2[500] to 172.30.3.163[500] (432 bytes)
      Feb 19 15:25:04 charon 11[MGR] <con1|5>checkin IKE_SA con1[5]
      Feb 19 15:25:04 charon 11[MGR] <con1|5>checkin of IKE_SA successful
      Feb 19 15:25:04 charon 04[NET] sending packet: from 10.20.0.2[500] to 172.30.3.163[500]
      Feb 19 15:25:08 charon 11[MGR] checkout IKEv1 SA with SPIs 72c13bb99d21bb9e_i 27700ec4f94d446a_r
      Feb 19 15:25:08 charon 11[MGR] IKE_SA con1[5] successfully checked out
      Feb 19 15:25:08 charon 11[IKE] <con1|5>sending retransmit 1 of response message ID 0, seq 1
      Feb 19 15:25:08 charon 11[NET] <con1|5>sending packet: from 10.20.0.2[500] to 172.30.3.163[500] (432 bytes)
      Feb 19 15:25:08 charon 11[MGR] <con1|5>checkin IKE_SA con1[5]
      Feb 19 15:25:08 charon 11[MGR] <con1|5>checkin of IKE_SA successful
      Feb 19 15:25:08 charon 04[NET] sending packet: from 10.20.0.2[500] to 172.30.3.163[500]
      Feb 19 15:25:09 charon 07[NET] received packet: from 172.30.3.163[500] to 10.20.0.2[500]
      Feb 19 15:25:09 charon 07[NET] waiting for data on sockets
      Feb 19 15:25:09 charon 11[MGR] checkout IKEv1 SA by message with SPIs 72c13bb99d21bb9e_i 0000000000000000_r
      Feb 19 15:25:09 charon 11[MGR] IKE_SA con1[5] successfully checked out
      Feb 19 15:25:09 charon 11[NET] <con1|5>received packet: from 172.30.3.163[500] to 10.20.0.2[500] (1183 bytes)
      Feb 19 15:25:09 charon 11[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      Feb 19 15:25:09 charon 11[NET] <con1|5>sending packet: from 10.20.0.2[500] to 172.30.3.163[500] (432 bytes)
      Feb 19 15:25:09 charon 11[MGR] <con1|5>checkin IKE_SA con1[5]
      Feb 19 15:25:09 charon 04[NET] sending packet: from 10.20.0.2[500] to 172.30.3.163[500]
      Feb 19 15:25:09 charon 11[MGR] <con1|5>checkin of IKE_SA successful
      Feb 19 15:25:14 charon 07[NET] received packet: from 172.30.3.163[500] to 10.20.0.2[500]
      Feb 19 15:25:14 charon 07[NET] waiting for data on sockets
      Feb 19 15:25:14 charon 11[MGR] checkout IKEv1 SA by message with SPIs 72c13bb99d21bb9e_i 0000000000000000_r
      Feb 19 15:25:14 charon 11[MGR] IKE_SA con1[5] successfully checked out
      Feb 19 15:25:14 charon 11[NET] <con1|5>received packet: from 172.30.3.163[500] to 10.20.0.2[500] (1183 bytes)
      Feb 19 15:25:14 charon 11[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      Feb 19 15:25:14 charon 11[NET] <con1|5>sending packet: from 10.20.0.2[500] to 172.30.3.163[500] (432 bytes)
      Feb 19 15:25:14 charon 11[MGR] <con1|5>checkin IKE_SA con1[5]
      Feb 19 15:25:14 charon 04[NET] sending packet: from 10.20.0.2[500] to 172.30.3.163[500]
      Feb 19 15:25:14 charon 11[MGR] <con1|5>checkin of IKE_SA successful
      Feb 19 15:25:15 charon 11[MGR] checkout IKEv1 SA with SPIs 72c13bb99d21bb9e_i 27700ec4f94d446a_r
      Feb 19 15:25:15 charon 11[MGR] IKE_SA con1[5] successfully checked out
      Feb 19 15:25:15 charon 11[IKE] <con1|5>sending retransmit 2 of response message ID 0, seq 1
      Feb 19 15:25:15 charon 11[NET] <con1|5>sending packet: from 10.20.0.2[500] to 172.30.3.163[500] (432 bytes)
      Feb 19 15:25:15 charon 11[MGR] <con1|5>checkin IKE_SA con1[5]
      Feb 19 15:25:15 charon 04[NET] sending packet: from 10.20.0.2[500] to 172.30.3.163[500]
      Feb 19 15:25:15 charon 11[MGR] <con1|5>checkin of IKE_SA successful
      Feb 19 15:25:19 charon 07[NET] received packet: from 172.30.3.163[500] to 10.20.0.2[500]
      Feb 19 15:25:19 charon 07[NET] waiting for data on sockets
      Feb 19 15:25:19 charon 12[MGR] checkout IKEv1 SA by message with SPIs 72c13bb99d21bb9e_i 0000000000000000_r
      Feb 19 15:25:19 charon 12[MGR] IKE_SA con1[5] successfully checked out
      Feb 19 15:25:19 charon 12[NET] <con1|5>received packet: from 172.30.3.163[500] to 10.20.0.2[500] (1183 bytes)
      Feb 19 15:25:19 charon 12[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      Feb 19 15:25:19 charon 12[NET] <con1|5>sending packet: from 10.20.0.2[500] to 172.30.3.163[500] (432 bytes)
      Feb 19 15:25:19 charon 12[MGR] <con1|5>checkin IKE_SA con1[5]
      Feb 19 15:25:19 charon 04[NET] sending packet: from 10.20.0.2[500] to 172.30.3.163[500]
      Feb 19 15:25:19 charon 12[MGR] <con1|5>checkin of IKE_SA successful
      Feb 19 15:25:28 charon 12[MGR] checkout IKEv1 SA with SPIs 72c13bb99d21bb9e_i 27700ec4f94d446a_r
      Feb 19 15:25:28 charon 12[MGR] IKE_SA con1[5] successfully checked out
      Feb 19 15:25:28 charon 12[IKE] <con1|5>sending retransmit 3 of response message ID 0, seq 1
      Feb 19 15:25:28 charon 12[NET] <con1|5>sending packet: from 10.20.0.2[500] to 172.30.3.163[500] (432 bytes)
      Feb 19 15:25:28 charon 12[MGR] <con1|5>checkin IKE_SA con1[5]
      Feb 19 15:25:28 charon 04[NET] sending packet: from 10.20.0.2[500] to 172.30.3.163[500]
      Feb 19 15:25:28 charon 12[MGR] <con1|5>checkin of IKE_SA successful
      Feb 19 15:25:34 charon 12[MGR] checkout IKEv1 SA with SPIs 72c13bb99d21bb9e_i 27700ec4f94d446a_r
      Feb 19 15:25:34 charon 12[MGR] IKE_SA con1[5] successfully checked out
      Feb 19 15:25:34 charon 12[MGR] <con1|5>checkin and destroy IKE_SA con1[5]
      Feb 19 15:25:34 charon 12[IKE] <con1|5>IKE_SA con1[5] state change: CONNECTING => DESTROYING
      Feb 19 15:25:34 charon 12[MGR] checkin and destroy of IKE_SA successful</con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4></con1|4>

      1 Reply Last reply Reply Quote 0
      • J
        jrsphoto
        last edited by

        Tough to say for sure without more details about your configuration…

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          And what you're actually concerned about there.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.