[SOLVED] 2.4.3.a.20180303.2038 development build breaks IPSec



  • I had a working IPSec tunnel between 2.4.2-RELEASE-p1 and 2.3.5, and upgrading the 2.4.2 install to 2.4.3.a.20180303.2038 breaks the tunnel.


  • Netgate

    Crystal Ball is malfunctioning.

    Is there anything in the IPsec logs on either side that indicates a problem?



  • Here are redacted logs from the 2.4.3-DEV side of the failed connection.  I am not sure which logging toggles to turn up.

    Mar 5 00:24:05 ipsec_starter 18133 charon has died – restart scheduled (5sec)
    Mar 5 00:24:05 charon 15[DMN] <con2|1>killing ourself, received critical signal
    Mar 5 00:24:05 charon 15[LIB] <con2|1>->
    Mar 5 00:24:05 charon 15[LIB] <con2|1>/lib/libthr.so.3 @ 0x800f52000 (pthread_getspecific+0xe2f) [0x800f5fe9f]
    Mar 5 00:24:05 charon 15[LIB] <con2|1>->
    Mar 5 00:24:05 charon 15[LIB] <con2|1>/lib/libthr.so.3 @ 0x800f52000 (pthread_sigmask+0x536) [0x800f608f6]
    Mar 5 00:24:05 charon 15[LIB] <con2|1>dumping 2 stack frame addresses:
    Mar 5 00:24:05 charon 15[DMN] <con2|1>thread 15 received 11
    Mar 5 00:24:05 charon 15[IKE] <con2|1>authentication of 'HOST1.foo.net' (myself) with RSA_EMSA_PKCS1_SHA2_512 successful
    Mar 5 00:24:04 charon 15[IKE] <con2|1>sending cert request for "REDACTED"
    Mar 5 00:24:04 charon 15[IKE] <con2|1>received 1 cert requests for an unknown ca
    Mar 5 00:24:04 charon 15[IKE] <con2|1>received cert request for "REDACTED2"
    Mar 5 00:24:04 charon 15[IKE] <con2|1>received cert request for "REDACTED"
    Mar 5 00:24:04 charon 15[ENC] <con2|1>parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ]
    Mar 5 00:24:04 charon 15[NET] <con2|1>received packet: from 10.1.0.1[500] to 10.2.0.2[500] (399 bytes)
    Mar 5 00:24:04 charon 15[MGR] IKE_SA con2[1] successfully checked out
    Mar 5 00:24:04 charon 15[MGR] checkout IKEv2 SA by message with SPIs df27dcea9c0347ed_i 4531f90007e9b927_r
    Mar 5 00:24:04 charon 15[MGR] <con2|1>checkin of IKE_SA successful
    Mar 5 00:24:04 charon 15[MGR] <con2|1>checkin IKE_SA con2[1]
    Mar 5 00:24:04 charon 15[NET] <con2|1>sending packet: from 10.2.0.2[500] to 10.1.0.1[500] (332 bytes)
    Mar 5 00:24:04 charon 15[ENC] <con2|1>generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
    Mar 5 00:24:04 charon 15[IKE] <con2|1>initiating IKE_SA con2[1] to 10.1.0.1
    Mar 5 00:24:04 charon 15[MGR] created IKE_SA (unnamed)[1]
    Mar 5 00:24:04 charon 15[MGR] checkout IKE_SA by config
    Mar 5 00:24:04 charon 15[KNL] creating acquire job for policy 10.2.0.2/32|/0 === 10.1.0.1/32|/0 with reqid {1}
    Mar 5 00:24:03 ipsec_starter 18133 'con2' routed
    Mar 5 00:24:03 charon 14[KNL] policy already exists, try to update it
    Mar 5 00:24:03 charon 14[KNL] policy already exists, try to update it
    Mar 5 00:24:03 charon 14[CFG] received stroke: route 'con2'
    Mar 5 00:24:03 charon 14[CFG] added configuration 'con2'
    Mar 5 00:24:03 charon 14[CFG] loaded certificate "REDACTED'
    Mar 5 00:24:03 charon 17[LIB] created thread 17 [80ec47000]
    Mar 5 00:24:03 charon 14[CFG] received stroke: add connection 'con2'
    Mar 5 00:24:03 ipsec_starter 18133 'bypasslan' shunt PASS policy installed
    Mar 5 00:24:03 charon 15[KNL] policy already exists, try to update it
    Mar 5 00:24:03 charon 15[KNL] policy already exists, try to update it
    Mar 5 00:24:03 charon 15[KNL] policy already exists, try to update it
    Mar 5 00:24:03 charon 15[KNL] policy already exists, try to update it
    Mar 5 00:24:03 charon 15[CFG] received stroke: route 'bypasslan'
    Mar 5 00:24:03 charon 15[CFG] added configuration 'bypasslan'
    Mar 5 00:24:03 charon 15[CFG] received stroke: add connection 'bypasslan'
    Mar 5 00:24:03 ipsec_starter 18133 charon (51150) started after 260 ms
    Mar 5 00:24:03 charon 15[LIB] created thread 15 [8021a3e00]
    Mar 5 00:24:03 charon 08[LIB] created thread 08 [80201ab00]
    Mar 5 00:24:03 charon 14[LIB] created thread 14 [8021a2000]
    Mar 5 00:24:03 charon 16[LIB] created thread 16 [802018300]
    Mar 5 00:24:03 charon 06[LIB] created thread 06 [80201a600]
    Mar 5 00:24:03 charon 13[LIB] created thread 13 [8021a3900]
    Mar 5 00:24:03 charon 12[LIB] created thread 12 [8021a2f00]
    Mar 5 00:24:03 charon 09[LIB] created thread 09 [8021a2a00]
    Mar 5 00:24:03 charon 11[LIB] created thread 11 [8021a3400]
    Mar 5 00:24:03 charon 10[LIB] created thread 10 [8021a2500]
    Mar 5 00:24:03 charon 07[LIB] created thread 07 [802018800]
    Mar 5 00:24:03 charon 05[LIB] created thread 05 [80201a100]
    Mar 5 00:24:03 charon 04[LIB] created thread 04 [802019c00]
    Mar 5 00:24:03 charon 03[LIB] created thread 03 [802019700]
    Mar 5 00:24:03 charon 02[LIB] created thread 02 [802019200]
    Mar 5 00:24:03 charon 01[LIB] created thread 01 [802018d00]
    Mar 5 00:24:03 charon 00[JOB] spawning 16 worker threads
    Mar 5 00:24:03 charon 00[LIB] unable to load 8 plugin features (7 due to unmet dependencies)
    Mar 5 00:24:03 charon 00[LIB] loaded plugins: charon unbound aes des blowfish rc2 sha2 sha1 md4 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey ipseckey pem openssl fips-prf curve25519 xcbc cmac hmac curl attr kernel-pfkey kernel-pfroute resolve socket-default stroke vici updown eap-identity eap-sim eap-md5 eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap whitelist addrblock counters
    Mar 5 00:24:03 charon 00[LIB] unloading plugin 'eap-sim-file' without loaded features
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:addrblock in plugin 'addrblock'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:whitelist in plugin 'whitelist'
    Mar 5 00:24:03 charon 00[LIB] loading feature XAUTH_SERVER:eap in plugin 'xauth-eap'
    Mar 5 00:24:03 charon 00[LIB] loading feature XAUTH_CLIENT:generic in plugin 'xauth-generic'
    Mar 5 00:24:03 charon 00[LIB] loading feature XAUTH_SERVER:generic in plugin 'xauth-generic'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_CLIENT:PEAP in plugin 'eap-peap'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_SERVER:PEAP in plugin 'eap-peap'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_CLIENT:TTLS in plugin 'eap-ttls'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_SERVER:TTLS in plugin 'eap-ttls'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_CLIENT:TLS in plugin 'eap-tls'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_SERVER:TLS in plugin 'eap-tls'
    Mar 5 00:24:03 charon 00[LIB] loading feature XAUTH_SERVER:radius in plugin 'eap-radius'
    Mar 5 00:24:03 charon 00[CFG] loaded 0 RADIUS server configurations
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:eap-radius in plugin 'eap-radius'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_SERVER:RAD in plugin 'eap-radius'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_SERVER:DYN in plugin 'eap-dynamic'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_CLIENT:MSCHAPV2 in plugin 'eap-mschapv2'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_SERVER:MSCHAPV2 in plugin 'eap-mschapv2'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_CLIENT:MD5 in plugin 'eap-md5'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_SERVER:MD5 in plugin 'eap-md5'
    Mar 5 00:24:03 charon 00[LIB] feature CUSTOM:sim-provider in plugin 'eap-sim-file' has unmet dependency: CUSTOM:eap-sim-file-triplets
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:sim-provider in plugin 'eap-sim-file'
    Mar 5 00:24:03 charon 00[LIB] feature CUSTOM:sim-card in plugin 'eap-sim-file' has unmet dependency: CUSTOM:eap-sim-file-triplets
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:sim-card in plugin 'eap-sim-file'
    Mar 5 00:24:03 charon 00[LIB] feature CUSTOM:eap-sim-file-triplets in plugin 'eap-sim-file' failed to load
    Mar 5 00:24:03 charon 00[CFG] opening triplet file /usr/local/etc/ipsec.d/triplets.dat failed: No such file or directory
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:eap-sim-file-triplets in plugin 'eap-sim-file'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_CLIENT:SIM in plugin 'eap-sim'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_SERVER:SIM in plugin 'eap-sim'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:sim-manager in plugin 'eap-sim'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_CLIENT:ID in plugin 'eap-identity'
    Mar 5 00:24:03 charon 00[LIB] loading feature EAP_SERVER:ID in plugin 'eap-identity'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:updown in plugin 'updown'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:vici in plugin 'vici'
    Mar 5 00:24:03 charon 00[CFG] loaded RSA private key from '/var/etc/ipsec/ipsec.d/private/cert-2.key'
    Mar 5 00:24:03 charon 00[CFG] loading secrets from '/var/etc/ipsec/ipsec.secrets'
    Mar 5 00:24:03 charon 00[CFG] loading crls from '/usr/local/etc/ipsec.d/crls'
    Mar 5 00:24:03 charon 00[CFG] loading attribute certificates from '/usr/local/etc/ipsec.d/acerts'
    Mar 5 00:24:03 charon 00[CFG] loading ocsp signer certificates from '/usr/local/etc/ipsec.d/ocspcerts'
    Mar 5 00:24:03 charon 00[CFG] loading aa certificates from '/usr/local/etc/ipsec.d/aacerts'
    Mar 5 00:24:03 charon 00[CFG] loaded ca certificate "REDACTED2" from '/usr/local/etc/ipsec.d/cacerts/foo1.0.crt'
    Mar 5 00:24:03 charon 00[CFG] loaded ca certificate "REDACTED" from '/usr/local/etc/ipsec.d/cacerts/foo2.0.crt'
    Mar 5 00:24:03 charon 00[CFG] loading ca certificates from '/usr/local/etc/ipsec.d/cacerts'
    Mar 5 00:24:03 charon 00[LIB] feature CUSTOM:stroke in plugin 'stroke' has unmet soft dependency: PRIVKEY:BLISS
    Mar 5 00:24:03 charon 00[LIB] feature CUSTOM:stroke in plugin 'stroke' has unmet soft dependency: PRIVKEY:DSA
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:counters in plugin 'counters'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:stroke in plugin 'stroke'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:resolve in plugin 'resolve'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:attr in plugin 'attr'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA2_512_512 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA2_512_256 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA2_384_384 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA2_384_192 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA2_256_256 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA2_256_128 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_MD5_128 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_MD5_96 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA1_160 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA1_128 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA1_96 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_HMAC_SHA2_512 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_HMAC_SHA2_384 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_HMAC_SHA2_256 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_HMAC_MD5 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_HMAC_SHA1 in plugin 'hmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:AES_CMAC_96 in plugin 'cmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_AES128_CMAC in plugin 'cmac'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:AES_XCBC_96 in plugin 'xcbc'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:CAMELLIA_XCBC_96 in plugin 'xcbc'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_CAMELLIA128_XCBC in plugin 'xcbc'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_AES128_XCBC in plugin 'xcbc'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_IDENTITY in plugin 'curve25519'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:ED25519 in plugin 'curve25519'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:ED25519 in plugin 'curve25519'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_GEN:ED25519 in plugin 'curve25519'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:CURVE_25519 in plugin 'curve25519'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_FIPS_SHA1_160 in plugin 'fips-prf'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:ECDSA-521 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:ECDSA-384 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:ECDSA-521 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:ECDSA-384 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:ECDSA_WITH_SHA512_DER in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:ECDSA_WITH_SHA384_DER in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:ECDSA_WITH_SHA512_DER in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:ECDSA_WITH_SHA384_DER in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:ECDSA-256 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:ECDSA-256 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:ECDSA_WITH_SHA256_DER in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:ECDSA_WITH_SHA256_DER in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:ECDSA_WITH_SHA1_DER in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:ECDSA_WITH_SHA1_DER in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:ECDSA_WITH_NULL in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:ECDSA_WITH_NULL in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_GEN:ECDSA in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_ENCRYPT:ENCRYPT_RSA_PKCS1 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_DECRYPT:ENCRYPT_RSA_PKCS1 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_MD5 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_MD5 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA2_512 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA2_384 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA2_512 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA2_384 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA2_256 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA2_224 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA2_256 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA2_224 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA1 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA1 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PSS in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PSS in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_NULL in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_NULL in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY_GEN:RSA in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:MODP_CUSTOM in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:MODP_768 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:MODP_1024_160 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:MODP_1024 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:MODP_1536 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:MODP_2048_256 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:MODP_2048_224 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:MODP_2048 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:MODP_8192 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:MODP_6144 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:MODP_4096 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:MODP_3072 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:ECP_224_BP in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:ECP_512_BP in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:ECP_384_BP in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:ECP_256_BP in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:ECP_192 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:ECP_224 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:ECP_521 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:ECP_384 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature DH:ECP_256 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature AEAD:AES_GCM_8-32 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature AEAD:AES_GCM_8-24 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature AEAD:AES_GCM_8-16 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature AEAD:AES_GCM_12-32 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature AEAD:AES_GCM_12-24 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature AEAD:AES_GCM_12-16 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature AEAD:AES_GCM_16-32 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature AEAD:AES_GCM_16-24 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature AEAD:AES_GCM_16-16 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA2_512_512 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA2_512_256 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA2_384_384 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA2_384_192 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA2_256_256 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA2_256_128 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA1_160 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA1_128 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_SHA1_96 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_MD5_128 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature SIGNER:HMAC_MD5_96 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_HMAC_SHA2_512 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_HMAC_SHA2_384 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_HMAC_SHA2_256 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_HMAC_SHA1 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_HMAC_MD5 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_KEYED_SHA1 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_SHA2_512 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_SHA2_384 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_SHA2_256 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_SHA2_224 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_MD4 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:NULL-0 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:DES_ECB-8 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:DES_CBC-8 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:IDEA_CBC-16 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:BLOWFISH_CBC-0 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:CAST_CBC-0 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:RC5_CBC-0 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:CAMELLIA_CBC-32 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:CAMELLIA_CBC-24 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:CAMELLIA_CBC-16 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:AES_CBC-32 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:AES_CBC-24 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:AES_CBC-16 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CONTAINER_DECODE:PKCS12 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loop detected while loading CONTAINER_DECODE:PKCS12 in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature CONTAINER_DECODE:PKCS12 in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:PUBKEY in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:PKCS10_REQUEST in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:X509_AC in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] feature CERT_DECODE:OCSP_REQUEST in plugin 'pem' has unmet dependency: CERT_DECODE:OCSP_REQUEST
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:OCSP_REQUEST in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:PGP in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:ANY in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:ED25519 in plugin 'curve25519'
    Mar 5 00:24:03 charon 00[LIB] loop detected while loading PRIVKEY:ED25519 in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:ED25519 in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] feature PRIVKEY:BLISS in plugin 'pem' has unmet dependency: PRIVKEY:BLISS
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:BLISS in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] feature PRIVKEY:DSA in plugin 'pem' has unmet dependency: PRIVKEY:DSA
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:DSA in plugin 'pem'
    Mar 5 00:24:03 charon 00[CFG] ipseckey plugin is disabled
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:ipseckey in plugin 'ipseckey'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:PUBKEY in plugin 'sshkey'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:PGP in plugin 'pgp'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:3DES_CBC-24 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:ANY in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:ANY in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loop detected while loading PRIVKEY:ANY in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:ANY in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:ANY in plugin 'pgp'
    Mar 5 00:24:03 charon 00[LIB] loading feature CONTAINER_DECODE:PKCS7 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature CONTAINER_DECODE:PKCS12 in plugin 'pkcs12'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:ED448 in plugin 'pkcs8'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:ED25519 in plugin 'pkcs8'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:ANY in plugin 'pkcs8'
    Mar 5 00:24:03 charon 00[LIB] loading feature CONTAINER_ENCODE:PKCS7_ENVELOPED_DATA in plugin 'pkcs7'
    Mar 5 00:24:03 charon 00[LIB] loading feature CONTAINER_ENCODE:PKCS7_SIGNED_DATA in plugin 'pkcs7'
    Mar 5 00:24:03 charon 00[LIB] loading feature CONTAINER_ENCODE:PKCS7_DATA in plugin 'pkcs7'
    Mar 5 00:24:03 charon 00[LIB] loading feature CONTAINER_DECODE:PKCS7 in plugin 'pkcs7'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:ECDSA in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loop detected while loading PRIVKEY:ECDSA in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:ECDSA in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:ECDSA in plugin 'pkcs8'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_MD5 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:RSA in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loop detected while loading PRIVKEY:RSA in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:RSA in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:RSA in plugin 'pgp'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:RSA in plugin 'pkcs8'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:RSA in plugin 'pkcs1'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRIVKEY:ANY in plugin 'pkcs1'
    Mar 5 00:24:03 charon 00[LIB] feature CERT_DECODE:PUBKEY in plugin 'pubkey' has unmet soft dependency: PUBKEY:DSA
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:PUBKEY in plugin 'pubkey'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_ENCODE:PUBKEY in plugin 'pubkey'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:constraints in plugin 'constraints'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:openssl-threading in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature FETCHER:https:// in plugin 'curl'
    Mar 5 00:24:03 charon 00[LIB] loading feature FETCHER:http:// in plugin 'curl'
    Mar 5 00:24:03 charon 00[LIB] loading feature FETCHER:ftp:// in plugin 'curl'
    Mar 5 00:24:03 charon 00[LIB] loading feature FETCHER:file:// in plugin 'curl'
    Mar 5 00:24:03 charon 00[LIB] feature CERT_DECODE:X509 in plugin 'openssl' has unmet soft dependency: PUBKEY:DSA
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:X509 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loop detected while loading CERT_DECODE:X509 in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:X509 in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:X509_CRL in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loop detected while loading CERT_DECODE:X509_CRL in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:X509_CRL in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:OCSP_RESPONSE in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:revocation in plugin 'revocation'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:PKCS10_REQUEST in plugin 'x509'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_ENCODE:PKCS10_REQUEST in plugin 'x509'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:OCSP_RESPONSE in plugin 'x509'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_ENCODE:OCSP_REQUEST in plugin 'x509'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:X509_CRL in plugin 'x509'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_ENCODE:X509_CRL in plugin 'x509'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:X509_AC in plugin 'x509'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_ENCODE:X509_AC in plugin 'x509'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:ANY in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loop detected while loading PUBKEY:ANY in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:ANY in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:ANY in plugin 'sshkey'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:ANY in plugin 'dnskey'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:ANY in plugin 'pgp'
    Mar 5 00:24:03 charon 00[LIB] feature PUBKEY:ANY in plugin 'pkcs1' has unmet soft dependency: PUBKEY:DSA
    Mar 5 00:24:03 charon 00[LIB] feature PUBKEY:DSA in plugin 'pem' has unmet dependency: PUBKEY:DSA
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:DSA in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] feature PUBKEY:ANY in plugin 'pkcs1' has unmet soft dependency: PUBKEY:BLISS
    Mar 5 00:24:03 charon 00[LIB] feature PUBKEY:BLISS in plugin 'pem' has unmet dependency: PUBKEY:BLISS
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:BLISS in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] feature PUBKEY:ANY in plugin 'pkcs1' has unmet soft dependency: PUBKEY:ED448
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:ED25519 in plugin 'curve25519'
    Mar 5 00:24:03 charon 00[LIB] loop detected while loading PUBKEY:ED25519 in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:ED25519 in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:ECDSA in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loop detected while loading PUBKEY:ECDSA in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:ECDSA in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:RSA in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loop detected while loading PUBKEY:RSA in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:RSA in plugin 'pem'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:RSA in plugin 'dnskey'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:RSA in plugin 'pgp'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:RSA in plugin 'pkcs1'
    Mar 5 00:24:03 charon 00[LIB] loading feature PUBKEY:ANY in plugin 'pkcs1'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_DECODE:X509 in plugin 'x509'
    Mar 5 00:24:03 charon 00[LIB] loading feature CERT_ENCODE:X509 in plugin 'x509'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_MD5 in plugin 'md5'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_MD4 in plugin 'md4'
    Mar 5 00:24:03 charon 00[LIB] loading feature PRF:PRF_KEYED_SHA1 in plugin 'sha1'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_SHA2_512 in plugin 'sha2'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_SHA2_384 in plugin 'sha2'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_SHA2_256 in plugin 'sha2'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_SHA2_224 in plugin 'sha2'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:RC2_CBC-0 in plugin 'rc2'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:BLOWFISH_CBC-0 in plugin 'blowfish'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:DES_ECB-8 in plugin 'des'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:DES_CBC-8 in plugin 'des'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:3DES_CBC-24 in plugin 'des'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:AES_CBC-32 in plugin 'aes'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:AES_CBC-24 in plugin 'aes'
    Mar 5 00:24:03 charon 00[LIB] loading feature CRYPTER:AES_CBC-16 in plugin 'aes'
    Mar 5 00:24:03 charon 00[LIB] loading feature RESOLVER in plugin 'unbound'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:kernel-net in plugin 'kernel-pfroute'
    Mar 5 00:24:03 charon 00[NET] enabling UDP decapsulation for IPv6 on port 4500 failed
    Mar 5 00:24:03 charon 00[KNL] unable to set UDP_ENCAP: Invalid argument
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:kernel-ipsec in plugin 'kernel-pfkey'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:socket in plugin 'socket-default'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:libcharon-receiver in plugin 'charon'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_SHA1 in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature HASHER:HASH_SHA1 in plugin 'sha1'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:libcharon-sa-managers in plugin 'charon'
    Mar 5 00:24:03 charon 00[LIB] loading feature RNG:RNG_TRUE in plugin 'random'
    Mar 5 00:24:03 charon 00[LIB] loading feature RNG:RNG_STRONG in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature RNG:RNG_STRONG in plugin 'random'
    Mar 5 00:24:03 charon 00[LIB] loading feature RNG:RNG_WEAK in plugin 'openssl'
    Mar 5 00:24:03 charon 00[LIB] loading feature NONCE_GEN in plugin 'nonce'
    Mar 5 00:24:03 charon 00[LIB] loading feature CUSTOM:libcharon in plugin 'charon'
    Mar 5 00:24:03 charon 00[LIB] plugin 'counters': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'addrblock': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'whitelist': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'xauth-eap': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'xauth-generic': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'eap-peap': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'eap-ttls': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'eap-tls': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'eap-radius': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'eap-dynamic': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'eap-mschapv2': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'eap-md5': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'eap-sim-file': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'eap-sim': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'eap-identity': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'updown': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'vici': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'stroke': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'socket-default': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'resolve': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'kernel-pfroute': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'kernel-pfkey': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'attr': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'curl': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'hmac': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'cmac': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'xcbc': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'curve25519': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'fips-prf': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'openssl': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'pem': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'ipseckey': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'sshkey': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'dnskey': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'pgp': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'pkcs12': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'pkcs8': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'pkcs7': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'pkcs1': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'pubkey': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'constraints': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'revocation': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'x509': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'nonce': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'random': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'md5': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'md4': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'sha1': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'sha2': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'rc2': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'blowfish': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'des': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'aes': loaded successfully
    Mar 5 00:24:03 charon 00[LIB] plugin 'unbound': loaded successfully
    Mar 5 00:24:03 charon 00[DMN] Starting IKE charon daemon (strongSwan 5.6.2, FreeBSD 11.1-RELEASE-p6, amd64)</con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1>


  • Administrator

    Crash fixed in strongswan 5.6.2_1 that will be available together with next round of snapshots.

    Please let me know if you still see any problem after that



  • Thank you!  I will report my findings after I update.



  • I have applied the latest update (2.4.3.a.20180306.0526), and I am still seeing a crash in charon.  I will chime in again when it clears.

    Mar 6 15:54:56 ipsec_starter 91613 charon has died – restart scheduled (5sec)
    Mar 6 15:54:56 charon 15[DMN] <con2|1>killing ourself, received critical signal
    Mar 6 15:54:56 charon 15[LIB] <con2|1>->
    Mar 6 15:54:56 charon 15[LIB] <con2|1>/lib/libthr.so.3 @ 0x800f52000 (pthread_getspecific+0xe2f) [0x800f5fe9f]
    Mar 6 15:54:56 charon 15[LIB] <con2|1>->
    Mar 6 15:54:56 charon 15[LIB] <con2|1>/lib/libthr.so.3 @ 0x800f52000 (pthread_sigmask+0x536) [0x800f608f6]
    Mar 6 15:54:56 charon 15[LIB] <con2|1>dumping 2 stack frame addresses:
    Mar 6 15:54:56 charon 15[DMN] <con2|1>thread 15 received 11</con2|1></con2|1></con2|1></con2|1></con2|1></con2|1></con2|1>


  • Administrator

    Next round of snapshots is still building. You can confirm it running pkg info strongswan and you will note you are still using 5.6.2 and not fixed version that is 5.6.2_1

    It's gonna take ~1h to have new snaps



  • Excellent. I'm not familiar with the package management CLI. That is a very useful tip. Thank you.



  • I have now upgraded to 2.4.3.a.20180306.1433, and IPSec is working again with strongswan-5.6.2_1.

    Thank you for the help!


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy