4. VPN IPsec não reconecta após queda

VPN IPsec não reconecta após queda

  • A

    Tenho uma VPN IPsec entre kerio control e Pfsense
    O servidor é o Kerio control e o cliente Pfsense
    Estou com um problema estranho, quando desativo a VPN do lado do server, ao reativar a VPN não volta a conectar.
    O Pfsense continua mostrando a VPN como ativa porem perde os registros SA.

    Segue log.

    Jun 6 08:53:49	charon		06[CFG] vici client 7865 connected
Jun 6 08:53:49	charon		06[CFG] vici client 7865 connected
Jun 6 08:53:49	charon		06[CFG] vici client 7865 registered for: list-sa
Jun 6 08:53:49	charon		06[CFG] vici client 7865 registered for: list-sa
Jun 6 08:53:49	charon		05[CFG] vici client 7865 requests: list-sas
Jun 6 08:53:49	charon		05[CFG] vici client 7865 requests: list-sas
Jun 6 08:53:49	charon		06[CFG] vici client 7865 disconnected
Jun 6 08:53:49	charon		06[CFG] vici client 7865 disconnected
Jun 6 08:53:55	charon		05[CFG] vici client 7866 connected
Jun 6 08:53:55	charon		05[CFG] vici client 7866 connected
Jun 6 08:53:55	charon		09[CFG] vici client 7866 registered for: list-sa
Jun 6 08:53:55	charon		09[CFG] vici client 7866 registered for: list-sa
Jun 6 08:53:55	charon		05[CFG] vici client 7866 requests: list-sas
Jun 6 08:53:55	charon		05[CFG] vici client 7866 requests: list-sas
Jun 6 08:53:55	charon		05[CFG] vici client 7866 disconnected
Jun 6 08:53:55	charon		05[CFG] vici client 7866 disconnected
Jun 6 08:53:58	charon		05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes)
Jun 6 08:53:58	charon		05[NET] <con1000|112> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes)
Jun 6 08:53:58	charon		05[ENC] parsed INFORMATIONAL_V1 request 3077046638 [ HASH D ]
Jun 6 08:53:58	charon		05[ENC] <con1000|112> parsed INFORMATIONAL_V1 request 3077046638 [ HASH D ]
Jun 6 08:53:58	charon		05[IKE] received DELETE for ESP CHILD_SA with SPI cebb53ef
Jun 6 08:53:58	charon		05[IKE] <con1000|112> received DELETE for ESP CHILD_SA with SPI cebb53ef
Jun 6 08:53:58	charon		05[CHD] CHILD_SA con1000{3859} state change: INSTALLED => DELETING
Jun 6 08:53:58	charon		05[CHD] <con1000|112> CHILD_SA con1000{3859} state change: INSTALLED => DELETING
Jun 6 08:53:58	charon		05[IKE] closing CHILD_SA con1000{3859} with SPIs c07c6d8c_i (22848 bytes) cebb53ef_o (41344 bytes) and TS 10.2.2.0/24|/0 === 10.1.1.0/24|/0
Jun 6 08:53:58	charon		05[IKE] <con1000|112> closing CHILD_SA con1000{3859} with SPIs c07c6d8c_i (22848 bytes) cebb53ef_o (41344 bytes) and TS 10.2.2.0/24|/0 === 10.1.1.0/24|/0
Jun 6 08:53:58	charon		05[CHD] CHILD_SA con1000{3859} state change: DELETING => DESTROYING
Jun 6 08:53:58	charon		05[CHD] <con1000|112> CHILD_SA con1000{3859} state change: DELETING => DESTROYING
Jun 6 08:53:58	charon		09[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes)
Jun 6 08:53:58	charon		09[NET] <con1000|112> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes)
Jun 6 08:53:58	charon		09[ENC] parsed INFORMATIONAL_V1 request 1817637594 [ HASH D ]
Jun 6 08:53:58	charon		09[ENC] <con1000|112> parsed INFORMATIONAL_V1 request 1817637594 [ HASH D ]
Jun 6 08:53:58	charon		09[IKE] received DELETE for IKE_SA con1000[112]
Jun 6 08:53:58	charon		09[IKE] <con1000|112> received DELETE for IKE_SA con1000[112]
Jun 6 08:53:58	charon		09[IKE] deleting IKE_SA con1000[112] between 192.168.11.158[192.168.11.158]...192.168.10.139[192.168.10.139]
Jun 6 08:53:58	charon		09[IKE] <con1000|112> deleting IKE_SA con1000[112] between 192.168.11.158[192.168.11.158]...192.168.10.139[192.168.10.139]
Jun 6 08:53:58	charon		09[IKE] IKE_SA con1000[112] state change: ESTABLISHED => DELETING
Jun 6 08:53:58	charon		09[IKE] <con1000|112> IKE_SA con1000[112] state change: ESTABLISHED => DELETING
Jun 6 08:53:58	charon		09[IKE] IKE_SA con1000[112] state change: DELETING => DELETING
Jun 6 08:53:58	charon		09[IKE] <con1000|112> IKE_SA con1000[112] state change: DELETING => DELETING
Jun 6 08:53:58	charon		09[IKE] IKE_SA con1000[112] state change: DELETING => DESTROYING
Jun 6 08:53:58	charon		09[IKE] <con1000|112> IKE_SA con1000[112] state change: DELETING => DESTROYING
Jun 6 08:53:58	charon		09[KNL] creating acquire job for policy 192.168.11.158/32|/0 === 192.168.10.139/32|/0 with reqid {16}
Jun 6 08:53:58	charon		09[KNL] creating acquire job for policy 192.168.11.158/32|/0 === 192.168.10.139/32|/0 with reqid {16}
Jun 6 08:53:58	charon		05[IKE] queueing ISAKMP_VENDOR task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> queueing ISAKMP_VENDOR task
Jun 6 08:53:58	charon		05[IKE] queueing ISAKMP_CERT_PRE task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> queueing ISAKMP_CERT_PRE task
Jun 6 08:53:58	charon		05[IKE] queueing MAIN_MODE task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> queueing MAIN_MODE task
Jun 6 08:53:58	charon		05[IKE] queueing ISAKMP_CERT_POST task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> queueing ISAKMP_CERT_POST task
Jun 6 08:53:58	charon		05[IKE] queueing ISAKMP_NATD task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> queueing ISAKMP_NATD task
Jun 6 08:53:58	charon		05[IKE] queueing QUICK_MODE task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> queueing QUICK_MODE task
Jun 6 08:53:58	charon		05[IKE] activating new tasks
Jun 6 08:53:58	charon		05[IKE] <con1000|113> activating new tasks
Jun 6 08:53:58	charon		05[IKE] activating ISAKMP_VENDOR task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> activating ISAKMP_VENDOR task
Jun 6 08:53:58	charon		05[IKE] activating ISAKMP_CERT_PRE task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> activating ISAKMP_CERT_PRE task
Jun 6 08:53:58	charon		05[IKE] activating MAIN_MODE task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> activating MAIN_MODE task
Jun 6 08:53:58	charon		05[IKE] activating ISAKMP_CERT_POST task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> activating ISAKMP_CERT_POST task
Jun 6 08:53:58	charon		05[IKE] activating ISAKMP_NATD task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> activating ISAKMP_NATD task
Jun 6 08:53:58	charon		05[IKE] sending XAuth vendor ID
Jun 6 08:53:58	charon		05[IKE] <con1000|113> sending XAuth vendor ID
Jun 6 08:53:58	charon		05[IKE] sending DPD vendor ID
Jun 6 08:53:58	charon		05[IKE] <con1000|113> sending DPD vendor ID
Jun 6 08:53:58	charon		05[IKE] sending FRAGMENTATION vendor ID
Jun 6 08:53:58	charon		05[IKE] <con1000|113> sending FRAGMENTATION vendor ID
Jun 6 08:53:58	charon		05[IKE] sending NAT-T (RFC 3947) vendor ID
Jun 6 08:53:58	charon		05[IKE] <con1000|113> sending NAT-T (RFC 3947) vendor ID
Jun 6 08:53:58	charon		05[IKE] sending draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Jun 6 08:53:58	charon		05[IKE] <con1000|113> sending draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Jun 6 08:53:58	charon		05[IKE] initiating Main Mode IKE_SA con1000[113] to 192.168.10.139
Jun 6 08:53:58	charon		05[IKE] <con1000|113> initiating Main Mode IKE_SA con1000[113] to 192.168.10.139
Jun 6 08:53:58	charon		05[IKE] IKE_SA con1000[113] state change: CREATED => CONNECTING
Jun 6 08:53:58	charon		05[IKE] <con1000|113> IKE_SA con1000[113] state change: CREATED => CONNECTING
Jun 6 08:53:58	charon		05[CFG] configured proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Jun 6 08:53:58	charon		05[CFG] <con1000|113> configured proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Jun 6 08:53:58	charon		05[ENC] generating ID_PROT request 0 [ SA V V V V V ]
Jun 6 08:53:58	charon		05[ENC] <con1000|113> generating ID_PROT request 0 [ SA V V V V V ]
Jun 6 08:53:58	charon		05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (180 bytes)
Jun 6 08:53:58	charon		05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (180 bytes)
Jun 6 08:53:58	charon		05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (160 bytes)
Jun 6 08:53:58	charon		05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (160 bytes)
Jun 6 08:53:58	charon		05[ENC] parsed ID_PROT response 0 [ SA V V V V ]
Jun 6 08:53:58	charon		05[ENC] <con1000|113> parsed ID_PROT response 0 [ SA V V V V ]
Jun 6 08:53:58	charon		05[IKE] received XAuth vendor ID
Jun 6 08:53:58	charon		05[IKE] <con1000|113> received XAuth vendor ID
Jun 6 08:53:58	charon		05[IKE] received DPD vendor ID
Jun 6 08:53:58	charon		05[IKE] <con1000|113> received DPD vendor ID
Jun 6 08:53:58	charon		05[IKE] received FRAGMENTATION vendor ID
Jun 6 08:53:58	charon		05[IKE] <con1000|113> received FRAGMENTATION vendor ID
Jun 6 08:53:58	charon		05[IKE] received NAT-T (RFC 3947) vendor ID
Jun 6 08:53:58	charon		05[IKE] <con1000|113> received NAT-T (RFC 3947) vendor ID
Jun 6 08:53:58	charon		05[CFG] selecting proposal:
Jun 6 08:53:58	charon		05[CFG] <con1000|113> selecting proposal:
Jun 6 08:53:58	charon		05[CFG] proposal matches
Jun 6 08:53:58	charon		05[CFG] <con1000|113> proposal matches
Jun 6 08:53:58	charon		05[CFG] received proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Jun 6 08:53:58	charon		05[CFG] <con1000|113> received proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Jun 6 08:53:58	charon		05[CFG] configured proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Jun 6 08:53:58	charon		05[CFG] <con1000|113> configured proposals: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Jun 6 08:53:58	charon		05[CFG] selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Jun 6 08:53:58	charon		05[CFG] <con1000|113> selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Jun 6 08:53:58	charon		05[IKE] reinitiating already active tasks
Jun 6 08:53:58	charon		05[IKE] <con1000|113> reinitiating already active tasks
Jun 6 08:53:58	charon		05[IKE] ISAKMP_VENDOR task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> ISAKMP_VENDOR task
Jun 6 08:53:58	charon		05[IKE] MAIN_MODE task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> MAIN_MODE task
Jun 6 08:53:58	charon		05[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Jun 6 08:53:58	charon		05[ENC] <con1000|113> generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Jun 6 08:53:58	charon		05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (372 bytes)
Jun 6 08:53:58	charon		05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (372 bytes)
Jun 6 08:53:58	charon		05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (372 bytes)
Jun 6 08:53:58	charon		05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (372 bytes)
Jun 6 08:53:58	charon		05[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Jun 6 08:53:58	charon		05[ENC] <con1000|113> parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Jun 6 08:53:58	charon		05[IKE] reinitiating already active tasks
Jun 6 08:53:58	charon		05[IKE] <con1000|113> reinitiating already active tasks
Jun 6 08:53:58	charon		05[IKE] ISAKMP_VENDOR task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> ISAKMP_VENDOR task
Jun 6 08:53:58	charon		05[IKE] MAIN_MODE task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> MAIN_MODE task
Jun 6 08:53:58	charon		05[ENC] generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
Jun 6 08:53:58	charon		05[ENC] <con1000|113> generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
Jun 6 08:53:58	charon		05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (108 bytes)
Jun 6 08:53:58	charon		05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (108 bytes)
Jun 6 08:53:58	charon		05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes)
Jun 6 08:53:58	charon		05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes)
Jun 6 08:53:58	charon		05[ENC] parsed ID_PROT response 0 [ ID HASH ]
Jun 6 08:53:58	charon		05[ENC] <con1000|113> parsed ID_PROT response 0 [ ID HASH ]
Jun 6 08:53:58	charon		05[IKE] IKE_SA con1000[113] established between 192.168.11.158[192.168.11.158]...192.168.10.139[192.168.10.139]
Jun 6 08:53:58	charon		05[IKE] <con1000|113> IKE_SA con1000[113] established between 192.168.11.158[192.168.11.158]...192.168.10.139[192.168.10.139]
Jun 6 08:53:58	charon		05[IKE] IKE_SA con1000[113] state change: CONNECTING => ESTABLISHED
Jun 6 08:53:58	charon		05[IKE] <con1000|113> IKE_SA con1000[113] state change: CONNECTING => ESTABLISHED
Jun 6 08:53:58	charon		05[IKE] activating new tasks
Jun 6 08:53:58	charon		05[IKE] <con1000|113> activating new tasks
Jun 6 08:53:58	charon		05[IKE] activating QUICK_MODE task
Jun 6 08:53:58	charon		05[IKE] <con1000|113> activating QUICK_MODE task
Jun 6 08:53:58	charon		05[CFG] configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Jun 6 08:53:58	charon		05[CFG] <con1000|113> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Jun 6 08:53:58	charon		05[CFG] configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Jun 6 08:53:58	charon		05[CFG] <con1000|113> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Jun 6 08:53:58	charon		05[CFG] proposing traffic selectors for us:
Jun 6 08:53:58	charon		05[CFG] <con1000|113> proposing traffic selectors for us:
Jun 6 08:53:58	charon		05[CFG] 10.2.2.0/24|/0
Jun 6 08:53:58	charon		05[CFG] <con1000|113> 10.2.2.0/24|/0
Jun 6 08:53:58	charon		05[CFG] proposing traffic selectors for other:
Jun 6 08:53:58	charon		05[CFG] <con1000|113> proposing traffic selectors for other:
Jun 6 08:53:58	charon		05[CFG] 10.1.1.0/24|/0
Jun 6 08:53:58	charon		05[CFG] <con1000|113> 10.1.1.0/24|/0
Jun 6 08:53:58	charon		05[ENC] generating QUICK_MODE request 2925514357 [ HASH SA No ID ID ]
Jun 6 08:53:58	charon		05[ENC] <con1000|113> generating QUICK_MODE request 2925514357 [ HASH SA No ID ID ]
Jun 6 08:53:58	charon		05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (172 bytes)
Jun 6 08:53:58	charon		05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (172 bytes)
Jun 6 08:53:58	charon		05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes)
Jun 6 08:53:58	charon		05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes)
Jun 6 08:53:58	charon		05[ENC] parsed INFORMATIONAL_V1 request 3295040018 [ HASH N(INVAL_ID) ]
Jun 6 08:53:58	charon		05[ENC] <con1000|113> parsed INFORMATIONAL_V1 request 3295040018 [ HASH N(INVAL_ID) ]
Jun 6 08:53:58	charon		05[IKE] received INVALID_ID_INFORMATION error notify
Jun 6 08:53:58	charon		05[IKE] <con1000|113> received INVALID_ID_INFORMATION error notify
Jun 6 08:53:58	charon		05[CHD] CHILD_SA con1000{3860} state change: CREATED => DESTROYING
Jun 6 08:53:58	charon		05[CHD] <con1000|113> CHILD_SA con1000{3860} state change: CREATED => DESTROYING
Jun 6 08:54:01	charon		09[CFG] vici client 7867 connected
Jun 6 08:54:01	charon		08[CFG] vici client 7867 registered for: list-sa
Jun 6 08:54:01	charon		09[CFG] vici client 7867 connected
Jun 6 08:54:01	charon		08[CFG] vici client 7867 registered for: list-sa
Jun 6 08:54:01	charon		08[CFG] vici client 7867 requests: list-sas
Jun 6 08:54:01	charon		08[CFG] vici client 7867 requests: list-sas
Jun 6 08:54:01	charon		08[CFG] vici client 7867 disconnected
Jun 6 08:54:01	charon		08[CFG] vici client 7867 disconnected
Jun 6 08:54:07	charon		07[CFG] vici client 7868 connected
Jun 6 08:54:07	charon		07[CFG] vici client 7868 connected
Jun 6 08:54:07	charon		13[CFG] vici client 7868 registered for: list-sa
Jun 6 08:54:07	charon		13[CFG] vici client 7868 registered for: list-sa
Jun 6 08:54:07	charon		07[CFG] vici client 7868 requests: list-sas
Jun 6 08:54:07	charon		07[CFG] vici client 7868 requests: list-sas
Jun 6 08:54:07	charon		05[CFG] vici client 7868 disconnected
Jun 6 08:54:07	charon		05[CFG] vici client 7868 disconnected
Jun 6 08:54:08	charon		05[IKE] sending DPD request
Jun 6 08:54:08	charon		05[IKE] <con1000|113> sending DPD request
Jun 6 08:54:08	charon		05[IKE] queueing ISAKMP_DPD task
Jun 6 08:54:08	charon		05[IKE] <con1000|113> queueing ISAKMP_DPD task
Jun 6 08:54:08	charon		05[IKE] activating new tasks
Jun 6 08:54:08	charon		05[IKE] <con1000|113> activating new tasks
Jun 6 08:54:08	charon		05[IKE] activating ISAKMP_DPD task
Jun 6 08:54:08	charon		05[IKE] <con1000|113> activating ISAKMP_DPD task
Jun 6 08:54:08	charon		05[ENC] generating INFORMATIONAL_V1 request 2257420365 [ HASH N(DPD) ]
Jun 6 08:54:08	charon		05[ENC] <con1000|113> generating INFORMATIONAL_V1 request 2257420365 [ HASH N(DPD) ]
Jun 6 08:54:08	charon		05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (92 bytes)
Jun 6 08:54:08	charon		05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (92 bytes)
Jun 6 08:54:08	charon		05[IKE] activating new tasks
Jun 6 08:54:08	charon		05[IKE] <con1000|113> activating new tasks
Jun 6 08:54:08	charon		05[IKE] nothing to initiate
Jun 6 08:54:08	charon		05[IKE] <con1000|113> nothing to initiate
Jun 6 08:54:08	charon		05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes)
Jun 6 08:54:08	charon		05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes)
Jun 6 08:54:08	charon		05[ENC] parsed INFORMATIONAL_V1 request 3545185375 [ HASH N(DPD_ACK) ]
Jun 6 08:54:08	charon		05[ENC] <con1000|113> parsed INFORMATIONAL_V1 request 3545185375 [ HASH N(DPD_ACK) ]
Jun 6 08:54:08	charon		05[IKE] activating new tasks
Jun 6 08:54:08	charon		05[IKE] <con1000|113> activating new tasks
Jun 6 08:54:08	charon		05[IKE] nothing to initiate
Jun 6 08:54:08	charon		05[IKE] <con1000|113> nothing to initiate
Jun 6 08:54:10	charon		05[KNL] creating acquire job for policy 192.168.11.158/32|/0 === 192.168.10.139/32|/0 with reqid {16}
Jun 6 08:54:10	charon		05[KNL] creating acquire job for policy 192.168.11.158/32|/0 === 192.168.10.139/32|/0 with reqid {16}
Jun 6 08:54:10	charon		07[IKE] queueing QUICK_MODE task
Jun 6 08:54:10	charon		07[IKE] <con1000|113> queueing QUICK_MODE task
Jun 6 08:54:10	charon		07[IKE] activating new tasks
Jun 6 08:54:10	charon		07[IKE] <con1000|113> activating new tasks
Jun 6 08:54:10	charon		07[IKE] activating QUICK_MODE task
Jun 6 08:54:10	charon		07[IKE] <con1000|113> activating QUICK_MODE task
Jun 6 08:54:10	charon		07[CFG] configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Jun 6 08:54:10	charon		07[CFG] <con1000|113> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Jun 6 08:54:10	charon		07[CFG] configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Jun 6 08:54:10	charon		07[CFG] <con1000|113> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Jun 6 08:54:10	charon		07[CFG] proposing traffic selectors for us:
Jun 6 08:54:10	charon		07[CFG] <con1000|113> proposing traffic selectors for us:
Jun 6 08:54:10	charon		07[CFG] 10.2.2.0/24|/0
Jun 6 08:54:10	charon		07[CFG] <con1000|113> 10.2.2.0/24|/0
Jun 6 08:54:10	charon		07[CFG] proposing traffic selectors for other:
Jun 6 08:54:10	charon		07[CFG] <con1000|113> proposing traffic selectors for other:
Jun 6 08:54:10	charon		07[CFG] 10.1.1.0/24|/0
Jun 6 08:54:10	charon		07[CFG] <con1000|113> 10.1.1.0/24|/0
Jun 6 08:54:10	charon		07[ENC] generating QUICK_MODE request 232060376 [ HASH SA No ID ID ]
Jun 6 08:54:10	charon		07[ENC] <con1000|113> generating QUICK_MODE request 232060376 [ HASH SA No ID ID ]
Jun 6 08:54:10	charon		07[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (172 bytes)
Jun 6 08:54:10	charon		07[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (172 bytes)
Jun 6 08:54:10	charon		07[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes)
Jun 6 08:54:10	charon		07[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes)
Jun 6 08:54:10	charon		07[ENC] parsed INFORMATIONAL_V1 request 2551075680 [ HASH N(INVAL_ID) ]
Jun 6 08:54:10	charon		07[ENC] <con1000|113> parsed INFORMATIONAL_V1 request 2551075680 [ HASH N(INVAL_ID) ]
Jun 6 08:54:10	charon		07[IKE] received INVALID_ID_INFORMATION error notify
Jun 6 08:54:10	charon		07[IKE] <con1000|113> received INVALID_ID_INFORMATION error notify
Jun 6 08:54:10	charon		07[CHD] CHILD_SA con1000{3861} state change: CREATED => DESTROYING
Jun 6 08:54:10	charon		07[CHD] <con1000|113> CHILD_SA con1000{3861} state change: CREATED => DESTROYING
Jun 6 08:54:13	charon		05[CFG] vici client 7869 connected
Jun 6 08:54:13	charon		05[CFG] vici client 7869 connected
Jun 6 08:54:13	charon		08[CFG] vici client 7869 registered for: list-sa
Jun 6 08:54:13	charon		08[CFG] vici client 7869 registered for: list-sa
Jun 6 08:54:13	charon		07[CFG] vici client 7869 requests: list-sas
Jun 6 08:54:13	charon		07[CFG] vici client 7869 requests: list-sas
Jun 6 08:54:13	charon		07[CFG] vici client 7869 disconnected
Jun 6 08:54:13	charon		07[CFG] vici client 7869 disconnected
Jun 6 08:54:19	charon		05[CFG] vici client 7870 connected
Jun 6 08:54:19	charon		05[CFG] vici client 7870 connected
Jun 6 08:54:19	charon		10[CFG] vici client 7870 registered for: list-sa
Jun 6 08:54:19	charon		10[CFG] vici client 7870 registered for: list-sa
Jun 6 08:54:19	charon		05[CFG] vici client 7870 requests: list-sas
Jun 6 08:54:19	charon		05[CFG] vici client 7870 requests: list-sas
Jun 6 08:54:19	charon		07[CFG] vici client 7870 disconnected
Jun 6 08:54:19	charon		07[CFG] vici client 7870 disconnected
Jun 6 08:54:21	charon		07[IKE] sending DPD request
Jun 6 08:54:21	charon		07[IKE] <con1000|113> sending DPD request
Jun 6 08:54:21	charon		07[IKE] queueing ISAKMP_DPD task
Jun 6 08:54:21	charon		07[IKE] <con1000|113> queueing ISAKMP_DPD task
Jun 6 08:54:21	charon		07[IKE] activating new tasks
Jun 6 08:54:21	charon		07[IKE] <con1000|113> activating new tasks
Jun 6 08:54:21	charon		07[IKE] activating ISAKMP_DPD task
Jun 6 08:54:21	charon		07[IKE] <con1000|113> activating ISAKMP_DPD task
Jun 6 08:54:21	charon		07[ENC] generating INFORMATIONAL_V1 request 4279125103 [ HASH N(DPD) ]
Jun 6 08:54:21	charon		07[ENC] <con1000|113> generating INFORMATIONAL_V1 request 4279125103 [ HASH N(DPD) ]
Jun 6 08:54:21	charon		07[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (92 bytes)
Jun 6 08:54:21	charon		07[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (92 bytes)
Jun 6 08:54:21	charon		07[IKE] activating new tasks
Jun 6 08:54:21	charon		07[IKE] <con1000|113> activating new tasks
Jun 6 08:54:21	charon		07[IKE] nothing to initiate
Jun 6 08:54:21	charon		07[IKE] <con1000|113> nothing to initiate
Jun 6 08:54:21	charon		07[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes)
Jun 6 08:54:21	charon		07[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes)
Jun 6 08:54:21	charon		07[ENC] parsed INFORMATIONAL_V1 request 4279903309 [ HASH N(DPD_ACK) ]
Jun 6 08:54:21	charon		07[ENC] <con1000|113> parsed INFORMATIONAL_V1 request 4279903309 [ HASH N(DPD_ACK) ]
Jun 6 08:54:21	charon		07[IKE] activating new tasks
Jun 6 08:54:21	charon		07[IKE] <con1000|113> activating new tasks
Jun 6 08:54:21	charon		07[IKE] nothing to initiate
Jun 6 08:54:21	charon		07[IKE] <con1000|113> nothing to initiate
Jun 6 08:54:22	charon		07[KNL] creating acquire job for policy 192.168.11.158/32|/0 === 192.168.10.139/32|/0 with reqid {16}
Jun 6 08:54:22	charon		07[KNL] creating acquire job for policy 192.168.11.158/32|/0 === 192.168.10.139/32|/0 with reqid {16}
Jun 6 08:54:22	charon		05[IKE] queueing QUICK_MODE task
Jun 6 08:54:22	charon		05[IKE] <con1000|113> queueing QUICK_MODE task
Jun 6 08:54:22	charon		05[IKE] activating new tasks
Jun 6 08:54:22	charon		05[IKE] <con1000|113> activating new tasks
Jun 6 08:54:22	charon		05[IKE] activating QUICK_MODE task
Jun 6 08:54:22	charon		05[IKE] <con1000|113> activating QUICK_MODE task
Jun 6 08:54:22	charon		05[CFG] configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Jun 6 08:54:22	charon		05[CFG] <con1000|113> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Jun 6 08:54:22	charon		05[CFG] configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Jun 6 08:54:22	charon		05[CFG] <con1000|113> configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Jun 6 08:54:22	charon		05[CFG] proposing traffic selectors for us:
Jun 6 08:54:22	charon		05[CFG] <con1000|113> proposing traffic selectors for us:
Jun 6 08:54:22	charon		05[CFG] 10.2.2.0/24|/0
Jun 6 08:54:22	charon		05[CFG] <con1000|113> 10.2.2.0/24|/0
Jun 6 08:54:22	charon		05[CFG] proposing traffic selectors for other:
Jun 6 08:54:22	charon		05[CFG] <con1000|113> proposing traffic selectors for other:
Jun 6 08:54:22	charon		05[CFG] 10.1.1.0/24|/0
Jun 6 08:54:22	charon		05[CFG] <con1000|113> 10.1.1.0/24|/0
Jun 6 08:54:22	charon		05[ENC] generating QUICK_MODE request 3232594732 [ HASH SA No ID ID ]
Jun 6 08:54:22	charon		05[ENC] <con1000|113> generating QUICK_MODE request 3232594732 [ HASH SA No ID ID ]
Jun 6 08:54:22	charon		05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (172 bytes)
Jun 6 08:54:22	charon		05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (172 bytes)
Jun 6 08:54:22	charon		05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes)
Jun 6 08:54:22	charon		05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (76 bytes)
Jun 6 08:54:22	charon		05[ENC] parsed INFORMATIONAL_V1 request 3898705547 [ HASH N(INVAL_ID) ]
Jun 6 08:54:22	charon		05[ENC] <con1000|113> parsed INFORMATIONAL_V1 request 3898705547 [ HASH N(INVAL_ID) ]
Jun 6 08:54:22	charon		05[IKE] received INVALID_ID_INFORMATION error notify
Jun 6 08:54:22	charon		05[IKE] <con1000|113> received INVALID_ID_INFORMATION error notify
Jun 6 08:54:22	charon		05[CHD] CHILD_SA con1000{3862} state change: CREATED => DESTROYING
Jun 6 08:54:22	charon		05[CHD] <con1000|113> CHILD_SA con1000{3862} state change: CREATED => DESTROYING
Jun 6 08:54:25	charon		07[CFG] vici client 7871 connected
Jun 6 08:54:25	charon		07[CFG] vici client 7871 connected
Jun 6 08:54:25	charon		15[CFG] vici client 7871 registered for: list-sa
Jun 6 08:54:25	charon		15[CFG] vici client 7871 registered for: list-sa
Jun 6 08:54:25	charon		05[CFG] vici client 7871 requests: list-sas
Jun 6 08:54:25	charon		05[CFG] vici client 7871 requests: list-sas
Jun 6 08:54:25	charon		15[CFG] vici client 7871 disconnected
Jun 6 08:54:25	charon		15[CFG] vici client 7871 disconnected
Jun 6 08:54:31	charon		05[CFG] vici client 7872 connected
Jun 6 08:54:31	charon		05[CFG] vici client 7872 connected
Jun 6 08:54:31	charon		11[CFG] vici client 7872 registered for: list-sa
Jun 6 08:54:31	charon		11[CFG] vici client 7872 registered for: list-sa
Jun 6 08:54:31	charon		05[CFG] vici client 7872 requests: list-sas
Jun 6 08:54:31	charon		05[CFG] vici client 7872 requests: list-sas
Jun 6 08:54:31	charon		05[CFG] vici client 7872 disconnected
Jun 6 08:54:31	charon		05[CFG] vici client 7872 disconnected
Jun 6 08:54:33	charon		05[IKE] sending DPD request
Jun 6 08:54:33	charon		05[IKE] <con1000|113> sending DPD request
Jun 6 08:54:33	charon		05[IKE] queueing ISAKMP_DPD task
Jun 6 08:54:33	charon		05[IKE] <con1000|113> queueing ISAKMP_DPD task
Jun 6 08:54:33	charon		05[IKE] activating new tasks
Jun 6 08:54:33	charon		05[IKE] <con1000|113> activating new tasks
Jun 6 08:54:33	charon		05[IKE] activating ISAKMP_DPD task
Jun 6 08:54:33	charon		05[IKE] <con1000|113> activating ISAKMP_DPD task
Jun 6 08:54:33	charon		05[ENC] generating INFORMATIONAL_V1 request 2116311108 [ HASH N(DPD) ]
Jun 6 08:54:33	charon		05[ENC] <con1000|113> generating INFORMATIONAL_V1 request 2116311108 [ HASH N(DPD) ]
Jun 6 08:54:33	charon		05[NET] sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (92 bytes)
Jun 6 08:54:33	charon		05[NET] <con1000|113> sending packet: from 192.168.11.158[500] to 192.168.10.139[500] (92 bytes)
Jun 6 08:54:33	charon		05[IKE] activating new tasks
Jun 6 08:54:33	charon		05[IKE] <con1000|113> activating new tasks
Jun 6 08:54:33	charon		05[IKE] nothing to initiate
Jun 6 08:54:33	charon		05[IKE] <con1000|113> nothing to initiate
Jun 6 08:54:33	charon		05[NET] received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes)
Jun 6 08:54:33	charon		05[NET] <con1000|113> received packet: from 192.168.10.139[500] to 192.168.11.158[500] (92 bytes)
Jun 6 08:54:33	charon		05[ENC] parsed INFORMATIONAL_V1 request 51743917 [ HASH N(DPD_ACK) ]
Jun 6 08:54:33	charon		05[ENC] <con1000|113> parsed INFORMATIONAL_V1 request 51743917 [ HASH N(DPD_ACK) ]
Jun 6 08:54:33	charon		05[IKE] activating new tasks
Jun 6 08:54:33	charon		05[IKE] <con1000|113> activating new tasks
Jun 6 08:54:33	charon		05[IKE] nothing to initiate
Jun 6 08:54:33	charon		05[IKE] <con1000|113> nothing to initiate
    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy