4. IPSec tunnel to Palo Alto keeps disconnecting

IPSec tunnel to Palo Alto keeps disconnecting

  • T

    I have an IPSec tunnel with a Palo Alto firewall at the other end. I think it can run OK for a day or two. Then it goes down for an hour or two, then comes back up on its own about an hour later.

    It seems like it goes down near when it's time to rekey Phase1. The Palo Alto admin said he's seeing a message like 'Phase1' mismatch, but he's not sure. We have verified the settings do match exactly on both sides.

    Has anyone else seen anything like this?

    0
  • T
     

    Apr  4 08:40:44 mbsnet-pf1 charon: 14[IKE] <con19000|197> giving up after 5 retransmits
Apr  4 08:40:44 mbsnet-pf1 charon: 14[IKE] <con19000|197> peer not responding, trying again (3/3)
Apr  4 08:40:44 mbsnet-pf1 charon: 14[IKE] <con19000|197> initiating Main Mode IKE_SA con19000[197] to THEIR.IP.ADD.RESS
Apr  4 08:40:44 mbsnet-pf1 charon: 14[ENC] <con19000|197> generating ID_PROT request 0 [ SA V V V V V ]
Apr  4 08:40:44 mbsnet-pf1 charon: 14[NET] <con19000|197> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:40:48 mbsnet-pf1 charon: 08[IKE] <con19000|197> sending retransmit 1 of request message ID 0, seq 1
Apr  4 08:40:48 mbsnet-pf1 charon: 08[NET] <con19000|197> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:40:53 mbsnet-pf1 charon: 09[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {37}
Apr  4 08:40:55 mbsnet-pf1 charon: 11[IKE] <con19000|197> sending retransmit 2 of request message ID 0, seq 1
Apr  4 08:40:55 mbsnet-pf1 charon: 11[NET] <con19000|197> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:40:58 mbsnet-pf1 charon: 09[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {37}
Apr  4 08:41:05 mbsnet-pf1 charon: 07[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {37}
Apr  4 08:41:08 mbsnet-pf1 charon: 13[IKE] <con19000|197> sending retransmit 3 of request message ID 0, seq 1
Apr  4 08:41:08 mbsnet-pf1 charon: 13[NET] <con19000|197> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:41:16 mbsnet-pf1 charon: 11[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {37}
Apr  4 08:41:20 mbsnet-pf1 charon: 09[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {37}
Apr  4 08:41:31 mbsnet-pf1 charon: 15[IKE] <con19000|197> sending retransmit 4 of request message ID 0, seq 1
Apr  4 08:41:31 mbsnet-pf1 charon: 15[NET] <con19000|197> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:41:37 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {37}
Apr  4 08:41:42 mbsnet-pf1 charon: 05[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {37}
Apr  4 08:41:53 mbsnet-pf1 charon: 05[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {37}
Apr  4 08:41:58 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {37}
Apr  4 08:42:04 mbsnet-pf1 charon: 12[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {37}
Apr  4 08:42:13 mbsnet-pf1 charon: 06[IKE] <con19000|197> sending retransmit 5 of request message ID 0, seq 1
Apr  4 08:42:13 mbsnet-pf1 charon: 06[NET] <con19000|197> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:42:14 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {37}
Apr  4 08:42:22 mbsnet-pf1 charon: 09[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {37}
Apr  4 08:42:26 mbsnet-pf1 charon: 16[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {37}
Apr  4 08:42:32 mbsnet-pf1 charon: 10[CFG]   loaded IKE secret for %any THEIR.IP.ADD.RESS
Apr  4 08:42:32 mbsnet-pf1 charon: 14[CFG] received stroke: unroute 'con19000'
Apr  4 08:42:32 mbsnet-pf1 ipsec_starter[79762]: configuration 'con19000' unrouted
Apr  4 08:42:32 mbsnet-pf1 charon: 16[CFG] received stroke: delete connection 'con19000'
Apr  4 08:42:32 mbsnet-pf1 charon: 16[CFG] deleted connection 'con19000'
Apr  4 08:42:32 mbsnet-pf1 charon: 07[CFG] received stroke: add connection 'con19000'
Apr  4 08:42:32 mbsnet-pf1 charon: 07[CFG] added configuration 'con19000'
Apr  4 08:42:32 mbsnet-pf1 charon: 14[CFG] received stroke: route 'con19000'
Apr  4 08:42:32 mbsnet-pf1 ipsec_starter[79762]: 'con19000' routed
Apr  4 08:42:32 mbsnet-pf1 charon: 14[CFG] added child to existing configuration 'con19000'
Apr  4 08:42:32 mbsnet-pf1 charon: 05[CFG] added child to existing configuration 'con19000'
Apr  4 08:42:32 mbsnet-pf1 charon: 14[CFG] added child to existing configuration 'con19000'
Apr  4 08:42:33 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:42:33 mbsnet-pf1 charon: 16[IKE] <con19000|200> initiating Main Mode IKE_SA con19000[200] to THEIR.IP.ADD.RESS
Apr  4 08:42:33 mbsnet-pf1 charon: 16[ENC] <con19000|200> generating ID_PROT request 0 [ SA V V V V V ]
Apr  4 08:42:33 mbsnet-pf1 charon: 16[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:42:37 mbsnet-pf1 charon: 07[IKE] <con19000|200> sending retransmit 1 of request message ID 0, seq 1
Apr  4 08:42:37 mbsnet-pf1 charon: 07[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:42:44 mbsnet-pf1 charon: 07[IKE] <con19000|200> sending retransmit 2 of request message ID 0, seq 1
Apr  4 08:42:44 mbsnet-pf1 charon: 07[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:42:46 mbsnet-pf1 charon: 07[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:42:51 mbsnet-pf1 charon: 13[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:42:55 mbsnet-pf1 charon: 08[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:42:57 mbsnet-pf1 charon: 08[IKE] <con19000|200> sending retransmit 3 of request message ID 0, seq 1
Apr  4 08:42:57 mbsnet-pf1 charon: 08[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:43:02 mbsnet-pf1 charon: 07[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {63}
Apr  4 08:43:02 mbsnet-pf1 charon: 05[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:43:14 mbsnet-pf1 charon: 10[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:43:16 mbsnet-pf1 charon: 10[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:43:20 mbsnet-pf1 charon: 08[IKE] <con19000|200> sending retransmit 4 of request message ID 0, seq 1
Apr  4 08:43:20 mbsnet-pf1 charon: 08[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:43:26 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {63}
Apr  4 08:43:29 mbsnet-pf1 charon: 11[IKE] <con19000|197> giving up after 5 retransmits
Apr  4 08:43:29 mbsnet-pf1 charon: 11[IKE] <con19000|197> establishing IKE_SA failed, peer not responding
Apr  4 08:43:29 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:43:38 mbsnet-pf1 charon: 09[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:43:49 mbsnet-pf1 charon: 07[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:43:50 mbsnet-pf1 charon: 05[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {63}
Apr  4 08:43:54 mbsnet-pf1 charon: 10[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:43:59 mbsnet-pf1 charon: 10[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:44:02 mbsnet-pf1 charon: 06[IKE] <con19000|200> sending retransmit 5 of request message ID 0, seq 1
Apr  4 08:44:02 mbsnet-pf1 charon: 06[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:44:09 mbsnet-pf1 charon: 07[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:44:22 mbsnet-pf1 charon: 12[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:44:34 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:44:44 mbsnet-pf1 charon: 12[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:44:49 mbsnet-pf1 charon: 13[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:44:55 mbsnet-pf1 charon: 13[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:45:04 mbsnet-pf1 charon: 05[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:45:06 mbsnet-pf1 charon: 09[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:45:18 mbsnet-pf1 charon: 16[IKE] <con19000|200> giving up after 5 retransmits
Apr  4 08:45:18 mbsnet-pf1 charon: 16[IKE] <con19000|200> peer not responding, trying again (2/3)
Apr  4 08:45:18 mbsnet-pf1 charon: 16[IKE] <con19000|200> initiating Main Mode IKE_SA con19000[200] to THEIR.IP.ADD.RESS
Apr  4 08:45:18 mbsnet-pf1 charon: 16[ENC] <con19000|200> generating ID_PROT request 0 [ SA V V V V V ]
Apr  4 08:45:18 mbsnet-pf1 charon: 16[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:45:22 mbsnet-pf1 charon: 13[IKE] <con19000|200> sending retransmit 1 of request message ID 0, seq 1
Apr  4 08:45:22 mbsnet-pf1 charon: 13[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:45:22 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:45:28 mbsnet-pf1 charon: 15[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:45:29 mbsnet-pf1 charon: 05[IKE] <con19000|200> sending retransmit 2 of request message ID 0, seq 1
Apr  4 08:45:29 mbsnet-pf1 charon: 05[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:45:42 mbsnet-pf1 charon: 12[IKE] <con19000|200> sending retransmit 3 of request message ID 0, seq 1
Apr  4 08:45:42 mbsnet-pf1 charon: 12[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:45:44 mbsnet-pf1 charon: 13[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:45:48 mbsnet-pf1 charon: 08[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:45:49 mbsnet-pf1 charon: 15[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:45:56 mbsnet-pf1 charon: 15[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:46:05 mbsnet-pf1 charon: 08[IKE] <con19000|200> sending retransmit 4 of request message ID 0, seq 1
Apr  4 08:46:05 mbsnet-pf1 charon: 08[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:46:09 mbsnet-pf1 charon: 12[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:46:12 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:46:24 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:46:32 mbsnet-pf1 charon: 13[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:46:34 mbsnet-pf1 charon: 13[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:46:40 mbsnet-pf1 charon: 05[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:46:44 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:46:47 mbsnet-pf1 charon: 16[IKE] <con19000|200> sending retransmit 5 of request message ID 0, seq 1
Apr  4 08:46:47 mbsnet-pf1 charon: 16[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:46:49 mbsnet-pf1 charon: 09[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:46:54 mbsnet-pf1 charon: 16[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:46:56 mbsnet-pf1 charon: 11[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:47:01 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {63}
Apr  4 08:47:03 mbsnet-pf1 charon: 09[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {61}
Apr  4 08:47:09 mbsnet-pf1 charon: 08[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:47:18 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:47:25 mbsnet-pf1 charon: 15[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {63}
Apr  4 08:47:29 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:47:39 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:47:43 mbsnet-pf1 charon: 10[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:47:51 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {63}
Apr  4 08:47:51 mbsnet-pf1 charon: 08[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:47:59 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {61}
Apr  4 08:48:00 mbsnet-pf1 charon: 13[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:48:03 mbsnet-pf1 charon: 11[IKE] <con19000|200> giving up after 5 retransmits
Apr  4 08:48:03 mbsnet-pf1 charon: 11[IKE] <con19000|200> peer not responding, trying again (3/3)
Apr  4 08:48:03 mbsnet-pf1 charon: 11[IKE] <con19000|200> initiating Main Mode IKE_SA con19000[200] to THEIR.IP.ADD.RESS
Apr  4 08:48:03 mbsnet-pf1 charon: 11[ENC] <con19000|200> generating ID_PROT request 0 [ SA V V V V V ]
Apr  4 08:48:03 mbsnet-pf1 charon: 11[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:48:07 mbsnet-pf1 charon: 11[IKE] <con19000|200> sending retransmit 1 of request message ID 0, seq 1
Apr  4 08:48:07 mbsnet-pf1 charon: 11[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:48:13 mbsnet-pf1 charon: 07[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:48:14 mbsnet-pf1 charon: 07[IKE] <con19000|200> sending retransmit 2 of request message ID 0, seq 1
Apr  4 08:48:14 mbsnet-pf1 charon: 07[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:48:18 mbsnet-pf1 charon: 13[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {64}
Apr  4 08:48:24 mbsnet-pf1 charon: 11[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:48:27 mbsnet-pf1 charon: 12[IKE] <con19000|200> sending retransmit 3 of request message ID 0, seq 1
Apr  4 08:48:27 mbsnet-pf1 charon: 12[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:48:29 mbsnet-pf1 charon: 09[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:48:36 mbsnet-pf1 charon: 08[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:48:39 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:48:46 mbsnet-pf1 charon: 08[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:48:49 mbsnet-pf1 charon: 08[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {63}
Apr  4 08:48:51 mbsnet-pf1 charon: 08[IKE] <con19000|200> sending retransmit 4 of request message ID 0, seq 1
Apr  4 08:48:51 mbsnet-pf1 charon: 08[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:48:51 mbsnet-pf1 charon: 15[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:49:00 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:49:07 mbsnet-pf1 charon: 15[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:49:14 mbsnet-pf1 charon: 08[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {64}
Apr  4 08:49:19 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:49:29 mbsnet-pf1 charon: 15[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:49:33 mbsnet-pf1 charon: 13[IKE] <con19000|200> sending retransmit 5 of request message ID 0, seq 1
Apr  4 08:49:33 mbsnet-pf1 charon: 13[NET] <con19000|200> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:49:36 mbsnet-pf1 charon: 11[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:49:44 mbsnet-pf1 charon: 16[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:49:52 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:50:08 mbsnet-pf1 charon: 13[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:50:14 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:50:29 mbsnet-pf1 charon: 05[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:50:35 mbsnet-pf1 charon: 11[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:50:44 mbsnet-pf1 charon: 05[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:50:48 mbsnet-pf1 charon: 08[IKE] <con19000|200> giving up after 5 retransmits
Apr  4 08:50:48 mbsnet-pf1 charon: 08[IKE] <con19000|200> establishing IKE_SA failed, peer not responding
Apr  4 08:50:52 mbsnet-pf1 charon: 11[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:50:52 mbsnet-pf1 charon: 16[IKE] <con19000|208> initiating Main Mode IKE_SA con19000[208] to THEIR.IP.ADD.RESS
Apr  4 08:50:52 mbsnet-pf1 charon: 16[ENC] <con19000|208> generating ID_PROT request 0 [ SA V V V V V ]
Apr  4 08:50:52 mbsnet-pf1 charon: 16[NET] <con19000|208> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:50:56 mbsnet-pf1 charon: 13[IKE] <con19000|208> sending retransmit 1 of request message ID 0, seq 1
Apr  4 08:50:56 mbsnet-pf1 charon: 13[NET] <con19000|208> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:50:58 mbsnet-pf1 charon: 12[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {62}
Apr  4 08:51:04 mbsnet-pf1 charon: 10[IKE] <con19000|208> sending retransmit 2 of request message ID 0, seq 1
Apr  4 08:51:04 mbsnet-pf1 charon: 10[NET] <con19000|208> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:51:05 mbsnet-pf1 charon: 15[CFG] received stroke: unroute 'con19000'
Apr  4 08:51:05 mbsnet-pf1 ipsec_starter[79762]: configuration 'con19000' unrouted
Apr  4 08:51:05 mbsnet-pf1 charon: 12[CFG] received stroke: delete connection 'con19000'
Apr  4 08:51:05 mbsnet-pf1 charon: 12[CFG] deleted connection 'con19000'
Apr  4 08:51:17 mbsnet-pf1 charon: 09[IKE] <con19000|208> sending retransmit 3 of request message ID 0, seq 1
Apr  4 08:51:17 mbsnet-pf1 charon: 09[NET] <con19000|208> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:51:17 mbsnet-pf1 charon: 11[CFG]   loaded IKE secret for %any THEIR.IP.ADD.RESS
Apr  4 08:51:17 mbsnet-pf1 charon: 08[CFG] received stroke: add connection 'con19000'
Apr  4 08:51:17 mbsnet-pf1 charon: 08[CFG] added configuration 'con19000'
Apr  4 08:51:17 mbsnet-pf1 charon: 09[CFG] received stroke: route 'con19000'
Apr  4 08:51:17 mbsnet-pf1 ipsec_starter[79762]: 'con19000' routed
Apr  4 08:51:17 mbsnet-pf1 charon: 11[CFG] added child to existing configuration 'con19000'
Apr  4 08:51:17 mbsnet-pf1 charon: 11[CFG] added child to existing configuration 'con19000'
Apr  4 08:51:17 mbsnet-pf1 charon: 12[CFG] added child to existing configuration 'con19000'
Apr  4 08:51:18 mbsnet-pf1 charon: 10[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:51:27 mbsnet-pf1 charon: 15[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:51:32 mbsnet-pf1 charon: 15[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:51:39 mbsnet-pf1 charon: 10[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:51:40 mbsnet-pf1 charon: 06[IKE] <con19000|208> sending retransmit 4 of request message ID 0, seq 1
Apr  4 08:51:40 mbsnet-pf1 charon: 06[NET] <con19000|208> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:51:47 mbsnet-pf1 charon: 11[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:51:59 mbsnet-pf1 charon: 13[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:52:00 mbsnet-pf1 charon: 10[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:52:14 mbsnet-pf1 charon: 15[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:52:22 mbsnet-pf1 charon: 09[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:52:22 mbsnet-pf1 charon: 05[IKE] <con19000|208> sending retransmit 5 of request message ID 0, seq 1
Apr  4 08:52:22 mbsnet-pf1 charon: 05[NET] <con19000|208> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 08:52:29 mbsnet-pf1 charon: 11[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:52:34 mbsnet-pf1 charon: 10[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:52:41 mbsnet-pf1 charon: 16[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:52:44 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:52:59 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:53:06 mbsnet-pf1 charon: 07[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:53:21 mbsnet-pf1 charon: 09[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:53:27 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:53:31 mbsnet-pf1 charon: 10[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 08:53:37 mbsnet-pf1 charon: 07[IKE] <con19000|208> giving up after 5 retransmits
Apr  4 08:53:37 mbsnet-pf1 charon: 07[IKE] <con19000|208> peer not responding, trying again (2/3)
Apr  4 08:53:37 mbsnet-pf1 charon: 07[IKE] <con19000|208> initiating Main Mode IKE_SA con19000[208] to THEIR.IP.ADD.RESS
Apr  4 08:53:37 mbsnet-pf1 charon: 07[ENC] <con19000|208> generating ID_PROT request 0 [ SA V V V V V ]
Apr  4 08:53:37 mbsnet-pf1 charon: 07[NET] <con19000|208> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
    0
  • T

    This is what the traffic looks like when it goes down:

    https://pastebin.com/921mzkFw

    0
  • T

    This is what the log shows when it comes back up:

    Apr  4 09:26:29 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:26:36 mbsnet-pf1 charon: 12[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:26:42 mbsnet-pf1 charon: 05[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:26:49 mbsnet-pf1 charon: 15[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:26:58 mbsnet-pf1 charon: 10[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:26:59 mbsnet-pf1 charon: 14[IKE] <con19000|238> giving up after 5 retransmits
Apr  4 09:26:59 mbsnet-pf1 charon: 14[IKE] <con19000|238> peer not responding, trying again (2/3)
Apr  4 09:26:59 mbsnet-pf1 charon: 14[IKE] <con19000|238> initiating Main Mode IKE_SA con19000[238] to THEIR.IP.ADD.RESS
Apr  4 09:26:59 mbsnet-pf1 charon: 14[ENC] <con19000|238> generating ID_PROT request 0 [ SA V V V V V ]
Apr  4 09:26:59 mbsnet-pf1 charon: 14[NET] <con19000|238> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 09:27:03 mbsnet-pf1 charon: 13[IKE] <con19000|238> sending retransmit 1 of request message ID 0, seq 1
Apr  4 09:27:03 mbsnet-pf1 charon: 13[NET] <con19000|238> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 09:27:09 mbsnet-pf1 charon: 10[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:27:11 mbsnet-pf1 charon: 13[IKE] <con19000|238> sending retransmit 2 of request message ID 0, seq 1
Apr  4 09:27:11 mbsnet-pf1 charon: 13[NET] <con19000|238> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 09:27:20 mbsnet-pf1 charon: 12[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:27:24 mbsnet-pf1 charon: 12[IKE] <con19000|238> sending retransmit 3 of request message ID 0, seq 1
Apr  4 09:27:24 mbsnet-pf1 charon: 12[NET] <con19000|238> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 09:27:31 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:27:37 mbsnet-pf1 charon: 13[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:27:42 mbsnet-pf1 charon: 13[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:27:47 mbsnet-pf1 charon: 11[IKE] <con19000|238> sending retransmit 4 of request message ID 0, seq 1
Apr  4 09:27:47 mbsnet-pf1 charon: 11[NET] <con19000|238> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 09:27:49 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:28:04 mbsnet-pf1 charon: 09[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:28:17 mbsnet-pf1 charon: 11[NET] <241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (228 bytes)
Apr  4 09:28:17 mbsnet-pf1 charon: 11[IKE] <241> THEIR.IP.ADD.RESS is initiating a Main Mode IKE_SA
Apr  4 09:28:17 mbsnet-pf1 charon: 11[NET] <241> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (120 bytes)
Apr  4 09:28:17 mbsnet-pf1 charon: 05[NET] <241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (244 bytes)
Apr  4 09:28:17 mbsnet-pf1 charon: 05[NET] <241> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (260 bytes)
Apr  4 09:28:17 mbsnet-pf1 charon: 05[NET] <241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (76 bytes)
Apr  4 09:28:17 mbsnet-pf1 charon: 05[CFG] <241> looking for pre-shared key peer configs matching MY.IP.ADD.RESS...THEIR.IP.ADD.RESS[THEIR.IP.ADD.RESS]
Apr  4 09:28:17 mbsnet-pf1 charon: 05[CFG] <241> selected peer config "con19000"
Apr  4 09:28:17 mbsnet-pf1 charon: 05[IKE] <con19000|241> IKE_SA con19000[241] established between MY.IP.ADD.RESS[MY.IP.ADD.RESS]...THEIR.IP.ADD.RESS[THEIR.IP.ADD.RESS]
Apr  4 09:28:17 mbsnet-pf1 charon: 05[ENC] <con19000|241> generating ID_PROT response 0 [ ID HASH ]
Apr  4 09:28:17 mbsnet-pf1 charon: 05[NET] <con19000|241> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (76 bytes)
Apr  4 09:28:17 mbsnet-pf1 charon: 08[NET] <con19000|241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (188 bytes)
Apr  4 09:28:17 mbsnet-pf1 charon: 08[ENC] <con19000|241> parsed QUICK_MODE request 1473375317 [ HASH SA No ID ID ]
Apr  4 09:28:17 mbsnet-pf1 charon: 08[IKE] <con19000|241> received 28800s lifetime, configured 0s
Apr  4 09:28:17 mbsnet-pf1 charon: 08[ENC] <con19000|241> generating QUICK_MODE response 1473375317 [ HASH SA No ID ID ]
Apr  4 09:28:17 mbsnet-pf1 charon: 08[NET] <con19000|241> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (172 bytes)
Apr  4 09:28:17 mbsnet-pf1 charon: 12[NET] <con19000|241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (60 bytes)
Apr  4 09:28:17 mbsnet-pf1 charon: 12[ENC] <con19000|241> parsed QUICK_MODE request 1473375317 [ HASH ]
Apr  4 09:28:17 mbsnet-pf1 charon: 12[IKE] <con19000|241> CHILD_SA con19003{253} established with SPIs c80f364c_i 852f79ed_o and TS MY.LAN.IP.NET/24|/0 === THEIR.LAN.SUB.NET1/32|/0
Apr  4 09:28:18 mbsnet-pf1 charon: 07[NET] <con19000|241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (76 bytes)
Apr  4 09:28:18 mbsnet-pf1 charon: 07[ENC] <con19000|241> parsed INFORMATIONAL_V1 request 643855776 [ HASH D ]
Apr  4 09:28:18 mbsnet-pf1 charon: 07[IKE] <con19000|241> received DELETE for ESP CHILD_SA with SPI f1221d88
Apr  4 09:28:18 mbsnet-pf1 charon: 07[IKE] <con19000|241> CHILD_SA not found, ignored
Apr  4 09:28:19 mbsnet-pf1 charon: 08[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:28:26 mbsnet-pf1 charon: 15[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:28:29 mbsnet-pf1 charon: 16[IKE] <con19000|238> sending retransmit 5 of request message ID 0, seq 1
Apr  4 09:28:29 mbsnet-pf1 charon: 16[NET] <con19000|238> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 09:28:35 mbsnet-pf1 charon: 14[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:28:42 mbsnet-pf1 charon: 12[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {109}
Apr  4 09:28:43 mbsnet-pf1 charon: 12[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {108}
Apr  4 09:29:24 mbsnet-pf1 charon: 14[ENC] <con19000|241> parsed QUICK_MODE request 797297949 [ HASH SA No ID ID ]
Apr  4 09:29:24 mbsnet-pf1 charon: 14[IKE] <con19000|241> received 28800s lifetime, configured 0s
Apr  4 09:29:24 mbsnet-pf1 charon: 14[ENC] <con19000|241> generating QUICK_MODE response 797297949 [ HASH SA No ID ID ]
Apr  4 09:29:24 mbsnet-pf1 charon: 14[NET] <con19000|241> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (188 bytes)
Apr  4 09:29:24 mbsnet-pf1 charon: 05[NET] <con19000|241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (60 bytes)
Apr  4 09:29:24 mbsnet-pf1 charon: 05[ENC] <con19000|241> parsed QUICK_MODE request 797297949 [ HASH ]
Apr  4 09:29:24 mbsnet-pf1 charon: 05[IKE] <con19000|241> CHILD_SA con19001{255} established with SPIs c079570a_i b1d57c84_o and TS MY.LAN.IP.NET/24|/0 === THEIR.LAN.SUB.NET2/24|/0
Apr  4 09:29:24 mbsnet-pf1 charon: 05[NET] <con19000|241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (76 bytes)
Apr  4 09:29:24 mbsnet-pf1 charon: 05[ENC] <con19000|241> parsed INFORMATIONAL_V1 request 3723224733 [ HASH D ]
Apr  4 09:29:24 mbsnet-pf1 charon: 05[IKE] <con19000|241> received DELETE for ESP CHILD_SA with SPI 834e133b
Apr  4 09:29:24 mbsnet-pf1 charon: 05[IKE] <con19000|241> CHILD_SA not found, ignored
Apr  4 09:29:29 mbsnet-pf1 charon: 09[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {109}
Apr  4 09:29:30 mbsnet-pf1 charon: 06[NET] <con19000|241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (188 bytes)
Apr  4 09:29:30 mbsnet-pf1 charon: 06[ENC] <con19000|241> parsed QUICK_MODE request 3795121176 [ HASH SA No ID ID ]
Apr  4 09:29:30 mbsnet-pf1 charon: 06[IKE] <con19000|241> received 28800s lifetime, configured 0s
Apr  4 09:29:30 mbsnet-pf1 charon: 06[ENC] <con19000|241> generating QUICK_MODE response 3795121176 [ HASH SA No ID ID ]
Apr  4 09:29:30 mbsnet-pf1 charon: 06[NET] <con19000|241> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (188 bytes)
Apr  4 09:29:30 mbsnet-pf1 charon: 13[NET] <con19000|241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (60 bytes)
Apr  4 09:29:30 mbsnet-pf1 charon: 13[ENC] <con19000|241> parsed QUICK_MODE request 3795121176 [ HASH ]
Apr  4 09:29:30 mbsnet-pf1 charon: 13[IKE] <con19000|241> CHILD_SA con19000{256} established with SPIs ca872813_i a5f827a7_o and TS MY.LAN.IP.NET/24|/0 === THEIR.LAN.SUB.NET3/24|/0
Apr  4 09:29:30 mbsnet-pf1 charon: 13[NET] <con19000|241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (76 bytes)
Apr  4 09:29:30 mbsnet-pf1 charon: 13[ENC] <con19000|241> parsed INFORMATIONAL_V1 request 3250968574 [ HASH D ]
Apr  4 09:29:30 mbsnet-pf1 charon: 13[IKE] <con19000|241> received DELETE for ESP CHILD_SA with SPI ddf8f1f4
Apr  4 09:29:30 mbsnet-pf1 charon: 13[IKE] <con19000|241> CHILD_SA not found, ignored
Apr  4 09:29:44 mbsnet-pf1 charon: 11[IKE] <con19000|238> giving up after 5 retransmits
Apr  4 09:29:44 mbsnet-pf1 charon: 11[IKE] <con19000|238> peer not responding, trying again (3/3)
Apr  4 09:29:44 mbsnet-pf1 charon: 11[IKE] <con19000|238> initiating Main Mode IKE_SA con19000[238] to THEIR.IP.ADD.RESS
Apr  4 09:29:44 mbsnet-pf1 charon: 11[ENC] <con19000|238> generating ID_PROT request 0 [ SA V V V V V ]
Apr  4 09:29:44 mbsnet-pf1 charon: 11[NET] <con19000|238> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 09:29:48 mbsnet-pf1 charon: 14[IKE] <con19000|238> sending retransmit 1 of request message ID 0, seq 1
Apr  4 09:29:48 mbsnet-pf1 charon: 14[NET] <con19000|238> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 09:29:56 mbsnet-pf1 charon: 05[IKE] <con19000|238> sending retransmit 2 of request message ID 0, seq 1
Apr  4 09:29:56 mbsnet-pf1 charon: 05[NET] <con19000|238> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 09:30:09 mbsnet-pf1 charon: 11[IKE] <con19000|238> sending retransmit 3 of request message ID 0, seq 1
Apr  4 09:30:09 mbsnet-pf1 charon: 11[NET] <con19000|238> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 09:30:32 mbsnet-pf1 charon: 06[IKE] <con19000|238> sending retransmit 4 of request message ID 0, seq 1
Apr  4 09:30:32 mbsnet-pf1 charon: 06[NET] <con19000|238> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 09:31:14 mbsnet-pf1 charon: 15[IKE] <con19000|238> sending retransmit 5 of request message ID 0, seq 1
Apr  4 09:31:14 mbsnet-pf1 charon: 15[NET] <con19000|238> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (180 bytes)
Apr  4 09:31:37 mbsnet-pf1 charon: 06[KNL] creating acquire job for policy MY.IP.ADD.RESS/32|/0 === THEIR.IP.ADD.RESS/32|/0 with reqid {109}
Apr  4 09:32:30 mbsnet-pf1 charon: 07[IKE] <con19000|238> giving up after 5 retransmits
Apr  4 09:32:30 mbsnet-pf1 charon: 07[IKE] <con19000|238> establishing IKE_SA failed, peer not responding
Apr  4 09:33:37 mbsnet-pf1 charon: 05[NET] <con19000|241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (188 bytes)
Apr  4 09:33:37 mbsnet-pf1 charon: 05[ENC] <con19000|241> parsed QUICK_MODE request 506309004 [ HASH SA No ID ID ]
Apr  4 09:33:37 mbsnet-pf1 charon: 05[IKE] <con19000|241> received 28800s lifetime, configured 0s
Apr  4 09:33:37 mbsnet-pf1 charon: 05[ENC] <con19000|241> generating QUICK_MODE response 506309004 [ HASH SA No ID ID ]
Apr  4 09:33:37 mbsnet-pf1 charon: 05[NET] <con19000|241> sending packet: from MY.IP.ADD.RESS[500] to THEIR.IP.ADD.RESS[500] (188 bytes)
Apr  4 09:33:37 mbsnet-pf1 charon: 12[NET] <con19000|241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (60 bytes)
Apr  4 09:33:37 mbsnet-pf1 charon: 12[ENC] <con19000|241> parsed QUICK_MODE request 506309004 [ HASH ]
Apr  4 09:33:37 mbsnet-pf1 charon: 12[IKE] <con19000|241> CHILD_SA con19002{258} established with SPIs c64c48a2_i ebe60b38_o and TS MY.LAN.IP.NET/24|/0 === THEIR.LAN.SUB.NET4/24|/0
Apr  4 09:33:37 mbsnet-pf1 charon: 12[NET] <con19000|241> received packet: from THEIR.IP.ADD.RESS[500] to MY.IP.ADD.RESS[500] (76 bytes)
Apr  4 09:33:37 mbsnet-pf1 charon: 12[ENC] <con19000|241> parsed INFORMATIONAL_V1 request 2475751961 [ HASH D ]
Apr  4 09:33:37 mbsnet-pf1 charon: 12[IKE] <con19000|241> received DELETE for ESP CHILD_SA with SPI 8ca208a7
Apr  4 09:33:37 mbsnet-pf1 charon: 12[IKE] <con19000|241> CHILD_SA not found, ignored
    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy