Ipsec disconnects without apparent reason



  • Hello,

    it has been a week now since my ipsec tunnel disconnects one or two times a day and the connection won't restore until I uncheck [Enable ipsec] and check it, then it comes back quickly.

    The ipsec has been working fine for weeks, I made no change in my configuration.

    I've some pptp users and I've read on the net that it could be a problem happening when a pptp client disconnects, indeed the ipsec disconnection happens few seconds after a pptp user disconnects.

    I use PFS 2.0.1. (i386).

    Here is the debug racoon log just before the disconnection :

    Dec 20 13:53:14 firewall1 racoon: DEBUG: pk_recv: retry[0] recv()
    Dec 20 13:53:14 firewall1 racoon: DEBUG: got pfkey ACQUIRE message
    Dec 20 13:53:14 firewall1 racoon: DEBUG: suitable outbound SP found: 192.168.1.0/24[0] 10.8.1.0/24[0] proto=any dir=out.
    Dec 20 13:53:14 firewall1 racoon: DEBUG: sub:0xbfbfe758: 10.8.1.0/24[0] 192.168.1.0/24[0] proto=any dir=in
    Dec 20 13:53:14 firewall1 racoon: DEBUG: db :0x28548788: 192.168.1.1/32[0] 192.168.1.0/24[0] proto=any dir=out
    Dec 20 13:53:14 firewall1 racoon: DEBUG: sub:0xbfbfe758: 10.8.1.0/24[0] 192.168.1.0/24[0] proto=any dir=in
    Dec 20 13:53:14 firewall1 racoon: DEBUG: db :0x28548148: 192.168.1.0/24[0] 192.168.1.1/32[0] proto=any dir=in
    Dec 20 13:53:14 firewall1 racoon: DEBUG: sub:0xbfbfe758: 10.8.1.0/24[0] 192.168.1.0/24[0] proto=any dir=in
    Dec 20 13:53:14 firewall1 racoon: DEBUG: db :0x285488c8: 192.168.1.0/24[0] 10.76.20.0/22[0] proto=any dir=out
    Dec 20 13:53:14 firewall1 racoon: DEBUG: sub:0xbfbfe758: 10.8.1.0/24[0] 192.168.1.0/24[0] proto=any dir=in
    Dec 20 13:53:14 firewall1 racoon: DEBUG: db :0x28548288: 10.76.20.0/22[0] 192.168.1.0/24[0] proto=any dir=in
    Dec 20 13:53:14 firewall1 racoon: DEBUG: sub:0xbfbfe758: 10.8.1.0/24[0] 192.168.1.0/24[0] proto=any dir=in
    Dec 20 13:53:14 firewall1 racoon: DEBUG: db :0x28548b48: 192.168.1.0/24[0] 10.8.1.0/24[0] proto=any dir=out
    Dec 20 13:53:14 firewall1 racoon: DEBUG: sub:0xbfbfe758: 10.8.1.0/24[0] 192.168.1.0/24[0] proto=any dir=in
    Dec 20 13:53:14 firewall1 racoon: DEBUG: db :0x28548508: 10.8.1.0/24[0] 192.168.1.0/24[0] proto=any dir=in
    Dec 20 13:53:14 firewall1 racoon: DEBUG: suitable inbound SP found: 10.8.1.0/24[0] 192.168.1.0/24[0] proto=any dir=in.
    Dec 20 13:53:14 firewall1 racoon: DEBUG: new acquire 192.168.1.0/24[0] 10.8.1.0/24[0] proto=any dir=out
    Dec 20 13:53:14 firewall1 racoon: [REMOTE.IPSEC.SERVER.IP] DEBUG: configuration "REMOTE.IPSEC.SERVER.IP[500]" selected.
    Dec 20 13:53:14 firewall1 racoon: DEBUG: getsainfo params: loc='192.168.1.0/24' rmt='10.8.1.0/24' peer='NULL' client='NULL' id=2
    Dec 20 13:53:14 firewall1 racoon: DEBUG: evaluating sainfo: loc='192.168.1.0/24', rmt='10.76.20.0/22', peer='ANY', id=2
    Dec 20 13:53:14 firewall1 racoon: DEBUG: check and compare ids : values matched (IPv4_subnet)
    Dec 20 13:53:14 firewall1 racoon: DEBUG: cmpid target: '192.168.1.0/24'
    Dec 20 13:53:14 firewall1 racoon: DEBUG: cmpid source: '192.168.1.0/24'
    Dec 20 13:53:14 firewall1 racoon: DEBUG: check and compare ids : value mismatch (IPv4_subnet)
    Dec 20 13:53:14 firewall1 racoon: DEBUG: cmpid target: '10.8.1.0/24'
    Dec 20 13:53:14 firewall1 racoon: DEBUG: cmpid source: '10.76.20.0/22'
    Dec 20 13:53:14 firewall1 racoon: DEBUG: evaluating sainfo: loc='192.168.1.0/24', rmt='10.8.1.0/24', peer='ANY', id=2
    Dec 20 13:53:14 firewall1 racoon: DEBUG: check and compare ids : values matched (IPv4_subnet)
    Dec 20 13:53:14 firewall1 racoon: DEBUG: cmpid target: '192.168.1.0/24'
    Dec 20 13:53:14 firewall1 racoon: DEBUG: cmpid source: '192.168.1.0/24'
    Dec 20 13:53:14 firewall1 racoon: DEBUG: check and compare ids : values matched (IPv4_subnet)
    Dec 20 13:53:14 firewall1 racoon: DEBUG: cmpid target: '10.8.1.0/24'
    Dec 20 13:53:14 firewall1 racoon: DEBUG: cmpid source: '10.8.1.0/24'
    Dec 20 13:53:14 firewall1 racoon: DEBUG: selected sainfo: loc='192.168.1.0/24', rmt='10.8.1.0/24', peer='ANY', id=2
    Dec 20 13:53:14 firewall1 racoon: DEBUG:  (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=16400:16399)
    Dec 20 13:53:14 firewall1 racoon: DEBUG:  (trns_id=AES encklen=256 authtype=hmac-sha)
    Dec 20 13:53:14 firewall1 racoon: DEBUG: in post_acquire
    Dec 20 13:53:14 firewall1 racoon: [REMOTE.IPSEC.SERVER.IP] DEBUG: configuration "REMOTE.IPSEC.SERVER.IP[500]" selected.
    Dec 20 13:53:14 firewall1 racoon: INFO: IPsec-SA request for REMOTE.IPSEC.SERVER.IP queued due to no phase1 found.
    Dec 20 13:53:14 firewall1 racoon: DEBUG: ===
    Dec 20 13:53:14 firewall1 racoon: INFO: initiate new phase 1 negotiation: MY.WAN.IP[500]<=>REMOTE.IPSEC.SERVER.IP[500]
    Dec 20 13:53:14 firewall1 racoon: INFO: begin Identity Protection mode.
    Dec 20 13:53:14 firewall1 racoon: DEBUG: new cookie: 030f0f1fb22b9162
    Dec 20 13:53:14 firewall1 racoon: DEBUG: add payload of len 52, next type 13
    Dec 20 13:53:14 firewall1 racoon: DEBUG: add payload of len 20, next type 13
    Dec 20 13:53:14 firewall1 racoon: DEBUG: add payload of len 16, next type 0
    Dec 20 13:53:14 firewall1 racoon: ERROR: phase1 negotiation failed due to send error. 030f0f1fb22b9162:0000000000000000
    Dec 20 13:53:14 firewall1 racoon: ERROR: failed to begin ipsec sa negotication.

    Dec 20 13:53:14 firewall1 racoon: [REMOTE.IPSEC.SERVER.IP] DEBUG: DPD monitoring….
    Dec 20 13:53:14 firewall1 racoon: DEBUG: compute IV for phase2
    Dec 20 13:53:14 firewall1 racoon: DEBUG: phase1 last IV:
    Dec 20 13:53:14 firewall1 racoon: DEBUG:  97c03929 38649ec4 22d0b17f 6de9cbba d21dfe68
    Dec 20 13:53:14 firewall1 racoon: DEBUG: hash(sha1)
    Dec 20 13:53:14 firewall1 racoon: DEBUG: encryption(aes)
    Dec 20 13:53:14 firewall1 racoon: DEBUG: phase2 IV computed:
    Dec 20 13:53:14 firewall1 racoon: DEBUG:  bea30b23 4411d45c 825ac0b1 2745f8ac
    Dec 20 13:53:14 firewall1 racoon: DEBUG: HASH with:
    Dec 20 13:53:14 firewall1 racoon: DEBUG:  d21dfe68 00000020 00000001 01108d28 3cd4669d e2fb6a4d 5fb8ff5c e80d8c4a 00000ca3
    Dec 20 13:53:14 firewall1 racoon: DEBUG: hmac(hmac_sha1)
    Dec 20 13:53:14 firewall1 racoon: DEBUG: HASH computed:
    Dec 20 13:53:14 firewall1 racoon: DEBUG:  b01390c9 66001d73 d2a9d4b6 45164367 f1c20f05
    Dec 20 13:53:14 firewall1 racoon: DEBUG: begin encryption.
    Dec 20 13:53:14 firewall1 racoon: DEBUG: encryption(aes)
    Dec 20 13:53:14 firewall1 racoon: DEBUG: pad length = 8
    Dec 20 13:53:14 firewall1 racoon: DEBUG:  0b000018 b01390c9 66001d73 d2a9d4b6 45164367 f1c20f05 00000020 00000001 01108d28 3cd4669d e2fb6a4d 5fb8ff5c e80d8c4a 00000ca3 b9d8f7c8 adfecd07
    Dec 20 13:53:14 firewall1 racoon: DEBUG: encryption(aes)
    Dec 20 13:53:14 firewall1 racoon: DEBUG: with key:
    Dec 20 13:53:14 firewall1 racoon: DEBUG:  896a3cf0 99d299c3 4512edbb 8b65769e 5accd468 11bbf9a5 0b9ee57d a0c7d42d
    Dec 20 13:53:14 firewall1 racoon: DEBUG: encrypted payload by IV:
    Dec 20 13:53:14 firewall1 racoon: DEBUG:  bea30b23 4411d45c 825ac0b1 2745f8ac
    Dec 20 13:53:14 firewall1 racoon: DEBUG: save IV for next:
    Dec 20 13:53:14 firewall1 racoon: DEBUG:  fc7279f7 e4ed76b0 39bd00db cbebcc78
    Dec 20 13:53:14 firewall1 racoon: DEBUG: encrypted.
    Dec 20 13:53:14 firewall1 racoon: DEBUG: IV freed
    Dec 20 13:53:14 firewall1 racoon: [REMOTE.IPSEC.SERVER.IP] DEBUG: DPD R-U-There sent (-1)
    Dec 20 13:53:14 firewall1 racoon: [REMOTE.IPSEC.SERVER.IP] DEBUG: rescheduling send_r_u (5).
    Dec 20 13:53:18 firewall1 racoon: DEBUG: pk_recv: retry[0] recv()
    Dec 20 13:53:18 firewall1 racoon: DEBUG: got pfkey ACQUIRE message
    Dec 20 13:53:18 firewall1 racoon: DEBUG: suitable outbound SP found: 192.168.1.0/24[0] 10.76.20.0/22[0] proto=any dir=out.
    Dec 20 13:53:18 firewall1 racoon: DEBUG: sub:0xbfbfe758: 10.76.20.0/22[0] 192.168.1.0/24[0] proto=any dir=in
    Dec 20 13:53:18 firewall1 racoon: DEBUG: db :0x28548788: 192.168.1.1/32[0] 192.168.1.0/24[0] proto=any dir=out
    Dec 20 13:53:18 firewall1 racoon: DEBUG: sub:0xbfbfe758: 10.76.20.0/22[0] 192.168.1.0/24[0] proto=any dir=in
    Dec 20 13:53:18 firewall1 racoon: DEBUG: db :0x28548148: 192.168.1.0/24[0] 192.168.1.1/32[0] proto=any dir=in
    Dec 20 13:53:18 firewall1 racoon: DEBUG: sub:0xbfbfe758: 10.76.20.0/22[0] 192.168.1.0/24[0] proto=any dir=in
    Dec 20 13:53:18 firewall1 racoon: DEBUG: db :0x285488c8: 192.168.1.0/24[0] 10.76.20.0/22[0] proto=any dir=out
    Dec 20 13:53:18 firewall1 racoon: DEBUG: sub:0xbfbfe758: 10.76.20.0/22[0] 192.168.1.0/24[0] proto=any dir=in
    Dec 20 13:53:18 firewall1 racoon: DEBUG: db :0x28548288: 10.76.20.0/22[0] 192.168.1.0/24[0] proto=any dir=in
    Dec 20 13:53:18 firewall1 racoon: DEBUG: suitable inbound SP found: 10.76.20.0/22[0] 192.168.1.0/24[0] proto=any dir=in.
    Dec 20 13:53:18 firewall1 racoon: DEBUG: new acquire 192.168.1.0/24[0] 10.76.20.0/22[0] proto=any dir=out
    Dec 20 13:53:18 firewall1 racoon: [REMOTE.IPSEC.SERVER.IP] DEBUG: configuration "REMOTE.IPSEC.SERVER.IP[500]" selected.
    Dec 20 13:53:18 firewall1 racoon: DEBUG: getsainfo params: loc='192.168.1.0/24' rmt='10.76.20.0/22' peer='NULL' client='NULL' id=2
    Dec 20 13:53:18 firewall1 racoon: DEBUG: evaluating sainfo: loc='192.168.1.0/24', rmt='10.76.20.0/22', peer='ANY', id=2
    Dec 20 13:53:18 firewall1 racoon: DEBUG: check and compare ids : values matched (IPv4_subnet)
    Dec 20 13:53:18 firewall1 racoon: DEBUG: cmpid target: '192.168.1.0/24'
    Dec 20 13:53:18 firewall1 racoon: DEBUG: cmpid source: '192.168.1.0/24'
    Dec 20 13:53:18 firewall1 racoon: DEBUG: check and compare ids : values matched (IPv4_subnet)
    Dec 20 13:53:18 firewall1 racoon: DEBUG: cmpid target: '10.76.20.0/22'
    Dec 20 13:53:18 firewall1 racoon: DEBUG: cmpid source: '10.76.20.0/22'
    Dec 20 13:53:18 firewall1 racoon: DEBUG: selected sainfo: loc='192.168.1.0/24', rmt='10.76.20.0/22', peer='ANY', id=2
    Dec 20 13:53:18 firewall1 racoon: DEBUG:  (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=16398:16397)
    Dec 20 13:53:18 firewall1 racoon: DEBUG:  (trns_id=AES encklen=256 authtype=hmac-sha)
    Dec 20 13:53:18 firewall1 racoon: DEBUG: in post_acquire
    Dec 20 13:53:18 firewall1 racoon: [REMOTE.IPSEC.SERVER.IP] DEBUG: configuration "REMOTE.IPSEC.SERVER.IP[500]" selected.
    Dec 20 13:53:18 firewall1 racoon: INFO: IPsec-SA request for REMOTE.IPSEC.SERVER.IP queued due to no phase1 found.
    Dec 20 13:53:18 firewall1 racoon: DEBUG: ===
    Dec 20 13:53:18 firewall1 racoon: INFO: initiate new phase 1 negotiation: MY.WAN.IP[500]<=>REMOTE.IPSEC.SERVER.IP[500]
    Dec 20 13:53:18 firewall1 racoon: INFO: begin Identity Protection mode.
    Dec 20 13:53:18 firewall1 racoon: DEBUG: new cookie: 408f4f686d96dfd6
    Dec 20 13:53:18 firewall1 racoon: DEBUG: add payload of len 52, next type 13
    Dec 20 13:53:18 firewall1 racoon: DEBUG: add payload of len 20, next type 13
    Dec 20 13:53:18 firewall1 racoon: DEBUG: add payload of len 16, next type 0
    Dec 20 13:53:18 firewall1 racoon: ERROR: phase1 negotiation failed due to send error. 408f4f686d96dfd6:0000000000000000
    Dec 20 13:53:18 firewall1 racoon: ERROR: failed to begin ipsec sa negotication.

    Dec 20 13:53:19 firewall1 racoon: [REMOTE.IPSEC.SERVER.IP] DEBUG: DPD monitoring….



  • That means your PPTP server config is invalid. The "server IP" must be set to your WAN IP, which is wrong, that should be an unused private IP. Change that and it'll fix.



  • Thanks for your reply cmb, I did change the server ip (indeed server ip for pptp was wan ip, I changed it to 172.16.16.1 which is not used on my network) but problem is still there.

    Problem occured this night again, here is the last log of the ipsec, the ipsec worked whole day yesterday Jan 2nd until 8pm but then it was down this morning Jan 3rd at 8am, no communication passing through.

    Ipsec worked like a charm for weeks, this problem started 2 or 3 weeks ago and it happens once every 2-3 days. I replaced the PF box with another one with exact same config to see if it could be hardware problem, but the problem is the same.

    2.0.1-RELEASE (i386)

    Jan  2 07:41:53 firewall1 racoon: INFO: renegotiating phase1 to REMOTE PUBLIC IP due to active phase2
    Jan  2 07:41:53 firewall1 racoon: INFO: initiate new phase 1 negotiation: LOCAL PUBLIC IP[500]<=>REMOTE PUBLIC IP[500]
    Jan  2 07:41:53 firewall1 racoon: INFO: begin Identity Protection mode.
    Jan  2 07:41:53 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
    Jan  2 07:41:53 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
    Jan  2 07:41:53 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
    Jan  2 07:41:53 firewall1 racoon: INFO: received Vendor ID: RFC 3947
    Jan  2 07:41:53 firewall1 racoon: INFO: received Vendor ID: DPD
    Jan  2 07:41:53 firewall1 racoon: INFO: ISAKMP-SA established LOCAL PUBLIC IP[500]-REMOTE PUBLIC IP[500] spi:3f8484773b5541a8:950826702c56ced3
    Jan  2 07:41:55 firewall1 racoon: INFO: IPsec-SA expired: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=1207951736(0x47ffe178)
    Jan  2 07:41:55 firewall1 racoon: INFO: initiate new phase 2 negotiation: LOCAL PUBLIC IP[500]<=>REMOTE PUBLIC IP[500]
    Jan  2 07:41:55 firewall1 racoon: INFO: IPsec-SA expired: ESP/Tunnel REMOTE PUBLIC IP[500]->LOCAL PUBLIC IP[500] spi=186873161(0xb237549)
    Jan  2 07:41:55 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=66201192(0x3f22668)
    Jan  2 07:41:55 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=2781079012(0xa5c3e5e4)
    Jan  2 07:41:59 firewall1 racoon: INFO: IPsec-SA expired: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=36482016(0x22cabe0)
    Jan  2 07:41:59 firewall1 racoon: INFO: initiate new phase 2 negotiation: LOCAL PUBLIC IP[500]<=>REMOTE PUBLIC IP[500]
    Jan  2 07:41:59 firewall1 racoon: INFO: IPsec-SA expired: ESP/Tunnel REMOTE PUBLIC IP[500]->LOCAL PUBLIC IP[500] spi=161867916(0x9a5e88c)
    Jan  2 07:41:59 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=186348245(0xb1b72d5)
    Jan  2 07:41:59 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=469138852(0x1bf67da4)
    Jan  2 07:42:00 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 07:42:00 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: ', '.
    Jan  2 07:42:00 firewall1 racoon: INFO: purged IPsec-SA proto_id=ESP spi=36482016.
    Jan  2 09:17:53 firewall1 racoon: INFO: ISAKMP-SA expired LOCAL PUBLIC IP[500]-REMOTE PUBLIC IP[500] spi:f167a6477b7e37ef:af3b5a6cbe9c9093
    Jan  2 09:17:53 firewall1 racoon: INFO: ISAKMP-SA deleted LOCAL PUBLIC IP[500]-REMOTE PUBLIC IP[500] spi:f167a6477b7e37ef:af3b5a6cbe9c9093
    Jan  2 09:17:56 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 09:17:57 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 09:17:59 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 09:18:02 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 09:18:07 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 09:18:08 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 14:05:53 firewall1 racoon: INFO: renegotiating phase1 to REMOTE PUBLIC IP due to active phase2
    Jan  2 14:05:53 firewall1 racoon: INFO: initiate new phase 1 negotiation: LOCAL PUBLIC IP[500]<=>REMOTE PUBLIC IP[500]
    Jan  2 14:05:53 firewall1 racoon: INFO: begin Identity Protection mode.
    Jan  2 14:05:53 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
    Jan  2 14:05:53 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
    Jan  2 14:05:53 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
    Jan  2 14:05:53 firewall1 racoon: INFO: received Vendor ID: RFC 3947
    Jan  2 14:05:53 firewall1 racoon: INFO: received Vendor ID: DPD
    Jan  2 14:05:53 firewall1 racoon: INFO: ISAKMP-SA established LOCAL PUBLIC IP[500]-REMOTE PUBLIC IP[500] spi:afcf6fac481bb407:624fe1156b823b26
    Jan  2 15:41:53 firewall1 racoon: INFO: ISAKMP-SA expired LOCAL PUBLIC IP[500]-REMOTE PUBLIC IP[500] spi:3f8484773b5541a8:950826702c56ced3
    Jan  2 15:41:53 firewall1 racoon: INFO: ISAKMP-SA deleted LOCAL PUBLIC IP[500]-REMOTE PUBLIC IP[500] spi:3f8484773b5541a8:950826702c56ced3
    Jan  2 15:41:57 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 15:41:58 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 15:42:00 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 15:42:03 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 15:42:08 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 15:42:09 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 15:42:09 firewall1 racoon: INFO: respond new phase 2 negotiation: LOCAL PUBLIC IP[500]<=>REMOTE PUBLIC IP[500]
    Jan  2 15:42:09 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=244116453(0xe8cebe5)
    Jan  2 15:42:09 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=1729292268(0x6712e7ec)
    Jan  2 15:42:09 firewall1 racoon: ERROR: pfkey DELETE received: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=2781079012(0xa5c3e5e4)
    Jan  2 15:42:32 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 15:42:32 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '} '.
    Jan  2 15:42:32 firewall1 racoon: INFO: purged IPsec-SA proto_id=ESP spi=469138852.
    Jan  2 15:42:35 firewall1 racoon: INFO: initiate new phase 2 negotiation: LOCAL PUBLIC IP[500]<=>REMOTE PUBLIC IP[500]
    Jan  2 15:42:35 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=77476799(0x49e33bf)
    Jan  2 15:42:35 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=1652725168(0x628295b0)
    Jan  2 20:29:53 firewall1 racoon: INFO: renegotiating phase1 to REMOTE PUBLIC IP due to active phase2
    Jan  2 20:29:53 firewall1 racoon: INFO: initiate new phase 1 negotiation: LOCAL PUBLIC IP[500]<=>REMOTE PUBLIC IP[500]
    Jan  2 20:29:53 firewall1 racoon: INFO: begin Identity Protection mode.
    Jan  2 20:29:53 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
    Jan  2 20:29:53 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
    Jan  2 20:29:53 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
    Jan  2 20:29:53 firewall1 racoon: INFO: received Vendor ID: RFC 3947
    Jan  2 20:29:53 firewall1 racoon: INFO: received Vendor ID: DPD
    Jan  2 20:29:53 firewall1 racoon: INFO: ISAKMP-SA established LOCAL PUBLIC IP[500]-REMOTE PUBLIC IP[500] spi:a252e450ab088144:3bf6ab1ac9cc68b2
    Jan  2 22:05:53 firewall1 racoon: INFO: ISAKMP-SA expired LOCAL PUBLIC IP[500]-REMOTE PUBLIC IP[500] spi:afcf6fac481bb407:624fe1156b823b26
    Jan  2 22:05:53 firewall1 racoon: INFO: ISAKMP-SA deleted LOCAL PUBLIC IP[500]-REMOTE PUBLIC IP[500] spi:afcf6fac481bb407:624fe1156b823b26
    Jan  2 22:05:59 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 22:06:00 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 22:06:02 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 22:06:05 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 22:06:10 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 22:06:11 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  2 22:09:00 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:09:00 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'g '.
    Jan  2 22:09:25 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:09:25 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'b '.
    Jan  2 22:10:19 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:10:19 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'g '.
    Jan  2 22:10:34 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:10:34 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'g '.
    Jan  2 22:10:46 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:10:46 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'g '.
    Jan  2 22:11:03 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:11:03 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'g '.
    Jan  2 22:11:13 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:11:13 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'g '.
    Jan  2 22:11:24 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:11:24 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'g '.
    Jan  2 22:11:42 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:11:42 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'g '.
    Jan  2 22:13:50 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:13:50 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'g '.
    Jan  2 22:14:15 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:14:15 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'b '.
    Jan  2 22:18:40 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:18:40 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'g '.
    Jan  2 22:19:05 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:19:05 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'b '.
    Jan  2 22:20:23 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:20:23 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'g '.
    Jan  2 22:20:48 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:20:48 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'g '.
    Jan  2 22:21:14 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:21:14 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'g '.
    Jan  2 22:23:26 firewall1 racoon: INFO: respond new phase 2 negotiation: LOCAL PUBLIC IP[500]<=>REMOTE PUBLIC IP[500]
    Jan  2 22:23:26 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=115081777(0x6dc0231)
    Jan  2 22:23:26 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=2724070240(0xa25e0360)
    Jan  2 22:23:30 firewall1 racoon: ERROR: pfkey DELETE received: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=1729292268(0x6712e7ec)
    Jan  2 22:23:45 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  2 22:23:45 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'b '.
    Jan  2 22:23:45 firewall1 racoon: INFO: purged IPsec-SA proto_id=ESP spi=1652725168.
    Jan  2 22:28:00 firewall1 racoon: INFO: initiate new phase 2 negotiation: LOCAL PUBLIC IP[500]<=>REMOTE PUBLIC IP[500]
    Jan  2 22:28:00 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=139762818(0x8549c82)
    Jan  2 22:28:00 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=527967108(0x1f782384)
    Jan  3 02:53:53 firewall1 racoon: INFO: renegotiating phase1 to REMOTE PUBLIC IP due to active phase2
    Jan  3 02:53:53 firewall1 racoon: INFO: initiate new phase 1 negotiation: LOCAL PUBLIC IP[500]<=>REMOTE PUBLIC IP[500]
    Jan  3 02:53:53 firewall1 racoon: INFO: begin Identity Protection mode.
    Jan  3 02:53:54 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
    Jan  3 02:53:54 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
    Jan  3 02:53:54 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
    Jan  3 02:53:54 firewall1 racoon: INFO: received Vendor ID: RFC 3947
    Jan  3 02:53:54 firewall1 racoon: INFO: received Vendor ID: DPD
    Jan  3 02:53:54 firewall1 racoon: INFO: ISAKMP-SA established LOCAL PUBLIC IP[500]-REMOTE PUBLIC IP[500] spi:aac4eff7c1dc6753:73ab6db58a7b19a3
    Jan  3 02:53:56 firewall1 racoon: INFO: IPsec-SA expired: ESP/Tunnel REMOTE PUBLIC IP[500]->LOCAL PUBLIC IP[500] spi=66201192(0x3f22668)
    Jan  3 02:54:00 firewall1 racoon: INFO: IPsec-SA expired: ESP/Tunnel REMOTE PUBLIC IP[500]->LOCAL PUBLIC IP[500] spi=186348245(0xb1b72d5)
    Jan  3 04:29:53 firewall1 racoon: INFO: ISAKMP-SA expired LOCAL PUBLIC IP[500]-REMOTE PUBLIC IP[500] spi:a252e450ab088144:3bf6ab1ac9cc68b2
    Jan  3 04:29:53 firewall1 racoon: INFO: ISAKMP-SA deleted LOCAL PUBLIC IP[500]-REMOTE PUBLIC IP[500] spi:a252e450ab088144:3bf6ab1ac9cc68b2
    Jan  3 04:29:57 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  3 04:29:58 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  3 04:30:00 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  3 04:30:03 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  3 04:30:08 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  3 04:30:09 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  3 04:33:45 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 04:33:45 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 04:34:10 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 04:34:10 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 04:38:36 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 04:38:36 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 04:39:01 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 04:39:01 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 04:43:26 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 04:43:26 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 04:43:51 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 04:43:51 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 04:48:16 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 04:48:16 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 04:48:41 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 04:48:41 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 04:53:06 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 04:53:06 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 04:53:31 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 04:53:31 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 04:57:56 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 04:57:56 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 04:58:21 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 04:58:21 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 05:02:47 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 05:02:47 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 05:03:12 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 05:03:12 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 05:07:37 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 05:07:37 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 05:08:02 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 05:08:02 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 05:12:28 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 05:12:28 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 05:12:52 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 05:12:52 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 05:17:17 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 05:17:17 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 05:17:42 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 05:17:42 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 05:22:07 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 05:22:07 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 05:22:32 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 05:22:32 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 05:26:57 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 05:26:57 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 05:27:22 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 05:27:22 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 05:31:48 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 05:31:48 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 05:32:13 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 05:32:13 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 05:36:38 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 05:36:38 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 05:37:03 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 05:37:03 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 05:41:28 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 05:41:28 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 05:41:53 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 05:41:53 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 05:46:18 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 05:46:18 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 05:46:43 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 05:46:43 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 05:51:08 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 05:51:08 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 05:51:33 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 05:51:33 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 05:55:58 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 05:55:58 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 05:56:24 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 05:56:24 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 06:00:49 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 06:00:49 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 06:01:14 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 06:01:14 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 06:05:39 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 06:05:39 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 06:06:04 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 06:06:04 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 06:10:29 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 06:10:29 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 06:10:54 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 06:10:54 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 06:15:19 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 06:15:19 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 06:15:44 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 06:15:44 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 06:20:09 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 06:20:09 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 06:20:35 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 06:20:35 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 06:25:00 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 06:25:00 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 06:25:25 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 06:25:25 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 06:29:50 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 06:29:50 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 06:30:15 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 06:30:15 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 06:34:40 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 06:34:40 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 06:35:05 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 06:35:05 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 06:39:30 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 06:39:30 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 06:39:55 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 06:39:55 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 06:44:20 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 06:44:20 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 06:44:45 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 06:44:45 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 06:49:11 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 06:49:11 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 06:49:36 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 06:49:36 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 06:54:01 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 06:54:01 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 06:54:26 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 06:54:26 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 06:58:51 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 06:58:51 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 06:59:16 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 06:59:16 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 07:03:41 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:03:41 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 07:04:06 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:04:06 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 07:08:31 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:08:31 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 07:08:57 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:08:57 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 07:13:21 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:13:21 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 07:13:46 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:13:46 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 07:15:32 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:15:32 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 07:18:12 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:18:12 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 07:18:37 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:18:37 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 07:23:02 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:23:02 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 07:23:27 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:23:27 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 07:27:52 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:27:52 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 07:28:17 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:28:17 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 07:32:42 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:32:42 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 07:33:07 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:33:07 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 07:37:32 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:37:32 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 07:37:57 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:37:57 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 07:42:23 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:42:23 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 07:42:48 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:42:48 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 07:45:19 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:45:19 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 07:47:13 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:47:13 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 07:47:38 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:47:38 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 07:51:21 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:51:21 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 07:52:03 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:52:03 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 07:52:28 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:52:28 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 07:52:44 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:52:44 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 07:53:41 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:53:41 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 07:54:43 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:54:43 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 07:55:08 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:55:08 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 07:55:26 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:55:26 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 07:55:37 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:55:37 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 07:56:54 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:56:54 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 07:57:18 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:57:18 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 07:58:38 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 07:58:38 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 07:59:26 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 07:59:26 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 08:01:43 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 08:01:43 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 08:02:08 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 08:02:08 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '. Jan  3 08:03:38 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 08:03:38 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 08:04:03 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 08:04:03 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 08:05:11 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 08:05:11 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 08:05:42 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 08:05:42 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ '. Jan  3 08:06:33 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange. Jan  3 08:06:33 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^'.
    Jan  3 08:06:59 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 08:06:59 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 08:08:13 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 08:08:13 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 08:08:23 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 08:08:23 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: 'x# '.
    Jan  3 08:08:38 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: notification INVALID-SPI received in informational exchange.
    Jan  3 08:08:38 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: error message: '^ `'.
    Jan  3 08:09:06 firewall1 racoon: INFO: @(#)ipsec-tools 0.8.0 (http://ipsec-tools.sourceforge.net)
    Jan  3 08:09:06 firewall1 racoon: INFO: @(#)This product linked OpenSSL 0.9.8n 24 Mar 2010 (http://www.openssl.org/)
    Jan  3 08:09:06 firewall1 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
    Jan  3 08:09:06 firewall1 racoon: INFOCLOG
    Jan  3 08:09:06 firewall1 racoon: INFO: LOCAL PUBLIC IP[4500] used as isakmp port (fd=14)
    Jan  3 08:09:06 firewall1 racoon: INFO: LOCAL PUBLIC IP[500] used for NAT-T
    Jan  3 08:09:06 firewall1 racoon: INFO: LOCAL PUBLIC IP[500] used as isakmp port (fd=15)
    Jan  3 08:09:06 firewall1 racoon: INFO: unsupported PF_KEY message REGISTER
    Jan  3 08:09:08 firewall1 racoon: INFO: IPsec-SA request for REMOTE PUBLIC IP queued due to no phase1 found.
    Jan  3 08:09:08 firewall1 racoon: INFO: initiate new phase 1 negotiation: LOCAL PUBLIC IP[500]<=>REMOTE PUBLIC IP[500]
    Jan  3 08:09:08 firewall1 racoon: INFO: begin Identity Protection mode.
    Jan  3 08:09:08 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
    Jan  3 08:09:08 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
    Jan  3 08:09:08 firewall1 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
    Jan  3 08:09:08 firewall1 racoon: INFO: received Vendor ID: RFC 3947
    Jan  3 08:09:08 firewall1 racoon: INFO: received Vendor ID: DPD
    Jan  3 08:09:08 firewall1 racoon: INFO: ISAKMP-SA established LOCAL PUBLIC IP[500]-REMOTE PUBLIC IP[500] spi:b74576452ad7d163:6efc070bb2888f2a
    Jan  3 08:09:09 firewall1 racoon: INFO: initiate new phase 2 negotiation: LOCAL PUBLIC IP[500]<=>REMOTE PUBLIC IP[500]
    Jan  3 08:09:09 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=163813336(0x9c397d8)
    Jan  3 08:09:09 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=1197506888(0x47608148)
    Jan  3 08:09:09 firewall1 racoon: INFO: initiate new phase 2 negotiation: LOCAL PUBLIC IP[500]<=>REMOTE PUBLIC IP[500]
    Jan  3 08:09:09 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=23293581(0x1636e8d)
    Jan  3 08:09:09 firewall1 racoon: INFO: IPsec-SA established: ESP LOCAL PUBLIC IP[500]->REMOTE PUBLIC IP[500] spi=1753862424(0x6889d118)
    Jan  3 08:09:15 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  3 08:09:16 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  3 08:09:18 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  3 08:09:21 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  3 08:09:26 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.
    Jan  3 08:09:27 firewall1 racoon: [REMOTE PUBLIC IP] ERROR: unknown Informational exchange received.



  • That's not the same problem. Something there is attempting to negotiate with mismatched settings.


Locked