IPSec - Error message



  • Hi guys.

    I would like to ask you what do you think about this log messages:

    racoon: [Unknown Gateway/Dynamic]: NOTIFY: no in-bound policy found: xxx.xxx.xxx.xxx/xx[0] 10.3.100.0/24[0] proto=any dir=in
    racoon: [IPSec]: INFO: IPsec-SA request for xxx.xxx.xxx.xxx queued due to no phase1 found.
    racoon: [IPSec]: INFO: initiate new phase 1 negotiation: xxx.xxx.xxx.xxx[500]<=>xxx.xxx.xxx.xxx[500]
    racoon: INFO: begin Identity Protection mode.
    racoon: INFO: received broken Microsoft ID: FRAGMENTATION
    racoon: INFO: received Vendor ID: CISCO-UNITY
    racoon: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
    racoon: INFO: received Vendor ID: DPD
    racoon: [IPSec]: INFO: ISAKMP-SA established xxx.xxx.xxx.xxx[500]-xxx.xxx.xxx.xxx[500] spi:3ba1c8d331ce52a0:6d3b74e377565c12
    racoon: [IPSec]: INFO: initiate new phase 2 negotiation: xxx.xxx.xxx.xxx[500]<=>93.153.115.10[500]
    racoon: [IPSec]: [xxx.xxx.xxx.xxx] ERROR: notification INVALID-ID-INFORMATION received in informational exchange.
    racoon: [IPSec]: [xxx.xxx.xxx.xxx] ERROR: error message: '' A r w 7 8 , p F 6 f r Gn&Dy E c \vN 9 C c Y M ! ( ! Q *< - 1 h g/" ] z 8M? ^ d % @ j 3 T -u 8pj;Z + 7 < B 2 | 4 r ? p U u`F%pw 30 V ] v '.
    racoon: [IPSec]: INFO: ISAKMP-SA expired xxx.xxx.xxx.xxx[500]-xxx.xxx.xxx.xxx[500] spi:3ba1c8d331ce52a0:6d3b74e377565c12
    racoon: [IPSec]: INFO: ISAKMP-SA deleted xxx.xxx.xxx.xxx[500]-xxx.xxx.xxx.xxx[500] spi:3ba1c8d331ce52a0:6d3b74e377565c12

    Specifically about these two errors: ERROR: notification INVALID-ID-INFORMATION and error message: "…."

    Thanks for any advice.
    I will able to send more information if you will wanted.

    Martin


  • Rebel Alliance Developer Netgate

    It means you have a settings mismatch. The other side is attempting to inform you of that but it's sending a message in a format that racoon can't interpret.