5. Mobile IPsec and Android Lollipop

Mobile IPsec and Android Lollipop

  • J

    I've followed the guide for setting up mobile IPsec, and it used to work at some point in the past (pfsense 2.1, android 4.4 kitkat). Since then, I've upgraded to the latest 2.2 RC (built 12/30) and my phone is also now running android Lollipop (5.0.1). I'm unable to get Phase 1 to set up.

    On the IPsec Status page, there will briefly be a new entry with a status of "connecting", the algorithm says "AES_CBC:128
    HMAC_SHA1_96:0
    PRF_HMAC_SHA1
    MODP_1024" and the role says "IKEv1 responder"

    Here's what I can see in the log (I've monkeyed with the logging levels so I'm not sure if I'm seeing what I should):

    Dec 31 12:07:24 	charon: 10[MGR] check-in of IKE_SA successful.
Dec 31 12:07:24 	charon: 10[MGR] <con2|104> check-in of IKE_SA successful.
Dec 31 12:07:24 	charon: 10[MGR] checkin IKE_SA con2[104]
Dec 31 12:07:24 	charon: 10[MGR] <con2|104> checkin IKE_SA con2[104]
Dec 31 12:07:24 	charon: 05[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209]
Dec 31 12:07:24 	charon: 05[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209]
Dec 31 12:07:24 	charon: 10[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209] (432 bytes)
Dec 31 12:07:24 	charon: 10[NET] <con2|104> sending packet: from 69.135.168.176[500] to 96.11.188.190[209] (432 bytes)
Dec 31 12:07:24 	charon: 10[IKE] received retransmit of request with ID 0, retransmitting response
Dec 31 12:07:24 	charon: 10[IKE] <con2|104> received retransmit of request with ID 0, retransmitting response
Dec 31 12:07:24 	charon: 10[NET] received packet: from 96.11.188.190[209] to 69.135.168.176[500] (654 bytes)
Dec 31 12:07:24 	charon: 10[NET] <con2|104> received packet: from 96.11.188.190[209] to 69.135.168.176[500] (654 bytes)
Dec 31 12:07:24 	charon: 10[MGR] IKE_SA con2[104] successfully checked out
Dec 31 12:07:24 	charon: 10[MGR] IKE_SA con2[104] successfully checked out
Dec 31 12:07:24 	charon: 10[MGR] checkout IKE_SA by message
Dec 31 12:07:24 	charon: 10[MGR] checkout IKE_SA by message
Dec 31 12:07:24 	charon: 04[NET] waiting for data on sockets
Dec 31 12:07:24 	charon: 04[NET] waiting for data on sockets
Dec 31 12:07:24 	charon: 04[ENC] parsed a AGGRESSIVE message header
Dec 31 12:07:24 	charon: 04[ENC] parsed a AGGRESSIVE message header
Dec 31 12:07:24 	charon: 04[ENC] parsing HEADER payload finished
Dec 31 12:07:24 	charon: 04[ENC] parsing HEADER payload finished
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 15 HEADER_LENGTH
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 15 HEADER_LENGTH
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 14 U_INT_32
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 14 U_INT_32
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 13 FLAG
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 13 FLAG
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 12 FLAG
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 12 FLAG
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 11 FLAG
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 11 FLAG
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 10 FLAG
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 10 FLAG
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 9 FLAG
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 9 FLAG
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 8 FLAG
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 8 FLAG
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 7 RESERVED_BIT
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 7 RESERVED_BIT
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 6 RESERVED_BIT
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 6 RESERVED_BIT
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 5 U_INT_8
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 5 U_INT_8
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 4 U_INT_4
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 4 U_INT_4
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 3 U_INT_4
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 3 U_INT_4
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 2 U_INT_8
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 2 U_INT_8
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 1 IKE_SPI
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 1 IKE_SPI
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 0 IKE_SPI
Dec 31 12:07:24 	charon: 04[ENC] parsing rule 0 IKE_SPI
Dec 31 12:07:24 	charon: 04[ENC] parsing HEADER payload, 654 bytes left
Dec 31 12:07:24 	charon: 04[ENC] parsing HEADER payload, 654 bytes left
Dec 31 12:07:24 	charon: 04[ENC] parsing header of message
Dec 31 12:07:24 	charon: 04[ENC] parsing header of message
Dec 31 12:07:24 	charon: 04[NET] received packet: from 96.11.188.190[209] to 69.135.168.176[500]
Dec 31 12:07:24 	charon: 04[NET] received packet: from 96.11.188.190[209] to 69.135.168.176[500]
Dec 31 12:07:24 	charon: 10[MGR] check-in of IKE_SA successful.
Dec 31 12:07:24 	charon: 10[MGR] <con2|104> check-in of IKE_SA successful.
Dec 31 12:07:24 	charon: 10[MGR] checkin IKE_SA con2[104]
Dec 31 12:07:24 	charon: 05[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209]
Dec 31 12:07:24 	charon: 05[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209]
Dec 31 12:07:24 	charon: 10[MGR] <con2|104> checkin IKE_SA con2[104]
Dec 31 12:07:24 	charon: 10[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209] (432 bytes)
Dec 31 12:07:24 	charon: 10[NET] <con2|104> sending packet: from 69.135.168.176[500] to 96.11.188.190[209] (432 bytes)
Dec 31 12:07:24 	charon: 10[IKE] sending retransmit 2 of response message ID 0, seq 1
Dec 31 12:07:24 	charon: 10[IKE] <con2|104> sending retransmit 2 of response message ID 0, seq 1
Dec 31 12:07:24 	charon: 10[MGR] IKE_SA con2[104] successfully checked out
Dec 31 12:07:24 	charon: 10[MGR] IKE_SA con2[104] successfully checked out
Dec 31 12:07:24 	charon: 10[MGR] checkout IKE_SA
Dec 31 12:07:24 	charon: 10[MGR] checkout IKE_SA
Dec 31 12:07:21 	charon: 10[MGR] check-in of IKE_SA successful.
Dec 31 12:07:21 	charon: 10[MGR] <con2|104> check-in of IKE_SA successful.
Dec 31 12:07:21 	charon: 10[MGR] checkin IKE_SA con2[104]
Dec 31 12:07:21 	charon: 10[MGR] <con2|104> checkin IKE_SA con2[104]
Dec 31 12:07:21 	charon: 05[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209]
Dec 31 12:07:21 	charon: 05[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209]
Dec 31 12:07:21 	charon: 10[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209] (432 bytes)
Dec 31 12:07:21 	charon: 10[NET] <con2|104> sending packet: from 69.135.168.176[500] to 96.11.188.190[209] (432 bytes)
Dec 31 12:07:21 	charon: 10[IKE] received retransmit of request with ID 0, retransmitting response
Dec 31 12:07:21 	charon: 10[IKE] <con2|104> received retransmit of request with ID 0, retransmitting response
Dec 31 12:07:21 	charon: 10[NET] received packet: from 96.11.188.190[209] to 69.135.168.176[500] (654 bytes)
Dec 31 12:07:21 	charon: 10[NET] <con2|104> received packet: from 96.11.188.190[209] to 69.135.168.176[500] (654 bytes)
Dec 31 12:07:21 	charon: 10[MGR] IKE_SA con2[104] successfully checked out
Dec 31 12:07:21 	charon: 10[MGR] IKE_SA con2[104] successfully checked out
Dec 31 12:07:21 	charon: 10[MGR] checkout IKE_SA by message
Dec 31 12:07:21 	charon: 04[NET] waiting for data on sockets
Dec 31 12:07:21 	charon: 04[NET] waiting for data on sockets
Dec 31 12:07:21 	charon: 10[MGR] checkout IKE_SA by message
Dec 31 12:07:21 	charon: 04[ENC] parsed a AGGRESSIVE message header
Dec 31 12:07:21 	charon: 04[ENC] parsed a AGGRESSIVE message header
Dec 31 12:07:21 	charon: 04[ENC] parsing HEADER payload finished
Dec 31 12:07:21 	charon: 04[ENC] parsing HEADER payload finished
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 15 HEADER_LENGTH
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 15 HEADER_LENGTH
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 14 U_INT_32
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 14 U_INT_32
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 13 FLAG
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 13 FLAG
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 12 FLAG
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 12 FLAG
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 11 FLAG
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 11 FLAG
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 10 FLAG
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 10 FLAG
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 9 FLAG
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 9 FLAG
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 8 FLAG
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 8 FLAG
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 7 RESERVED_BIT
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 7 RESERVED_BIT
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 6 RESERVED_BIT
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 6 RESERVED_BIT
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 5 U_INT_8
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 5 U_INT_8
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 4 U_INT_4
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 4 U_INT_4
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 3 U_INT_4
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 3 U_INT_4
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 2 U_INT_8
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 2 U_INT_8
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 1 IKE_SPI
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 1 IKE_SPI
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 0 IKE_SPI
Dec 31 12:07:21 	charon: 04[ENC] parsing rule 0 IKE_SPI
Dec 31 12:07:21 	charon: 04[ENC] parsing HEADER payload, 654 bytes left
Dec 31 12:07:21 	charon: 04[ENC] parsing HEADER payload, 654 bytes left
Dec 31 12:07:21 	charon: 04[ENC] parsing header of message
Dec 31 12:07:21 	charon: 04[ENC] parsing header of message
Dec 31 12:07:21 	charon: 04[NET] received packet: from 96.11.188.190[209] to 69.135.168.176[500]
Dec 31 12:07:21 	charon: 04[NET] received packet: from 96.11.188.190[209] to 69.135.168.176[500]
Dec 31 12:07:18 	charon: 05[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209]
Dec 31 12:07:18 	charon: 05[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209]
Dec 31 12:07:18 	charon: 10[MGR] check-in of IKE_SA successful.
Dec 31 12:07:18 	charon: 10[MGR] <con2|104> check-in of IKE_SA successful.
Dec 31 12:07:18 	charon: 10[MGR] checkin IKE_SA con2[104]
Dec 31 12:07:18 	charon: 10[MGR] <con2|104> checkin IKE_SA con2[104]
Dec 31 12:07:18 	charon: 10[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209] (432 bytes)
Dec 31 12:07:18 	charon: 10[NET] <con2|104> sending packet: from 69.135.168.176[500] to 96.11.188.190[209] (432 bytes)
Dec 31 12:07:18 	charon: 10[IKE] received retransmit of request with ID 0, retransmitting response
Dec 31 12:07:18 	charon: 10[IKE] <con2|104> received retransmit of request with ID 0, retransmitting response
Dec 31 12:07:18 	charon: 10[NET] received packet: from 96.11.188.190[209] to 69.135.168.176[500] (654 bytes)
Dec 31 12:07:18 	charon: 10[NET] <con2|104> received packet: from 96.11.188.190[209] to 69.135.168.176[500] (654 bytes)
Dec 31 12:07:18 	charon: 10[MGR] IKE_SA con2[104] successfully checked out
Dec 31 12:07:18 	charon: 10[MGR] IKE_SA con2[104] successfully checked out
Dec 31 12:07:18 	charon: 10[MGR] checkout IKE_SA by message
Dec 31 12:07:18 	charon: 10[MGR] checkout IKE_SA by message
Dec 31 12:07:18 	charon: 04[NET] waiting for data on sockets
Dec 31 12:07:18 	charon: 04[NET] waiting for data on sockets
Dec 31 12:07:18 	charon: 04[ENC] parsed a AGGRESSIVE message header
Dec 31 12:07:18 	charon: 04[ENC] parsed a AGGRESSIVE message header
Dec 31 12:07:18 	charon: 04[ENC] parsing HEADER payload finished
Dec 31 12:07:18 	charon: 04[ENC] parsing HEADER payload finished
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 15 HEADER_LENGTH
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 15 HEADER_LENGTH
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 14 U_INT_32
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 14 U_INT_32
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 13 FLAG
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 13 FLAG
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 12 FLAG
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 12 FLAG
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 11 FLAG
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 11 FLAG
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 10 FLAG
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 10 FLAG
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 9 FLAG
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 9 FLAG
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 8 FLAG
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 8 FLAG
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 7 RESERVED_BIT
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 7 RESERVED_BIT
Dec 31 12:07:18 	charon: 04[ENC] parsing rule 6 RESERVED_BIT
Dec 31 12:07:17 	charon: 04[ENC] parsing rule 6 RESERVED_BIT
Dec 31 12:07:17 	charon: 04[ENC] parsing rule 5 U_INT_8
Dec 31 12:07:17 	charon: 04[ENC] parsing rule 5 U_INT_8
Dec 31 12:07:17 	charon: 04[ENC] parsing rule 4 U_INT_4
Dec 31 12:07:17 	charon: 04[ENC] parsing rule 4 U_INT_4
Dec 31 12:07:17 	charon: 04[ENC] parsing rule 3 U_INT_4
Dec 31 12:07:17 	charon: 04[ENC] parsing rule 3 U_INT_4
Dec 31 12:07:17 	charon: 04[ENC] parsing rule 2 U_INT_8
Dec 31 12:07:17 	charon: 04[ENC] parsing rule 2 U_INT_8
Dec 31 12:07:17 	charon: 04[ENC] parsing rule 1 IKE_SPI
Dec 31 12:07:17 	charon: 04[ENC] parsing rule 1 IKE_SPI
Dec 31 12:07:17 	charon: 04[ENC] parsing rule 0 IKE_SPI
Dec 31 12:07:17 	charon: 04[ENC] parsing rule 0 IKE_SPI
Dec 31 12:07:17 	charon: 04[ENC] parsing HEADER payload, 654 bytes left
Dec 31 12:07:17 	charon: 04[ENC] parsing HEADER payload, 654 bytes left
Dec 31 12:07:17 	charon: 04[ENC] parsing header of message
Dec 31 12:07:17 	charon: 04[ENC] parsing header of message
Dec 31 12:07:17 	charon: 04[NET] received packet: from 96.11.188.190[209] to 69.135.168.176[500]
Dec 31 12:07:17 	charon: 04[NET] received packet: from 96.11.188.190[209] to 69.135.168.176[500]
Dec 31 12:07:16 	charon: 10[MGR] check-in of IKE_SA successful.
Dec 31 12:07:16 	charon: 10[MGR] <con2|104> check-in of IKE_SA successful.
Dec 31 12:07:16 	charon: 10[MGR] checkin IKE_SA con2[104]
Dec 31 12:07:16 	charon: 10[MGR] <con2|104> checkin IKE_SA con2[104]
Dec 31 12:07:16 	charon: 05[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209]
Dec 31 12:07:16 	charon: 05[NET] sending packet: from 69.135.168.176[500] to 96.11.188.190[209]</con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104></con2|104>
    0
  • Rebel Alliance Developer Netgate

    I have a tablet running Lollipop (5.0.1) and I can connect using IPsec to a 2.1.x VM and it works OK, so it probably isn't Android. I'd check over the mobile IPsec P1/P2/Mobile tab settings on 2.2 and see if they are all still correct.

    We don't yet have an officially "blessed" config for mobile IPsec on 2.2 (Traditional, or IKEv2 or L2TP+IPsec) but that should all be coming very soon.

    0
  • J

    So far, I've tried various different encryptions/hashes on both phase 1 and 2, negotiation mode, my identifier, peer identifier, DH group, NAT traversal, lifetime, ikev1/2, and a few other settings and none seem to get me a working connection.

    I'm sure I'm probably just missing the right combo. More trial and error, I suppose.

    It'd help if I could get some log info out of Android. I am rooted - does anyone know where I can dig into some logs?

    0
  • J

    It appears that Android may have a bug in it relating to NAT traversal. In android, I get the following errors when attempting to connect:

    12-31 13:16:07.482 I/Vpn     (799): Switched from [Legacy VPN] to [Legacy VPN]
12-31 13:16:07.485 D/Vpn     (799): setting state=IDLE, reason=prepare
12-31 13:16:07.486 I/Vpn     (799): Switched from [Legacy VPN] to [Legacy VPN]
12-31 13:16:07.487 D/Vpn     (799): setting state=IDLE, reason=prepare
12-31 13:16:07.487 D/Vpn     (799): setting state=CONNECTING, reason=startLegacyVpn
12-31 13:16:07.497 V/LegacyVpnRunner(799): Waiting
12-31 13:16:07.502 V/LegacyVpnRunner(799): Executing
12-31 13:16:07.504 D/Vpn     (799): setting state=CONNECTING, reason=execute
12-31 13:16:07.520 D/racoon  (10824): Waiting for control socket
12-31 13:16:07.721 D/racoon  (10824): Received 9 arguments
12-31 13:16:07.735 I/racoon  (10824): ipsec-tools 0.7.3 (http://ipsec-tools.sf.net)
12-31 13:16:07.747 I/racoon  (10824): 10.0.203.120[500] used as isakmp port (fd=6)
12-31 13:16:07.747 I/racoon  (10824): 10.0.203.120[500] used for NAT-T
12-31 13:16:07.747 I/racoon  (10824): 10.0.203.120[4500] used as isakmp port (fd=7)
12-31 13:16:07.747 I/racoon  (10824): 10.0.203.120[4500] used for NAT-T
12-31 13:16:07.747 I/racoon  (10824): initiate new phase 1 negotiation: 10.0.203.120[500]<=>69.135.168.176[500]
12-31 13:16:07.747 I/racoon  (10824): begin Aggressive mode.
12-31 13:16:08.594 E/racoon  (10824): ignore the packet, received unexpecting payload type 20.
12-31 13:16:10.631 E/racoon  (10824): ignore the packet, received unexpecting payload type 20.
12-31 13:16:12.689 E/racoon  (10824): ignore the packet, received unexpecting payload type 20.
12-31 13:16:13.781 E/racoon  (10824): ignore the packet, received unexpecting payload type 20.
12-31 13:16:16.870 E/racoon  (10824): ignore the packet, received unexpecting payload type 20.
12-31 13:16:19.859 E/racoon  (10824): ignore the packet, received unexpecting payload type 20.
12-31 13:16:19.934 E/racoon  (10824): ignore the packet, received unexpecting payload type 20.
12-31 13:16:23.022 E/racoon  (10824): ignore the packet, received unexpecting payload type 20.
12-31 13:16:25.144 E/racoon  (10824): ignore the packet, received unexpecting payload type 20.
12-31 13:16:28.246 E/racoon  (10824): ignore the packet, received unexpecting payload type 20.
12-31 13:16:31.339 E/racoon  (10824): ignore the packet, received unexpecting payload type 20.
12-31 13:16:32.872 E/racoon  (10824): ignore the packet, received unexpecting payload type 20.
12-31 13:16:34.958 E/racoon  (10824): ignore the packet, received unexpecting payload type 20.
12-31 13:16:37.962 E/racoon  (10824): phase1 negotiation failed due to time up. 118a955695bcb745:0000000000000000
12-31 13:16:37.962 I/racoon  (10824): Bye
12-31 13:16:38.024 I/LegacyVpnRunner(799): Aborting
12-31 13:16:38.024 I/LegacyVpnRunner(799): java.lang.IllegalStateException: racoon is dead
12-31 13:16:38.024 I/LegacyVpnRunner(799): 	at com.android.server.connectivity.Vpn$LegacyVpnRunner.execute(Vpn.java:1213)
12-31 13:16:38.024 I/LegacyVpnRunner(799): 	at com.android.server.connectivity.Vpn$LegacyVpnRunner.run(Vpn.java:1092)
12-31 13:16:38.024 D/Vpn     (799): setting state=FAILED, reason=racoon is dead

    Googling the error, there is this bug report for strongswan: https://wiki.strongswan.org/issues/255

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy