ipsecerror.txt
All Users
Actions

Authored By

	lawrencepan
	Aug 5 2021, 3:44 PM

Size

14 KB

Referenced Files

None

Subscribers

None

ipsecerror.txt
View Options



	Aug 05 15:35:37 vedge01-la.us ipsec_starter[2665]: charon (2666) started after 40 ms
	Aug 05 15:35:37 vedge01-la.us charon[2666]: 06[CFG] received stroke: add connection 'peer-test01-tunnel-1'
	Aug 05 15:35:37 vedge01-la.us charon[2666]: 06[CFG] left nor right host is our side, assuming left=local
	Aug 05 15:35:37 vedge01-la.us charon[2666]: 06[CFG] added configuration 'peer-test01-tunnel-1'
	Aug 05 15:35:38 vedge01-la.us charon[2666]: 07[CFG] rereading secrets
	Aug 05 15:35:38 vedge01-la.us charon[2666]: 07[CFG] loading secrets from '/etc/ipsec.secrets'
	Aug 05 15:35:38 vedge01-la.us charon[2666]: 07[CFG] loaded IKE secret for 192.168.50.231 %any 100.100.100.1
	Aug 05 15:35:38 vedge01-la.us charon[2666]: 07[CFG] rereading ca certificates from '/etc/ipsec.d/cacerts'
	Aug 05 15:35:38 vedge01-la.us charon[2666]: 07[CFG] rereading aa certificates from '/etc/ipsec.d/aacerts'
	Aug 05 15:35:38 vedge01-la.us charon[2666]: 07[CFG] rereading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
	Aug 05 15:35:38 vedge01-la.us charon[2666]: 07[CFG] rereading attribute certificates from '/etc/ipsec.d/acerts'
	Aug 05 15:35:38 vedge01-la.us charon[2666]: 07[CFG] rereading crls from '/etc/ipsec.d/crls'
	Aug 05 15:35:38 vedge01-la.us charon[2666]: 09[CFG] received stroke: delete connection 'peer-test01-tunnel-1'
	Aug 05 15:35:38 vedge01-la.us charon[2666]: 09[CFG] deleted connection 'peer-test01-tunnel-1'
	Aug 05 15:35:38 vedge01-la.us charon[2666]: 11[CFG] received stroke: add connection 'peer-test01-tunnel-1'
	Aug 05 15:35:38 vedge01-la.us charon[2666]: 11[CFG] left nor right host is our side, assuming left=local
	Aug 05 15:35:38 vedge01-la.us charon[2666]: 11[CFG] added configuration 'peer-test01-tunnel-1'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 12[CFG] rereading secrets
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 12[CFG] loading secrets from '/etc/ipsec.secrets'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 12[CFG] loaded IKE secret for 100.100.100.1 %any 100.100.100.1
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 12[CFG] rereading ca certificates from '/etc/ipsec.d/cacerts'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 12[CFG] rereading aa certificates from '/etc/ipsec.d/aacerts'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 12[CFG] rereading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 12[CFG] rereading attribute certificates from '/etc/ipsec.d/acerts'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 12[CFG] rereading crls from '/etc/ipsec.d/crls'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 15[CFG] received stroke: delete connection 'peer-test01-tunnel-1'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 15[CFG] deleted connection 'peer-test01-tunnel-1'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 05[CFG] received stroke: add connection 'peer-test01-tunnel-1'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 05[CFG] added configuration 'peer-test01-tunnel-1'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 07[CFG] rereading secrets
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 07[CFG] loading secrets from '/etc/ipsec.secrets'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 07[CFG] loaded IKE secret for 100.100.100.1 %any 100.100.100.1
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 07[CFG] rereading ca certificates from '/etc/ipsec.d/cacerts'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 07[CFG] rereading aa certificates from '/etc/ipsec.d/aacerts'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 07[CFG] rereading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 07[CFG] rereading attribute certificates from '/etc/ipsec.d/acerts'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 07[CFG] rereading crls from '/etc/ipsec.d/crls'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 09[CFG] received stroke: delete connection 'peer-test01-tunnel-1'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 09[CFG] deleted connection 'peer-test01-tunnel-1'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 13[CFG] received stroke: add connection 'peer-test01-tunnel-1'
	Aug 05 15:35:55 vedge01-la.us charon[2666]: 13[CFG] added configuration 'peer-test01-tunnel-1'
	Aug 05 15:36:15 vedge01-la.us charon[2666]: 06[CFG] received stroke: terminate 'peer-test01-tunnel-1'
	Aug 05 15:36:15 vedge01-la.us charon[2666]: 06[CFG] no IKE_SA named 'peer-test01-tunnel-1' found
	Aug 05 15:36:15 vedge01-la.us charon[2666]: 07[CFG] received stroke: initiate 'peer-test01-tunnel-1'
	Aug 05 15:36:15 vedge01-la.us charon[2666]: 10[IKE] <peer-test01-tunnel-1\|1> unable to resolve %any, initiate aborted
	Aug 05 15:36:15 vedge01-la.us charon[2666]: 10[MGR] <peer-test01-tunnel-1\|1> tried to checkin and delete nonexisting IKE_SA
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 11[NET] <2> received packet: from 60.60.60.1[500] to 100.100.100.1[500] (464 bytes)
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 11[ENC] <2> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 11[IKE] <2> 60.60.60.1 is initiating an IKE_SA
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 11[CFG] <2> selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 11[IKE] <2> remote host is behind NAT
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 11[ENC] <2> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 11[NET] <2> sending packet: from 100.100.100.1[500] to 60.60.60.1[500] (464 bytes)
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[NET] <2> received packet: from 60.60.60.1[4500] to 100.100.100.1[4500] (268 bytes)
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[ENC] <2> parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH N(IPCOMP_SUP) SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[CFG] <2> looking for peer configs matching 100.100.100.1[100.100.100.1]...60.60.60.1[test01]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[CFG] <peer-test01-tunnel-1\|2> selected peer config 'peer-test01-tunnel-1'
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[IKE] <peer-test01-tunnel-1\|2> authentication of 'test01' with pre-shared key successful
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[IKE] <peer-test01-tunnel-1\|2> peer supports MOBIKE
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[IKE] <peer-test01-tunnel-1\|2> authentication of '100.100.100.1' (myself) with pre-shared key
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[IKE] <peer-test01-tunnel-1\|2> IKE_SA peer-test01-tunnel-1[2] established between 100.100.100.1[100.100.100.1]...60.60.60.1[test01]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[CFG] <peer-test01-tunnel-1\|2> selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[DMN] <peer-test01-tunnel-1\|2> thread 12 received 11
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> dumping 17 stack frame addresses:
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7eff467f3000 [0x7eff46802890]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.so @ 0x7eff3c109000 [0x7eff3c116c4c]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.so @ 0x7eff3c109000 [0x7eff3c116fac]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.so @ 0x7eff3c109000 [0x7eff3c110341]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/plugins/libstrongswan-kernel-netlink.so @ 0x7eff3c109000 [0x7eff3c11124d]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/libcharon.so.0 @ 0x7eff46a10000 [0x7eff46a3efcf]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/libcharon.so.0 @ 0x7eff46a10000 [0x7eff46a3f3d5]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/libcharon.so.0 @ 0x7eff46a10000 [0x7eff46a3f564]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/libcharon.so.0 @ 0x7eff46a10000 [0x7eff46a59702]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/libcharon.so.0 @ 0x7eff46a10000 [0x7eff46a5a0b5]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/libcharon.so.0 @ 0x7eff46a10000 [0x7eff46a537f6]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/libcharon.so.0 @ 0x7eff46a10000 [0x7eff46a449b7]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/libcharon.so.0 @ 0x7eff46a10000 [0x7eff46a3b1e4]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/libstrongswan.so.0 @ 0x7eff46cae000 [0x7eff46ce7613]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /usr/lib/ipsec/libstrongswan.so.0 @ 0x7eff46cae000 [0x7eff46cf98e7]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7eff467f3000 [0x7eff467fb064]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> /lib/x86_64-linux-gnu/libc.so.6 @ 0x7eff46448000 (clone+0x6d) [0x7eff4653062d]
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[LIB] <peer-test01-tunnel-1\|2> ->
	Aug 05 15:38:14 vedge01-la.us charon[2666]: 12[DMN] <peer-test01-tunnel-1\|2> killing ourself, received critical signal
	Aug 05 15:38:14 vedge01-la.us ipsec_starter[2665]: charon has died -- restart scheduled (5sec)
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[DMN] Starting IKE charon daemon (strongSwan 5.7.2, Linux 4.19.195-amd64-vyos, x86_64)
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[CFG] PKCS11 module '<name>' lacks library path
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[LIB] plugin 'openssl' failed to load: /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0: version `OPENSSL_1.0.2' not found (required by /usr/lib/ipsec/plugins/libstrongswan-openssl.so)
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[KNL] unable to create IPv4 routing table rule
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[KNL] unable to create IPv6 routing table rule
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[CFG] loaded IKE secret for 100.100.100.1 %any 100.100.100.1
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[CFG] loaded 0 RADIUS server configurations
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[CFG] HA config misses local/remote address
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[LIB] loaded plugins: charon test-vectors ldap pkcs11 tpm aesni aes rc2 sha2 sha1 md5 mgf1 rdrand random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem gcrypt af-alg fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ctr ccm gcm curl attr kernel-netlink resolve socket-default bypass-lan connmark stroke vici updown eap-identity eap-aka eap-md5 eap-gtc eap-mschapv2 eap-radius eap-tls eap-ttls eap-tnc xauth-generic xauth-eap xauth-pam tnc-tnccs dhcp lookip error-notify certexpire led addrblock counters
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[LIB] dropped capabilities, running as uid 0, gid 0
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 00[JOB] spawning 16 worker threads
	Aug 05 15:38:19 vedge01-la.us ipsec_starter[2665]: charon (3259) started after 40 ms
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 03[CFG] received stroke: add connection 'peer-test01-tunnel-1'
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 03[CFG] added configuration 'peer-test01-tunnel-1'
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 05[KNL] policy already exists, try to update it
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 05[KNL] policy already exists, try to update it
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 05[KNL] policy already exists, try to update it
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 05[IKE] installed bypass policy for 134.159.34.78/31
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 05[KNL] policy already exists, try to update it
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 05[KNL] policy already exists, try to update it
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 05[KNL] policy already exists, try to update it
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 05[IKE] installed bypass policy for ::1/128
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 05[KNL] policy already exists, try to update it
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 05[KNL] policy already exists, try to update it
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 05[KNL] policy already exists, try to update it
	Aug 05 15:38:19 vedge01-la.us charon[3259]: 05[IKE] installed bypass policy for fe80::/64

File Metadata

Mime Type: text/plain
Storage Engine: local-disk
Storage Format: Raw Data
Storage Handle: 94/a6/26cd57b34ed08d5537b69cfd1ac0
Default Alt Text: ipsecerror.txt (14 KB)

ipsecerror.txtAll UsersActions

ipsecerror.txtView Options

File Metadata

Event Timeline

ipsecerror.txt
All Users
Actions

ipsecerror.txt
View Options