On Wed, 27 Mar 2002 07:37:30 +0100
"Andreas Steffen" <andreas.steffen_at_strongsec.com> wrote:
> The problem is the single quote in O=Chad's IPSec Client. The ID string
> is exported as an environment variable to the updown script and wreaks
> havoc there. As a workaround generate a certificate without single
> quotes in the distinguished name. I'm going to check if the ID string
> must be double-quoted before exporting it.
Very good. I have done so, but get the following log now. Is there
anyway that I can help document this log file? Obviously, there is enough
information in the file to allow troubleshooting of any connection
problem, but unless you know the source code, it is quite difficult. I am
writing detailed documentation on my entire process that I will post to
the list (as well as the LEAF list and another hardware list that I am
on), but if there is anything I can do to help document this fully, please
email me directly, and I will do my best. If you can just give me some
initial guidance, I will be off and running...thanks again for your assistance.
auth.log attached
Mar 28 06:50:08 wlanfw ipsec__plutorun: Starting Pluto subsystem...
Mar 28 06:50:09 wlanfw Pluto[1301]: Starting Pluto (FreeS/WAN Version 1.96)
Mar 28 06:50:09 wlanfw Pluto[1301]: including X.509 patch (Version 0.9.9)
Mar 28 06:50:09 wlanfw Pluto[1301]: Changing to directory '/etc/ipsec.d/cacerts'
Mar 28 06:50:09 wlanfw Pluto[1301]: loaded cacert file 'RootCA.der' (1146 bytes)
Mar 28 06:50:09 wlanfw Pluto[1301]: Changing to directory '/etc/ipsec.d/crls'
Mar 28 06:50:09 wlanfw Pluto[1301]: loaded crl file 'crl.pem' (682 bytes)
Mar 28 06:50:09 wlanfw Pluto[1301]: loaded my X.509 cert file '/etc/x509cert.der' (1195 bytes)
Mar 28 06:50:11 wlanfw Pluto[1301]: added connection description "w2k-road-warriors"
Mar 28 06:50:12 wlanfw Pluto[1301]: listening for IKE messages
Mar 28 06:50:12 wlanfw Pluto[1301]: adding interface ipsec0/eth0 192.168.3.1
Mar 28 06:50:12 wlanfw Pluto[1301]: loading secrets from "/etc/ipsec.secrets"
Mar 28 06:50:12 wlanfw Pluto[1301]: packet from 192.168.3.10:500: Informational Exchange is for an unknown (expired?) SA
Mar 28 06:50:17 wlanfw Pluto[1301]: packet from 192.168.3.10:500: ignoring Vendor ID payload
Mar 28 06:50:17 wlanfw Pluto[1301]: "w2k-road-warriors" 192.168.3.10 #1: responding to Main Mode from unknown peer 192.168.3.10
Mar 28 06:50:18 wlanfw Pluto[1301]: "w2k-road-warriors" 192.168.3.10 #1: Peer ID is ID_DER_ASN1_DN: 'C=US, ST=California, L=Orange, O=Client, CN=Chad Carr, E=ccarr_at_franzdoodle.com'
Mar 28 06:50:18 wlanfw Pluto[1301]: "w2k-road-warriors" 192.168.3.10 #1: deleting connection "w2k-road-warriors" instance with peer 192.168.3.10
Mar 28 06:50:20 wlanfw Pluto[1301]: "w2k-road-warriors" 192.168.3.10 #1: sent MR3, ISAKMP SA established
Mar 28 06:50:20 wlanfw Pluto[1301]: "w2k-road-warriors" 192.168.3.10 #1: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Mar 28 06:50:20 wlanfw Pluto[1301]: "w2k-road-warriors" 192.168.3.10 #2: responding to Quick Mode
Mar 28 06:50:20 wlanfw Pluto[1301]: "w2k-road-warriors" 192.168.3.10 #2: up-client command exited with status 2
Mar 28 06:50:20 wlanfw Pluto[1301]: "w2k-road-warriors" 192.168.3.10 #1: ignoring Delete SA payload
Mar 28 06:50:20 wlanfw Pluto[1301]: "w2k-road-warriors" 192.168.3.10 #1: received and ignored informational message
Mar 28 06:50:31 wlanfw Pluto[1301]: "w2k-road-warriors" 192.168.3.10 #2: up-client command exited with status 2
Mar 28 06:50:31 wlanfw Pluto[1301]: ERROR: "w2k-road-warriors" 192.168.3.10 #2: pfkey write() of SADB_DELETE message 21 for Delete SA esp.bcc9dd61_at_192.168.3.1 failed. Errno 3: No such process
Mar 28 06:50:31 wlanfw Pluto[1301]: | 02 04 00 03 0a 00 00 00 15 00 00 00 15 05 00 00
Mar 28 06:50:31 wlanfw Pluto[1301]: | 02 00 01 00 bc c9 dd 61 00 01 00 00 00 00 00 00
Mar 28 06:50:31 wlanfw Pluto[1301]: | 03 00 05 00 00 00 00 00 02 00 01 f4 c0 a8 03 0a
Mar 28 06:50:31 wlanfw Pluto[1301]: | 00 00 00 00 00 00 00 00 03 00 06 00 00 00 00 00
Mar 28 06:50:31 wlanfw Pluto[1301]: | 02 00 00 00 c0 a8 03 01 00 00 00 00 00 00 00 00
Mar 28 06:50:50 wlanfw Pluto[1301]: "w2k-road-warriors" 192.168.3.10 #2: up-client command exited with status 2
Mar 28 06:50:50 wlanfw Pluto[1301]: ERROR: "w2k-road-warriors" 192.168.3.10 #2: pfkey write() of SADB_DELETE message 28 for Delete SA esp.bcc9dd61_at_192.168.3.1 failed. Errno 3: No such process
Mar 28 06:50:50 wlanfw Pluto[1301]: | 02 04 00 03 0a 00 00 00 1c 00 00 00 15 05 00 00
Mar 28 06:50:50 wlanfw Pluto[1301]: | 02 00 01 00 bc c9 dd 61 00 01 00 00 00 00 00 00
Mar 28 06:50:50 wlanfw Pluto[1301]: | 03 00 05 00 00 00 00 00 02 00 01 f4 c0 a8 03 0a
Mar 28 06:50:50 wlanfw Pluto[1301]: | 00 00 00 00 00 00 00 00 03 00 06 00 00 00 00 00
Mar 28 06:50:50 wlanfw Pluto[1301]: | 02 00 00 00 c0 a8 03 01 00 00 00 00 00 00 00 00
Mar 28 06:51:30 wlanfw Pluto[1301]: "w2k-road-warriors" 192.168.3.10 #2: max number of retransmissions (2) reached STATE_QUICK_R1
Mar 28 06:51:30 wlanfw Pluto[1301]: ERROR: "w2k-road-warriors" 192.168.3.10 #2: pfkey write() of SADB_DELETE message 29 for Delete SA esp.bcc9dd61_at_192.168.3.1 failed. Errno 3: No such process
Mar 28 06:51:30 wlanfw Pluto[1301]: | 02 04 00 03 0a 00 00 00 1d 00 00 00 15 05 00 00
Mar 28 06:51:30 wlanfw Pluto[1301]: | 02 00 01 00 bc c9 dd 61 00 01 00 00 00 00 00 00
Mar 28 06:51:30 wlanfw Pluto[1301]: | 03 00 05 00 00 00 00 00 02 00 01 f4 c0 a8 03 0a
Mar 28 06:51:30 wlanfw Pluto[1301]: | 00 00 00 00 00 00 00 00 03 00 06 00 00 00 00 00
Mar 28 06:51:30 wlanfw Pluto[1301]: | 02 00 00 00 c0 a8 03 01 00 00 00 00 00 00 00 00
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:47 CEST