IPv6 readyNote: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

[Users] SOS-IPSEC

From: Hanumanth Rao (ahraous_at_yahoo.com)
Date: Thu Jul 04 2002 - 13:33:59 CEST

Dear All,
Im connecting from freeswan 1.97 to PIX-515, the
following is my /var/log/secure, Im really bugged of
seeing the error "duplicated packet" and "IPsec SA
Too many errors encountered; the rest of the message
is ignored:
request because no connection is known for

192.168.3.0/24===202.200.43.85...67.104.22.120===192.168.1.0/24"
 now I feel there may not be any solution to this
 issue.
 If really there is solution please mail me back.
 
 ===================================================
 Actually Im making a tunnel from 192.168.11.x to
 192.168.1.x
 ===================================================

192.168.11.0/24===202.200.43.85...67.104.22.120===192.168.1.0/24
 
 but I wonder from where the 3.x network is coming
 from.
This creates a tunnel sucessfully and after a minute,
Im not able to ping systems on the remote end.
 Regards
 RAO
 
 
 
 
> Jul 3 23:28:40 gateway Pluto[29131]: "vpntest" #25:
> Quick Mode I1
> message is unacceptable because it uses a previously
> used Message ID
> 0x28bcb24b (perhaps this is a duplicated packet)
> Jul 3 23:28:43 gateway Pluto[29131]: "vpntest" #25:
> ignoring Delete SA
> payload
> Jul 3 23:28:43 gateway Pluto[29131]: "vpntest" #25:
> received and
> ignored informational message
> Jul 3 23:29:09 gateway Pluto[29131]: "vpntest" #26:
> initiating Quick
> Mode PSK+ENCRYPT+TUNNEL+PFS+DISABLEARRIVALCHECK to
> replace #3
> Jul 3 23:29:25 gateway Pluto[29131]: "vpntest" #27:
> responding to Main
> Mode
> Jul 3 23:29:25 gateway Pluto[29131]: "vpntest" #27:
> OAKLEY_DES_CBC is
> not supported. Attribute
OAKLEY_ENCRYPTION_ALGORITHM
> Jul 3 23:29:25 gateway Pluto[29131]: "vpntest" #27:
> OAKLEY_DES_CBC is
> not supported. Attribute
OAKLEY_ENCRYPTION_ALGORITHM
> Jul 3 23:29:26 gateway Pluto[29131]: "vpntest" #27:
> ignoring Vendor ID
> payload
> Jul 3 23:29:26 gateway last message repeated 2
times
> Jul 3 23:29:27 gateway Pluto[29131]: "vpntest" #27:
> Peer ID is
> ID_IPV4_ADDR: '67.104.22.120'
> Jul 3 23:29:27 gateway Pluto[29131]: "vpntest" #27:
> sent MR3, ISAKMP
> SA established
> Jul 3 23:29:28 gateway Pluto[29131]: "vpntest" #27:
> cannot respond to
> IPsec SA request because no connection is known for
>
192.168.3.0/24===202.200.43.85...67.104.22.120===192.168.1.0/24
> Jul 3 23:29:43 gateway Pluto[29131]: "vpntest" #27:
> Quick Mode I1
> message is unacceptable because it uses a previously
> used Message ID
> 0x2ac30dd5 (perhaps this is a duplicated packet)
> Jul 3 23:30:12 gateway last message repeated 2
times
> Jul 3 23:30:19 gateway Pluto[29131]: "vpntest" #26:
> max number of
> retransmissions (2) reached STATE_QUICK_I1
> Jul 3 23:30:19 gateway Pluto[29131]: "vpntest" #26:
> starting keying
> attempt 2 of an unlimited number
> Jul 3 23:30:19 gateway Pluto[29131]: "vpntest" #28:
> initiating Quick
> Mode PSK+ENCRYPT+TUNNEL+PFS+DISABLEARRIVALCHECK to
> replace #26
> Jul 3 23:30:21 gateway Pluto[29131]: "vpntest" #28:
> ignoring
> informational payload, type IPSEC_RESPONDER_LIFETIME
> Jul 3 23:30:21 gateway Pluto[29131]: "vpntest" #28:
> sent QI2, IPsec SA
> established
> Jul 3 23:30:24 gateway Pluto[29131]: "vpntest" #27:
> cannot respond to
> IPsec SA request because no connection is known for
>
192.168.3.0/24===202.200.43.85...67.104.22.120===192.168.1.0/24
> Jul 3 23:30:28 gateway Pluto[29131]: "vpntest" #27:
> Quick Mode I1
> message is unacceptable because it uses a previously
> used Message ID
> 0x2ac30dd5 (perhaps this is a duplicated packet)
> Jul 3 23:30:40 gateway Pluto[29131]: "vpntest" #27:
> Quick Mode I1
> message is unacceptable because it uses a previously
> used Message ID
> 0xf216dae4 (perhaps this is a duplicated packet)
> Jul 3 23:30:44 gateway Pluto[29131]: "vpntest" #27:
> ignoring Delete SA
> payload
> Jul 3 23:30:44 gateway Pluto[29131]: "vpntest" #27:
> received and
> ignored informational message
> Jul 3 23:30:54 gateway Pluto[29131]: "vpntest" #29:
> responding to Main
> Mode
> Jul 3 23:30:54 gateway Pluto[29131]: "vpntest" #29:
> OAKLEY_DES_CBC is
> not supported. Attribute
OAKLEY_ENCRYPTION_ALGORITHM
> Jul 3 23:30:54 gateway Pluto[29131]: "vpntest" #29:
> OAKLEY_DES_CBC is
> not supported. Attribute
OAKLEY_ENCRYPTION_ALGORITHM
> Jul 3 23:30:56 gateway Pluto[29131]: "vpntest" #29:
> ignoring Vendor ID
> payload
> Jul 3 23:30:56 gateway last message repeated 2
times
> Jul 3 23:30:57 gateway Pluto[29131]: "vpntest" #29:
> Peer ID is
> ID_IPV4_ADDR: '67.104.22.120'
> Jul 3 23:30:57 gateway Pluto[29131]: "vpntest" #29:
> sent MR3, ISAKMP
> SA established
> Jul 3 23:30:58 gateway Pluto[29131]: "vpntest" #29:
> cannot respond to
> IPsec SA request because no connection is known for
>
192.168.3.0/24===202.200.43.85...67.104.22.120===192.168.1.0/24
> Jul 3 23:31:12 gateway Pluto[29131]: "vpntest" #29:
> Quick Mode I1
> message is unacceptable because it uses a previously
> used Message ID
> 0xe208582d (perhaps this is a duplicated packet)
> Jul 3 23:31:57 gateway last message repeated 3
times
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #29:
> Quick Mode I1
> message is unacceptable because it uses a previously
> used Message ID
> 0xe208582d (perhaps this is a duplicated packet)
> Jul 3 23:32:12 gateway Pluto[29131]: shutting down
> Jul 3 23:32:12 gateway Pluto[29131]: forgetting
> secrets
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest":
> deleting connection
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #3:
> deleting state
> (STATE_QUICK_I2)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #2:
> deleting state
> (STATE_QUICK_I2)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #28:
> deleting state
> (STATE_QUICK_I2)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #20:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #24:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #18:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #9:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #4:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #29:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #23:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #21:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #11:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #1:
> deleting state
> (STATE_MAIN_I4)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #15:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #5:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #6:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #25:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #14:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #19:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #7:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #16:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #27:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #22:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #8:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #12:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #13:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #10:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: "vpntest" #17:
> deleting state
> (STATE_MAIN_R3)
> Jul 3 23:32:12 gateway Pluto[29131]: shutting down
> interface
> ipsec0/eth0 202.200.43.85
> Jul 3 23:32:14 gateway ipsec__plutorun: Starting
> Pluto subsystem...
> Jul 3 23:32:14 gateway Pluto[29521]: Starting Pluto
> (FreeS/WAN Version
> 1.97)
> Jul 3 23:32:14 gateway Pluto[29521]: including
> X.509 patch (Version
> 0.9.12)
> Jul 3 23:32:14 gateway Pluto[29521]: Changing to
> directory
> '/etc/ipsec.d/cacerts'
> Jul 3 23:32:14 gateway Pluto[29521]: Warning:
empty
> directory
> Jul 3 23:32:14 gateway Pluto[29521]: Changing to
> directory
> '/etc/ipsec.d/crls'
> Jul 3 23:32:14 gateway Pluto[29521]: Warning:
empty
> directory
> Jul 3 23:32:14 gateway Pluto[29521]: could not
open
> my default X.509
> cert file '/etc/x509cert.der'
> Jul 3 23:32:14 gateway Pluto[29521]: OpenPGP
> certificate file
> '/etc/pgpcert.pgp' not found
> Jul 3 23:32:15 gateway Pluto[29521]: added
connection
> description
> "vpntest"
> Jul 3 23:32:15 gateway Pluto[29521]: listening for
> IKE messages
> Jul 3 23:32:15 gateway Pluto[29521]: adding
interface
> ipsec0/eth0
> 202.200.43.85
> Jul 3 23:32:15 gateway Pluto[29521]: loading
secrets
> from
> "/etc/ipsec.secrets"
> Jul 3 23:32:15 gateway Pluto[29521]: "vpntest" #1:
> initiating Main
> Mode
> Jul 3 23:32:17 gateway Pluto[29521]: "vpntest" #1:
> ignoring Vendor ID
> payload
> Jul 3 23:32:17 gateway last message repeated 2
times
> Jul 3 23:32:18 gateway Pluto[29521]: "vpntest" #1:
> Peer ID is
> ID_IPV4_ADDR: '67.104.22.120'
> Jul 3 23:32:18 gateway Pluto[29521]: "vpntest" #1:
> ISAKMP SA
> established
> Jul 3 23:32:18 gateway Pluto[29521]: "vpntest" #2:
> initiating Quick
> Mode PSK+ENCRYPT+TUNNEL+PFS+DISABLEARRIVALCHECK
> Jul 3 23:32:18 gateway Pluto[29521]: "vpntest" #3:
> initiating Quick
> Mode PSK+ENCRYPT+TUNNEL+PFS+DISABLEARRIVALCHECK
> Jul 3 23:32:19 gateway Pluto[29521]: "vpntest" #3:
> ignoring
> informational payload, type IPSEC_RESPONDER_LIFETIME
> Jul 3 23:32:19 gateway Pluto[29521]: "vpntest" #3:
> sent QI2, IPsec SA
> established
> Jul 3 23:32:19 gateway Pluto[29521]: "vpntest" #2:
> ignoring
> informational payload, type IPSEC_RESPONDER_LIFETIME
> Jul 3 23:32:19 gateway Pluto[29521]: "vpntest" #2:
> sent QI2, IPsec SA
> established
> Jul 3 23:32:20 gateway Pluto[29521]: "vpntest" #1:
> ignoring
> informational payload, type INVALID_SPI
> Jul 3 23:32:20 gateway Pluto[29521]: "vpntest" #1:
> received and
> ignored informational message
> Jul 3 23:32:24 gateway Pluto[29521]: packet from
> 67.104.22.120:500:
> Quick Mode message is for a non-existent (expired?)
> ISAKMP SA
> Jul 3 23:32:25 gateway Pluto[29521]: packet from
> 67.104.22.120:500:
> Informational Exchange is for an unknown (expired?)
SA
> Jul 3 23:32:54 gateway Pluto[29521]: "vpntest" #1:
> cannot respond to
> IPsec SA request because no connection is known for
>
192.168.3.0/24===202.200.43.85...67.104.22.120===192.168.1.0/24
> Jul 3 23:32:55 gateway Pluto[29521]: "vpntest" #1:
> ignoring Delete SA
> payload
> Jul 3 23:32:55 gateway Pluto[29521]: "vpntest" #1:
> received and
> ignored informational message
> Jul 3 23:33:10 gateway Pluto[29521]: "vpntest" #1:
> Quick Mode I1
> message is unacceptable because it uses a previously
> used Message ID
> 0x23475a5c (perhaps this is a duplicated packet)
> Jul 3 23:33:54 gateway last message repeated 3 times

__________________________________________________
Do You Yahoo!?
Sign up for SBC Yahoo! Dial - First Month Free
http://sbc.yahoo.com
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:18 CEST