- Cisco Community
- Technology and Support
- Small Business Support Community
- Routers - Small Business
- Rv110w IPSec Site to Site
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-11-2013 03:59 PM
I am trying to get a site to site VPN running in between two RV110W routers, obviously at different places with different public IPs and different internal IP addressed networks.
For some reason, the IPsec SA gets 'established', but no traffic will travel between the two.
I use the "Basic VPN setup" on both routers, and type in their respective info below.
Public IP's have been changed to x.x.x.x.
Router A:
Connection : -name-
Key : -PSK-
IP / FQDN :-Public IP address of remote site-
Local WAN : -local WAN-
Remote LAN : 10.151.238.0
Remote mask: 255.255.255.0
Local LAN : 10.151.237.0
Local mask : 255.255.255.0
Router B:
Connection : -name-
Key : -PSK-
IP / FQDN :-Public IP address of remote site-
Local WAN : -local WAN-
Remote LAN : 10.151.237.0
Remote mask: 255.255.255.0
Local LAN : 10.151.238.0
Local mask : 255.255.255.0
I am very confused.
Site A:
Public IP
10.151.237.0/24 network
Cisco RV110W VPN Firewall
2013-07-11 16:16:12 RV110W authpriv.debug pluto[30287]: packet from x.x.x.x:500: received Vendor ID payload [Openswan (this version) 2.6.21 ]
2013-07-11 16:16:12 RV110W authpriv.debug pluto[30287]: packet from x.x.x.x:500: received Vendor ID payload [Dead Peer Detection]
2013-07-11 16:16:12 RV110W authpriv.debug pluto[30287]: \"cisco\" #4: responding to Main Mode
2013-07-11 16:16:12 RV110W authpriv.debug pluto[30287]: \"cisco\" #4: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
2013-07-11 16:16:12 RV110W authpriv.debug pluto[30287]: \"cisco\" #4: STATE_MAIN_R1: sent MR1, expecting MI2
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #4: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #4: STATE_MAIN_R2: sent MR2, expecting MI3
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: packet from x.x.x.x:500: received Vendor ID payload [Openswan (this version) 2.6.21 ]
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: packet from x.x.x.x:500: received Vendor ID payload [Dead Peer Detection]
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #5: responding to Main Mode
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #5: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #5: STATE_MAIN_R1: sent MR1, expecting MI2
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #5: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #5: STATE_MAIN_R2: sent MR2, expecting MI3
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #5: Main mode peer ID is ID_IPV4_ADDR: \'x.x.x.x\'
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #5: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #5: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1024}
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #5: Dead Peer Detection (RFC 3706): enabled
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #5: the peer proposed: 10.151.237.0/24:0/0 -> 10.151.238.0/24:0/0
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #6: responding to Quick Mode proposal {msgid:6ecb39e8}
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #6: us: 10.151.237.0/24===x.x.x.x
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #6: them: x.x.x.x===10.151.238.0/24
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #6: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: \"cisco\" #6: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: | pluto: pfkey fd is 19
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: | pluto: pfkey fd is 19
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: | pluto: pfkey fd is 19
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[30287]: | pluto: pfkey fd is 19
2013-07-11 16:16:14 RV110W authpriv.debug pluto[30287]: \"cisco\" #6: Dead Peer Detection (RFC 3706): enabled
2013-07-11 16:16:14 RV110W authpriv.debug pluto[30287]: \"cisco\" #6: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
2013-07-11 16:16:14 RV110W authpriv.debug pluto[30287]: \"cisco\" #6: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x2fadc90d <0xa6393cfc xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
2013-07-11 16:16:14 RV110W authpriv.debug pluto[30287]: | *received pfkey message
2013-07-11 16:16:14 RV110W authpriv.debug pluto[30287]: | pluto: pfkey fd is 19
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #3: received Vendor ID payload [Openswan (this version) 2.6.21 ]
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #3: received Vendor ID payload [Dead Peer Detection]
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #3: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #3: STATE_MAIN_I2: sent MI2, expecting MR2
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #3: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #3: STATE_MAIN_I3: sent MI3, expecting MR3
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #3: Main mode peer ID is ID_IPV4_ADDR: \'96.2.164.121\'
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #3: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #3: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1024}
2013-07-11 16:16:17 RV110W authpriv.info pluto[30287]: \"cisco\" #3: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1024}
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #3: Dead Peer Detection (RFC 3706): enabled
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #7: initiating Quick Mode PSK+ENCRYPT+TUNNEL+UP {using isakmp#3 msgid:0779895d proposal=AES(12)_128-SHA1(2)_1024 pfsgroup=no-pfs}
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #7: Dead Peer Detection (RFC 3706): enabled
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #7: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: \"cisco\" #7: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x8d260557 <0xad4da835 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
2013-07-11 16:16:17 RV110W authpriv.info pluto[30287]: \"cisco\" #7: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x8d260557 <0xad4da835 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: | *received pfkey message
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: | pluto: pfkey fd is 19
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: | *received pfkey message
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: | pluto: pfkey fd is 19
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: | *received pfkey message
2013-07-11 16:16:17 RV110W authpriv.debug pluto[30287]: | pluto: pfkey fd is 19
2013-07-11 16:16:53 RV110W kern.debug wl0.0: IEEE 802.11 Assoc request from e0:c9:7a:7a:3d:2b BSSID b8:62:1f:51:ad:a9
2013-07-11 16:16:54 RV110W kern.info wl0.0: IEEE 802.11 STA e0:c9:7a:7a:3d:2b associated with BSSID b8:62:1f:51:ad:a9
2013-07-11 16:16:54 RV110W daemon.info udhcpd[2541]: received REQUEST from E0:C9:7A:7A:3D:2B
2013-07-11 16:16:54 RV110W daemon.info udhcpd[2541]: sending ACK to 10.151.237.5
2013-07-11 16:17:23 RV110W authpriv.debug pluto[30287]: \"cisco\" #4: max number of retransmissions (2) reached STATE_MAIN_R2
2013-07-11 16:17:43 RV110W daemon.info udhcpd[2541]: received INFORM from 38:60:77:13:C0:48
Site B:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Public IP
10.151.238.0/24 network
Cisco RV110W VPN Firewall
2013-07-11 16:13:11 RV110W daemon.info httpd[22952]: Administrator logined from 10.151.238.201
2013-07-11 16:16:11 RV110W user.debug syslog: | pfkey open, create socket 19
2013-07-11 16:16:11 RV110W user.debug syslog: | recv pfkey register reply
2013-07-11 16:16:11 RV110W user.debug syslog: | recv pfkey register reply
2013-07-11 16:16:11 RV110W user.debug syslog: | recv pfkey register reply
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: WARNING: 1DES is enabled
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: Setting NAT-Traversal port-4500 floating to off
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: port floating activation criteria nat_t=0/port_float=1
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: including NAT-Traversal patch (Version 0.6c) [disabled]
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: using /dev/urandom as source of random entropy
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: starting up 1 cryptographic helpers
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6789]: using /dev/urandom as source of random entropy
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: started helper pid=6789 (fd:5)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: Using Linux 2.6 IPsec interface code on 2.6.22 (experimental code)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating <NULL>: Ok (ret=0)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_add(): ERROR: Algorithm already exists
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_add(): ERROR: Algorithm already exists
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_add(): ERROR: Algorithm already exists
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_add(): ERROR: Algorithm already exists
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_add(): ERROR: Algorithm already exists
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: Changed path to directory \'/etc/ipsec.d/cacerts\'
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: Changed path to directory \'/etc/ipsec.d/aacerts\'
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: Changed path to directory \'/etc/ipsec.d/ocspcerts\'
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: Changing to directory \'/etc/ipsec.d/crls\'
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: Warning: empty directory
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: listening for IKE messages
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: adding interface ppp0/ppp0 10.151.238.200:500
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: adding interface br0/br0 10.151.238.1:500
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: adding interface eth1:0/eth1:0 127.0.0.3:500
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: adding interface vlan2/vlan2 x.x.x.x:500
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: adding interface lo/lo 127.0.0.1:500
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: loading secrets from \"/tmp/ipsec_secrets/_qv.secret\"
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | pfkey 18 failed: No such file or directory
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: added connection description \"cisco\"
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: \"cisco\" #1: initiating Main Mode
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: \"cisco\" #1: received Vendor ID payload [Openswan (this version) 2.6.21 ]
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: \"cisco\" #1: received Vendor ID payload [Dead Peer Detection]
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: forgetting secrets
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: loading secrets from \"/tmp/ipsec_secrets/_qv.secret\"
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: \"cisco\" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: \"cisco\" #1: STATE_MAIN_I2: sent MI2, expecting MR2
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\": terminating SAs using this connection
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #1: deleting state (STATE_MAIN_I2)
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\": deleting connection
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: packet from x.x.x.x:500: phase 1 message is part of an unknown exchange
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: added connection description \"cisco\"
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: initiating Main Mode
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: received Vendor ID payload [Openswan (this version) 2.6.21 ]
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: received Vendor ID payload [Dead Peer Detection]
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: STATE_MAIN_I2: sent MI2, expecting MR2
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: STATE_MAIN_I3: sent MI3, expecting MR3
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: Main mode peer ID is ID_IPV4_ADDR: \'96.2.165.2\'
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1024}
2013-07-11 16:16:13 RV110W authpriv.info pluto[6788]: \"cisco\" #2: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1024}
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: Dead Peer Detection (RFC 3706): enabled
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #3: initiating Quick Mode PSK+ENCRYPT+TUNNEL+UP {using isakmp#2 msgid:6ecb39e8 proposal=AES(12)_128-SHA1(2)_1024 pfsgroup=no-pfs}
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #3: Dead Peer Detection (RFC 3706): enabled
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #3: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #3: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xa6393cfc <0x2fadc90d xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
2013-07-11 16:16:13 RV110W authpriv.info pluto[6788]: \"cisco\" #3: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xa6393cfc <0x2fadc90d xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: packet from x.x.x.x:500: received Vendor ID payload [Openswan (this version) 2.6.21 ]
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: packet from x.x.x.x:500: received Vendor ID payload [Dead Peer Detection]
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: responding to Main Mode
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: STATE_MAIN_R1: sent MR1, expecting MI2
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: STATE_MAIN_R2: sent MR2, expecting MI3
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: Main mode peer ID is ID_IPV4_ADDR: \'96.2.165.2\'
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1024}
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: Dead Peer Detection (RFC 3706): enabled
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: the peer proposed: 10.151.238.0/24:0/0 -> 10.151.237.0/24:0/0
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: responding to Quick Mode proposal {msgid:0779895d}
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: us: 10.151.238.0/24===x.x.x.x
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: them: x.x.x.x===10.151.237.0/24
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: keeping refhim=4294901761 during rekey
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: Dead Peer Detection (RFC 3706): enabled
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0xad4da835 <0x8d260557 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:23 RV110W authpriv.debug pluto[6788]: packet from x.x.x.x:500: phase 1 message is part of an unknown exchange
2013-07-11 16:16:43 RV110W authpriv.debug pluto[6788]: packet from x.x.x.x:500: phase 1 message is part of an unknown exchange
2013-07-11 16:18:49 RV110W kern.debug wl0.0: IEEE 802.11 Assoc request from cc:af:78:60:9e:9a BSSID b8:62:1f:51:b1:72
2013-07-11 16:18:49 RV110W kern.info wl0.0: IEEE 802.11 STA cc:af:78:60:9e:9a associated with BSSID b8:62:1f:51:b1:72
2013-07-11 16:18:49 RV110W daemon.info udhcpd[789]: received REQUEST from CC:AF:78:60:9E:9A
2013-07-11 16:18:49 RV110W daemon.info udhcpd[789]: sending ACK to 10.151.238.105
2013-07-11 16:18:52 RV110W daemon.info udhcpd[789]: received INFORM from CC:AF:78:60:9E:9A
2013-07-11 16:20:15 RV110W daemon.info udhcpd[789]: received INFORM from CC:AF:78:60:9E:9A
2013-07-11 16:23:03 RV110W daemon.info udhcpd[789]: received REQUEST from 00:01:80:5C:98:B9
2013-07-11 16:23:03 RV110W daemon.info udhcpd[789]: sending ACK to 10.151.238.101
2013-07-11 16:13:11 RV110W daemon.info httpd[22952]: Administrator logined from 10.151.238.201
2013-07-11 16:16:11 RV110W user.debug syslog: | pfkey open, create socket 19
2013-07-11 16:16:11 RV110W user.debug syslog: | recv pfkey register reply
2013-07-11 16:16:11 RV110W user.debug syslog: | recv pfkey register reply
2013-07-11 16:16:11 RV110W user.debug syslog: | recv pfkey register reply
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: WARNING: 1DES is enabled
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: Setting NAT-Traversal port-4500 floating to off
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: port floating activation criteria nat_t=0/port_float=1
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: including NAT-Traversal patch (Version 0.6c) [disabled]
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: using /dev/urandom as source of random entropy
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok (ret=0)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: starting up 1 cryptographic helpers
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6789]: using /dev/urandom as source of random entropy
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: started helper pid=6789 (fd:5)
2013-07-11 16:16:11 RV110W authpriv.debug pluto[6788]: Using Linux 2.6 IPsec interface code on 2.6.22 (experimental code)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating <NULL>: Ok (ret=0)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_add(): ERROR: Algorithm already exists
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_add(): ERROR: Algorithm already exists
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_add(): ERROR: Algorithm already exists
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_add(): ERROR: Algorithm already exists
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_add(): ERROR: Algorithm already exists
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: Changed path to directory \'/etc/ipsec.d/cacerts\'
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: Changed path to directory \'/etc/ipsec.d/aacerts\'
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: Changed path to directory \'/etc/ipsec.d/ocspcerts\'
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: Changing to directory \'/etc/ipsec.d/crls\'
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: Warning: empty directory
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: listening for IKE messages
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: adding interface ppp0/ppp0 10.151.238.200:500
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: adding interface br0/br0 10.151.238.1:500
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: adding interface eth1:0/eth1:0 127.0.0.3:500
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: adding interface vlan2/vlan2 x.x.x.x:500
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: adding interface lo/lo 127.0.0.1:500
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: loading secrets from \"/tmp/ipsec_secrets/_qv.secret\"
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | pfkey 18 failed: No such file or directory
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: added connection description \"cisco\"
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: \"cisco\" #1: initiating Main Mode
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: \"cisco\" #1: received Vendor ID payload [Openswan (this version) 2.6.21 ]
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: \"cisco\" #1: received Vendor ID payload [Dead Peer Detection]
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: forgetting secrets
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: loading secrets from \"/tmp/ipsec_secrets/_qv.secret\"
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: \"cisco\" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
2013-07-11 16:16:12 RV110W authpriv.debug pluto[6788]: \"cisco\" #1: STATE_MAIN_I2: sent MI2, expecting MR2
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\": terminating SAs using this connection
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #1: deleting state (STATE_MAIN_I2)
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\": deleting connection
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: packet from x.x.x.x:500: phase 1 message is part of an unknown exchange
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: added connection description \"cisco\"
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: initiating Main Mode
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: received Vendor ID payload [Openswan (this version) 2.6.21 ]
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: received Vendor ID payload [Dead Peer Detection]
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: STATE_MAIN_I2: sent MI2, expecting MR2
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: STATE_MAIN_I3: sent MI3, expecting MR3
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: Main mode peer ID is ID_IPV4_ADDR: \'96.2.165.2\'
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1024}
2013-07-11 16:16:13 RV110W authpriv.info pluto[6788]: \"cisco\" #2: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1024}
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #2: Dead Peer Detection (RFC 3706): enabled
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #3: initiating Quick Mode PSK+ENCRYPT+TUNNEL+UP {using isakmp#2 msgid:6ecb39e8 proposal=AES(12)_128-SHA1(2)_1024 pfsgroup=no-pfs}
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #3: Dead Peer Detection (RFC 3706): enabled
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #3: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: \"cisco\" #3: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xa6393cfc <0x2fadc90d xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
2013-07-11 16:16:13 RV110W authpriv.info pluto[6788]: \"cisco\" #3: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xa6393cfc <0x2fadc90d xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:13 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: packet from x.x.x.x:500: received Vendor ID payload [Openswan (this version) 2.6.21 ]
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: packet from x.x.x.x:500: received Vendor ID payload [Dead Peer Detection]
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: responding to Main Mode
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: STATE_MAIN_R1: sent MR1, expecting MI2
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: STATE_MAIN_R2: sent MR2, expecting MI3
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: Main mode peer ID is ID_IPV4_ADDR: '\x.x.x.x\'
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1024}
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: Dead Peer Detection (RFC 3706): enabled
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #4: the peer proposed: 10.151.238.0/24:0/0 -> 10.151.237.0/24:0/0
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: responding to Quick Mode proposal {msgid:0779895d}
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: us: 10.151.238.0/24===x.x.x.x
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: them: x.x.x.x===10.151.237.0/24
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: keeping refhim=4294901761 during rekey
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: Dead Peer Detection (RFC 3706): enabled
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: \"cisco\" #5: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0xad4da835 <0x8d260557 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: | *received pfkey message
2013-07-11 16:16:17 RV110W authpriv.debug pluto[6788]: | pluto: pfkey fd is 19
2013-07-11 16:16:23 RV110W authpriv.debug pluto[6788]: packet from x.x.x.x:500: phase 1 message is part of an unknown exchange
2013-07-11 16:16:43 RV110W authpriv.debug pluto[6788]: packet from x.x.x.x:500: phase 1 message is part of an unknown exchange
2013-07-11 16:18:49 RV110W kern.debug wl0.0: IEEE 802.11 Assoc request from cc:af:78:60:9e:9a BSSID b8:62:1f:51:b1:72
2013-07-11 16:18:49 RV110W kern.info wl0.0: IEEE 802.11 STA cc:af:78:60:9e:9a associated with BSSID b8:62:1f:51:b1:72
2013-07-11 16:18:49 RV110W daemon.info udhcpd[789]: received REQUEST from CC:AF:78:60:9E:9A
2013-07-11 16:18:49 RV110W daemon.info udhcpd[789]: sending ACK to 10.151.238.105
2013-07-11 16:18:52 RV110W daemon.info udhcpd[789]: received INFORM from CC:AF:78:60:9E:9A
2013-07-11 16:20:15 RV110W daemon.info udhcpd[789]: received INFORM from CC:AF:78:60:9E:9A
2013-07-11 16:23:03 RV110W daemon.info udhcpd[789]: received REQUEST from 00:01:80:5C:98:B9
2013-07-11 16:23:03 RV110W daemon.info udhcpd[789]: sending ACK to 10.151.238.101
Please help if you can.
Solved! Go to Solution.
- Labels:
-
Small Business Routers
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-11-2013 07:38 PM
Aaron,
When the tunnel is up, can you ping the LAN IP of the remote router? What type of traffic are you trying to send? From what device to what device?
If you are trying to reach a PC through the tunnel, make sure that there is no software firewall blocking traffic from a different LAN. Many times PCs will respond to connections on the same network but not from a different subnet.
Please give us some more information about what devices are involved and what they are trying to do.
- Marty
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-11-2013 07:38 PM
Aaron,
When the tunnel is up, can you ping the LAN IP of the remote router? What type of traffic are you trying to send? From what device to what device?
If you are trying to reach a PC through the tunnel, make sure that there is no software firewall blocking traffic from a different LAN. Many times PCs will respond to connections on the same network but not from a different subnet.
Please give us some more information about what devices are involved and what they are trying to do.
- Marty
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-11-2013 10:27 PM
mpyhala,
I cannot ping the LAN IP of the remote router from Site A to Site B. I would like for PC's at Site B (10.151.238.0/24) to access an SSH server on Site A (10.151.237.0/24), but really, I just would like to verify that traffic is/can be moving through, so would the ping to the router mentioned before be the best indicator that the tunnel is working?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2013 11:11 AM
Aaron,
Pinging the LAN IP of the remote router is the first test I perform when testing a new tunnel. The next step is to ping something on the remote LAN that doesn't have a firewall, such as a printer, print server, IP camera, multifunction machine, etc. After I have confirmed that traffic is in fact passing then I test connections to servers, PCs, etc. Do you have a "dumb" device on the remote LAN that you can ping?
If you continue to have issues I recommend that you call support for more intense troubleshooting.
www.cisco.com/go/sbsc
Please keep us updated, when you find the solution I am sure it will help someone else.
- Marty
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2013 07:27 PM
mpyhala,
I did get it working with the help of Cisco, after factory resetting the routers and reestablishing the layout mentioned above.
You were dead right about PC firewalls blocking the VPN traffic -- thanks Marty.
Aaron
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide