Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 28 subscribers
  • Views 2347 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L2TP not working

henning1518

Hi there,

I am unfortunately unable to connect a device (Windows 10, Android) to the Sophos XG via L2TP. The WAN is realized with a FritzBox (Exposed host Sohphos XG). SSL VPN works fine.

My configuration:

 

 

 

 

Logs:

 

Can anybody help ?

 

Thanks a lot :)



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Vishal_R

    Hi  

    thanks for your answer. That was new for me. Here is the output from IPSec Log.

     

    [H[JSophos Firmware Version SFOS 17.5.12 MR-12.HF052220.1

    console> show vpn IPSec-logs
    2020-06-08 18:08:18 18[APP] [COP-UPDOWN][SHELL] (run_shell) '/bin/service fwm:vpn_gateway_chains -t json -s nosync -b '{"local_server":"192.168.1.253","remote_server":"91.96.177.81","action":"disable","family":"0","conntype":"hth","compress":"0"}'': success 0
    2020-06-08 18:08:18 18[APP] [COP-UPDOWN] (do_cop_updown_invoke_once) ---- exec subnet updown -- down --
    2020-06-08 18:08:18 18[APP] [COP-UPDOWN] (do_cop_updown_invoke_once) [IPSEC0] using ipsec dummy interface 'ipsec0'
    2020-06-08 18:08:18 18[APP] [COP-UPDOWN][NET] (get_src_ip) source address for 192.168.1.253 is IP: 192.168.1.253
    2020-06-08 18:08:18 18[APP]
    2020-06-08 18:08:18 18[APP] [COP-UPDOWN][SHELL] (run_shell) 'ip route del 91.96.177.81/32 dev ipsec0 src 192.168.1.253 table 220': success 0
    2020-06-08 18:08:18 18[APP] [COP-UPDOWN] (add_routes) no routes to del for Test on interface ipsec0
    2020-06-08 18:08:18 18[APP] [COP-UPDOWN][SHELL] (run_shell) 'ip route flush cache': success 0
    2020-06-08 18:08:18 18[APP] [COP-UPDOWN][SHELL] (run_shell) 'ip route flush cache': success 0
    2020-06-08 18:08:19 18[APP] [COP-UPDOWN][SHELL] (run_shell) '/bin/service fwm:vpn_connection_chains -t json -s nosync -b '{"me":"192.168.1.253","peer":"91.96.177.81","mynet":"192.168.1.253/32","peernet":"91.96.177.81/32","connop":"0","iface":"unknown","myproto":"17","myport":"1701","peerproto":"17","peerport":"1701","conntype":"hth","actnet":"","compress":"0","conn_id":"1"}'': error returned 255
    2020-06-08 18:22:55 21[NET] <22> received packet: from 91.96.177.81[500] to 192.168.1.253[500] (408 bytes)
    2020-06-08 18:22:55 21[ENC] <22> parsed ID_PROT request 0 [ SA V V V V V V V V ]
    2020-06-08 18:22:55 21[ENC] <22> received unknown vendor ID: 01:52:8b:bb:c0:06:96:12:18:49:ab:9a:1c:5b:2a:51:00:00:00:01
    2020-06-08 18:22:55 21[IKE] <22> received MS NT5 ISAKMPOAKLEY vendor ID
    2020-06-08 18:22:55 21[IKE] <22> received NAT-T (RFC 3947) vendor ID
    2020-06-08 18:22:55 21[IKE] <22> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
    2020-06-08 18:22:55 21[IKE] <22> received FRAGMENTATION vendor ID
    2020-06-08 18:22:55 21[ENC] <22> received unknown vendor ID: fb:1d:e3:cd:f3:41:b7:ea:16:b7:e5:be:08:55:f1:20
    2020-06-08 18:22:55 21[ENC] <22> received unknown vendor ID: 26:24:4d:38:ed:db:61:b3:17:2a:36:e3:d0:cf:b8:19
    2020-06-08 18:22:55 21[ENC] <22> received unknown vendor ID: e3:a5:96:6a:76:37:9f:e7:07:22:82:31:e5:ce:86:52
    2020-06-08 18:22:55 21[IKE] <22> 91.96.177.81 is initiating a Main Mode IKE_SA
    2020-06-08 18:22:55 21[ENC] <22> generating ID_PROT response 0 [ SA V V V V V ]
    2020-06-08 18:22:55 21[NET] <22> sending packet: from 192.168.1.253[500] to 91.96.177.81[500] (176 bytes)
    2020-06-08 18:22:55 11[NET] <22> received packet: from 91.96.177.81[500] to 192.168.1.253[500] (388 bytes)
    2020-06-08 18:22:55 11[ENC] <22> parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
    2020-06-08 18:22:56 11[IKE] <22> local host is behind NAT, sending keep alives
    2020-06-08 18:22:56 11[IKE] <22> remote host is behind NAT
    2020-06-08 18:22:56 11[ENC] <22> generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
    2020-06-08 18:22:56 11[NET] <22> sending packet: from 192.168.1.253[500] to 91.96.177.81[500] (372 bytes)
    2020-06-08 18:22:56 28[NET] <22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (68 bytes)
    2020-06-08 18:22:56 28[ENC] <22> parsed ID_PROT request 0 [ ID HASH ]
    2020-06-08 18:22:56 28[CFG] <22> looking for pre-shared key peer configs matching 192.168.1.253...91.96.177.81[192.168.2.104]
    2020-06-08 18:22:56 28[CFG] <22> selected peer config "Test-1"
    2020-06-08 18:22:56 28[IKE] <Test-1|22> IKE_SA Test-1[22] established between 192.168.1.253[192.168.1.253]...91.96.177.81[192.168.2.104]
    2020-06-08 18:22:56 28[IKE] <Test-1|22> DPD not supported by peer, disabled
    2020-06-08 18:22:56 28[ENC] <Test-1|22> generating ID_PROT response 0 [ ID HASH ]
    2020-06-08 18:22:56 28[NET] <Test-1|22> sending packet: from 192.168.1.253[4500] to 91.96.177.81[4500] (68 bytes)
    2020-06-08 18:22:56 27[NET] <Test-1|22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (436 bytes)
    2020-06-08 18:22:56 27[ENC] <Test-1|22> parsed QUICK_MODE request 1 [ HASH SA No ID ID NAT-OA NAT-OA ]
    2020-06-08 18:22:56 27[IKE] <Test-1|22> ### process_request invoking quick_mode_create
    2020-06-08 18:22:56 27[IKE] <Test-1|22> ### quick_mode_create: 0x66f02650 config (nil)
    2020-06-08 18:22:56 27[IKE] <Test-1|22> ### process_r: 0x66f02650 QM_INIT
    2020-06-08 18:22:56 27[IKE] <Test-1|22> expected IPComp proposal but peer did not send one, IPComp disabled
    2020-06-08 18:22:56 27[IKE] <Test-1|22> received 3600s lifetime, configured 0s
    2020-06-08 18:22:56 27[IKE] <Test-1|22> received 250000000 lifebytes, configured 0
    2020-06-08 18:22:56 27[IKE] <Test-1|22> ### build_r: 0x66f02650 QM_INIT
    2020-06-08 18:22:56 27[ENC] <Test-1|22> generating QUICK_MODE response 1 [ HASH SA No ID ID NAT-OA NAT-OA ]
    2020-06-08 18:22:56 27[NET] <Test-1|22> sending packet: from 192.168.1.253[4500] to 91.96.177.81[4500] (204 bytes)
    2020-06-08 18:22:56 31[NET] <Test-1|22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (60 bytes)
    2020-06-08 18:22:56 31[ENC] <Test-1|22> parsed QUICK_MODE request 1 [ HASH ]
    2020-06-08 18:22:56 31[IKE] <Test-1|22> ### process_r: 0x66f02650 QM_NEGOTIATED
    2020-06-08 18:22:56 31[IKE] <Test-1|22> CHILD_SA Test-1{59} established with SPIs cf16b5db_i 5ec4619e_o and TS 192.168.1.253/32[udp/1701] === 91.96.177.81/32[udp/1701]
    2020-06-08 18:22:56 31[APP] <Test-1|22> [SSO] (sso_invoke_once) SSO is disabled.
    2020-06-08 18:22:56 31[APP] <Test-1|22> [COP-UPDOWN] (ref_counting) ref_count: 0 to 1 ++ up ++ (192.168.1.253/32#91.96.177.81/32)
    2020-06-08 18:22:56 31[APP] <Test-1|22> [COP-UPDOWN] (ref_counting_remote) ref_count_remote: 0 to 1 ++ up ++ (192.168.1.253#91.96.177.81)
    2020-06-08 18:22:56 31[APP] <Test-1|22> [COP-UPDOWN] (cop_updown_invoke_once) UID: 22 Net: Local 192.168.1.253 Remote 91.96.177.81 Connection: Test Fullname: Test-1
    2020-06-08 18:22:56 31[APP] <Test-1|22> [COP-UPDOWN] (cop_updown_invoke_once) Tunnel: User '' Peer-IP '' my-IP '' up-host
    2020-06-08 18:22:56 31[IKE] <Test-1|22> ### destroy: 0x66f02650
    2020-06-08 18:22:56 16[APP] [COP-UPDOWN][DB] (db_conn_info) hostname: 'Test' result --> id: '1', mode: 'hth', tunnel_type: '1', subnet_family:'0'
    2020-06-08 18:22:56 16[APP] [COP-UPDOWN] (do_cop_updown_invoke_once) ---- exec remote updown ++ up ++
    2020-06-08 18:22:56 32[NET] <Test-1|22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (436 bytes)
    2020-06-08 18:22:56 32[ENC] <Test-1|22> parsed QUICK_MODE request 2 [ HASH SA No ID ID NAT-OA NAT-OA ]
    2020-06-08 18:22:56 32[IKE] <Test-1|22> ### process_request invoking quick_mode_create
    2020-06-08 18:22:56 32[IKE] <Test-1|22> ### quick_mode_create: 0x66d00880 config (nil)
    2020-06-08 18:22:56 32[IKE] <Test-1|22> ### process_r: 0x66d00880 QM_INIT
    2020-06-08 18:22:56 32[IKE] <Test-1|22> expected IPComp proposal but peer did not send one, IPComp disabled
    2020-06-08 18:22:56 32[IKE] <Test-1|22> received 3600s lifetime, configured 0s
    2020-06-08 18:22:56 32[IKE] <Test-1|22> received 250000000 lifebytes, configured 0
    2020-06-08 18:22:56 32[IKE] <Test-1|22> detected rekeying of CHILD_SA Test-1{59}
    2020-06-08 18:22:56 32[IKE] <Test-1|22> ### build_r: 0x66d00880 QM_INIT
    2020-06-08 18:22:56 32[ENC] <Test-1|22> generating QUICK_MODE response 2 [ HASH SA No ID ID NAT-OA NAT-OA ]
    2020-06-08 18:22:56 32[NET] <Test-1|22> sending packet: from 192.168.1.253[4500] to 91.96.177.81[4500] (204 bytes)
    2020-06-08 18:22:56 06[NET] <Test-1|22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (60 bytes)
    2020-06-08 18:22:56 06[ENC] <Test-1|22> parsed QUICK_MODE request 2 [ HASH ]
    2020-06-08 18:22:56 06[IKE] <Test-1|22> ### process_r: 0x66d00880 QM_NEGOTIATED
    2020-06-08 18:22:56 06[IKE] <Test-1|22> CHILD_SA Test-1{60} established with SPIs cb5b100a_i fcfe6da8_o and TS 192.168.1.253/32[udp/1701] === 91.96.177.81/32[udp/1701]
    2020-06-08 18:22:56 06[IKE] <Test-1|22> ### destroy: 0x66d00880
    2020-06-08 18:22:56 06[NET] <Test-1|22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (76 bytes)
    2020-06-08 18:22:56 06[ENC] <Test-1|22> parsed INFORMATIONAL_V1 request 3288000596 [ HASH D ]
    2020-06-08 18:22:56 06[IKE] <Test-1|22> received DELETE for ESP CHILD_SA with SPI 5ec4619e
    2020-06-08 18:22:56 06[IKE] <Test-1|22> closing CHILD_SA Test-1{59} with SPIs cf16b5db_i (0 bytes) 5ec4619e_o (0 bytes) and TS 192.168.1.253/32[udp/1701] === 91.96.177.81/32[udp/1701]
    2020-06-08 18:22:56 16[APP] [COP-UPDOWN][SHELL] (run_shell) '/bin/service fwm:vpn_gateway_chains -t json -s nosync -b '{"local_server":"192.168.1.253","remote_server":"91.96.177.81","action":"enable","family":"0","conntype":"hth","compress":"0"}'': success 0
    2020-06-08 18:22:56 16[APP] [COP-UPDOWN] (do_cop_updown_invoke_once) ---- exec subnet updown ++ up ++
    2020-06-08 18:22:56 16[APP] [COP-UPDOWN] (do_cop_updown_invoke_once) [IPSEC0] using ipsec dummy interface 'ipsec0'
    2020-06-08 18:22:56 16[APP] [COP-UPDOWN][NET] (get_src_ip) source address for 192.168.1.253 is IP: 192.168.1.253
    2020-06-08 18:22:56 16[APP]
    2020-06-08 18:22:56 16[APP] [COP-UPDOWN][SHELL] (run_shell) 'ip route add 91.96.177.81/32 dev ipsec0 src 192.168.1.253 table 220': success 0
    2020-06-08 18:22:56 16[APP] [COP-UPDOWN] (add_routes) no routes to add for Test on interface ipsec0
    2020-06-08 18:22:56 16[APP] [COP-UPDOWN][SHELL] (run_shell) 'ip route flush cache': success 0
    2020-06-08 18:22:56 16[APP] [COP-UPDOWN][SHELL] (run_shell) 'ip route flush cache': success 0
    2020-06-08 18:22:57 16[APP] [COP-UPDOWN][SHELL] (run_shell) '/bin/service fwm:vpn_connection_chains -t json -s nosync -b '{"me":"192.168.1.253","peer":"91.96.177.81","mynet":"192.168.1.253/32","peernet":"91.96.177.81/32","connop":"1","iface":"Port2","myproto":"17","myport":"1701","peerproto":"17","peerport":"1701","conntype":"hth","actnet":"","compress":"0","conn_id":"1"}'': error returned 255
    2020-06-08 18:22:59 05[NET] <Test-1|22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (436 bytes)
    2020-06-08 18:22:59 05[ENC] <Test-1|22> parsed QUICK_MODE request 3 [ HASH SA No ID ID NAT-OA NAT-OA ]
    2020-06-08 18:22:59 05[IKE] <Test-1|22> ### process_request invoking quick_mode_create
    2020-06-08 18:22:59 05[IKE] <Test-1|22> ### quick_mode_create: 0x954ae80 config (nil)
    2020-06-08 18:22:59 05[IKE] <Test-1|22> ### process_r: 0x954ae80 QM_INIT
    2020-06-08 18:22:59 05[IKE] <Test-1|22> expected IPComp proposal but peer did not send one, IPComp disabled
    2020-06-08 18:22:59 05[IKE] <Test-1|22> received 3600s lifetime, configured 0s
    2020-06-08 18:22:59 05[IKE] <Test-1|22> received 250000000 lifebytes, configured 0
    2020-06-08 18:22:59 05[IKE] <Test-1|22> detected rekeying of CHILD_SA Test-1{60}
    2020-06-08 18:22:59 05[IKE] <Test-1|22> ### build_r: 0x954ae80 QM_INIT
    2020-06-08 18:22:59 05[ENC] <Test-1|22> generating QUICK_MODE response 3 [ HASH SA No ID ID NAT-OA NAT-OA ]
    2020-06-08 18:22:59 05[NET] <Test-1|22> sending packet: from 192.168.1.253[4500] to 91.96.177.81[4500] (204 bytes)
    2020-06-08 18:22:59 15[NET] <Test-1|22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (60 bytes)
    2020-06-08 18:22:59 15[ENC] <Test-1|22> parsed QUICK_MODE request 3 [ HASH ]
    2020-06-08 18:22:59 15[IKE] <Test-1|22> ### process_r: 0x954ae80 QM_NEGOTIATED
    2020-06-08 18:22:59 15[IKE] <Test-1|22> CHILD_SA Test-1{61} established with SPIs cc8b189b_i 1958fd32_o and TS 192.168.1.253/32[udp/1701] === 91.96.177.81/32[udp/1701]
    2020-06-08 18:22:59 15[IKE] <Test-1|22> ### destroy: 0x954ae80
    2020-06-08 18:22:59 09[NET] <Test-1|22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (76 bytes)
    2020-06-08 18:22:59 09[ENC] <Test-1|22> parsed INFORMATIONAL_V1 request 110988731 [ HASH D ]
    2020-06-08 18:22:59 09[IKE] <Test-1|22> received DELETE for ESP CHILD_SA with SPI fcfe6da8
    2020-06-08 18:22:59 09[IKE] <Test-1|22> closing CHILD_SA Test-1{60} with SPIs cb5b100a_i (0 bytes) fcfe6da8_o (0 bytes) and TS 192.168.1.253/32[udp/1701] === 91.96.177.81/32[udp/1701]
    2020-06-08 18:23:03 20[NET] <Test-1|22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (436 bytes)
    2020-06-08 18:23:03 20[ENC] <Test-1|22> parsed QUICK_MODE request 4 [ HASH SA No ID ID NAT-OA NAT-OA ]
    2020-06-08 18:23:03 20[IKE] <Test-1|22> ### process_request invoking quick_mode_create
    2020-06-08 18:23:03 20[IKE] <Test-1|22> ### quick_mode_create: 0x66b032e8 config (nil)
    2020-06-08 18:23:03 20[IKE] <Test-1|22> ### process_r: 0x66b032e8 QM_INIT
    2020-06-08 18:23:03 20[IKE] <Test-1|22> expected IPComp proposal but peer did not send one, IPComp disabled
    2020-06-08 18:23:03 20[IKE] <Test-1|22> received 3600s lifetime, configured 0s
    2020-06-08 18:23:03 20[IKE] <Test-1|22> received 250000000 lifebytes, configured 0
    2020-06-08 18:23:03 20[IKE] <Test-1|22> detected rekeying of CHILD_SA Test-1{61}
    2020-06-08 18:23:03 20[IKE] <Test-1|22> ### build_r: 0x66b032e8 QM_INIT
    2020-06-08 18:23:03 20[ENC] <Test-1|22> generating QUICK_MODE response 4 [ HASH SA No ID ID NAT-OA NAT-OA ]
    2020-06-08 18:23:03 20[NET] <Test-1|22> sending packet: from 192.168.1.253[4500] to 91.96.177.81[4500] (204 bytes)
    2020-06-08 18:23:03 11[NET] <Test-1|22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (60 bytes)
    2020-06-08 18:23:03 11[ENC] <Test-1|22> parsed QUICK_MODE request 4 [ HASH ]
    2020-06-08 18:23:03 11[IKE] <Test-1|22> ### process_r: 0x66b032e8 QM_NEGOTIATED
    2020-06-08 18:23:03 11[IKE] <Test-1|22> CHILD_SA Test-1{62} established with SPIs c2f76c6a_i 01014002_o and TS 192.168.1.253/32[udp/1701] === 91.96.177.81/32[udp/1701]
    2020-06-08 18:23:03 11[IKE] <Test-1|22> ### destroy: 0x66b032e8
    2020-06-08 18:23:03 28[NET] <Test-1|22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (76 bytes)
    2020-06-08 18:23:03 28[ENC] <Test-1|22> parsed INFORMATIONAL_V1 request 970489829 [ HASH D ]
    2020-06-08 18:23:03 28[IKE] <Test-1|22> received DELETE for ESP CHILD_SA with SPI 1958fd32
    2020-06-08 18:23:03 28[IKE] <Test-1|22> closing CHILD_SA Test-1{61} with SPIs cc8b189b_i (0 bytes) 1958fd32_o (0 bytes) and TS 192.168.1.253/32[udp/1701] === 91.96.177.81/32[udp/1701]
    2020-06-08 18:23:09 13[NET] <Test-1|22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (76 bytes)
    2020-06-08 18:23:09 13[ENC] <Test-1|22> parsed INFORMATIONAL_V1 request 3267383780 [ HASH D ]
    2020-06-08 18:23:09 13[IKE] <Test-1|22> received DELETE for ESP CHILD_SA with SPI 01014002
    2020-06-08 18:23:09 13[IKE] <Test-1|22> closing CHILD_SA Test-1{62} with SPIs c2f76c6a_i (0 bytes) 01014002_o (0 bytes) and TS 192.168.1.253/32[udp/1701] === 91.96.177.81/32[udp/1701]
    2020-06-08 18:23:09 13[APP] <Test-1|22> [SSO] (sso_invoke_once) SSO is disabled.
    2020-06-08 18:23:09 13[APP] <Test-1|22> [COP-UPDOWN] (ref_counting) ref_count: 1 to 0 -- down -- (192.168.1.253/32#91.96.177.81/32)
    2020-06-08 18:23:09 13[APP] <Test-1|22> [COP-UPDOWN] (ref_counting_remote) ref_count_remote: 1 to 0 -- down -- (192.168.1.253#91.96.177.81)
    2020-06-08 18:23:09 13[APP] <Test-1|22> [COP-UPDOWN] (cop_updown_invoke_once) UID: 22 Net: Local 192.168.1.253 Remote 91.96.177.81 Connection: Test Fullname: Test-1
    2020-06-08 18:23:09 13[APP] <Test-1|22> [COP-UPDOWN] (cop_updown_invoke_once) Tunnel: User '' Peer-IP '' my-IP '' down-host
    2020-06-08 18:23:09 17[APP] [COP-UPDOWN][DB] (db_conn_info) hostname: 'Test' result --> id: '1', mode: 'hth', tunnel_type: '1', subnet_family:'0'
    2020-06-08 18:23:09 17[APP] [COP-UPDOWN] (do_cop_updown_invoke_once) ---- exec remote updown -- down --
    2020-06-08 18:23:09 29[NET] <Test-1|22> received packet: from 91.96.177.81[4500] to 192.168.1.253[4500] (84 bytes)
    2020-06-08 18:23:09 29[ENC] <Test-1|22> parsed INFORMATIONAL_V1 request 137567304 [ HASH D ]
    2020-06-08 18:23:09 29[IKE] <Test-1|22> received DELETE for IKE_SA Test-1[22]
    2020-06-08 18:23:09 29[IKE] <Test-1|22> deleting IKE_SA Test-1[22] between 192.168.1.253[192.168.1.253]...91.96.177.81[192.168.2.104]
    2020-06-08 18:23:10 17[APP] [COP-UPDOWN][SHELL] (run_shell) '/bin/service fwm:vpn_gateway_chains -t json -s nosync -b '{"local_server":"192.168.1.253","remote_server":"91.96.177.81","action":"disable","family":"0","conntype":"hth","compress":"0"}'': success 0
    2020-06-08 18:23:10 17[APP] [COP-UPDOWN] (do_cop_updown_invoke_once) ---- exec subnet updown -- down --
    2020-06-08 18:23:10 17[APP] [COP-UPDOWN] (do_cop_updown_invoke_once) [IPSEC0] using ipsec dummy interface 'ipsec0'
    2020-06-08 18:23:10 17[APP] [COP-UPDOWN][NET] (get_src_ip) source address for 192.168.1.253 is IP: 192.168.1.253
    2020-06-08 18:23:10 17[APP]
    2020-06-08 18:23:10 17[APP] [COP-UPDOWN][SHELL] (run_shell) 'ip route del 91.96.177.81/32 dev ipsec0 src 192.168.1.253 table 220': success 0
    2020-06-08 18:23:10 17[APP] [COP-UPDOWN] (add_routes) no routes to del for Test on interface ipsec0
    2020-06-08 18:23:10 17[APP] [COP-UPDOWN][SHELL] (run_shell) 'ip route flush cache': success 0
    2020-06-08 18:23:10 17[APP] [COP-UPDOWN][SHELL] (run_shell) 'ip route flush cache': success 0
    2020-06-08 18:23:10 17[APP] [COP-UPDOWN][SHELL] (run_shell) '/bin/service fwm:vpn_connection_chains -t json -s nosync -b '{"me":"192.168.1.253","peer":"91.96.177.81","mynet":"192.168.1.253/32","peernet":"91.96.177.81/32","connop":"0","iface":"unknown","myproto":"17","myport":"1701","peerproto":"17","peerport":"1701","conntype":"hth","actnet":"","compress":"0","conn_id":"1"}'': error returned 255