Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 1714 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

sophos received IKE message with invalid SPI from other side

kedex kedex

I 'am creating a VPN IPSEC Tunnel between 2 BRanchs ( partner local and eleader distant )
The distant site ( central ) forced us to use the same parametrers that he is using with other branchs , unfortunatley after setting all the configuration , the vpn is not working . and the log is showing constantly this error "sophos received IKE message with invalid SPI  from other side"

***********************************************************
Network 

VPN Gateway eLeader

1.1.1.1 ( public ip)

VPN Gateway Partner

 2.2.2.2 ( public ip)

NAT Traversal

 Enabled       

Keepalive Frequency

10

Dead Peer Detection

 Disabled

Method

Pre-shared Key

Pre-shared Key

 *********

IKE version

  1          

Mode

  Main (ID protection)

***********************************************************

 Phase 1 Proposal

No.

Encryption

Authentication

1

AES256

SHA1

2

AES128

SHA1

Diffie-Hellman Group

  5        

Keylife (sec)

86400

Local ID

(none)

 
***********************************************************
XAUTH
Type Disabled

***********************************************************

Phase 2 Proposal

No.

Encryption

Authentication

1

AES256

SHA1

2

AES128

SHA1

Replay Detection

 Enabled           

Perfect Forward Secrecy

 Enabled            

Diffie-Hellman Group

   5    

Autokey Keep Alive

 Enabled        

Auto-negotiate

 Enabled          

Keylife (sec)

3600

***********************************************************

ACL security policy

Source

Destination

Protocol

Port/type

Comments

172.16.200.41
Partner side selectors

 

192.168.202.61

HTTPS

443

ACL

***********************************************************

Phase 2 Selectors

eLeader side selectors
(encryption domain)


  Single IP address in one of following subnets:

   192.168.202.61/32   eLeader ITG

eLeader NAT Proposal:

(encryption domain)

   192.168.202.61/32   eleader  ITG   (no NAT)

Partner side selectors

(encryption domain)
Example:
 172.16.200.41/32

ALL Screens from Partner (Local ):

https://ibb.co/jrtW0jj
https://ibb.co/D82hzCd
https://ibb.co/zh3yPr3
https://ibb.co/sVnjKQr
https://ibb.co/Lg9Yffz
https://ibb.co/p18QBD0
https://ibb.co/nfynKF1



LOGS CAPTURED FROM SOPHOS :

Sophos Firewall
===============
(C) Copyright 2000-2022 Sophos Limited and others. All rights reserved.
Sophos is a registered trademark of Sophos Limited and Sophos Group.
All other product and company names mentioned are trademarks or registered
trademarks of their respective owners.

For Sophos End User Terms of Use - www.sophos.com/.../sophos-end
-user-terms-of-use.aspx

NOTE: If not explicitly approved by Sophos support, any modifications
done through this option will void your support.


XG135_XN03_SFOS 19.0.1 MR-1-Build365# tail -f /log/strongswan.log
2022-10-18 15:43:27Z 11[ENC] <7803> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:43:27Z 11[NET] <7803> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:43:27Z 10[NET] <7803> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:43:27Z 10[ENC] <7803> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:43:27Z 10[CFG] <7803> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:43:27Z 10[IKE] <7803> no peer config found
2022-10-18 15:43:27Z 10[ENC] <7803> generating INFORMATIONAL_V1 request 58754477
9 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:43:27Z 10[NET] <7803> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:43:30Z 23[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (EC57B339) from the remote gateway.
2022-10-18 15:43:36Z 22[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (EC57B339) from the remote gateway.
2022-10-18 15:43:48Z 30[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (EC57B339) from the remote gateway.
2022-10-18 15:43:57Z 32[NET] <7804> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:43:57Z 32[ENC] <7804> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:43:57Z 32[IKE] <7804> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:43:57Z 32[IKE] <7804> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:43:57Z 32[IKE] <7804> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:43:57Z 32[IKE] <7804> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:43:57Z 32[ENC] <7804> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:43:57Z 32[IKE] <7804> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:43:57Z 32[IKE] <7804> received DPD vendor ID
2022-10-18 15:43:57Z 32[IKE] <7804> received FRAGMENTATION vendor ID
2022-10-18 15:43:57Z 32[IKE] <7804> received FRAGMENTATION vendor ID
2022-10-18 15:43:57Z 32[ENC] <7804> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:43:57Z 32[IKE] <7804> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:43:57Z 32[ENC] <7804> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:43:57Z 32[NET] <7804> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:43:57Z 10[NET] <7804> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:43:57Z 10[ENC] <7804> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:43:57Z 10[IKE] <7804> local host is behind NAT, sending keep alive
s
2022-10-18 15:43:57Z 10[ENC] <7804> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:43:57Z 10[NET] <7804> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:43:57Z 05[NET] <7804> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:43:57Z 05[ENC] <7804> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:43:57Z 05[CFG] <7804> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:43:57Z 05[IKE] <7804> no peer config found
2022-10-18 15:43:57Z 05[ENC] <7804> generating INFORMATIONAL_V1 request 62768118
1 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:43:57Z 05[NET] <7804> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:44:00Z 01[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (ADE7E597) from the remote gateway.
2022-10-18 15:44:06Z 14[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (ADE7E597) from the remote gateway.
2022-10-18 15:44:16Z 11[IKE] <VPN_eLeader-1|7799> giving up after 5 retransmits
2022-10-18 15:44:16Z 11[DMN] <VPN_eLeader-1|7799> [GARNER-LOGGING] (child_alert)
ALERT: IKE message (6C0040E0) retransmission to 1.1.1.1 timed out. Check
if the remote gateway is reachable.
2022-10-18 15:44:16Z 11[DMN] <VPN_eLeader-1|7799> [GARNER-LOGGING] (child_alert)
ALERT: Remote gateway didn't respond to the initial message 0. Check if the rem
ote gateway is reachable.
2022-10-18 15:44:16Z 11[IKE] <VPN_eLeader-1|7799> peer not responding, trying ag
ain (2/10)
2022-10-18 15:44:16Z 11[IKE] <VPN_eLeader-1|7799> initiating Main Mode IKE_SA VP
N_eLeader-1[7799] to 1.1.1.1
2022-10-18 15:44:16Z 11[ENC] <VPN_eLeader-1|7799> generating ID_PROT request 0 [
SA V V V V V V ]
2022-10-18 15:44:16Z 11[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:44:18Z 18[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (ADE7E597) from the remote gateway.
2022-10-18 15:44:20Z 09[IKE] <VPN_eLeader-1|7799> sending retransmit 1 of reques
t message ID 0, seq 1
2022-10-18 15:44:20Z 09[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:44:27Z 29[NET] <7805> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:44:27Z 29[ENC] <7805> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:44:27Z 29[IKE] <7805> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:44:27Z 29[IKE] <7805> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:44:27Z 29[IKE] <7805> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:44:27Z 29[IKE] <7805> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:44:27Z 29[ENC] <7805> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:44:27Z 29[IKE] <7805> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:44:27Z 29[IKE] <7805> received DPD vendor ID
2022-10-18 15:44:27Z 29[IKE] <7805> received FRAGMENTATION vendor ID
2022-10-18 15:44:27Z 29[IKE] <7805> received FRAGMENTATION vendor ID
2022-10-18 15:44:27Z 29[ENC] <7805> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:44:27Z 29[IKE] <7805> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:44:27Z 29[ENC] <7805> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:44:27Z 29[NET] <7805> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:44:27Z 19[NET] <7805> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:44:27Z 19[ENC] <7805> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:44:27Z 19[IKE] <7805> local host is behind NAT, sending keep alive
s
2022-10-18 15:44:27Z 19[ENC] <7805> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:44:27Z 19[NET] <7805> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:44:27Z 31[NET] <7805> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:44:27Z 31[ENC] <7805> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:44:27Z 31[CFG] <7805> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:44:27Z 31[IKE] <7805> no peer config found
2022-10-18 15:44:27Z 31[ENC] <7805> generating INFORMATIONAL_V1 request 20380165
16 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:44:27Z 31[NET] <7805> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:44:28Z 23[IKE] <VPN_eLeader-1|7799> sending retransmit 2 of reques
t message ID 0, seq 1
2022-10-18 15:44:28Z 23[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:44:30Z 26[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (D4B259ED) from the remote gateway.
2022-10-18 15:44:36Z 30[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (D4B259ED) from the remote gateway.
2022-10-18 15:44:41Z 21[IKE] <VPN_eLeader-1|7799> sending retransmit 3 of reques
t message ID 0, seq 1
2022-10-18 15:44:41Z 21[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:44:48Z 22[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (D4B259ED) from the remote gateway.
2022-10-18 15:44:57Z 24[NET] <7806> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:44:57Z 24[ENC] <7806> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:44:57Z 24[IKE] <7806> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:44:57Z 24[IKE] <7806> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:44:57Z 24[IKE] <7806> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:44:57Z 24[IKE] <7806> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:44:57Z 24[ENC] <7806> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:44:57Z 24[IKE] <7806> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:44:57Z 24[IKE] <7806> received DPD vendor ID
2022-10-18 15:44:57Z 24[IKE] <7806> received FRAGMENTATION vendor ID
2022-10-18 15:44:57Z 24[IKE] <7806> received FRAGMENTATION vendor ID
2022-10-18 15:44:57Z 24[ENC] <7806> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:44:57Z 24[IKE] <7806> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:44:57Z 24[ENC] <7806> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:44:57Z 24[NET] <7806> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:44:57Z 17[NET] <7806> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:44:57Z 17[ENC] <7806> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:44:57Z 17[IKE] <7806> local host is behind NAT, sending keep alive
s
2022-10-18 15:44:57Z 17[ENC] <7806> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:44:57Z 17[NET] <7806> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:44:57Z 25[NET] <7806> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:44:57Z 25[ENC] <7806> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:44:57Z 25[CFG] <7806> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:44:57Z 25[IKE] <7806> no peer config found
2022-10-18 15:44:57Z 25[ENC] <7806> generating INFORMATIONAL_V1 request 35003604
4 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:44:57Z 25[NET] <7806> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:45:00Z 11[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (63063439) from the remote gateway.
2022-10-18 15:45:04Z 28[IKE] <VPN_eLeader-1|7799> sending retransmit 4 of reques
t message ID 0, seq 1
2022-10-18 15:45:04Z 28[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:45:06Z 13[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (63063439) from the remote gateway.
2022-10-18 15:45:18Z 23[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (63063439) from the remote gateway.
2022-10-18 15:45:27Z 26[NET] <7807> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:45:27Z 26[ENC] <7807> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:45:27Z 26[IKE] <7807> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:45:27Z 26[IKE] <7807> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:45:27Z 26[IKE] <7807> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:45:27Z 26[IKE] <7807> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:45:27Z 26[ENC] <7807> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:45:27Z 26[IKE] <7807> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:45:27Z 26[IKE] <7807> received DPD vendor ID
2022-10-18 15:45:27Z 26[IKE] <7807> received FRAGMENTATION vendor ID
2022-10-18 15:45:27Z 26[IKE] <7807> received FRAGMENTATION vendor ID
2022-10-18 15:45:27Z 26[ENC] <7807> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:45:27Z 26[IKE] <7807> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:45:27Z 26[ENC] <7807> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:45:27Z 26[NET] <7807> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:45:27Z 30[NET] <7807> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:45:27Z 30[ENC] <7807> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:45:27Z 30[IKE] <7807> local host is behind NAT, sending keep alive
s
2022-10-18 15:45:27Z 30[ENC] <7807> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:45:27Z 30[NET] <7807> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:45:27Z 12[NET] <7807> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:45:27Z 12[ENC] <7807> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:45:27Z 12[CFG] <7807> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:45:27Z 12[IKE] <7807> no peer config found
2022-10-18 15:45:27Z 12[ENC] <7807> generating INFORMATIONAL_V1 request 31443985
06 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:45:27Z 12[NET] <7807> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:45:30Z 10[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (93D4572E) from the remote gateway.
2022-10-18 15:45:36Z 21[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (93D4572E) from the remote gateway.
2022-10-18 15:45:46Z 31[IKE] <VPN_eLeader-1|7799> sending retransmit 5 of reques
t message ID 0, seq 1
2022-10-18 15:45:46Z 31[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:45:48Z 25[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (93D4572E) from the remote gateway.
2022-10-18 15:45:57Z 11[NET] <7808> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:45:57Z 11[ENC] <7808> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:45:57Z 11[IKE] <7808> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:45:57Z 11[IKE] <7808> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:45:57Z 11[IKE] <7808> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:45:57Z 11[IKE] <7808> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:45:57Z 11[ENC] <7808> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:45:57Z 11[IKE] <7808> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:45:57Z 11[IKE] <7808> received DPD vendor ID
2022-10-18 15:45:57Z 11[IKE] <7808> received FRAGMENTATION vendor ID
2022-10-18 15:45:57Z 11[IKE] <7808> received FRAGMENTATION vendor ID
2022-10-18 15:45:57Z 11[ENC] <7808> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:45:57Z 11[IKE] <7808> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:45:57Z 11[ENC] <7808> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:45:57Z 11[NET] <7808> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:45:57Z 18[NET] <7808> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:45:57Z 18[ENC] <7808> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:45:57Z 18[IKE] <7808> local host is behind NAT, sending keep alive
s
2022-10-18 15:45:57Z 18[ENC] <7808> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:45:57Z 18[NET] <7808> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:45:57Z 28[NET] <7808> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:45:57Z 28[ENC] <7808> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:45:57Z 28[CFG] <7808> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:45:57Z 28[IKE] <7808> no peer config found
2022-10-18 15:45:57Z 28[ENC] <7808> generating INFORMATIONAL_V1 request 11373086
89 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:45:57Z 28[NET] <7808> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:46:00Z 29[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (32063660) from the remote gateway.
2022-10-18 15:46:06Z 19[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (32063660) from the remote gateway.
2022-10-18 15:46:18Z 26[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (32063660) from the remote gateway.

2022-10-18 15:46:27Z 13[NET] <7809> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:46:27Z 13[ENC] <7809> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:46:27Z 13[IKE] <7809> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:46:27Z 13[IKE] <7809> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:46:27Z 13[IKE] <7809> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:46:27Z 13[IKE] <7809> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:46:27Z 13[ENC] <7809> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:46:27Z 13[IKE] <7809> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:46:27Z 13[IKE] <7809> received DPD vendor ID
2022-10-18 15:46:27Z 13[IKE] <7809> received FRAGMENTATION vendor ID
2022-10-18 15:46:27Z 13[IKE] <7809> received FRAGMENTATION vendor ID
2022-10-18 15:46:27Z 13[ENC] <7809> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:46:27Z 13[IKE] <7809> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:46:27Z 13[ENC] <7809> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:46:27Z 13[NET] <7809> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:46:27Z 05[NET] <7809> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:46:27Z 05[ENC] <7809> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:46:27Z 05[IKE] <7809> local host is behind NAT, sending keep alive
s
2022-10-18 15:46:27Z 05[ENC] <7809> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:46:27Z 05[NET] <7809> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:46:27Z 10[NET] <7809> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:46:27Z 10[ENC] <7809> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:46:27Z 10[CFG] <7809> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:46:27Z 10[IKE] <7809> no peer config found
2022-10-18 15:46:27Z 10[ENC] <7809> generating INFORMATIONAL_V1 request 30571217
46 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:46:27Z 10[NET] <7809> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)

2022-10-18 15:46:30Z 23[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (5A693C53) from the remote gateway.
2022-10-18 15:46:36Z 31[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (5A693C53) from the remote gateway.
2022-10-18 15:46:48Z 08[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (5A693C53) from the remote gateway.
2022-10-18 15:46:57Z 22[NET] <7810> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:46:57Z 22[ENC] <7810> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:46:57Z 22[IKE] <7810> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:46:57Z 22[IKE] <7810> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:46:57Z 22[IKE] <7810> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:46:57Z 22[IKE] <7810> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:46:57Z 22[ENC] <7810> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:46:57Z 22[IKE] <7810> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:46:57Z 22[IKE] <7810> received DPD vendor ID
2022-10-18 15:46:57Z 22[IKE] <7810> received FRAGMENTATION vendor ID
2022-10-18 15:46:57Z 22[IKE] <7810> received FRAGMENTATION vendor ID
2022-10-18 15:46:57Z 22[ENC] <7810> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:46:57Z 22[IKE] <7810> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:46:57Z 22[ENC] <7810> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:46:57Z 22[NET] <7810> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:46:57Z 15[NET] <7810> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:46:57Z 15[ENC] <7810> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:46:57Z 15[IKE] <7810> local host is behind NAT, sending keep alive
s
2022-10-18 15:46:57Z 15[ENC] <7810> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:46:57Z 15[NET] <7810> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:46:57Z 29[NET] <7810> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:46:57Z 29[ENC] <7810> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:46:57Z 29[CFG] <7810> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:46:57Z 29[IKE] <7810> no peer config found
2022-10-18 15:46:57Z 29[ENC] <7810> generating INFORMATIONAL_V1 request 19777289
39 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:46:57Z 29[NET] <7810> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:47:00Z 17[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (6E37CF6F) from the remote gateway.
2022-10-18 15:47:01Z 04[IKE] <VPN_eLeader-1|7799> giving up after 5 retransmits
2022-10-18 15:47:01Z 04[DMN] <VPN_eLeader-1|7799> [GARNER-LOGGING] (child_alert)
ALERT: IKE message (84002280) retransmission to 1.1.1.1 timed out. Check
if the remote gateway is reachable.
2022-10-18 15:47:01Z 04[DMN] <VPN_eLeader-1|7799> [GARNER-LOGGING] (child_alert)
ALERT: Remote gateway didn't respond to the initial message 1. Check if the rem
ote gateway is reachable.
2022-10-18 15:47:01Z 04[IKE] <VPN_eLeader-1|7799> peer not responding, trying ag
ain (3/10)
2022-10-18 15:47:01Z 04[IKE] <VPN_eLeader-1|7799> initiating Main Mode IKE_SA VP
N_eLeader-1[7799] to 1.1.1.1
2022-10-18 15:47:01Z 04[ENC] <VPN_eLeader-1|7799> generating ID_PROT request 0 [
SA V V V V V V ]
2022-10-18 15:47:01Z 04[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:47:05Z 14[IKE] <VPN_eLeader-1|7799> sending retransmit 1 of reques
t message ID 0, seq 1
2022-10-18 15:47:05Z 14[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:47:06Z 26[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (6E37CF6F) from the remote gateway.
2022-10-18 15:47:13Z 05[IKE] <VPN_eLeader-1|7799> sending retransmit 2 of reques
t message ID 0, seq 1
2022-10-18 15:47:13Z 05[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:47:18Z 21[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (6E37CF6F) from the remote gateway.
2022-10-18 15:47:26Z 31[IKE] <VPN_eLeader-1|7799> sending retransmit 3 of reques
t message ID 0, seq 1
2022-10-18 15:47:26Z 31[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:47:27Z 01[NET] <7811> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:47:27Z 01[ENC] <7811> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:47:27Z 01[IKE] <7811> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:47:27Z 01[IKE] <7811> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:47:27Z 01[IKE] <7811> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:47:27Z 01[IKE] <7811> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:47:27Z 01[ENC] <7811> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:47:27Z 01[IKE] <7811> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:47:27Z 01[IKE] <7811> received DPD vendor ID
2022-10-18 15:47:27Z 01[IKE] <7811> received FRAGMENTATION vendor ID
2022-10-18 15:47:27Z 01[IKE] <7811> received FRAGMENTATION vendor ID
2022-10-18 15:47:27Z 01[ENC] <7811> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:47:27Z 01[IKE] <7811> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:47:27Z 01[ENC] <7811> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:47:27Z 01[NET] <7811> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:47:27Z 25[NET] <7811> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:47:27Z 25[ENC] <7811> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:47:27Z 25[IKE] <7811> local host is behind NAT, sending keep alive
s
2022-10-18 15:47:27Z 25[ENC] <7811> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:47:27Z 25[NET] <7811> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:47:27Z 17[NET] <7811> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:47:27Z 17[ENC] <7811> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:47:27Z 17[CFG] <7811> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:47:27Z 17[IKE] <7811> no peer config found
2022-10-18 15:47:27Z 17[ENC] <7811> generating INFORMATIONAL_V1 request 80937632
0 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:47:27Z 17[NET] <7811> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:47:30Z 27[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (43217E85) from the remote gateway.
2022-10-18 15:47:36Z 18[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (43217E85) from the remote gateway.
2022-10-18 15:47:48Z 19[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (43217E85) from the remote gateway.
2022-10-18 15:47:49Z 04[IKE] <VPN_eLeader-1|7799> sending retransmit 4 of reques
t message ID 0, seq 1
2022-10-18 15:47:49Z 04[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:47:57Z 26[NET] <7812> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:47:57Z 26[ENC] <7812> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:47:57Z 26[IKE] <7812> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:47:57Z 26[IKE] <7812> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:47:57Z 26[IKE] <7812> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:47:57Z 26[IKE] <7812> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:47:57Z 26[ENC] <7812> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:47:57Z 26[IKE] <7812> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:47:57Z 26[IKE] <7812> received DPD vendor ID
2022-10-18 15:47:57Z 26[IKE] <7812> received FRAGMENTATION vendor ID
2022-10-18 15:47:57Z 26[IKE] <7812> received FRAGMENTATION vendor ID
2022-10-18 15:47:57Z 26[ENC] <7812> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:47:57Z 26[IKE] <7812> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:47:57Z 26[ENC] <7812> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:47:57Z 26[NET] <7812> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:47:57Z 16[NET] <7812> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:47:57Z 16[ENC] <7812> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:47:57Z 16[IKE] <7812> local host is behind NAT, sending keep alive
s
2022-10-18 15:47:57Z 16[ENC] <7812> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:47:57Z 16[NET] <7812> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:47:57Z 12[NET] <7812> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:47:57Z 12[ENC] <7812> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:47:57Z 12[CFG] <7812> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:47:57Z 12[IKE] <7812> no peer config found
2022-10-18 15:47:57Z 12[ENC] <7812> generating INFORMATIONAL_V1 request 15400716
69 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:47:57Z 12[NET] <7812> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:48:00Z 05[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (53860091) from the remote gateway.
2022-10-18 15:48:06Z 10[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (53860091) from the remote gateway.
2022-10-18 15:48:18Z 01[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (53860091) from the remote gateway.
2022-10-18 15:48:27Z 30[NET] <7813> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:48:27Z 30[ENC] <7813> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:48:27Z 30[IKE] <7813> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:48:27Z 30[IKE] <7813> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:48:27Z 30[IKE] <7813> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:48:27Z 30[IKE] <7813> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:48:27Z 30[ENC] <7813> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:48:27Z 30[IKE] <7813> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:48:27Z 30[IKE] <7813> received DPD vendor ID
2022-10-18 15:48:27Z 30[IKE] <7813> received FRAGMENTATION vendor ID
2022-10-18 15:48:27Z 30[IKE] <7813> received FRAGMENTATION vendor ID
2022-10-18 15:48:27Z 30[ENC] <7813> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:48:27Z 30[IKE] <7813> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:48:27Z 30[ENC] <7813> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:48:27Z 30[NET] <7813> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:48:27Z 27[NET] <7813> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:48:27Z 27[ENC] <7813> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:48:27Z 27[IKE] <7813> local host is behind NAT, sending keep alive
s
2022-10-18 15:48:27Z 27[ENC] <7813> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:48:27Z 27[NET] <7813> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:48:27Z 11[NET] <7813> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:48:27Z 11[ENC] <7813> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:48:27Z 11[CFG] <7813> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:48:27Z 11[IKE] <7813> no peer config found
2022-10-18 15:48:27Z 11[ENC] <7813> generating INFORMATIONAL_V1 request 10067435
42 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:48:27Z 11[NET] <7813> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:48:30Z 32[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (BCFABDE8) from the remote gateway.
2022-10-18 15:48:31Z 22[IKE] <VPN_eLeader-1|7799> sending retransmit 5 of reques
t message ID 0, seq 1
2022-10-18 15:48:31Z 22[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:48:36Z 29[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (BCFABDE8) from the remote gateway.
2022-10-18 15:48:48Z 04[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (BCFABDE8) from the remote gateway.
2022-10-18 15:48:57Z 05[NET] <7814> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:48:57Z 05[ENC] <7814> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:48:57Z 05[IKE] <7814> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:48:57Z 05[IKE] <7814> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:48:57Z 05[IKE] <7814> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:48:57Z 05[IKE] <7814> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:48:57Z 05[ENC] <7814> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:48:57Z 05[IKE] <7814> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:48:57Z 05[IKE] <7814> received DPD vendor ID
2022-10-18 15:48:57Z 05[IKE] <7814> received FRAGMENTATION vendor ID
2022-10-18 15:48:57Z 05[IKE] <7814> received FRAGMENTATION vendor ID
2022-10-18 15:48:57Z 05[ENC] <7814> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:48:57Z 05[IKE] <7814> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:48:57Z 05[ENC] <7814> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:48:57Z 05[NET] <7814> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:48:57Z 28[NET] <7814> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:48:57Z 28[ENC] <7814> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:48:57Z 28[IKE] <7814> local host is behind NAT, sending keep alive
s
2022-10-18 15:48:57Z 28[ENC] <7814> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:48:57Z 28[NET] <7814> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:48:58Z 13[NET] <7814> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:48:58Z 13[ENC] <7814> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:48:58Z 13[CFG] <7814> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:48:58Z 13[IKE] <7814> no peer config found
2022-10-18 15:48:58Z 13[ENC] <7814> generating INFORMATIONAL_V1 request 41939152
48 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:48:58Z 13[NET] <7814> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:49:01Z 24[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (D4BE7E2) from the remote gateway.
2022-10-18 15:49:07Z 23[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (D4BE7E2) from the remote gateway.
2022-10-18 15:49:19Z 27[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (D4BE7E2) from the remote gateway.
2022-10-18 15:49:27Z 21[NET] <7815> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:49:27Z 21[ENC] <7815> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:49:27Z 21[IKE] <7815> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:49:27Z 21[IKE] <7815> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:49:27Z 21[IKE] <7815> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:49:27Z 21[IKE] <7815> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:49:27Z 21[ENC] <7815> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:49:27Z 21[IKE] <7815> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:49:27Z 21[IKE] <7815> received DPD vendor ID
2022-10-18 15:49:27Z 21[IKE] <7815> received FRAGMENTATION vendor ID
2022-10-18 15:49:27Z 21[IKE] <7815> received FRAGMENTATION vendor ID
2022-10-18 15:49:27Z 21[ENC] <7815> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:49:27Z 21[IKE] <7815> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:49:27Z 21[ENC] <7815> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:49:27Z 21[NET] <7815> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:49:28Z 15[NET] <7815> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:49:28Z 15[ENC] <7815> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:49:28Z 15[IKE] <7815> local host is behind NAT, sending keep alive
s
2022-10-18 15:49:28Z 15[ENC] <7815> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:49:28Z 15[NET] <7815> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:49:28Z 32[NET] <7815> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:49:28Z 32[ENC] <7815> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:49:28Z 32[CFG] <7815> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:49:28Z 32[IKE] <7815> no peer config found
2022-10-18 15:49:28Z 32[ENC] <7815> generating INFORMATIONAL_V1 request 14323977
14 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:49:28Z 32[NET] <7815> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:49:31Z 14[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (7C8531B8) from the remote gateway.
2022-10-18 15:49:37Z 17[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (7C8531B8) from the remote gateway.
2022-10-18 15:49:47Z 28[IKE] <VPN_eLeader-1|7799> giving up after 5 retransmits
2022-10-18 15:49:47Z 28[DMN] <VPN_eLeader-1|7799> [GARNER-LOGGING] (child_alert)
ALERT: IKE message (98003900) retransmission to 1.1.1.1 timed out. Check
if the remote gateway is reachable.
2022-10-18 15:49:47Z 28[DMN] <VPN_eLeader-1|7799> [GARNER-LOGGING] (child_alert)
ALERT: Remote gateway didn't respond to the initial message 2. Check if the rem
ote gateway is reachable.
2022-10-18 15:49:47Z 28[IKE] <VPN_eLeader-1|7799> peer not responding, trying ag
ain (4/10)
2022-10-18 15:49:47Z 28[IKE] <VPN_eLeader-1|7799> initiating Main Mode IKE_SA VP
N_eLeader-1[7799] to 1.1.1.1
2022-10-18 15:49:47Z 28[ENC] <VPN_eLeader-1|7799> generating ID_PROT request 0 [
SA V V V V V V ]
2022-10-18 15:49:47Z 28[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:49:49Z 18[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (7C8531B8) from the remote gateway.
2022-10-18 15:49:51Z 29[IKE] <VPN_eLeader-1|7799> sending retransmit 1 of reques
t message ID 0, seq 1
2022-10-18 15:49:51Z 29[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:49:57Z 19[NET] <7816> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:49:57Z 19[ENC] <7816> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:49:57Z 19[IKE] <7816> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:49:57Z 19[IKE] <7816> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:49:57Z 19[IKE] <7816> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:49:57Z 19[IKE] <7816> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:49:57Z 19[ENC] <7816> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:49:57Z 19[IKE] <7816> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:49:57Z 19[IKE] <7816> received DPD vendor ID
2022-10-18 15:49:57Z 19[IKE] <7816> received FRAGMENTATION vendor ID
2022-10-18 15:49:57Z 19[IKE] <7816> received FRAGMENTATION vendor ID
2022-10-18 15:49:57Z 19[ENC] <7816> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:49:57Z 19[IKE] <7816> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:49:57Z 19[ENC] <7816> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:49:57Z 19[NET] <7816> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:49:58Z 24[NET] <7816> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:49:58Z 24[ENC] <7816> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:49:58Z 24[IKE] <7816> local host is behind NAT, sending keep alive
s
2022-10-18 15:49:58Z 24[ENC] <7816> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:49:58Z 24[NET] <7816> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:49:58Z 23[NET] <7816> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:49:58Z 23[ENC] <7816> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:49:58Z 23[CFG] <7816> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:49:58Z 23[IKE] <7816> no peer config found
2022-10-18 15:49:58Z 23[ENC] <7816> generating INFORMATIONAL_V1 request 30529361
01 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:49:58Z 23[NET] <7816> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:49:58Z 01[IKE] <VPN_eLeader-1|7799> sending retransmit 2 of reques
t message ID 0, seq 1
2022-10-18 15:49:58Z 01[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:50:01Z 08[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (7D9B7F9C) from the remote gateway.
2022-10-18 15:50:07Z 27[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (7D9B7F9C) from the remote gateway.
2022-10-18 15:50:11Z 15[IKE] <VPN_eLeader-1|7799> sending retransmit 3 of reques
t message ID 0, seq 1
2022-10-18 15:50:11Z 15[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:50:19Z 22[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (7D9B7F9C) from the remote gateway.
2022-10-18 15:50:28Z 17[NET] <7817> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:50:28Z 17[ENC] <7817> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:50:28Z 17[IKE] <7817> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:50:28Z 17[IKE] <7817> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:50:28Z 17[IKE] <7817> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:50:28Z 17[IKE] <7817> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:50:28Z 17[ENC] <7817> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:50:28Z 17[IKE] <7817> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:50:28Z 17[IKE] <7817> received DPD vendor ID
2022-10-18 15:50:28Z 17[IKE] <7817> received FRAGMENTATION vendor ID
2022-10-18 15:50:28Z 17[IKE] <7817> received FRAGMENTATION vendor ID
2022-10-18 15:50:28Z 17[ENC] <7817> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:50:28Z 17[IKE] <7817> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:50:28Z 17[ENC] <7817> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:50:28Z 17[NET] <7817> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:50:28Z 25[NET] <7817> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:50:28Z 25[ENC] <7817> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:50:28Z 25[IKE] <7817> local host is behind NAT, sending keep alive
s
2022-10-18 15:50:28Z 25[ENC] <7817> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:50:28Z 25[NET] <7817> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:50:28Z 04[NET] <7817> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:50:28Z 04[ENC] <7817> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:50:28Z 04[CFG] <7817> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:50:28Z 04[IKE] <7817> no peer config found
2022-10-18 15:50:28Z 04[ENC] <7817> generating INFORMATIONAL_V1 request 85925749
8 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:50:28Z 04[NET] <7817> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:50:31Z 12[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (B8344B17) from the remote gateway.
2022-10-18 15:50:34Z 05[IKE] <VPN_eLeader-1|7799> sending retransmit 4 of reques
t message ID 0, seq 1
2022-10-18 15:50:34Z 05[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:50:37Z 10[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (B8344B17) from the remote gateway.
2022-10-18 15:50:49Z 23[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (B8344B17) from the remote gateway.
2022-10-18 15:50:58Z 27[NET] <7818> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:50:58Z 27[ENC] <7818> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:50:58Z 27[IKE] <7818> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:50:58Z 27[IKE] <7818> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:50:58Z 27[IKE] <7818> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:50:58Z 27[IKE] <7818> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:50:58Z 27[ENC] <7818> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:50:58Z 27[IKE] <7818> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:50:58Z 27[IKE] <7818> received DPD vendor ID
2022-10-18 15:50:58Z 27[IKE] <7818> received FRAGMENTATION vendor ID
2022-10-18 15:50:58Z 27[IKE] <7818> received FRAGMENTATION vendor ID
2022-10-18 15:50:58Z 27[ENC] <7818> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:50:58Z 27[IKE] <7818> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:50:58Z 27[ENC] <7818> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:50:58Z 27[NET] <7818> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:50:58Z 08[NET] <7818> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:50:58Z 08[ENC] <7818> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:50:58Z 08[IKE] <7818> local host is behind NAT, sending keep alive
s
2022-10-18 15:50:58Z 08[ENC] <7818> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:50:58Z 08[NET] <7818> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:50:58Z 20[NET] <7818> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:50:58Z 20[ENC] <7818> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:50:58Z 20[CFG] <7818> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:50:58Z 20[IKE] <7818> no peer config found
2022-10-18 15:50:58Z 20[ENC] <7818> generating INFORMATIONAL_V1 request 23350289
82 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:50:58Z 20[NET] <7818> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:51:01Z 15[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (18B78692) from the remote gateway.
2022-10-18 15:51:07Z 32[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (18B78692) from the remote gateway.
2022-10-18 15:51:16Z 17[IKE] <VPN_eLeader-1|7799> sending retransmit 5 of reques
t message ID 0, seq 1
2022-10-18 15:51:16Z 17[NET] <VPN_eLeader-1|7799> sending packet: from 192.168.2
0.253[500] to 1.1.1.1[500] (296 bytes)
2022-10-18 15:51:19Z 09[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (18B78692) from the remote gateway.
2022-10-18 15:51:28Z 12[NET] <7819> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:51:28Z 12[ENC] <7819> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:51:28Z 12[IKE] <7819> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:51:28Z 12[IKE] <7819> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:51:28Z 12[IKE] <7819> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:51:28Z 12[IKE] <7819> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:51:28Z 12[ENC] <7819> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:51:28Z 12[IKE] <7819> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:51:28Z 12[IKE] <7819> received DPD vendor ID
2022-10-18 15:51:28Z 12[IKE] <7819> received FRAGMENTATION vendor ID
2022-10-18 15:51:28Z 12[IKE] <7819> received FRAGMENTATION vendor ID
2022-10-18 15:51:28Z 12[ENC] <7819> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:51:28Z 12[IKE] <7819> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:51:28Z 12[ENC] <7819> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:51:28Z 12[NET] <7819> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:51:28Z 05[NET] <7819> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:51:28Z 05[ENC] <7819> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:51:28Z 05[IKE] <7819> local host is behind NAT, sending keep alive
s
2022-10-18 15:51:28Z 05[ENC] <7819> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:51:28Z 05[NET] <7819> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:51:28Z 28[NET] <7819> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:51:28Z 28[ENC] <7819> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:51:28Z 28[CFG] <7819> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:51:28Z 28[IKE] <7819> no peer config found
2022-10-18 15:51:28Z 28[ENC] <7819> generating INFORMATIONAL_V1 request 19684494
82 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:51:28Z 28[NET] <7819> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:51:31Z 24[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (70249F0) from the remote gateway.
2022-10-18 15:51:37Z 01[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (70249F0) from the remote gateway.
2022-10-18 15:51:49Z 08[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (70249F0) from the remote gateway.
2022-10-18 15:51:58Z 10[NET] <7820> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (412 bytes)
2022-10-18 15:51:58Z 10[ENC] <7820> parsed ID_PROT request 0 [ SA V V V V V V V
V V V ]
2022-10-18 15:51:58Z 10[IKE] <7820> received NAT-T (RFC 3947) vendor ID
2022-10-18 15:51:58Z 10[IKE] <7820> received draft-ietf-ipsec-nat-t-ike-03 vendo
r ID
2022-10-18 15:51:58Z 10[IKE] <7820> received draft-ietf-ipsec-nat-t-ike-02 vendo
r ID
2022-10-18 15:51:58Z 10[IKE] <7820> received draft-ietf-ipsec-nat-t-ike-02\n ven
dor ID
2022-10-18 15:51:58Z 10[ENC] <7820> received unknown vendor ID: 16:f6:ca:16:e4:a
4:06:6d:83:82:1a:0f:0a:ea:a8:62
2022-10-18 15:51:58Z 10[IKE] <7820> received draft-ietf-ipsec-nat-t-ike-00 vendo
r ID
2022-10-18 15:51:58Z 10[IKE] <7820> received DPD vendor ID
2022-10-18 15:51:58Z 10[IKE] <7820> received FRAGMENTATION vendor ID
2022-10-18 15:51:58Z 10[IKE] <7820> received FRAGMENTATION vendor ID
2022-10-18 15:51:58Z 10[ENC] <7820> received unknown vendor ID: 82:99:03:17:57:a
3:60:82:c6:a6:21:de:00:00:00:00
2022-10-18 15:51:58Z 10[IKE] <7820> 1.1.1.1 is initiating a Main Mode IKE
_SA
2022-10-18 15:51:58Z 10[ENC] <7820> generating ID_PROT response 0 [ SA V V V V V
]
2022-10-18 15:51:58Z 10[NET] <7820> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (184 bytes)
2022-10-18 15:51:58Z 15[NET] <7820> received packet: from 1.1.1.1[500] to
192.168.20.253[500] (292 bytes)
2022-10-18 15:51:58Z 15[ENC] <7820> parsed ID_PROT request 0 [ KE No NAT-D NAT-D
]
2022-10-18 15:51:58Z 15[IKE] <7820> local host is behind NAT, sending keep alive
s
2022-10-18 15:51:58Z 15[ENC] <7820> generating ID_PROT response 0 [ KE No NAT-D
NAT-D ]
2022-10-18 15:51:58Z 15[NET] <7820> sending packet: from 192.168.20.253[500] to
1.1.1.1[500] (308 bytes)
2022-10-18 15:51:58Z 21[NET] <7820> received packet: from 1.1.1.1[4500] t
o 192.168.20.253[4500] (108 bytes)
2022-10-18 15:51:58Z 21[ENC] <7820> parsed ID_PROT request 0 [ ID HASH N(INITIAL
_CONTACT) ]
2022-10-18 15:51:58Z 21[CFG] <7820> looking for pre-shared key peer configs matc
hing 192.168.20.253...1.1.1.1[1.1.1.1]
2022-10-18 15:51:58Z 21[IKE] <7820> no peer config found
2022-10-18 15:51:58Z 21[ENC] <7820> generating INFORMATIONAL_V1 request 57705881
5 [ HASH N(AUTH_FAILED) ]
2022-10-18 15:51:58Z 21[NET] <7820> sending packet: from 192.168.20.253[4500] to
1.1.1.1[4500] (92 bytes)
2022-10-18 15:52:01Z 14[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (51F7A609) from the remote gateway.
2022-10-18 15:52:07Z 17[DMN] [GARNER-LOGGING] (child_alert) ALERT: Received IKE
message with invalid SPI (51F7A609) from the remote gateway.
??^C
XG135_XN03_SFOS 19.0.1 MR-1-Build365# ??^C
XG135_XN03_SFOS 19.0.1 MR-1-Build365# ipsec statusall
Status of IKE charon daemon (strongSwan 5.5.3, Linux 4.14.173, x86_64):
uptime: 6 days, since Oct 12 15:02:08 2022
malloc: sbrk 4939776, mmap 0, used 837488, free 4102288
worker threads: 27 of 32 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled:
6
loaded plugins: charon aes des rc2 sha2 sha3 sha1 md5 random nonce x509 revoca
tion constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl f
ips-prf curve25519 xcbc cmac hmac attr kernel-netlink socket-default stroke vici
xauth-generic xauth-access-server ippool-access-server cop-updown garner-loggin
g error-notify unity
Listening IP addresses:
169.254.234.5
192.168.1.1
172.16.1.1
192.168.20.253
192.168.30.253
172.16.200.42
172.16.30.2
172.16.20.2
172.16.60.2
172.16.15.2
172.16.10.2
172.16.70.2
172.16.25.2
172.16.80.2
172.16.40.2
172.16.50.1
2001:db8::
Connections:
VPN_eLeader-1: 192.168.20.253...1.1.1.1 IKEv1
VPN_eLeader-1: local: [172.16.200.41] uses pre-shared key authentication
VPN_eLeader-1: remote: [192.168.202.61] uses pre-shared key authentication
VPN_eLeader-1: child: 172.16.200.40/30 === 192.168.202.61/32 TUNNEL
Security Associations (0 up, 1 connecting):
VPN_eLeader-1[7799]: CONNECTING, 192.168.20.253[%any]...1.1.1.1[%any]
VPN_eLeader-1[7799]: IKEv1 SPIs: 548729efb29bb53c_i* 0000000000000000_r
VPN_eLeader-1[7799]: Tasks queued: QUICK_MODE
VPN_eLeader-1[7799]: Tasks active: ISAKMP_VENDOR ISAKMP_CERT_PRE MAIN_MODE ISAKM
P_CERT_POST ISAKMP_NATD
XG135_XN03_SFOS 19.0.1 MR-1-Build365#





This thread was automatically locked due to age.
Parents Reply Children
No Data
Unfiltered HTML