This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Net-to-Net with ASL 3.216 fault

Hy,
i tried to set up a VPN connection. IPSEC, Routing, Networkdefinitions seems to be OK. IPSEC VPN Live logging entry: "Feb 10 17:45:42 (none) Pluto[13539]: "VPN_1" #153: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xcf674c3e (perhaps this is a duplicated packet)
Feb 10 17:45:42 (none) Pluto[13539]: | next event EVENT_RETRANSMIT in 16 seconds for #193
" any hints ??? whats gonig on ??

This thread was automatically locked due to age.

Parents

0 Andy_01 over 22 years ago

Thomas,

could you post the content of the IPSEC logfile for this time please.
Cancel
Vote Up 0 Vote Down

Cancel
0 Thomas Geissinger over 22 years ago in reply to Andy_01

Feb 13 11:58:51 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x011d28a4 (perhaps this is a duplicated packet)
Feb 13 11:58:31 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x011d28a4 (perhaps this is a duplicated packet)
Feb 13 11:58:21 (none) Pluto[12616]: "Boehler_1" #11: cannot respond to IPsec SA request because no connection is known for 10.100.1.0/24===212.86.211.50...212.86.210.33===10.0.0.202/32
Feb 13 11:57:42 (none) Pluto[12616]: "Boehler_1" #8: starting keying attempt 5 of an unlimited number
Feb 13 11:57:42 (none) Pluto[12616]: "Boehler_1" #8: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 11:57:42 (none) Pluto[12616]: "Boehler_1" #10: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #8
Feb 13 11:57:41 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x55c8223e (perhaps this is a duplicated packet)
Feb 13 11:57:21 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x55c8223e (perhaps this is a duplicated packet)
Feb 13 11:57:11 (none) Pluto[12616]: "Boehler_1" #9: cannot respond to IPsec SA request because no connection is known for 10.100.1.0/24===212.86.211.50...212.86.210.33===10.0.0.202/32
Feb 13 11:56:32 (none) Pluto[12616]: "Boehler_1" #8: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #6
Feb 13 11:56:32 (none) Pluto[12616]: "Boehler_1" #6: starting keying attempt 4 of an unlimited number
Feb 13 11:56:32 (none) Pluto[12616]: "Boehler_1" #6: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 11:56:31 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x844513ea (perhaps this is a duplicated packet)
Feb 13 11:56:11 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x844513ea (perhaps this is a duplicated packet)
Feb 13 11:56:01 (none) Pluto[12616]: "Boehler_1" #7: cannot respond to IPsec SA request because no connection is known for 10.100.1.0/24===212.86.211.50...212.86.210.33===10.0.0.202/32
Feb 13 11:55:22 (none) Pluto[12616]: "Boehler_1" #6: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #4
Feb 13 11:55:22 (none) Pluto[12616]: "Boehler_1" #4: starting keying attempt 3 of an unlimited number
Feb 13 11:55:22 (none) Pluto[12616]: "Boehler_1" #4: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 11:55:21 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x374117a0 (perhaps this is a duplicated packet)
Feb 13 11:55:01 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x374117a0 (perhaps this is a duplicated packet)
Feb 13 12:09:21 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xfcb3db0a (perhaps this is a duplicated packet)

___________________________________________________________________________________________________________________________________________________________

Feb 13 11:58:41 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x008bbfd3 (perhaps this is a duplicated packet)
Feb 13 11:58:21 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x008bbfd3 (perhaps this is a duplicated packet)
Feb 13 11:58:11 (none) Pluto[2489]: "Boehler_1" #80: cannot respond to IPsec SA request because no connection is known for 10.0.0.0/24===212.86.210.33...212.86.211.50===10.100.1.0/24
Feb 13 11:57:40 (none) Pluto[2489]: "Boehler_1" #79: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #77
Feb 13 11:57:40 (none) Pluto[2489]: "Boehler_1" #77: starting keying attempt 71 of an unlimited number
Feb 13 11:57:40 (none) Pluto[2489]: "Boehler_1" #77: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 11:57:31 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xd687d2bf (perhaps this is a duplicated packet)
Feb 13 11:57:11 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xd687d2bf (perhaps this is a duplicated packet)
Feb 13 11:57:01 (none) Pluto[2489]: "Boehler_1" #78: cannot respond to IPsec SA request because no connection is known for 10.0.0.0/24===212.86.210.33...212.86.211.50===10.100.1.0/24
Feb 13 11:56:30 (none) Pluto[2489]: "Boehler_1" #77: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #75
Feb 13 11:56:30 (none) Pluto[2489]: "Boehler_1" #75: starting keying attempt 70 of an unlimited number
Feb 13 11:56:30 (none) Pluto[2489]: "Boehler_1" #75: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 11:56:21 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x6d6f555e (perhaps this is a duplicated packet)
Feb 13 11:56:01 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x6d6f555e (perhaps this is a duplicated packet)
Feb 13 11:55:51 (none) Pluto[2489]: "Boehler_1" #76: cannot respond to IPsec SA request because no connection is known for 10.0.0.0/24===212.86.210.33...212.86.211.50===10.100.1.0/24
Feb 13 11:55:20 (none) Pluto[2489]: "Boehler_1" #75: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #73
Feb 13 11:55:20 (none) Pluto[2489]: "Boehler_1" #73: starting keying attempt 69 of an unlimited number
Feb 13 11:55:20 (none) Pluto[2489]: "Boehler_1" #73: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 11:55:11 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x5d9ae433 (perhaps this is a duplicated packet)
Feb 13 11:54:51 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x5d9ae433 (perhaps this is a duplicated packet)
Feb 13 12:09:11 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x7ce64501 (perhaps this is a duplicated packet)
Feb 13 12:09:20 (none) Pluto[2489]: "Boehler_1" #97: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 12:09:20 (none) Pluto[2489]: "Boehler_1" #97: starting keying attempt 81 of an unlimited number
Feb 13 12:09:20 (none) Pluto[2489]: "Boehler_1" #99: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #97
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Thomas Geissinger over 22 years ago in reply to Andy_01

Feb 13 11:58:51 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x011d28a4 (perhaps this is a duplicated packet)
Feb 13 11:58:31 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x011d28a4 (perhaps this is a duplicated packet)
Feb 13 11:58:21 (none) Pluto[12616]: "Boehler_1" #11: cannot respond to IPsec SA request because no connection is known for 10.100.1.0/24===212.86.211.50...212.86.210.33===10.0.0.202/32
Feb 13 11:57:42 (none) Pluto[12616]: "Boehler_1" #8: starting keying attempt 5 of an unlimited number
Feb 13 11:57:42 (none) Pluto[12616]: "Boehler_1" #8: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 11:57:42 (none) Pluto[12616]: "Boehler_1" #10: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #8
Feb 13 11:57:41 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x55c8223e (perhaps this is a duplicated packet)
Feb 13 11:57:21 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x55c8223e (perhaps this is a duplicated packet)
Feb 13 11:57:11 (none) Pluto[12616]: "Boehler_1" #9: cannot respond to IPsec SA request because no connection is known for 10.100.1.0/24===212.86.211.50...212.86.210.33===10.0.0.202/32
Feb 13 11:56:32 (none) Pluto[12616]: "Boehler_1" #8: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #6
Feb 13 11:56:32 (none) Pluto[12616]: "Boehler_1" #6: starting keying attempt 4 of an unlimited number
Feb 13 11:56:32 (none) Pluto[12616]: "Boehler_1" #6: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 11:56:31 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x844513ea (perhaps this is a duplicated packet)
Feb 13 11:56:11 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x844513ea (perhaps this is a duplicated packet)
Feb 13 11:56:01 (none) Pluto[12616]: "Boehler_1" #7: cannot respond to IPsec SA request because no connection is known for 10.100.1.0/24===212.86.211.50...212.86.210.33===10.0.0.202/32
Feb 13 11:55:22 (none) Pluto[12616]: "Boehler_1" #6: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #4
Feb 13 11:55:22 (none) Pluto[12616]: "Boehler_1" #4: starting keying attempt 3 of an unlimited number
Feb 13 11:55:22 (none) Pluto[12616]: "Boehler_1" #4: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 11:55:21 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x374117a0 (perhaps this is a duplicated packet)
Feb 13 11:55:01 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x374117a0 (perhaps this is a duplicated packet)
Feb 13 12:09:21 (none) Pluto[12616]: "Boehler_1" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xfcb3db0a (perhaps this is a duplicated packet)

___________________________________________________________________________________________________________________________________________________________

Feb 13 11:58:41 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x008bbfd3 (perhaps this is a duplicated packet)
Feb 13 11:58:21 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x008bbfd3 (perhaps this is a duplicated packet)
Feb 13 11:58:11 (none) Pluto[2489]: "Boehler_1" #80: cannot respond to IPsec SA request because no connection is known for 10.0.0.0/24===212.86.210.33...212.86.211.50===10.100.1.0/24
Feb 13 11:57:40 (none) Pluto[2489]: "Boehler_1" #79: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #77
Feb 13 11:57:40 (none) Pluto[2489]: "Boehler_1" #77: starting keying attempt 71 of an unlimited number
Feb 13 11:57:40 (none) Pluto[2489]: "Boehler_1" #77: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 11:57:31 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xd687d2bf (perhaps this is a duplicated packet)
Feb 13 11:57:11 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xd687d2bf (perhaps this is a duplicated packet)
Feb 13 11:57:01 (none) Pluto[2489]: "Boehler_1" #78: cannot respond to IPsec SA request because no connection is known for 10.0.0.0/24===212.86.210.33...212.86.211.50===10.100.1.0/24
Feb 13 11:56:30 (none) Pluto[2489]: "Boehler_1" #77: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #75
Feb 13 11:56:30 (none) Pluto[2489]: "Boehler_1" #75: starting keying attempt 70 of an unlimited number
Feb 13 11:56:30 (none) Pluto[2489]: "Boehler_1" #75: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 11:56:21 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x6d6f555e (perhaps this is a duplicated packet)
Feb 13 11:56:01 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x6d6f555e (perhaps this is a duplicated packet)
Feb 13 11:55:51 (none) Pluto[2489]: "Boehler_1" #76: cannot respond to IPsec SA request because no connection is known for 10.0.0.0/24===212.86.210.33...212.86.211.50===10.100.1.0/24
Feb 13 11:55:20 (none) Pluto[2489]: "Boehler_1" #75: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #73
Feb 13 11:55:20 (none) Pluto[2489]: "Boehler_1" #73: starting keying attempt 69 of an unlimited number
Feb 13 11:55:20 (none) Pluto[2489]: "Boehler_1" #73: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 11:55:11 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x5d9ae433 (perhaps this is a duplicated packet)
Feb 13 11:54:51 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x5d9ae433 (perhaps this is a duplicated packet)
Feb 13 12:09:11 (none) Pluto[2489]: "Boehler_1" #67: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x7ce64501 (perhaps this is a duplicated packet)
Feb 13 12:09:20 (none) Pluto[2489]: "Boehler_1" #97: max number of retransmissions (2) reached STATE_QUICK_I1
Feb 13 12:09:20 (none) Pluto[2489]: "Boehler_1" #97: starting keying attempt 81 of an unlimited number
Feb 13 12:09:20 (none) Pluto[2489]: "Boehler_1" #99: initiating Quick Mode PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK to replace #97
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Kerstin over 22 years ago in reply to Thomas Geissinger

The remote network (10.0.0.202/32) in the first log is different to the local network (10.0.0.0/24) in the second log.

Change this to the same network and it will work [:)]

Feb 13 11:58:21 (none) Pluto[12616]: "Boehler_1" #11: cannot respond to IPsec SA request because no connection is known for 10.100.1.0/24===212.86.211.50...212.86.210.33===10.0.0.202/32

Feb 13 11:58:11 (none) Pluto[2489]: "Boehler_1" #80: cannot respond to IPsec SA request because no connection is known for 10.0.0.0/24===212.86.210.33...212.86.211.50===10.100.1.0/24

Cheers,

Kerstin
Cancel
Vote Up 0 Vote Down

Cancel
0 futziz over 22 years ago in reply to Kerstin

Hi,

Same problem here, v 3.216 with ssh 1.4. behind a linksys BFVP41. The thing is that ASL 3.216 does not have a NAT-T feature. It's new in the version 4 !!! Get the version 4 and activate the NAT-T and your problems will be solved.

Cheers !
Cancel
Vote Up 0 Vote Down

Cancel
0 Marcel_01 over 22 years ago in reply to futziz

futziz,

I think your problem is a different one... NAT-T is will not solve any problem when the SA is not defined correctly....

/marcel
Cancel
Vote Up 0 Vote Down

Cancel