This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L2TP Certificate & Android: No public key known

I'm really pulling at strings here to get Android working with this.

PPTP doesn't work, L2TP/IPSec doesn't work with PSK (Android wants to use CHAP, which Astaro doesn't support).

So I'm trying L2TP/IPSec with certificates, hoping maybe this will work better.

I'm all doing it in a virtual sort of enviroment, so there are no routers, firewalls, or NAT in the way.

2010:09:26-13:02:58 ASG8 pluto[10531]: | *received 352 bytes from 192.168.1.139:500 on eth1
2010:09:26-13:02:58 ASG8 pluto[10531]: packet from 192.168.1.139:500: received Vendor ID payload [RFC 3947]
2010:09:26-13:02:58 ASG8 pluto[10531]: packet from 192.168.1.139:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
2010:09:26-13:02:58 ASG8 pluto[10531]: packet from 192.168.1.139:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2010:09:26-13:02:58 ASG8 pluto[10531]: packet from 192.168.1.139:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
2010:09:26-13:02:58 ASG8 pluto[10531]: packet from 192.168.1.139:500: ignoring Vendor ID payload [FRAGMENTATION 80000000]
2010:09:26-13:02:58 ASG8 pluto[10531]: | preparse_isakmp_policy: peer requests PUBKEY authentication
2010:09:26-13:02:58 ASG8 pluto[10531]: | instantiated "D_Android" for 192.168.1.139
2010:09:26-13:02:58 ASG8 pluto[10531]: | creating state object #1 at 0x8e80c10
2010:09:26-13:02:58 ASG8 pluto[10531]: | ICOOKIE: 88 ed 8c 32 47 fc 41 cd
2010:09:26-13:02:58 ASG8 pluto[10531]: | RCOOKIE: a1 19 ff 94 1c 10 f6 c6
2010:09:26-13:02:58 ASG8 pluto[10531]: | peer: c0 a8 01 8b
2010:09:26-13:02:58 ASG8 pluto[10531]: | state hash entry 21
2010:09:26-13:02:58 ASG8 pluto[10531]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #1
2010:09:26-13:02:58 ASG8 pluto[10531]: "D_Android"[1] 192.168.1.139 #1: responding to Main Mode from unknown peer 192.168.1.139
2010:09:26-13:02:58 ASG8 pluto[10531]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
2010:09:26-13:02:58 ASG8 pluto[10531]: | next event EVENT_RETRANSMIT in 10 seconds for #1
2010:09:26-13:02:58 ASG8 pluto[10531]: |
2010:09:26-13:02:58 ASG8 pluto[10531]: | *received 228 bytes from 192.168.1.139:500 on eth1
2010:09:26-13:02:58 ASG8 pluto[10531]: | ICOOKIE: 88 ed 8c 32 47 fc 41 cd
2010:09:26-13:02:58 ASG8 pluto[10531]: | RCOOKIE: a1 19 ff 94 1c 10 f6 c6
2010:09:26-13:02:58 ASG8 pluto[10531]: | peer: c0 a8 01 8b
2010:09:26-13:02:58 ASG8 pluto[10531]: | state hash entry 21
2010:09:26-13:02:58 ASG8 pluto[10531]: | state object #1 found, in STATE_MAIN_R1
2010:09:26-13:02:58 ASG8 pluto[10531]: "D_Android"[1] 192.168.1.139 #1: NAT-Traversal: Result using RFC 3947: no NAT detected
2010:09:26-13:02:58 ASG8 pluto[10531]: | inserting event EVENT_NAT_T_KEEPALIVE, timeout in 60 seconds
2010:09:26-13:02:58 ASG8 pluto[10531]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
2010:09:26-13:02:58 ASG8 pluto[10531]: | next event EVENT_RETRANSMIT in 10 seconds for #1
2010:09:26-13:02:58 ASG8 pluto[10531]: |
2010:09:26-13:02:58 ASG8 pluto[10531]: | *received 988 bytes from 192.168.1.139:500 on eth1
2010:09:26-13:02:58 ASG8 pluto[10531]: | ICOOKIE: 88 ed 8c 32 47 fc 41 cd
2010:09:26-13:02:58 ASG8 pluto[10531]: | RCOOKIE: a1 19 ff 94 1c 10 f6 c6
2010:09:26-13:02:58 ASG8 pluto[10531]: | peer: c0 a8 01 8b
2010:09:26-13:02:58 ASG8 pluto[10531]: | state hash entry 21
2010:09:26-13:02:58 ASG8 pluto[10531]: | state object #1 found, in STATE_MAIN_R2
2010:09:26-13:02:58 ASG8 pluto[10531]: "D_Android"[1] 192.168.1.139 #1: Peer ID is ID_IPV4_ADDR: '192.168.1.139'
2010:09:26-13:02:58 ASG8 pluto[10531]: | subject: 'C=us, L=*****, O=*****, CN=*****'
2010:09:26-13:02:58 ASG8 pluto[10531]: | issuer: 'C=us, L=*****, O=*****, CN=***** VPN CA, E=*****@gmail.com'
2010:09:26-13:02:58 ASG8 pluto[10531]: | authkey: da:2b:a6[:D]4:af:44:2a:5b:9f:c8:4f:2a:8a:6b:fc:a3:a5:c2:90:eb
2010:09:26-13:02:58 ASG8 pluto[10531]: | certificate is valid
2010:09:26-13:02:58 ASG8 pluto[10531]: | issuer cacert found
2010:09:26-13:02:58 ASG8 pluto[10531]: | certificate signature is valid
2010:09:26-13:02:58 ASG8 pluto[10531]: "D_Android"[1] 192.168.1.139 #1: crl not found
2010:09:26-13:02:58 ASG8 pluto[10531]: "D_Android"[1] 192.168.1.139 #1: certificate status unknown
2010:09:26-13:02:58 ASG8 pluto[10531]: | subject: 'C=us, L=*****, O=*****, CN=***** VPN CA, E=*****@gmail.com'
2010:09:26-13:02:58 ASG8 pluto[10531]: | issuer: 'C=us, L=*****, O=*****, CN=***** VPN CA, E=*****@gmail.com'
2010:09:26-13:02:58 ASG8 pluto[10531]: | certificate is valid
2010:09:26-13:02:58 ASG8 pluto[10531]: | issuer cacert found
2010:09:26-13:02:58 ASG8 pluto[10531]: | certificate signature is valid
2010:09:26-13:02:58 ASG8 pluto[10531]: | reached self-signed root ca with a path length of 0
2010:09:26-13:02:58 ASG8 pluto[10531]: "D_Android"[1] 192.168.1.139 #1: no public key known for '192.168.1.139'
2010:09:26-13:02:58 ASG8 pluto[10531]: "D_Android"[1] 192.168.1.139 #1: sending encrypted notification INVALID_KEY_INFORMATION to 192.168.1.139:500
2010:09:26-13:02:58 ASG8 pluto[10531]: | state transition function for STATE_MAIN_R2 failed: INVALID_KEY_INFORMATION
2010:09:26-13:02:58 ASG8 pluto[10531]: | next event EVENT_RETRANSMIT in 10 seconds for #1

It does that a couple of times and then fails with this

2010:09:26-13:03:28 ASG8 pluto[10531]: | *time to handle event
2010:09:26-13:03:28 ASG8 pluto[10531]: | event after this is EVENT_NAT_T_KEEPALIVE in 30 seconds
2010:09:26-13:03:28 ASG8 pluto[10531]: | handling event EVENT_RETRANSMIT for 192.168.1.139 "D_Android" #1
2010:09:26-13:03:28 ASG8 pluto[10531]: | inserting event EVENT_RETRANSMIT, timeout in 40 seconds for #1
2010:09:26-13:03:28 ASG8 pluto[10531]: | next event EVENT_NAT_T_KEEPALIVE in 30 seconds
2010:09:26-13:03:28 ASG8 pluto[10531]: | rejected packet:
2010:09:26-13:03:28 ASG8 pluto[10531]: | 88 ed 8c 32 47 fc 41 cd a1 19 ff 94 1c 10 f6 c6
2010:09:26-13:03:28 ASG8 pluto[10531]: | 04 10 02 00 00 00 00 00 00 00 00 e4 0a 00 00 84
2010:09:26-13:03:28 ASG8 pluto[10531]: | 78 db 1c 97 a1 b4 58 2a 8d 9b 93 5e 22 41 2d 5c
2010:09:26-13:03:28 ASG8 pluto[10531]: | 8c 3d b0 ed 61 49 7f 6f ef 0b 4d 88 cc ed d2 ac
2010:09:26-13:03:28 ASG8 pluto[10531]: | 6f 8f 54 c7 b1 d7 3c 69 51 42 c7 86 3b 30 c5 5e
2010:09:26-13:03:28 ASG8 pluto[10531]: | 0b 1f eb e2 e8 db 26 a8 1f ee 5f da ec 3e bf ee
2010:09:26-13:03:28 ASG8 pluto[10531]: | 1d 91 22 d1 cf 20 e6 fb 21 dd 59 19 6b f0 89 ef
2010:09:26-13:03:28 ASG8 pluto[10531]: | b7 e5 4d 76 56 15 ac 5b 57 66 0d be 85 a9 f5 f7
2010:09:26-13:03:28 ASG8 pluto[10531]: | eb d6 87 57 08 eb a6 ed 63 86 b2 fd 36 12 fc 8c
2010:09:26-13:03:28 ASG8 pluto[10531]: | 79 22 43 32 8d e4 6c 37 e4 98 f1 82 25 53 e0 1a
2010:09:26-13:03:28 ASG8 pluto[10531]: | 14 00 00 14 9a e3 c8 30 b9 e5 ed 34 73 88 0a f8
2010:09:26-13:03:28 ASG8 pluto[10531]: | 1a 71 ca 54 14 00 00 18 dd ea 91 06 d4 4b 0c 70
2010:09:26-13:03:28 ASG8 pluto[10531]: | ea 6f 79 1d f1 35 66 5b 33 57 e1 d5 00 00 00 18
2010:09:26-13:03:28 ASG8 pluto[10531]: | c0 71 8e a8 ea 7f a9 48 2b d5 e4 07 a0 5b 3d 21
2010:09:26-13:03:28 ASG8 pluto[10531]: | de fa 90 5e
2010:09:26-13:03:28 ASG8 pluto[10531]: | control:
2010:09:26-13:03:28 ASG8 pluto[10531]: | 2c 00 00 00 00 00 00 00 0b 00 00 00 6f 00 00 00
2010:09:26-13:03:28 ASG8 pluto[10531]: | 02 03 03 00 00 00 00 00 00 00 00 00 02 00 00 00
2010:09:26-13:03:28 ASG8 pluto[10531]: | c0 a8 01 8b 00 00 00 00 00 00 00 00
2010:09:26-13:03:28 ASG8 pluto[10531]: | name:
2010:09:26-13:03:28 ASG8 pluto[10531]: | 02 00 01 f4 c0 a8 01 8b 00 00 00 00 00 00 00 00
2010:09:26-13:03:28 ASG8 pluto[10531]: "D_Android"[1] 192.168.1.139 #1: ERROR: asynchronous network error report on eth1 for message to 192.168.1.139 port 500, complainant 192.168.1.139: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
2010:09:26-13:03:28 ASG8 pluto[10531]: | next event EVENT_NAT_T_KEEPALIVE in 30 seconds
2010:09:26-13:03:58 ASG8 pluto[10531]: |
2010:09:26-13:03:58 ASG8 pluto[10531]: | *time to handle event
2010:09:26-13:03:58 ASG8 pluto[10531]: | event after this is EVENT_RETRANSMIT in 10 seconds
2010:09:26-13:03:58 ASG8 pluto[10531]: | next event EVENT_RETRANSMIT in 10 seconds for #1
2010:09:26-13:04:08 ASG8 pluto[10531]: |
2010:09:26-13:04:08 ASG8 pluto[10531]: | *time to handle event
2010:09:26-13:04:08 ASG8 pluto[10531]: | event after this is EVENT_REINIT_SECRET in 3515 seconds
2010:09:26-13:04:08 ASG8 pluto[10531]: | handling event EVENT_RETRANSMIT for 192.168.1.139 "D_Android" #1
2010:09:26-13:04:08 ASG8 pluto[10531]: "D_Android"[1] 192.168.1.139 #1: max number of retransmissions (2) reached STATE_MAIN_R2
2010:09:26-13:04:08 ASG8 pluto[10531]: | ICOOKIE: 88 ed 8c 32 47 fc 41 cd
2010:09:26-13:04:08 ASG8 pluto[10531]: | RCOOKIE: a1 19 ff 94 1c 10 f6 c6
2010:09:26-13:04:08 ASG8 pluto[10531]: | peer: c0 a8 01 8b
2010:09:26-13:04:08 ASG8 pluto[10531]: | state hash entry 21
2010:09:26-13:04:08 ASG8 pluto[10531]: "D_Android"[1] 192.168.1.139: deleting connection "D_Android" instance with peer 192.168.1.139 {isakmp=#0/ipsec=#0}

I have a remote access rule called Android, interface external (which is the 192.168.1.x network), TripleDES Policy, Local network is the virtual internal network (eth0), I have the user i'm trying to log on as set in the allowed users, and automatic packet filter rules checked.

This thread was automatically locked due to age.

Parents

0 d12fk over 14 years ago

We're getting on the right track here. Could you check if the two processes "pluto" and "openl2tpd" are there when you have L2TP enabled. Go to "Support >> Advanced" in WebAdmin to see the process list. It should contain entries like


root      6797  0.0  0.0   2232   800 ?        Ss   Sep14   0:00 /usr/libexec/ipsec/starter

root      6799  0.0  0.3  12308  3460 ?       Ss   Sep14   0:22  \_ /usr/libexec/ipsec/pluto

root      6931  0.0  0.0   1748   320 ?         S    Sep14   0:00      \_ _pluto_adns

root     25747  0.0  0.0   2108   748 ?        S    Sep17   2:26 /usr/sbin/openl2tpd

If not, please do a `tail -f /var/log/mdw-debug.log` in a root shell when you start L2TP and attach the output here.

0 coreno over 14 years ago in reply to d12fk

I disabled and then enabled L2TP over IPSec

ASG8:/root # tail -f /var/log/mdw-debug.log
2010:09:29-12:14:01 ASG8 middleware[4397]: T core::Config::Changed:131() => configversion=112
2010:09:29-12:14:01 ASG8 middleware[4397]: T core::Config::Changed:141() => nodes=3 objects=0 triggers=0
2010:09:29-12:14:01 ASG8 middleware[4397]: T core::Config::load:265() => modules=3,2
2010:09:29-12:14:01 ASG8 middleware[4397]: D core::Config::load:273() => ssh.obj (ssh->root_keys.conf,ssh->pubkey_auth.conf,ssh->root_login.conf)
2010:09:29-12:14:01 ASG8 middleware[4397]: D utils::Exec::SystemCall:32() => /etc/init.d/sshd reload
2010:09:29-12:14:01 ASG8 middleware[4397]: :: Reload SSH..done
2010:09:29-12:14:01 ASG8 middleware[4397]: D core::Config::load:273() => ssh.adapter.obj (ssh->root_keys.conf,ssh->pubkey_auth.conf,ssh->root_login.conf)
2010:09:29-12:14:01 ASG8 middleware[4397]: D utils::Exec::ForkingSystem:99() => CHILD 2 FORK 29504 /usr/local/bin/ipt_clear_confirmed.sh
2010:09:29-12:14:01 ASG8 middleware[4397]: T main::top-level:202() => ending cycle 110, caught 0 signals
2010:09:29-12:14:01 ASG8 middleware[4397]: D utils::Exec::BuryChildren:107() => CHILD 2 EXIT 29504 /usr/local/bin/ipt_clear_confirmed.sh
2010:09:29-12:21:27 ASG8 middleware[4397]: T main::top-level:171() => starting cycle 111, caught 1 signals
2010:09:29-12:21:27 ASG8 middleware[4397]: T core::Config::Changed:131() => configversion=113
2010:09:29-12:21:27 ASG8 middleware[4397]: T core::Config::Changed:141() => nodes=0 objects=1 triggers=0
2010:09:29-12:21:27 ASG8 middleware[4397]: T core::Config::load:265() => modules=2,5
2010:09:29-12:21:27 ASG8 middleware[4397]: D core::Config::load:273() => user_authentication.obj (ipsec_connection->l2tp->status.cobj)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(CB)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(DM)
2010:09:29-12:21:28 ASG8 middleware[4397]: portal enabled, allow_any on
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(DN)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(DW)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::load:273() => ipsec.obj (remote_access->l2tp.conf)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::load:273() => executive_report.obj (remote_access->l2tp.conf)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::load:273() => afc.adapter.obj (ipsec.obj)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::load:273() => ipsec.adapter.obj (ipsec.obj)
2010:09:29-12:21:28 ASG8 middleware[4397]: EBTables: /usr/sbin/ebtables -t nat -F PREROUTING
2010:09:29-12:21:28 ASG8 middleware[4397]: D utils::Exec::SystemCall:32() => /usr/sbin/ebtables -t nat -F PREROUTING
2010:09:29-12:21:28 ASG8 middleware[4397]: D utils::Exec::ForkingSystem:99() => CHILD 2 FORK 29868 /usr/local/bin/ipt_clear_confirmed.sh
2010:09:29-12:21:28 ASG8 middleware[4397]: T main::top-level:202() => ending cycle 111, caught 0 signals
2010:09:29-12:21:28 ASG8 middleware[4397]: D utils::Exec::BuryChildren:107() => CHILD 2 EXIT 29868 /usr/local/bin/ipt_clear_confirmed.sh
2010:09:29-12:21:32 ASG8 middleware[4397]: T main::top-level:171() => starting cycle 112, caught 1 signals
2010:09:29-12:21:33 ASG8 middleware[4397]: T core::Config::Changed:131() => configversion=114
2010:09:29-12:21:33 ASG8 middleware[4397]: T core::Config::Changed:141() => nodes=0 objects=1 triggers=0
2010:09:29-12:21:33 ASG8 middleware[4397]: T core::Config::load:265() => modules=2,5
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::load:273() => user_authentication.obj (ipsec_connection->l2tp->status.cobj)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(CB)
2010:09:29-12:21:33 ASG8 middleware[4397]: portal enabled, allow_any on
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(DM)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(DN)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(DW)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::load:273() => ipsec.obj (remote_access->l2tp.conf)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::load:273() => executive_report.obj (remote_access->l2tp.conf)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::load:273() => afc.adapter.obj (ipsec.obj)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::load:273() => ipsec.adapter.obj (ipsec.obj)
2010:09:29-12:21:33 ASG8 middleware[4397]: EBTables: /usr/sbin/ebtables -t nat -F PREROUTING
2010:09:29-12:21:33 ASG8 middleware[4397]: D utils::Exec::SystemCall:32() => /usr/sbin/ebtables -t nat -F PREROUTING
2010:09:29-12:21:33 ASG8 middleware[4397]: D utils::Exec::ForkingSystem:99() => CHILD 2 FORK 29881 /usr/local/bin/ipt_clear_confirmed.sh
2010:09:29-12:21:33 ASG8 middleware[4397]: T main::top-level:202() => ending cycle 112, caught 0 signals
2010:09:29-12:21:33 ASG8 middleware[4397]: D utils::Exec::BuryChildren:107() => CHILD 2 EXIT 29881 /usr/local/bin/ipt_clear_confirmed.sh
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 coreno over 14 years ago in reply to d12fk

I disabled and then enabled L2TP over IPSec

ASG8:/root # tail -f /var/log/mdw-debug.log
2010:09:29-12:14:01 ASG8 middleware[4397]: T core::Config::Changed:131() => configversion=112
2010:09:29-12:14:01 ASG8 middleware[4397]: T core::Config::Changed:141() => nodes=3 objects=0 triggers=0
2010:09:29-12:14:01 ASG8 middleware[4397]: T core::Config::load:265() => modules=3,2
2010:09:29-12:14:01 ASG8 middleware[4397]: D core::Config::load:273() => ssh.obj (ssh->root_keys.conf,ssh->pubkey_auth.conf,ssh->root_login.conf)
2010:09:29-12:14:01 ASG8 middleware[4397]: D utils::Exec::SystemCall:32() => /etc/init.d/sshd reload
2010:09:29-12:14:01 ASG8 middleware[4397]: :: Reload SSH..done
2010:09:29-12:14:01 ASG8 middleware[4397]: D core::Config::load:273() => ssh.adapter.obj (ssh->root_keys.conf,ssh->pubkey_auth.conf,ssh->root_login.conf)
2010:09:29-12:14:01 ASG8 middleware[4397]: D utils::Exec::ForkingSystem:99() => CHILD 2 FORK 29504 /usr/local/bin/ipt_clear_confirmed.sh
2010:09:29-12:14:01 ASG8 middleware[4397]: T main::top-level:202() => ending cycle 110, caught 0 signals
2010:09:29-12:14:01 ASG8 middleware[4397]: D utils::Exec::BuryChildren:107() => CHILD 2 EXIT 29504 /usr/local/bin/ipt_clear_confirmed.sh
2010:09:29-12:21:27 ASG8 middleware[4397]: T main::top-level:171() => starting cycle 111, caught 1 signals
2010:09:29-12:21:27 ASG8 middleware[4397]: T core::Config::Changed:131() => configversion=113
2010:09:29-12:21:27 ASG8 middleware[4397]: T core::Config::Changed:141() => nodes=0 objects=1 triggers=0
2010:09:29-12:21:27 ASG8 middleware[4397]: T core::Config::load:265() => modules=2,5
2010:09:29-12:21:27 ASG8 middleware[4397]: D core::Config::load:273() => user_authentication.obj (ipsec_connection->l2tp->status.cobj)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(CB)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(DM)
2010:09:29-12:21:28 ASG8 middleware[4397]: portal enabled, allow_any on
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(DN)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(DW)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::load:273() => ipsec.obj (remote_access->l2tp.conf)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::load:273() => executive_report.obj (remote_access->l2tp.conf)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::load:273() => afc.adapter.obj (ipsec.obj)
2010:09:29-12:21:28 ASG8 middleware[4397]: D core::Config::load:273() => ipsec.adapter.obj (ipsec.obj)
2010:09:29-12:21:28 ASG8 middleware[4397]: EBTables: /usr/sbin/ebtables -t nat -F PREROUTING
2010:09:29-12:21:28 ASG8 middleware[4397]: D utils::Exec::SystemCall:32() => /usr/sbin/ebtables -t nat -F PREROUTING
2010:09:29-12:21:28 ASG8 middleware[4397]: D utils::Exec::ForkingSystem:99() => CHILD 2 FORK 29868 /usr/local/bin/ipt_clear_confirmed.sh
2010:09:29-12:21:28 ASG8 middleware[4397]: T main::top-level:202() => ending cycle 111, caught 0 signals
2010:09:29-12:21:28 ASG8 middleware[4397]: D utils::Exec::BuryChildren:107() => CHILD 2 EXIT 29868 /usr/local/bin/ipt_clear_confirmed.sh
2010:09:29-12:21:32 ASG8 middleware[4397]: T main::top-level:171() => starting cycle 112, caught 1 signals
2010:09:29-12:21:33 ASG8 middleware[4397]: T core::Config::Changed:131() => configversion=114
2010:09:29-12:21:33 ASG8 middleware[4397]: T core::Config::Changed:141() => nodes=0 objects=1 triggers=0
2010:09:29-12:21:33 ASG8 middleware[4397]: T core::Config::load:265() => modules=2,5
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::load:273() => user_authentication.obj (ipsec_connection->l2tp->status.cobj)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(CB)
2010:09:29-12:21:33 ASG8 middleware[4397]: portal enabled, allow_any on
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(DM)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(DN)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::ConfdCall:467() => may(DW)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::load:273() => ipsec.obj (remote_access->l2tp.conf)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::load:273() => executive_report.obj (remote_access->l2tp.conf)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::load:273() => afc.adapter.obj (ipsec.obj)
2010:09:29-12:21:33 ASG8 middleware[4397]: D core::Config::load:273() => ipsec.adapter.obj (ipsec.obj)
2010:09:29-12:21:33 ASG8 middleware[4397]: EBTables: /usr/sbin/ebtables -t nat -F PREROUTING
2010:09:29-12:21:33 ASG8 middleware[4397]: D utils::Exec::SystemCall:32() => /usr/sbin/ebtables -t nat -F PREROUTING
2010:09:29-12:21:33 ASG8 middleware[4397]: D utils::Exec::ForkingSystem:99() => CHILD 2 FORK 29881 /usr/local/bin/ipt_clear_confirmed.sh
2010:09:29-12:21:33 ASG8 middleware[4397]: T main::top-level:202() => ending cycle 112, caught 0 signals
2010:09:29-12:21:33 ASG8 middleware[4397]: D utils::Exec::BuryChildren:107() => CHILD 2 EXIT 29881 /usr/local/bin/ipt_clear_confirmed.sh
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data