[jira] [Created] (CLOUDSTACK-9197) CS 4.5.1 VR Remote Access VPN - received packet that claimed to be (I)nitiator, but rcookie is not zero?

Adrian Sender (JIRA) Tue, 22 Dec 2015 16:38:20 -0800

Adrian Sender created CLOUDSTACK-9197:
-----------------------------------------


             Summary: CS 4.5.1 VR Remote Access VPN - received packet that 
claimed to be (I)nitiator, but rcookie is not zero?
                 Key: CLOUDSTACK-9197
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9197
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Virtual Router
    Affects Versions: 4.5.1
         Environment: Xenserver 6.5
Cloudplatform 4.5.1 Advanced Network
systemvm-xenserver-4.5.1 - 
http://download.cloud.com/templates/4.5.1/systemvm64template-2015-05-14-4.5.1-xen.vhd.bz2
            Reporter: Adrian Sender
            Priority: Critical


Dec 23 00:31:58 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
received packet that claimed to be (I)nitiator, but rcookie is not zero?
Dec 23 00:31:58 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: sending 
notification v2N_INVALID_MESSAGE_ID to xxx.xxx.xxx.xxx:500
Dec 23 00:32:15 r-4045-VM sshd[28852]: Accepted publickey for root from 
169.254.0.1 port 54034 ssh2
Dec 23 00:32:15 r-4045-VM sshd[28852]: pam_unix(sshd:session): session opened 
for user root by (uid=0)
Dec 23 00:32:15 r-4045-VM sshd[28852]: pam_unix(sshd:session): session closed 
for user root
Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
received Vendor ID payload [RFC 3947] method set to=109
Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but 
already using method 109
Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
ignoring Vendor ID payload [FRAGMENTATION]
Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
ignoring Vendor ID payload [IKE CGA version 1]
Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
responding to Main Mode from unknown peer xxx.xxx.xxx.xxx
Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
OAKLEY_GROUP 20 not supported.  Attribute OAKLEY_GROUP_DESCRIPTION
Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
OAKLEY_GROUP 19 not supported.  Attribute OAKLEY_GROUP_DESCRIPTION
Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
STATE_MAIN_R1: sent MR1, expecting MI2
Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
STATE_MAIN_R2: sent MR2, expecting MI3
Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: next 
payload type of ISAKMP Identification Payload has an unknown value: 26
Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
probable authentication failure (mismatch of preshared secrets?): malformed 
payload in packet
Dec 23 00:32:32 r-4045-VM pluto[4569]: | payload malformed after IV
Dec 23 00:32:32 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
2c  a4 2b 61 28
Dec 23 00:32:32 r-4045-VM pluto[4569]: |   cb b4 f7 d1
Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
Dec 23 00:32:33 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: next 
payload type of ISAKMP Identification Payload has an unknown value: 26
Dec 23 00:32:33 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
probable authentication failure (mismatch of preshared secrets?): malformed 
payload in packet
Dec 23 00:32:33 r-4045-VM pluto[4569]: | payload malformed after IV
Dec 23 00:32:33 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
2c  a4 2b 61 28
Dec 23 00:32:33 r-4045-VM pluto[4569]: |   cb b4 f7 d1
Dec 23 00:32:33 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
Dec 23 00:32:36 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: next 
payload type of ISAKMP Identification Payload has an unknown value: 26
Dec 23 00:32:36 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
probable authentication failure (mismatch of preshared secrets?): malformed 
payload in packet
Dec 23 00:32:36 r-4045-VM pluto[4569]: | payload malformed after IV
Dec 23 00:32:36 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
2c  a4 2b 61 28
Dec 23 00:32:36 r-4045-VM pluto[4569]: |   cb b4 f7 d1
Dec 23 00:32:36 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
Dec 23 00:32:41 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: next 
payload type of ISAKMP Identification Payload has an unknown value: 26
Dec 23 00:32:41 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
probable authentication failure (mismatch of preshared secrets?): malformed 
payload in packet
Dec 23 00:32:41 r-4045-VM pluto[4569]: | payload malformed after IV
Dec 23 00:32:41 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
2c  a4 2b 61 28
Dec 23 00:32:41 r-4045-VM pluto[4569]: |   cb b4 f7 d1
Dec 23 00:32:41 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
Dec 23 00:32:49 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: next 
payload type of ISAKMP Identification Payload has an unknown value: 26
Dec 23 00:32:49 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
probable authentication failure (mismatch of preshared secrets?): malformed 
payload in packet
Dec 23 00:32:49 r-4045-VM pluto[4569]: | payload malformed after IV
Dec 23 00:32:49 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
2c  a4 2b 61 28
Dec 23 00:32:49 r-4045-VM pluto[4569]: |   cb b4 f7 d1
Dec 23 00:32:49 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
Dec 23 00:33:01 r-4045-VM CRON[28870]: pam_unix(cron:session): session opened 
for user root by (uid=0)
Dec 23 00:33:01 r-4045-VM CRON[28870]: pam_unix(cron:session): session closed 
for user root
Dec 23 00:33:05 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: next 
payload type of ISAKMP Identification Payload has an unknown value: 26
Dec 23 00:33:05 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
probable authentication failure (mismatch of preshared secrets?): malformed 
payload in packet
Dec 23 00:33:05 r-4045-VM pluto[4569]: | payload malformed after IV
Dec 23 00:33:05 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
2c  a4 2b 61 28
Dec 23 00:33:05 r-4045-VM pluto[4569]: |   cb b4 f7 d1
Dec 23 00:33:05 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
Dec 23 00:33:12 r-4045-VM sshd[28052]: pam_unix(sshd:session): session closed 
for user root
Dec 23 00:33:21 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: next 
payload type of ISAKMP Identification Payload has an unknown value: 26
Dec 23 00:33:21 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
probable authentication failure (mismatch of preshared secrets?): malformed 
payload in packet
Dec 23 00:33:21 r-4045-VM pluto[4569]: | payload malformed after IV
Dec 23 00:33:21 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
2c  a4 2b 61 28
Dec 23 00:33:21 r-4045-VM pluto[4569]: |   cb b4 f7 d1
Dec 23 00:33:21 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
Dec 23 00:33:27 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
received packet that claimed to be (I)nitiator, but rcookie is not zero?
Dec 23 00:33:27 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: sending 
notification v2N_INVALID_MESSAGE_ID to xxx.xxx.xxx.xxx:500
Dec 23 00:33:42 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: max 
number of retransmissions (2) reached STATE_MAIN_R2
Dec 23 00:33:42 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx: deleting 
connection "L2TP-PSK" instance with peer xxx.xxx.xxx.xxx {isakmp=#0/ipsec=#0}




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (CLOUDSTACK-9197) CS 4.5.1 VR Remote Access VPN - received packet that claimed to be (I)nitiator, but rcookie is not zero?

Reply via email to