On Fri, 5 Aug 2016, John Crisp wrote:
I am using Libre 3.18 but have seen the same issue on previous versions.
Libre connects with a Draytek router.
I seem to get a lot of this in my logs:
"ignoring informational payload INVALID_KEY_INFORMATION"
I can see that this is informational, and can be ignored, but wanted to
know what the cause was and if I can get around it as it fills my logs
at a fairly high rate !
From my dealings with Draytek 10 years ago, there were various big
issues with their IKE software. One of the things is that "always on"
did hugely different things and require different settings, something
you would not expect where the only difference should be "load" or
"load and initiate".
I can't really help you. If it works in the non-alwayson mode, and
does not in the alwayson mode, it is mostly likely a configuration
oddity they need or just a bug in their software. You'll have to
try and talk to the vendor.
Paul
Full excerpt below.
The setting that I have in the Draytek are
IKE Phase 1 - Proposal
aes256-sha-modp1536, aes256-sha-modp1024
IKE Phase 2 - Proposal
aes256-sha1, aes192-sha1, aes128-sha1
ipsec.conf - fairly basic defaults
conn MyEast
type=tunnel
authby=secret
auto=start
keyingtries=0
ikelifetime=3600s
salifetime=28800s
dpdaction=restart
dpddelay=30
dpdtimeout=10
pfs=yes
left=%defaultroute
leftsourceip=192.168.95.1
leftsubnet=192.168.95.0/24
right=my.router.ip.address
rightsubnet=192.168.10.0/24
I note that if I set the router to be always on, and set Libre to
auto=add I no longer get the messages.
I thought that this may be to do with the ID. I just tried to set the
rightid=my.router.ip.address but this does not cure the issue.
Any suggestions appreciated.
B. Rgds
John
Aug 5 13:32:49: "MyEast" #14: initiating Main Mode to replace #13
Aug 5 13:32:49: "MyEast" #14: transition from state STATE_MAIN_I1 to
state STATE_MAIN_I2
Aug 5 13:32:49: "MyEast" #14: STATE_MAIN_I2: sent MI2, expecting MR2
Aug 5 13:32:49: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:32:49: "MyEast" #14: received and ignored informational message
Aug 5 13:32:49: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:32:49: "MyEast" #14: received and ignored informational message
Aug 5 13:32:50: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:32:50: "MyEast" #14: received and ignored informational message
Aug 5 13:32:51: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:32:51: "MyEast" #14: received and ignored informational message
Aug 5 13:32:53: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:32:53: "MyEast" #14: received and ignored informational message
Aug 5 13:32:57: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:32:57: "MyEast" #14: received and ignored informational message
Aug 5 13:32:59: "MyEast" #14: discarding duplicate packet; already
STATE_MAIN_I2
Aug 5 13:33:05: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:33:05: "MyEast" #14: received and ignored informational message
Aug 5 13:33:19: "MyEast" #14: discarding duplicate packet; already
STATE_MAIN_I2
Aug 5 13:33:21: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:33:21: "MyEast" #14: received and ignored informational message
Aug 5 13:33:45: "MyEast" #15: initiating Main Mode to replace #14
Aug 5 13:33:45: "MyEast" #14: deleting state (STATE_MAIN_I2)
Aug 5 13:52:16: "MyEast" #14: initiating Main Mode to replace #13
Aug 5 13:52:16: "MyEast" #14: transition from state STATE_MAIN_I1 to
state STATE_MAIN_I2
Aug 5 13:52:16: "MyEast" #14: STATE_MAIN_I2: sent MI2, expecting MR2
Aug 5 13:52:16: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:52:16: "MyEast" #14: received and ignored informational message
Aug 5 13:52:16: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:52:16: "MyEast" #14: received and ignored informational message
Aug 5 13:52:17: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:52:17: "MyEast" #14: received and ignored informational message
Aug 5 13:52:18: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:52:18: "MyEast" #14: received and ignored informational message
Aug 5 13:52:20: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:52:20: "MyEast" #14: received and ignored informational message
Aug 5 13:52:24: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:52:24: "MyEast" #14: received and ignored informational message
Aug 5 13:52:26: "MyEast" #14: discarding duplicate packet; already
STATE_MAIN_I2
Aug 5 13:52:32: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:52:32: "MyEast" #14: received and ignored informational message
Aug 5 13:52:46: "MyEast" #14: discarding duplicate packet; already
STATE_MAIN_I2
Aug 5 13:52:48: "MyEast" #14: ignoring informational payload
INVALID_KEY_INFORMATION, msgid=00000000, length=12
Aug 5 13:52:48: "MyEast" #14: received and ignored informational message
Aug 5 13:53:11: "MyEast" #15: initiating Main Mode to replace #14
Aug 5 13:53:11: "MyEast" #14: deleting state (STATE_MAIN_I2)
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
