Is this extract sufficient for someone to tell me how to fix this? If not, what additional information do you need, either from the laptop or the server? I believe I have posted configuration files from both sides in this thread, but let me know if you need more information.
Dave
David H Durgee wrote: I brought up the VPN over a WiFi connection this morning for a few minutes in hopes of confirming it is operating correctly and securing the internet traffic. Here are results in the terminal window:dhdurgee@z560:~/Downloads$ ip rule 0: from all lookup local 220: from all lookup 220 32766: from all lookup main 32767: from all lookup default dhdurgee@z560:~/Downloads$ ip route default via 192.168.1.1 dev wlp5s0 proto dhcp metric 600 169.254.0.0/16 dev wlp5s0 scope link metric 1000192.168.1.0/24 dev wlp5s0 proto kernel scope link src 192.168.1.114 metric 600dhdurgee@z560:~/Downloads$ ifconfig enp6s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 ether b8:70:f4:2c:6b:9f txqueuelen 1000 (Ethernet) RX packets 6620471 bytes 6659611738 (6.6 GB) RX errors 0 dropped 113 overruns 0 frame 0 TX packets 5400612 bytes 627288507 (627.2 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 607593 bytes 59022846 (59.0 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 607593 bytes 59022846 (59.0 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 wlp5s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 192.168.1.114 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::562f:7604:6d84:57ca prefixlen 64 scopeid 0x20<link>ether ac:81:12:a4:5e:43 txqueuelen 1000 (Ethernet) RX packets 6987 bytes 5181997 (5.1 MB) RX errors 0 dropped 0 overruns 0 frame 77207 TX packets 7967 bytes 1225749 (1.2 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 17 dhdurgee@z560:~/Downloads$ route Kernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface default _gateway 0.0.0.0 UG 600 0 0 wlp5s0 link-local 0.0.0.0 255.255.0.0 U 1000 0 0 wlp5s0 192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp5s0dhdurgee@z560:~/Downloads$Here is an extract from my syslog:Jul 6 11:50:46 Z560 NetworkManager[758]: <info> [1625586646.5967] manager: rfkill: Wi-Fi hardware radio set enabled Jul 6 11:50:46 Z560 NetworkManager[758]: <info> [1625586646.5985] audit: op="radio-control" arg="wireless-enabled" pid=811113 uid=1000 result="success"I am not sure that I have used the proper commands from the terminal window to confirm that internet traffic is indeed being encrypted and sent via the VPN as opposed to simply being carried via the WiFi connection without encryption.Jul 6 11:50:46 Z560 charon-nm: 11[KNL] interface wlp5s0 activatedJul 6 11:50:46 Z560 systemd[1]: Starting Load/Save RF Kill Switch Status... Jul 6 11:50:46 Z560 systemd[1]: Started Load/Save RF Kill Switch Status. Jul 6 11:50:46 Z560 wpa_supplicant[818]: dbus: fill_dict_with_properties dbus_interface=fi.w1.wpa_supplicant1.Interface.P2PDevice dbus_property=P2PDeviceConfig getter failed Jul 6 11:50:46 Z560 NetworkManager[758]: <info> [1625586646.6794] sup-iface[0x562fdb83d4e0,wlp5s0]: supports 1 scan SSIDs Jul 6 11:50:46 Z560 NetworkManager[758]: <info> [1625586646.6808] device (wlp5s0): supplicant interface state: starting -> ready Jul 6 11:50:46 Z560 NetworkManager[758]: <info> [1625586646.6813] device (wlp5s0): state change: unavailable -> disconnected (reason 'supplicant-available', sys-iface-state: 'managed') Jul 6 11:50:46 Z560 wpa_supplicant[818]: wlp5s0: CTRL-EVENT-SCAN-FAILED ret=-22Jul 6 11:50:46 Z560 kernel: [706888.708759] ERROR @wl_cfg80211_scan : Jul 6 11:50:46 Z560 kernel: [706888.708762] WLC_SCAN error (-22)Jul 6 11:50:48 Z560 NetworkManager[758]: <info> [1625586648.4559] manager: rfkill: Wi-Fi now enabled by radio killswitch Jul 6 11:50:49 Z560 systemd[1]: NetworkManager-dispatcher.service: Succeeded. Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.2774] policy: auto-activating connection 'Auto Free WiFi by Karma' (3ccc719b-3616-44f7-a914-8c7d0344c87a) Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.2819] device (wlp5s0): Activation: starting connection 'Auto Free WiFi by Karma' (3ccc719b-3616-44f7-a914-8c7d0344c87a) Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.2834] device (wlp5s0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed') Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.2891] manager: NetworkManager state is now CONNECTING Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.2955] device (wlp5s0): state change: prepare -> config (reason 'none', sys-iface-state: 'managed') Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.2994] device (wlp5s0): Activation: (wifi) connection 'Auto Free WiFi by Karma' requires no security. No secrets needed. Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.2997] Config: added 'ssid' value 'Free WiFi by Karma' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.2998] Config: added 'scan_ssid' value '1' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.2999] Config: added 'bgscan' value 'simple:30:-70:86400' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.2999] Config: added 'key_mgmt' value 'NONE' Jul 6 11:50:50 Z560 wpa_supplicant[818]: wlp5s0: Trying to associate with be:0f:2b:95:dd:58 (SSID='Free WiFi by Karma' freq=2462 MHz) Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.3676] device (wlp5s0): supplicant interface state: ready -> associating Jul 6 11:50:50 Z560 wpa_supplicant[818]: wlp5s0: Associated with be:0f:2b:95:dd:58 Jul 6 11:50:50 Z560 wpa_supplicant[818]: wlp5s0: CTRL-EVENT-CONNECTED - Connection to be:0f:2b:95:dd:58 completed [id=0 id_str=] Jul 6 11:50:50 Z560 wpa_supplicant[818]: bgscan simple: Failed to enable signal strength monitoring Jul 6 11:50:50 Z560 kernel: [706892.471763] IPv6: ADDRCONF(NETDEV_CHANGE): wlp5s0: link becomes ready Jul 6 11:50:50 Z560 wpa_supplicant[818]: wlp5s0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0 Jul 6 11:50:50 Z560 wpa_supplicant[818]: wlp5s0: CTRL-EVENT-REGDOM-CHANGE init=COUNTRY_IE type=COUNTRY alpha2=US Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.4620] device (wlp5s0): supplicant interface state: associating -> completed Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.4622] device (wlp5s0): Activation: (wifi) Stage 2 of 5 (Device Configure) successful. Connected to wireless network "Free WiFi by Karma" Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.4663] device (wlp5s0): state change: config -> ip-config (reason 'none', sys-iface-state: 'managed') Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.4736] dhcp4 (wlp5s0): activation: beginning transaction (timeout in 45 seconds) Jul 6 11:50:50 Z560 avahi-daemon[750]: Joining mDNS multicast group on interface wlp5s0.IPv6 with address fe80::562f:7604:6d84:57ca. Jul 6 11:50:50 Z560 avahi-daemon[750]: New relevant interface wlp5s0.IPv6 for mDNS. Jul 6 11:50:50 Z560 avahi-daemon[750]: Registering new address record for fe80::562f:7604:6d84:57ca on wlp5s0.*. Jul 6 11:50:50 Z560 charon-nm: 12[KNL] fe80::562f:7604:6d84:57ca appeared on wlp5s0 Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5754] dhcp4 (wlp5s0): option dhcp_lease_time => '10800' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5756] dhcp4 (wlp5s0): option domain_name_servers => '192.168.1.1' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5757] dhcp4 (wlp5s0): option expiry => '1625597450' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5758] dhcp4 (wlp5s0): option ip_address => '192.168.1.114' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5758] dhcp4 (wlp5s0): option requested_broadcast_address => '1' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5759] dhcp4 (wlp5s0): option requested_domain_name => '1' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5759] dhcp4 (wlp5s0): option requested_domain_name_servers => '1' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5760] dhcp4 (wlp5s0): option requested_domain_search => '1' Jul 6 11:50:50 Z560 avahi-daemon[750]: Joining mDNS multicast group on interface wlp5s0.IPv4 with address 192.168.1.114. Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5761] dhcp4 (wlp5s0): option requested_host_name => '1'Jul 6 11:50:50 Z560 charon-nm: 13[KNL] 192.168.1.114 appeared on wlp5s0Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5761] dhcp4 (wlp5s0): option requested_interface_mtu => '1' Jul 6 11:50:50 Z560 avahi-daemon[750]: New relevant interface wlp5s0.IPv4 for mDNS. Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5762] dhcp4 (wlp5s0): option requested_ms_classless_static_routes => '1' Jul 6 11:50:50 Z560 avahi-daemon[750]: Registering new address record for 192.168.1.114 on wlp5s0.IPv4. Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5763] dhcp4 (wlp5s0): option requested_nis_domain => '1' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5764] dhcp4 (wlp5s0): option requested_nis_servers => '1' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5764] dhcp4 (wlp5s0): option requested_ntp_servers => '1' Jul 6 11:50:50 Z560 charon-nm: 08[IKE] installed bypass policy for 192.168.1.0/24 Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5765] dhcp4 (wlp5s0): option requested_rfc3442_classless_static_routes => '1' Jul 6 11:50:50 Z560 charon-nm: 08[IKE] installed bypass policy for fe80::/64 Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5766] dhcp4 (wlp5s0): option requested_root_path => '1' Jul 6 11:50:50 Z560 dbus-daemon[754]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.7' (uid=0 pid=758 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined") Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5766] dhcp4 (wlp5s0): option requested_routers => '1' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5767] dhcp4 (wlp5s0): option requested_static_routes => '1' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5768] dhcp4 (wlp5s0): option requested_subnet_mask => '1' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5769] dhcp4 (wlp5s0): option requested_time_offset => '1' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5769] dhcp4 (wlp5s0): option requested_wpad => '1' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5770] dhcp4 (wlp5s0): option routers => '192.168.1.1' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5771] dhcp4 (wlp5s0): option subnet_mask => '255.255.255.0' Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.5771] dhcp4 (wlp5s0): state changed unknown -> bound Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.6015] device (wlp5s0): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'managed') Jul 6 11:50:50 Z560 systemd[1]: Starting Network Manager Script Dispatcher Service... Jul 6 11:50:50 Z560 dbus-daemon[754]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher' Jul 6 11:50:50 Z560 systemd[1]: Started Network Manager Script Dispatcher Service. Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.7494] device (wlp5s0): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'managed') Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.7589] device (wlp5s0): state change: secondaries -> activated (reason 'none', sys-iface-state: 'managed') Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.7823] manager: NetworkManager state is now CONNECTED_LOCAL Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.8104] manager: NetworkManager state is now CONNECTED_SITE Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.8122] policy: set 'Auto Free WiFi by Karma' (wlp5s0) as default for IPv4 routing and DNS Jul 6 11:50:50 Z560 NetworkManager[758]: <info> [1625586650.8230] device (wlp5s0): Activation: successful, device activated. Jul 6 11:50:51 Z560 charon-nm: 11[IKE] installed bypass policy for 169.254.0.0/16 Jul 6 11:50:51 Z560 NetworkManager[758]: <info> [1625586651.2683] manager: NetworkManager state is now CONNECTED_GLOBALJul 6 11:50:53 Z560 systemd[1]: systemd-rfkill.service: Succeeded.Jul 6 11:50:57 Z560 NetworkManager[758]: <info> [1625586657.5896] audit: op="connection-activate" uuid="72e4370d-ecfb-4e33-8572-5cf04431abb9" name="Durgee Enterprises, LLC" pid=811113 uid=1000 result="success" Jul 6 11:50:57 Z560 NetworkManager[758]: <info> [1625586657.5965] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Saw the service appear; activating connection Jul 6 11:50:57 Z560 NetworkManager[758]: <info> [1625586657.7338] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (ConnectInteractive) reply received Jul 6 11:50:57 Z560 charon-nm: 05[CFG] received initiate for NetworkManager connection Durgee Enterprises, LLC Jul 6 11:50:57 Z560 charon-nm: 05[CFG] using CA certificate, gateway identity 'durgeeenterprises.publicvm.com' Jul 6 11:50:57 Z560 charon-nm: 05[IKE] initiating IKE_SA Durgee Enterprises, LLC[9] to 108.31.28.59 Jul 6 11:50:57 Z560 charon-nm: 05[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] Jul 6 11:50:57 Z560 charon-nm: 05[NET] sending packet: from 192.168.1.114[55474] to 108.31.28.59[500] (768 bytes) Jul 6 11:50:57 Z560 NetworkManager[758]: <info> [1625586657.9830] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: starting (3) Jul 6 11:50:58 Z560 charon-nm: 09[NET] received packet: from 108.31.28.59[500] to 192.168.1.114[55474] (38 bytes) Jul 6 11:50:58 Z560 charon-nm: 09[ENC] parsed IKE_SA_INIT response 0 [ N(INVAL_KE) ] Jul 6 11:50:58 Z560 charon-nm: 09[IKE] peer didn't accept DH group ECP_256, it requested MODP_2048 Jul 6 11:50:58 Z560 charon-nm: 09[IKE] initiating IKE_SA Durgee Enterprises, LLC[9] to 108.31.28.59 Jul 6 11:50:58 Z560 charon-nm: 09[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] Jul 6 11:50:58 Z560 charon-nm: 09[NET] sending packet: from 192.168.1.114[55474] to 108.31.28.59[500] (960 bytes) Jul 6 11:50:58 Z560 charon-nm: 14[NET] received packet: from 108.31.28.59[500] to 192.168.1.114[55474] (464 bytes) Jul 6 11:50:58 Z560 charon-nm: 14[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ] Jul 6 11:50:58 Z560 charon-nm: 14[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048 Jul 6 11:50:58 Z560 charon-nm: 14[IKE] local host is behind NAT, sending keep alivesJul 6 11:50:58 Z560 charon-nm: 14[IKE] remote host is behind NATJul 6 11:50:58 Z560 charon-nm: 14[IKE] sending cert request for "C=US, O=Durgee Enterprises LLC, CN=VPN Server Root CA" Jul 6 11:50:58 Z560 charon-nm: 14[IKE] establishing CHILD_SA Durgee Enterprises, LLC{6} Jul 6 11:50:58 Z560 charon-nm: 14[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ CPRQ(ADDR ADDR6 DNS NBNS DNS6) SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ] Jul 6 11:50:58 Z560 charon-nm: 14[NET] sending packet: from 192.168.1.114[47031] to 108.31.28.59[4500] (412 bytes) Jul 6 11:50:58 Z560 charon-nm: 07[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (544 bytes) Jul 6 11:50:58 Z560 charon-nm: 07[ENC] parsed IKE_AUTH response 1 [ EF(1/5) ] Jul 6 11:50:58 Z560 charon-nm: 07[ENC] received fragment #1 of 5, waiting for complete IKE message Jul 6 11:50:58 Z560 charon-nm: 08[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (544 bytes) Jul 6 11:50:58 Z560 charon-nm: 08[ENC] parsed IKE_AUTH response 1 [ EF(2/5) ] Jul 6 11:50:58 Z560 charon-nm: 08[ENC] received fragment #2 of 5, waiting for complete IKE message Jul 6 11:50:58 Z560 charon-nm: 10[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (544 bytes) Jul 6 11:50:58 Z560 charon-nm: 10[ENC] parsed IKE_AUTH response 1 [ EF(3/5) ] Jul 6 11:50:58 Z560 charon-nm: 10[ENC] received fragment #3 of 5, waiting for complete IKE message Jul 6 11:50:58 Z560 charon-nm: 06[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (544 bytes) Jul 6 11:50:58 Z560 charon-nm: 06[ENC] parsed IKE_AUTH response 1 [ EF(4/5) ] Jul 6 11:50:58 Z560 charon-nm: 06[ENC] received fragment #4 of 5, waiting for complete IKE message Jul 6 11:50:58 Z560 charon-nm: 12[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (176 bytes) Jul 6 11:50:58 Z560 charon-nm: 12[ENC] parsed IKE_AUTH response 1 [ EF(5/5) ] Jul 6 11:50:58 Z560 charon-nm: 12[ENC] received fragment #5 of 5, reassembled fragmented IKE message (2092 bytes) Jul 6 11:50:58 Z560 charon-nm: 12[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ] Jul 6 11:50:58 Z560 charon-nm: 12[IKE] received end entity cert "C=US, O=Durgee Enterprises LLC, CN=durgeeenterprises.publicvm.com" Jul 6 11:50:58 Z560 charon-nm: 12[CFG] using certificate "C=US, O=Durgee Enterprises LLC, CN=durgeeenterprises.publicvm.com" Jul 6 11:50:58 Z560 charon-nm: 12[CFG] using trusted ca certificate "C=US, O=Durgee Enterprises LLC, CN=VPN Server Root CA" Jul 6 11:50:58 Z560 charon-nm: 12[CFG] checking certificate status of "C=US, O=Durgee Enterprises LLC, CN=durgeeenterprises.publicvm.com" Jul 6 11:50:58 Z560 charon-nm: 12[CFG] certificate status is not available Jul 6 11:50:58 Z560 charon-nm: 12[CFG] reached self-signed root ca with a path length of 0 Jul 6 11:50:58 Z560 charon-nm: 12[IKE] authentication of 'durgeeenterprises.publicvm.com' with RSA_EMSA_PKCS1_SHA2_384 successful Jul 6 11:50:58 Z560 charon-nm: 12[IKE] server requested EAP_IDENTITY (id 0x00), sending 'dhdurgee' Jul 6 11:50:58 Z560 charon-nm: 12[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ] Jul 6 11:50:58 Z560 charon-nm: 12[NET] sending packet: from 192.168.1.114[47031] to 108.31.28.59[4500] (92 bytes) Jul 6 11:50:58 Z560 charon-nm: 01[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (108 bytes) Jul 6 11:50:58 Z560 charon-nm: 01[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/MSCHAPV2 ] Jul 6 11:50:58 Z560 charon-nm: 01[IKE] server requested EAP_MSCHAPV2 authentication (id 0x28) Jul 6 11:50:58 Z560 charon-nm: 01[ENC] generating IKE_AUTH request 3 [ EAP/RES/MSCHAPV2 ] Jul 6 11:50:58 Z560 charon-nm: 01[NET] sending packet: from 192.168.1.114[47031] to 108.31.28.59[4500] (140 bytes) Jul 6 11:50:58 Z560 charon-nm: 13[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (140 bytes) Jul 6 11:50:58 Z560 charon-nm: 13[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/MSCHAPV2 ] Jul 6 11:50:58 Z560 charon-nm: 13[IKE] EAP-MS-CHAPv2 succeeded: 'Welcome2strongSwan' Jul 6 11:50:58 Z560 charon-nm: 13[ENC] generating IKE_AUTH request 4 [ EAP/RES/MSCHAPV2 ] Jul 6 11:50:58 Z560 charon-nm: 13[NET] sending packet: from 192.168.1.114[47031] to 108.31.28.59[4500] (76 bytes) Jul 6 11:50:58 Z560 charon-nm: 11[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (76 bytes) Jul 6 11:50:58 Z560 charon-nm: 11[ENC] parsed IKE_AUTH response 4 [ EAP/SUCC ] Jul 6 11:50:58 Z560 charon-nm: 11[IKE] EAP method EAP_MSCHAPV2 succeeded, MSK established Jul 6 11:50:58 Z560 charon-nm: 11[IKE] authentication of 'dhdurgee' (myself) with EAP Jul 6 11:50:58 Z560 charon-nm: 11[ENC] generating IKE_AUTH request 5 [ AUTH ] Jul 6 11:50:58 Z560 charon-nm: 11[NET] sending packet: from 192.168.1.114[47031] to 108.31.28.59[4500] (92 bytes) Jul 6 11:50:58 Z560 charon-nm: 15[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (236 bytes) Jul 6 11:50:58 Z560 charon-nm: 15[ENC] parsed IKE_AUTH response 5 [ AUTH CPRP(ADDR DNS DNS) SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) ] Jul 6 11:50:58 Z560 charon-nm: 15[IKE] authentication of 'durgeeenterprises.publicvm.com' with EAP successful Jul 6 11:50:58 Z560 charon-nm: 15[IKE] IKE_SA Durgee Enterprises, LLC[9] established between 192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com]Jul 6 11:50:58 Z560 charon-nm: 15[IKE] scheduling rekeying in 35676s Jul 6 11:50:58 Z560 charon-nm: 15[IKE] maximum IKE_SA lifetime 36276sJul 6 11:50:58 Z560 charon-nm: 15[IKE] installing new virtual IP 10.10.10.2 Jul 6 11:50:58 Z560 avahi-daemon[750]: Registering new address record for 10.10.10.2 on wlp5s0.IPv4. Jul 6 11:50:58 Z560 charon-nm: 15[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ Jul 6 11:50:58 Z560 charon-nm: 15[IKE] CHILD_SA Durgee Enterprises, LLC{6} established with SPIs c6b4df75_i c93e3b9a_o and TS 10.10.10.2/32 === 0.0.0.0/0 Jul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6348] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) reply received.Jul 6 11:50:58 Z560 charon-nm: 15[IKE] peer supports MOBIKEJul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6355] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: started (4) Jul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6356] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP4 Config Get) reply received Jul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6369] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: VPN Gateway: 108.31.28.59 Jul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6369] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Tunnel Device: (null) Jul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6370] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: IPv4 configuration: Jul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6370] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Address: 10.10.10.2 Jul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6370] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Prefix: 32 Jul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6371] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Point-to-Point Address: 10.10.10.2 Jul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6371] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.8.8 Jul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6372] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.4.4 Jul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6372] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: DNS Domain: '(none)' Jul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6373] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: No IPv6 configuration Jul 6 11:50:58 Z560 NetworkManager[758]: <info> [1625586658.6397] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) complete Jul 6 11:51:02 Z560 NetworkManager[758]: <info> [1625586662.7579] audit: op="connection-deactivate" uuid="72e4370d-ecfb-4e33-8572-5cf04431abb9" name="Durgee Enterprises, LLC" pid=811113 uid=1000 result="success" Jul 6 11:51:02 Z560 avahi-daemon[750]: Withdrawing address record for 10.10.10.2 on wlp5s0. Jul 6 11:51:02 Z560 charon-nm: 06[IKE] deleting IKE_SA Durgee Enterprises, LLC[9] between 192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com] Jul 6 11:51:02 Z560 charon-nm: 06[IKE] sending DELETE for IKE_SA Durgee Enterprises, LLC[9] Jul 6 11:51:02 Z560 charon-nm: 06[ENC] generating INFORMATIONAL request 6 [ D ] Jul 6 11:51:02 Z560 charon-nm: 06[NET] sending packet: from 192.168.1.114[47031] to 108.31.28.59[4500] (76 bytes) Jul 6 11:51:02 Z560 nm-dispatcher[913835]: run-parts: failed to stat component /etc/network/if-post-down.d/avahi-daemon: No such file or directory Jul 6 11:51:02 Z560 NetworkManager[758]: <info> [1625586662.7748] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: stopping (5) Jul 6 11:51:02 Z560 NetworkManager[758]: <info> [1625586662.7749] vpn-connection[0x562fdb93c0e0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: stopped (6) Jul 6 11:51:02 Z560 charon-nm: 12[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (76 bytes) Jul 6 11:51:02 Z560 charon-nm: 12[ENC] parsed INFORMATIONAL response 6 [ ]Jul 6 11:51:02 Z560 charon-nm: 12[IKE] IKE_SA deletedJul 6 11:51:13 Z560 systemd[1]: NetworkManager-dispatcher.service: Succeeded. Jul 6 11:51:40 Z560 kernel: [706942.106869] mce: CPU1: Core temperature above threshold, cpu clock throttled (total events = 22442) Jul 6 11:51:40 Z560 kernel: [706942.106870] mce: CPU0: Core temperature above threshold, cpu clock throttled (total events = 22442) Jul 6 11:51:40 Z560 kernel: [706942.107920] mce: CPU1: Core temperature/speed normal Jul 6 11:51:40 Z560 kernel: [706942.107921] mce: CPU0: Core temperature/speed normal Jul 6 11:52:17 Z560 NetworkManager[758]: <info> [1625586737.5550] audit: op="connection-activate" uuid="72e4370d-ecfb-4e33-8572-5cf04431abb9" name="Durgee Enterprises, LLC" pid=811113 uid=1000 result="success" Jul 6 11:52:17 Z560 NetworkManager[758]: <info> [1625586737.5578] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Saw the service appear; activating connection Jul 6 11:52:17 Z560 NetworkManager[758]: <info> [1625586737.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (ConnectInteractive) reply received Jul 6 11:52:17 Z560 charon-nm: 05[CFG] received initiate for NetworkManager connection Durgee Enterprises, LLC Jul 6 11:52:17 Z560 charon-nm: 05[CFG] using CA certificate, gateway identity 'durgeeenterprises.publicvm.com' Jul 6 11:52:17 Z560 charon-nm: 05[IKE] initiating IKE_SA Durgee Enterprises, LLC[10] to 108.31.28.59 Jul 6 11:52:17 Z560 charon-nm: 05[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] Jul 6 11:52:17 Z560 charon-nm: 05[NET] sending packet: from 192.168.1.114[55474] to 108.31.28.59[500] (768 bytes) Jul 6 11:52:17 Z560 NetworkManager[758]: <info> [1625586737.8213] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: starting (3) Jul 6 11:52:17 Z560 charon-nm: 14[NET] received packet: from 108.31.28.59[500] to 192.168.1.114[55474] (38 bytes) Jul 6 11:52:17 Z560 charon-nm: 14[ENC] parsed IKE_SA_INIT response 0 [ N(INVAL_KE) ] Jul 6 11:52:17 Z560 charon-nm: 14[IKE] peer didn't accept DH group ECP_256, it requested MODP_2048 Jul 6 11:52:17 Z560 charon-nm: 14[IKE] initiating IKE_SA Durgee Enterprises, LLC[10] to 108.31.28.59 Jul 6 11:52:17 Z560 charon-nm: 14[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] Jul 6 11:52:17 Z560 charon-nm: 14[NET] sending packet: from 192.168.1.114[55474] to 108.31.28.59[500] (960 bytes) Jul 6 11:52:18 Z560 charon-nm: 15[NET] received packet: from 108.31.28.59[500] to 192.168.1.114[55474] (464 bytes) Jul 6 11:52:18 Z560 charon-nm: 15[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ] Jul 6 11:52:18 Z560 charon-nm: 15[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048 Jul 6 11:52:18 Z560 charon-nm: 15[IKE] local host is behind NAT, sending keep alivesJul 6 11:52:18 Z560 charon-nm: 15[IKE] remote host is behind NATJul 6 11:52:18 Z560 charon-nm: 15[IKE] sending cert request for "C=US, O=Durgee Enterprises LLC, CN=VPN Server Root CA" Jul 6 11:52:18 Z560 charon-nm: 15[IKE] establishing CHILD_SA Durgee Enterprises, LLC{7} Jul 6 11:52:18 Z560 charon-nm: 15[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ CPRQ(ADDR ADDR6 DNS NBNS DNS6) SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ] Jul 6 11:52:18 Z560 charon-nm: 15[NET] sending packet: from 192.168.1.114[47031] to 108.31.28.59[4500] (412 bytes) Jul 6 11:52:18 Z560 charon-nm: 07[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (544 bytes) Jul 6 11:52:18 Z560 charon-nm: 07[ENC] parsed IKE_AUTH response 1 [ EF(1/5) ] Jul 6 11:52:18 Z560 charon-nm: 07[ENC] received fragment #1 of 5, waiting for complete IKE message Jul 6 11:52:18 Z560 charon-nm: 08[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (544 bytes) Jul 6 11:52:18 Z560 charon-nm: 08[ENC] parsed IKE_AUTH response 1 [ EF(2/5) ] Jul 6 11:52:18 Z560 charon-nm: 08[ENC] received fragment #2 of 5, waiting for complete IKE message Jul 6 11:52:18 Z560 charon-nm: 08[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (544 bytes) Jul 6 11:52:18 Z560 charon-nm: 08[ENC] parsed IKE_AUTH response 1 [ EF(4/5) ] Jul 6 11:52:18 Z560 charon-nm: 08[ENC] received fragment #4 of 5, waiting for complete IKE message Jul 6 11:52:18 Z560 charon-nm: 10[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (176 bytes) Jul 6 11:52:18 Z560 charon-nm: 10[ENC] parsed IKE_AUTH response 1 [ EF(5/5) ] Jul 6 11:52:18 Z560 charon-nm: 10[ENC] received fragment #5 of 5, waiting for complete IKE message Jul 6 11:52:18 Z560 charon-nm: 06[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (544 bytes) Jul 6 11:52:18 Z560 charon-nm: 06[ENC] parsed IKE_AUTH response 1 [ EF(3/5) ] Jul 6 11:52:18 Z560 charon-nm: 06[ENC] received fragment #3 of 5, reassembled fragmented IKE message (2092 bytes) Jul 6 11:52:18 Z560 charon-nm: 06[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ] Jul 6 11:52:18 Z560 charon-nm: 06[IKE] received end entity cert "C=US, O=Durgee Enterprises LLC, CN=durgeeenterprises.publicvm.com" Jul 6 11:52:18 Z560 charon-nm: 06[CFG] using certificate "C=US, O=Durgee Enterprises LLC, CN=durgeeenterprises.publicvm.com" Jul 6 11:52:18 Z560 charon-nm: 06[CFG] using trusted ca certificate "C=US, O=Durgee Enterprises LLC, CN=VPN Server Root CA" Jul 6 11:52:18 Z560 charon-nm: 06[CFG] checking certificate status of "C=US, O=Durgee Enterprises LLC, CN=durgeeenterprises.publicvm.com" Jul 6 11:52:18 Z560 charon-nm: 06[CFG] certificate status is not available Jul 6 11:52:18 Z560 charon-nm: 06[CFG] reached self-signed root ca with a path length of 0 Jul 6 11:52:18 Z560 charon-nm: 06[IKE] authentication of 'durgeeenterprises.publicvm.com' with RSA_EMSA_PKCS1_SHA2_384 successful Jul 6 11:52:18 Z560 charon-nm: 06[IKE] server requested EAP_IDENTITY (id 0x00), sending 'dhdurgee' Jul 6 11:52:18 Z560 charon-nm: 06[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ] Jul 6 11:52:18 Z560 charon-nm: 06[NET] sending packet: from 192.168.1.114[47031] to 108.31.28.59[4500] (92 bytes) Jul 6 11:52:18 Z560 charon-nm: 12[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (108 bytes) Jul 6 11:52:18 Z560 charon-nm: 12[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/MSCHAPV2 ] Jul 6 11:52:18 Z560 charon-nm: 12[IKE] server requested EAP_MSCHAPV2 authentication (id 0x07) Jul 6 11:52:18 Z560 charon-nm: 12[ENC] generating IKE_AUTH request 3 [ EAP/RES/MSCHAPV2 ] Jul 6 11:52:18 Z560 charon-nm: 12[NET] sending packet: from 192.168.1.114[47031] to 108.31.28.59[4500] (140 bytes) Jul 6 11:52:18 Z560 charon-nm: 13[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (140 bytes) Jul 6 11:52:18 Z560 charon-nm: 13[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/MSCHAPV2 ] Jul 6 11:52:18 Z560 charon-nm: 13[IKE] EAP-MS-CHAPv2 succeeded: 'Welcome2strongSwan' Jul 6 11:52:18 Z560 charon-nm: 13[ENC] generating IKE_AUTH request 4 [ EAP/RES/MSCHAPV2 ] Jul 6 11:52:18 Z560 charon-nm: 13[NET] sending packet: from 192.168.1.114[47031] to 108.31.28.59[4500] (76 bytes) Jul 6 11:52:18 Z560 charon-nm: 11[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (76 bytes) Jul 6 11:52:18 Z560 charon-nm: 11[ENC] parsed IKE_AUTH response 4 [ EAP/SUCC ] Jul 6 11:52:18 Z560 charon-nm: 11[IKE] EAP method EAP_MSCHAPV2 succeeded, MSK established Jul 6 11:52:18 Z560 charon-nm: 11[IKE] authentication of 'dhdurgee' (myself) with EAP Jul 6 11:52:18 Z560 charon-nm: 11[ENC] generating IKE_AUTH request 5 [ AUTH ] Jul 6 11:52:18 Z560 charon-nm: 11[NET] sending packet: from 192.168.1.114[47031] to 108.31.28.59[4500] (92 bytes) Jul 6 11:52:18 Z560 charon-nm: 09[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (236 bytes) Jul 6 11:52:18 Z560 charon-nm: 09[ENC] parsed IKE_AUTH response 5 [ AUTH CPRP(ADDR DNS DNS) SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) ] Jul 6 11:52:18 Z560 charon-nm: 09[IKE] authentication of 'durgeeenterprises.publicvm.com' with EAP successful Jul 6 11:52:18 Z560 charon-nm: 09[IKE] IKE_SA Durgee Enterprises, LLC[10] established between 192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com]Jul 6 11:52:18 Z560 charon-nm: 09[IKE] scheduling rekeying in 35831s Jul 6 11:52:18 Z560 charon-nm: 09[IKE] maximum IKE_SA lifetime 36431sJul 6 11:52:18 Z560 charon-nm: 09[IKE] installing new virtual IP 10.10.10.1 Jul 6 11:52:18 Z560 avahi-daemon[750]: Registering new address record for 10.10.10.1 on wlp5s0.IPv4. Jul 6 11:52:18 Z560 charon-nm: 09[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ Jul 6 11:52:18 Z560 charon-nm: 09[IKE] CHILD_SA Durgee Enterprises, LLC{7} established with SPIs c271f27b_i cacae253_o and TS 10.10.10.1/32 === 0.0.0.0/0Jul 6 11:52:18 Z560 charon-nm: 09[IKE] peer supports MOBIKEJul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5248] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) reply received. Jul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5255] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: started (4) Jul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5256] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP4 Config Get) reply received Jul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5269] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: VPN Gateway: 108.31.28.59 Jul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5270] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Tunnel Device: (null) Jul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5270] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: IPv4 configuration: Jul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5271] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Address: 10.10.10.1 Jul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5271] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Prefix: 32 Jul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5271] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Point-to-Point Address: 10.10.10.1 Jul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5272] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.8.8 Jul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5272] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.4.4 Jul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5272] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: DNS Domain: '(none)' Jul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5273] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: No IPv6 configuration Jul 6 11:52:18 Z560 NetworkManager[758]: <info> [1625586738.5286] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) complete Jul 6 11:52:18 Z560 dbus-daemon[754]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.7' (uid=0 pid=758 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined") Jul 6 11:52:18 Z560 systemd[1]: Starting Network Manager Script Dispatcher Service... Jul 6 11:52:18 Z560 dbus-daemon[754]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher' Jul 6 11:52:18 Z560 systemd[1]: Started Network Manager Script Dispatcher Service. Jul 6 11:52:28 Z560 systemd[1]: NetworkManager-dispatcher.service: Succeeded. Jul 6 11:52:34 Z560 dbus-daemon[754]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.7' (uid=0 pid=758 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined") Jul 6 11:52:34 Z560 NetworkManager[758]: <info> [1625586754.7510] audit: op="connection-deactivate" uuid="72e4370d-ecfb-4e33-8572-5cf04431abb9" name="Durgee Enterprises, LLC" pid=811113 uid=1000 result="success" Jul 6 11:52:34 Z560 systemd[1]: Starting Network Manager Script Dispatcher Service... Jul 6 11:52:34 Z560 dbus-daemon[754]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher' Jul 6 11:52:34 Z560 systemd[1]: Started Network Manager Script Dispatcher Service. Jul 6 11:52:34 Z560 avahi-daemon[750]: Withdrawing address record for 10.10.10.1 on wlp5s0. Jul 6 11:52:34 Z560 charon-nm: 06[IKE] deleting IKE_SA Durgee Enterprises, LLC[10] between 192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com] Jul 6 11:52:34 Z560 charon-nm: 06[IKE] sending DELETE for IKE_SA Durgee Enterprises, LLC[10] Jul 6 11:52:34 Z560 charon-nm: 06[ENC] generating INFORMATIONAL request 6 [ D ] Jul 6 11:52:34 Z560 charon-nm: 06[NET] sending packet: from 192.168.1.114[47031] to 108.31.28.59[4500] (76 bytes) Jul 6 11:52:34 Z560 nm-dispatcher[914076]: run-parts: failed to stat component /etc/network/if-post-down.d/avahi-daemon: No such file or directory Jul 6 11:52:34 Z560 NetworkManager[758]: <info> [1625586754.7953] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: stopping (5) Jul 6 11:52:34 Z560 NetworkManager[758]: <info> [1625586754.7954] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: stopped (6) Jul 6 11:52:34 Z560 charon-nm: 12[NET] received packet: from 108.31.28.59[4500] to 192.168.1.114[47031] (76 bytes) Jul 6 11:52:34 Z560 charon-nm: 12[ENC] parsed INFORMATIONAL response 6 [ ]Jul 6 11:52:34 Z560 charon-nm: 12[IKE] IKE_SA deleted Jul 6 11:52:41 Z560 charon-nm: 15[KNL] interface wlp5s0 deactivatedJul 6 11:52:41 Z560 wpa_supplicant[818]: wlp5s0: CTRL-EVENT-DISCONNECTED bssid=be:0f:2b:95:dd:58 reason=3 locally_generated=1 Jul 6 11:52:41 Z560 avahi-daemon[750]: Interface wlp5s0.IPv6 no longer relevant for mDNS. Jul 6 11:52:41 Z560 avahi-daemon[750]: Leaving mDNS multicast group on interface wlp5s0.IPv6 with address fe80::562f:7604:6d84:57ca. Jul 6 11:52:41 Z560 systemd[1]: Starting Load/Save RF Kill Switch Status... Jul 6 11:52:41 Z560 charon-nm: 10[KNL] fe80::562f:7604:6d84:57ca disappeared from wlp5s0 Jul 6 11:52:41 Z560 avahi-daemon[750]: Interface wlp5s0.IPv4 no longer relevant for mDNS. Jul 6 11:52:41 Z560 avahi-daemon[750]: Leaving mDNS multicast group on interface wlp5s0.IPv4 with address 192.168.1.114. Jul 6 11:52:41 Z560 avahi-daemon[750]: Withdrawing address record for fe80::562f:7604:6d84:57ca on wlp5s0. Jul 6 11:52:41 Z560 avahi-daemon[750]: Withdrawing address record for 192.168.1.114 on wlp5s0.Jul 6 11:52:41 Z560 wpa_supplicant[818]: rfkill: WLAN soft blockedJul 6 11:52:41 Z560 systemd[1]: Started Load/Save RF Kill Switch Status. Jul 6 11:52:41 Z560 NetworkManager[758]: <info> [1625586761.1466] manager: rfkill: Wi-Fi hardware radio set disabled Jul 6 11:52:41 Z560 NetworkManager[758]: <info> [1625586761.1469] device (wlp5s0): state change: activated -> unavailable (reason 'none', sys-iface-state: 'managed') Jul 6 11:52:41 Z560 NetworkManager[758]: <info> [1625586761.1750] dhcp4 (wlp5s0): canceled DHCP transaction Jul 6 11:52:41 Z560 NetworkManager[758]: <info> [1625586761.1750] dhcp4 (wlp5s0): state changed bound -> done Jul 6 11:52:41 Z560 charon-nm: 06[KNL] 192.168.1.114 disappeared from wlp5s0 Jul 6 11:52:41 Z560 NetworkManager[758]: <info> [1625586761.1823] manager: NetworkManager state is now DISCONNECTED Jul 6 11:52:41 Z560 NetworkManager[758]: <info> [1625586761.1920] audit: op="radio-control" arg="wireless-enabled" pid=811113 uid=1000 result="success" Jul 6 11:52:41 Z560 NetworkManager[758]: <info> [1625586761.1931] manager: rfkill: Wi-Fi now disabled by radio killswitch Jul 6 11:52:41 Z560 nm-dispatcher[914110]: run-parts: failed to stat component /etc/network/if-post-down.d/avahi-daemon: No such file or directory Jul 6 11:52:41 Z560 charon-nm: 11[IKE] uninstalling bypass policy for 192.168.1.0/24 Jul 6 11:52:41 Z560 charon-nm: 11[KNL] error uninstalling route installed with policy 192.168.1.0/24 === 192.168.1.0/24 out Jul 6 11:52:41 Z560 charon-nm: 11[IKE] uninstalling bypass policy for 169.254.0.0/16 Jul 6 11:52:41 Z560 charon-nm: 11[IKE] uninstalling bypass policy for fe80::/64 Jul 6 11:52:41 Z560 wpa_supplicant[818]: nl80211: deinit ifname=wlp5s0 disabled_11b_rates=0Jul 6 11:52:46 Z560 systemd[1]: systemd-rfkill.service: Succeeded.Could someone please let me know what terminal commands I should be using to confirm proper operation of the VPN connection, assuming of course that it is indeed operating correctly.DaveNoel Kuntze wrote: Hello David,strongSwan by default builds policy based tunnels, not route based tunnels.Thus no interface is needed or created. Read up on how IPsec works on the wiki to get an understanding for it.GUI indicators are not inherently related to if any tunnel exists, or works.Kind regards Noel Am 01.07.21 um 20:31 schrieb David H Durgee:I thought it might make sense to revisit this after the progress that has been made. It now appears that the connection is being established:Jun 29 11:21:34 Z560 charon-nm: 11[IKE] authentication of 'durgeeenterprises.publicvm.com' with EAP successful Jun 29 11:21:34 Z560 charon-nm: 11[IKE] IKE_SA Durgee Enterprises, LLC[7] established between 192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com]Jun 29 11:21:34 Z560 charon-nm: 11[IKE] scheduling rekeying in 35705s Jun 29 11:21:34 Z560 charon-nm: 11[IKE] maximum IKE_SA lifetime 36305sJun 29 11:21:34 Z560 charon-nm: 11[IKE] installing new virtual IP 10.10.10.1 Jun 29 11:21:34 Z560 avahi-daemon[750]: Registering new address record for 10.10.10.1 on wlp5s0.IPv4. Jun 29 11:21:34 Z560 charon-nm: 11[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ Jun 29 11:21:34 Z560 charon-nm: 11[IKE] CHILD_SA Durgee Enterprises, LLC{4} established with SPIs c8cad4e5_i c3f2eec4_o and TS 10.10.10.1/32 === 0.0.0.0/0Jun 29 11:21:34 Z560 charon-nm: 11[IKE] peer supports MOBIKEJun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.6991] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) reply received. Jun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN plugin: state changed: started (4) Jun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.6997] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP4 Config Get) reply received Jun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: VPN Gateway: 108.31.28.59 Jun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Tunnel Device: (null) Jun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: IPv4 configuration: Jun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.7003] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Address: 10.10.10.1 Jun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Prefix: 32 Jun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal Point-to-Point Address: 10.10.10.1 Jun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.8.8 Jun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: Internal DNS: 8.8.4.4 Jun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: DNS Domain: '(none)' Jun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.7004] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: Data: No IPv6 configuration Jun 29 11:21:34 Z560 NetworkManager[758]: <info> [1624980094.7013] vpn-connection[0x562fdb93c2f0,72e4370d-ecfb-4e33-8572-5cf04431abb9,"Durgee Enterprises, LLC",0]: VPN connection: (IP Config Get) completeUnfortunately I am not seeing a tunnel interface being created and routing added:enp6s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 ether b8:70:f4:2c:6b:9f txqueuelen 1000 (Ethernet) RX packets 1143393 bytes 1164336056 (1.1 GB) RX errors 0 dropped 20 overruns 0 frame 0 TX packets 912738 bytes 112966285 (112.9 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 95404 bytes 9207887 (9.2 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 95404 bytes 9207887 (9.2 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 wlp5s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 192.168.1.114 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::562f:7604:6d84:57ca prefixlen 64 scopeid 0x20<link>ether ac:81:12:a4:5e:43 txqueuelen 1000 (Ethernet) RX packets 5644 bytes 4264877 (4.2 MB) RX errors 0 dropped 0 overruns 0 frame 62520 TX packets 6377 bytes 1007195 (1.0 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 17 dhdurgee@z560:~/Downloads$ route Kernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface default _gateway 0.0.0.0 UG 20600 0 0 wlp5s0 link-local 0.0.0.0 255.255.0.0 U 1000 0 0 wlp5s0 192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp5s0dhdurgee@z560:~/Downloads$In case it is needed for reference, here is the ipsec.conf on the server side:config setup charondebug="ike 1, knl 1, cfg 1" uniqueids=no conn ikev2-vpn auto=add compress=no type=tunnel keyexchange=ikev2 fragmentation=yes forceencaps=yes ike=aes256-sha1-modp2048,aes256-sha1-modp1024,3des-sha1-modp1024! esp=aes256-sha1,3des-sha1! dpdaction=clear dpddelay=300s rekey=no left=%any leftid=@durgeeenterprises.publicvm.com leftcert=/etc/ipsec.d/certs/vpn-server-cert.pem leftsendcert=always leftsubnet=0.0.0.0/0 right=%any rightid=%any rightauth=eap-mschapv2 rightsourceip=10.10.10.0/24 rightdns=8.8.8.8,8.8.4.4 rightsendcert=never eap_identity=%identityHere is the connection definition from /etc/NewtorkManager/system-connections:[connection] id=Durgee Enterprises, LLC uuid=72e4370d-ecfb-4e33-8572-5cf04431abb9 type=vpn autoconnect=false permissions=user:dhdurgee:; [vpn] address=durgeeenterprises.publicvm.com certificate=/home/dhdurgee/Downloads/vpn_root_certificate.pem encap=no ipcomp=no method=eap password-flags=1 proposal=no user=dhdurgee virtual=yes service-type=org.freedesktop.NetworkManager.strongswan [ipv4] dns-search= method=auto [ipv6] addr-gen-mode=stable-privacy dns-search= ip6-privacy=0 method=auto [proxy]The listed connection was created via the GUI. I have screenshots of the four pages from the GUI available for email as they violate size restrictions of posting here..As the VPN connection is already working with android and windows systems I want to make no changes to the ipsec.conf on the server. All changes should be made to the linux connection.I can only assume there are revisions to be made, hopefully via the GUI. Obviously if the GUI cannot address what is needed I can edit the connection directly.Alternatively, am I misunderstanding what I am seeing and the tunnel is actually being established? I see only the WiFi icon on the bar at the bottom of the screen just as I do when opening the WiFi connection. With another VPN service, now discontinued, I showed a different icon indicating the secured tunnel was open. This other discontinued service likewise created a tun interface and established a route via that interface.If more information is required please let me know. Dave
smime.p7s
Description: S/MIME Cryptographic Signature
