[strongSwan] no response from port 4500, port 500 is ok

Fri, 04 Feb 2022 12:03:07 -0800 

Hello

Case 1: no response from port 4500, port 500 is ok

We have a case were charon does not respond to port 4500 (500 is ok).
Charon is our IPSEC client on Linux.
Using strongswan 5.8.2
The IPSEC server is Windows 2012R2

  *   Sending packet on 500
     *   2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[NET] sending 
packet: from 10.147.180.160[500] to 76.80.106.138[500] (480 bytes)
     *   2022 Feb  3 20:04:48+00:00 wglng-2294 charon [info] 14[NET] received 
packet: from 76.80.106.138[500] to 10.147.180.160[500] (492 bytes)
  *   Sending packet on 4500, but no reply
     *   2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[NET] sending 
packet: from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
     *   2022 Feb  3 20:04:53+00:00 wglng-2294 charon [info] 09[IKE] retransmit 
1 of request with message ID 1
Our tcpdump capture does show 4500 being received

  *   See dod-ipsec-error-for-strongswan-edit.csv
This problem does not happen all the time.
When it does happen, it will persist and not clear.



2022 Feb  3 19:58:07+00:00 wglng-2294 charon [info] 00[DMN] Starting IKE charon 
daemon (strongSwan 5.8.2, Linux 2.6.32.46.cge-TDY711999J-3+, mips64)
2022 Feb  3 19:58:07+00:00 wglng-2294 charon [info] 00[NET] could not open 
socket: Address family not supported by protocol
2022 Feb  3 19:58:07+00:00 wglng-2294 charon [info] 00[NET] could not open IPv6 
socket, IPv6 disabled
2022 Feb  3 19:58:07+00:00 wglng-2294 charon [info] 00[KNL] received netlink 
error: Address family not supported by protocol (124)
2022 Feb  3 19:58:07+00:00 wglng-2294 charon [info] 00[KNL] unable to create 
IPv6 routing table rule
2022 Feb  3 19:58:07+00:00 wglng-2294 charon [info] 00[CFG] loaded 0 RADIUS 
server configurations
2022 Feb  3 19:58:07+00:00 wglng-2294 charon [info] 00[CFG] no threshold 
configured for systime-fix, disabled
2022 Feb  3 19:58:07+00:00 wglng-2294 charon [info] 00[LIB] loaded plugins: 
charon ldap aes des rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation 
constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl 
gcrypt fips-prf gmp curve25519 xcbc cmac hmac ntru drbg curl files attr 
kernel-netlink resolve socket-default vici updown eap-identity eap-mschapv2 
eap-dynamic eap-radius eap-tls eap-peap xauth-generic xauth-eap error-notify 
counters
2022 Feb  3 19:58:07+00:00 wglng-2294 charon [info] 00[LIB] dropped 
capabilities, running as uid 0, gid 0
2022 Feb  3 19:58:07+00:00 wglng-2294 charon [info] 00[JOB] spawning 16 worker 
threads
2022 Feb  3 19:58:09+00:00 wglng-2294 charon [info] 14[CFG] vici client 1 
connected
2022 Feb  3 19:58:09+00:00 wglng-2294 charon [info] 04[CFG] vici client 1 
requests: clear-creds
2022 Feb  3 19:58:09+00:00 wglng-2294 charon [info] 09[CFG] vici client 1 
disconnected
2022 Feb  3 19:58:11+00:00 wglng-2294 charon [info] 15[CFG] vici client 2 
connected
2022 Feb  3 19:58:11+00:00 wglng-2294 charon [info] 14[CFG] vici client 2 
registered for: ike-updown
2022 Feb  3 19:58:11+00:00 wglng-2294 charon [info] 06[CFG] vici client 2 
registered for: child-updown
2022 Feb  3 19:58:12+00:00 wglng-2294 charon [info] 11[CFG] vici client 3 
connected
2022 Feb  3 19:58:12+00:00 wglng-2294 charon [info] 04[CFG] vici client 3 
requests: flush-certs
2022 Feb  3 19:58:12+00:00 wglng-2294 charon [info] 10[CFG] vici client 3 
disconnected
2022 Feb  3 19:58:12+00:00 wglng-2294 charon [info] 11[CFG] vici client 4 
connected
2022 Feb  3 19:58:12+00:00 wglng-2294 charon [info] 03[CFG] vici client 4 
requests: get-keys
2022 Feb  3 19:58:12+00:00 wglng-2294 charon [info] 11[CFG] vici client 4 
requests: get-shared
2022 Feb  3 19:58:12+00:00 wglng-2294 charon [info] 06[CFG] vici client 4 
requests: load-cert
2022 Feb  3 19:58:12+00:00 wglng-2294 charon [info] 06[CFG] loaded certificate 
\'C=CA, O=Carillon Information Security Inc., OU=TEST, OU=Aircraft, OU=Teledyne 
Controls, CN=RA02294-219.auth\'
2022 Feb  3 19:58:12+00:00 wglng-2294 charon [info] 14[CFG] vici client 4 
requests: load-cert
2022 Feb  3 19:58:12+00:00 wglng-2294 charon [info] 14[CFG] loaded certificate 
\'C=CA, O=Carillon Information Security Inc., OU=TEST Certification 
Authorities, CN=TEST CIS Signing CA1\'
2022 Feb  3 19:58:12+00:00 wglng-2294 charon [info] 11[CFG] vici client 4 
requests: load-cert
2022 Feb  3 19:58:12+00:00 wglng-2294 charon [info] 11[CFG] loaded certificate 
\'C=CA, O=Carillon Information Security Inc., OU=TEST Certification 
Authorities, CN=TEST cisRCA1\'
2022 Feb  3 19:58:13+00:00 wglng-2294 charon [info] 08[CFG] vici client 4 
requests: load-key
2022 Feb  3 19:58:13+00:00 wglng-2294 charon [info] 08[CFG] loaded RSA private 
key
2022 Feb  3 19:58:14+00:00 wglng-2294 charon [info] 03[CFG] vici client 4 
requests: load-key
2022 Feb  3 19:58:14+00:00 wglng-2294 charon [info] 03[CFG] loaded RSA private 
key
2022 Feb  3 19:58:14+00:00 wglng-2294 charon [info] 10[CFG] vici client 4 
disconnected
2022 Feb  3 19:58:15+00:00 wglng-2294 charon [info] 09[CFG] vici client 5 
connected
2022 Feb  3 19:58:15+00:00 wglng-2294 charon [info] 11[CFG] vici client 5 
requests: get-authorities
2022 Feb  3 19:58:15+00:00 wglng-2294 charon [info] 10[CFG] vici client 5 
requests: load-authority
2022 Feb  3 19:58:15+00:00 wglng-2294 charon [info] 10[CFG]  authority 
Org1-sca1:
2022 Feb  3 19:58:15+00:00 wglng-2294 charon [info] 10[CFG]   cacert = C=CA, 
O=Carillon Information Security Inc., OU=TEST Certification Authorities, 
CN=TEST CIS Signing CA1
2022 Feb  3 19:58:15+00:00 wglng-2294 charon [info] 10[CFG]   crl_uris = 
file:///etc/swanctl/ourCrl/Org1.scacrl1
2022 Feb  3 19:58:15+00:00 wglng-2294 charon [info] 11[CFG] vici client 5 
requests: load-authority
2022 Feb  3 19:58:15+00:00 wglng-2294 charon [info] 11[CFG]  authority Org1-ta:
2022 Feb  3 19:58:15+00:00 wglng-2294 charon [info] 11[CFG]   cacert = C=CA, 
O=Carillon Information Security Inc., OU=TEST Certification Authorities, 
CN=TEST cisRCA1
2022 Feb  3 19:58:15+00:00 wglng-2294 charon [info] 09[CFG] vici client 5 
disconnected
2022 Feb  3 19:58:35+00:00 wglng-2294 charon [info] 06[CFG] vici client 6 
connected
2022 Feb  3 19:58:35+00:00 wglng-2294 charon [info] 07[CFG] vici client 6 
registered for: list-sa
2022 Feb  3 19:58:35+00:00 wglng-2294 charon [info] 05[CFG] vici client 6 
requests: list-sas
2022 Feb  3 19:58:35+00:00 wglng-2294 charon [info] 10[CFG] vici client 6 
disconnected
2022 Feb  3 20:00:35+00:00 wglng-2294 charon [info] 07[CFG] vici client 7 
connected
2022 Feb  3 20:00:35+00:00 wglng-2294 charon [info] 16[CFG] vici client 7 
registered for: list-sa
2022 Feb  3 20:00:35+00:00 wglng-2294 charon [info] 09[CFG] vici client 7 
requests: list-sas
2022 Feb  3 20:00:35+00:00 wglng-2294 charon [info] 15[CFG] vici client 7 
disconnected
2022 Feb  3 20:00:38+00:00 wglng-2294 charon [info] 16[CFG] vici client 8 
connected
2022 Feb  3 20:00:38+00:00 wglng-2294 charon [info] 04[CFG] vici client 8 
registered for: list-sa
2022 Feb  3 20:00:38+00:00 wglng-2294 charon [info] 08[CFG] vici client 8 
requests: list-sas
2022 Feb  3 20:00:38+00:00 wglng-2294 charon [info] 15[CFG] vici client 8 
disconnected
2022 Feb  3 20:00:40+00:00 wglng-2294 charon [info] 16[CFG] vici client 9 
connected
2022 Feb  3 20:00:40+00:00 wglng-2294 charon [info] 14[CFG] vici client 9 
registered for: list-sa
2022 Feb  3 20:00:40+00:00 wglng-2294 charon [info] 08[CFG] vici client 9 
requests: list-sas
2022 Feb  3 20:00:40+00:00 wglng-2294 charon [info] 15[CFG] vici client 9 
disconnected
2022 Feb  3 20:00:43+00:00 wglng-2294 charon [info] 16[CFG] vici client 10 
connected
2022 Feb  3 20:00:43+00:00 wglng-2294 charon [info] 03[CFG] vici client 10 
registered for: list-sa
2022 Feb  3 20:00:43+00:00 wglng-2294 charon [info] 11[CFG] vici client 10 
requests: list-sas
2022 Feb  3 20:00:43+00:00 wglng-2294 charon [info] 16[CFG] vici client 10 
disconnected
2022 Feb  3 20:03:43+00:00 wglng-2294 charon [info] 03[CFG] vici client 11 
connected
2022 Feb  3 20:03:43+00:00 wglng-2294 charon [info] 11[CFG] vici client 11 
registered for: list-sa
2022 Feb  3 20:03:43+00:00 wglng-2294 charon [info] 07[CFG] vici client 11 
requests: list-sas
2022 Feb  3 20:03:43+00:00 wglng-2294 charon [info] 05[CFG] vici client 11 
disconnected
2022 Feb  3 20:03:51+00:00 wglng-2294 charon [info] 09[CFG] vici client 12 
connected
2022 Feb  3 20:03:51+00:00 wglng-2294 charon [info] 08[CFG] vici client 12 
registered for: list-sa
2022 Feb  3 20:03:51+00:00 wglng-2294 charon [info] 07[CFG] vici client 12 
requests: list-sas
2022 Feb  3 20:03:51+00:00 wglng-2294 charon [info] 05[CFG] vici client 12 
disconnected
2022 Feb  3 20:04:37+00:00 wglng-2294 charon [info] 09[KNL] 10.147.180.160 
appeared on ppp0
2022 Feb  3 20:04:37+00:00 wglng-2294 charon [info] 10[KNL] 10.147.180.160 
disappeared from ppp0
2022 Feb  3 20:04:37+00:00 wglng-2294 charon [info] 15[KNL] 10.147.180.160 
appeared on ppp0
2022 Feb  3 20:04:37+00:00 wglng-2294 charon [info] 16[KNL] interface ppp0 
activated
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 15[CFG] vici client 13 
connected
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] vici client 13 
requests: load-conn
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]  conn 
sgateway1-radio0:
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   child 
sgateway1-radio0:
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    rekey_time = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    life_time = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    rand_time = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    rekey_bytes = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    life_bytes = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    rand_bytes = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    rekey_packets = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    life_packets = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    rand_packets = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    updown = 
/usr/lib32/ipsec/_updown_tdy.py
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    hostaccess = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    ipcomp = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    mode = TUNNEL
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    policies = 1
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    policies_fwd_out 
= 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    dpd_action = 
restart
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    start_action = 
clear
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    close_action = 
clear
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    reqid = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    tfc = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    priority = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    interface = 
(null)
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    if_id_in = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    if_id_out = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    mark_in = 0/0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    mark_in_sa = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    mark_out = 0/0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    set_mark_in = 0/0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    set_mark_out = 
0/0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    inactivity = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    proposals = 
ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    local_ts = 
dynamic
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    remote_ts = 
172.16.207.159/32
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    hw_offload = no
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    sha256_96 = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    copy_df = 1
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    copy_ecn = 1
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    copy_dscp = out
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   version = 2
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   local_addrs = 
10.147.180.160
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   remote_addrs = 
76.80.106.138
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   local_port = 500
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   remote_port = 500
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   send_certreq = 1
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   send_cert = 
CERT_SEND_IF_ASKED
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   ppk_id = (null)
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   ppk_required = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   mobike = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   aggressive = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   dscp = 0x00
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   encap = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   dpd_delay = 40
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   dpd_timeout = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   fragmentation = 2
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   childless = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   unique = UNIQUE_NO
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   keyingtries = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   reauth_time = 
14400
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   rekey_time = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   over_time = 1440
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   rand_time = 1440
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   proposals = 
IKE:AES_CBC_256/HMAC_SHA2_384_192/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   if_id_in = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   if_id_out = 0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   vips:
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    %any
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   local:
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    id = 
[email protected]<mailto:[email protected]>
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    class = EAP
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    cert = C=CA, 
O=Carillon Information Security Inc., OU=TEST, OU=Aircraft, OU=Teledyne 
Controls, CN=RA02294-219.auth
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]   remote:
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    class = public 
key
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG]    id = C=CA, 
O=Carillon Information Security Inc., OU=TEST, OU=Devices, OU=Aircraft Operator 
Ground Stations, OU=Teledyne Controls, CN=ELS-VPAPP-WGL08 - ID
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 05[CFG] added vici 
connection: sgateway1-radio0
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 10[CFG] vici client 14 
connected
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 04[CFG] vici client 14 
requests: initiate
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 04[CFG] vici initiate 
CHILD_SA \'sgateway1-radio0\'
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 11[CFG] vici client 13 
disconnected
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing IKE_VENDOR 
task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing IKE_INIT 
task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing IKE_NATD 
task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing 
IKE_CERT_PRE task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing IKE_AUTH 
task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing 
IKE_CERT_POST task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing IKE_CONFIG 
task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing 
IKE_AUTH_LIFETIME task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] queueing 
CHILD_CREATE task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] activating new tasks
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE]   activating 
IKE_VENDOR task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE]   activating 
IKE_INIT task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE]   activating 
IKE_NATD task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE]   activating 
IKE_CERT_PRE task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE]   activating 
IKE_AUTH task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE]   activating 
IKE_CERT_POST task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE]   activating 
IKE_CONFIG task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE]   activating 
CHILD_CREATE task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE]   activating 
IKE_AUTH_LIFETIME task
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] initiating IKE_SA 
sgateway1-radio0[1] to 76.80.106.138
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] initiating IKE_SA 
sgateway1-radio0[1] to 76.80.106.138
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[IKE] IKE_SA 
sgateway1-radio0[1] state change: CREATED => CONNECTING
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[CFG] configured 
proposals: 
IKE:AES_CBC_256/HMAC_SHA2_384_192/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[CFG] sending supported 
signature hash algorithms: sha256 sha384 sha512 identity
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[ENC] generating 
IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) 
N(HASH_ALG) N(REDIR_SUP) ]
2022 Feb  3 20:04:46+00:00 wglng-2294 charon [info] 03[NET] sending packet: 
from 10.147.180.160[500] to 76.80.106.138[500] (480 bytes)
2022 Feb  3 20:04:48+00:00 wglng-2294 charon [info] 14[NET] received packet: 
from 76.80.106.138[500] to 10.147.180.160[500] (492 bytes)
2022 Feb  3 20:04:48+00:00 wglng-2294 charon [info] 14[ENC] parsed IKE_SA_INIT 
response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) V V ]
2022 Feb  3 20:04:48+00:00 wglng-2294 charon [info] 14[IKE] received MS NT5 
ISAKMPOAKLEY v9 vendor ID
2022 Feb  3 20:04:48+00:00 wglng-2294 charon [info] 14[IKE] received 
MS-Negotiation Discovery Capable vendor ID
2022 Feb  3 20:04:48+00:00 wglng-2294 charon [info] 14[CFG] selecting proposal:
2022 Feb  3 20:04:48+00:00 wglng-2294 charon [info] 14[CFG]   proposal matches
2022 Feb  3 20:04:48+00:00 wglng-2294 charon [info] 14[CFG] received proposals: 
IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb  3 20:04:48+00:00 wglng-2294 charon [info] 14[CFG] configured 
proposals: 
IKE:AES_CBC_256/HMAC_SHA2_384_192/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb  3 20:04:48+00:00 wglng-2294 charon [info] 14[CFG] selected proposal: 
IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] local host is 
behind NAT, sending keep alives
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] remote host is 
behind NAT
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] reinitiating 
already active tasks
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE]   IKE_CERT_PRE task
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE]   IKE_AUTH task
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] sending cert 
request for \"C=CA, O=Carillon Information Security Inc., OU=TEST Certification 
Authorities, CN=TEST cisRCA1\"
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] sending cert 
request for \"C=CA, O=Carillon Information Security Inc., OU=TEST Certification 
Authorities, CN=TEST CIS Signing CA1\"
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] building 
INTERNAL_IP4_DNS attribute
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[CFG] proposing traffic 
selectors for us:
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[CFG]  0.0.0.0/0
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[CFG] proposing traffic 
selectors for other:
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[CFG]  172.16.207.159/32
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[CFG] configured 
proposals: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] establishing 
CHILD_SA sgateway1-radio0{1}
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[IKE] establishing 
CHILD_SA sgateway1-radio0{1}
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[ENC] generating IKE_AUTH 
request 1 [ IDi N(INIT_CONTACT) CERTREQ IDr CPRQ(ADDR DNS) SA TSi TSr 
N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
2022 Feb  3 20:04:49+00:00 wglng-2294 charon [info] 14[NET] sending packet: 
from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb  3 20:04:53+00:00 wglng-2294 charon [info] 09[IKE] retransmit 1 of 
request with message ID 1
2022 Feb  3 20:04:53+00:00 wglng-2294 charon [info] 09[NET] sending packet: 
from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb  3 20:04:56+00:00 wglng-2294 charon [info] 10[CFG] vici client 14 
disconnected
2022 Feb  3 20:04:57+00:00 wglng-2294 charon [info] 07[IKE] retransmit 2 of 
request with message ID 1
2022 Feb  3 20:04:57+00:00 wglng-2294 charon [info] 07[NET] sending packet: 
from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb  3 20:05:01+00:00 wglng-2294 charon [info] 15[IKE] retransmit 3 of 
request with message ID 1
2022 Feb  3 20:05:01+00:00 wglng-2294 charon [info] 15[NET] sending packet: 
from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb  3 20:05:05+00:00 wglng-2294 charon [info] 11[IKE] retransmit 4 of 
request with message ID 1
2022 Feb  3 20:05:05+00:00 wglng-2294 charon [info] 11[NET] sending packet: 
from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb  3 20:05:09+00:00 wglng-2294 charon [info] 14[IKE] retransmit 5 of 
request with message ID 1
2022 Feb  3 20:05:09+00:00 wglng-2294 charon [info] 14[NET] sending packet: 
from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 06[KNL] creating delete job 
for CHILD_SA ESP/0xc4e46da5/10.147.180.160
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 06[JOB] CHILD_SA 
ESP/0xc4e46da5/10.147.180.160 not found for delete
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] giving up after 5 
retransmits
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] peer not 
responding, trying again (2/0)
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] IKE_SA 
sgateway1-radio0[1] state change: CONNECTING => CREATED
2022 Feb  3 20:05:13+00:00 wglng-2294 IPSecCfgIfManager [notice] bool 
ErrorNotifyMonitor::ProcessEvents() rx message is new or changed type=6 
name=sgateway1-radio0 id=C=CA, O=Carillon Information Security Inc., OU=TEST, 
OU=Devices, OU=Aircraft Operator Ground Stations, OU=Teledyne Controls, 
CN=ELS-VPAPP-WGL08 - ID ip=76.80.106.138[4500] str=IKE message retransmission 
timed out.
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] queueing IKE_VENDOR 
task
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] queueing IKE_INIT 
task
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] queueing IKE_NATD 
task
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] activating new tasks
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE]   activating 
IKE_VENDOR task
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE]   activating 
IKE_INIT task
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE]   activating 
IKE_NATD task
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE]   activating 
IKE_CERT_PRE task
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE]   activating 
IKE_AUTH task
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE]   activating 
IKE_CERT_POST task
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE]   activating 
IKE_CONFIG task
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE]   activating 
CHILD_CREATE task
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE]   activating 
IKE_AUTH_LIFETIME task
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] initiating IKE_SA 
sgateway1-radio0[1] to 76.80.106.138
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] initiating IKE_SA 
sgateway1-radio0[1] to 76.80.106.138
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[IKE] IKE_SA 
sgateway1-radio0[1] state change: CREATED => CONNECTING
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[CFG] configured 
proposals: 
IKE:AES_CBC_256/HMAC_SHA2_384_192/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[CFG] sending supported 
signature hash algorithms: sha256 sha384 sha512 identity
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[ENC] generating 
IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) 
N(HASH_ALG) N(REDIR_SUP) ]
2022 Feb  3 20:05:13+00:00 wglng-2294 charon [info] 04[NET] sending packet: 
from 10.147.180.160[500] to 76.80.106.138[500] (480 bytes)
2022 Feb  3 20:05:15+00:00 wglng-2294 charon [info] 05[NET] received packet: 
from 76.80.106.138[500] to 10.147.180.160[500] (492 bytes)
2022 Feb  3 20:05:15+00:00 wglng-2294 charon [info] 05[ENC] parsed IKE_SA_INIT 
response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) V V ]
2022 Feb  3 20:05:15+00:00 wglng-2294 charon [info] 05[IKE] received MS NT5 
ISAKMPOAKLEY v9 vendor ID
2022 Feb  3 20:05:15+00:00 wglng-2294 charon [info] 05[IKE] received 
MS-Negotiation Discovery Capable vendor ID
2022 Feb  3 20:05:15+00:00 wglng-2294 charon [info] 05[CFG] selecting proposal:
2022 Feb  3 20:05:15+00:00 wglng-2294 charon [info] 05[CFG]   proposal matches
2022 Feb  3 20:05:15+00:00 wglng-2294 charon [info] 05[CFG] received proposals: 
IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb  3 20:05:15+00:00 wglng-2294 charon [info] 05[CFG] configured 
proposals: 
IKE:AES_CBC_256/HMAC_SHA2_384_192/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb  3 20:05:15+00:00 wglng-2294 charon [info] 05[CFG] selected proposal: 
IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] reinitiating 
already active tasks
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE]   IKE_CERT_PRE task
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE]   IKE_AUTH task
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] sending cert 
request for \"C=CA, O=Carillon Information Security Inc., OU=TEST Certification 
Authorities, CN=TEST cisRCA1\"
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] sending cert 
request for \"C=CA, O=Carillon Information Security Inc., OU=TEST Certification 
Authorities, CN=TEST CIS Signing CA1\"
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] building 
INTERNAL_IP4_DNS attribute
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[CFG] proposing traffic 
selectors for us:
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[CFG]  0.0.0.0/0
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[CFG] proposing traffic 
selectors for other:
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[CFG]  172.16.207.159/32
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[CFG] configured 
proposals: ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] establishing 
CHILD_SA sgateway1-radio0{2}
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[IKE] establishing 
CHILD_SA sgateway1-radio0{2}
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[ENC] generating IKE_AUTH 
request 1 [ IDi N(INIT_CONTACT) CERTREQ IDr CPRQ(ADDR DNS) SA TSi TSr 
N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
2022 Feb  3 20:05:16+00:00 wglng-2294 charon [info] 05[NET] sending packet: 
from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb  3 20:05:20+00:00 wglng-2294 charon [info] 10[IKE] retransmit 1 of 
request with message ID 1
2022 Feb  3 20:05:20+00:00 wglng-2294 charon [info] 10[NET] sending packet: 
from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb  3 20:05:24+00:00 wglng-2294 charon [info] 16[IKE] retransmit 2 of 
request with message ID 1
2022 Feb  3 20:05:24+00:00 wglng-2294 charon [info] 16[NET] sending packet: 
from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb  3 20:05:28+00:00 wglng-2294 charon [info] 15[IKE] retransmit 3 of 
request with message ID 1
2022 Feb  3 20:05:28+00:00 wglng-2294 charon [info] 15[NET] sending packet: 
from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb  3 20:05:32+00:00 wglng-2294 charon [info] 11[IKE] retransmit 4 of 
request with message ID 1
2022 Feb  3 20:05:32+00:00 wglng-2294 charon [info] 11[NET] sending packet: 
from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb  3 20:05:36+00:00 wglng-2294 charon [info] 03[IKE] retransmit 5 of 
request with message ID 1
2022 Feb  3 20:05:36+00:00 wglng-2294 charon [info] 03[NET] sending packet: 
from 10.147.180.160[4500] to 76.80.106.138[4500] (480 bytes)
2022 Feb  3 20:05:40+00:00 wglng-2294 charon [info] 14[KNL] creating delete job 
for CHILD_SA ESP/0xc30ca743/10.147.180.160
2022 Feb  3 20:05:40+00:00 wglng-2294 charon [info] 14[JOB] CHILD_SA 
ESP/0xc30ca743/10.147.180.160 not found for delete
2022 Feb  3 20:05:40+00:00 wglng-2294 charon [info] 06[IKE] giving up after 5 
retransmits
2022 Feb  3 20:05:40+00:00 wglng-2294 charon [info] 06[IKE] peer not 
responding, trying again (3/0)

Thanks




Teledyne Confidential; Commercially Sensitive Business Data

Reply via email to