Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
19.7.2 IPSec Problems
« previous
next »
Print
Pages: [
1
]
Author
Topic: 19.7.2 IPSec Problems (Read 2858 times)
andygee
Newbie
Posts: 9
Karma: 0
19.7.2 IPSec Problems
«
on:
August 12, 2019, 05:35:57 pm »
The master site I have has several vpn connections, all work flawless thus far except the one to another opnsense 19.7.2 remote. The connect between them had been up several days until this morning and it went down. I've restarted both units and still no connection. Phase 1 appears to come up but phase 2 never seems to connect from what I see. Below I have posted the log from the remote site to see if anyone has any suggestions.
Aug 12 15:31:36 charon: 14[CFG] ignoring acquire, connection attempt pending
Aug 12 15:31:36 charon: 11[KNL] creating acquire job for policy 50.202.0.0/32 === 173.160.0.0/32 with reqid {1}
Aug 12 15:31:36 charon: 11[KNL] SADB_EXT_PROPOSAL
Aug 12 15:31:36 charon: 11[KNL] SADB_X_EXT_POLICY
Aug 12 15:31:36 charon: 11[KNL] SADB_EXT_ADDRESS_DST
Aug 12 15:31:36 charon: 11[KNL] SADB_EXT_ADDRESS_SRC
Aug 12 15:31:36 charon: 11[KNL] received an SADB_ACQUIRE
Aug 12 15:31:31 charon: 11[MGR] <con1|1> checkin of IKE_SA successful
Aug 12 15:31:31 charon: 03[NET] sending packet: from 50.202.0.0[500] to 173.160.0.0[500]
Aug 12 15:31:31 charon: 11[MGR] <con1|1> checkin IKE_SA con1[1]
Aug 12 15:31:31 charon: 11[NET] <con1|1> sending packet: from 50.202.0.0[500] to 173.160.0.0[500] (176 bytes)
Aug 12 15:31:31 charon: 11[IKE] <con1|1> sending retransmit 3 of request message ID 0, seq 1
Aug 12 15:31:31 charon: 11[MGR] IKE_SA con1[1] successfully checked out
Aug 12 15:31:31 charon: 11[MGR] checkout IKEv1 SA with SPIs 741bd97ad3a7391b_i 0000000000000000_r
Aug 12 15:31:26 charon: 11[CFG] ignoring acquire, connection attempt pending
Aug 12 15:31:26 charon: 14[KNL] creating acquire job for policy 50.202.0.0/32 === 173.160.0.0/32 with reqid {1}
Aug 12 15:31:26 charon: 14[KNL] SADB_EXT_PROPOSAL
Aug 12 15:31:26 charon: 14[KNL] SADB_X_EXT_POLICY
Aug 12 15:31:26 charon: 14[KNL] SADB_EXT_ADDRESS_DST
Aug 12 15:31:26 charon: 14[KNL] SADB_EXT_ADDRESS_SRC
Aug 12 15:31:26 charon: 14[KNL] received an SADB_ACQUIRE
Aug 12 15:31:18 charon: 14[MGR] <con1|1> checkin of IKE_SA successful
Aug 12 15:31:18 charon: 03[NET] sending packet: from 50.202.0.0[500] to 173.160.0.0[500]
Aug 12 15:31:18 charon: 14[MGR] <con1|1> checkin IKE_SA con1[1]
Aug 12 15:31:18 charon: 14[NET] <con1|1> sending packet: from 50.202.0.0[500] to 173.160.0.0[500] (176 bytes)
Aug 12 15:31:18 charon: 14[IKE] <con1|1> sending retransmit 2 of request message ID 0, seq 1
Aug 12 15:31:18 charon: 14[MGR] IKE_SA con1[1] successfully checked out
Aug 12 15:31:18 charon: 14[MGR] checkout IKEv1 SA with SPIs 741bd97ad3a7391b_i 0000000000000000_r
Aug 12 15:31:11 charon: 14[MGR] <con1|1> checkin of IKE_SA successful
Aug 12 15:31:11 charon: 03[NET] sending packet: from 50.202.0.0[500] to 173.160.0.0[500]
Aug 12 15:31:11 charon: 14[MGR] <con1|1> checkin IKE_SA con1[1]
Aug 12 15:31:11 charon: 14[NET] <con1|1> sending packet: from 50.202.0.0[500] to 173.160.0.0[500] (176 bytes)
Aug 12 15:31:11 charon: 14[IKE] <con1|1> sending retransmit 1 of request message ID 0, seq 1
Aug 12 15:31:11 charon: 14[MGR] IKE_SA con1[1] successfully checked out
Aug 12 15:31:11 charon: 14[MGR] checkout IKEv1 SA with SPIs 741bd97ad3a7391b_i 0000000000000000_r
Aug 12 15:31:07 charon: 03[NET] sending packet: from 50.202.0.0[500] to 173.160.0.0[500]
Aug 12 15:31:07 charon: 14[ENC] <con1|1> 144: 07 03 58 45 5C 57 28 F2 0E 95 45 2F 00 00 00 14 ..XE\W(...E/....
Aug 12 15:31:07 charon: 14[ENC] <con1|1> 128: 00 D6 C2 D3 80 00 00 00 0D 00 00 14 4A 13 1C 81 ............J...
Aug 12 15:31:07 charon: 14[ENC] <con1|1> 96: AF CA D7 13 68 A1 F1 C9 6B 86 96 FC 77 57 01 00 ....h...k...wW..
Aug 12 15:31:07 charon: 14[ENC] <con1|1> 32: 00 00 00 01 00 00 00 01 00 00 00 28 00 01 00 01 ...........(....
Aug 12 15:31:07 charon: 14[ENC] <con1|1> 16: EC 42 7B 1F .B{.
Aug 12 15:31:07 charon: 14[ENC] <con1|1> 0: 00 00 00 14 90 CB 80 91 3E BB 69 6E 08 63 81 B5 ........>.in.c..
Aug 12 15:31:07 charon: 14[ENC] <con1|1> generated data for this payload => 20 bytes @ 0x00000303de24609c
Aug 12 15:31:07 charon: 14[ENC] <con1|1> generating VENDOR_ID_V1 payload finished
Aug 12 15:31:07 charon: 14[ENC] <con1|1> 0: 90 CB 80 91 3E BB 69 6E 08 63 81 B5 EC 42 7B 1F ....>.in.c...B{.
Aug 12 15:31:07 charon: 14[ENC] <con1|1> => 16 bytes @ 0x00000303de20d030
Aug 12 15:31:07 charon: 14[ENC] <con1|1> generating rule 10 CHUNK_DATA
Aug 12 15:31:07 charon: 14[ENC] <con1|1> 0: 00 14 ..
Aug 12 15:31:07 charon: 14[ENC] <con1|1> => 2 bytes @ 0x00000303dcfa5bf2
Aug 12 15:31:07 charon: 14[ENC] <con1|1> generating rule 9 PAYLOAD_LENGTH
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
19.7.2 IPSec Problems