Hi everyone,
I have established IPsec connection m0n0wal - Windows 2k.
Everything work's and look's good except that every 47min connection is reestablishing etirely this means - IPsec tunel is dead for a fraction.
m0n0wall log:
Apr 25 14:29:40 racoon: ERROR: unknown Informational exchange received.
Apr 25 14:29:37 racoon: INFO: IPsec-SA established: ESP/Tunnel <ENDPOINT_IP_2>
- -><ENDPOINT_IP_1>
- spi=4227114768(0xfbf4a710)
Apr 25 14:29:37 racoon: INFO: IPsec-SA established: ESP/Tunnel <ENDPOINT_IP_1>
- -><ENDPOINT_IP_2>
- spi=171284978(0xa3599f2)
Apr 25 14:29:37 racoon: INFO: respond new phase 2 negotiation: <ENDPOINT_IP_2>
Apr 25 14:29:37 racoon: INFO: ISAKMP-SA established <ENDPOINT_IP_2>[500]-<ENDPOINT_IP_1>[500] spi:68818ce861b41ab0:b3c2ebb2b4ed0c0f
Apr 25 14:29:37 racoon: INFO: ISAKMP-SA deleted <ENDPOINT_IP_2>[500]-<ENDPOINT_IP_1>[500] spi:3c55006e6141e746:ae4110ee520be7bf
Apr 25 14:29:37 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
Apr 25 14:29:37 racoon: INFO: received Vendor ID: FRAGMENTATION
Apr 25 14:29:37 racoon: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY
Apr 25 14:29:37 racoon: INFO: begin Identity Protection mode.
Apr 25 14:29:37 racoon: INFO: respond new phase 1 negotiation: <ENDPOINT_IP_2>[500]<=><ENDPOINT_IP_1>[500]
Apr 25 14:29:36 racoon: ERROR: unknown Informational exchange received.
Apr 25 14:29:36 racoon: INFO: purged ISAKMP-SA spi=3c55006e6141e746:ae4110ee520be7bf.
Apr 25 14:29:36 racoon: INFO: purged IPsec-SA spi=31739648.
Apr 25 14:29:36 racoon: INFO: purged IPsec-SA spi=112500574.
Apr 25 14:29:36 racoon: INFO: purged IPsec-SA spi=2496576544.
Apr 25 14:29:36 racoon: INFO: purging ISAKMP-SA spi=3c55006e6141e746:ae4110ee520be7bf.
Apr 25 14:29:36 racoon: INFO: IPsec-SA expired: ESP/Tunnel <ENDPOINT_IP_1>
- -><ENDPOINT_IP_2>
- spi=112500574(0x6b49f5e)
Apr 25 14:29:36 racoon: INFO: initiate new phase 2 negotiation: <ENDPOINT_IP_2>
Apr 25 14:29:36 racoon: INFO: IPsec-SA expired: ESP/Tunnel <ENDPOINT_IP_2>
- -><ENDPOINT_IP_1>
- spi=2496576544(0x94cebc20)
sometimes:
Apr 25 15:22:45 racoon: ERROR: unknown Informational exchange received.
Apr 25 15:22:43 racoon: INFO: IPsec-SA established: ESP/Tunnel <ENDPOINT_IP_2>
- -><ENDPOINT_IP_1>
- spi=2684323365(0x9fff8625)
Apr 25 15:22:43 racoon: INFO: IPsec-SA established: ESP/Tunnel <ENDPOINT_IP_1>
- -><ENDPOINT_IP_2>
- spi=27475181(0x1a33ced)
Apr 25 15:22:43 racoon: WARNING: ignore CONNECTED notification.
Apr 25 15:22:43 racoon: NOTIFY: the packet is retransmitted by <ENDPOINT_IP_1>[500].
Apr 25 15:22:42 racoon: WARNING: attribute has been modified.
Apr 25 15:22:39 racoon: INFO: initiate new phase 2 negotiation: <ENDPOINT_IP_2>
Apr 25 15:22:39 racoon: INFO: ISAKMP-SA deleted <ENDPOINT_IP_2>[500]-<ENDPOINT_IP_1>[500] spi:68818ce861b41ab0:b3c2ebb2b4ed0c0f
Apr 25 15:22:38 racoon: INFO: ISAKMP-SA established <ENDPOINT_IP_2>[500]-<ENDPOINT_IP_1>[500] spi:38b6a243ef6dc784:e1f42e662b4328af
Apr 25 15:22:38 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
Apr 25 15:22:38 racoon: INFO: received Vendor ID: FRAGMENTATION
Apr 25 15:22:38 racoon: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY
Apr 25 15:22:38 racoon: INFO: begin Identity Protection mode.
Apr 25 15:22:38 racoon: INFO: initiate new phase 1 negotiation: <ENDPOINT_IP_2>[500]<=><ENDPOINT_IP_1>[500]
Apr 25 15:22:38 racoon: INFO: IPsec-SA request for <ENDPOINT_IP_1> queued due to no phase1 found.
Apr 25 15:22:38 racoon: INFO: purged ISAKMP-SA spi=68818ce861b41ab0:b3c2ebb2b4ed0c0f.
Apr 25 15:22:38 racoon: INFO: purged IPsec-SA spi=171284978.
Apr 25 15:22:38 racoon: INFO: purged IPsec-SA spi=4227114768.
Apr 25 15:22:38 racoon: INFO: purging ISAKMP-SA spi=68818ce861b41ab0:b3c2ebb2b4ed0c0f.
Apr 25 15:17:38 racoon: INFO: IPsec-SA expired: ESP/Tunnel <ENDPOINT_IP_1>
- -><ENDPOINT_IP_2>
- spi=171284978(0xa3599f2)
Apr 25 15:17:38 racoon: INFO: IPsec-SA expired: ESP/Tunnel <ENDPOINT_IP_2>
- -><ENDPOINT_IP_1>
- spi=4227114768(0xfbf4a710)
Windows LOG: it's empty regarding this and IPsec Monitor did not noticed tunel reestablishment
Any help?
Topic: IPSEC m0n0wal - Windows 2k 