Coffi
21.07.03, 11:03
s-csm-04:/usr/share/ssl/misc # tail -f /var/log/warn
Jul 21 12:00:38 s-csm-04 pluto[6281]: Changing to directory '/etc/ipsec.d/cacerts'
Jul 21 12:00:38 s-csm-04 pluto[6281]: loaded cacert file 'RootCA.der' (1017 bytes)
Jul 21 12:00:38 s-csm-04 pluto[6281]: Changing to directory '/etc/ipsec.d/crls'
Jul 21 12:00:38 s-csm-04 pluto[6281]: loaded crl file 'crl.pem' (625 bytes)
Jul 21 12:00:38 s-csm-04 pluto[6281]: loaded my default X.509 cert file '/etc/x509cert.der' (1064 bytes)
Jul 21 12:00:39 s-csm-04 pluto[6281]: added connection description "client-int"
Jul 21 12:00:39 s-csm-04 pluto[6281]: added connection description "client-ext"
Jul 21 12:00:39 s-csm-04 pluto[6281]: listening for IKE messages
Jul 21 12:00:39 s-csm-04 pluto[6281]: adding interface ipsec0/eth1 192.168.0.97
Jul 21 12:00:39 s-csm-04 pluto[6281]: loading secrets from "/etc/ipsec.secrets"
Jul 21 12:01:53 s-csm-04 pluto[6281]: packet from 192.168.0.14:500: ignoring Vendor ID payload
Jul 21 12:01:53 s-csm-04 pluto[6281]: "client-int"[1] 192.168.0.14 #1: responding to Main Mode from unknown peer 192.168.0.14
Jul 21 12:01:53 s-csm-04 pluto[6281]: "client-int"[1] 192.168.0.14 #1: encrypted Informational Exchange message is invalid because it is for incomplete ISAKMP SA
Jul 21 12:03:03 s-csm-04 pluto[6281]: "client-int"[1] 192.168.0.14 #1: max number of retransmissions (2) reached STATE_MAIN_R2
Jul 21 12:03:03 s-csm-04 pluto[6281]: "client-int"[1] 192.168.0.14: deleting connection "client-int" instance with peer 192.168.0.14
Jul 21 12:03:23 s-csm-04 pluto[6281]: packet from 192.168.0.14:500: Informational Exchange is for an unknown (expired?) SA
Was könnt ihr mir dazu sagen? Woran kann mein fehler liegen?
Jul 21 12:00:38 s-csm-04 pluto[6281]: Changing to directory '/etc/ipsec.d/cacerts'
Jul 21 12:00:38 s-csm-04 pluto[6281]: loaded cacert file 'RootCA.der' (1017 bytes)
Jul 21 12:00:38 s-csm-04 pluto[6281]: Changing to directory '/etc/ipsec.d/crls'
Jul 21 12:00:38 s-csm-04 pluto[6281]: loaded crl file 'crl.pem' (625 bytes)
Jul 21 12:00:38 s-csm-04 pluto[6281]: loaded my default X.509 cert file '/etc/x509cert.der' (1064 bytes)
Jul 21 12:00:39 s-csm-04 pluto[6281]: added connection description "client-int"
Jul 21 12:00:39 s-csm-04 pluto[6281]: added connection description "client-ext"
Jul 21 12:00:39 s-csm-04 pluto[6281]: listening for IKE messages
Jul 21 12:00:39 s-csm-04 pluto[6281]: adding interface ipsec0/eth1 192.168.0.97
Jul 21 12:00:39 s-csm-04 pluto[6281]: loading secrets from "/etc/ipsec.secrets"
Jul 21 12:01:53 s-csm-04 pluto[6281]: packet from 192.168.0.14:500: ignoring Vendor ID payload
Jul 21 12:01:53 s-csm-04 pluto[6281]: "client-int"[1] 192.168.0.14 #1: responding to Main Mode from unknown peer 192.168.0.14
Jul 21 12:01:53 s-csm-04 pluto[6281]: "client-int"[1] 192.168.0.14 #1: encrypted Informational Exchange message is invalid because it is for incomplete ISAKMP SA
Jul 21 12:03:03 s-csm-04 pluto[6281]: "client-int"[1] 192.168.0.14 #1: max number of retransmissions (2) reached STATE_MAIN_R2
Jul 21 12:03:03 s-csm-04 pluto[6281]: "client-int"[1] 192.168.0.14: deleting connection "client-int" instance with peer 192.168.0.14
Jul 21 12:03:23 s-csm-04 pluto[6281]: packet from 192.168.0.14:500: Informational Exchange is for an unknown (expired?) SA
Was könnt ihr mir dazu sagen? Woran kann mein fehler liegen?