Ipsec não reconhece phase 2

1. Ipsec não reconhece phase 2

Paulo Levi Assuncao Sa
leviassuncao

(usa Fedora)

Enviado em 09/12/2014 - 15:27h

Ola pessoal eu tenho um tunel vpn IPSEc entre um servidor linux e um microtick onde eventualmente a vpn cai e em seguida volta os logs que encontro segue abaixo.

Gostaria da ajuda para ler esses logs etentar identificar o problema pois só vejo informações inuteis para solução.

#######
descrição dos links

matris
rede local: 192.168.1.0/24
link dedicado com ip fixo servidor linux

filial:
rede local: 192.168.6.0/24
link adsl sem ip dedicado microtik (captura ip por dyndns, obs: não ha mudança de ip no momento das falhas)
#########


logs

2014-12-08 10:20:02: DEBUG: Netlink: address fe80::a6ba:dbff:fe0a:b7dd%eth0 added
2014-12-08 10:20:02: DEBUG: Netlink: address fe80::a6ba:dbff:fe0a:b7de%eth1 added
2014-12-08 10:20:02: DEBUG: Netlink: address fe80::21b:21ff:fe4b:3e90%eth2 added
2014-12-08 10:20:02: DEBUG: Netlink: address fe80::21b:21ff:fe4b:3e91%eth3 added
2014-12-08 10:20:02: [201.9.183.231] DEBUG: getrmconf_by_ph1: remote $ipfilial[500], identity $ipfilial.
2014-12-08 10:20:02: [201.9.183.231] DEBUG: configuration "$ipfilial[500]" selected.
2014-12-08 10:20:02: DEBUG: getsainfo params: loc='192.168.1.0/24' rmt='192.168.6.0/24' peer='NULL' client='NULL' id=1
2014-12-08 10:20:02: DEBUG: evaluating sainfo: loc='192.168.1.0/24', rmt='192.168.6.0/24', peer='ANY', id=1
2014-12-08 10:20:02: DEBUG: check and compare ids : values matched (IPv4_subnet)
2014-12-08 10:20:02: DEBUG: cmpid target: '192.168.1.0/24'
2014-12-08 10:20:02: DEBUG: cmpid source: '192.168.1.0/24'
2014-12-08 10:20:02: DEBUG: check and compare ids : values matched (IPv4_subnet)
2014-12-08 10:20:02: DEBUG: cmpid target: '192.168.6.0/24'
2014-12-08 10:20:02: DEBUG: cmpid source: '192.168.6.0/24'
2014-12-08 10:20:02: DEBUG: No approval found !
2014-12-08 10:20:02: DEBUG: PH2 not validated, removing it
2014-12-08 10:20:02: DEBUG: Deleting a Ph2...
2014-12-08 10:20:02: DEBUG: IV freed
2014-12-08 10:20:02: DEBUG: ===
2014-12-08 10:20:02: DEBUG: 164 bytes message received from $ipfilial[500] to $ipmatriz[500]
2014-12-08 10:20:02: DEBUG:
ef00f8b2 72447b9f 8bff012f e8b13fe1 08102001 89a347c8 000000a4 c873777e
f00badc6 af37efe6 5d016937 bbb07655 d83e7c08 7e320dcc e2b1a8a0 9ef9811e
70a4bd1f d13dd54e 07f9e443 0d65acaf d67f791c b311e44e b8bc20db 24c8241a
57207738 20fd5d91 c81deef0 1f24dcab c687c849 d6926d79 6d00b255 7a81bfab
4d22f9d6 097f0180 967f06a4 ffc7614f fa864cd3 0a7852c9 e41d2203 aec62c8c
91bc9698
2014-12-08 10:20:02: DEBUG: compute IV for phase2
2014-12-08 10:20:02: DEBUG: compute IV for phase2
2014-12-08 10:20:02: DEBUG: phase1 last IV:
2014-12-08 10:20:02: DEBUG:
16b20c1a 1661b03d 89a347c8
2014-12-08 10:20:02: DEBUG: hash(md5)
2014-12-08 10:20:02: DEBUG: encryption(3des)
2014-12-08 10:20:02: DEBUG: phase2 IV computed:
2014-12-08 10:20:02: DEBUG:
398f8064 038e4458
2014-12-08 10:20:02: DEBUG: ===


  






Patrocínio

Site hospedado pelo provedor RedeHost.
Linux banner
Linux banner

Destaques

Artigos

Dicas

Tópicos

Top 10 do mês

Scripts