Guest User

OPNSense IPsec log

a guest
May 7th, 2018
214
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. May 7 12:12:59 router charon: 16[CFG] received stroke: terminate 'con1'
  2. May 7 12:12:59 router charon: 05[IKE] deleting IKE_SA con1[476] between BRANCHOFFICE-VDSL-WAN-IP[router@btr.some.lan]...HEADOFFICE-FIBER-WAN-IP[router@some.lan]
  3. May 7 12:12:59 router charon: 05[IKE] deleting IKE_SA con1[476] between BRANCHOFFICE-VDSL-WAN-IP[router@btr.some.lan]...HEADOFFICE-FIBER-WAN-IP[router@some.lan]
  4. May 7 12:12:59 router charon: 05[IKE] sending DELETE for IKE_SA con1[476]
  5. May 7 12:12:59 router charon: 05[ENC] generating INFORMATIONAL request 21 [ D ]
  6. May 7 12:12:59 router charon: 05[NET] sending packet: from BRANCHOFFICE-VDSL-WAN-IP[4500] to HEADOFFICE-FIBER-WAN-IP[4500] (76 bytes)
  7. May 7 12:13:03 router charon: 05[IKE] retransmit 1 of request with message ID 21
  8. May 7 12:13:03 router charon: 05[NET] sending packet: from BRANCHOFFICE-VDSL-WAN-IP[4500] to HEADOFFICE-FIBER-WAN-IP[4500] (76 bytes)
  9. May 7 12:13:10 router charon: 05[IKE] retransmit 2 of request with message ID 21
  10. May 7 12:13:10 router charon: 05[NET] sending packet: from BRANCHOFFICE-VDSL-WAN-IP[4500] to HEADOFFICE-FIBER-WAN-IP[4500] (76 bytes)
  11. May 7 12:13:23 router charon: 05[IKE] retransmit 3 of request with message ID 21
  12. May 7 12:13:23 router charon: 05[NET] sending packet: from BRANCHOFFICE-VDSL-WAN-IP[4500] to HEADOFFICE-FIBER-WAN-IP[4500] (76 bytes)
  13. May 7 12:13:25 router charon: 05[CFG] received stroke: terminate 'con1'
  14. May 7 12:13:25 router charon: 09[IKE] destroying IKE_SA in state DELETING without notification
  15. May 7 12:13:25 router charon: 06[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  16. May 7 12:13:25 router charon: 09[IKE] initiating IKE_SA con1[477] to HEADOFFICE-FIBER-WAN-IP
  17. May 7 12:13:25 router charon: 09[IKE] initiating IKE_SA con1[477] to HEADOFFICE-FIBER-WAN-IP
  18. May 7 12:13:25 router charon: 09[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  19. May 7 12:13:25 router charon: 09[NET] sending packet: from BRANCHOFFICE-VDSL-WAN-IP[500] to HEADOFFICE-FIBER-WAN-IP[500] (336 bytes)
  20. May 7 12:13:25 router charon: 09[NET] received packet: from HEADOFFICE-FIBER-WAN-IP[500] to BRANCHOFFICE-VDSL-WAN-IP[500] (361 bytes)
  21. May 7 12:13:25 router charon: 09[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ]
  22. May 7 12:13:25 router charon: 09[IKE] received 1 cert requests for an unknown ca
  23. May 7 12:13:25 router charon: 09[IKE] authentication of 'router@btr.some.lan' (myself) with pre-shared key
  24. May 7 12:13:25 router charon: 09[IKE] establishing CHILD_SA con1{53892} reqid 2
  25. May 7 12:13:25 router charon: 09[IKE] establishing CHILD_SA con1{53892} reqid 2
  26. May 7 12:13:25 router charon: 09[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  27. May 7 12:13:25 router charon: 09[NET] sending packet: from BRANCHOFFICE-VDSL-WAN-IP[4500] to HEADOFFICE-FIBER-WAN-IP[4500] (332 bytes)
  28. May 7 12:13:26 router charon: 06[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  29. May 7 12:13:26 router charon: 13[CFG] ignoring acquire, connection attempt pending
  30. May 7 12:13:26 router charon: 13[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  31. May 7 12:13:26 router charon: 13[CFG] ignoring acquire, connection attempt pending
  32. May 7 12:13:26 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  33. May 7 12:13:26 router charon: 13[CFG] ignoring acquire, connection attempt pending
  34. May 7 12:13:26 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  35. May 7 12:13:26 router charon: 13[CFG] ignoring acquire, connection attempt pending
  36. May 7 12:13:26 router charon: 13[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  37. May 7 12:13:26 router charon: 07[CFG] ignoring acquire, connection attempt pending
  38. May 7 12:13:27 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  39. May 7 12:13:27 router charon: 13[CFG] ignoring acquire, connection attempt pending
  40. May 7 12:13:27 router charon: 13[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  41. May 7 12:13:27 router charon: 07[CFG] ignoring acquire, connection attempt pending
  42. May 7 12:13:27 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  43. May 7 12:13:27 router charon: 13[CFG] ignoring acquire, connection attempt pending
  44. May 7 12:13:27 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  45. May 7 12:13:27 router charon: 13[CFG] ignoring acquire, connection attempt pending
  46. May 7 12:13:28 router charon: 13[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  47. May 7 12:13:28 router charon: 07[CFG] ignoring acquire, connection attempt pending
  48. May 7 12:13:28 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  49. May 7 12:13:28 router charon: 15[CFG] ignoring acquire, connection attempt pending
  50. May 7 12:13:28 router charon: 15[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  51. May 7 12:13:28 router charon: 07[CFG] ignoring acquire, connection attempt pending
  52. May 7 12:13:28 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  53. May 7 12:13:28 router charon: 15[CFG] ignoring acquire, connection attempt pending
  54. May 7 12:13:29 router charon: 15[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  55. May 7 12:13:29 router charon: 07[CFG] ignoring acquire, connection attempt pending
  56. May 7 12:13:29 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  57. May 7 12:13:29 router charon: 15[CFG] ignoring acquire, connection attempt pending
  58. May 7 12:13:29 router charon: 15[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  59. May 7 12:13:29 router charon: 07[CFG] ignoring acquire, connection attempt pending
  60. May 7 12:13:29 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  61. May 7 12:13:29 router charon: 15[CFG] ignoring acquire, connection attempt pending
  62. May 7 12:13:29 router charon: 07[IKE] retransmit 1 of request with message ID 1
  63. May 7 12:13:29 router charon: 07[NET] sending packet: from BRANCHOFFICE-VDSL-WAN-IP[4500] to HEADOFFICE-FIBER-WAN-IP[4500] (332 bytes)
  64. May 7 12:13:30 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  65. May 7 12:13:30 router charon: 10[CFG] ignoring acquire, connection attempt pending
  66. May 7 12:13:30 router charon: 10[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  67. May 7 12:13:30 router charon: 07[CFG] ignoring acquire, connection attempt pending
  68. May 7 12:13:30 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  69. May 7 12:13:30 router charon: 10[CFG] ignoring acquire, connection attempt pending
  70. May 7 12:13:30 router charon: 10[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  71. May 7 12:13:30 router charon: 07[CFG] ignoring acquire, connection attempt pending
  72. May 7 12:13:31 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  73. May 7 12:13:31 router charon: 10[CFG] ignoring acquire, connection attempt pending
  74. May 7 12:13:31 router charon: 10[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  75. May 7 12:13:31 router charon: 07[CFG] ignoring acquire, connection attempt pending
  76. May 7 12:13:31 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  77. May 7 12:13:31 router charon: 10[CFG] ignoring acquire, connection attempt pending
  78. May 7 12:13:31 router charon: 10[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  79. May 7 12:13:31 router charon: 07[CFG] ignoring acquire, connection attempt pending
  80. May 7 12:13:31 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  81. May 7 12:13:31 router charon: 11[CFG] ignoring acquire, connection attempt pending
  82. May 7 12:13:32 router charon: 11[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  83. May 7 12:13:32 router charon: 07[CFG] ignoring acquire, connection attempt pending
  84. May 7 12:13:32 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  85. May 7 12:13:32 router charon: 07[CFG] ignoring acquire, connection attempt pending
  86. May 7 12:13:32 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  87. May 7 12:13:32 router charon: 11[CFG] ignoring acquire, connection attempt pending
  88. May 7 12:13:32 router charon: 11[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  89. May 7 12:13:32 router charon: 07[CFG] ignoring acquire, connection attempt pending
  90. May 7 12:13:33 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  91. May 7 12:13:33 router charon: 11[CFG] ignoring acquire, connection attempt pending
  92. May 7 12:13:33 router charon: 11[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  93. May 7 12:13:33 router charon: 11[CFG] ignoring acquire, connection attempt pending
  94. May 7 12:13:33 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  95. May 7 12:13:33 router charon: 07[CFG] ignoring acquire, connection attempt pending
  96. May 7 12:13:33 router charon: 05[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  97. May 7 12:13:33 router charon: 05[CFG] ignoring acquire, connection attempt pending
  98. May 7 12:13:34 router charon: 05[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  99. May 7 12:13:34 router charon: 05[CFG] ignoring acquire, connection attempt pending
  100. May 7 12:13:34 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  101. May 7 12:13:34 router charon: 07[CFG] ignoring acquire, connection attempt pending
  102. May 7 12:13:34 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  103. May 7 12:13:34 router charon: 14[CFG] ignoring acquire, connection attempt pending
  104. May 7 12:13:34 router charon: 14[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  105. May 7 12:13:34 router charon: 07[CFG] ignoring acquire, connection attempt pending
  106. May 7 12:13:35 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  107. May 7 12:13:35 router charon: 14[CFG] ignoring acquire, connection attempt pending
  108. May 7 12:13:35 router charon: 14[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  109. May 7 12:13:35 router charon: 07[CFG] ignoring acquire, connection attempt pending
  110. May 7 12:13:35 router charon: 07[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  111. May 7 12:13:35 router charon: 14[CFG] ignoring acquire, connection attempt pending
  112. May 7 12:13:35 router charon: 14[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  113. May 7 12:13:35 router charon: 07[CFG] ignoring acquire, connection attempt pending
  114. May 7 12:13:36 router charon: 14[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  115. May 7 12:13:36 router charon: 14[CFG] ignoring acquire, connection attempt pending
  116. May 7 12:13:36 router charon: 14[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  117. May 7 12:13:36 router charon: 14[CFG] ignoring acquire, connection attempt pending
  118. May 7 12:13:36 router charon: 12[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  119. May 7 12:13:36 router charon: 14[CFG] ignoring acquire, connection attempt pending
  120. May 7 12:13:36 router charon: 14[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  121. May 7 12:13:36 router charon: 12[CFG] ignoring acquire, connection attempt pending
  122. May 7 12:13:36 router charon: 12[KNL] creating acquire job for policy BRANCHOFFICE-VDSL-WAN-IP/32 === HEADOFFICE-FIBER-WAN-IP/32 with reqid {2}
  123. May 7 12:13:36 router charon: 14[CFG] ignoring acquire, connection attempt pending
  124. May 7 12:13:37 router charon: 14[IKE] retransmit 2 of request with message ID 1
  125. May 7 12:13:37 router charon: 14[NET] sending packet: from BRANCHOFFICE-VDSL-WAN-IP[4500] to HEADOFFICE-FIBER-WAN-IP[4500] (332 bytes)
  126. May 7 12:13:37 router charon: 14[NET] received packet: from HEADOFFICE-FIBER-WAN-IP[4500] to BRANCHOFFICE-VDSL-WAN-IP[4500] (268 bytes)
  127. May 7 12:13:37 router charon: 14[ENC] parsed IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) ]
  128. May 7 12:13:37 router charon: 14[IKE] authentication of 'router@some.lan' with pre-shared key successful
  129. May 7 12:13:37 router charon: 14[IKE] IKE_SA con1[477] established between BRANCHOFFICE-VDSL-WAN-IP[router@btr.some.lan]...HEADOFFICE-FIBER-WAN-IP[router@some.lan]
  130. May 7 12:13:37 router charon: 14[IKE] IKE_SA con1[477] established between BRANCHOFFICE-VDSL-WAN-IP[router@btr.some.lan]...HEADOFFICE-FIBER-WAN-IP[router@some.lan]
  131. May 7 12:13:37 router charon: 14[IKE] scheduling reauthentication in 28107s
  132. May 7 12:13:37 router charon: 14[IKE] maximum IKE_SA lifetime 28647s
  133. May 7 12:13:37 router charon: 14[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
  134. May 7 12:13:37 router charon: 14[IKE] CHILD_SA con1{53892} established with SPIs ccaca3a1_i c61d5a7c_o and TS 10.xx.yy.0/24 === 10.10.xx.0/24
  135. May 7 12:13:37 router charon: 14[IKE] CHILD_SA con1{53892} established with SPIs ccaca3a1_i c61d5a7c_o and TS 10.xx.yy.0/24 === 10.10.xx.0/24
  136. May 7 12:13:37 router charon: 14[IKE] received AUTH_LIFETIME of 28158s, scheduling reauthentication in 27618s
  137. May 7 12:13:37 router charon: 14[IKE] peer supports MOBIKE
RAW Paste Data