Hey, I managed to get my kernel fixed, so ipsec should be able to work.
But when a client connects, I get this: Dec 22 14:07:05 woodpecker charon: 13[NET] received packet: from 195.184.32.72[500] to 83.89.2.204[500] Dec 22 14:07:05 woodpecker charon: 13[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ] Dec 22 14:07:05 woodpecker charon: 13[IKE] 195.184.32.72 is initiating an IKE_SA Dec 22 14:07:05 woodpecker charon: 13[IKE] remote host is behind NAT Dec 22 14:07:05 woodpecker charon: 13[IKE] sending cert request for "DC=dk, DC=gurlinet, DC=home, CN=GurliNET Systems Certificate Authority" Dec 22 14:07:05 woodpecker charon: 13[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ] Dec 22 14:07:05 woodpecker charon: 13[NET] sending packet: from 83.89.2.204[500] to 195.184.32.72[500] Dec 22 14:07:06 woodpecker charon: 14[NET] received packet: from 195.184.32.72[4500] to 83.89.2.204[4500] Dec 22 14:07:06 woodpecker charon: 14[ENC] unknown attribute type INTERNAL_IP4_SERVER Dec 22 14:07:06 woodpecker charon: 14[ENC] unknown attribute type INTERNAL_IP6_SERVER Dec 22 14:07:06 woodpecker charon: 14[ENC] parsed IKE_AUTH request 1 [ IDi CERT CERTREQ AUTH N(MOBIKE_SUP) CP SA TSi TSr ] Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for "DC=dk, DC=gurlinet, DC=home, CN=GurliNET Systems Certificate Authority" Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid ce:5f:bc:70:e3:29:0c:45:37:04:6b:c2:8a:ea:b9:78:3d:4e:60:2d Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 0e:ac:82:60:40:56:27:97:e5:25:13:fc:2a:e1:0a:53:95:59:e4:a4 Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid dd:bc:bd:86:9c:3f:07:ed:40:e3:1b:08:ef:ce:c4:d1:88:cd:3b:15 Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 4a:5c:75:22:aa:46:bf:a4:08:9d:39:97:4e:bd:b4:a3:60:f7:a0:1d Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 01:f0:33:4c:1a:a1:d9:ee:5b:7b:a9:de:43:bc:02:7d:57:09:33:fb Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 34:4f:30:2d:25:69:31:91:ea:f7:73:5c:ab:f5:86:8d:37:82:40:ec Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 3e:df:29:0c:c1:f5:cc:73:2c:eb:3d:24:e1:7e:52:da:bd:27:e2:f0 Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid da:ed:64:74:14:9c:14:3c:ab:dd:99:a9:bd:5b:28:4d:8b:3c:c9:d8 Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 1a:21:b4:95:2b:62:93:ce:18:b3:65:ec:9c:0e:93:4c:b3:81:e6:d4 Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 59:79:12:de:61:75:d6:6f:c4:23:b7:77:13:74:c7:96:de:6f:88:72 Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 1a:21:b4:95:2b:62:93:ce:18:b3:65:ec:9c:0e:93:4c:b3:81:e6:d4 Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid e2:7f:7b:d8:77:d5:df:9e:0a:3f:9e:b4:cb:0e:2e:a9:ef:db:69:77 Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 5f:f3:24:6c:8f:91:24:af:9b:5f:3e:b0:34:6a:f4:2d:5c:a8:5d:cc Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 6d:aa:9b:09:87:c4:d0:d4:22:ed:40:07:37:4d:19:f1:91:ff:de:d3 Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid e2:7f:7b:d8:77:d5:df:9e:0a:3f:9e:b4:cb:0e:2e:a9:ef:db:69:77 Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 86:a0:4f:6a:c5:e9:6e:65:fc:09:ef:32:e5:99:28:ba:bb:fe:3c:a6 Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 9e:59:52:11:61:1b:d5:90:3e:1e:99:0c:e3:a3:a2:34:24:ec:79:4f Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid d0:5f:e9:97:bc:37:25:43:15:1b:50:02:f8:93:9f:8b:d6:e4:95:93 Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid ef:9f:a0:bd:30:00:a3:63:40:8c:e3:23:0e:62:1c:10:0b:1d:e5:1f Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 86:a0:4f:6a:c5:e9:6e:65:fc:09:ef:32:e5:99:28:ba:bb:fe:3c:a6 Dec 22 14:07:06 woodpecker charon: 14[IKE] received cert request for unknown ca with keyid 43:98:49:86:ad:c7:45:1b:68:c7:85:6f:53:2c:14:bf:49:13:b9:c3 Dec 22 14:07:06 woodpecker charon: 14[IKE] received end entity cert "CN=Bjarke Istrup Pedersen" Dec 22 14:07:06 woodpecker charon: 14[CFG] looking for peer configs matching 83.89.2.204[%any]...195.184.32.72[CN=Bjarke Istrup Pedersen] Dec 22 14:07:06 woodpecker charon: 14[CFG] selected peer config 'win7' Dec 22 14:07:06 woodpecker charon: 14[CFG] using certificate "CN=Bjarke Istrup Pedersen" Dec 22 14:07:06 woodpecker charon: 14[CFG] using trusted ca certificate "DC=dk, DC=gurlinet, DC=home, CN=GurliNET Systems Certificate Authority" Dec 22 14:07:06 woodpecker charon: 14[CFG] checking certificate status of "CN=Bjarke Istrup Pedersen" Dec 22 14:07:06 woodpecker charon: 14[CFG] fetching crl from ' http://hawk.home.gurlinet.dk/CertEnroll/GurliNET%20Systems%20Certificate%20Authority.crl' ... Dec 22 14:07:06 woodpecker charon: 14[CFG] using trusted certificate "DC=dk, DC=gurlinet, DC=home, CN=GurliNET Systems Certificate Authority" Dec 22 14:07:06 woodpecker charon: 14[CFG] crl correctly signed by "DC=dk, DC=gurlinet, DC=home, CN=GurliNET Systems Certificate Authority" Dec 22 14:07:06 woodpecker charon: 14[CFG] crl is valid: until Dec 29 08:44:08 2009 Dec 22 14:07:06 woodpecker charon: 14[CFG] certificate status is good Dec 22 14:07:06 woodpecker charon: 14[IKE] authentication of 'CN=Bjarke Istrup Pedersen' with RSA signature successful Dec 22 14:07:06 woodpecker charon: 14[IKE] peer supports MOBIKE Dec 22 14:07:06 woodpecker charon: 14[IKE] authentication of 'CN=GurliNET Systems StrongSWAN VPN Server' (myself) with RSA signature successful Dec 22 14:07:06 woodpecker charon: 14[IKE] IKE_SA win7[1] established between 83.89.2.204[CN=GurliNET Systems StrongSWAN VPN Server]...195.184.32.72[CN=Bjarke Istrup Pedersen] Dec 22 14:07:06 woodpecker charon: 14[IKE] scheduling reauthentication in 10144s Dec 22 14:07:06 woodpecker charon: 14[IKE] maximum IKE_SA lifetime 10684s Dec 22 14:07:06 woodpecker charon: 14[IKE] sending end entity cert "CN=GurliNET Systems StrongSWAN VPN Server" Dec 22 14:07:06 woodpecker charon: 14[IKE] peer requested virtual IP %any6 Dec 22 14:07:06 woodpecker charon: 14[CFG] assigning new lease to 'CN=Bjarke Istrup Pedersen' Dec 22 14:07:06 woodpecker charon: 14[IKE] assigning virtual IP 192.168.20.1 to peer Dec 22 14:07:06 woodpecker charon: 14[DMN] thread 2945547120 received 4 Dec 22 14:07:06 woodpecker charon: 14[DMN] killing ourself, received critical signal And then the ipsec daemons restarts. What does it mean by "thread X received 4" ? Best regards, Bjarke I. Pedersen _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
