2022:12:09-09:59:00 sgmrgt02-1 pluto[19105]: | next event EVENT_DPD_UPDATE in 0 seconds for #6188 2022:12:09-09:59:00 sgmrgt02-1 pluto[19105]: | 2022:12:09-09:59:00 sgmrgt02-1 pluto[19105]: | *time to handle event 2022:12:09-09:59:00 sgmrgt02-1 pluto[19105]: | event after this is EVENT_DPD_UPDATE in 2 seconds 2022:12:09-09:59:00 sgmrgt02-1 pluto[19105]: | get esp.1ca17a25@IP_OF_FIREWALL 2022:12:09-09:59:00 sgmrgt02-1 pluto[19105]: | current: 40709 bytes 2022:12:09-09:59:00 sgmrgt02-1 pluto[19105]: | get inbound policy with reqid 38641 2022:12:09-09:59:00 sgmrgt02-1 pluto[19105]: | use_time: Dec 09 09:58:55 2022 2022:12:09-09:59:00 sgmrgt02-1 pluto[19105]: | inserting event EVENT_DPD_UPDATE, timeout in 30 seconds for #6188 2022:12:09-09:59:00 sgmrgt02-1 pluto[19105]: | next event EVENT_DPD_UPDATE in 2 seconds for #6168 2022:12:09-09:59:00 sgmrgt02-2 pluto[18480]: | HA System: received SYNC_UPD_SEQ message (44 bytes) from 198.19.250.1 2022:12:09-09:59:00 sgmrgt02-2 pluto[18480]: | next event EVENT_SA_EXPIRE in 90 seconds for #6134 2022:12:09-09:59:00 sgmrgt02-2 pluto[18480]: | 2022:12:09-09:59:00 sgmrgt02-2 pluto[18480]: | *received kernel message 2022:12:09-09:59:00 sgmrgt02-2 pluto[18480]: | netlink_get: XFRM_MSG_NEWAE message 2022:12:09-09:59:00 sgmrgt02-2 pluto[18480]: | next event EVENT_SA_EXPIRE in 90 seconds for #6134 2022:12:09-09:59:08 sgmrgt02-1 pluto[19105]: | *received 28 bytes from 37.201.6.102:30590 on eth18 2022:12:09-09:59:08 sgmrgt02-1 pluto[19105]: packet from 37.201.6.102:30590: length of ISAKMP Message is smaller than minimum 2022:12:09-09:59:08 sgmrgt02-1 pluto[19105]: packet from 37.201.6.102:30590: sending notification PAYLOAD_MALFORMED to 37.201.6.102:30590 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: | *received 180 bytes from 37.201.6.102:30515 on eth18 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: packet from 37.201.6.102:30515: received Vendor ID payload [XAUTH] 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: packet from 37.201.6.102:30515: received Vendor ID payload [Dead Peer Detection] 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: packet from 37.201.6.102:30515: ignoring Vendor ID payload [FRAGMENTATION 80000000] 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: packet from 37.201.6.102:30515: received Vendor ID payload [RFC 3947] 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: packet from 37.201.6.102:30515: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: | instantiated "D_IPSec_Verwaltung-0" for 37.201.6.102 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[16] 37.201.6.102:30515 #6193: responding to Main Mode from unknown peer 37.201.6.102:30515 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: | *received 300 bytes from 37.201.6.102:30515 on eth18 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[16] 37.201.6.102:30515 #6193: NAT-Traversal: Result using RFC 3947: peer is NATed 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: | *received 524 bytes from 37.201.6.102:30512 on eth18 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: | NAT-T: new mapping 37.201.6.102:30515/30512) 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[16] 37.201.6.102:30512 #6193: Peer ID is ID_USER_FQDN: 'EMAIL_OF_THE_USER' 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: | instantiated "D_IPSec_Verwaltung-0" for 37.201.6.102 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: deleting connection "D_IPSec_Verwaltung-0"[16] instance with peer 37.201.6.102 {isakmp=#0/ipsec=#0} 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: we have a cert and are sending it 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: Dead Peer Detection (RFC 3706) enabled 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: sent MR3, ISAKMP SA established 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: sending XAUTH request 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: | *received 92 bytes from 37.201.6.102:30512 on eth18 2022:12:09-09:59:10 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: parsing XAUTH reply 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: extended authentication was successful 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: sending XAUTH status 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: | *received 76 bytes from 37.201.6.102:30512 on eth18 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: parsing XAUTH ack 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: received XAUTH ack, established 2022:12:09-09:59:12 sgmrgt02-2 pluto[18480]: | instantiated "D_IPSec_Verwaltung-0" for 37.201.6.102 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: | *received 76 bytes from 37.201.6.102:30512 on eth18 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: parsing ModeCfg request 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: peer requested virtual IP %any 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: assigning virtual IP 192.168.6.1 to peer 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: sending ModeCfg reply 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6193: sent ModeCfg reply, established 2022:12:09-09:59:12 sgmrgt02-2 pluto[18480]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512: deleting connection "D_IPSec_Verwaltung-0"[21] instance with peer 37.201.6.102 {isakmp=#0/ipsec=#0} 2022:12:09-09:59:12 sgmrgt02-2 pluto[18480]: | instantiated "D_IPSec_Verwaltung-0" for 37.201.6.102 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: | *received 380 bytes from 37.201.6.102:30512 on eth18 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6194: responding to Quick Mode 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: | *received 60 bytes from 37.201.6.102:30512 on eth18 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: | route owner of "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 unrouted: NULL; eroute owner: NULL 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: | route owner of "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 unrouted: NULL; eroute owner: NULL 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: | eroute_connection add eroute 0.0.0.0/0:0 -> 192.168.6.1/32:0 => tun.0@37.201.6.102:0 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6194: ERROR: netlink XFRM_MSG_NEWPOLICY response for flow tun.0@37.201.6.102 included errno 17: File exists 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: | delete esp.f9a63162@37.201.6.102 2022:12:09-09:59:12 sgmrgt02-1 pluto[19105]: | route owner of "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 unrouted: NULL; eroute owner: NULL 2022:12:09-09:59:22 sgmrgt02-1 pluto[19105]: | handling event EVENT_RETRANSMIT for 37.201.6.102 "D_IPSec_Verwaltung-0" #6194 2022:12:09-09:59:22 sgmrgt02-1 pluto[19105]: | *received 60 bytes from 37.201.6.102:30512 on eth18 2022:12:09-09:59:22 sgmrgt02-1 pluto[19105]: | route owner of "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 unrouted: NULL; eroute owner: NULL 2022:12:09-09:59:22 sgmrgt02-1 pluto[19105]: "D_IPSec_Verwaltung-0"[21] 37.201.6.102:30512 #6194: ERROR: netlink response for Add SA esp.e20f12b6@IP_OF_FIREWALL included errno 3: No such process 2022:12:09-09:59:27 sgmrgt02-1 pluto[19105]: | *received 92 bytes from 37.201.6.102:30512 on eth18