Community discussions

MikroTik App
  4. RouterOS
  5. General

IPSEC PH2 stop working - Fortigate

Post Reply
 
robertbisom
just joined
Topic Author
Posts: 17
Joined: Wed Mar 29, 2017 4:08 am

IPSEC PH2 stop working - Fortigate

Tue Feb 20, 2024 6:44 pm

Hello,
we have problem in our Mikrotik RB 4011 (v 6.49.13). We have IPSEC IKE2 tunel with two PH2 phases between RB4011 and Fortigate on the otherside.

Several times a day one of 2 PH2 stops transferring traffic. Once when there is some trafic, other times when there is none. PH2 in this moment is in "estabilished" state, but packets stops go through.

I developed a script that checks result of ping on servers at the other site (behind the fortigate) and if 3 times servers doesn't reply ping, script reset that PH2 (disable it and re-enable). Reset PH2 works everytime.

Problem si every day.

Here is commented ipsec debug log from last times, problem (and resolution from my script) can be seen there:
Code: Select all
# rekey

Feb/20/2024 07:16:37 ipsec IPsec-SA expired: ESP/Tunnel 213.151.240.75[500]->193.85.228.170[500] spi=0x8699f5
Feb/20/2024 07:16:37 ipsec ike2 expire 0x53059101
Feb/20/2024 07:16:37 ipsec init child rekey
Feb/20/2024 07:16:37 ipsec IPsec-SA expired: ESP/Tunnel 193.85.228.170[500]->213.151.240.75[500] spi=0x53059101
Feb/20/2024 07:16:37 ipsec init child continue
Feb/20/2024 07:16:37 ipsec offering proto: 3
Feb/20/2024 07:16:37 ipsec  proposal #1
Feb/20/2024 07:16:37 ipsec   enc: aes256-cbc
Feb/20/2024 07:16:37 ipsec   auth: sha256
Feb/20/2024 07:16:37 ipsec   dh: modp1536
Feb/20/2024 07:16:37 ipsec adding payload: NONCE
Feb/20/2024 07:16:37 ipsec,debug => (size 0x1c)
Feb/20/2024 07:16:37 ipsec,debug 0000001c f44e6a68 8a6ff538 7d9c1a9f d3c18b8e f61948fc 8299de9e
Feb/20/2024 07:16:37 ipsec adding payload: KE
Feb/20/2024 07:16:37 ipsec,debug => (size 0xc8)
Feb/20/2024 07:16:37 ipsec,debug 000000c8 00050000 54fdbe9a d59c4795 0cb103d0 e3a578e5 bcbb27ca b7b73294
Feb/20/2024 07:16:37 ipsec,debug cd18e06d 39d76368 57b9fac2 41ee1ddc d3dfec71 4c930ab3 29920650 232efc33
Feb/20/2024 07:16:37 ipsec,debug d9523e0a 86b1ed62 1807397e d6303600 f58189e0 761d4d2f 80d08d75 e6f17323
Feb/20/2024 07:16:37 ipsec,debug 2cbb6934 6444d391 4b50e596 a7b0cd70 3fd7b5f5 464f2a60 61560f9b b47cb6c3
Feb/20/2024 07:16:37 ipsec,debug 6b1ed260 2725c909 786c68ed 3501331e 6d14af94 e058d61a c915706c 568c37cb
Feb/20/2024 07:16:37 ipsec,debug eb04caa3 26a568b5 a9980c7a 4d07c5a4 f3e9e98c cf67c42c 353fc695 ea77058f
Feb/20/2024 07:16:37 ipsec,debug 4d3580ce 51bb531e
Feb/20/2024 07:16:37 ipsec adding notify: REKEY_SA
Feb/20/2024 07:16:37 ipsec,debug => (size 0xc)
Feb/20/2024 07:16:37 ipsec,debug 0000000c 03044009 008699f5
Feb/20/2024 07:16:37 ipsec adding payload: SA
Feb/20/2024 07:16:37 ipsec,debug => (size 0x34)
Feb/20/2024 07:16:37 ipsec,debug 00000034 00000030 01030404 03638426 0300000c 0100000c 800e0100 03000008
Feb/20/2024 07:16:37 ipsec,debug 0300000c 03000008 04000005 00000008 05000000
Feb/20/2024 07:16:37 ipsec initiator selector: 192.168.4.0/24 
Feb/20/2024 07:16:37 ipsec adding payload: TS_I
Feb/20/2024 07:16:37 ipsec,debug => (size 0x18)
Feb/20/2024 07:16:37 ipsec,debug 00000018 01000000 07000010 0000ffff c0a80400 c0a804ff
Feb/20/2024 07:16:37 ipsec responder selector: 192.168.0.0/24 
Feb/20/2024 07:16:37 ipsec adding payload: TS_R
Feb/20/2024 07:16:37 ipsec,debug => (size 0x18)
Feb/20/2024 07:16:37 ipsec,debug 00000018 01000000 07000010 0000ffff c0a80000 c0a800ff
Feb/20/2024 07:16:37 ipsec <- ike2 request, exchange: CREATE_CHILD_SA:1106 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 07:16:37 ipsec,debug ===== sending 416 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 07:16:37 ipsec,debug 1 times of 420 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 07:16:37 ipsec,debug ===== received 400 bytes from 213.151.240.75[4500] to 193.85.228.170[4500]
Feb/20/2024 07:16:37 ipsec -> ike2 reply, exchange: CREATE_CHILD_SA:1106 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 07:16:37 ipsec payload seen: ENC (372 bytes)
Feb/20/2024 07:16:37 ipsec processing payload: ENC
Feb/20/2024 07:16:37 ipsec,debug => iv (size 0x10)
Feb/20/2024 07:16:37 ipsec,debug 3c42d533 a7b98aaf 87e6a862 1dab7be6
Feb/20/2024 07:16:37 ipsec,debug => decrypted and trimmed payload (size 0x140)
Feb/20/2024 07:16:37 ipsec,debug 28000034 00000030 01030404 53059135 0300000c 0100000c 800e0100 03000008
Feb/20/2024 07:16:37 ipsec,debug 0300000c 03000008 04000005 00000008 05000000 22000014 fa3b5eb6 59f92e19
Feb/20/2024 07:16:37 ipsec,debug 0f367008 d98267c6 2c0000c8 00050000 8432c662 9319172a ebf7712b 3f77cfdb
Feb/20/2024 07:16:37 ipsec,debug 6a5a1e1f 9121ab81 b8cc3d67 75c2c290 a760e9c9 7b953485 54419c77 d76e5bcf
Feb/20/2024 07:16:37 ipsec,debug ffabb24a 5b59e6bd 17ad6fa4 5fe6e2a4 b99a638e 39f16e59 d2f31f86 0b218bdb
Feb/20/2024 07:16:37 ipsec,debug 1694ff22 03a4a5ac f30c258e 2dee9b11 a91e5e91 d2a32fc6 9e9d52d1 86da2820
Feb/20/2024 07:16:37 ipsec,debug a9391db7 724b9d66 66c2c4a9 4e146156 04366dee b794b801 e7aa149d 802e346e
Feb/20/2024 07:16:37 ipsec,debug 86fbaa70 9fe69020 9bdd12d8 532c49d0 f01bdcdc fa069c71 903a9b8a 81819fcf
Feb/20/2024 07:16:37 ipsec,debug 
Feb/20/2024 07:16:37 ipsec,debug e696ae27 bc9a262d 7a30420f 7b54cb0a 2d000018 01000000 07000010 0000ffff
Feb/20/2024 07:16:37 ipsec,debug c0a80400 c0a804ff 00000018 01000000 07000010 0000ffff c0a80000 c0a800ff
Feb/20/2024 07:16:37 ipsec,debug decrypted packet
Feb/20/2024 07:16:37 ipsec payload seen: SA (52 bytes)
Feb/20/2024 07:16:37 ipsec payload seen: NONCE (20 bytes)
Feb/20/2024 07:16:37 ipsec payload seen: KE (200 bytes)
Feb/20/2024 07:16:37 ipsec payload seen: TS_I (24 bytes)
Feb/20/2024 07:16:37 ipsec payload seen: TS_R (24 bytes)
Feb/20/2024 07:16:37 ipsec create child: initiator finish
Feb/20/2024 07:16:37 ipsec processing payloads: NOTIFY (none found)
Feb/20/2024 07:16:37 ipsec peer selected tunnel mode
Feb/20/2024 07:16:37 ipsec processing payload: SA
Feb/20/2024 07:16:37 ipsec IKE Protocol: ESP
Feb/20/2024 07:16:37 ipsec  proposal #1
Feb/20/2024 07:16:37 ipsec   enc: aes256-cbc
Feb/20/2024 07:16:37 ipsec   auth: sha256
Feb/20/2024 07:16:37 ipsec   dh: modp1536
Feb/20/2024 07:16:37 ipsec matched proposal:
Feb/20/2024 07:16:37 ipsec  proposal #1
Feb/20/2024 07:16:37 ipsec   enc: aes256-cbc
Feb/20/2024 07:16:37 ipsec   auth: sha256
Feb/20/2024 07:16:37 ipsec   dh: modp1536
Feb/20/2024 07:16:37 ipsec processing payload: TS_I
Feb/20/2024 07:16:37 ipsec 192.168.4.0/24
Feb/20/2024 07:16:37 ipsec processing payload: TS_R
Feb/20/2024 07:16:37 ipsec 192.168.0.0/24
Feb/20/2024 07:16:37 ipsec checking: 192.168.4.0/24 <=> 192.168.0.0/24
Feb/20/2024 07:16:37 ipsec processing payload: NONCE
Feb/20/2024 07:16:37 ipsec processing payload: KE
Feb/20/2024 07:16:37 ipsec,debug => shared secret (size 0xc0)
Feb/20/2024 07:16:37 ipsec,debug 740c77bb 1205fde2 42dd48f2 06caa48c 2cb9b3c1 f751799f e0ab8541 3f894593
Feb/20/2024 07:16:37 ipsec,debug 878898f0 d65819ca 2b182a5f c1d91a94 db53a909 d47c9052 d3c0ce4d 29f1baf0
Feb/20/2024 07:16:37 ipsec,debug 42794d6f 90c4e875 ecdda9a1 a669ece8 c3b89aa6 fab6cf56 20c43497 5bb51cd1
Feb/20/2024 07:16:37 ipsec,debug 4de5b4b6 2df28a12 670174ae edb94afc 81da3449 0df285a7 792300e4 e3d35911
Feb/20/2024 07:16:37 ipsec,debug dd64b0c4 472d368d 18a3cabd 202f1148 9dd321f8 7ff02584 47420a5a 399fefce
Feb/20/2024 07:16:37 ipsec,debug 076f53a8 3361d1ad cb1f5616 2046e76f 407c7e31 e08540f2 f0cf21ef 46f5d319
Feb/20/2024 07:16:37 ipsec,debug => child keymat (size 0x80)
Feb/20/2024 07:16:37 ipsec,debug 4874f0b5 3f7faa6a 2eb103db 9e77765e a5674abb 78a1a946 434ef1ed 33cd61a5
Feb/20/2024 07:16:37 ipsec,debug a5f5e831 562a0544 8ee0efc8 c9bc50af 316a96b0 b115aacc 1792a2a6 581636f3
Feb/20/2024 07:16:37 ipsec,debug 3421f238 49975825 f4f7db08 76053b69 75453b68 f509ab94 39b1ea55 eaacaf21
Feb/20/2024 07:16:37 ipsec,debug fbfe1332 510106c5 4dfa1293 604365f8 c18cc2ce 0eedb643 1d1c7c37 a7295dff
Feb/20/2024 07:16:37 ipsec IPsec-SA established: 213.151.240.75[4500]->193.85.228.170[4500] spi=0x3638426
Feb/20/2024 07:16:37 ipsec IPsec-SA established: 193.85.228.170[4500]->213.151.240.75[4500] spi=0x53059135
Feb/20/2024 07:16:38 ipsec adding payload: DELETE
Feb/20/2024 07:16:38 ipsec,debug => (size 0xc)
Feb/20/2024 07:16:38 ipsec,debug 0000000c 03040001 008699f5
Feb/20/2024 07:16:38 ipsec <- ike2 request, exchange: INFORMATIONAL:1107 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 07:16:38 ipsec,debug ===== sending 288 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 07:16:38 ipsec,debug 1 times of 292 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 07:16:38 ipsec,debug ===== received 80 bytes from 213.151.240.75[4500] to 193.85.228.170[4500]
Feb/20/2024 07:16:38 ipsec -> ike2 reply, exchange: INFORMATIONAL:1107 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 07:16:38 ipsec payload seen: ENC (52 bytes)
Feb/20/2024 07:16:38 ipsec processing payload: ENC
Feb/20/2024 07:16:38 ipsec,debug => iv (size 0x10)
Feb/20/2024 07:16:38 ipsec,debug 6c9176de d9b36541 2e47b477 df601676
Feb/20/2024 07:16:38 ipsec,debug => decrypted and trimmed payload (size 0xc)
Feb/20/2024 07:16:38 ipsec,debug 0000000c 03040001 53059101
Feb/20/2024 07:16:38 ipsec,debug decrypted packet
Feb/20/2024 07:16:38 ipsec payload seen: DELETE (12 bytes)
Feb/20/2024 07:16:38 ipsec respond: info
Feb/20/2024 07:16:38 ipsec processing payloads: NOTIFY (none found)
Feb/20/2024 07:16:38 ipsec got reply
Feb/20/2024 07:16:38 ipsec IPsec-SA killing: 213.151.240.75[4500]->193.85.228.170[4500] spi=0x8699f5
Feb/20/2024 07:16:38 ipsec IPsec-SA killing: 193.85.228.170[4500]->213.151.240.75[4500] spi=0x53059101
Feb/20/2024 07:16:51 ipsec IPsec-SA expired: ESP/Tunnel 213.151.240.75[500]->193.85.228.170[500] spi=0x75e65d6
Feb/20/2024 07:16:51 ipsec ike2 expire 0x53059102
Feb/20/2024 07:16:51 ipsec init child rekey
Feb/20/2024 07:16:51 ipsec IPsec-SA expired: ESP/Tunnel 193.85.228.170[500]->213.151.240.75[500] spi=0x53059102
Feb/20/2024 07:16:51 ipsec init child continue
Feb/20/2024 07:16:51 ipsec offering proto: 3
Feb/20/2024 07:16:51 ipsec  proposal #1
Feb/20/2024 07:16:51 ipsec   enc: aes256-cbc
Feb/20/2024 07:16:51 ipsec   auth: sha256
Feb/20/2024 07:16:51 ipsec   dh: modp1536
Feb/20/2024 07:16:51 ipsec adding payload: NONCE
Feb/20/2024 07:16:51 ipsec,debug => (size 0x1c)
Feb/20/2024 07:16:51 ipsec,debug 0000001c 56006399 fe764d83 c60bbd6f f999fefc 7e62dca7 2204e627
Feb/20/2024 07:16:51 ipsec adding payload: KE
Feb/20/2024 07:16:51 ipsec,debug => (size 0xc8)
Feb/20/2024 07:16:51 ipsec,debug 000000c8 00050000 68c515b1 7868284b 52b705a4 4b76bbb7 a47469e2 c04c2c48
Feb/20/2024 07:16:51 ipsec,debug e1570a97 af7facb2 1d2f49c6 60a93d10 752fe1f0 3d848b49 42a1ec12 bc24fb6a
Feb/20/2024 07:16:51 ipsec,debug a8be72b6 847c3b79 29e503e5 589a3fea 08dfa3ba 158b03f9 80908f48 26c80b85
Feb/20/2024 07:16:51 ipsec,debug 6e23e913 7b750e0f e218a103 6e5e3e5a 6b7c7912 99cb4681 ee013949 6d4dbf64
Feb/20/2024 07:16:51 ipsec,debug 9de21c52 64539c5b fe2b8999 0954ad8f bbd413f6 c24f93db 5c463734 4d200155
Feb/20/2024 07:16:51 ipsec,debug 66fcb1bc d88f9e28 0960c187 6b5fd6ac aadfb541 742ec3b5 d7a3699e 14811802
Feb/20/2024 07:16:51 ipsec,debug e9d16fad 606af7ed
Feb/20/2024 07:16:51 ipsec adding notify: REKEY_SA
Feb/20/2024 07:16:51 ipsec,debug => (size 0xc)
Feb/20/2024 07:16:51 ipsec,debug 0000000c 03044009 075e65d6
Feb/20/2024 07:16:51 ipsec adding payload: SA
Feb/20/2024 07:16:51 ipsec,debug => (size 0x34)
Feb/20/2024 07:16:51 ipsec,debug 00000034 00000030 01030404 0ef293ed 0300000c 0100000c 800e0100 03000008
Feb/20/2024 07:16:51 ipsec,debug 0300000c 03000008 04000005 00000008 05000000
Feb/20/2024 07:16:51 ipsec initiator selector: 192.168.2.0/24 
Feb/20/2024 07:16:51 ipsec adding payload: TS_I
Feb/20/2024 07:16:51 ipsec,debug => (size 0x18)
Feb/20/2024 07:16:51 ipsec,debug 00000018 01000000 07000010 0000ffff c0a80200 c0a802ff
Feb/20/2024 07:16:51 ipsec responder selector: 192.168.0.0/24 
Feb/20/2024 07:16:51 ipsec adding payload: TS_R
Feb/20/2024 07:16:51 ipsec,debug => (size 0x18)
Feb/20/2024 07:16:51 ipsec,debug 00000018 01000000 07000010 0000ffff c0a80000 c0a800ff
Feb/20/2024 07:16:51 ipsec <- ike2 request, exchange: CREATE_CHILD_SA:1108 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 07:16:51 ipsec,debug ===== sending 432 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 07:16:51 ipsec,debug 1 times of 436 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 07:16:51 ipsec,debug ===== received 400 bytes from 213.151.240.75[4500] to 193.85.228.170[4500]
Feb/20/2024 07:16:51 ipsec -> ike2 reply, exchange: CREATE_CHILD_SA:1108 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 07:16:51 ipsec payload seen: ENC (372 bytes)
Feb/20/2024 07:16:51 ipsec processing payload: ENC
Feb/20/2024 07:16:51 ipsec,debug => iv (size 0x10)
Feb/20/2024 07:16:51 ipsec,debug b35fb53a 14389b5f 906dc098 e03bceda
Feb/20/2024 07:16:51 ipsec,debug => decrypted and trimmed payload (size 0x140)
Feb/20/2024 07:16:51 ipsec,debug 28000034 00000030 01030404 53059136 0300000c 0100000c 800e0100 03000008
Feb/20/2024 07:16:51 ipsec,debug 0300000c 03000008 04000005 00000008 05000000 22000014 04071989 62727538
Feb/20/2024 07:16:51 ipsec,debug b2294b67 da54eaa2 2c0000c8 00050000 60a9bef8 db127812 1156ada5 e13e4fb5
Feb/20/2024 07:16:51 ipsec,debug 3caf15fc cc085185 1579e304 05ee5c95 855bf330 a5041b47 5d8e147f 8f9138fc
Feb/20/2024 07:16:51 ipsec,debug c9a87f81 7fba4896 b6a33028 22efc70b 35308735 70f69ef0 3684c0c4 28608a34
Feb/20/2024 07:16:51 ipsec,debug 0becf5ef 09abe520 e427ecf3 908729fb cdd33dd2 c194dd23 1fc1ca46 dc1948a9
Feb/20/2024 07:16:51 ipsec,debug 4679f14c 9844fb92 c2cc346c d306b677 3d1700fa be2d3a48 4ae3b9b2 92dd994a
Feb/20/2024 07:16:51 ipsec,debug da1cefa8 fb24fecc bb02fbd9 eae23069 18fca83c 90a260f6 730a4d11 3072387f
Feb/20/2024 07:16:51 ipsec,debug 
Feb/20/2024 07:16:51 ipsec,debug 0ae48f26 d569a06c caf43a52 49d37338 2d000018 01000000 07000010 0000ffff
Feb/20/2024 07:16:51 ipsec,debug c0a80200 c0a802ff 00000018 01000000 07000010 0000ffff c0a80000 c0a800ff
Feb/20/2024 07:16:51 ipsec,debug decrypted packet
Feb/20/2024 07:16:51 ipsec payload seen: SA (52 bytes)
Feb/20/2024 07:16:51 ipsec payload seen: NONCE (20 bytes)
Feb/20/2024 07:16:51 ipsec payload seen: KE (200 bytes)
Feb/20/2024 07:16:51 ipsec payload seen: TS_I (24 bytes)
Feb/20/2024 07:16:51 ipsec payload seen: TS_R (24 bytes)
Feb/20/2024 07:16:51 ipsec create child: initiator finish
Feb/20/2024 07:16:51 ipsec processing payloads: NOTIFY (none found)
Feb/20/2024 07:16:51 ipsec peer selected tunnel mode
Feb/20/2024 07:16:51 ipsec processing payload: SA
Feb/20/2024 07:16:51 ipsec IKE Protocol: ESP
Feb/20/2024 07:16:51 ipsec  proposal #1
Feb/20/2024 07:16:51 ipsec   enc: aes256-cbc
Feb/20/2024 07:16:51 ipsec   auth: sha256
Feb/20/2024 07:16:51 ipsec   dh: modp1536
Feb/20/2024 07:16:51 ipsec matched proposal:
Feb/20/2024 07:16:51 ipsec  proposal #1
Feb/20/2024 07:16:51 ipsec   enc: aes256-cbc
Feb/20/2024 07:16:51 ipsec   auth: sha256
Feb/20/2024 07:16:51 ipsec   dh: modp1536
Feb/20/2024 07:16:51 ipsec processing payload: TS_I
Feb/20/2024 07:16:51 ipsec 192.168.2.0/24
Feb/20/2024 07:16:51 ipsec processing payload: TS_R
Feb/20/2024 07:16:51 ipsec 192.168.0.0/24
Feb/20/2024 07:16:51 ipsec checking: 192.168.2.0/24 <=> 192.168.0.0/24
Feb/20/2024 07:16:51 ipsec processing payload: NONCE
Feb/20/2024 07:16:51 ipsec processing payload: KE
Feb/20/2024 07:16:51 ipsec,debug => shared secret (size 0xc0)
Feb/20/2024 07:16:51 ipsec,debug b9d4fec7 7e9b9a11 3b058940 ce66cd29 4bad279c 9f91479c a189d8eb fd61dda9
Feb/20/2024 07:16:51 ipsec,debug 7ec1e202 28427718 41976d62 2acbaf0d 6794921d a62d7826 9ef34258 878872bb
Feb/20/2024 07:16:51 ipsec,debug 252f1f36 7dbbd4f9 adee43b3 682c58af 6519b285 098e1344 00f26d04 e5d42d31
Feb/20/2024 07:16:51 ipsec,debug 584781d0 00e87214 ba3a508b fe45c95e 101ac802 b4b59554 3202d9bf f5562975
Feb/20/2024 07:16:51 ipsec,debug bfe7e99e 6fceb3c6 aea0fffd f6e7f933 88d3075f 3c3bd8d5 b40104f0 3aa2770c
Feb/20/2024 07:16:51 ipsec,debug 9aae3b38 e0b076a5 def05a93 6958c9ce 35b8b868 5f612ced 77d257c0 b980ac4f
Feb/20/2024 07:16:51 ipsec,debug => child keymat (size 0x80)
Feb/20/2024 07:16:51 ipsec,debug 34bfd78c 31bebb2c 3872bc1a b8cdb41b 02c4e045 3c4277cc 327a003a cf066164
Feb/20/2024 07:16:51 ipsec,debug 26d6bd76 13edc1d6 1acdbc32 5795419d b08d3e0c 99b5cf0e ab61d595 fe5a15de
Feb/20/2024 07:16:51 ipsec,debug 4de51275 b4c97468 d94a3da1 1be90023 7faeec75 c80ce98b 12501e27 77fd8112
Feb/20/2024 07:16:51 ipsec,debug 05681256 93b9bbb1 04d669ff 56e24efb 7910943b be5bea06 abfbe676 a7456e37
Feb/20/2024 07:16:51 ipsec IPsec-SA established: 213.151.240.75[4500]->193.85.228.170[4500] spi=0xef293ed
Feb/20/2024 07:16:51 ipsec IPsec-SA established: 193.85.228.170[4500]->213.151.240.75[4500] spi=0x53059136
Feb/20/2024 07:16:51 ipsec adding payload: DELETE
Feb/20/2024 07:16:51 ipsec,debug => (size 0xc)
Feb/20/2024 07:16:51 ipsec,debug 0000000c 03040001 075e65d6
Feb/20/2024 07:16:51 ipsec <- ike2 request, exchange: INFORMATIONAL:1109 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 07:16:51 ipsec,debug ===== sending 80 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 07:16:51 ipsec,debug 1 times of 84 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 07:16:51 ipsec,debug ===== received 80 bytes from 213.151.240.75[4500] to 193.85.228.170[4500]
Feb/20/2024 07:16:51 ipsec -> ike2 reply, exchange: INFORMATIONAL:1109 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 07:16:51 ipsec payload seen: ENC (52 bytes)
Feb/20/2024 07:16:51 ipsec processing payload: ENC
Feb/20/2024 07:16:51 ipsec,debug => iv (size 0x10)
Feb/20/2024 07:16:51 ipsec,debug 99af128a d8c071d8 ccff7c90 bf73db1d
Feb/20/2024 07:16:51 ipsec,debug => decrypted and trimmed payload (size 0xc)
Feb/20/2024 07:16:51 ipsec,debug 0000000c 03040001 53059102
Feb/20/2024 07:16:51 ipsec,debug decrypted packet
Feb/20/2024 07:16:51 ipsec payload seen: DELETE (12 bytes)
Feb/20/2024 07:16:51 ipsec respond: info
Feb/20/2024 07:16:51 ipsec processing payloads: NOTIFY (none found)
Feb/20/2024 07:16:51 ipsec got reply
Feb/20/2024 07:16:51 ipsec IPsec-SA killing: 213.151.240.75[4500]->193.85.228.170[4500] spi=0x75e65d6
Feb/20/2024 07:16:51 ipsec IPsec-SA killing: 193.85.228.170[4500]->213.151.240.75[4500] spi=0x53059102

# dpd check pass
Feb/20/2024 07:17:51 ipsec sending dpd packet
Feb/20/2024 07:17:51 ipsec <- ike2 request, exchange: INFORMATIONAL:1110 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 07:17:51 ipsec,debug ===== sending 160 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 07:17:51 ipsec,debug 1 times of 164 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 07:17:51 ipsec,debug ===== received 80 bytes from 213.151.240.75[4500] to 193.85.228.170[4500]
Feb/20/2024 07:17:51 ipsec -> ike2 reply, exchange: INFORMATIONAL:1110 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 07:17:51 ipsec payload seen: ENC (52 bytes)
Feb/20/2024 07:17:51 ipsec processing payload: ENC
Feb/20/2024 07:17:51 ipsec,debug => iv (size 0x10)
Feb/20/2024 07:17:51 ipsec,debug d18dfb2a e04df973 71d0a767 0b076b98
Feb/20/2024 07:17:51 ipsec,debug => decrypted and trimmed payload (size 0x0)
Feb/20/2024 07:17:51 ipsec,debug decrypted packet
Feb/20/2024 07:17:51 ipsec respond: info
Feb/20/2024 07:17:51 ipsec,debug reply ignored

...

Feb/20/2024 08:21:52 ipsec sending dpd packet
Feb/20/2024 08:21:52 ipsec <- ike2 request, exchange: INFORMATIONAL:1174 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 08:21:52 ipsec,debug ===== sending 128 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:21:52 ipsec,debug 1 times of 132 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 08:21:52 ipsec,debug ===== received 80 bytes from 213.151.240.75[4500] to 193.85.228.170[4500]
Feb/20/2024 08:21:52 ipsec -> ike2 reply, exchange: INFORMATIONAL:1174 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 08:21:52 ipsec payload seen: ENC (52 bytes)
Feb/20/2024 08:21:52 ipsec processing payload: ENC
Feb/20/2024 08:21:52 ipsec,debug => iv (size 0x10)
Feb/20/2024 08:21:52 ipsec,debug cf9203ad 3637091f f1ff4c4a 00d0889f
Feb/20/2024 08:21:52 ipsec,debug => decrypted and trimmed payload (size 0x0)
Feb/20/2024 08:21:52 ipsec,debug decrypted packet
Feb/20/2024 08:21:52 ipsec respond: info
Feb/20/2024 08:21:52 ipsec,debug reply ignored

Feb/20/2024 08:22:52 ipsec sending dpd packet
Feb/20/2024 08:22:52 ipsec <- ike2 request, exchange: INFORMATIONAL:1175 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 08:22:52 ipsec,debug ===== sending 96 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:22:52 ipsec,debug 1 times of 100 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 08:22:52 ipsec,debug ===== received 80 bytes from 213.151.240.75[4500] to 193.85.228.170[4500]
Feb/20/2024 08:22:52 ipsec -> ike2 reply, exchange: INFORMATIONAL:1175 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 08:22:52 ipsec payload seen: ENC (52 bytes)
Feb/20/2024 08:22:52 ipsec processing payload: ENC
Feb/20/2024 08:22:52 ipsec,debug => iv (size 0x10)
Feb/20/2024 08:22:52 ipsec,debug d3e67d8f 268b49f3 1a0ff82f 1e91346c
Feb/20/2024 08:22:52 ipsec,debug => decrypted and trimmed payload (size 0x0)
Feb/20/2024 08:22:52 ipsec,debug decrypted packet
Feb/20/2024 08:22:52 ipsec respond: info
Feb/20/2024 08:22:52 ipsec,debug reply ignored

# script detect fail 2-times
Feb/20/2024 08:23:13 script,warning vlan10_LAN cannot reach 192.168.0.1
Feb/20/2024 08:23:14 script,warning vlan10_LAN cannot reach 192.168.0.11
Feb/20/2024 08:23:15 script,warning vlan10_LAN cannot reach 192.168.0.182
Feb/20/2024 08:23:16 script,warning vlan10_LAN cannot reach 192.168.0.183

Feb/20/2024 08:23:43 script,warning vlan10_LAN cannot reach 192.168.0.1
Feb/20/2024 08:23:44 script,warning vlan10_LAN cannot reach 192.168.0.11
Feb/20/2024 08:23:45 script,warning vlan10_LAN cannot reach 192.168.0.182
Feb/20/2024 08:23:46 script,warning vlan10_LAN cannot reach 192.168.0.183

# dpd detect fail
Feb/20/2024 08:23:52 ipsec sending dpd packet
Feb/20/2024 08:23:52 ipsec <- ike2 request, exchange: INFORMATIONAL:1176 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 08:23:52 ipsec,debug ===== sending 128 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:23:52 ipsec,debug 1 times of 132 bytes message will be sent to 213.151.240.75[4500]

Feb/20/2024 08:23:57 ipsec dpd: retransmit
Feb/20/2024 08:23:57 ipsec,debug ===== sending 128 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:23:57 ipsec,debug 1 times of 132 bytes message will be sent to 213.151.240.75[4500]

Feb/20/2024 08:24:03 ipsec dpd: retransmit
Feb/20/2024 08:24:03 ipsec,debug ===== sending 128 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:24:03 ipsec,debug 1 times of 132 bytes message will be sent to 213.151.240.75[4500]

Feb/20/2024 08:24:07 ipsec dpd: retransmit
Feb/20/2024 08:24:07 ipsec,debug ===== sending 128 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:24:07 ipsec,debug 1 times of 132 bytes message will be sent to 213.151.240.75[4500]

Feb/20/2024 08:24:13 ipsec dpd: retransmit
Feb/20/2024 08:24:13 ipsec,debug ===== sending 128 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:24:13 ipsec,debug 1 times of 132 bytes message will be sent to 213.151.240.75[4500]

# script detect fail 3rd times
Feb/20/2024 08:24:13 script,warning vlan10_LAN cannot reach 192.168.0.1
Feb/20/2024 08:24:14 script,warning vlan10_LAN cannot reach 192.168.0.11
Feb/20/2024 08:24:15 script,warning vlan10_LAN cannot reach 192.168.0.182
Feb/20/2024 08:24:16 script,warning vlan10_LAN cannot reach 192.168.0.183
Feb/20/2024 08:24:16 script,warning vlan10_LAN has a problem to ping 4 hosts - restarting PH2.

# disable ph2
Feb/20/2024 08:24:16 ipsec adding payload: DELETE
Feb/20/2024 08:24:16 ipsec,debug => (size 0xc)
Feb/20/2024 08:24:16 ipsec,debug 0000000c 03040001 03638426
Feb/20/2024 08:24:16 ipsec <- ike2 request, exchange: INFORMATIONAL:1177 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 08:24:16 ipsec,debug ===== sending 320 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:24:16 ipsec,debug 1 times of 324 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 08:24:16 ipsec IPsec-SA killing: 213.151.240.75[4500]->193.85.228.170[4500] spi=0x3638426
Feb/20/2024 08:24:16 ipsec IPsec-SA killing: 193.85.228.170[4500]->213.151.240.75[4500] spi=0x53059135
Feb/20/2024 08:24:16 ipsec policy update killed some SAs
Feb/20/2024 08:24:17 ipsec max retransmit failures reached
Feb/20/2024 08:24:17 ipsec,info killing ike2 SA: Lunys 193.85.228.170[4500]-213.151.240.75[4500] spi:83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 08:24:17 ipsec IPsec-SA killing: 213.151.240.75[4500]->193.85.228.170[4500] spi=0xef293ed
Feb/20/2024 08:24:17 ipsec IPsec-SA killing: 193.85.228.170[4500]->213.151.240.75[4500] spi=0x53059136
Feb/20/2024 08:24:17 ipsec adding payload: DELETE
Feb/20/2024 08:24:17 ipsec,debug => (size 0x8)
Feb/20/2024 08:24:17 ipsec,debug 00000008 01000000
Feb/20/2024 08:24:17 ipsec <- ike2 request, exchange: INFORMATIONAL:1178 213.151.240.75[4500] 83517d01116157f2:fa7433dfecd13d93
Feb/20/2024 08:24:17 ipsec,debug ===== sending 288 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:24:17 ipsec,debug 1 times of 292 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 08:24:19 ipsec acquire for policy: 192.168.2.0/24 <=> 192.168.0.0/24
Feb/20/2024 08:24:19 ipsec policy group mismatch, ignoring.
Feb/20/2024 08:24:19 ipsec ike2 starting for: 213.151.240.75
Feb/20/2024 08:24:20 ipsec adding notify: IKEV2_FRAGMENTATION_SUPPORTED
Feb/20/2024 08:24:20 ipsec,debug => (size 0x8)
Feb/20/2024 08:24:20 ipsec,debug 00000008 0000402e
Feb/20/2024 08:24:20 ipsec adding notify: NAT_DETECTION_DESTINATION_IP
Feb/20/2024 08:24:20 ipsec,debug => (size 0x1c)
Feb/20/2024 08:24:20 ipsec,debug 0000001c 00004005 77f4b1f9 f81e80c3 457b0839 4a0f3e9f 837f9847
Feb/20/2024 08:24:20 ipsec adding notify: NAT_DETECTION_SOURCE_IP
Feb/20/2024 08:24:20 ipsec,debug => (size 0x1c)
Feb/20/2024 08:24:20 ipsec,debug 0000001c 00004004 c8d395fc 64ba55a3 d161f7e5 c51cef5c 52df772f
Feb/20/2024 08:24:20 ipsec adding payload: NONCE
Feb/20/2024 08:24:20 ipsec,debug => (size 0x1c)
Feb/20/2024 08:24:20 ipsec,debug 0000001c 3f34e6a8 b439b688 2d0d3c97 6e79cad8 1f501533 2175e2f5
Feb/20/2024 08:24:20 ipsec adding payload: KE
Feb/20/2024 08:24:20 ipsec,debug => (size 0xc8)
Feb/20/2024 08:24:20 ipsec,debug 000000c8 00050000 c3cf1966 d9b1f9ee f63a82ba 78e3099d b8578b61 0b52f91f
Feb/20/2024 08:24:20 ipsec,debug ec8643bd af4d5b48 97f040f3 f700d111 550f686e 5f89ad97 a6b2d087 ac0c7866
Feb/20/2024 08:24:20 ipsec,debug cb1fc5ae 6517873c d287dc29 9cacd0fc 37bffdc6 f2917ed3 ebdc7226 1422397e
Feb/20/2024 08:24:20 ipsec,debug 8c852e93 40139934 27607b8c 31507f11 e569708b 75f53f15 161e403f 1d5b9014
Feb/20/2024 08:24:20 ipsec,debug e0558f0b f239b686 a81646a8 28bfd7b8 6fbbfe46 1d3dc4b7 0d20d9d6 18de542e
Feb/20/2024 08:24:20 ipsec,debug 1b08486c 2bcd9716 438e8202 7d55764e 15762a2a 41eae476 016b0f92 dcc07c31
Feb/20/2024 08:24:20 ipsec,debug 0fe30a35 64e82a35
Feb/20/2024 08:24:20 ipsec adding payload: SA
Feb/20/2024 08:24:20 ipsec,debug => (size 0x30)
Feb/20/2024 08:24:20 ipsec,debug 00000030 0000002c 01010004 0300000c 0100000c 800e0100 03000008 02000005
Feb/20/2024 08:24:20 ipsec,debug 03000008 0300000c 00000008 04000005
Feb/20/2024 08:24:20 ipsec <- ike2 request, exchange: SA_INIT:0 213.151.240.75[4500] fe998ee4ded232db:0000000000000000
Feb/20/2024 08:24:20 ipsec,debug ===== sending 368 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:24:20 ipsec,debug 1 times of 372 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 08:24:20 ipsec,debug ===== received 360 bytes from 213.151.240.75[4500] to 193.85.228.170[4500]
Feb/20/2024 08:24:20 ipsec -> ike2 reply, exchange: SA_INIT:0 213.151.240.75[4500] fe998ee4ded232db:0a1a5631e5725345
Feb/20/2024 08:24:20 ipsec ike2 initialize recv
Feb/20/2024 08:24:20 ipsec payload seen: SA (48 bytes)
Feb/20/2024 08:24:20 ipsec payload seen: KE (200 bytes)
Feb/20/2024 08:24:20 ipsec payload seen: NONCE (20 bytes)
Feb/20/2024 08:24:20 ipsec payload seen: NOTIFY (28 bytes)
Feb/20/2024 08:24:20 ipsec payload seen: NOTIFY (28 bytes)
Feb/20/2024 08:24:20 ipsec payload seen: NOTIFY (8 bytes)
Feb/20/2024 08:24:20 ipsec processing payload: NONCE
Feb/20/2024 08:24:20 ipsec processing payload: SA
Feb/20/2024 08:24:20 ipsec IKE Protocol: IKE
Feb/20/2024 08:24:20 ipsec  proposal #1
Feb/20/2024 08:24:20 ipsec   enc: aes256-cbc
Feb/20/2024 08:24:20 ipsec   prf: hmac-sha256
Feb/20/2024 08:24:20 ipsec   auth: sha256
Feb/20/2024 08:24:20 ipsec   dh: modp1536
Feb/20/2024 08:24:20 ipsec matched proposal:
Feb/20/2024 08:24:20 ipsec  proposal #1
Feb/20/2024 08:24:20 ipsec   enc: aes256-cbc
Feb/20/2024 08:24:20 ipsec   prf: hmac-sha256
Feb/20/2024 08:24:20 ipsec   auth: sha256
Feb/20/2024 08:24:20 ipsec   dh: modp1536
Feb/20/2024 08:24:20 ipsec processing payload: KE
Feb/20/2024 08:24:20 ipsec,debug => shared secret (size 0xc0)
Feb/20/2024 08:24:20 ipsec,debug d2e63fe5 f1e21301 0e006541 d2d44acb 3356b26a 24125ce7 9ee5f18a e2f3e091
Feb/20/2024 08:24:20 ipsec,debug ecc44589 bc4aa28e 424fe1af d201d578 e9badbed 8d035b03 e8835b5d 187b4326
Feb/20/2024 08:24:20 ipsec,debug a226af89 50e59454 ddec213e c51f07ce 0012c84c a24a35dc 0661b2f0 066d18d2
Feb/20/2024 08:24:20 ipsec,debug 1ebb499f 197a4f01 e21965fe be418c3d 37bdf2b8 27f897d5 f9dcd134 cd903986
Feb/20/2024 08:24:20 ipsec,debug 586eab4a a2710998 11c90af7 78d93081 c1a6805f 411fb236 0545498e 14a5c0f8
Feb/20/2024 08:24:20 ipsec,debug e1553508 a218ee86 4731b583 a539d86f e9df2011 551e50a9 692140fc 8efb728e
Feb/20/2024 08:24:20 ipsec,debug => skeyseed (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug 11a41804 562d26ec ce2c44a4 f9e91264 fc0096dd 15e301bd 394851bc 68289b81
Feb/20/2024 08:24:20 ipsec,debug => keymat (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug e4056a90 d8f061c3 03a15c02 a49dab22 e06437fc f846b88d d7410c4e 482c7048
Feb/20/2024 08:24:20 ipsec,debug => SK_ai (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug f46b1d72 637fa76c 09df2551 64ffc11a 288ef8b9 7b2b2baf 7003f0e4 647680e5
Feb/20/2024 08:24:20 ipsec,debug => SK_ar (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug 9d98c403 b742cdef 9768dd22 0f7e5a3a c65db713 08f0a390 5c61ccd5 f68e5efa
Feb/20/2024 08:24:20 ipsec,debug => SK_ei (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug ce74f29c 2cb25ec7 95ed8f08 67453d49 c0430ed1 b8797b7e 65721ed8 c780718e
Feb/20/2024 08:24:20 ipsec,debug => SK_er (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug 5cf29fbc 9e023328 f775568d 7d441a05 4fc02a49 cbc1282a 5c7e8aa3 92cc5a75
Feb/20/2024 08:24:20 ipsec,debug => SK_pi (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug 2474b41d 001fb203 79262ff9 b4d7b10f 142bb044 551c868f d5ab9c35 7bb1249e
Feb/20/2024 08:24:20 ipsec,debug => SK_pr (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug 5e1fd238 875b31a3 b8b59673 e1261102 a57dea15 a7c7ebd8 ece708e4 97ad3477
Feb/20/2024 08:24:20 ipsec,info new ike2 SA (I): Lunys 193.85.228.170[4500]-213.151.240.75[4500] spi:fe998ee4ded232db:0a1a5631e5725345
Feb/20/2024 08:24:20 ipsec processing payloads: NOTIFY
Feb/20/2024 08:24:20 ipsec   notify: NAT_DETECTION_SOURCE_IP
Feb/20/2024 08:24:20 ipsec   notify: NAT_DETECTION_DESTINATION_IP
Feb/20/2024 08:24:20 ipsec   notify: IKEV2_FRAGMENTATION_SUPPORTED
Feb/20/2024 08:24:20 ipsec fragmentation negotiated
Feb/20/2024 08:24:20 ipsec init child for policy: 192.168.2.0/24 <=> 192.168.0.0/24
Feb/20/2024 08:24:20 ipsec init child continue
Feb/20/2024 08:24:20 ipsec offering proto: 3
Feb/20/2024 08:24:20 ipsec  proposal #1
Feb/20/2024 08:24:20 ipsec   enc: aes256-cbc
Feb/20/2024 08:24:20 ipsec   auth: sha256
Feb/20/2024 08:24:20 ipsec ID_I (ADDR4): 193.85.228.170
Feb/20/2024 08:24:20 ipsec adding payload: ID_I
Feb/20/2024 08:24:20 ipsec,debug => (size 0xc)
Feb/20/2024 08:24:20 ipsec,debug 0000000c 01000000 c155e4aa
Feb/20/2024 08:24:20 ipsec,debug => auth nonce (size 0x10)
Feb/20/2024 08:24:20 ipsec,debug 0ef7db2d 4447bd33 718f55f8 5e9fc352
Feb/20/2024 08:24:20 ipsec,debug => SK_p (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug 2474b41d 001fb203 79262ff9 b4d7b10f 142bb044 551c868f d5ab9c35 7bb1249e
Feb/20/2024 08:24:20 ipsec,debug => idhash (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug 0153b38c 67c6bdc3 7fe7e69f d66d8498 bcf81521 53c69281 032b9431 30ed17b7
Feb/20/2024 08:24:20 ipsec,debug => my auth (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug 0491dc70 692efe09 e723d9e2 613859fb 88d8baac 320930f3 f402f90d c5ad278b
Feb/20/2024 08:24:20 ipsec adding payload: AUTH
Feb/20/2024 08:24:20 ipsec,debug => (size 0x28)
Feb/20/2024 08:24:20 ipsec,debug 00000028 02000000 0491dc70 692efe09 e723d9e2 613859fb 88d8baac 320930f3
Feb/20/2024 08:24:20 ipsec,debug f402f90d c5ad278b
Feb/20/2024 08:24:20 ipsec adding notify: INITIAL_CONTACT
Feb/20/2024 08:24:20 ipsec,debug => (size 0x8)
Feb/20/2024 08:24:20 ipsec,debug 00000008 00004000
Feb/20/2024 08:24:20 ipsec adding payload: SA
Feb/20/2024 08:24:20 ipsec,debug => (size 0x2c)
Feb/20/2024 08:24:20 ipsec,debug 0000002c 00000028 01030403 026558a3 0300000c 0100000c 800e0100 03000008
Feb/20/2024 08:24:20 ipsec,debug 0300000c 00000008 05000000
Feb/20/2024 08:24:20 ipsec initiator selector: 192.168.2.0/24 
Feb/20/2024 08:24:20 ipsec adding payload: TS_I
Feb/20/2024 08:24:20 ipsec,debug => (size 0x18)
Feb/20/2024 08:24:20 ipsec,debug 00000018 01000000 07000010 0000ffff c0a80200 c0a802ff
Feb/20/2024 08:24:20 ipsec responder selector: 192.168.0.0/24 
Feb/20/2024 08:24:20 ipsec adding payload: TS_R
Feb/20/2024 08:24:20 ipsec,debug => (size 0x18)
Feb/20/2024 08:24:20 ipsec,debug 00000018 01000000 07000010 0000ffff c0a80000 c0a800ff
Feb/20/2024 08:24:20 ipsec <- ike2 request, exchange: AUTH:1 213.151.240.75[4500] fe998ee4ded232db:0a1a5631e5725345
Feb/20/2024 08:24:20 ipsec,debug ===== sending 256 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:24:20 ipsec,debug 1 times of 260 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 08:24:20 ipsec,debug ===== received 224 bytes from 213.151.240.75[4500] to 193.85.228.170[4500]
Feb/20/2024 08:24:20 ipsec -> ike2 reply, exchange: AUTH:1 213.151.240.75[4500] fe998ee4ded232db:0a1a5631e5725345
Feb/20/2024 08:24:20 ipsec payload seen: ENC (196 bytes)
Feb/20/2024 08:24:20 ipsec processing payload: ENC
Feb/20/2024 08:24:20 ipsec,debug => iv (size 0x10)
Feb/20/2024 08:24:20 ipsec,debug c05af2ad 46ad08e9 0d2b5549 9a7ae745
Feb/20/2024 08:24:20 ipsec,debug => decrypted and trimmed payload (size 0x90)
Feb/20/2024 08:24:20 ipsec,debug 2700000c 01000000 d597f04b 21000028 02000000 8ade5152 7c23d66b ccd238a1
Feb/20/2024 08:24:20 ipsec,debug a583b976 475cec74 70305158 6900b2b3 8f7b003d 2c00002c 00000028 01030403
Feb/20/2024 08:24:20 ipsec,debug 5305913f 0300000c 0100000c 800e0100 03000008 0300000c 00000008 05000000
Feb/20/2024 08:24:20 ipsec,debug 2d000018 01000000 07000010 0000ffff c0a80200 c0a802ff 00000018 01000000
Feb/20/2024 08:24:20 ipsec,debug 07000010 0000ffff c0a80000 c0a800ff
Feb/20/2024 08:24:20 ipsec,debug decrypted packet
Feb/20/2024 08:24:20 ipsec payload seen: ID_R (12 bytes)
Feb/20/2024 08:24:20 ipsec payload seen: AUTH (40 bytes)
Feb/20/2024 08:24:20 ipsec payload seen: SA (44 bytes)
Feb/20/2024 08:24:20 ipsec payload seen: TS_I (24 bytes)
Feb/20/2024 08:24:20 ipsec payload seen: TS_R (24 bytes)
Feb/20/2024 08:24:20 ipsec processing payloads: NOTIFY (none found)
Feb/20/2024 08:24:20 ipsec ike auth: initiator finish
Feb/20/2024 08:24:20 ipsec processing payload: ID_R
Feb/20/2024 08:24:20 ipsec ID_R (ADDR4): 213.151.240.75
Feb/20/2024 08:24:20 ipsec processing payload: AUTH
Feb/20/2024 08:24:20 ipsec requested auth method: SKEY
Feb/20/2024 08:24:20 ipsec,debug => peer's auth (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug 8ade5152 7c23d66b ccd238a1 a583b976 475cec74 70305158 6900b2b3 8f7b003d
Feb/20/2024 08:24:20 ipsec,debug => auth nonce (size 0x18)
Feb/20/2024 08:24:20 ipsec,debug 3f34e6a8 b439b688 2d0d3c97 6e79cad8 1f501533 2175e2f5
Feb/20/2024 08:24:20 ipsec,debug => SK_p (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug 5e1fd238 875b31a3 b8b59673 e1261102 a57dea15 a7c7ebd8 ece708e4 97ad3477
Feb/20/2024 08:24:20 ipsec,debug => idhash (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug e3cfe6a8 13f51945 720424f1 07e42fd5 8b7828d0 1fd77008 cfc1b6c9 ded74f61
Feb/20/2024 08:24:20 ipsec,debug => calculated peer's AUTH (size 0x20)
Feb/20/2024 08:24:20 ipsec,debug 8ade5152 7c23d66b ccd238a1 a583b976 475cec74 70305158 6900b2b3 8f7b003d
Feb/20/2024 08:24:20 ipsec,info,account peer authorized: Lunys 193.85.228.170[4500]-213.151.240.75[4500] spi:fe998ee4ded232db:0a1a5631e5725345
Feb/20/2024 08:24:20 ipsec processing payloads: NOTIFY (none found)
Feb/20/2024 08:24:20 ipsec peer selected tunnel mode
Feb/20/2024 08:24:20 ipsec processing payload: SA
Feb/20/2024 08:24:20 ipsec IKE Protocol: ESP
Feb/20/2024 08:24:20 ipsec  proposal #1
Feb/20/2024 08:24:20 ipsec   enc: aes256-cbc
Feb/20/2024 08:24:20 ipsec   auth: sha256
Feb/20/2024 08:24:20 ipsec matched proposal:
Feb/20/2024 08:24:20 ipsec  proposal #1
Feb/20/2024 08:24:20 ipsec   enc: aes256-cbc
Feb/20/2024 08:24:20 ipsec   auth: sha256
Feb/20/2024 08:24:20 ipsec processing payload: TS_I
Feb/20/2024 08:24:20 ipsec 192.168.2.0/24
Feb/20/2024 08:24:20 ipsec processing payload: TS_R
Feb/20/2024 08:24:20 ipsec 192.168.0.0/24
Feb/20/2024 08:24:20 ipsec my vs peer's selectors:
Feb/20/2024 08:24:20 ipsec 192.168.2.0/24 vs 192.168.2.0/24
Feb/20/2024 08:24:20 ipsec 192.168.0.0/24 vs 192.168.0.0/24
Feb/20/2024 08:24:20 ipsec,debug => child keymat (size 0x80)
Feb/20/2024 08:24:20 ipsec,debug 38e9d27d 890aa892 d2d35ef5 230d5013 6548ebfc 0a711057 807498a7 f3ef669d
Feb/20/2024 08:24:20 ipsec,debug 5c2063b6 5c5c51e8 5d35134e 05da855f 7b94bbd7 48c90c7b ec641661 cb3dd8aa
Feb/20/2024 08:24:20 ipsec,debug 22944a4b bb8b5e87 503c3806 6a974bb0 7dad229e 29038cb7 52eb62c7 7630baa5
Feb/20/2024 08:24:20 ipsec,debug d8d93048 2e998fcf 71062d52 c87c5b10 48c048e9 2708ce5b 0ece312c 39f145cd
Feb/20/2024 08:24:20 ipsec IPsec-SA established: 213.151.240.75[4500]->193.85.228.170[4500] spi=0x26558a3
Feb/20/2024 08:24:20 ipsec IPsec-SA established: 193.85.228.170[4500]->213.151.240.75[4500] spi=0x5305913f

# enable ph2
Feb/20/2024 08:24:26 ipsec policy installed for connected peer, creating child SA
Feb/20/2024 08:24:26 ipsec init child for policy: 192.168.4.0/24 <=> 192.168.0.0/24
Feb/20/2024 08:24:26 ipsec init child continue
Feb/20/2024 08:24:26 ipsec offering proto: 3
Feb/20/2024 08:24:26 ipsec  proposal #1
Feb/20/2024 08:24:26 ipsec   enc: aes256-cbc
Feb/20/2024 08:24:26 ipsec   auth: sha256
Feb/20/2024 08:24:26 ipsec   dh: modp1536
Feb/20/2024 08:24:26 ipsec adding payload: NONCE
Feb/20/2024 08:24:26 ipsec,debug => (size 0x1c)
Feb/20/2024 08:24:26 ipsec,debug 0000001c dffda1dc 68f6e63f c54602f3 7efaac44 f1e27226 7bc6ce69
Feb/20/2024 08:24:26 ipsec adding payload: KE
Feb/20/2024 08:24:26 ipsec,debug => (size 0xc8)
Feb/20/2024 08:24:26 ipsec,debug 000000c8 00050000 8b534a0c d3cef33e 1fe65ed6 6678aa93 8b0bff9f 2cf6db64
Feb/20/2024 08:24:26 ipsec,debug d14ed3ce 9e70f7ca 02df30e2 31b37b0c e98663c7 2d887c37 9804d274 b81a49bb
Feb/20/2024 08:24:26 ipsec,debug 8014cdf9 2fce0cd8 f843c307 0c369308 b89c6b95 676c0a23 32f88002 2b3edf94
Feb/20/2024 08:24:26 ipsec,debug 2c87b298 14dccdce ed96c827 f1d68d46 26934a02 9b412b3f aa5cee15 262fa7d3
Feb/20/2024 08:24:26 ipsec,debug 897cd260 f99511f0 4f18d33e 48cd8206 4d9cc17b 55353d49 39b9a6be 573c23c7
Feb/20/2024 08:24:26 ipsec,debug bb749e48 7e495ece a60e5c79 aaf8da8f 11189b8e fe23229c c64d8f6e 490978f2
Feb/20/2024 08:24:26 ipsec,debug 7a027329 61d3913c
Feb/20/2024 08:24:26 ipsec adding payload: SA
Feb/20/2024 08:24:26 ipsec,debug => (size 0x34)
Feb/20/2024 08:24:26 ipsec,debug 00000034 00000030 01030404 05af3730 0300000c 0100000c 800e0100 03000008
Feb/20/2024 08:24:26 ipsec,debug 0300000c 03000008 04000005 00000008 05000000
Feb/20/2024 08:24:26 ipsec initiator selector: 192.168.4.0/24 
Feb/20/2024 08:24:26 ipsec adding payload: TS_I
Feb/20/2024 08:24:26 ipsec,debug => (size 0x18)
Feb/20/2024 08:24:26 ipsec,debug 00000018 01000000 07000010 0000ffff c0a80400 c0a804ff
Feb/20/2024 08:24:26 ipsec responder selector: 192.168.0.0/24 
Feb/20/2024 08:24:26 ipsec adding payload: TS_R
Feb/20/2024 08:24:26 ipsec,debug => (size 0x18)
Feb/20/2024 08:24:26 ipsec,debug 00000018 01000000 07000010 0000ffff c0a80000 c0a800ff
Feb/20/2024 08:24:26 ipsec <- ike2 request, exchange: CREATE_CHILD_SA:2 213.151.240.75[4500] fe998ee4ded232db:0a1a5631e5725345
Feb/20/2024 08:24:26 ipsec,debug ===== sending 528 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:24:26 ipsec,debug 1 times of 532 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 08:24:26 script,warning PH2 restart finished.
Feb/20/2024 08:24:26 ipsec,debug ===== received 400 bytes from 213.151.240.75[4500] to 193.85.228.170[4500]
Feb/20/2024 08:24:26 ipsec -> ike2 reply, exchange: CREATE_CHILD_SA:2 213.151.240.75[4500] fe998ee4ded232db:0a1a5631e5725345
Feb/20/2024 08:24:26 ipsec payload seen: ENC (372 bytes)
Feb/20/2024 08:24:26 ipsec processing payload: ENC
Feb/20/2024 08:24:26 ipsec,debug => iv (size 0x10)
Feb/20/2024 08:24:26 ipsec,debug ad440ee5 20c0b38b 586dd117 d41ea9c6
Feb/20/2024 08:24:26 ipsec,debug => decrypted and trimmed payload (size 0x140)
Feb/20/2024 08:24:26 ipsec,debug 28000034 00000030 01030404 53059140 0300000c 0100000c 800e0100 03000008
Feb/20/2024 08:24:26 ipsec,debug 0300000c 03000008 04000005 00000008 05000000 22000014 12157b81 b437a817
Feb/20/2024 08:24:26 ipsec,debug 2c51e9f3 0099a90a 2c0000c8 00050000 b6c0deb6 54b0e3fd b3b1a2c6 d1c8d719
Feb/20/2024 08:24:26 ipsec,debug 8ccb90ab cc76c477 dbef74ce 5e7a29fb 2e72602c 08149571 7d5e9b29 2acb7825
Feb/20/2024 08:24:26 ipsec,debug 9d24d063 4ef22983 3896abdd a6484785 1c30c226 df43d498 8e407681 d6370019
Feb/20/2024 08:24:26 ipsec,debug 91d64636 d4ed718e 0f2732a3 6cc7db43 ecf74393 851f768c f2d2aed5 14ac6cba
Feb/20/2024 08:24:26 ipsec,debug d2ea2228 c2717957 ae038f8a 1549c35b 33d44db0 7d06feab 7250606b a707f1e9
Feb/20/2024 08:24:26 ipsec,debug 1d1a35be 6c82d609 a89f7ccc e19dcaff e79b9b53 5960fe0b b023a2d3 7b4cadd3
Feb/20/2024 08:24:26 ipsec,debug 
Feb/20/2024 08:24:26 ipsec,debug 2ad28fcf faabc7d8 8cb22594 9ba650ec 2d000018 01000000 07000010 0000ffff
Feb/20/2024 08:24:26 ipsec,debug c0a80400 c0a804ff 00000018 01000000 07000010 0000ffff c0a80000 c0a800ff
Feb/20/2024 08:24:26 ipsec,debug decrypted packet
Feb/20/2024 08:24:26 ipsec payload seen: SA (52 bytes)
Feb/20/2024 08:24:26 ipsec payload seen: NONCE (20 bytes)
Feb/20/2024 08:24:26 ipsec payload seen: KE (200 bytes)
Feb/20/2024 08:24:26 ipsec payload seen: TS_I (24 bytes)
Feb/20/2024 08:24:26 ipsec payload seen: TS_R (24 bytes)
Feb/20/2024 08:24:26 ipsec create child: initiator finish
Feb/20/2024 08:24:26 ipsec processing payloads: NOTIFY (none found)
Feb/20/2024 08:24:26 ipsec peer selected tunnel mode
Feb/20/2024 08:24:26 ipsec processing payload: SA
Feb/20/2024 08:24:26 ipsec IKE Protocol: ESP
Feb/20/2024 08:24:26 ipsec  proposal #1
Feb/20/2024 08:24:26 ipsec   enc: aes256-cbc
Feb/20/2024 08:24:26 ipsec   auth: sha256
Feb/20/2024 08:24:26 ipsec   dh: modp1536
Feb/20/2024 08:24:26 ipsec matched proposal:
Feb/20/2024 08:24:26 ipsec  proposal #1
Feb/20/2024 08:24:26 ipsec   enc: aes256-cbc
Feb/20/2024 08:24:26 ipsec   auth: sha256
Feb/20/2024 08:24:26 ipsec   dh: modp1536
Feb/20/2024 08:24:26 ipsec processing payload: TS_I
Feb/20/2024 08:24:26 ipsec 192.168.4.0/24
Feb/20/2024 08:24:26 ipsec processing payload: TS_R
Feb/20/2024 08:24:26 ipsec 192.168.0.0/24
Feb/20/2024 08:24:26 ipsec my vs peer's selectors:
Feb/20/2024 08:24:26 ipsec 192.168.4.0/24 vs 192.168.4.0/24
Feb/20/2024 08:24:26 ipsec 192.168.0.0/24 vs 192.168.0.0/24
Feb/20/2024 08:24:26 ipsec processing payload: NONCE
Feb/20/2024 08:24:26 ipsec processing payload: KE
Feb/20/2024 08:24:26 ipsec,debug => shared secret (size 0xc0)
Feb/20/2024 08:24:26 ipsec,debug 45a8324b a1933fd9 46d1bfdd 62644b8c aa379c52 3e39eb10 5064ef5a 344821e2
Feb/20/2024 08:24:26 ipsec,debug a5daecd4 99430fec bc63609e 12ac4e6c bfff608e 874ce675 65275bb2 bce777d4
Feb/20/2024 08:24:26 ipsec,debug e1d3b75f 0338b5f2 23c91ac6 7fd3d066 9fc51a4d b36ccb29 68211d83 bfb7fac2
Feb/20/2024 08:24:26 ipsec,debug 24c58385 157c206a b86e1c37 1288b96d 7efc354c 8a16db72 f132af59 9c380ccc
Feb/20/2024 08:24:26 ipsec,debug 271259bd 85050817 98997b9f 7c67981e c53cf03c 13ca01f1 53586539 b4427adf
Feb/20/2024 08:24:26 ipsec,debug 310289b8 33a8fe70 02215958 fca13cf4 fe1579d7 b681bbb5 5f883ac5 a8b48d4d
Feb/20/2024 08:24:26 ipsec,debug => child keymat (size 0x80)
Feb/20/2024 08:24:26 ipsec,debug 23ed00f4 c4eed53a 44cd87f6 521a34f0 59da108f 0bd94e65 08056f3d 1ba4c3a0
Feb/20/2024 08:24:26 ipsec,debug ad71c748 485c33c8 03150e6c 0ad624b6 22d6d2e0 024f7a0b e730a413 d9891870
Feb/20/2024 08:24:26 ipsec,debug 23f0b427 36c06a54 5642d9ba 82630611 b72e714b 1d03a11e 1c97cee1 8e19926f
Feb/20/2024 08:24:26 ipsec,debug 089d465b b49537bd dd0200e7 1f97b18a 492eea3b 48fde781 3f96e8f5 6bca66ab
Feb/20/2024 08:24:26 ipsec IPsec-SA established: 213.151.240.75[4500]->193.85.228.170[4500] spi=0x5af3730
Feb/20/2024 08:24:26 ipsec IPsec-SA established: 193.85.228.170[4500]->213.151.240.75[4500] spi=0x53059140

# dpd check pass
Feb/20/2024 08:25:26 ipsec sending dpd packet
Feb/20/2024 08:25:26 ipsec <- ike2 request, exchange: INFORMATIONAL:3 213.151.240.75[4500] fe998ee4ded232db:0a1a5631e5725345
Feb/20/2024 08:25:26 ipsec,debug ===== sending 144 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:25:26 ipsec,debug 1 times of 148 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 08:25:26 ipsec,debug ===== received 80 bytes from 213.151.240.75[4500] to 193.85.228.170[4500]
Feb/20/2024 08:25:26 ipsec -> ike2 reply, exchange: INFORMATIONAL:3 213.151.240.75[4500] fe998ee4ded232db:0a1a5631e5725345
Feb/20/2024 08:25:26 ipsec payload seen: ENC (52 bytes)
Feb/20/2024 08:25:26 ipsec processing payload: ENC
Feb/20/2024 08:25:26 ipsec,debug => iv (size 0x10)
Feb/20/2024 08:25:26 ipsec,debug a38e402e 5639d4d4 b6962c0b 210b97f2
Feb/20/2024 08:25:26 ipsec,debug => decrypted and trimmed payload (size 0x0)
Feb/20/2024 08:25:26 ipsec,debug decrypted packet
Feb/20/2024 08:25:26 ipsec respond: info
Feb/20/2024 08:25:26 ipsec,debug reply ignored

Feb/20/2024 08:26:26 ipsec sending dpd packet
Feb/20/2024 08:26:26 ipsec <- ike2 request, exchange: INFORMATIONAL:4 213.151.240.75[4500] fe998ee4ded232db:0a1a5631e5725345
Feb/20/2024 08:26:26 ipsec,debug ===== sending 128 bytes from 193.85.228.170[4500] to 213.151.240.75[4500]
Feb/20/2024 08:26:26 ipsec,debug 1 times of 132 bytes message will be sent to 213.151.240.75[4500]
Feb/20/2024 08:26:26 ipsec,debug ===== received 80 bytes from 213.151.240.75[4500] to 193.85.228.170[4500]
Feb/20/2024 08:26:26 ipsec -> ike2 reply, exchange: INFORMATIONAL:4 213.151.240.75[4500] fe998ee4ded232db:0a1a5631e5725345
Feb/20/2024 08:26:26 ipsec payload seen: ENC (52 bytes)
Feb/20/2024 08:26:26 ipsec processing payload: ENC
Feb/20/2024 08:26:26 ipsec,debug => iv (size 0x10)
Feb/20/2024 08:26:26 ipsec,debug 35ec4be3 183fc4aa 76c290dc ae1928e5
Feb/20/2024 08:26:26 ipsec,debug => decrypted and trimmed payload (size 0x0)
Feb/20/2024 08:26:26 ipsec,debug decrypted packet
Feb/20/2024 08:26:26 ipsec respond: info
Feb/20/2024 08:26:26 ipsec,debug reply ignored
Can somebody help me why some of PH2 stop transfering traffic?
Code: Select all
# feb/20/2024 17:42:05 by RouterOS 6.49.13
# software id = XEMG-EHI9
#
# model = RB4011iGS+
# serial number = D1260B4CEDF7
/ip ipsec profile
add dh-group=modp1536 dpd-interval=1m enc-algorithm=aes-256 hash-algorithm=sha256 name=Lunys_Profile
/ip ipsec peer
add address=213.151.240.75/32 exchange-mode=ike2 name=Lunys profile=Lunys_Profile
/ip ipsec proposal
set [ find default=yes ] disabled=yes
add auth-algorithms=sha256 enc-algorithms=aes-256-cbc lifetime=23h name=Lunys pfs-group=modp1536
/ip ipsec identity
add peer=Lunys
/ip ipsec policy
add comment="VLAN 10 -> LUNYS" dst-address=192.168.0.0/24 level=unique peer=Lunys proposal=Lunys src-address=192.168.4.0/24 tunnel=yes
add comment="VLAN 100 -> LUNYS" dst-address=192.168.0.0/24 level=unique peer=Lunys proposal=Lunys src-address=192.168.2.0/24 tunnel=yes
Thank you a lot.
Rob
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 36 guests
  4. RouterOS
  5. General