notempty
notempty
notempty Dieser Artikel bezieht sich auf eine nicht mehr aktuelle Version!
notempty
Der Artikel für die neueste Version steht hier
Zu diesem Artikel gibt es bereits eine neuere Version, die sich allerdings auf eine Reseller-Preview bezieht
12.2
[[Datei: ]]
Dienst | Nachricht |
---|---|
IPSec(charon) | 10[IKE] IKE_SA Standort_1_2[1] established between 198.51.100.75[198.51.100.75]...198.51.100.1[198.51.100.1] |
' | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 10[IKE] received NO_PROPOSAL_CHOSEN notify error |
' | |
Dienst | Nachricht |
IPSec(charon) | 05[CFG] selecting proposal: |
IPSec(charon) | 05[CFG] no acceptable ENCRYPTION_ALGORITHM found |
IPSec(charon) | 05[CFG] selecting proposal: |
IPSec(charon) | 05[CFG] received proposals: IKE:BLOWFISH_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_8192 |
IPSec(charon) | 05[CFG] configured proposals:IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048,IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_MD5_96/HMAC_SHA1_96/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_MD5/PRF_HMAC_SHA1/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_512/256/AES_XCBC_96/AES_CMAC_96/PRF_AES128_CMAC/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_3072/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160/ECP_256/ECP_384/ECP_512/ECP_224/ECP_192/ECP_224_BP/ECP_256_BP/ECP_384_BP_ECP_512_BP,IKE:AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/PRF_HMAC_MD5/PRF_HMAC_SHA1/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_3072/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160/ECP_256/ECP_384/ECP__521/ECP_224/ECP_192/ECP_224_BP/ECP_256_BP/ECP_384_BP/ECP_512_BP |
IPSec(charon) | 10[IKE] received proposals inacceptable |
' | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 11[CFG] looking for an ike config for 198.51.100.75...195.51.100.1 |
IPSec(charon) | 11[IKE] no IKE config found for 198.51.100.75...195.51.100.1, sending NO_PROPOSAL_CHOSEN |
' | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 09[IKE] received AUTHENTICATION_FAILED error notify |
' | |
Dienst | Nachricht |
IPSec(charon) | 07[CFG] looking for pre-shared key peer configs matching 198.51.100.75...198.51.100.1[blubb] |
IPSec(charon) | 07[IKE] no peer config found |
' | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 05[IKE] IDir 'blubb' does not match to '198.51.100.75' |
' | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 15[IKE] message parsing failed |
IPSec(charon) | 15[IKE] ignore malformed INFORMATIONAL request |
IPSec(charon) | 15[IKE] INFORMATIONAL_V1 request with message ID 1054289493 processing failed |
' | |
Dienst | Nachricht |
IPSec(charon) | 14[IKE] message parsing failed |
IPSec(charon) | 14[IKE] ID_PROT request with message ID 0 processing failed |
' | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 15[IKE] authentication of 'Filiale' (myself) succesful |
IPSec(charon) | 16[IKE] received AUTHENTICATION_FAILED error notify |
' | |
Dienst | Nachricht |
IPSec(charon) | 14[CFG] looking for RSA signature peer configs matching 198.51.100.75...198.51.100.1[Filiale] |
IPSec(charon) | 14[CFG] candidate "Standort1_4", match: 1/20/28 (me/other/ike) |
IPSec(charon) | 14[CFG] selected peer config "Standort1_4" |
IPSec(charon) | 14[CFG] using trusted certificate "Filiale" |
IPSec(charon) | 14[IKE] ignature validation failed, looking for another key |
IPSec(charon) | 14[IKE] no trusted RSA public key found for 'Filiale' |
' | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 16[CFG] authentication of 'Filiale' (myself) succesful |
IPSec(charon) | 16[IKE] using trusted certificate "Zentrale" |
IPSec(charon) | 16[IKE] signature validation failed, looking for another key |
IPSec(charon) | 15[IKE] no trusted RSA public key found for 'Zentrale' |
' | |
Dienst | Nachricht |
IPSec(charon) | 10[CFG] looking for RSA signature peer configs matching 198.51.100.75...198.51.100.1[Filiale] |
IPSec(charon) | 10[CFG] candidate "Standort1_4", match: 1/20/28 (me/other/ike) |
IPSec(charon) | 10[CFG] selected peer config "Standort1_4" |
IPSec(charon) | 10[CFG] using trusted certificate "Filiale" |
IPSec(charon) | 10[IKE] authentication of 'Filiale' with RSA succesful |
IPSec(charon) | 10[IKE] authentication of 'Zentrale' (myself) succesful |
IPSec(charon) | 10[IKE] IKE_SA Standort1_4[1] established between 198.51.100.75[Zentrale]...198.51.100.1[Filiale] |
IPSec(charon) | 10[IKE] IKE_SA Standort1_4[1] established between 198.51.100.75[Zentrale]...198.51.100.1[Filiale] |
IPSec(charon) | 10[IKE] scheduling reauthentication in 2593s |
IPSec(charon) | 10[IKE] maximum IKE_SA lifetime 3133s |
IPSec(charon) | 13[IKE] received DELETE for IKE_SA Standort_4[1] |
& | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 05[IKE] CHILD_SA Zentrale_2{1} established with SPIs ca7520e3_i c562f9d6_o and TS 10.1.10.0/24 === 10.0.0.0/24 |
IPSec(charon) | 05[IKE] CHILD_SA Zentrale_2{1} established with SPIs ca7520e3_i c562f9d6_o and TS 10.1.10.0/24 === 10.0.0.0/24 |
' | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 13[CFH] proposing traffic selectors for us: |
IPSec(charon) | 13[CFG] 10.1.0.0/24 |
IPSec(charon) | 13[CFG] proposing traffic selectors for other: |
IPSec(charon) | 13[CFG] 11.0.0.0/24 |
IPSec(charon) | 05[IKE] received INVALID_ID_INFORMATION error notify |
' | |
Dienst | Nachricht |
IPSec(charon) | 11[CFG] looking for a child config for 11.0.0.0/24 === 10.1.0.0/24 |
IPSec(charon) | 11[CFG] proposing traffic selectors for us: |
IPSec(charon) | 11[CFG] 10.0.0.0/24 |
IPSec(charon) | 11[CFG] proposing traffic selectors for other: |
IPSec(charon) | 11[CFG] 10.1.0.0/24 |
IPSec(charon) | 11[IKE] no matching CHILD_SA config found |
[[Datei: |hochkant=2|mini| ]]
& | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 11[CFG] selected proposal_ ESP_AES_CBC_128/HMAC_SHA2_256_128/NO_EXT_SEQ |
IPSec(charon) | 11[CFG] selecting traffic selectors for us: |
IPSec(charon) | 11[CFG] config: 10.1.0.0/24, received: 10.1.0.0/24 => match: 10.1.0.0/24 |
IPSec(charon) | 11[CFG] selecting traffic selectors for ther: |
IPSec(charon) | 11[CFG] config: 10.0.0.0/24, received: 10.0.0.0/24 0 => match: 10.0.0.0/24 |
IPSec(charon) | 11[IKE] CHILD_SA Zentrale_3{2} established with SPIs c24bb346_i c8e52c94_o and T S 10.1.0.0/24 === 10.0.0.0/24 |
IPSec(charon) | 11[IKE] CHILD_SA Zentrale_3{2} established with SPIs c24bb346_i c8e52c94_o and T S 10.1.0.0/24 === 10.0.0.0/24 |
' | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 11[CFG] looking for an ike config fo 198.51.100.75...198.51.100.1 |
IPSec(charon) | 11[IKE] no IKE config for 198.51.100.75...198.51.100.1, sending NO_PROPOSAL_CHOSEN |
' | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 09[IKE] received AUTHENTICATION_FAILED error notify |
' | |
Dienst | Nachricht |
IPSec(charon) | 07[CFG] looking for pre-shared key peer configs matching 198.51.100.75...198.51.100.1[blubb] |
IPSec(charon) | 07[IKE] no peer config found |
' | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 05[IKE] IDir 'blubb' does not match to '198.51.100.75' |
' | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 13[IKE] received AUTHENTICATION_FAILED notify error |
' | |
Dienst | Nachricht |
IPSec(charon) | 10[IKE] tried 2 shared keys for '198.51.100.75' - '198.51.100.1', but MAC mismatched |
' | |
Dienst | Nachricht |
---|---|
IPSec(charon) | 10[IKE] received T S_UNACCEPTABLE notify, no CHILD_SA built |
IPSec(charon) | 10[IKE] failed to establish CHILD_SA, keeping IKE_SA |
' | |
Dienst | Nachricht |
IPSec(charon) | 05[CFG] looking for a child config for 10.0.0.0/24 === 11.1.0.0/24 |
IPSec(charon) | 05[CFG] proposing traffic selectors for us: |
IPSec(charon) | 05[CFG] 10.0.0.0/24 |
IPSec(charon) | 05[CFG] proposing traffic selectors for other: |
IPSec(charon) | 05[CFG] 10.1.0.0/24 |
IPSec(charon) | 10[IKE] traffic selectors 10.0.0.0/24 === 11.1.0.0/24 inacceptable |
IPSec(charon) | 10[IKE] failed to establish CHILD_SA, keeping IKE_SA |