You are not logged in.

#1 2018-08-23 17:28:39

Arsenios
Member
Registered: 2014-03-13
Posts: 5

L2TP/IPsec connection over NetworkManager stopped working

Hello, I'am using a mikrotik as a VPN-server L2TP/IPsec

Worked fine but a couple of days ago - I can no longer connect....

On the client side I use

xl2tpd (1.3.12-2),  networkmanager-l2tp (1.2.10-3) and libreswan(3.25-1)

System information:

Linux thinkpad 4.18.3-arch1-1-ARCH

Configuration of the connection

[connection]
id=mega major
uuid=43ccb280-54d1-4e45-ab6a-17af11b4aabd
type=vpn
autoconnect=false
permissions=user:username:;

[vpn]
gateway=hostname
ipsec-enabled=yes
ipsec-psk=12345678andsoon
password-flags=0
user=username
service-type=org.freedesktop.NetworkManager.l2tp

[vpn-secrets]
password=sensored

[ipv4]
dns-search=
method=auto

[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto

Connection log on the client:

авг 22 23:14:58 thinkpad systemd[1]: Starting Internet Key Exchange (IKE) Protocol Daemon for IPsec...
авг 22 23:14:58 thinkpad addconn[18651]: warning: could not open include filename: '/etc/ipsec.d/*.conf'
авг 22 23:14:58 thinkpad libipsecconf[18651]: warning: could not open include filename: '/etc/ipsec.d/*.conf'
авг 22 23:14:58 thinkpad _stackmanager[18652]: warning: could not open include filename: '/etc/ipsec.d/*.conf'
авг 22 23:14:58 thinkpad libipsecconf[18654]: warning: could not open include filename: '/etc/ipsec.d/*.conf'
авг 22 23:14:58 thinkpad _stackmanager[18652]: warning: could not open include filename: '/etc/ipsec.d/*.conf'
авг 22 23:14:58 thinkpad libipsecconf[18659]: warning: could not open include filename: '/etc/ipsec.d/*.conf'
авг 22 23:14:59 thinkpad ipsec[18942]: warning: could not open include filename: '/etc/ipsec.d/*.conf'
авг 22 23:14:59 thinkpad libipsecconf[18944]: warning: could not open include filename: '/etc/ipsec.d/*.conf'
авг 22 23:14:59 thinkpad ipsec[18942]: nflog ipsec capture disabled
авг 22 23:14:59 thinkpad pluto[18953]: NSS DB directory: sql:/etc/ipsec.d
авг 22 23:14:59 thinkpad pluto[18953]: Initializing NSS
авг 22 23:14:59 thinkpad pluto[18953]: Opening NSS database "sql:/etc/ipsec.d" read-only
авг 22 23:14:59 thinkpad pluto[18953]: NSS initialized
авг 22 23:14:59 thinkpad pluto[18953]: NSS crypto library initialized
авг 22 23:14:59 thinkpad pluto[18953]: FIPS HMAC integrity support [disabled]
авг 22 23:14:59 thinkpad pluto[18953]: libcap-ng support [enabled]
авг 22 23:14:59 thinkpad pluto[18953]: Linux audit support [disabled]
авг 22 23:14:59 thinkpad pluto[18953]: Starting Pluto (Libreswan Version 3.25 XFRM(netkey) KLIPS FORK PTHREAD_SETSCHEDPRIO NSS DNSSEC SYSTEMD_WATCHDOG LIBCAP_NG XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:18953
авг 22 23:14:59 thinkpad pluto[18953]: core dump dir: /run/pluto
авг 22 23:14:59 thinkpad pluto[18953]: secrets file: /etc/ipsec.secrets
авг 22 23:14:59 thinkpad pluto[18953]: leak-detective enabled
авг 22 23:14:59 thinkpad pluto[18953]: NSS crypto [enabled]
авг 22 23:14:59 thinkpad pluto[18953]: XAUTH PAM support [enabled]
авг 22 23:14:59 thinkpad pluto[18953]: NAT-Traversal support  [enabled]
авг 22 23:14:59 thinkpad pluto[18953]: Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800)
авг 22 23:14:59 thinkpad pluto[18953]: Encryption algorithms:
авг 22 23:14:59 thinkpad pluto[18953]:   AES_CCM_16          IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  (aes_ccm aes_ccm_c)
авг 22 23:14:59 thinkpad pluto[18953]:   AES_CCM_12          IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  (aes_ccm_b)
авг 22 23:14:59 thinkpad pluto[18953]:   AES_CCM_8           IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  (aes_ccm_a)
авг 22 23:14:59 thinkpad pluto[18953]:   3DES_CBC            IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  [*192]  (3des)
авг 22 23:14:59 thinkpad pluto[18953]:   CAMELLIA_CTR        IKEv1:     ESP     IKEv2:     ESP           {256,192,*128}
авг 22 23:14:59 thinkpad pluto[18953]:   CAMELLIA_CBC        IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  (camellia)
авг 22 23:14:59 thinkpad pluto[18953]:   AES_GCM_16          IKEv1:     ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  (aes_gcm aes_gcm_c)
авг 22 23:14:59 thinkpad pluto[18953]:   AES_GCM_12          IKEv1:     ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  (aes_gcm_b)
авг 22 23:14:59 thinkpad pluto[18953]:   AES_GCM_8           IKEv1:     ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  (aes_gcm_a)
авг 22 23:14:59 thinkpad pluto[18953]:   AES_CTR             IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  (aesctr)
авг 22 23:14:59 thinkpad pluto[18953]:   AES_CBC             IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  (aes)
авг 22 23:14:59 thinkpad pluto[18953]:   SERPENT_CBC         IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  (serpent)
авг 22 23:14:59 thinkpad pluto[18953]:   TWOFISH_CBC         IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  (twofish)
авг 22 23:14:59 thinkpad pluto[18953]:   TWOFISH_SSH         IKEv1: IKE         IKEv2: IKE ESP           {256,192,*128}  (twofish_cbc_ssh)
авг 22 23:14:59 thinkpad pluto[18953]:   CAST_CBC            IKEv1:     ESP     IKEv2:     ESP           {*128}  (cast)
авг 22 23:14:59 thinkpad pluto[18953]:   NULL_AUTH_AES_GMAC  IKEv1:     ESP     IKEv2:     ESP           {256,192,*128}  (aes_gmac)
авг 22 23:14:59 thinkpad pluto[18953]:   NULL                IKEv1:     ESP     IKEv2:     ESP           []
авг 22 23:14:59 thinkpad pluto[18953]: Hash algorithms:
авг 22 23:14:59 thinkpad pluto[18953]:   MD5                 IKEv1: IKE         IKEv2:
авг 22 23:14:59 thinkpad pluto[18953]:   SHA1                IKEv1: IKE         IKEv2:             FIPS  (sha)
авг 22 23:14:59 thinkpad pluto[18953]:   SHA2_256            IKEv1: IKE         IKEv2:             FIPS  (sha2 sha256)
авг 22 23:14:59 thinkpad pluto[18953]:   SHA2_384            IKEv1: IKE         IKEv2:             FIPS  (sha384)
авг 22 23:14:59 thinkpad pluto[18953]:   SHA2_512            IKEv1: IKE         IKEv2:             FIPS  (sha512)
авг 22 23:14:59 thinkpad pluto[18953]: PRF algorithms:
авг 22 23:14:59 thinkpad pluto[18953]:   HMAC_MD5            IKEv1: IKE         IKEv2: IKE               (md5)
авг 22 23:14:59 thinkpad pluto[18953]:   HMAC_SHA1           IKEv1: IKE         IKEv2: IKE         FIPS  (sha sha1)
авг 22 23:14:59 thinkpad pluto[18953]:   HMAC_SHA2_256       IKEv1: IKE         IKEv2: IKE         FIPS  (sha2 sha256 sha2_256)
авг 22 23:14:59 thinkpad pluto[18953]:   HMAC_SHA2_384       IKEv1: IKE         IKEv2: IKE         FIPS  (sha384 sha2_384)
авг 22 23:14:59 thinkpad pluto[18953]:   HMAC_SHA2_512       IKEv1: IKE         IKEv2: IKE         FIPS  (sha512 sha2_512)
авг 22 23:14:59 thinkpad pluto[18953]:   AES_XCBC            IKEv1:             IKEv2: IKE         FIPS  (aes128_xcbc)
авг 22 23:14:59 thinkpad pluto[18953]: Integrity algorithms:
авг 22 23:14:59 thinkpad pluto[18953]:   HMAC_MD5_96         IKEv1: IKE ESP AH  IKEv2: IKE ESP AH        (md5 hmac_md5)
авг 22 23:14:59 thinkpad pluto[18953]:   HMAC_SHA1_96        IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  (sha sha1 sha1_96 hmac_sha1)
авг 22 23:14:59 thinkpad pluto[18953]:   HMAC_SHA2_512_256   IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  (sha512 sha2_512 hmac_sha2_512)
авг 22 23:14:59 thinkpad pluto[18953]:   HMAC_SHA2_384_192   IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  (sha384 sha2_384 hmac_sha2_384)
авг 22 23:14:59 thinkpad pluto[18953]:   HMAC_SHA2_256_128   IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  (sha2 sha256 sha2_256 hmac_sha2_256)
авг 22 23:14:59 thinkpad pluto[18953]:   AES_XCBC_96         IKEv1:     ESP AH  IKEv2: IKE ESP AH  FIPS  (aes_xcbc aes128_xcbc aes128_xcbc_96)
авг 22 23:14:59 thinkpad pluto[18953]:   AES_CMAC_96         IKEv1:     ESP AH  IKEv2:     ESP AH  FIPS  (aes_cmac)
авг 22 23:14:59 thinkpad pluto[18953]:   NONE                IKEv1:     ESP     IKEv2:     ESP     FIPS  (null)
авг 22 23:14:59 thinkpad pluto[18953]: DH algorithms:
авг 22 23:14:59 thinkpad pluto[18953]:   NONE                IKEv1:             IKEv2: IKE ESP AH        (null dh0)
авг 22 23:14:59 thinkpad pluto[18953]:   MODP1024            IKEv1: IKE ESP AH  IKEv2: IKE ESP AH        (dh2)
авг 22 23:14:59 thinkpad pluto[18953]:   MODP1536            IKEv1: IKE ESP AH  IKEv2: IKE ESP AH        (dh5)
авг 22 23:14:59 thinkpad pluto[18953]:   MODP2048            IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  (dh14)
авг 22 23:14:59 thinkpad pluto[18953]:   MODP3072            IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  (dh15)
авг 22 23:14:59 thinkpad pluto[18953]:   MODP4096            IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  (dh16)
авг 22 23:14:59 thinkpad pluto[18953]:   MODP6144            IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  (dh17)
авг 22 23:14:59 thinkpad pluto[18953]:   MODP8192            IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  (dh18)
авг 22 23:14:59 thinkpad pluto[18953]:   DH19                IKEv1: IKE         IKEv2: IKE ESP AH  FIPS  (ecp_256)
авг 22 23:14:59 thinkpad pluto[18953]:   DH20                IKEv1: IKE         IKEv2: IKE ESP AH  FIPS  (ecp_384)
авг 22 23:14:59 thinkpad pluto[18953]:   DH21                IKEv1: IKE         IKEv2: IKE ESP AH  FIPS  (ecp_521)
авг 22 23:14:59 thinkpad pluto[18953]:   DH23                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS
авг 22 23:14:59 thinkpad pluto[18953]:   DH24                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS
авг 22 23:14:59 thinkpad pluto[18953]: starting up 3 crypto helpers
авг 22 23:14:59 thinkpad pluto[18953]: started thread for crypto helper 0
авг 22 23:14:59 thinkpad pluto[18953]: seccomp security for crypto helper not supported
авг 22 23:14:59 thinkpad pluto[18953]: started thread for crypto helper 1
авг 22 23:14:59 thinkpad pluto[18953]: started thread for crypto helper 2
авг 22 23:14:59 thinkpad pluto[18953]: Using Linux XFRM/NETKEY IPsec interface code on 4.17.14-arch1-1-ARCH
авг 22 23:14:59 thinkpad pluto[18953]: seccomp security for crypto helper not supported
авг 22 23:14:59 thinkpad pluto[18953]: seccomp security for crypto helper not supported
авг 22 23:14:59 thinkpad pluto[18953]: systemd watchdog for ipsec service configured with timeout of 200000000 usecs
авг 22 23:14:59 thinkpad pluto[18953]: watchdog: sending probes every 100 secs
авг 22 23:14:59 thinkpad systemd[1]: Started Internet Key Exchange (IKE) Protocol Daemon for IPsec.
авг 22 23:14:59 thinkpad pluto[18953]: seccomp security not supported
авг 22 23:14:59 thinkpad libipsecconf[18969]: warning: could not open include filename: '/etc/ipsec.d/*.conf'
авг 22 23:14:59 thinkpad pluto[18953]: listening for IKE messages
авг 22 23:14:59 thinkpad pluto[18953]: adding interface enp0s20u2/enp0s20u2 192.168.42.88:500
авг 22 23:14:59 thinkpad pluto[18953]: adding interface enp0s20u2/enp0s20u2 192.168.42.88:4500
авг 22 23:14:59 thinkpad pluto[18953]: adding interface lo/lo 127.0.0.1:500
авг 22 23:14:59 thinkpad pluto[18953]: adding interface lo/lo 127.0.0.1:4500
авг 22 23:14:59 thinkpad pluto[18953]: adding interface lo/lo ::1:500
авг 22 23:14:59 thinkpad pluto[18953]: | setup callback for interface lo:500 fd 19
авг 22 23:14:59 thinkpad pluto[18953]: | setup callback for interface lo:4500 fd 18
авг 22 23:14:59 thinkpad pluto[18953]: | setup callback for interface lo:500 fd 17
авг 22 23:14:59 thinkpad pluto[18953]: | setup callback for interface enp0s20u2:4500 fd 16
авг 22 23:14:59 thinkpad pluto[18953]: | setup callback for interface enp0s20u2:500 fd 15
авг 22 23:14:59 thinkpad pluto[18953]: loading secrets from "/etc/ipsec.secrets"
авг 22 23:14:59 thinkpad pluto[18953]: loading secrets from "/etc/ipsec.d/nm-l2tp-ipsec-43ccb280-54d1-4e45-ab6a-17af11b4aabd.secrets"
авг 22 23:14:59 thinkpad pluto[18953]: listening for IKE messages
авг 22 23:14:59 thinkpad pluto[18953]: | refresh. setup callback for interface lo:500 19
авг 22 23:14:59 thinkpad pluto[18953]: | setup callback for interface lo:500 fd 19
авг 22 23:14:59 thinkpad pluto[18953]: | refresh. setup callback for interface lo:4500 18
авг 22 23:14:59 thinkpad pluto[18953]: | setup callback for interface lo:4500 fd 18
авг 22 23:14:59 thinkpad pluto[18953]: | refresh. setup callback for interface lo:500 17
авг 22 23:14:59 thinkpad NetworkManager[507]: 002 listening for IKE messages
авг 22 23:14:59 thinkpad NetworkManager[507]: 002 forgetting secrets
авг 22 23:14:59 thinkpad NetworkManager[507]: 002 loading secrets from "/etc/ipsec.secrets"
авг 22 23:14:59 thinkpad NetworkManager[507]: 002 loading secrets from "/etc/ipsec.d/nm-l2tp-ipsec-43ccb280-54d1-4e45-ab6a-17af11b4aabd.secrets"
авг 22 23:14:59 thinkpad pluto[18953]: | setup callback for interface lo:500 fd 17
авг 22 23:14:59 thinkpad pluto[18953]: | refresh. setup callback for interface enp0s20u2:4500 16
авг 22 23:14:59 thinkpad pluto[18953]: | setup callback for interface enp0s20u2:4500 fd 16
авг 22 23:14:59 thinkpad pluto[18953]: | refresh. setup callback for interface enp0s20u2:500 15
авг 22 23:14:59 thinkpad pluto[18953]: | setup callback for interface enp0s20u2:500 fd 15
авг 22 23:14:59 thinkpad pluto[18953]: forgetting secrets
авг 22 23:14:59 thinkpad pluto[18953]: loading secrets from "/etc/ipsec.secrets"
авг 22 23:14:59 thinkpad pluto[18953]: loading secrets from "/etc/ipsec.d/nm-l2tp-ipsec-43ccb280-54d1-4e45-ab6a-17af11b4aabd.secrets"
авг 22 23:14:59 thinkpad NetworkManager[507]: debugging mode enabled
авг 22 23:14:59 thinkpad NetworkManager[507]: end of file /var/run/nm-l2tp-ipsec-43ccb280-54d1-4e45-ab6a-17af11b4aabd.conf
авг 22 23:14:59 thinkpad NetworkManager[507]: Loading conn 43ccb280-54d1-4e45-ab6a-17af11b4aabd
авг 22 23:14:59 thinkpad NetworkManager[507]: Warning: obsolete keyword 'forceencaps' ignored
авг 22 23:14:59 thinkpad NetworkManager[507]: starter: left is KH_DEFAULTROUTE
авг 22 23:14:59 thinkpad NetworkManager[507]: conn: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" modecfgdns=(null)
авг 22 23:14:59 thinkpad NetworkManager[507]: conn: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" modecfgdomains=(null)
авг 22 23:14:59 thinkpad NetworkManager[507]: conn: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" modecfgbanner=(null)
авг 22 23:14:59 thinkpad NetworkManager[507]: conn: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" mark=(null)
авг 22 23:14:59 thinkpad NetworkManager[507]: conn: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" mark-in=(null)
авг 22 23:14:59 thinkpad NetworkManager[507]: conn: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" mark-out=(null)
авг 22 23:14:59 thinkpad NetworkManager[507]: conn: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" vti_iface=(null)
авг 22 23:14:59 thinkpad NetworkManager[507]: opening file: /var/run/nm-l2tp-ipsec-43ccb280-54d1-4e45-ab6a-17af11b4aabd.conf
авг 22 23:14:59 thinkpad NetworkManager[507]: loading named conns: 43ccb280-54d1-4e45-ab6a-17af11b4aabd
авг 22 23:14:59 thinkpad NetworkManager[507]: seeking_src = 1, seeking_gateway = 1, has_peer = 1
авг 22 23:14:59 thinkpad NetworkManager[507]: seeking_src = 0, seeking_gateway = 1, has_dst = 1
авг 22 23:14:59 thinkpad NetworkManager[507]: dst  via 192.168.42.129 dev enp0s20u2 src  table 254
авг 22 23:14:59 thinkpad NetworkManager[507]: set nexthop: 192.168.42.129
авг 22 23:14:59 thinkpad NetworkManager[507]: dst 192.168.42.0 via  dev enp0s20u2 src 192.168.42.88 table 254
авг 22 23:14:59 thinkpad NetworkManager[507]: dst 127.0.0.0 via  dev lo src 127.0.0.1 table 255 (ignored)
авг 22 23:14:59 thinkpad NetworkManager[507]: dst 127.0.0.1 via  dev lo src 127.0.0.1 table 255 (ignored)
авг 22 23:14:59 thinkpad NetworkManager[507]: dst 127.255.255.255 via  dev lo src 127.0.0.1 table 255 (ignored)
авг 22 23:14:59 thinkpad NetworkManager[507]: dst 192.168.42.0 via  dev enp0s20u2 src 192.168.42.88 table 255 (ignored)
авг 22 23:14:59 thinkpad NetworkManager[507]: dst 192.168.42.88 via  dev enp0s20u2 src 192.168.42.88 table 255 (ignored)
авг 22 23:14:59 thinkpad NetworkManager[507]: dst 192.168.42.255 via  dev enp0s20u2 src 192.168.42.88 table 255 (ignored)
авг 22 23:14:59 thinkpad NetworkManager[507]: seeking_src = 1, seeking_gateway = 0, has_peer = 1
авг 22 23:14:59 thinkpad NetworkManager[507]: seeking_src = 1, seeking_gateway = 0, has_dst = 1
авг 22 23:14:59 thinkpad NetworkManager[507]: dst 192.168.42.129 via  dev enp0s20u2 src 192.168.42.88 table 254
авг 22 23:14:59 thinkpad NetworkManager[507]: set addr: 192.168.42.88
авг 22 23:14:59 thinkpad NetworkManager[507]: seeking_src = 0, seeking_gateway = 0, has_peer = 1
авг 22 23:14:59 thinkpad pluto[18953]: added connection description "43ccb280-54d1-4e45-ab6a-17af11b4aabd"
авг 22 23:14:59 thinkpad pluto[18953]: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #1: initiating Main Mode
авг 22 23:14:59 thinkpad NetworkManager[507]: 002 "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #1: initiating Main Mode
авг 22 23:14:59 thinkpad NetworkManager[507]: 104 "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #1: STATE_MAIN_I1: initiate
авг 22 23:14:59 thinkpad pluto[18953]: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #1: STATE_MAIN_I2: sent MI2, expecting MR2
авг 22 23:14:59 thinkpad NetworkManager[507]: 106 "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #1: STATE_MAIN_I2: sent MI2, expecting MR2
авг 22 23:14:59 thinkpad pluto[18953]: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #1: STATE_MAIN_I3: sent MI3, expecting MR3
авг 22 23:14:59 thinkpad NetworkManager[507]: 108 "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #1: STATE_MAIN_I3: sent MI3, expecting MR3
авг 22 23:14:59 thinkpad pluto[18953]: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #1: Peer ID is ID_IPV4_ADDR: '5.228.95.167'
авг 22 23:14:59 thinkpad NetworkManager[507]: 002 "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #1: Peer ID is ID_IPV4_ADDR: '5.228.95.167'
авг 22 23:14:59 thinkpad NetworkManager[507]: 004 "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #1: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=aes_256 integ=sha group=MODP2048}
авг 22 23:14:59 thinkpad NetworkManager[507]: 002 "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #2: initiating Quick Mode PSK+ENCRYPT+UP+IKEV1_ALLOW+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#1 msgid:cee58ae8 proposal=defaults pfsgroup=no-pfs}
авг 22 23:14:59 thinkpad pluto[18953]: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #1: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=aes_256 integ=sha group=MODP2048}
авг 22 23:14:59 thinkpad pluto[18953]: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #2: initiating Quick Mode PSK+ENCRYPT+UP+IKEV1_ALLOW+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#1 msgid:cee58ae8 proposal=defaults pfsgroup=no-pfs}
авг 22 23:14:59 thinkpad NetworkManager[507]: 117 "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #2: STATE_QUICK_I1: initiate
авг 22 23:14:59 thinkpad pluto[18953]: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #1: ignoring informational payload NO_PROPOSAL_CHOSEN, msgid=00000000, length=12
авг 22 23:14:59 thinkpad pluto[18953]: | ISAKMP Notification Payload
авг 22 23:14:59 thinkpad pluto[18953]: |   00 00 00 0c  00 00 00 01  01 00 00 0e
авг 22 23:14:59 thinkpad pluto[18953]: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #1: received and ignored informational message
авг 22 23:15:00 thinkpad pluto[18953]: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #2: STATE_QUICK_I1: retransmission; will wait 0.5 seconds for response
авг 22 23:15:00 thinkpad NetworkManager[507]: 010 "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #2: STATE_QUICK_I1: retransmission; will wait 0.5 seconds for response
авг 22 23:15:00 thinkpad pluto[18953]: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #2: STATE_QUICK_I1: retransmission; will wait 1 seconds for response
авг 22 23:15:00 thinkpad NetworkManager[507]: 010 "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #2: STATE_QUICK_I1: retransmission; will wait 1 seconds for response
авг 22 23:15:01 thinkpad pluto[18953]: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #2: STATE_QUICK_I1: retransmission; will wait 2 seconds for response
авг 22 23:15:01 thinkpad NetworkManager[507]: 010 "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #2: STATE_QUICK_I1: retransmission; will wait 2 seconds for response
авг 22 23:15:03 thinkpad pluto[18953]: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #2: STATE_QUICK_I1: retransmission; will wait 4 seconds for response
авг 22 23:15:03 thinkpad NetworkManager[507]: 010 "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #2: STATE_QUICK_I1: retransmission; will wait 4 seconds for response
авг 22 23:15:07 thinkpad pluto[18953]: "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #2: STATE_QUICK_I1: retransmission; will wait 8 seconds for response
авг 22 23:15:07 thinkpad NetworkManager[507]: 010 "43ccb280-54d1-4e45-ab6a-17af11b4aabd" #2: STATE_QUICK_I1: retransmission; will wait 8 seconds for response
авг 22 23:15:09 thinkpad nm-l2tp-service[18637]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed

On the VPN-server side there are the following error messages:

ISAKMP-SA established server_ip[4500]-client_ip[20406] spi:4db152d55bba4373:ee206901a7e5a073
the packet is retransmitted by client_ip[425].
respond new phase 1 (Identity Protection): server_ip[500]<=>client_ip[425]
client_ip peer sent packet for dead phase2

The funny thing is that connection worked fine for some time and all of sudden stopped working - no updates and no changes have been made.
Any help is appreciated!

Offline

Board footer

Powered by FluxBB