Wednesday, August 1, 2018

Bros, new to the field and having issues setting up this route based BOVPN tunnel from my office to Azure.

Trying to set up a BOVPN tunnel from a Watchguard Firebox x400 11.12 to a vnet in Azure.

Here's the latest diag log. Any insight would be greatly appreciated.

*** WG Diagnostic Report for Gateway "OfficetoYCVM" ***

Created On: Wed Aug 1 10:38:20 2018

[Conclusion]

Tunnel Name: OfficetoYCVM

Incoming VPN traffic was detected for this tunnel after the diagnostic report started. Outgoing traffic was NOT detected for this tunnel after the diagnostic report started. The firewall policy "BOVPN-Allow.out-00" is matched for the outgoing traffic. The firewall policy "BOVPN-Allow.in-00" is matched for the incoming traffic.

[Gateway Summary]

Gateway "OfficetoYCVM" contains "1" gateway endpoint(s). IKE Version is IKEv2. Gateway Endpoint #1 (name "OfficetoYCVM") Enabled PFS: Disabled AlwaysUp: Enabled DPD: Enabled Keepalive: Disabled Local ID<->Remote ID: {IP\_ADDR(xxx.xx.xxx.xx) <-> IP\_ADDR(xxx.xx.xxx.xx)} Local GW\_IP<->Remote GW\_IP: {xxx.xx.xxx.xx <-> xxx.xx.xxx.xx} Outgoing Interface: eth0 (ifIndex=2) ifMark=0x10000 linkStatus=2 (0:unknown, 1:down, 2:up) BVPN Interface: bvpn1 (ifIndex=18) Remote Endpoint Type: Cloud VPN or Third-Party Gateway Local\_Tun\_IP<->Rem\_Tun\_IP: {xxx.xx.xxx.xx <-> xxx.xx.xxx.xx} NAT-D flag=0x0 (0:none, 1:remote, 2:local, 3:both)

[Tunnel Summary]

"1" tunnel(s) are found using the previous gateway Name: "OfficetoYCVM" Enabled PFS: "Disabled" DH-Group: "2" Number of Proposals: "1"

Proposal "ESP-AES-SHA1"

 ESP:

EncryptAlgo: "AES" KeyLen: "32(bytes)"

AuthAlgo: "SHA"

LifeTime: "28800(seconds)" LifeByte: "0(kbytes)"

 Number of Tunnel Routes: "0"

[Run-time Info (bvpn routes)]

dest=[10.1.0.0/16](https://10.1.0.0/16) dev=bvpn1 metric=1 proto=static

[Run-time Info (gateway IKE_SA)]

Name: "OfficetoYCVM" (IfStatus: 0x80000002) IKE SAID: "0xe43380ec" State: "MATURE" Created: Wed Aug 1 05:01:06 2018 My Address: xxx.xx.xxx.xx:500 Peer Address: xxx.xx.xxx.xx:500 InitCookie: "e0bb3206d5722e92" RespCookie: "70a55ccaaa495dfd" LifeTime: "28800(seconds)" LifeByte: "0(kbtyes)" DPD: "Enabled" Serial Number: 9140 msgIdSend: 3 msgIdRecv: 10069

[Run-time Info (tunnel IPSEC_SA)]

"2" IPSEC SA(s) are found under tunnel "OfficetoYCVM" \#1 "OUTBOUND" SPI: 0x894dd7d6 ISAKMP SA ID: 0xe43380ec Created on: Wed Aug 1 06:26:16 2018 Bytes Sent: "0" Packets Sent: "0" Errors: replay: "0" replay\_win: "0" integrity: "0" hw\_ctx: "0" HwCryptoCtx: currErr: "0" ctxState: "0" Tunnel Endpoint: "xxx.xx.xxx.xx->xxx.xx.xxx.xx" Tunnel Selector: "0.0.0.0-> [0.0.0.0](https://0.0.0.0) Proto: ANY" AUTH: "hmac(sha1)" KeyLen: "20(bytes)" CRYPT: "cbc(aes)" KeyLen: "32(bytes)" XFRM Mark: 1 (value: 0x1 mask: 0xffff) Gateway Name: "OfficetoYCVM" Tunnel Name: "OfficetoYCVM" Owner Id: "80DA035D59997" IFMARK: "0x10000(2)" DPD: "Enabled" Number of Rekeys: "0" \#2 "INBOUND" SPI: 0x9fb8ebed ISAKMP SA ID: 0xe43380ec Created on: Wed Aug 1 06:26:16 2018 Last Used on: Wed Aug 1 10:38:19 2018 Bytes Sent: "8064" Packets Sent: "252" Errors: replay: "0" replay\_win: "0" integrity: "0" hw\_ctx: "0" HwCryptoCtx: currErr: "0" ctxState: "0" Tunnel Endpoint: "xxx.xx.xxx.xx->xxx.xx.xxx.xx" Tunnel Selector: "0.0.0.0-> [0.0.0.0](https://0.0.0.0) Proto: ANY" AUTH: "hmac(sha1)" KeyLen: "20(bytes)" CRYPT: "cbc(aes)" KeyLen: "32(bytes)" XFRM Mark: 1 (value: 0x1 mask: 0xffff) Gateway Name: "OfficetoYCVM" Tunnel Name: "OfficetoYCVM" Owner Id: "80DA035D59997" IFMARK: "0x10000(2)" DPD: "Enabled" Number of Rekeys: "0"

[Run-time Info (tunnel IPSEC_SP)]

"1" IPSEC SP(s) are found under tunnel "OfficetoYCVM" \#1 Tunnel Endpoint: "xxx.xx.xxx.xx->xxx.xx.xxx.xx" Tunnel Selector: 0.0.0.0-> [0.0.0.0](https://0.0.0.0) Proto: ANY XFRM Mark: 1 (value: 0x1, mask: 0xffff) Created On: Wed Aug 1 06:26:16 2018 Gateway Name: "OfficetoYCVM" Tunnel Name: "OfficetoYCVM"

[Policy checker result]

Tunnel name: OfficetoYCVM

OUTBOUND traffic (src=192.168.10.2 dst=10.1.0.1 proto=tcp)

 Found policy: BOVPN-Allow.out-00 Action: Allowed Outif: bvpn1

INBOUND traffic (src=10.1.0.1 dst=192.168.10.2 proto=tcp)

 Found policy: BOVPN-Allow.in-00 Action: Allowed Outif: Wireless

[Related Logs]

<158>Aug 1 10:38:00 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)******** RECV an IKE packet at xxx.xx.xxx.xx:500(socket=11 ifIndex=2) from Peer xxx.xx.xxx.xx:500 ********

<158>Aug 1 10:38:00 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received IKEv2 "INFO response" message with message-ID:2 length:60 SPI[i=e0bb3206d5722e92 r=70a55ccaaa495dfd]

<158>Aug 1 10:38:00 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)"INFO response" message has 1 payloads [ ENCR(sz=32)]

<158>Aug 1 10:38:00 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Got IKE policy 'OfficetoYCVM' from ikeSA(0x1484878)

<158>Aug 1 10:38:00 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)IKEv2 "INFO response"'s decrypted message contains 0 payloads []

<158>Aug 1 10:38:00 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)dispatch the received INFO response message - IkeSA(0x1484878)'s state=MATURE

<158>Aug 1 10:38:00 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received the DPD response from xxx.xx.xxx.xx:500 for gateway(OfficetoYCVM), msgId=2

<158>Aug 1 10:38:00 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ike2_P1StatusChange: notify ikePcy(OfficetoYCVM ver#2)'s status becomes "UP" (ikeSA=0x1484878)

<158>Aug 1 10:38:00 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)stop the retry object(0x1711528) for the previous request message(name=DPD request, msgId=2)

<158>Aug 1 10:38:01 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)******** RECV an IKE packet at xxx.xx.xxx.xx:500(socket=11 ifIndex=2) from Peer xxx.xx.xxx.xx:500 ********

<158>Aug 1 10:38:01 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received IKEv2 "INFO request" message with message-ID:10059 length:60 SPI[i=e0bb3206d5722e92 r=70a55ccaaa495dfd]

<158>Aug 1 10:38:01 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)"INFO request" message has 1 payloads [ ENCR(sz=32)]

<158>Aug 1 10:38:01 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Got IKE policy 'OfficetoYCVM' from ikeSA(0x1484878)

<158>Aug 1 10:38:01 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)IKEv2 "INFO request"'s decrypted message contains 0 payloads []

<158>Aug 1 10:38:01 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)dispatch the received INFO request message - IkeSA(0x1484878)'s state=MATURE

<158>Aug 1 10:38:01 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received the DPD request from xxx.xx.xxx.xx:500 for gateway(OfficetoYCVM), msgId=10059

<158>Aug 1 10:38:01 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)'DPD response' message created successfully. length:60

<158>Aug 1 10:38:01 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Sent out DPD response message (msgId=10059) from xxx.xx.xxx.xx:500 to xxx.xx.xxx.xx:500 for 'OfficetoYCVM' gateway endpoint successfully.

<158>Aug 1 10:38:01 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ikeSA(0x1484878)'s msgIdRecv is updated: 10059 -> 10060

<158>Aug 1 10:38:01 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ike2_P1StatusChange: notify ikePcy(OfficetoYCVM ver#2)'s status becomes "UP" (ikeSA=0x1484878)

<158>Aug 1 10:38:03 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)******** RECV an IKE packet at xxx.xx.xxx.xx:500(socket=11 ifIndex=2) from Peer xxx.xx.xxx.xx:500 ********

<158>Aug 1 10:38:03 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received IKEv2 "INFO request" message with message-ID:10060 length:60 SPI[i=e0bb3206d5722e92 r=70a55ccaaa495dfd]

<158>Aug 1 10:38:03 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)"INFO request" message has 1 payloads [ ENCR(sz=32)]

<158>Aug 1 10:38:03 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Got IKE policy 'OfficetoYCVM' from ikeSA(0x1484878)

<158>Aug 1 10:38:03 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)IKEv2 "INFO request"'s decrypted message contains 0 payloads []

<158>Aug 1 10:38:03 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)dispatch the received INFO request message - IkeSA(0x1484878)'s state=MATURE

<158>Aug 1 10:38:03 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received the DPD request from xxx.xx.xxx.xx:500 for gateway(OfficetoYCVM), msgId=10060

<158>Aug 1 10:38:03 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)'DPD response' message created successfully. length:60

<158>Aug 1 10:38:03 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Sent out DPD response message (msgId=10060) from xxx.xx.xxx.xx:500 to xxx.xx.xxx.xx:500 for 'OfficetoYCVM' gateway endpoint successfully.

<158>Aug 1 10:38:03 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ikeSA(0x1484878)'s msgIdRecv is updated: 10060 -> 10061

<158>Aug 1 10:38:03 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ike2_P1StatusChange: notify ikePcy(OfficetoYCVM ver#2)'s status becomes "UP" (ikeSA=0x1484878)

<158>Aug 1 10:38:05 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)******** RECV an IKE packet at xxx.xx.xxx.xx:500(socket=11 ifIndex=2) from Peer xxx.xx.xxx.xx:500 ********

<158>Aug 1 10:38:05 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received IKEv2 "INFO request" message with message-ID:10061 length:60 SPI[i=e0bb3206d5722e92 r=70a55ccaaa495dfd]

<158>Aug 1 10:38:05 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)"INFO request" message has 1 payloads [ ENCR(sz=32)]

<158>Aug 1 10:38:05 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Got IKE policy 'OfficetoYCVM' from ikeSA(0x1484878)

<158>Aug 1 10:38:05 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)IKEv2 "INFO request"'s decrypted message contains 0 payloads []

<158>Aug 1 10:38:05 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)dispatch the received INFO request message - IkeSA(0x1484878)'s state=MATURE

<158>Aug 1 10:38:05 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received the DPD request from xxx.xx.xxx.xx:500 for gateway(OfficetoYCVM), msgId=10061

<158>Aug 1 10:38:05 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)'DPD response' message created successfully. length:60

<158>Aug 1 10:38:05 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Sent out DPD response message (msgId=10061) from xxx.xx.xxx.xx:500 to xxx.xx.xxx.xx:500 for 'OfficetoYCVM' gateway endpoint successfully.

<158>Aug 1 10:38:05 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ikeSA(0x1484878)'s msgIdRecv is updated: 10061 -> 10062

<158>Aug 1 10:38:05 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ike2_P1StatusChange: notify ikePcy(OfficetoYCVM ver#2)'s status becomes "UP" (ikeSA=0x1484878)

<158>Aug 1 10:38:07 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)******** RECV an IKE packet at xxx.xx.xxx.xx:500(socket=11 ifIndex=2) from Peer xxx.xx.xxx.xx:500 ********

<158>Aug 1 10:38:07 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received IKEv2 "INFO request" message with message-ID:10062 length:60 SPI[i=e0bb3206d5722e92 r=70a55ccaaa495dfd]

<158>Aug 1 10:38:07 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)"INFO request" message has 1 payloads [ ENCR(sz=32)]

<158>Aug 1 10:38:07 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Got IKE policy 'OfficetoYCVM' from ikeSA(0x1484878)

<158>Aug 1 10:38:07 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)IKEv2 "INFO request"'s decrypted message contains 0 payloads []

<158>Aug 1 10:38:07 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)dispatch the received INFO request message - IkeSA(0x1484878)'s state=MATURE

<158>Aug 1 10:38:07 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received the DPD request from xxx.xx.xxx.xx:500 for gateway(OfficetoYCVM), msgId=10062

<158>Aug 1 10:38:07 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)'DPD response' message created successfully. length:60

<158>Aug 1 10:38:07 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Sent out DPD response message (msgId=10062) from xxx.xx.xxx.xx:500 to xxx.xx.xxx.xx:500 for 'OfficetoYCVM' gateway endpoint successfully.

<158>Aug 1 10:38:07 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ikeSA(0x1484878)'s msgIdRecv is updated: 10062 -> 10063

<158>Aug 1 10:38:07 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ike2_P1StatusChange: notify ikePcy(OfficetoYCVM ver#2)'s status becomes "UP" (ikeSA=0x1484878)

<158>Aug 1 10:38:09 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)******** RECV an IKE packet at xxx.xx.xxx.xx:500(socket=11 ifIndex=2) from Peer xxx.xx.xxx.xx:500 ********

<158>Aug 1 10:38:09 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received IKEv2 "INFO request" message with message-ID:10063 length:60 SPI[i=e0bb3206d5722e92 r=70a55ccaaa495dfd]

<158>Aug 1 10:38:09 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)"INFO request" message has 1 payloads [ ENCR(sz=32)]

<158>Aug 1 10:38:09 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Got IKE policy 'OfficetoYCVM' from ikeSA(0x1484878)

<158>Aug 1 10:38:09 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)IKEv2 "INFO request"'s decrypted message contains 0 payloads []

<158>Aug 1 10:38:09 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)dispatch the received INFO request message - IkeSA(0x1484878)'s state=MATURE

<158>Aug 1 10:38:09 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received the DPD request from xxx.xx.xxx.xx:500 for gateway(OfficetoYCVM), msgId=10063

<158>Aug 1 10:38:09 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)'DPD response' message created successfully. length:60

<158>Aug 1 10:38:09 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Sent out DPD response message (msgId=10063) from xxx.xx.xxx.xx:500 to xxx.xx.xxx.xx:500 for 'OfficetoYCVM' gateway endpoint successfully.

<158>Aug 1 10:38:09 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ikeSA(0x1484878)'s msgIdRecv is updated: 10063 -> 10064

<158>Aug 1 10:38:09 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ike2_P1StatusChange: notify ikePcy(OfficetoYCVM ver#2)'s status becomes "UP" (ikeSA=0x1484878)

<158>Aug 1 10:38:11 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)******** RECV an IKE packet at xxx.xx.xxx.xx:500(socket=11 ifIndex=2) from Peer xxx.xx.xxx.xx:500 ********

<158>Aug 1 10:38:11 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received IKEv2 "INFO request" message with message-ID:10064 length:60 SPI[i=e0bb3206d5722e92 r=70a55ccaaa495dfd]

<158>Aug 1 10:38:11 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)"INFO request" message has 1 payloads [ ENCR(sz=32)]

<158>Aug 1 10:38:11 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Got IKE policy 'OfficetoYCVM' from ikeSA(0x1484878)

<158>Aug 1 10:38:11 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)IKEv2 "INFO request"'s decrypted message contains 0 payloads []

<158>Aug 1 10:38:11 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)dispatch the received INFO request message - IkeSA(0x1484878)'s state=MATURE

<158>Aug 1 10:38:11 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received the DPD request from xxx.xx.xxx.xx:500 for gateway(OfficetoYCVM), msgId=10064

<158>Aug 1 10:38:11 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)'DPD response' message created successfully. length:60

<158>Aug 1 10:38:11 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Sent out DPD response message (msgId=10064) from xxx.xx.xxx.xx:500 to xxx.xx.xxx.xx:500 for 'OfficetoYCVM' gateway endpoint successfully.

<158>Aug 1 10:38:11 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ikeSA(0x1484878)'s msgIdRecv is updated: 10064 -> 10065

<158>Aug 1 10:38:11 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ike2_P1StatusChange: notify ikePcy(OfficetoYCVM ver#2)'s status becomes "UP" (ikeSA=0x1484878)

<158>Aug 1 10:38:13 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)******** RECV an IKE packet at xxx.xx.xxx.xx:500(socket=11 ifIndex=2) from Peer xxx.xx.xxx.xx:500 ********

<158>Aug 1 10:38:13 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received IKEv2 "INFO request" message with message-ID:10065 length:60 SPI[i=e0bb3206d5722e92 r=70a55ccaaa495dfd]

<158>Aug 1 10:38:13 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)"INFO request" message has 1 payloads [ ENCR(sz=32)]

<158>Aug 1 10:38:13 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Got IKE policy 'OfficetoYCVM' from ikeSA(0x1484878)

<158>Aug 1 10:38:13 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)IKEv2 "INFO request"'s decrypted message contains 0 payloads []

<158>Aug 1 10:38:13 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)dispatch the received INFO request message - IkeSA(0x1484878)'s state=MATURE

<158>Aug 1 10:38:13 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received the DPD request from xxx.xx.xxx.xx:500 for gateway(OfficetoYCVM), msgId=10065

<158>Aug 1 10:38:13 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)'DPD response' message created successfully. length:60

<158>Aug 1 10:38:13 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Sent out DPD response message (msgId=10065) from xxx.xx.xxx.xx:500 to xxx.xx.xxx.xx:500 for 'OfficetoYCVM' gateway endpoint successfully.

<158>Aug 1 10:38:13 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ikeSA(0x1484878)'s msgIdRecv is updated: 10065 -> 10066

<158>Aug 1 10:38:13 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ike2_P1StatusChange: notify ikePcy(OfficetoYCVM ver#2)'s status becomes "UP" (ikeSA=0x1484878)

<158>Aug 1 10:38:15 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)******** RECV an IKE packet at xxx.xx.xxx.xx:500(socket=11 ifIndex=2) from Peer xxx.xx.xxx.xx:500 ********

<158>Aug 1 10:38:15 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received IKEv2 "INFO request" message with message-ID:10066 length:60 SPI[i=e0bb3206d5722e92 r=70a55ccaaa495dfd]

<158>Aug 1 10:38:15 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)"INFO request" message has 1 payloads [ ENCR(sz=32)]

<158>Aug 1 10:38:15 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Got IKE policy 'OfficetoYCVM' from ikeSA(0x1484878)

<158>Aug 1 10:38:15 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)IKEv2 "INFO request"'s decrypted message contains 0 payloads []

<158>Aug 1 10:38:15 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)dispatch the received INFO request message - IkeSA(0x1484878)'s state=MATURE

<158>Aug 1 10:38:15 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received the DPD request from xxx.xx.xxx.xx:500 for gateway(OfficetoYCVM), msgId=10066

<158>Aug 1 10:38:15 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)'DPD response' message created successfully. length:60

<158>Aug 1 10:38:15 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Sent out DPD response message (msgId=10066) from xxx.xx.xxx.xx:500 to xxx.xx.xxx.xx:500 for 'OfficetoYCVM' gateway endpoint successfully.

<158>Aug 1 10:38:15 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ikeSA(0x1484878)'s msgIdRecv is updated: 10066 -> 10067

<158>Aug 1 10:38:15 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ike2_P1StatusChange: notify ikePcy(OfficetoYCVM ver#2)'s status becomes "UP" (ikeSA=0x1484878)

<158>Aug 1 10:38:17 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)******** RECV an IKE packet at xxx.xx.xxx.xx:500(socket=11 ifIndex=2) from Peer xxx.xx.xxx.xx:500 ********

<158>Aug 1 10:38:17 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received IKEv2 "INFO request" message with message-ID:10067 length:60 SPI[i=e0bb3206d5722e92 r=70a55ccaaa495dfd]

<158>Aug 1 10:38:17 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)"INFO request" message has 1 payloads [ ENCR(sz=32)]

<158>Aug 1 10:38:17 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Got IKE policy 'OfficetoYCVM' from ikeSA(0x1484878)

<158>Aug 1 10:38:17 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)IKEv2 "INFO request"'s decrypted message contains 0 payloads []

<158>Aug 1 10:38:17 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)dispatch the received INFO request message - IkeSA(0x1484878)'s state=MATURE

<158>Aug 1 10:38:17 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received the DPD request from xxx.xx.xxx.xx:500 for gateway(OfficetoYCVM), msgId=10067

<158>Aug 1 10:38:17 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)'DPD response' message created successfully. length:60

<158>Aug 1 10:38:17 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Sent out DPD response message (msgId=10067) from xxx.xx.xxx.xx:500 to xxx.xx.xxx.xx:500 for 'OfficetoYCVM' gateway endpoint successfully.

<158>Aug 1 10:38:17 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ikeSA(0x1484878)'s msgIdRecv is updated: 10067 -> 10068

<158>Aug 1 10:38:17 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ike2_P1StatusChange: notify ikePcy(OfficetoYCVM ver#2)'s status becomes "UP" (ikeSA=0x1484878)

<158>Aug 1 10:38:19 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)******** RECV an IKE packet at xxx.xx.xxx.xx:500(socket=11 ifIndex=2) from Peer xxx.xx.xxx.xx:500 ********

<158>Aug 1 10:38:19 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received IKEv2 "INFO request" message with message-ID:10068 length:60 SPI[i=e0bb3206d5722e92 r=70a55ccaaa495dfd]

<158>Aug 1 10:38:19 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)"INFO request" message has 1 payloads [ ENCR(sz=32)]

<158>Aug 1 10:38:19 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Got IKE policy 'OfficetoYCVM' from ikeSA(0x1484878)

<158>Aug 1 10:38:19 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)IKEv2 "INFO request"'s decrypted message contains 0 payloads []

<158>Aug 1 10:38:19 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)dispatch the received INFO request message - IkeSA(0x1484878)'s state=MATURE

<158>Aug 1 10:38:19 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Received the DPD request from xxx.xx.xxx.xx:500 for gateway(OfficetoYCVM), msgId=10068

<158>Aug 1 10:38:19 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)'DPD response' message created successfully. length:60

<158>Aug 1 10:38:19 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)Sent out DPD response message (msgId=10068) from xxx.xx.xxx.xx:500 to xxx.xx.xxx.xx:500 for 'OfficetoYCVM' gateway endpoint successfully.

<158>Aug 1 10:38:19 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ikeSA(0x1484878)'s msgIdRecv is updated: 10068 -> 10069

<158>Aug 1 10:38:19 iked[2528]: (xxx.xx.xxx.xx<->xxx.xx.xxx.xx)ike2_P1StatusChange: notify ikePcy(OfficetoYCVM ver#2)'s status becomes "UP" (ikeSA=0x1484878)



at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)