ipsec.log - pfSense Plus - pfSense bugtracker

Feature #16287 » ipsec.log

Jimmy Thrasibule, 06/27/2025 04:06 PM

       <30>1 2025-06-26T23:43:00.162175+02:00 fw01.example.com charon 85458 - - 12[CFG] vici initiate IKE_SA 'con1'
       <30>1 2025-06-26T23:43:00.162286+02:00 fw01.example.com charon 85458 - - 09[MGR] checkout IKE_SA by config
       <30>1 2025-06-26T23:43:00.165197+02:00 fw01.example.com charon 85458 - - 09[MGR] created IKE_SA (unnamed)[1]
       <30>1 2025-06-26T23:43:00.167057+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> queueing IKE_VENDOR task
       <30>1 2025-06-26T23:43:00.167109+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> queueing IKE_INIT task
       <30>1 2025-06-26T23:43:00.167164+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> queueing IKE_NATD task
       <30>1 2025-06-26T23:43:00.167191+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> queueing IKE_CERT_PRE task
       <30>1 2025-06-26T23:43:00.167219+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> queueing IKE_AUTH task
       <30>1 2025-06-26T23:43:00.167245+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> queueing IKE_CERT_POST task
       <30>1 2025-06-26T23:43:00.167272+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> queueing IKE_CONFIG task
       <30>1 2025-06-26T23:43:00.167298+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> queueing IKE_AUTH_LIFETIME task
       <30>1 2025-06-26T23:43:00.167326+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> queueing IKE_ESTABLISH task
       <30>1 2025-06-26T23:43:00.167349+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> activating new tasks
       <30>1 2025-06-26T23:43:00.167370+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1>   activating IKE_VENDOR task
       <30>1 2025-06-26T23:43:00.167394+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1>   activating IKE_INIT task
       <30>1 2025-06-26T23:43:00.167417+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1>   activating IKE_NATD task
       <30>1 2025-06-26T23:43:00.167440+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1>   activating IKE_CERT_PRE task
       <30>1 2025-06-26T23:43:00.167463+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1>   activating IKE_AUTH task
       <30>1 2025-06-26T23:43:00.167486+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1>   activating IKE_CERT_POST task
       <30>1 2025-06-26T23:43:00.167508+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1>   activating IKE_CONFIG task
       <30>1 2025-06-26T23:43:00.167531+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1>   activating IKE_AUTH_LIFETIME task
       <30>1 2025-06-26T23:43:00.167555+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1>   activating IKE_ESTABLISH task
       <30>1 2025-06-26T23:43:00.167612+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> initiating IKE_SA con1[1] to 2001:0db8:109:ad02::1
       <30>1 2025-06-26T23:43:00.167679+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> IKE_SA con1[1] state change: CREATED => CONNECTING
       <30>1 2025-06-26T23:43:00.168017+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1> configured proposals: IKE:CHACHA20_POLY1305/PRF_HMAC_SHA2_256/CURVE_25519
       <30>1 2025-06-26T23:43:00.168141+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1> sending supported signature hash algorithms: sha256 sha384 sha512 identity
       <30>1 2025-06-26T23:43:00.168259+02:00 fw01.example.com charon 85458 - - 09[ENC] <con1|1> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
       <30>1 2025-06-26T23:43:00.168420+02:00 fw01.example.com charon 85458 - - 09[NET] <con1|1> sending packet: from 2001:0db8:109:ad02::2[500] to 2001:0db8:109:ad02::1[500] (228 bytes)
       <30>1 2025-06-26T23:43:00.168464+02:00 fw01.example.com charon 85458 - - 09[MGR] <con1|1> checkin IKEv2 SA con1[1] with SPIs 67ada4f5ac5f0b08_i 0000000000000000_r
       <30>1 2025-06-26T23:43:00.168489+02:00 fw01.example.com charon 85458 - - 09[MGR] <con1|1> checkin of IKE_SA successful
       <30>1 2025-06-26T23:43:00.265507+02:00 fw01.example.com charon 85458 - - 09[MGR] checkout IKEv2 SA by message with SPIs 67ada4f5ac5f0b08_i 731b1fc32db8d430_r
       <30>1 2025-06-26T23:43:00.265546+02:00 fw01.example.com charon 85458 - - 09[MGR] IKE_SA con1[1] successfully checked out
       <30>1 2025-06-26T23:43:00.265616+02:00 fw01.example.com charon 85458 - - 09[NET] <con1|1> received packet: from 2001:0db8:109:ad02::1[500] to 2001:0db8:109:ad02::2[500] (321 bytes)
       <30>1 2025-06-26T23:43:00.265786+02:00 fw01.example.com charon 85458 - - 09[ENC] <con1|1> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
       <30>1 2025-06-26T23:43:00.265841+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> received FRAGMENTATION_SUPPORTED notify
       <30>1 2025-06-26T23:43:00.265864+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> received SIGNATURE_HASH_ALGORITHMS notify
       <30>1 2025-06-26T23:43:00.265884+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> received CHILDLESS_IKEV2_SUPPORTED notify
       <30>1 2025-06-26T23:43:00.265949+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1> selecting proposal:
       <30>1 2025-06-26T23:43:00.265992+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1>   proposal matches
       <30>1 2025-06-26T23:43:00.266024+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1> received proposals: IKE:CHACHA20_POLY1305/PRF_HMAC_SHA2_256/CURVE_25519
       <30>1 2025-06-26T23:43:00.266051+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1> configured proposals: IKE:CHACHA20_POLY1305/PRF_HMAC_SHA2_256/CURVE_25519
       <30>1 2025-06-26T23:43:00.266077+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1> selected proposal: IKE:CHACHA20_POLY1305/PRF_HMAC_SHA2_256/CURVE_25519
       <30>1 2025-06-26T23:43:00.266141+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1> received supported signature hash algorithms: sha256 sha384 sha512 identity
       <30>1 2025-06-26T23:43:00.269026+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> received cert request for "C=US, O=Let's Encrypt, CN=E6"
       <30>1 2025-06-26T23:43:00.270343+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> received cert request for unknown ca with keyid e5:43:55:33:26:ce:0c:be:eb:cc:d6:37:1a:b5:c6:a2:8a:c0:89:07
       <30>1 2025-06-26T23:43:00.270394+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> received cert request for unknown ca with keyid 44:22:cc:44:9e:62:0c:b3:39:18:0b:fc:35:9f:94:af:f3:ef:98:2c
       <30>1 2025-06-26T23:43:00.270447+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> received cert request for unknown ca with keyid f8:16:51:3c:fd:1b:44:9f:2e:6b:28:a1:97:22:1f:b8:1f:51:4e:3c
       <30>1 2025-06-26T23:43:00.270470+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> received 3 cert requests for an unknown ca
       <30>1 2025-06-26T23:43:00.272007+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> reinitiating already active tasks
       <30>1 2025-06-26T23:43:00.272036+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1>   IKE_CERT_PRE task
       <30>1 2025-06-26T23:43:00.272056+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1>   IKE_AUTH task
       <30>1 2025-06-26T23:43:00.272100+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> sending cert request for "C=US, O=Let's Encrypt, CN=E6"
       <30>1 2025-06-26T23:43:00.275762+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> authentication of 'CN=host-1.example.com' (myself) with ECDSA_WITH_SHA256_DER successful
       <30>1 2025-06-26T23:43:00.275852+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> sending end entity cert "CN=host-1.example.com"
       <30>1 2025-06-26T23:43:00.276001+02:00 fw01.example.com charon 85458 - - 09[ENC] <con1|1> generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
       <30>1 2025-06-26T23:43:00.276265+02:00 fw01.example.com charon 85458 - - 09[NET] <con1|1> sending packet: from 2001:0db8:109:ad02::2[500] to 2001:0db8:109:ad02::1[500] (1224 bytes)
       <30>1 2025-06-26T23:43:00.276312+02:00 fw01.example.com charon 85458 - - 09[MGR] <con1|1> checkin IKEv2 SA con1[1] with SPIs 67ada4f5ac5f0b08_i 731b1fc32db8d430_r
       <30>1 2025-06-26T23:43:00.276333+02:00 fw01.example.com charon 85458 - - 09[MGR] <con1|1> checkin of IKE_SA successful
       <30>1 2025-06-26T23:43:00.368416+02:00 fw01.example.com charon 85458 - - 09[MGR] checkout IKEv2 SA by message with SPIs 67ada4f5ac5f0b08_i 731b1fc32db8d430_r
       <30>1 2025-06-26T23:43:00.368470+02:00 fw01.example.com charon 85458 - - 09[MGR] IKE_SA con1[1] successfully checked out
       <30>1 2025-06-26T23:43:00.368555+02:00 fw01.example.com charon 85458 - - 09[NET] <con1|1> received packet: from 2001:0db8:109:ad02::1[500] to 2001:0db8:109:ad02::2[500] (1126 bytes)
       <30>1 2025-06-26T23:43:00.368727+02:00 fw01.example.com charon 85458 - - 09[ENC] <con1|1> parsed IKE_AUTH response 1 [ IDr CERT AUTH ]
       <30>1 2025-06-26T23:43:00.369600+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> received end entity cert "CN=host-2.example.com"
       <30>1 2025-06-26T23:43:00.369759+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1>   using certificate "CN=host-2.example.com"
       <30>1 2025-06-26T23:43:00.369816+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1>   certificate "CN=host-2.example.com" key: 256 bit ECDSA
       <30>1 2025-06-26T23:43:00.372236+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1>   using trusted intermediate ca certificate "C=US, O=Let's Encrypt, CN=E6"
       <30>1 2025-06-26T23:43:00.372310+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1>   certificate "C=US, O=Let's Encrypt, CN=E6" key: 384 bit ECDSA
       <30>1 2025-06-26T23:43:00.372390+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1> no issuer certificate found for "C=US, O=Let's Encrypt, CN=E6"
       <30>1 2025-06-26T23:43:00.372448+02:00 fw01.example.com charon 85458 - - 09[CFG] <con1|1>   issuer is "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
       <30>1 2025-06-26T23:43:00.372527+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> no trusted ECDSA public key found for 'CN=host-2.example.com'
       <30>1 2025-06-26T23:43:00.372618+02:00 fw01.example.com charon 85458 - - 09[ENC] <con1|1> generating INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
       <30>1 2025-06-26T23:43:00.372727+02:00 fw01.example.com charon 85458 - - 09[NET] <con1|1> sending packet: from 2001:0db8:109:ad02::2[500] to 2001:0db8:109:ad02::1[500] (65 bytes)
       <30>1 2025-06-26T23:43:00.372772+02:00 fw01.example.com charon 85458 - - 09[MGR] <con1|1> checkin and destroy IKE_SA con1[1]
       <30>1 2025-06-26T23:43:00.372798+02:00 fw01.example.com charon 85458 - - 09[IKE] <con1|1> IKE_SA con1[1] state change: CONNECTING => DESTROYING
       <30>1 2025-06-26T23:43:00.372855+02:00 fw01.example.com charon 85458 - - 09[MGR] checkin and destroy of IKE_SA successful
       <30>1 2025-06-26T23:43:00.373272+02:00 fw01.example.com charon 85458 - - 12[CFG] vici client 335 disconnected
       <30>1 2025-06-26T23:43:00.397303+02:00 fw01.example.com charon 85458 - - 12[MGR] checkout IKEv2 SA by message with SPIs 67ada4f5ac5f0b08_i 731b1fc32db8d430_r
       <30>1 2025-06-26T23:43:00.397343+02:00 fw01.example.com charon 85458 - - 12[MGR] IKE_SA checkout not successful
       <30>1 2025-06-26T23:43:02.252132+02:00 fw01.example.com charon 85458 - - 13[CFG] vici client 336 connected
       <30>1 2025-06-26T23:43:02.252199+02:00 fw01.example.com charon 85458 - - 09[CFG] vici client 336 registered for: list-sa
       <30>1 2025-06-26T23:43:02.252569+02:00 fw01.example.com charon 85458 - - 09[CFG] vici client 336 requests: list-sas
       <30>1 2025-06-26T23:43:02.252832+02:00 fw01.example.com charon 85458 - - 13[CFG] vici client 336 disconnected
       <30>1 2025-06-26T23:43:04.168559+02:00 fw01.example.com charon 85458 - - 13[MGR] checkout IKEv2 SA with SPIs 67ada4f5ac5f0b08_i 0000000000000000_r
       <30>1 2025-06-26T23:43:04.168606+02:00 fw01.example.com charon 85458 - - 13[MGR] IKE_SA checkout not successful
       <30>1 2025-06-26T23:43:04.276429+02:00 fw01.example.com charon 85458 - - 13[MGR] checkout IKEv2 SA with SPIs 67ada4f5ac5f0b08_i 731b1fc32db8d430_r
       <30>1 2025-06-26T23:43:04.276469+02:00 fw01.example.com charon 85458 - - 13[MGR] IKE_SA checkout not successful
       <30>1 2025-06-26T23:43:08.246110+02:00 fw01.example.com charon 85458 - - 09[CFG] vici client 337 connected
       <30>1 2025-06-26T23:43:08.246212+02:00 fw01.example.com charon 85458 - - 13[CFG] vici client 337 registered for: list-sa
       <30>1 2025-06-26T23:43:08.246584+02:00 fw01.example.com charon 85458 - - 09[CFG] vici client 337 requests: list-sas
       <30>1 2025-06-26T23:43:08.246874+02:00 fw01.example.com charon 85458 - - 11[CFG] vici client 337 disconnected

« Previous
1
2
Next »

(1-1/2)

Project

General

Profile

pfSense » pfSense Plus

Feature #16287 » ipsec.log