pfSense bugtracker: Issueshttps://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162024-03-05T19:53:06ZpfSense bugtracker
Redmine pfSense Packages - Bug #15313 (Confirmed): Zabbix server 6.4.12 requires Zabbix proxies to be ver...https://redmine.pfsense.org/issues/153132024-03-05T19:53:06ZAndrew Almond
<p>There seems to be a bug/change with Zabbix server and Zabbix proxy where both need to be running 6.4.12.<br />If the versions don't match, then the proxy is unable to receive configuration changes from the server and shows this message in the log:</p>
<pre>
cannot process received configuration data from server at "192.168.1.8": unexpected field "httptest.status"
</pre>
<p>There are 3 bug reports with Zabbix about this issue:<br /><a class="external" href="https://support.zabbix.com/browse/ZBX-24162">https://support.zabbix.com/browse/ZBX-24162</a><br /><a class="external" href="https://support.zabbix.com/browse/ZBX-24161">https://support.zabbix.com/browse/ZBX-24161</a><br /><a class="external" href="https://support.zabbix.com/browse/ZBX-23232">https://support.zabbix.com/browse/ZBX-23232</a></p>
<p>It looks like this issue was addressed in Zabbix 6.4.12:<br /><a class="external" href="https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/28b3672d114">https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/28b3672d114</a></p>
<p>We are running 23.05.1 and the package manager installs Zabbix 6.4.1 (revision 546e284fd7c).<br />Would it be possible to have the Zabbix proxy and agent packages updated to 6.4.12?</p>
<p>It looks like the packages were updated to 6.4.8 for pfSense 23.09, so even upgrading to that will not solve the issue.<br /><a class="external" href="https://redmine.pfsense.org/issues/14913">https://redmine.pfsense.org/issues/14913</a></p> pfSense Packages - Bug #15274 (Incomplete): HAProxy Configuration Changes Require pfSense Reboot ...https://redmine.pfsense.org/issues/152742024-02-20T21:51:14ZZachary Cohen
<p>As originally reported here (<a class="external" href="https://forum.netgate.com/topic/172972/haproxy-config-changes-not-loaded-pfsense-restart-needed">https://forum.netgate.com/topic/172972/haproxy-config-changes-not-loaded-pfsense-restart-needed</a>), changes made to the HAProxy configuration require a reboot to take effect.</p>
<p>I'm consistently able to reproduce this issue when adding new backends.</p>
<p>When browsing to the new backend, I receive a 503 - "no server is available to handle this request". After rebooting, it works as expected.</p>
<p>Other users have been able to validate that this issue was present starting with pfSense 2.6.0 and HAProxy version haproxy-devel 0.62.10.</p>
<p>While I was able to replicate that issue starting on that version, I'm currently replicating it in pfSense 2.7.2-RELEASE (amd64) and haproxy-devel 0.63_2.</p> pfSense Packages - Bug #15131 (Incomplete): OpenVPN client export issues with iPhone and IPV6 con...https://redmine.pfsense.org/issues/151312024-01-02T18:38:40ZJonathan Lee
<p>I have researched and found an issue within the OpenVPN's client export config file for iPhones (OpenVPN Connect (iOS/Android))</p>
<p>it exports with udp4 listed and this does not work with iPhones because of ipv6 in the config (.ovpn) file and must be changed to udp for iOS iPhones to work with OpenVPN and pfSense.</p>
<p>That is the only adaption needed to fix this issue.</p> pfSense - Bug #15015 (New): Static routes not workinghttps://redmine.pfsense.org/issues/150152023-11-20T17:53:07ZSilviu Bajenaru
<p>Hello,</p>
<p>This morning I updated to PFSense 2.7.1 from 2.7.0. Now, I just tried to add a dynamic gateway and a static route. Unfortunately, the static route is not being added to the routing table. I restored the VM backup from this morning, before I updated, added the same gateway and static route and it was added to the routing table, and everything works fine.<br />I've set the priority to Urgent since this is quite bad for a router...?</p>
More info about my setup: I've got three sites, let's call them A, B and C. There is an IPSec tunnel between A and B, and one between B and C. Both tunnels are set with Mode VTI. I've assigned the ipsec interfaces and set the gateways and routes:<br />Site A has a gateway set on the IPSec interface and a route for site C that uses that gateway.<br />Site B has two gateways (one for each IPSec tunnel) and the following routes:
<ul>
<li>route to site A via the IPSec interface - gateway - going to site A</li>
<li>route to site B via the IPSec interface - gateway - going to site B<br />Site C has a gateway set on the IPSec interface and a route for site A that uses that gateway.<br />Site A was updated this morning to PFSense 2.7.1, while Site C is running 2.7.0.<br />Site A DOES NOT have the static routes added to the routing table.<br />Site C does have the static routes added to the routing table.</li>
</ul>
<p>Once I reverted Site A to 2.7.0, I did the same config again and the routes were added to the routing table.</p>
<p>Thank you.</p> pfSense - Bug #14741 (New): PHP error in DNS Forwarder host overrides when the language is set to...https://redmine.pfsense.org/issues/147412023-09-02T10:26:29ZNicolas PISTER
<p>A PHP error occur when a user try to add or modify Host Override in DNS Forwarder module</p>
<pre>
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #1 RELENG_2_7_0-n255866-686c8d3c1f0: Wed Jun 28 04:21:19 UTC 2023 root@freebsd:/var/jenkins/workspace/pfSense-CE-snapshots-2_7_0-main/obj/amd64/LwYAddCr/var/jenkins/workspace/pfSense-CE-snapshots-2_7_0-main/sources/FreeBSD-src-REL
Crash report details:
PHP Errors:
[02-Sep-2023 11:55:24 Europe/Paris] PHP Fatal error: Uncaught ValueError: Unknown format specifier "p" in /usr/local/www/classes/Form/Input.class.php:127
Stack trace:
#0 /usr/local/www/classes/Form/Input.class.php(127): sprintf('Nom de domaine ...', '<br />')
#1 /usr/local/www/services_dnsmasq_edit.php(85): Form_Input->setHelp('Domain of the h...', '<br />')
#2 {main}
thrown in /usr/local/www/classes/Form/Input.class.php on line 127
[02-Sep-2023 11:58:37 Europe/Paris] PHP Fatal error: Uncaught ValueError: Unknown format specifier "p" in /usr/local/www/classes/Form/Input.class.php:127
Stack trace:
#0 /usr/local/www/classes/Form/Input.class.php(127): sprintf('Nom de domaine ...', '<br />')
#1 /usr/local/www/services_dnsmasq_edit.php(85): Form_Input->setHelp('Domain of the h...', '<br />')
#2 {main}
thrown in /usr/local/www/classes/Form/Input.class.php on line 127
[02-Sep-2023 11:58:46 Europe/Paris] PHP Fatal error: Uncaught ValueError: Unknown format specifier "p" in /usr/local/www/classes/Form/Input.class.php:127
Stack trace:
#0 /usr/local/www/classes/Form/Input.class.php(127): sprintf('Nom de domaine ...', '<br />')
#1 /usr/local/www/services_dnsmasq_edit.php(85): Form_Input->setHelp('Domain of the h...', '<br />')
#2 {main}
thrown in /usr/local/www/classes/Form/Input.class.php on line 127
</pre>
<p>I think it come from a french translation file because when i use original language, everithing works.</p> pfSense Packages - Bug #14510 (New): match rpki invalid What is actually executed is match rpki v...https://redmine.pfsense.org/issues/145102023-06-26T22:03:58Zyon Liuinfo@ipv6china.com
<p>when i setup match rpki invalid for deny, then actually executed is match rpki valid for deny.</p>
<p>please your check and fix it.</p> pfSense - Bug #14397 (New): DHCPv4 client (dhclient) does not use 802.1p Priority tagging on DHCP...https://redmine.pfsense.org/issues/143972023-05-19T14:52:52ZTue Madsen
<p>Some ISPs using VLANs for service, require DHCPv4/v6 Frames to be 802.1p priority tagged. <br />pfSense has the option to do this by either:<br />- Setting VLAN priority tagging in the Interface DHCP options (if you are not using Advanced configuration or a predefined configuration file)<br />- If using advanced configuration: By adding “vlan-pcp x” in the advanced modifier options.</p>
<p>BUG:<br />This priority setting in only used in DISCOVER and RELEASE frames sent by dhclient - NOT in RENEW or REBIND.</p>
<p>This is now causing major problems in France where Orange (Major ISP) has upgraded to also requiring the RENEW frames to be properly VLAN Priority tagged.<br />This causes the uplink to stop working when a renew is due. (About once a day)</p>
<p>I don’t know if the issue is the same in DHCPv6</p>
<p>The issue was patched in OPNsense about a month ago, and they decided to drop the advanced options overwrite of the VLAN priority setting in interface DHCP options. <br />Instead they let the user choose if VLAN priority should be used via the interface DHCP VLAN Priority setting already available. <br />If selected it would - apart from adding “vlan-pcp x” to the dhclient config - also set the priority tag in the builtin pffilter rule that passes Interface DHCP client traffic. This adds the tag to RENEW and REBIND frames.</p>
<p>The issue occurs because dhclient uses a bfg interface for DISCOVER and RELEASE - thus respecting the vlan-pcp settings. But for RENEW it uses a simple socket, and that causes it not to be tagged correctly. In pfSense you cannot create a floating match rule to manually tag the traffic that has higher priority than the builtin pass quick rule for the interface DHCP client.</p> pfSense Packages - Bug #13544 (New): SquidGuard either denying everything or proxying everythinghttps://redmine.pfsense.org/issues/135442022-10-05T01:40:03ZJimmy Michaelson
<p>Hey,</p>
<p>I truly doubt this is a configuration issue as I've tried all the possible combinations.</p>
<p>Relevant images and config:</p>
<p><a class="external" href="https://forum.netgate.com/topic/175057/10-btc-bounty-squid-proxy-whitelist-per-source-ip/6">https://forum.netgate.com/topic/175057/10-btc-bounty-squid-proxy-whitelist-per-source-ip/6</a></p>
<p>FYI: The bounty has been bumped to $20 and is also valid here.</p> pfSense Packages - Bug #13214 (Pull Request Review): AttributeError: 'NoneType' object has no att...https://redmine.pfsense.org/issues/132142022-05-25T02:51:39ZIan Grindley
<p>After installing Prometheus node_exporter error messages appeared containing the following:</p>
<p>Arpwatch Notification : Cron <root@pfsense> /usr/bin/nice -n20 /usr/local/share/pfSense-pkg-node_exporter/interface-collector.py -</p>
<p>X-Cron-Env: <SHELL=/bin/sh><br />X-Cron-Env: <PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin><br />X-Cron-Env: <HOME=/root><br />X-Cron-Env: <LOGNAME=root><br />X-Cron-Env: <USER=root></p>
<p>Traceback (most recent call last):<br /> File "/usr/local/share/pfSense-pkg-node_exporter/interface-collector.py", line 29, in <module><br /> descr = elem.find('descr').text<br />AttributeError: 'NoneType' object has no attribute 'text'</p> pfSense Packages - Bug #10760 (New): pfSense BIND 9.14.12 server terminates due to assertion failurehttps://redmine.pfsense.org/issues/107602020-07-11T16:02:33ZJeffrey Altman
<p>BIND is periodically terminating and not automatically restarted. The system log shows:</p>
<p>Jul 6 13:13:21 named 66921 client.c:1625: <abbr title="rcode != ((dns_rcode_t">INSIST</abbr>dns_rcode_noerror) && rcode != ((dns_rcode_t)dns_rcode_nxdomain)) failed, back trace<br />Jul 6 13:13:21 named 66921 #0 0x438e30 in ??<br />Jul 6 13:13:21 named 66921 #1 0x6133ea in ??<br />Jul 6 13:13:21 named 66921 <a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> 0x473f3a in ??<br />Jul 6 13:13:21 named 66921 <a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> 0x482926 in ??<br />Jul 6 13:13:21 named 66921 <a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> 0x47ff6a in ??<br />Jul 6 13:13:21 named 66921 <a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Don't sync on every filter reload (Resolved)" href="https://redmine.pfsense.org/issues/5">#5</a> 0x486b6b in ??<br />Jul 6 13:13:21 named 66921 <a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: Status -> Wireless display bugs (Resolved)" href="https://redmine.pfsense.org/issues/6">#6</a> 0x480ef0 in ??<br />Jul 6 13:13:21 named 66921 <a class="issue tracker-4 status-5 priority-4 priority-default closed" title="Todo: [ Fit123 ] Captive Portal (Closed)" href="https://redmine.pfsense.org/issues/7">#7</a> 0x47f5d0 in ??<br />Jul 6 13:13:21 named 66921 <a class="issue tracker-2 status-3 priority-5 priority-high4 closed" title="Feature: Clear states after failover (Resolved)" href="https://redmine.pfsense.org/issues/8">#8</a> 0x4833b3 in ??<br />Jul 6 13:13:21 named 66921 <a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: route-to forwards broadcast and multicast frames in some scenarios (Resolved)" href="https://redmine.pfsense.org/issues/9">#9</a> 0x476078 in ??<br />Jul 6 13:13:21 named 66921 <a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: Enable SSH console menu doesn't work on embedded (Resolved)" href="https://redmine.pfsense.org/issues/10">#10</a> 0x630002 in ??<br />Jul 6 13:13:21 named 66921 <a class="issue tracker-2 status-3 priority-4 priority-default closed" title="Feature: Allow multiple syslog servers (Resolved)" href="https://redmine.pfsense.org/issues/11">#11</a> 0x8020c40b6 in ??<br />Jul 6 13:13:21 named 66921 exiting (due to assertion failure)</p>
<p>The version information is:</p>
<p>Jul 11 16:51:24 named 69484 starting BIND 9.14.12 (Stable Release) <id:f3dc26e><br />Jul 11 16:51:24 named 69484 running on FreeBSD amd64 11.3-STABLE FreeBSD 11.3-STABLE <a class="issue tracker-2 status-3 priority-4 priority-default closed" title="Feature: Hostname support in aliases (Resolved)" href="https://redmine.pfsense.org/issues/239">#239</a> 885b1ed26b6(factory-RELENG_2_4_5): Tue Jun 2 17:53:42 EDT 2020 <a class="email" href="mailto:root@buildbot1-nyi.netgate.com">root@buildbot1-nyi.netgate.com</a>:/build/factory-crossbuild-245-amd64/obj/amd64/kkVaWThR/build/factory-crossbuild-245-amd64/sources/FreeBSD-src/sys/pfSense<br />Jul 11 16:51:24 named 69484 built with '--localstatedir=/var' '--disable-linux-caps' '--with-libxml2=/usr/local' '--with-readline=-L/usr/local/lib -ledit' '--with-dlopen=yes' '--with-openssl=/usr' '--sysconfdir=/usr/local/etc/namedb' '--with-dlz-filesystem=yes' '--disable-dnstap' '--disable-fixed-rrset' '--without-geoip2' '--without-gssapi' '--with-libidn2=/usr/local' '--with-libjson=/usr/local' '--disable-largefile' '--with-lmdb=/usr/local' '--disable-native-pkcs11' '--without-python' '--disable-querytrace' 'STD_CDEFINES=-DDIG_SIGCHASE=1' '--enable-tcp-fastopen' '--with-tuning=default' '--disable-symtable' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/share/info/' '--build=amd64-portbld-freebsd11.3' 'build_alias=amd64-portbld-freebsd11.3' 'CC=cc' 'CFLAGS=-O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing ' 'LDFLAGS= -fstack-protector-strong ' 'LIBS=-L/usr/local/lib' 'CPPFLAGS=-DLIBICONV_PLUG -isystem /usr/local/include' 'CPP=cpp' 'PKG_CONFIG=pkgconf'</p>
<p>What additional information would be useful to identify the source of the problem?</p> pfSense Packages - Bug #9724 (New): pfblockerng-firewall-filter-service-will-not-starthttps://redmine.pfsense.org/issues/97242019-09-04T04:56:45ZManuel Piovan
<p>pfblockerng service does not start - because clog is missing</p>
<p><a class="external" href="https://forum.netgate.com/topic/146191/pfblockerng-firewall-filter-service-will-not-start-latest-snapshot">https://forum.netgate.com/topic/146191/pfblockerng-firewall-filter-service-will-not-start-latest-snapshot</a></p> pfSense - Bug #9295 (New): IPv6 PD does not work with PPPOE (Server & Client)https://redmine.pfsense.org/issues/92952019-01-29T11:51:01ZDirk Steingäßer
<p>Hi,</p>
<p>as encountering DHCPv6 with Prefix delegation does not work together with PPPOE Server vice versa it is not possible to get a prefix with an interface where the IPv4 Uplink is PPPOE.</p> pfSense - Bug #9123 (Feedback): Adding/configuring vlan on ixl-devices causes aq_add_macvlan err ...https://redmine.pfsense.org/issues/91232018-11-15T10:50:14ZSebastian Deuerling
<p>The actual vlan addition/configuring process is triggering error "aq_add_macvlan err -53, aq_error 14" on ixl-devices.<br />Configuring vlans seems to work nevertheless, but saving interface configurations with vlans takes a lot of time.<br />In our setup (two igb-interfaces, two ix-interfaces, two ixl-interfaces; 25 vlans on failover-lagg of ixl0 and igb0) saving changes on interface configuration lasts around about 20 to 30 minutes. After that pfSense seems to freeze. After reboot all vlans are working.<br />But booting also takes a lof of time. Around 5 minutes in step "Configuring VLANS...".<br />Our hardware: SYS-5018D-FN4T (Supermicro Intel Xeon D-1541 system) and X710DA2BLK (Intel X710-DA2 Dual-SFP+-PCIe-Addon-cards).<br />Further information here: <a class="external" href="https://forum.netgate.com/topic/136201/new-version-2-4-4-interface-error-aq_add_macvlan-err-53-aq_error-14/14">https://forum.netgate.com/topic/136201/new-version-2-4-4-interface-error-aq_add_macvlan-err-53-aq_error-14/14</a></p> pfSense Packages - Bug #8438 (New): haproxy: can't use ACL for cert with http-response actionshttps://redmine.pfsense.org/issues/84382018-04-05T17:27:58ZPetr H
<p>pfSense 2.4.3, pfSense-pkg-haproxy 0.54_2, haproxy 1.7.10</p>
<p>1. Primary frontend used by other shared ones<br />2. SSL-enabled<br />3. Option "Add ACL for certificate Subject Alternative Names." enabled<br />4. Action "http-response header replace" used</p>
<p>Upon saving such configuration I'm getting:<br />"[WARNING] 094/235036 (95194) : parsing [/var/etc/haproxy/haproxy.cfg:46] : acl 'aclcrt_main-SSL' will never match because it only involves keywords that are incompatible with 'frontend http-response header rule'"</p>
<p>And the configuration doesn't work as expected.</p>
<p>- If I deselect the "Add ACL for certificate Subject Alternative Names." option the issue doesn't occur.<br />- Or If I move the rule to any of the shared ones where the ACL option doesn't have effect the issue doesn't occur.<br />- Or (just for test purposes) if I change the action from "http-response header replace" to "http-request header replace" the issue doesn't occur (however the configuration doesn't work properly of course).</p>
<p>I think that ACLs generated via the "Add ACL for certificate Subject Alternative Names." (or "Add ACL for certificate CommonName.") option shouldn't be applied to actions affecting HTTP (or TCP) responses.</p> pfSense - Bug #5355 (New): on Dynamic WAN IP (DHCP Client) it takes 10 minutes before Phase1 reco...https://redmine.pfsense.org/issues/53552015-10-29T03:37:18ZVitali Karivitali.kari@gmail.com
<p>2.2.4-RELEASE (i386)<br />built on Sat Jul 25 19:56:41 CDT 2015<br />FreeBSD 10.1-RELEASE-p15</p>
<p>It seems that charon do not care or is being not informed after WAN IP address changes</p>
<p>it try still use the old IP address and cannot bind this.</p>
<p>i see this messages after IP adress is changed: (the XXX.XXX.180.28 is an old IP address)<br />Logs are in reverse order!</p>
<p>...<br />Oct 26 09:43:49 charon: 09[IKE] <con1000|2> sending DPD request<br />Oct 26 09:43:49 charon: 09[IKE] <con1000|2> sending DPD request<br />Oct 26 09:43:48 charon: 05[NET] error writing to socket: Can't assign requested address<br />Oct 26 09:43:48 charon: 09[NET] <con1000|3> sending packet: from XXX.XXX.180.28<sup><a href="#fn500">500</a></sup> to XXX.XXX.183.110<sup><a href="#fn500">500</a></sup> (391 bytes)<br />Oct 26 09:43:48 charon: 09[IKE] <con1000|3> sending retransmit 4 of request message ID 0, seq 1<br />Oct 26 09:43:48 charon: 09[IKE] <con1000|3> sending retransmit 4 of request message ID 0, seq 1<br />Oct 26 09:43:39 charon: 09[IKE] <con1000|2> sending DPD request<br />Oct 26 09:43:39 charon: 09[IKE] <con1000|2> sending DPD request<br />Oct 26 09:43:29 charon: 09[IKE] <con1000|2> sending DPD request<br />Oct 26 09:43:29 charon: 09[IKE] <con1000|2> sending DPD request<br />Oct 26 09:43:24 charon: 05[NET] error writing to socket: Can't assign requested address<br />Oct 26 09:43:24 charon: 09[NET] <con1000|3> sending packet: from XXX.XXX.180.28<sup><a href="#fn500">500</a></sup> to XXX.XXX.183.110<sup><a href="#fn500">500</a></sup> (391 bytes)<br />Oct 26 09:43:24 charon: 09[IKE] <con1000|3> sending retransmit 3 of request message ID 0, seq 1<br />Oct 26 09:43:24 charon: 09[IKE] <con1000|3> sending retransmit 3 of request message ID 0, seq 1<br />Oct 26 09:43:19 charon: 09[IKE] <con1000|2> sending DPD request<br />Oct 26 09:43:19 charon: 09[IKE] <con1000|2> sending DPD request<br />...</p>
<p>after i while (10 - 15 minutes) IPsec realizes that the WAN address is changed and reconnects successfully:</p>
<p>...<br />Oct 26 09:53:32 charon: 12[IKE] <con1000|4> IKE_SA con1000<sup><a href="#fn4">4</a></sup> established between XXX.XXX.180.42[XXX]...XXX.XXX.183.110[XXX.XXX.183.110]<br />Oct 26 09:53:32 charon: 12[ENC] <con1000|4> received unknown vendor ID: 69:93:69:22:87:41:c6:d4:ca:09:4c:93:e2:42:c9:de:19:e7:b7:c6:00:00:00:05:00:00:05:00<br />Oct 26 09:53:32 charon: 12[IKE] <con1000|4> received NAT-T (RFC 3947) vendor ID<br />Oct 26 09:53:32 charon: 12[IKE] <con1000|4> received NAT-T (RFC 3947) vendor ID<br />Oct 26 09:53:32 charon: 12[IKE] <con1000|4> received DPD vendor ID<br />Oct 26 09:53:32 charon: 12[IKE] <con1000|4> received DPD vendor ID<br />Oct 26 09:53:32 charon: 12[ENC] <con1000|4> parsed AGGRESSIVE response 0 [ SA KE No ID HASH V V V NAT-D NAT-D ]<br />Oct 26 09:53:32 charon: 12[NET] <con1000|4> received packet: from XXX.XXX.183.110<sup><a href="#fn500">500</a></sup> to XXX.XXX.180.42<sup><a href="#fn500">500</a></sup> (388 bytes)<br />Oct 26 09:53:32 charon: 12[NET] <con1000|4> sending packet: from XXX.XXX.180.42<sup><a href="#fn500">500</a></sup> to XXX.XXX.183.110<sup><a href="#fn500">500</a></sup> (391 bytes)<br />Oct 26 09:53:32 charon: 12[ENC] <con1000|4> generating AGGRESSIVE request 0 [ SA KE No ID V V V V V V ]<br />Oct 26 09:53:32 charon: 12[IKE] <con1000|4> initiating Aggressive Mode IKE_SA con1000<sup><a href="#fn4">4</a></sup> to XXX.XXX.183.110<br />Oct 26 09:53:32 charon: 12[IKE] <con1000|4> initiating Aggressive Mode IKE_SA con1000<sup><a href="#fn4">4</a></sup> to XXX.XXX.183.110<br />Oct 26 09:53:32 charon: 16[KNL] creating acquire job for policy XXX.XXX.180.42/32|/0 === XXX.XXX.183.110/32|/0 with reqid {2}<br />Oct 26 09:51:15 charon: 16[IKE] <con1000|3> establishing IKE_SA failed, peer not responding<br />Oct 26 09:51:15 charon: 16[IKE] <con1000|3> establishing IKE_SA failed, peer not responding<br />Oct 26 09:51:15 charon: 16[IKE] <con1000|3> giving up after 5 retransmits<br />Oct 26 09:51:15 charon: 16[IKE] <con1000|3> giving up after 5 retransmits<br />Oct 26 09:50:00 charon: 05[NET] error writing to socket: Can't assign requested address<br />...</p>
<p>If more debug information is needed, I can provide this.</p>