VPN IPSEC Not working in DMVPN

syed · October 10, 2016, 5:52am

Hi Experts,

+Vpn ipsec behind Nat working .
+NHRP is working fine but not vpn ipsec.
Attaching configuration and logs for reference.

Topology(Both device behind in static Nat)

Hub(AWS)—————(AWS)SPoke

Version:

vyos@VyOS-AMI-SYED:~$ show version
Version: VyOS 1.1.0
Description: VyOS 1.1.0 (helium)
Copyright: 2014 VyOS maintainers and contributors
Built by: maintainers@vyos.net
Built on: Thu Oct 9 22:27:26 UTC 2014
Build ID: 1410092227-af6433f
System type: x86 64-bit
Boot via: image
Hypervisor: Xen hvm
HW model: HVM domU
HW S/N: ec26f7f9-3bc2-eba6-06f0-0f0ecc193afd
HW UUID: EC26F7F9-3BC2-EBA6-06F0-0F0ECC193AFD
Uptime: 05:46:45 up 2 days, 9:59, 1 user, load average: 0.00, 0.01, 0.05

HUB:

vyos@VyOS-AMI-SYED:~$ show configuration commands | grep tunnel
set interfaces tunnel tun0 address ‘172.16.200.1/24’
set interfaces tunnel tun0 encapsulation ‘gre’
set interfaces tunnel tun0 local-ip ‘172.31.30.23’
set interfaces tunnel tun0 multicast ‘enable’
set protocols nhrp tunnel tun0 multicast ‘dynamic’
set protocols nhrp tunnel tun0 ‘redirect’
set vpn ipsec esp-group ESP-1H mode ‘tunnel’
set vpn ipsec profile DMVPN bind tunnel ‘tun0’
vyos@VyOS-AMI-SYED:~$
vyos@VyOS-AMI-SYED:~$
vyos@VyOS-AMI-SYED:~$ show configuration commands | grep vpn
set vpn ipsec esp-group ESP-1H compression ‘disable’
set vpn ipsec esp-group ESP-1H lifetime ’30’
set vpn ipsec esp-group ESP-1H mode ‘tunnel’
set vpn ipsec esp-group ESP-1H pfs ‘dh-group5’
set vpn ipsec esp-group ESP-1H proposal 1 encryption ‘aes256’
set vpn ipsec esp-group ESP-1H proposal 1 hash ‘sha1’
set vpn ipsec esp-group ESP-1H proposal 2 encryption ‘3des’
set vpn ipsec esp-group ESP-1H proposal 2 hash ‘md5’
set vpn ipsec ike-group IKE-1H key-exchange ‘ikev1′
set vpn ipsec ike-group IKE-1H lifetime ’30’
set vpn ipsec ike-group IKE-1H proposal 1 encryption ‘aes256’
set vpn ipsec ike-group IKE-1H proposal 1 hash ‘sha1’
set vpn ipsec ike-group IKE-1H proposal 2 encryption ‘aes256’
set vpn ipsec ike-group IKE-1H proposal 2 hash ‘md5’
set vpn ipsec ipsec-interfaces interface ‘eth0’
set vpn ipsec nat-traversal ‘enable’
set vpn ipsec profile DMVPN authentication mode ‘pre-shared-secret’
set vpn ipsec profile DMVPN authentication pre-shared-secret ‘NET123’
set vpn ipsec profile DMVPN bind tunnel ‘tun0’
set vpn ipsec profile DMVPN esp-group ‘ESP-1H’
set vpn ipsec profile DMVPN ike-group ‘IKE-1H’
vyos@VyOS-AMI-SYED:~$
vyos@VyOS-AMI-SYED:~$
vyos@VyOS-AMI-SYED:~$ show configuration commands | grep bgp
set protocols bgp 64615 neighbor 172.16.200.2 ‘nexthop-self’
set protocols bgp 64615 neighbor 172.16.200.2 password ‘BGPpassword’
set protocols bgp 64615 neighbor 172.16.200.2 remote-as ‘64757’
set protocols bgp 64615 neighbor 172.16.200.2 update-source ‘172.16.200.1’
vyos@VyOS-AMI-SYED:~$
vyos@VyOS-AMI-SYED:~$
vyos@VyOS-AMI-SYED:~$ show cry
Invalid command: show [cry]
vyos@VyOS-AMI-SYED:~$ show vpn ipsec sa
Peer ID / IP Local ID / IP
———— ————-
0.0.0.0 172.31.30.23
Tunnel State Bytes Out/In Encrypt Hash NAT-T A-Time L-Time Proto
—— —– ————- ——- —- —– —— —— —–
tun0 down n/a n/a n/a no 0 30 gre
vyos@VyOS-AMI-SYED:~$ show ip bgp summary
BGP router identifier 172.31.30.23, local AS number 64615
IPv4 Unicast – max multipaths: ebgp 1 ibgp 1
RIB entries 0, using 0 bytes of memory
Peers 1, using 4560 bytes of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.16.200.2 4 64757 1704 1705 0 0 0 1d04h22m 0
Total number of neighbors 1
vyos@VyOS-AMI-SYED:~$
vyos@VyOS-AMI-SYED:~$ show nhrp tunnel
Status: ok
Interface: tun0
Type: local
Protocol-Address: 172.16.200.255/32
Alias-Address: 172.16.200.1
Flags: up
Interface: tun0
Type: local
Protocol-Address: 172.16.200.1/32
Flags: up
Interface: tun0
Type: dynamic
Protocol-Address: 172.16.200.2/32
NBMA-Address: 54.172.31.11
NBMA-NAT-OA-Address: 172.31.61.122
Flags: up
Expires-In: 107:18
vyos@VyOS-AMI-SYED:~$ show log vpn all
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: Starting IKEv1 pluto daemon (strongSwan 4.5.2) THREADS SMARTCARD VENDORID CISCO_QUIRKS
Oct 8 22:51:44 VyOS-AMI-SYED ipsec_starter[8780]: pluto (8782) started after 20 ms
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: including NAT-Traversal patch (Version 0.6c) [disabled]
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: failed to load pkcs11 module ‘/usr/lib/opensc-pkcs11.so’
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: listening for IKE messages
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: adding interface tun0/tun0 172.16.200.1:500
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: adding interface eth0/eth0 172.31.30.23:500
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: adding interface lo/lo 127.0.0.1:500
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: adding interface lo/lo ::1:500
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: loading secrets from “/etc/ipsec.secrets”
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: loading secrets from “/etc/dmvpn.secrets”
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: loaded PSK secret for 172.31.30.23 %any
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: forgetting secrets
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: loading secrets from “/etc/ipsec.secrets”
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: loading secrets from “/etc/dmvpn.secrets”
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: loaded PSK secret for 172.31.30.23 %any
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: forgetting secrets
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: loading secrets from “/etc/ipsec.secrets”
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: loading secrets from “/etc/dmvpn.secrets”
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: loaded PSK secret for 172.31.30.23 %any
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 8 22:51:44 VyOS-AMI-SYED pluto[8782]: added connection description “vpnprof-tunnel-tun0”
Oct 8 23:01:34 VyOS-AMI-SYED pluto[8782]: packet from 54.172.31.11:500: received Vendor ID payload [strongSwan]
Oct 8 23:01:34 VyOS-AMI-SYED pluto[8782]: packet from 54.172.31.11:500: ignoring Vendor ID payload [Cisco-Unity]
Oct 8 23:01:34 VyOS-AMI-SYED pluto[8782]: packet from 54.172.31.11:500: received Vendor ID payload [XAUTH]
Oct 8 23:01:34 VyOS-AMI-SYED pluto[8782]: packet from 54.172.31.11:500: received Vendor ID payload [Dead Peer Detection]
Oct 8 23:01:34 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[1] 54.172.31.11 #1: responding to Main Mode from unknown peer 54.172.31.11
Oct 8 23:01:34 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[1] 54.172.31.11 #1: Peer ID is ID_IPV4_ADDR: ‘172.31.61.122’
Oct 8 23:01:34 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #1: deleting connection “vpnprof-tunnel-tun0” instance with peer 54.172.31.11 {isakmp=#0/ipsec=#0}
Oct 8 23:01:34 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #1: sent MR3, ISAKMP SA established
Oct 8 23:01:34 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #1: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 8 23:01:44 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #1: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Oct 8 23:01:44 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #1: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 8 23:02:04 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #1: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Oct 8 23:02:04 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #1: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 8 23:02:44 VyOS-AMI-SYED pluto[8782]: packet from 54.172.31.11:500: received Vendor ID payload [strongSwan]
Oct 8 23:02:44 VyOS-AMI-SYED pluto[8782]: packet from 54.172.31.11:500: ignoring Vendor ID payload [Cisco-Unity]
Oct 8 23:02:44 VyOS-AMI-SYED pluto[8782]: packet from 54.172.31.11:500: received Vendor ID payload [XAUTH]
Oct 8 23:02:44 VyOS-AMI-SYED pluto[8782]: packet from 54.172.31.11:500: received Vendor ID payload [Dead Peer Detection]
Oct 8 23:02:44 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #2: responding to Main Mode from unknown peer 54.172.31.11
Oct 8 23:02:44 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #2: Peer ID is ID_IPV4_ADDR: ‘172.31.61.122’
Oct 8 23:02:44 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #2: sent MR3, ISAKMP SA established
Oct 8 23:02:44 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #2: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 8 23:02:54 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #2: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Oct 8 23:02:54 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #2: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 8 23:03:14 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #2: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Oct 8 23:03:15 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #2: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 8 23:03:54 VyOS-AMI-SYED pluto[8782]: packet from 54.172.31.11:500: received Vendor ID payload [strongSwan]
Oct 8 23:03:54 VyOS-AMI-SYED pluto[8782]: packet from 54.172.31.11:500: ignoring Vendor ID payload [Cisco-Unity]
Oct 8 23:03:54 VyOS-AMI-SYED pluto[8782]: packet from 54.172.31.11:500: received Vendor ID payload [XAUTH]
Oct 8 23:03:54 VyOS-AMI-SYED pluto[8782]: packet from 54.172.31.11:500: received Vendor ID payload [Dead Peer Detection]
Oct 8 23:03:54 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #3: responding to Main Mode from unknown peer 54.172.31.11
Oct 8 23:03:54 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #3: Peer ID is ID_IPV4_ADDR: ‘172.31.61.122’
Oct 8 23:03:54 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #3: sent MR3, ISAKMP SA established
Oct 8 23:03:54 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #3: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 8 23:04:04 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #3: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Oct 8 23:04:04 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #3: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 8 23:04:24 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #3: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Oct 8 23:04:24 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #3: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: forgetting secrets
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: loading secrets from “/etc/ipsec.secrets”
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: loading secrets from “/etc/dmvpn.secrets”
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: loaded PSK secret for 172.31.30.23 %any
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: forgetting secrets
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: loading secrets from “/etc/ipsec.secrets”
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: loading secrets from “/etc/dmvpn.secrets”
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: loaded PSK secret for 172.31.30.23 %any
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: forgetting secrets
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: loading secrets from “/etc/ipsec.secrets”
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: loading secrets from “/etc/dmvpn.secrets”
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: loaded PSK secret for 172.31.30.23 %any
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: shutting down
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: forgetting secrets
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0″[2] 54.172.31.11: deleting connection “vpnprof-tunnel-tun0” instance with peer 54.172.31.11 {isakmp=#3/ipsec=#0}
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0” #3: deleting state (STATE_MAIN_R3)
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0” #1: deleting state (STATE_MAIN_R3)
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0” #2: deleting state (STATE_MAIN_R3)
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: “vpnprof-tunnel-tun0”: deleting connection
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: shutting down interface lo/lo ::1
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: shutting down interface lo/lo 127.0.0.1
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: shutting down interface eth0/eth0 172.31.30.23
Oct 8 23:26:13 VyOS-AMI-SYED pluto[8782]: shutting down interface tun0/tun0 172.16.200.1
Oct 8 23:26:13 VyOS-AMI-SYED ipsec_starter[8780]: pluto stopped after 20 ms
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: Starting IKEv1 pluto daemon (strongSwan 4.5.2) THREADS SMARTCARD VENDORID CISCO_QUIRKS
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: including NAT-Traversal patch (Version 0.6c)
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: failed to load pkcs11 module ‘/usr/lib/opensc-pkcs11.so’
Oct 8 23:26:13 VyOS-AMI-SYED ipsec_starter[8780]: pluto (10699) started after 20 ms
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: listening for IKE messages
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: adding interface tun0/tun0 172.16.200.1:500
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: adding interface tun0/tun0 172.16.200.1:4500
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: adding interface eth0/eth0 172.31.30.23:500
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: adding interface eth0/eth0 172.31.30.23:4500
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: adding interface lo/lo 127.0.0.1:500
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: adding interface lo/lo 127.0.0.1:4500
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: adding interface lo/lo ::1:500
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: loading secrets from “/etc/ipsec.secrets”
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: loading secrets from “/etc/dmvpn.secrets”
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: loaded PSK secret for 172.31.30.23 %any
Oct 8 23:26:13 VyOS-AMI-SYED pluto[10699]: added connection description “vpnprof-tunnel-tun0”
Oct 8 23:26:26 VyOS-AMI-SYED pluto[10699]: shutting down
Oct 8 23:26:26 VyOS-AMI-SYED pluto[10699]: forgetting secrets
Oct 8 23:26:26 VyOS-AMI-SYED pluto[10699]: “vpnprof-tunnel-tun0”: deleting connection
Oct 8 23:26:26 VyOS-AMI-SYED pluto[10699]: shutting down interface lo/lo ::1
Oct 8 23:26:26 VyOS-AMI-SYED pluto[10699]: shutting down interface lo/lo 127.0.0.1
Oct 8 23:26:26 VyOS-AMI-SYED pluto[10699]: shutting down interface lo/lo 127.0.0.1
Oct 8 23:26:26 VyOS-AMI-SYED pluto[10699]: shutting down interface eth0/eth0 172.31.30.23
Oct 8 23:26:26 VyOS-AMI-SYED pluto[10699]: shutting down interface eth0/eth0 172.31.30.23
Oct 8 23:26:26 VyOS-AMI-SYED pluto[10699]: shutting down interface tun0/tun0 172.16.200.1
Oct 8 23:26:26 VyOS-AMI-SYED pluto[10699]: shutting down interface tun0/tun0 172.16.200.1
Oct 8 23:26:26 VyOS-AMI-SYED ipsec_starter[8780]: pluto stopped after 20 ms
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: Starting IKEv1 pluto daemon (strongSwan 4.5.2) THREADS SMARTCARD VENDORID CISCO_QUIRKS
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: including NAT-Traversal patch (Version 0.6c)
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: failed to load pkcs11 module ‘/usr/lib/opensc-pkcs11.so’
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 8 23:26:30 VyOS-AMI-SYED ipsec_starter[10889]: pluto (10890) started after 20 ms
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: listening for IKE messages
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: adding interface tun0/tun0 172.16.200.1:500
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: adding interface tun0/tun0 172.16.200.1:4500
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: adding interface eth0/eth0 172.31.30.23:500
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: adding interface eth0/eth0 172.31.30.23:4500
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: adding interface lo/lo 127.0.0.1:500
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: adding interface lo/lo 127.0.0.1:4500
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: adding interface lo/lo ::1:500
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: loading secrets from “/etc/ipsec.secrets”
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: loading secrets from “/etc/dmvpn.secrets”
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: loaded PSK secret for 172.31.30.23 %any
Oct 8 23:26:30 VyOS-AMI-SYED pluto[10890]: added connection description “vpnprof-tunnel-tun0”
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: forgetting secrets
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: loading secrets from “/etc/ipsec.secrets”
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: loading secrets from “/etc/dmvpn.secrets”
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: loaded PSK secret for 172.31.30.23 %any
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: forgetting secrets
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: loading secrets from “/etc/ipsec.secrets”
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: loading secrets from “/etc/dmvpn.secrets”
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: loaded PSK secret for 172.31.30.23 %any
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: “vpnprof-tunnel-tun0”: deleting connection
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: added connection description “vpnprof-tunnel-tun0”
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: forgetting secrets
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: loading secrets from “/etc/ipsec.secrets”
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: loading secrets from “/etc/dmvpn.secrets”
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: loaded PSK secret for 172.31.30.23 %any
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: forgetting secrets
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: loading secrets from “/etc/ipsec.secrets”
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: loading secrets from “/etc/dmvpn.secrets”
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: loaded PSK secret for 172.31.30.23 %any
Oct 8 23:28:19 VyOS-AMI-SYED pluto[10890]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 8 23:28:25 VyOS-AMI-SYED pluto[10890]: shutting down
Oct 8 23:28:25 VyOS-AMI-SYED pluto[10890]: forgetting secrets
Oct 8 23:28:25 VyOS-AMI-SYED pluto[10890]: “vpnprof-tunnel-tun0”: deleting connection
Oct 8 23:28:25 VyOS-AMI-SYED pluto[10890]: shutting down interface lo/lo ::1
Oct 8 23:28:25 VyOS-AMI-SYED pluto[10890]: shutting down interface lo/lo 127.0.0.1
Oct 8 23:28:25 VyOS-AMI-SYED pluto[10890]: shutting down interface lo/lo 127.0.0.1
Oct 8 23:28:25 VyOS-AMI-SYED pluto[10890]: shutting down interface eth0/eth0 172.31.30.23
Oct 8 23:28:25 VyOS-AMI-SYED pluto[10890]: shutting down interface eth0/eth0 172.31.30.23
Oct 8 23:28:25 VyOS-AMI-SYED pluto[10890]: shutting down interface tun0/tun0 172.16.200.1
Oct 8 23:28:25 VyOS-AMI-SYED pluto[10890]: shutting down interface tun0/tun0 172.16.200.1
Oct 8 23:28:25 VyOS-AMI-SYED ipsec_starter[10889]: pluto stopped after 20 ms
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: Starting IKEv1 pluto daemon (strongSwan 4.5.2) THREADS SMARTCARD VENDORID CISCO_QUIRKS
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: including NAT-Traversal patch (Version 0.6c)
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: failed to load pkcs11 module ‘/usr/lib/opensc-pkcs11.so’
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 8 23:28:28 VyOS-AMI-SYED ipsec_starter[11253]: pluto (11254) started after 20 ms
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: listening for IKE messages
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: adding interface tun0/tun0 172.16.200.1:500
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: adding interface tun0/tun0 172.16.200.1:4500
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: adding interface eth0/eth0 172.31.30.23:500
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: adding interface eth0/eth0 172.31.30.23:4500
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: adding interface lo/lo 127.0.0.1:500
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: adding interface lo/lo 127.0.0.1:4500
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: adding interface lo/lo ::1:500
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: loading secrets from “/etc/ipsec.secrets”
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: loading secrets from “/etc/dmvpn.secrets”
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: loaded PSK secret for 172.31.30.23 %any
Oct 8 23:28:28 VyOS-AMI-SYED pluto[11254]: added connection description “vpnprof-tunnel-tun0”
Oct 9 01:36:09 VyOS-AMI-SYED pluto[11254]: “vpnprof-tunnel-tun0″[1] 216.218.206.110:37132 #1: responding to Main Mode from unknown peer 216.218.206.110:37132
Oct 9 01:36:09 VyOS-AMI-SYED pluto[11254]: “vpnprof-tunnel-tun0″[1] 216.218.206.110:37132 #1: CAST_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
Oct 9 01:36:09 VyOS-AMI-SYED pluto[11254]: “vpnprof-tunnel-tun0″[1] 216.218.206.110:37132 #1: no acceptable Oakley Transform
Oct 9 01:36:09 VyOS-AMI-SYED pluto[11254]: “vpnprof-tunnel-tun0″[1] 216.218.206.110:37132 #1: sending notification NO_PROPOSAL_CHOSEN to 216.218.206.110:37132
Oct 9 01:36:09 VyOS-AMI-SYED pluto[11254]: “vpnprof-tunnel-tun0″[1] 216.218.206.110:37132: deleting connection “vpnprof-tunnel-tun0” instance with peer 216.218.206.110 {isakmp=#0/ipsec=#0}
Oct 10 00:25:44 VyOS-AMI-SYED pluto[11254]: “vpnprof-tunnel-tun0″[2] 216.218.206.70:59385 #2: responding to Main Mode from unknown peer 216.218.206.70:59385
Oct 10 00:25:44 VyOS-AMI-SYED pluto[11254]: “vpnprof-tunnel-tun0″[2] 216.218.206.70:59385 #2: CAST_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
Oct 10 00:25:44 VyOS-AMI-SYED pluto[11254]: “vpnprof-tunnel-tun0″[2] 216.218.206.70:59385 #2: no acceptable Oakley Transform
Oct 10 00:25:44 VyOS-AMI-SYED pluto[11254]: “vpnprof-tunnel-tun0″[2] 216.218.206.70:59385 #2: sending notification NO_PROPOSAL_CHOSEN to 216.218.206.70:59385
Oct 10 00:25:44 VyOS-AMI-SYED pluto[11254]: “vpnprof-tunnel-tun0″[2] 216.218.206.70:59385: deleting connection “vpnprof-tunnel-tun0” instance with peer 216.218.206.70 {isakmp=#0/ipsec=#0}
Oct 10 02:30:06 VyOS-AMI-SYED pluto[11254]: shutting down
Oct 10 02:30:06 VyOS-AMI-SYED pluto[11254]: forgetting secrets
Oct 10 02:30:06 VyOS-AMI-SYED pluto[11254]: “vpnprof-tunnel-tun0”: deleting connection
Oct 10 02:30:06 VyOS-AMI-SYED pluto[11254]: shutting down interface lo/lo ::1
Oct 10 02:30:06 VyOS-AMI-SYED pluto[11254]: shutting down interface lo/lo 127.0.0.1
Oct 10 02:30:06 VyOS-AMI-SYED pluto[11254]: shutting down interface lo/lo 127.0.0.1
Oct 10 02:30:06 VyOS-AMI-SYED pluto[11254]: shutting down interface eth0/eth0 172.31.30.23
Oct 10 02:30:06 VyOS-AMI-SYED pluto[11254]: shutting down interface eth0/eth0 172.31.30.23
Oct 10 02:30:06 VyOS-AMI-SYED pluto[11254]: shutting down interface tun0/tun0 172.16.200.1
Oct 10 02:30:06 VyOS-AMI-SYED pluto[11254]: shutting down interface tun0/tun0 172.16.200.1
Oct 10 02:30:06 VyOS-AMI-SYED ipsec_starter[11253]: pluto stopped after 20 ms
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: Starting IKEv1 pluto daemon (strongSwan 4.5.2) THREADS SMARTCARD VENDORID CISCO_QUIRKS
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: including NAT-Traversal patch (Version 0.6c)
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: failed to load pkcs11 module ‘/usr/lib/opensc-pkcs11.so’
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 10 02:30:09 VyOS-AMI-SYED ipsec_starter[17217]: pluto (17218) started after 20 ms
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: listening for IKE messages
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: adding interface tun0/tun0 172.16.200.1:500
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: adding interface tun0/tun0 172.16.200.1:4500
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: adding interface eth0/eth0 172.31.30.23:500
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: adding interface eth0/eth0 172.31.30.23:4500
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: adding interface lo/lo 127.0.0.1:500
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: adding interface lo/lo 127.0.0.1:4500
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: adding interface lo/lo ::1:500
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: loading secrets from “/etc/ipsec.secrets”
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: loading secrets from “/etc/dmvpn.secrets”
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: loaded PSK secret for 172.31.30.23 %any
Oct 10 02:30:09 VyOS-AMI-SYED pluto[17218]: added connection description “vpnprof-tunnel-tun0”
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:500: received Vendor ID payload [strongSwan]
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:500: ignoring Vendor ID payload [Cisco-Unity]
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:500: received Vendor ID payload [XAUTH]
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:500: received Vendor ID payload [Dead Peer Detection]
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:500: received Vendor ID payload [RFC 3947]
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[1] 54.172.31.11 #1: responding to Main Mode from unknown peer 54.172.31.11
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[1] 54.172.31.11 #1: NAT-Traversal: Result using RFC 3947: both are NATed
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[1] 54.172.31.11 #1: Peer ID is ID_IPV4_ADDR: ‘172.31.61.122’
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11 #1: deleting connection “vpnprof-tunnel-tun0” instance with peer 54.172.31.11 {isakmp=#0/ipsec=#0}
Oct 10 02:31:48 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #1: sent MR3, ISAKMP SA established
Oct 10 02:31:49 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #1: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 10 02:31:59 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #1: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Oct 10 02:31:59 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #1: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 10 02:32:18 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #1: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Oct 10 02:32:18 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #1: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: received Vendor ID payload [strongSwan]
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: ignoring Vendor ID payload [Cisco-Unity]
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: received Vendor ID payload [XAUTH]
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: received Vendor ID payload [Dead Peer Detection]
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: received Vendor ID payload [RFC 3947]
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #2: responding to Main Mode from unknown peer 54.172.31.11:4500
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #2: NAT-Traversal: Result using RFC 3947: both are NATed
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #2: Peer ID is ID_IPV4_ADDR: ‘172.31.61.122’
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #2: sent MR3, ISAKMP SA established
Oct 10 02:32:58 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #2: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 10 02:33:08 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #2: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Oct 10 02:33:08 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #2: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 10 02:33:28 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #2: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Oct 10 02:33:28 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #2: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 10 02:34:08 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: received Vendor ID payload [strongSwan]
Oct 10 02:34:08 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: ignoring Vendor ID payload [Cisco-Unity]
Oct 10 02:34:08 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: received Vendor ID payload [XAUTH]
Oct 10 02:34:08 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: received Vendor ID payload [Dead Peer Detection]
Oct 10 02:34:08 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: received Vendor ID payload [RFC 3947]
Oct 10 02:34:08 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
Oct 10 02:34:08 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
Oct 10 02:34:08 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Oct 10 02:34:08 VyOS-AMI-SYED pluto[17218]: packet from 54.172.31.11:4500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Oct 10 02:34:08 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #3: responding to Main Mode from unknown peer 54.172.31.11:4500
Oct 10 02:34:08 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #3: NAT-Traversal: Result using RFC 3947: both are NATed
Oct 10 02:34:08 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #3: Peer ID is ID_IPV4_ADDR: ‘172.31.61.122’
Oct 10 02:34:08 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #3: sent MR3, ISAKMP SA established
Oct 10 02:34:09 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #3: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 10 02:34:19 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #3: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Oct 10 02:34:19 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #3: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 10 02:34:38 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #3: retransmitting in response to duplicate packet; already STATE_MAIN_R3
Oct 10 02:34:38 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500 #3: ignoring informational payload, type INVALID_ID_INFORMATION
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: shutting down
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: forgetting secrets
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0″[2] 54.172.31.11:4500: deleting connection “vpnprof-tunnel-tun0” instance with peer 54.172.31.11 {isakmp=#3/ipsec=#0}
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0” #1: deleting state (STATE_MAIN_R3)
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0” #2: deleting state (STATE_MAIN_R3)
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0” #3: deleting state (STATE_MAIN_R3)
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: “vpnprof-tunnel-tun0”: deleting connection
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: shutting down interface lo/lo ::1
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: shutting down interface lo/lo 127.0.0.1
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: shutting down interface lo/lo 127.0.0.1
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: shutting down interface eth0/eth0 172.31.30.23
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: shutting down interface eth0/eth0 172.31.30.23
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: shutting down interface tun0/tun0 172.16.200.1
Oct 10 03:02:03 VyOS-AMI-SYED pluto[17218]: shutting down interface tun0/tun0 172.16.200.1
Oct 10 03:02:03 VyOS-AMI-SYED ipsec_starter[17217]: pluto stopped after 20 ms
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: Starting IKEv1 pluto daemon (strongSwan 4.5.2) THREADS SMARTCARD VENDORID CISCO_QUIRKS
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: including NAT-Traversal patch (Version 0.6c)
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: failed to load pkcs11 module ‘/usr/lib/opensc-pkcs11.so’
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 10 03:02:06 VyOS-AMI-SYED ipsec_starter[17994]: pluto (17995) started after 20 ms
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: listening for IKE messages
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: adding interface tun0/tun0 172.16.200.1:500
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: adding interface tun0/tun0 172.16.200.1:4500
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: adding interface eth0/eth0 172.31.30.23:500
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: adding interface eth0/eth0 172.31.30.23:4500
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: adding interface lo/lo 127.0.0.1:500
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: adding interface lo/lo 127.0.0.1:4500
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: adding interface lo/lo ::1:500
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: loading secrets from “/etc/ipsec.secrets”
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: loading secrets from “/etc/dmvpn.secrets”
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: loaded PSK secret for 172.31.30.23 %any
Oct 10 03:02:06 VyOS-AMI-SYED pluto[17995]: added connection description “vpnprof-tunnel-tun0”
Oct 10 03:04:25 VyOS-AMI-SYED pluto[17995]: shutting down
Oct 10 03:04:25 VyOS-AMI-SYED pluto[17995]: forgetting secrets
Oct 10 03:04:25 VyOS-AMI-SYED pluto[17995]: “vpnprof-tunnel-tun0”: deleting connection
Oct 10 03:04:25 VyOS-AMI-SYED pluto[17995]: shutting down interface lo/lo ::1
Oct 10 03:04:25 VyOS-AMI-SYED pluto[17995]: shutting down interface lo/lo 127.0.0.1
Oct 10 03:04:25 VyOS-AMI-SYED pluto[17995]: shutting down interface lo/lo 127.0.0.1
Oct 10 03:04:25 VyOS-AMI-SYED pluto[17995]: shutting down interface eth0/eth0 172.31.30.23
Oct 10 03:04:25 VyOS-AMI-SYED pluto[17995]: shutting down interface eth0/eth0 172.31.30.23
Oct 10 03:04:25 VyOS-AMI-SYED pluto[17995]: shutting down interface tun0/tun0 172.16.200.1
Oct 10 03:04:25 VyOS-AMI-SYED pluto[17995]: shutting down interface tun0/tun0 172.16.200.1
Oct 10 03:04:25 VyOS-AMI-SYED ipsec_starter[17994]: pluto stopped after 20 ms
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: Starting IKEv1 pluto daemon (strongSwan 4.5.2) THREADS SMARTCARD VENDORID CISCO_QUIRKS
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: including NAT-Traversal patch (Version 0.6c)
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: failed to load pkcs11 module ‘/usr/lib/opensc-pkcs11.so’
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 10 03:04:29 VyOS-AMI-SYED ipsec_starter[18145]: pluto (18146) started after 20 ms
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: listening for IKE messages
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: adding interface tun0/tun0 172.16.200.1:500
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: adding interface tun0/tun0 172.16.200.1:4500
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: adding interface eth0/eth0 172.31.30.23:500
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: adding interface eth0/eth0 172.31.30.23:4500
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: adding interface lo/lo 127.0.0.1:500
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: adding interface lo/lo 127.0.0.1:4500
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: adding interface lo/lo ::1:500
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: loading secrets from “/etc/ipsec.secrets”
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: loading secrets from “/etc/dmvpn.secrets”
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: loaded PSK secret for 172.31.30.23 %any
Oct 10 03:04:29 VyOS-AMI-SYED pluto[18146]: added connection description “vpnprof-tunnel-tun0”
Oct 10 03:04:51 VyOS-AMI-SYED pluto[18146]: shutting down
Oct 10 03:04:51 VyOS-AMI-SYED pluto[18146]: forgetting secrets
Oct 10 03:04:51 VyOS-AMI-SYED pluto[18146]: “vpnprof-tunnel-tun0”: deleting connection
Oct 10 03:04:51 VyOS-AMI-SYED pluto[18146]: shutting down interface lo/lo ::1
Oct 10 03:04:51 VyOS-AMI-SYED pluto[18146]: shutting down interface lo/lo 127.0.0.1
Oct 10 03:04:51 VyOS-AMI-SYED pluto[18146]: shutting down interface lo/lo 127.0.0.1
Oct 10 03:04:51 VyOS-AMI-SYED pluto[18146]: shutting down interface eth0/eth0 172.31.30.23
Oct 10 03:04:51 VyOS-AMI-SYED pluto[18146]: shutting down interface eth0/eth0 172.31.30.23
Oct 10 03:04:51 VyOS-AMI-SYED pluto[18146]: shutting down interface tun0/tun0 172.16.200.1
Oct 10 03:04:51 VyOS-AMI-SYED pluto[18146]: shutting down interface tun0/tun0 172.16.200.1
Oct 10 03:04:51 VyOS-AMI-SYED ipsec_starter[18145]: pluto stopped after 20 ms
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: Starting IKEv1 pluto daemon (strongSwan 4.5.2) THREADS SMARTCARD VENDORID CISCO_QUIRKS
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: including NAT-Traversal patch (Version 0.6c)
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: failed to load pkcs11 module ‘/usr/lib/opensc-pkcs11.so’
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 10 03:04:54 VyOS-AMI-SYED ipsec_starter[18276]: pluto (18277) started after 20 ms
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: listening for IKE messages
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: adding interface tun0/tun0 172.16.200.1:500
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: adding interface tun0/tun0 172.16.200.1:4500
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: adding interface eth0/eth0 172.31.30.23:500
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: adding interface eth0/eth0 172.31.30.23:4500
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: adding interface lo/lo 127.0.0.1:500
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: adding interface lo/lo 127.0.0.1:4500
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: adding interface lo/lo ::1:500
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: loading secrets from “/etc/ipsec.secrets”
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: loading secrets from “/etc/dmvpn.secrets”
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: loaded PSK secret for 172.31.30.23 %any
Oct 10 03:04:54 VyOS-AMI-SYED pluto[18277]: added connection description “vpnprof-tunnel-tun0”
Oct 10 03:05:19 VyOS-AMI-SYED pluto[18277]: shutting down
Oct 10 03:05:19 VyOS-AMI-SYED pluto[18277]: forgetting secrets
Oct 10 03:05:19 VyOS-AMI-SYED pluto[18277]: “vpnprof-tunnel-tun0”: deleting connection
Oct 10 03:05:19 VyOS-AMI-SYED pluto[18277]: shutting down interface lo/lo ::1
Oct 10 03:05:19 VyOS-AMI-SYED pluto[18277]: shutting down interface lo/lo 127.0.0.1
Oct 10 03:05:19 VyOS-AMI-SYED pluto[18277]: shutting down interface lo/lo 127.0.0.1
Oct 10 03:05:19 VyOS-AMI-SYED pluto[18277]: shutting down interface eth0/eth0 172.31.30.23
Oct 10 03:05:19 VyOS-AMI-SYED pluto[18277]: shutting down interface eth0/eth0 172.31.30.23
Oct 10 03:05:19 VyOS-AMI-SYED pluto[18277]: shutting down interface tun0/tun0 172.16.200.1
Oct 10 03:05:19 VyOS-AMI-SYED pluto[18277]: shutting down interface tun0/tun0 172.16.200.1
Oct 10 03:05:19 VyOS-AMI-SYED ipsec_starter[18276]: pluto stopped after 20 ms
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: Starting IKEv1 pluto daemon (strongSwan 4.5.2) THREADS SMARTCARD VENDORID CISCO_QUIRKS
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: including NAT-Traversal patch (Version 0.6c)
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: failed to load pkcs11 module ‘/usr/lib/opensc-pkcs11.so’
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 10 03:05:22 VyOS-AMI-SYED ipsec_starter[18407]: pluto (18408) started after 20 ms
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: listening for IKE messages
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: adding interface tun0/tun0 172.16.200.1:500
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: adding interface tun0/tun0 172.16.200.1:4500
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: adding interface eth0/eth0 172.31.30.23:500
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: adding interface eth0/eth0 172.31.30.23:4500
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: adding interface lo/lo 127.0.0.1:500
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: adding interface lo/lo 127.0.0.1:4500
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: adding interface lo/lo ::1:500
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: loading secrets from “/etc/ipsec.secrets”
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: loading secrets from “/etc/dmvpn.secrets”
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: loaded PSK secret for 172.31.30.23 %any
Oct 10 03:05:22 VyOS-AMI-SYED pluto[18408]: added connection description “vpnprof-tunnel-tun0”
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: forgetting secrets
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: loading secrets from “/etc/ipsec.secrets”
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: loading secrets from “/etc/dmvpn.secrets”
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: loaded PSK secret for 172.31.30.23 %any
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: forgetting secrets
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: loading secrets from “/etc/ipsec.secrets”
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: loading secrets from “/etc/dmvpn.secrets”
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: loaded PSK secret for 172.31.30.23 %any
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: forgetting secrets
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: loading secrets from “/etc/ipsec.secrets”
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: loading secrets from “/etc/dmvpn.secrets”
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: loaded PSK secret for 172.31.30.23 %any
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: forgetting secrets
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: loading secrets from “/etc/ipsec.secrets”
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: loading secrets from “/etc/dmvpn.secrets”
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: loaded PSK secret for 172.31.30.23 %any
Oct 10 03:13:34 VyOS-AMI-SYED pluto[18408]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 10 03:14:58 VyOS-AMI-SYED pluto[18408]: shutting down
Oct 10 03:14:58 VyOS-AMI-SYED pluto[18408]: forgetting secrets
Oct 10 03:14:58 VyOS-AMI-SYED pluto[18408]: “vpnprof-tunnel-tun0”: deleting connection
Oct 10 03:14:58 VyOS-AMI-SYED pluto[18408]: shutting down interface lo/lo ::1
Oct 10 03:14:58 VyOS-AMI-SYED pluto[18408]: shutting down interface lo/lo 127.0.0.1
Oct 10 03:14:58 VyOS-AMI-SYED pluto[18408]: shutting down interface lo/lo 127.0.0.1
Oct 10 03:14:58 VyOS-AMI-SYED pluto[18408]: shutting down interface eth0/eth0 172.31.30.23
Oct 10 03:14:58 VyOS-AMI-SYED pluto[18408]: shutting down interface eth0/eth0 172.31.30.23
Oct 10 03:14:58 VyOS-AMI-SYED pluto[18408]: shutting down interface tun0/tun0 172.16.200.1
Oct 10 03:14:58 VyOS-AMI-SYED pluto[18408]: shutting down interface tun0/tun0 172.16.200.1
Oct 10 03:14:58 VyOS-AMI-SYED ipsec_starter[18407]: pluto stopped after 20 ms
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: Starting IKEv1 pluto daemon (strongSwan 4.5.2) THREADS SMARTCARD VENDORID CISCO_QUIRKS
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: including NAT-Traversal patch (Version 0.6c)
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: failed to load pkcs11 module ‘/usr/lib/opensc-pkcs11.so’
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: Changing to directory ‘/etc/ipsec.d/crls’
Oct 10 03:15:01 VyOS-AMI-SYED ipsec_starter[19355]: pluto (19356) started after 20 ms
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: listening for IKE messages
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: adding interface tun0/tun0 172.16.200.1:500
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: adding interface tun0/tun0 172.16.200.1:4500
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: adding interface eth0/eth0 172.31.30.23:500
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: adding interface eth0/eth0 172.31.30.23:4500
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: adding interface lo/lo 127.0.0.1:500
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: adding interface lo/lo 127.0.0.1:4500
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: adding interface lo/lo ::1:500
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: loading secrets from “/etc/ipsec.secrets”
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: loading secrets from “/etc/dmvpn.secrets”
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: loaded PSK secret for 172.31.30.23 %any
Oct 10 03:15:01 VyOS-AMI-SYED pluto[19356]: added connection description “vpnprof-tunnel-tun0”
vyos@VyOS-AMI-SYED:~$ show clo
Invalid command: show [clo]
vyos@VyOS-AMI-SYED:~$ show datw
Invalid command: show [datw]
vyos@VyOS-AMI-SYED:~$ show date
Mon Oct 10 03:26:56 UTC 2016
vyos@VyOS-AMI-SYED:~$

spoke

vyos@VyOS-AMI-ZAYAD:~$ show configuration commands | grep tunnel
set interfaces tunnel tun0 address ‘172.16.200.2/24’
set interfaces tunnel tun0 encapsulation ‘gre’
set interfaces tunnel tun0 local-ip ‘172.31.61.122’
set interfaces tunnel tun0 multicast ‘enable’
set protocols nhrp tunnel tun0 map 172.16.200.1/24 nbma-address ‘54.187.74.201’
set protocols nhrp tunnel tun0 map 172.16.200.1/24 ‘register’
set protocols nhrp tunnel tun0 multicast ‘nhs’
set protocols nhrp tunnel tun0 ‘redirect’
set protocols nhrp tunnel tun0 ‘shortcut’
set vpn ipsec esp-group ESP-1H mode ‘tunnel’
set vpn ipsec profile DMVPN bind tunnel ‘tun0’
vyos@VyOS-AMI-ZAYAD:~$ show configuration commands | grep vpn
set vpn ipsec esp-group ESP-1H compression ‘disable’
set vpn ipsec esp-group ESP-1H lifetime ’30’
set vpn ipsec esp-group ESP-1H mode ‘tunnel’
set vpn ipsec esp-group ESP-1H pfs ‘dh-group5’
set vpn ipsec esp-group ESP-1H proposal 1 encryption ‘aes256’
set vpn ipsec esp-group ESP-1H proposal 1 hash ‘sha1’
set vpn ipsec esp-group ESP-1H proposal 2 encryption ‘3des’
set vpn ipsec esp-group ESP-1H proposal 2 hash ‘md5’
set vpn ipsec ike-group IKE-1H key-exchange ‘ikev1′
set vpn ipsec ike-group IKE-1H lifetime ’30’
set vpn ipsec ike-group IKE-1H proposal 1 encryption ‘aes256’
set vpn ipsec ike-group IKE-1H proposal 1 hash ‘sha1’
set vpn ipsec ike-group IKE-1H proposal 2 encryption ‘aes256’
set vpn ipsec ike-group IKE-1H proposal 2 hash ‘md5’
set vpn ipsec ipsec-interfaces interface ‘eth0’
set vpn ipsec nat-traversal ‘enable’
set vpn ipsec profile DMVPN authentication mode ‘pre-shared-secret’
set vpn ipsec profile DMVPN authentication pre-shared-secret ‘NET123’
set vpn ipsec profile DMVPN bind tunnel ‘tun0’
set vpn ipsec profile DMVPN esp-group ‘ESP-1H’
set vpn ipsec profile DMVPN ike-group ‘IKE-1H’
vyos@VyOS-AMI-ZAYAD:~$
vyos@VyOS-AMI-ZAYAD:~$
vyos@VyOS-AMI-ZAYAD:~$ show configuration commands | grepbgp
Invalid command: [grepbgp]
vyos@VyOS-AMI-ZAYAD:~$ show configuration commands | grep bgp
set protocols bgp 64757 neighbor 172.16.200.1 ‘nexthop-self’
set protocols bgp 64757 neighbor 172.16.200.1 password ‘BGPpassword’
set protocols bgp 64757 neighbor 172.16.200.1 remote-as ‘64615’
set protocols bgp 64757 neighbor 172.16.200.1 update-source ‘172.16.200.2’
vyos@VyOS-AMI-ZAYAD:~$
vyos@VyOS-AMI-ZAYAD:~$
vyos@VyOS-AMI-ZAYAD:~$ show vpn ipsec sa
Peer ID / IP Local ID / IP
———— ————-
0.0.0.0 172.31.61.122
Tunnel State Bytes Out/In Encrypt Hash NAT-T A-Time L-Time Proto
—— —– ————- ——- —- —– —— —— —–
tun0 down n/a n/a n/a no 0 30 gre
vyos@VyOS-AMI-ZAYAD:~$
vyos@VyOS-AMI-ZAYAD:~$ show vpn lo
Invalid command: show vpn [lo]
vyos@VyOS-AMI-ZAYAD:~$ show log
log login
vyos@VyOS-AMI-ZAYAD:~$ show log vpn
Possible completions:
all Show log for ALL
ipsec Show log for IPSEC
l2tp Show log for L2TP
pptp Show log for PPTP

16again · October 12, 2016, 5:05pm

==> set vpn ipsec ipsec-interfaces interface ‘eth0’
My troubleshooting shot from the hip: eth0 isn’t your IPSEC interface, tun0 is