[jira] [Resolved] (CLOUDSTACK-9197) CS 4.5.1 VR Remote Access VPN - received packet that claimed to be (I)nitiator, but rcookie is not zero?

Adrian Sender (JIRA) Tue, 05 Jan 2016 15:51:06 -0800

     [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9197?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Adrian Sender resolved CLOUDSTACK-9197.
---------------------------------------
    Resolution: Fixed

> CS 4.5.1 VR Remote Access VPN - received packet that claimed to be 
> (I)nitiator, but rcookie is not zero?
> --------------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-9197
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9197
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Virtual Router
>    Affects Versions: 4.5.1
>         Environment: Xenserver 6.5
> Cloudplatform 4.5.1 Advanced Network
> systemvm-xenserver-4.5.1 - 
> http://download.cloud.com/templates/4.5.1/systemvm64template-2015-05-14-4.5.1-xen.vhd.bz2
>            Reporter: Adrian Sender
>            Priority: Critical
>
> Dec 23 00:31:58 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
> received packet that claimed to be (I)nitiator, but rcookie is not zero?
> Dec 23 00:31:58 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
> sending notification v2N_INVALID_MESSAGE_ID to xxx.xxx.xxx.xxx:500
> Dec 23 00:32:15 r-4045-VM sshd[28852]: Accepted publickey for root from 
> 169.254.0.1 port 54034 ssh2
> Dec 23 00:32:15 r-4045-VM sshd[28852]: pam_unix(sshd:session): session opened 
> for user root by (uid=0)
> Dec 23 00:32:15 r-4045-VM sshd[28852]: pam_unix(sshd:session): session closed 
> for user root
> Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
> ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
> Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
> received Vendor ID payload [RFC 3947] method set to=109
> Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but 
> already using method 109
> Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
> ignoring Vendor ID payload [FRAGMENTATION]
> Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
> ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
> Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
> ignoring Vendor ID payload [Vid-Initial-Contact]
> Dec 23 00:32:32 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
> ignoring Vendor ID payload [IKE CGA version 1]
> Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> responding to Main Mode from unknown peer xxx.xxx.xxx.xxx
> Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> OAKLEY_GROUP 20 not supported.  Attribute OAKLEY_GROUP_DESCRIPTION
> Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> OAKLEY_GROUP 19 not supported.  Attribute OAKLEY_GROUP_DESCRIPTION
> Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> STATE_MAIN_R1: sent MR1, expecting MI2
> Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
> Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> STATE_MAIN_R2: sent MR2, expecting MI3
> Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> next payload type of ISAKMP Identification Payload has an unknown value: 26
> Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> probable authentication failure (mismatch of preshared secrets?): malformed 
> payload in packet
> Dec 23 00:32:32 r-4045-VM pluto[4569]: | payload malformed after IV
> Dec 23 00:32:32 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
> 2c  a4 2b 61 28
> Dec 23 00:32:32 r-4045-VM pluto[4569]: |   cb b4 f7 d1
> Dec 23 00:32:32 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
> Dec 23 00:32:33 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> next payload type of ISAKMP Identification Payload has an unknown value: 26
> Dec 23 00:32:33 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> probable authentication failure (mismatch of preshared secrets?): malformed 
> payload in packet
> Dec 23 00:32:33 r-4045-VM pluto[4569]: | payload malformed after IV
> Dec 23 00:32:33 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
> 2c  a4 2b 61 28
> Dec 23 00:32:33 r-4045-VM pluto[4569]: |   cb b4 f7 d1
> Dec 23 00:32:33 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
> Dec 23 00:32:36 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> next payload type of ISAKMP Identification Payload has an unknown value: 26
> Dec 23 00:32:36 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> probable authentication failure (mismatch of preshared secrets?): malformed 
> payload in packet
> Dec 23 00:32:36 r-4045-VM pluto[4569]: | payload malformed after IV
> Dec 23 00:32:36 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
> 2c  a4 2b 61 28
> Dec 23 00:32:36 r-4045-VM pluto[4569]: |   cb b4 f7 d1
> Dec 23 00:32:36 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
> Dec 23 00:32:41 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> next payload type of ISAKMP Identification Payload has an unknown value: 26
> Dec 23 00:32:41 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> probable authentication failure (mismatch of preshared secrets?): malformed 
> payload in packet
> Dec 23 00:32:41 r-4045-VM pluto[4569]: | payload malformed after IV
> Dec 23 00:32:41 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
> 2c  a4 2b 61 28
> Dec 23 00:32:41 r-4045-VM pluto[4569]: |   cb b4 f7 d1
> Dec 23 00:32:41 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
> Dec 23 00:32:49 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> next payload type of ISAKMP Identification Payload has an unknown value: 26
> Dec 23 00:32:49 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> probable authentication failure (mismatch of preshared secrets?): malformed 
> payload in packet
> Dec 23 00:32:49 r-4045-VM pluto[4569]: | payload malformed after IV
> Dec 23 00:32:49 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
> 2c  a4 2b 61 28
> Dec 23 00:32:49 r-4045-VM pluto[4569]: |   cb b4 f7 d1
> Dec 23 00:32:49 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
> Dec 23 00:33:01 r-4045-VM CRON[28870]: pam_unix(cron:session): session opened 
> for user root by (uid=0)
> Dec 23 00:33:01 r-4045-VM CRON[28870]: pam_unix(cron:session): session closed 
> for user root
> Dec 23 00:33:05 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> next payload type of ISAKMP Identification Payload has an unknown value: 26
> Dec 23 00:33:05 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> probable authentication failure (mismatch of preshared secrets?): malformed 
> payload in packet
> Dec 23 00:33:05 r-4045-VM pluto[4569]: | payload malformed after IV
> Dec 23 00:33:05 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
> 2c  a4 2b 61 28
> Dec 23 00:33:05 r-4045-VM pluto[4569]: |   cb b4 f7 d1
> Dec 23 00:33:05 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
> Dec 23 00:33:12 r-4045-VM sshd[28052]: pam_unix(sshd:session): session closed 
> for user root
> Dec 23 00:33:21 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> next payload type of ISAKMP Identification Payload has an unknown value: 26
> Dec 23 00:33:21 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> probable authentication failure (mismatch of preshared secrets?): malformed 
> payload in packet
> Dec 23 00:33:21 r-4045-VM pluto[4569]: | payload malformed after IV
> Dec 23 00:33:21 r-4045-VM pluto[4569]: |   53 f0 28 18  b1 88 8c 46  a3 1a a0 
> 2c  a4 2b 61 28
> Dec 23 00:33:21 r-4045-VM pluto[4569]: |   cb b4 f7 d1
> Dec 23 00:33:21 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: 
> sending notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
> Dec 23 00:33:27 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
> received packet that claimed to be (I)nitiator, but rcookie is not zero?
> Dec 23 00:33:27 r-4045-VM pluto[4569]: packet from xxx.xxx.xxx.xxx:500: 
> sending notification v2N_INVALID_MESSAGE_ID to xxx.xxx.xxx.xxx:500
> Dec 23 00:33:42 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx #13: max 
> number of retransmissions (2) reached STATE_MAIN_R2
> Dec 23 00:33:42 r-4045-VM pluto[4569]: "L2TP-PSK"[5] xxx.xxx.xxx.xxx: 
> deleting connection "L2TP-PSK" instance with peer xxx.xxx.xxx.xxx 
> {isakmp=#0/ipsec=#0}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (CLOUDSTACK-9197) CS 4.5.1 VR Remote Access VPN - received packet that claimed to be (I)nitiator, but rcookie is not zero?

Reply via email to