Networkmanager, plasma et L2TP/IPSec [Réglé]
babs3 Membre non connecté
-
- Voir le profil du membre babs3
- Inscrit le : 22/05/2013
- Groupes :
Je suis sous Mageia 7.1 et plasma. J'ai basculé la gestion des réseaux avec Networkmanager avec cette procédure :
https://www.mageialinux-online.org/forum/topic-23197+utiliser-networkmanager-plutot-que-drakx-net.php
J'ai besoin de me brancher sur un réseau VPN qui permet les protocoles SoftEther et L2TP/IPSec
J'ai installé le paquet networkmanager-l2tp et plasma-applet-nm-l2tp
Ensuite je ne retrouve pas le mode d'emploi qui m'est proposé et où normalement quand je fais Plus cela devrait me permettre de choisir un protocole VPN :
Quand je fais plus j'ai juste cela qui s'affiche :
Est-ce que cela ne marche que sous Gnome ?
J'ai trouvé ces knows issues:
https://github.com/nm-l2tp/NetworkManager-l2tp/wiki/Known-Issues
Caché :
Unless you are using KDE (Plasma-nm) or the command-line (/usr/bin/nmcli), you will be using a GNOME based NetworkManager connection editor to create or edit VPN connections.
If you are using pre-build binary packages, please ensure you have installed the NetworkManager-l2tp-gnome or network-manager-l2tp-gnome package which provides the necessary files for use with a GNOME based NetworkManager connection editor, otherwise you may see a variation of the following error :
Could not load editor VPN plugin for 'org.freedesktop.NetworkManager.l2tp'
(missing plugin file "/usr/lib64/NetworkManager/libnm-vpn-plugin-l2tp-editor.so").
If you are using pre-build binary packages, please ensure you have installed the NetworkManager-l2tp-gnome or network-manager-l2tp-gnome package which provides the necessary files for use with a GNOME based NetworkManager connection editor, otherwise you may see a variation of the following error :
Could not load editor VPN plugin for 'org.freedesktop.NetworkManager.l2tp'
(missing plugin file "/usr/lib64/NetworkManager/libnm-vpn-plugin-l2tp-editor.so").
Il n'existe pas de package NetworkManager-l2tp-gnome sous Mageia comme sous Kubuntu, Fedora et Opensuse:
https://pkgs.org/search/?q=NetworkManager-l2tp-gnome
Comment puis-je configuré mon VPN facilement ?
Drakvpn ne propose aucun des protocoles susdits.
Merci !
Jacques
Édité par babs3 Le 04/01/2023 à 13h17
nic80 Membre non connecté
-
- Voir le profil du membre nic80
- Inscrit le : 06/08/2018
- Groupes :
-
Modérateur
Il doit probablement manquer des paquets quelque part...
Sur ma machine virtuelle, j' ai bien un très grand nombre de connexion possible.
En revanche, selon que je fasse un clic gauche ou droit sur l' icône de networkmanager, j' ai deux affichage différents:
Clic gauche: j' ai connexion vpn puis l' écran de la première capture.
Clic droit : en choissant modifier les connexions, j' ai l' écran de la seconde capture ( avec possibilité de l2tp).
Les paquets qui sont installés:
Code BASH :
rpm -qa | grep networkmanager networkmanager-qt-5.57.0-1.mga7 networkmanager-wwan-1.18.2-1.mga7 networkmanager-libreswan-1.2.10-2.mga7 networkmanager-ppp-1.18.2-1.mga7 networkmanager-bluetooth-1.18.2-1.mga7 networkmanager-pptp-1.2.8-2.mga7 networkmanager-1.18.2-1.mga7 networkmanager-team-1.18.2-1.mga7 networkmanager-vpnc-1.2.6-4.mga7 networkmanager-openconnect-1.2.4-4.mga7 networkmanager-applet-1.8.20-1.mga7 networkmanager-l2tp-1.2.10-3.mga7 networkmanager-tui-1.18.2-1.mga7 networkmanager-wifi-1.18.2-1.mga7 networkmanager-adsl-1.18.2-1.mga7 lib64kf5networkmanagerqt5-5.57.0-1.mga7 networkmanager-openvpn-1.8.10-1.mga7
edit: je crois qu' il faut plus le paquet networkmanager-applet ( et ses dérivés) que le paquet plasma-applet-nm ( avec celui ci, le choix des connexions vpn n' est pas affiché.
Édité par nic80 Le 16/05/2020 à 15h07
babs3 Membre non connecté
-
- Voir le profil du membre babs3
- Inscrit le : 22/05/2013
- Groupes :
Il me manquait :
networkmanager-applet
Je l'ai installé et deconnecté/reconnecté ma cession kde au cas où.
Mais ensuite
si je fais clic-droit/configurer les connexions réseaux ou clic-gauche puis en haut à droite configurer les connexions réseaux, puis "+", j'ai toujours la deuxième capture d'écran directement
Il y a juste la possibilité d'importer un fichier VPN.
Il n'y pas d'étape "sectionner un type de connexion".
Est-ce que tu as "selectionner un type de connexion" en cliquant sur "+" ?
Tu es bien sous KDE/Plasma... ?
Merci !
Jacques
Édité par babs3 Le 16/05/2020 à 15h08
nic80 Membre non connecté
-
- Voir le profil du membre nic80
- Inscrit le : 06/08/2018
- Groupes :
-
Modérateur
Oui sous plasma.
Attention: plasma-applet et networkmanager-applet ont des écrans différents. si depuis une console le programme nm-applet est lancé, est ce qu' il y a plus de choix (il faut d' ailleurs le paquet networkmanager-l2tp soit installé aussi) ?
edit:
En vert nm-applet , en rouge plasma-applet
Édité par nic80 Le 16/05/2020 à 15h28
babs3 Membre non connecté
-
- Voir le profil du membre babs3
- Inscrit le : 22/05/2013
- Groupes :
Bingo !
J'ai effectivement beaucoup plus de choix.
J'ai maintenant 3 applets :
Comment puis-je ajouter la bonne et supprimer l'autre... (si il faut en supprimer une).
Merci beaucoup !
Jacques
Édité par babs3 Le 16/05/2020 à 15h28
nic80 Membre non connecté
-
- Voir le profil du membre nic80
- Inscrit le : 06/08/2018
- Groupes :
-
Modérateur
Je pense que le plasma-applet-nm peut être enlevé ( networkmanager-applet et plasma-applet-nm sont indépendant je pense).
Par contre, je ne suis pas sur que nm-applet se lance automatiquement ( en tous cas avec mes manipulations je l' ai perdue !)
Pour que ce soit affiché automatiquement, il faut je pense modifier le fichier "/etc/xdg/autostart/nm-applet.desktop" et modifier la ligne:
NotShowIn=KDE;GNOME;
en
NotShowIn=GNOME;
Concernant les icônes, j' aurais tendance à pense que ( en partant de la gauche):
1 = icônes networkmanager-applet
2 = net-applet
3= plasma-applet-nm
Édité par nic80 Le 16/05/2020 à 15h30
babs3 Membre non connecté
-
- Voir le profil du membre babs3
- Inscrit le : 22/05/2013
- Groupes :
En supprimant le paquet plasma-applet-nm j'ai bien fait disparaitre l'applet en trop.
En mettant NotShowIn=GNOME j'ai bien l'applet en démarrant.
C'est super !
Ensuite j'ai configuré mon VPN selon le mode d'emploi donné par mon entreprise.
Mais quand je veux activer le VPN (clic gauche, connexions VPN, VPN de mon entreprise, j'ai "La connexion VPN a échoué".
Est-ce qu'il y a des choses à désactiver dans mageia (parefeu?) ?
Est-ce qu'il y a un log ?
Si je fais :
journalctl -u NetworkManager
Je ne vois pas trace du VPN :
Caché :
-- Logs begin at Thu 2020-04-02 15:51:09 CEST, end at Sat 2020-05-16 15:42:16 CEST. --
avril 25 19:12:59 localhost.localdomain systemd[1]: Starting Network Manager...
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.0233] NetworkManager (version 1.18.2) is starting... (for the first time)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.0235] Read config: /etc/NetworkManager/NetworkManager.conf
avril 25 19:12:59 localhost.localdomain systemd[1]: Started Network Manager.
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.0288] bus-manager: acquired D-Bus service "org.freedesktop.NetworkManager"
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.0295] manager[0x1475040]: monitoring kernel firmware directory '/lib/firmware'.
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2685] hostname: hostname: using hostnamed
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2685] hostname: hostname changed from (none) to "localhost.localdomain"
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2687] dns-mgr[0x1452210]: init: dns=default,systemd-resolved rc-manager=resolvconf
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2692] rfkill3: found Wi-Fi radio killswitch (at /sys/devices/pci0000:00/0000:00:14.3/ieee80211/phy0/rfkill3) (driver iwlwifi)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2693] rfkill0: found Wi-Fi radio killswitch (at /sys/devices/platform/dell-laptop/rfkill/rfkill0) (platform driver dell-laptop)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2783] manager[0x1475040]: rfkill: Wi-Fi hardware radio set enabled
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2783] manager[0x1475040]: rfkill: WWAN hardware radio set enabled
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2872] settings: Loaded settings plugin: SettingsPluginIfcfg ("/usr/lib64/NetworkManager/1.18.2/libnm-settings-plugin-ifcfg-rh.so")
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2873] settings: Loaded settings plugin: NMSKeyfilePlugin (internal)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2882] ifcfg-rh: new connection /etc/sysconfig/network-scripts/ifcfg-wlo1 (d30a1ce3-b0b0-562b-c404-510f168851f9,"System clc (wlo1)")
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: GError set over the top of a previous GError or uninitialized memory.
This indicates a bug in someone's code. You must ensure an error is NULL before it's set.
The overwriting error message was: The setting is missing.
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <warn> [1587834779.2897] ifcfg-rh: loading "/etc/sysconfig/network-scripts/ifcfg-ens8u1u1" fails: Unable to discover MAC address: ioctl error
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: GError set over the top of a previous GError or uninitialized memory.
This indicates a bug in someone's code. You must ensure an error is NULL before it's set.
The overwriting error message was: The setting is missing.
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <warn> [1587834779.2910] ifcfg-rh: loading "/etc/sysconfig/network-scripts/ifcfg-enp0s20f0u3" fails: Unable to discover MAC address: ioctl error
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2915] ifcfg-rh: new connection /etc/sysconfig/network-scripts/ifcfg-wwp0s20f0u4c2 (4ff41585-cfc7-ae2e-cfad-e2d11e1457db,"System wwp0s20f0u4c2")
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: GError set over the top of a previous GError or uninitialized memory.
This indicates a bug in someone's code. You must ensure an error is NULL before it's set.
The overwriting error message was: The setting is missing.
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <warn> [1587834779.2928] ifcfg-rh: loading "/etc/sysconfig/network-scripts/ifcfg-enp0s20f0u2" fails: Unable to discover MAC address: ioctl error
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2931] manager: rfkill: Wi-Fi enabled by radio killswitch; enabled by state file
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2931] manager: rfkill: WWAN enabled by radio killswitch; enabled by state file
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2931] manager: Networking is enabled by state file
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2932] dhcp-init: Using DHCP client 'internal'
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2937] Loaded device plugin: NMAtmManager (/usr/lib64/NetworkManager/1.18.2/libnm-device-plugin-adsl.so)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2949] Loaded device plugin: NMTeamFactory (/usr/lib64/NetworkManager/1.18.2/libnm-device-plugin-team.so)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2958] Loaded device plugin: NMWwanFactory (/usr/lib64/NetworkManager/1.18.2/libnm-device-plugin-wwan.so)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2959] Loaded device plugin: NMBluezManager (/usr/lib64/NetworkManager/1.18.2/libnm-device-plugin-bluetooth.so)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2961] Loaded device plugin: NMWifiFactory (/usr/lib64/NetworkManager/1.18.2/libnm-device-plugin-wifi.so)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2964] device (lo): carrier: link connected
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2966] manager: (lo): new Generic device (/org/freedesktop/NetworkManager/Devices/1)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2970] device (wlo1): driver supports Access Point (AP) mode
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2972] manager: (wlo1): new 802.11 Wi-Fi device (/org/freedesktop/NetworkManager/Devices/2)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2979] device (wlo1): state change: unmanaged -> unavailable (reason 'managed', sys-iface-state: 'external')
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.3285] device (wlo1): set-hw-addr: set MAC address to 0E:3B:EA:0A:B7:CA (scanning)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5468] bluez: use BlueZ version 5
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5488] bluez5: NAP: added interface B8:9A:2A:FC:7B:BD
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5520] supplicant: wpa_supplicant running
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5521] device (wlo1): supplicant interface state: init -> starting
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5774] sup-iface[0x14ee8b0,wlo1]: supports 5 scan SSIDs
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5780] device (wlo1): supplicant interface state: starting -> ready
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5781] Wi-Fi P2P device controlled by interface wlo1 created
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5783] manager: (p2p-dev-wlo1): new 802.11 Wi-Fi P2P device (/org/freedesktop/NetworkManager/Devices/3)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5785] device (p2p-dev-wlo1): state change: unmanaged -> unavailable (reason 'managed', sys-iface-state: 'external')
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5791] device (p2p-dev-wlo1): state change: unavailable -> disconnected (reason 'none', sys-iface-state: 'managed')
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5794] device (wlo1): state change: unavailable -> disconnected (reason 'supplicant-available', sys-iface-state: 'managed')
avril 25 19:12:59 localhost.localdomain systemd[1]: Starting Network Manager...
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.0233] NetworkManager (version 1.18.2) is starting... (for the first time)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.0235] Read config: /etc/NetworkManager/NetworkManager.conf
avril 25 19:12:59 localhost.localdomain systemd[1]: Started Network Manager.
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.0288] bus-manager: acquired D-Bus service "org.freedesktop.NetworkManager"
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.0295] manager[0x1475040]: monitoring kernel firmware directory '/lib/firmware'.
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2685] hostname: hostname: using hostnamed
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2685] hostname: hostname changed from (none) to "localhost.localdomain"
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2687] dns-mgr[0x1452210]: init: dns=default,systemd-resolved rc-manager=resolvconf
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2692] rfkill3: found Wi-Fi radio killswitch (at /sys/devices/pci0000:00/0000:00:14.3/ieee80211/phy0/rfkill3) (driver iwlwifi)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2693] rfkill0: found Wi-Fi radio killswitch (at /sys/devices/platform/dell-laptop/rfkill/rfkill0) (platform driver dell-laptop)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2783] manager[0x1475040]: rfkill: Wi-Fi hardware radio set enabled
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2783] manager[0x1475040]: rfkill: WWAN hardware radio set enabled
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2872] settings: Loaded settings plugin: SettingsPluginIfcfg ("/usr/lib64/NetworkManager/1.18.2/libnm-settings-plugin-ifcfg-rh.so")
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2873] settings: Loaded settings plugin: NMSKeyfilePlugin (internal)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2882] ifcfg-rh: new connection /etc/sysconfig/network-scripts/ifcfg-wlo1 (d30a1ce3-b0b0-562b-c404-510f168851f9,"System clc (wlo1)")
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: GError set over the top of a previous GError or uninitialized memory.
This indicates a bug in someone's code. You must ensure an error is NULL before it's set.
The overwriting error message was: The setting is missing.
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <warn> [1587834779.2897] ifcfg-rh: loading "/etc/sysconfig/network-scripts/ifcfg-ens8u1u1" fails: Unable to discover MAC address: ioctl error
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: GError set over the top of a previous GError or uninitialized memory.
This indicates a bug in someone's code. You must ensure an error is NULL before it's set.
The overwriting error message was: The setting is missing.
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <warn> [1587834779.2910] ifcfg-rh: loading "/etc/sysconfig/network-scripts/ifcfg-enp0s20f0u3" fails: Unable to discover MAC address: ioctl error
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2915] ifcfg-rh: new connection /etc/sysconfig/network-scripts/ifcfg-wwp0s20f0u4c2 (4ff41585-cfc7-ae2e-cfad-e2d11e1457db,"System wwp0s20f0u4c2")
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: GError set over the top of a previous GError or uninitialized memory.
This indicates a bug in someone's code. You must ensure an error is NULL before it's set.
The overwriting error message was: The setting is missing.
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <warn> [1587834779.2928] ifcfg-rh: loading "/etc/sysconfig/network-scripts/ifcfg-enp0s20f0u2" fails: Unable to discover MAC address: ioctl error
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2931] manager: rfkill: Wi-Fi enabled by radio killswitch; enabled by state file
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2931] manager: rfkill: WWAN enabled by radio killswitch; enabled by state file
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2931] manager: Networking is enabled by state file
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2932] dhcp-init: Using DHCP client 'internal'
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2937] Loaded device plugin: NMAtmManager (/usr/lib64/NetworkManager/1.18.2/libnm-device-plugin-adsl.so)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2949] Loaded device plugin: NMTeamFactory (/usr/lib64/NetworkManager/1.18.2/libnm-device-plugin-team.so)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2958] Loaded device plugin: NMWwanFactory (/usr/lib64/NetworkManager/1.18.2/libnm-device-plugin-wwan.so)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2959] Loaded device plugin: NMBluezManager (/usr/lib64/NetworkManager/1.18.2/libnm-device-plugin-bluetooth.so)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2961] Loaded device plugin: NMWifiFactory (/usr/lib64/NetworkManager/1.18.2/libnm-device-plugin-wifi.so)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2964] device (lo): carrier: link connected
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2966] manager: (lo): new Generic device (/org/freedesktop/NetworkManager/Devices/1)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2970] device (wlo1): driver supports Access Point (AP) mode
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2972] manager: (wlo1): new 802.11 Wi-Fi device (/org/freedesktop/NetworkManager/Devices/2)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.2979] device (wlo1): state change: unmanaged -> unavailable (reason 'managed', sys-iface-state: 'external')
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.3285] device (wlo1): set-hw-addr: set MAC address to 0E:3B:EA:0A:B7:CA (scanning)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5468] bluez: use BlueZ version 5
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5488] bluez5: NAP: added interface B8:9A:2A:FC:7B:BD
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5520] supplicant: wpa_supplicant running
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5521] device (wlo1): supplicant interface state: init -> starting
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5774] sup-iface[0x14ee8b0,wlo1]: supports 5 scan SSIDs
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5780] device (wlo1): supplicant interface state: starting -> ready
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5781] Wi-Fi P2P device controlled by interface wlo1 created
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5783] manager: (p2p-dev-wlo1): new 802.11 Wi-Fi P2P device (/org/freedesktop/NetworkManager/Devices/3)
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5785] device (p2p-dev-wlo1): state change: unmanaged -> unavailable (reason 'managed', sys-iface-state: 'external')
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5791] device (p2p-dev-wlo1): state change: unavailable -> disconnected (reason 'none', sys-iface-state: 'managed')
avril 25 19:12:59 localhost.localdomain NetworkManager[8221]: <info> [1587834779.5794] device (wlo1): state change: unavailable -> disconnected (reason 'supplicant-available', sys-iface-state: 'managed')
Merci !
Jacques
Édité par babs3 Le 16/05/2020 à 15h50
nic80 Membre non connecté
-
- Voir le profil du membre nic80
- Inscrit le : 06/08/2018
- Groupes :
-
Modérateur
Pour connexion en elle même, je ne peux pas savoir et tester ( n' ayant pas de vpn ( donc pas de vpn l2tp)))....
Si cela vient du parefeu en lui même, il me semble que les entrées sont journalisées dans le journalctl tout court ( il devrait y avoir des lignes avec des drops si c' est le cas).
Sinon pour le plasma-applet-nm, pour voir l' option de connexion en l2tp, il faut visiblement également installer le paquet plasma-applet-nm-openvpn ...
En effet, celui contient le fichier plasma-networkmanagement-vpnuiplugin.desktop ( que ne contient pas le paquet plasma-applet-nm-l2tp )
Code BASH :
urpmf vpnuiplugin plasma-applet-nm-openvpn:/usr/share/kservicetypes5/plasma-networkmanagement-vpnuiplugin.desktop plasma-applet-nm-openvpn:/usr/share/kservicetypes5/plasma-networkmanagement-vpnuiplugin.desktop
qui lui doit permettre d' afficher la liste des connexions vpn possibles.
de plus, le fichier /usr/share/kservices5/plasmanetworkmanagement_l2tpui.desktop contient une ligne enabledbydefault=false ( qui doit je suppose l' empêcher d' être affiché)...
Je dirais donc qu'il manque une dépendance entre plasma-applet-nm-l2tp et plasma-applet-nm-openvpn ( je n' ai pas regardé ce qu' il en est pour les autres paquets plasma-applet-nm-* )
babs3 Membre non connecté
-
- Voir le profil du membre babs3
- Inscrit le : 22/05/2013
- Groupes :
Voici ce que donne journalctl -e :
Caché :
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 127.255.255.255 via dev lo src 127.0.0.1 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.0 via dev wlo1 src 192.168.0.7 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.7 via dev wlo1 src 192.168.0.7 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.255 via dev wlo1 src 192.168.0.7 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: seeking_src = 1, seeking_gateway = 0, has_peer = 1
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: seeking_src = 1, seeking_gateway = 0, has_dst = 1
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.254 via dev wlo1 src 192.168.0.7 table 254
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: set addr: 192.168.0.7
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: seeking_src = 0, seeking_gateway = 0, has_peer = 1
mai 16 16:30:56 localhost.localdomain pluto[6404]: added connection description "9a3e0517-0155-4919-8465-f43932db51de"
mai 16 16:30:56 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: initiating v2 parent SA
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 002 "9a3e0517-0155-4919-8465-f43932db51de" #1: initiating v2 parent SA
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 133 "9a3e0517-0155-4919-8465-f43932db51de" #1: initiate
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 002 "9a3e0517-0155-4919-8465-f43932db51de": constructed local IKE proposals for 9a3e0517-0155-4919-8465-f43932db51de (IKE SA initiator selecting KE): 1:IKE:ENCR=AES_GCM_C_256;P>
mai 16 16:30:56 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de": constructed local IKE proposals for 9a3e0517-0155-4919-8465-f43932db51de (IKE SA initiator selecting KE): 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_>
mai 16 16:30:56 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: sent v2I1, expected v2R1
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 133 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: sent v2I1, expected v2R1
mai 16 16:30:57 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response
mai 16 16:30:57 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response
mai 16 16:30:57 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 1 seconds for response
mai 16 16:30:57 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 1 seconds for response
mai 16 16:30:58 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 2 seconds for response
mai 16 16:30:58 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 2 seconds for response
mai 16 16:31:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 4 seconds for response
mai 16 16:31:00 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 4 seconds for response
mai 16 16:31:04 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 8 seconds for response
mai 16 16:31:04 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 8 seconds for response
mai 16 16:31:06 localhost.localdomain nm-l2tp-service[6100]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
mai 16 16:31:06 localhost.localdomain NetworkManager[1052]: <info> [1589639466.6711] vpn-connection[0x13ce790,9a3e0517-0155-4919-8465-f43932db51de,"VPN Babsentreprise",0]: VPN plugin: state changed: stopped (6)
mai 16 16:31:06 localhost.localdomain NetworkManager[1052]: <info> [1589639466.6747] vpn-connection[0x13ce790,9a3e0517-0155-4919-8465-f43932db51de,"VPN Babsentreprise",0]: VPN service disappeared
mai 16 16:31:06 localhost.localdomain NetworkManager[1052]: <warn> [1589639466.6759] vpn-connection[0x13ce790,9a3e0517-0155-4919-8465-f43932db51de,"VPN Babsentreprise",0]: VPN connection: failed to connect: 'Message recipient disconnected fr>
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/Button.qml:99: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:362: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:363: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:364: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:365: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/Button.qml:99: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/Button.qml:99: TypeError: Type error
mai 16 16:31:12 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 16 seconds for response
mai 16 16:31:12 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 16 seconds for response
mai 16 16:31:28 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 32 seconds for response
mai 16 16:31:28 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 32 seconds for response
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: 60 second timeout exceeded after 7 retransmits. No response (or no acceptable response) to our first IKEv2 message
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: starting keying attempt 2 of an unlimited number, but releasing whack
mai 16 16:32:00 localhost.localdomain NetworkManager[1052]: 031 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: 60 second timeout exceeded after 7 retransmits. No response (or no acceptable response) to our first IKEv2 mess>
mai 16 16:32:00 localhost.localdomain NetworkManager[1052]: 000 "9a3e0517-0155-4919-8465-f43932db51de" #1: starting keying attempt 2 of an unlimited number, but releasing whack
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: initiating v2 parent SA to replace #1
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: deleting state (STATE_PARENT_I1) aged 64.029s and NOT sending notification
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: deleting IKE SA for connection '9a3e0517-0155-4919-8465-f43932db51de' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS
mai 16 16:32:00 localhost.localdomain pluto[6404]: Initiating connection 9a3e0517-0155-4919-8465-f43932db51de which received a Delete/Notify but must remain up per local policy
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: sent v2I1, expected v2R1
mai 16 16:32:01 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response
mai 16 16:32:01 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 1 seconds for response
mai 16 16:32:02 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 2 seconds for response
mai 16 16:32:04 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 4 seconds for response
mai 16 16:32:08 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 8 seconds for response
...skipping...
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 127.255.255.255 via dev lo src 127.0.0.1 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.0 via dev wlo1 src 192.168.0.7 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.7 via dev wlo1 src 192.168.0.7 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.255 via dev wlo1 src 192.168.0.7 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: seeking_src = 1, seeking_gateway = 0, has_peer = 1
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: seeking_src = 1, seeking_gateway = 0, has_dst = 1
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.254 via dev wlo1 src 192.168.0.7 table 254
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: set addr: 192.168.0.7
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: seeking_src = 0, seeking_gateway = 0, has_peer = 1
mai 16 16:30:56 localhost.localdomain pluto[6404]: added connection description "9a3e0517-0155-4919-8465-f43932db51de"
mai 16 16:30:56 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: initiating v2 parent SA
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 002 "9a3e0517-0155-4919-8465-f43932db51de" #1: initiating v2 parent SA
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 133 "9a3e0517-0155-4919-8465-f43932db51de" #1: initiate
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 002 "9a3e0517-0155-4919-8465-f43932db51de": constructed local IKE proposals for 9a3e0517-0155-4919-8465-f43932db51de (IKE SA initiator selecting KE): 1:IKE:ENCR=AES_GCM_C_256;P>
mai 16 16:30:56 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de": constructed local IKE proposals for 9a3e0517-0155-4919-8465-f43932db51de (IKE SA initiator selecting KE): 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_>
mai 16 16:30:56 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: sent v2I1, expected v2R1
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 133 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: sent v2I1, expected v2R1
mai 16 16:30:57 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response
mai 16 16:30:57 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response
mai 16 16:30:57 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 1 seconds for response
mai 16 16:30:57 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 1 seconds for response
mai 16 16:30:58 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 2 seconds for response
mai 16 16:30:58 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 2 seconds for response
mai 16 16:31:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 4 seconds for response
mai 16 16:31:00 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 4 seconds for response
mai 16 16:31:04 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 8 seconds for response
mai 16 16:31:04 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 8 seconds for response
mai 16 16:31:06 localhost.localdomain nm-l2tp-service[6100]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
mai 16 16:31:06 localhost.localdomain NetworkManager[1052]: <info> [1589639466.6711] vpn-connection[0x13ce790,9a3e0517-0155-4919-8465-f43932db51de,"VPN Babsentreprise",0]: VPN plugin: state changed: stopped (6)
mai 16 16:31:06 localhost.localdomain NetworkManager[1052]: <info> [1589639466.6747] vpn-connection[0x13ce790,9a3e0517-0155-4919-8465-f43932db51de,"VPN Babsentreprise",0]: VPN service disappeared
mai 16 16:31:06 localhost.localdomain NetworkManager[1052]: <warn> [1589639466.6759] vpn-connection[0x13ce790,9a3e0517-0155-4919-8465-f43932db51de,"VPN Babsentreprise",0]: VPN connection: failed to connect: 'Message recipient disconnected fr>
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/Button.qml:99: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:362: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:363: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:364: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:365: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/Button.qml:99: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/Button.qml:99: TypeError: Type error
mai 16 16:31:12 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 16 seconds for response
mai 16 16:31:12 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 16 seconds for response
mai 16 16:31:28 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 32 seconds for response
mai 16 16:31:28 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 32 seconds for response
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: 60 second timeout exceeded after 7 retransmits. No response (or no acceptable response) to our first IKEv2 message
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: starting keying attempt 2 of an unlimited number, but releasing whack
mai 16 16:32:00 localhost.localdomain NetworkManager[1052]: 031 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: 60 second timeout exceeded after 7 retransmits. No response (or no acceptable response) to our first IKEv2 mess>
mai 16 16:32:00 localhost.localdomain NetworkManager[1052]: 000 "9a3e0517-0155-4919-8465-f43932db51de" #1: starting keying attempt 2 of an unlimited number, but releasing whack
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: initiating v2 parent SA to replace #1
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: deleting state (STATE_PARENT_I1) aged 64.029s and NOT sending notification
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: deleting IKE SA for connection '9a3e0517-0155-4919-8465-f43932db51de' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS
mai 16 16:32:00 localhost.localdomain pluto[6404]: Initiating connection 9a3e0517-0155-4919-8465-f43932db51de which received a Delete/Notify but must remain up per local policy
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: sent v2I1, expected v2R1
mai 16 16:32:01 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response
mai 16 16:32:01 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 1 seconds for response
mai 16 16:32:02 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 2 seconds for response
mai 16 16:32:04 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 4 seconds for response
mai 16 16:32:08 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 8 seconds for response
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 127.255.255.255 via dev lo src 127.0.0.1 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.0 via dev wlo1 src 192.168.0.7 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.7 via dev wlo1 src 192.168.0.7 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.255 via dev wlo1 src 192.168.0.7 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: seeking_src = 1, seeking_gateway = 0, has_peer = 1
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: seeking_src = 1, seeking_gateway = 0, has_dst = 1
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.254 via dev wlo1 src 192.168.0.7 table 254
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: set addr: 192.168.0.7
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: seeking_src = 0, seeking_gateway = 0, has_peer = 1
mai 16 16:30:56 localhost.localdomain pluto[6404]: added connection description "9a3e0517-0155-4919-8465-f43932db51de"
mai 16 16:30:56 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: initiating v2 parent SA
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 002 "9a3e0517-0155-4919-8465-f43932db51de" #1: initiating v2 parent SA
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 133 "9a3e0517-0155-4919-8465-f43932db51de" #1: initiate
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 002 "9a3e0517-0155-4919-8465-f43932db51de": constructed local IKE proposals for 9a3e0517-0155-4919-8465-f43932db51de (IKE SA initiator selecting KE): 1:IKE:ENCR=AES_GCM_C_256;P>
mai 16 16:30:56 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de": constructed local IKE proposals for 9a3e0517-0155-4919-8465-f43932db51de (IKE SA initiator selecting KE): 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_>
mai 16 16:30:56 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: sent v2I1, expected v2R1
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 133 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: sent v2I1, expected v2R1
mai 16 16:30:57 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response
mai 16 16:30:57 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response
mai 16 16:30:57 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 1 seconds for response
mai 16 16:30:57 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 1 seconds for response
mai 16 16:30:58 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 2 seconds for response
mai 16 16:30:58 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 2 seconds for response
mai 16 16:31:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 4 seconds for response
mai 16 16:31:00 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 4 seconds for response
mai 16 16:31:04 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 8 seconds for response
mai 16 16:31:04 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 8 seconds for response
mai 16 16:31:06 localhost.localdomain nm-l2tp-service[6100]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
mai 16 16:31:06 localhost.localdomain NetworkManager[1052]: <info> [1589639466.6711] vpn-connection[0x13ce790,9a3e0517-0155-4919-8465-f43932db51de,"VPN Babsentreprise",0]: VPN plugin: state changed: stopped (6)
mai 16 16:31:06 localhost.localdomain NetworkManager[1052]: <info> [1589639466.6747] vpn-connection[0x13ce790,9a3e0517-0155-4919-8465-f43932db51de,"VPN Babsentreprise",0]: VPN service disappeared
mai 16 16:31:06 localhost.localdomain NetworkManager[1052]: <warn> [1589639466.6759] vpn-connection[0x13ce790,9a3e0517-0155-4919-8465-f43932db51de,"VPN Babsentreprise",0]: VPN connection: failed to connect: 'Message recipient disconnected fr>
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/Button.qml:99: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:362: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:363: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:364: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:365: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/Button.qml:99: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/Button.qml:99: TypeError: Type error
mai 16 16:31:12 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 16 seconds for response
mai 16 16:31:12 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 16 seconds for response
mai 16 16:31:28 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 32 seconds for response
mai 16 16:31:28 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 32 seconds for response
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: 60 second timeout exceeded after 7 retransmits. No response (or no acceptable response) to our first IKEv2 message
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: starting keying attempt 2 of an unlimited number, but releasing whack
mai 16 16:32:00 localhost.localdomain NetworkManager[1052]: 031 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: 60 second timeout exceeded after 7 retransmits. No response (or no acceptable response) to our first IKEv2 mess>
mai 16 16:32:00 localhost.localdomain NetworkManager[1052]: 000 "9a3e0517-0155-4919-8465-f43932db51de" #1: starting keying attempt 2 of an unlimited number, but releasing whack
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: initiating v2 parent SA to replace #1
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: deleting state (STATE_PARENT_I1) aged 64.029s and NOT sending notification
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: deleting IKE SA for connection '9a3e0517-0155-4919-8465-f43932db51de' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS
mai 16 16:32:00 localhost.localdomain pluto[6404]: Initiating connection 9a3e0517-0155-4919-8465-f43932db51de which received a Delete/Notify but must remain up per local policy
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: sent v2I1, expected v2R1
mai 16 16:32:01 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response
mai 16 16:32:01 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 1 seconds for response
mai 16 16:32:02 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 2 seconds for response
mai 16 16:32:04 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 4 seconds for response
mai 16 16:32:08 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 8 seconds for response
...skipping...
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 127.255.255.255 via dev lo src 127.0.0.1 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.0 via dev wlo1 src 192.168.0.7 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.7 via dev wlo1 src 192.168.0.7 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.255 via dev wlo1 src 192.168.0.7 table 255 (ignored)
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: seeking_src = 1, seeking_gateway = 0, has_peer = 1
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: seeking_src = 1, seeking_gateway = 0, has_dst = 1
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: dst 192.168.0.254 via dev wlo1 src 192.168.0.7 table 254
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: set addr: 192.168.0.7
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: seeking_src = 0, seeking_gateway = 0, has_peer = 1
mai 16 16:30:56 localhost.localdomain pluto[6404]: added connection description "9a3e0517-0155-4919-8465-f43932db51de"
mai 16 16:30:56 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: initiating v2 parent SA
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 002 "9a3e0517-0155-4919-8465-f43932db51de" #1: initiating v2 parent SA
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 133 "9a3e0517-0155-4919-8465-f43932db51de" #1: initiate
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 002 "9a3e0517-0155-4919-8465-f43932db51de": constructed local IKE proposals for 9a3e0517-0155-4919-8465-f43932db51de (IKE SA initiator selecting KE): 1:IKE:ENCR=AES_GCM_C_256;P>
mai 16 16:30:56 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de": constructed local IKE proposals for 9a3e0517-0155-4919-8465-f43932db51de (IKE SA initiator selecting KE): 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_>
mai 16 16:30:56 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: sent v2I1, expected v2R1
mai 16 16:30:56 localhost.localdomain NetworkManager[1052]: 133 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: sent v2I1, expected v2R1
mai 16 16:30:57 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response
mai 16 16:30:57 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response
mai 16 16:30:57 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 1 seconds for response
mai 16 16:30:57 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 1 seconds for response
mai 16 16:30:58 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 2 seconds for response
mai 16 16:30:58 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 2 seconds for response
mai 16 16:31:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 4 seconds for response
mai 16 16:31:00 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 4 seconds for response
mai 16 16:31:04 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 8 seconds for response
mai 16 16:31:04 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 8 seconds for response
mai 16 16:31:06 localhost.localdomain nm-l2tp-service[6100]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
mai 16 16:31:06 localhost.localdomain NetworkManager[1052]: <info> [1589639466.6711] vpn-connection[0x13ce790,9a3e0517-0155-4919-8465-f43932db51de,"VPN Babsentreprise",0]: VPN plugin: state changed: stopped (6)
mai 16 16:31:06 localhost.localdomain NetworkManager[1052]: <info> [1589639466.6747] vpn-connection[0x13ce790,9a3e0517-0155-4919-8465-f43932db51de,"VPN Babsentreprise",0]: VPN service disappeared
mai 16 16:31:06 localhost.localdomain NetworkManager[1052]: <warn> [1589639466.6759] vpn-connection[0x13ce790,9a3e0517-0155-4919-8465-f43932db51de,"VPN Babsentreprise",0]: VPN connection: failed to connect: 'Message recipient disconnected fr>
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/Button.qml:99: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:362: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:363: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:364: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/ScrollView.qml:365: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/Button.qml:99: TypeError: Type error
mai 16 16:31:06 localhost.localdomain plasmashell[6808]: file:///usr/lib64/qt5/qml/QtQuick/Controls/Button.qml:99: TypeError: Type error
mai 16 16:31:12 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 16 seconds for response
mai 16 16:31:12 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 16 seconds for response
mai 16 16:31:28 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 32 seconds for response
mai 16 16:31:28 localhost.localdomain NetworkManager[1052]: 010 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: retransmission; will wait 32 seconds for response
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: 60 second timeout exceeded after 7 retransmits. No response (or no acceptable response) to our first IKEv2 message
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: starting keying attempt 2 of an unlimited number, but releasing whack
mai 16 16:32:00 localhost.localdomain NetworkManager[1052]: 031 "9a3e0517-0155-4919-8465-f43932db51de" #1: STATE_PARENT_I1: 60 second timeout exceeded after 7 retransmits. No response (or no acceptable response) to our first IKEv2 mess>
mai 16 16:32:00 localhost.localdomain NetworkManager[1052]: 000 "9a3e0517-0155-4919-8465-f43932db51de" #1: starting keying attempt 2 of an unlimited number, but releasing whack
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: initiating v2 parent SA to replace #1
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: deleting state (STATE_PARENT_I1) aged 64.029s and NOT sending notification
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #1: deleting IKE SA for connection '9a3e0517-0155-4919-8465-f43932db51de' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS
mai 16 16:32:00 localhost.localdomain pluto[6404]: Initiating connection 9a3e0517-0155-4919-8465-f43932db51de which received a Delete/Notify but must remain up per local policy
mai 16 16:32:00 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: sent v2I1, expected v2R1
mai 16 16:32:01 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 0.5 seconds for response
mai 16 16:32:01 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 1 seconds for response
mai 16 16:32:02 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 2 seconds for response
mai 16 16:32:04 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 4 seconds for response
mai 16 16:32:08 localhost.localdomain pluto[6404]: "9a3e0517-0155-4919-8465-f43932db51de" #2: STATE_PARENT_I1: retransmission; will wait 8 seconds for response
nic80 Membre non connecté
-
- Voir le profil du membre nic80
- Inscrit le : 06/08/2018
- Groupes :
-
Modérateur
Le résau local distant est en 192.168.0.X ?
Et le réseau local (la connexion internet locale).
Il est nécessaire que le réseau local (c' est à dire la connexion internet) ne soit pas dans la même plage que celui du réseau distant en vpn, il me semble.
babs3 Membre non connecté
-
- Voir le profil du membre babs3
- Inscrit le : 22/05/2013
- Groupes :
Je vais voir avec l'admin sys de l'entreprise.
Jacques
babs3 Membre non connecté
-
- Voir le profil du membre babs3
- Inscrit le : 22/05/2013
- Groupes :
Je n'arrive toujours pas à utiliser le VPN
Les autres personnes (sous ubuntu, windows ou Mac) y arrivent. Le sysadmin ne voit pas de traces de connexion.
J'ai ce message :
et un core-dump dans les logs :
juil. 01 15:03:02 localhost.localdomain pluto[10406]: ABORT: ASSERTION FAILED: test_gcm_vectors(&ike_alg_encrypt_aes_gcm_16, aes_gcm_tests) (in test_ike_alg() at ike_alg_test.c:41)
juil. 01 15:03:02 localhost.localdomain ipsec[10411]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:03:02 localhost.localdomain libipsecconf[10413]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:03:02 localhost.localdomain systemd[1]: ipsec.service: Failed with result 'core-dump'.
journalctl -e donne cela :
Caché :
juil. 01 15:20:58 localhost.localdomain systemd[1]: ipsec.service: Scheduled restart job, restart counter is at 3.
juil. 01 15:20:58 localhost.localdomain systemd[1]: Stopped Internet Key Exchange (IKE) Protocol Daemon for IPsec.
juil. 01 15:20:58 localhost.localdomain systemd[1]: Starting Internet Key Exchange (IKE) Protocol Daemon for IPsec...
juil. 01 15:20:58 localhost.localdomain addconn[10426]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10426]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain _stackmanager[10427]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10429]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain _stackmanager[10427]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10434]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain ipsec[10693]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10695]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain ipsec[10693]: nflog ipsec capture disabled
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS DB directory: sql:/etc/ipsec.d
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Initializing NSS
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Opening NSS database "sql:/etc/ipsec.d" read-only
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS crypto library initialized
juil. 01 15:20:58 localhost.localdomain pluto[10704]: FIPS Mode: NO
juil. 01 15:20:58 localhost.localdomain pluto[10704]: FIPS mode disabled for pluto daemon
juil. 01 15:20:58 localhost.localdomain pluto[10704]: FIPS HMAC integrity support [disabled]
juil. 01 15:20:58 localhost.localdomain pluto[10704]: libcap-ng support [enabled]
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Linux audit support [enabled]
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Warning: kernel has no audit support
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Starting Pluto (Libreswan Version 3.32 XFRM(netkey) XFRMI esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) (native-PRF) DNSSEC SYSTEMD_WATCHDOG LABELED_IPSEC SECCOMP LIBC>
juil. 01 15:20:58 localhost.localdomain pluto[10704]: core dump dir: /run/pluto
juil. 01 15:20:58 localhost.localdomain pluto[10704]: secrets file: /etc/ipsec.secrets
juil. 01 15:20:58 localhost.localdomain pluto[10704]: leak-detective enabled
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS crypto [enabled]
juil. 01 15:20:58 localhost.localdomain pluto[10704]: XAUTH PAM support [enabled]
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NAT-Traversal support [enabled]
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Encryption algorithms:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a
juil. 01 15:20:58 localhost.localdomain pluto[10704]: 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des
juil. 01 15:20:58 localhost.localdomain pluto[10704]: CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128}
juil. 01 15:20:58 localhost.localdomain pluto[10704]: CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes
juil. 01 15:20:58 localhost.localdomain pluto[10704]: SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent
juil. 01 15:20:58 localhost.localdomain pluto[10704]: TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish
juil. 01 15:20:58 localhost.localdomain pluto[10704]: TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NULL IKEv1: ESP IKEv2: ESP []
juil. 01 15:20:58 localhost.localdomain pluto[10704]: CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Hash algorithms:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MD5 IKEv1: IKE IKEv2:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: SHA1 IKEv1: IKE IKEv2: FIPS sha
juil. 01 15:20:58 localhost.localdomain pluto[10704]: SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256
juil. 01 15:20:58 localhost.localdomain pluto[10704]: SHA2_384 IKEv1: IKE IKEv2: FIPS sha384
juil. 01 15:20:58 localhost.localdomain pluto[10704]: SHA2_512 IKEv1: IKE IKEv2: FIPS sha512
juil. 01 15:20:58 localhost.localdomain pluto[10704]: PRF algorithms:
juil. 01 15:20:58 localhost.localdomain systemd[1]: ipsec.service: Main process exited, code=dumped, status=6/ABRT
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS sha2, sha256, sha2_256
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS sha384, sha2_384
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS sha512, sha2_512
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_XCBC IKEv1: IKEv2: IKE aes128_xcbc
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Integrity algorithms:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH md5, hmac_md5
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NONE IKEv1: ESP IKEv2: IKE ESP FIPS null
juil. 01 15:20:58 localhost.localdomain pluto[10704]: DH algorithms:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18
juil. 01 15:20:58 localhost.localdomain pluto[10704]: DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256
juil. 01 15:20:58 localhost.localdomain pluto[10704]: DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384
juil. 01 15:20:58 localhost.localdomain pluto[10704]: DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521
juil. 01 15:20:58 localhost.localdomain pluto[10704]: DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519
juil. 01 15:20:58 localhost.localdomain pluto[10704]: testing CAMELLIA_CBC:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Camellia: 16 bytes with 128-bit key
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Camellia: 16 bytes with 128-bit key
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Camellia: 16 bytes with 256-bit key
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Camellia: 16 bytes with 256-bit key
juil. 01 15:20:58 localhost.localdomain pluto[10704]: testing AES_GCM_16:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: empty string
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: one block
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: two blocks
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: two blocks with associated data
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: ABORT: ASSERTION FAILED: test_gcm_vectors(&ike_alg_encrypt_aes_gcm_16, aes_gcm_tests) (in test_ike_alg() at ike_alg_test.c:41)
juil. 01 15:20:58 localhost.localdomain ipsec[10709]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10711]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain systemd[1]: ipsec.service: Failed with result 'core-dump'.
juil. 01 15:20:58 localhost.localdomain systemd[1]: Failed to start Internet Key Exchange (IKE) Protocol Daemon for IPsec.
juil. 01 15:20:58 localhost.localdomain systemd[1]: ipsec.service: Scheduled restart job, restart counter is at 4.
juil. 01 15:20:58 localhost.localdomain systemd[1]: Stopped Internet Key Exchange (IKE) Protocol Daemon for IPsec.
juil. 01 15:20:58 localhost.localdomain systemd[1]: Starting Internet Key Exchange (IKE) Protocol Daemon for IPsec...
juil. 01 15:20:58 localhost.localdomain addconn[10715]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10715]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain _stackmanager[10716]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10723]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:59 localhost.localdomain ipsec[10998]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:59 localhost.localdomain libipsecconf[11000]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:59 localhost.localdomain ipsec[10998]: nflog ipsec capture disabled
juil. 01 15:20:59 localhost.localdomain pluto[11009]: NSS DB directory: sql:/etc/ipsec.d
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Initializing NSS
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Opening NSS database "sql:/etc/ipsec.d" read-only
juil. 01 15:20:59 localhost.localdomain pluto[11009]: NSS crypto library initialized
juil. 01 15:20:59 localhost.localdomain pluto[11009]: FIPS Mode: NO
juil. 01 15:20:59 localhost.localdomain pluto[11009]: FIPS mode disabled for pluto daemon
juil. 01 15:20:59 localhost.localdomain pluto[11009]: FIPS HMAC integrity support [disabled]
juil. 01 15:20:59 localhost.localdomain pluto[11009]: libcap-ng support [enabled]
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Linux audit support [enabled]
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Warning: kernel has no audit support
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Starting Pluto (Libreswan Version 3.32 XFRM(netkey) XFRMI esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) (native-PRF) DNSSEC SYSTEMD_WATCHDOG LABELED_IPSEC SECCOMP LIBC>
juil. 01 15:20:59 localhost.localdomain pluto[11009]: core dump dir: /run/pluto
juil. 01 15:20:59 localhost.localdomain pluto[11009]: secrets file: /etc/ipsec.secrets
juil. 01 15:20:59 localhost.localdomain pluto[11009]: leak-detective enabled
juil. 01 15:20:59 localhost.localdomain pluto[11009]: NSS crypto [enabled]
juil. 01 15:20:59 localhost.localdomain pluto[11009]: XAUTH PAM support [enabled]
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800)
juil. 01 15:20:59 localhost.localdomain pluto[11009]: NAT-Traversal support [enabled]
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Encryption algorithms:
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a
juil. 01 15:20:59 localhost.localdomain pluto[11009]: 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des
juil. 01 15:20:59 localhost.localdomain pluto[11009]: CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128}
juil. 01 15:20:59 localhost.localdomain pluto[11009]: CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes
juil. 01 15:20:59 localhost.localdomain pluto[11009]: SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent
juil. 01 15:20:59 localhost.localdomain pluto[11009]: TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish
juil. 01 15:20:59 localhost.localdomain pluto[11009]: TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh
juil. 01 15:20:59 localhost.localdomain pluto[11009]: NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac
juil. 01 15:20:59 localhost.localdomain pluto[11009]: NULL IKEv1: ESP IKEv2: ESP []
juil. 01 15:20:59 localhost.localdomain pluto[11009]: CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Hash algorithms:
juil. 01 15:20:59 localhost.localdomain pluto[11009]: MD5 IKEv1: IKE IKEv2:
juil. 01 15:20:59 localhost.localdomain pluto[11009]: SHA1 IKEv1: IKE IKEv2: FIPS sha
juil. 01 15:20:59 localhost.localdomain pluto[11009]: SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256
juil. 01 15:20:59 localhost.localdomain pluto[11009]: SHA2_384 IKEv1: IKE IKEv2: FIPS sha384
juil. 01 15:20:59 localhost.localdomain pluto[11009]: SHA2_512 IKEv1: IKE IKEv2: FIPS sha512
juil. 01 15:20:59 localhost.localdomain pluto[11009]: PRF algorithms:
juil. 01 15:20:59 localhost.localdomain pluto[11009]: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5
juil. 01 15:20:59 localhost.localdomain systemd[1]: ipsec.service: Main process exited, code=dumped, status=6/ABRT
juil. 01 15:20:59 localhost.localdomain pluto[11009]: HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1
juil. 01 15:03:02 localhost.localdomain pluto[10406]: HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256
juil. 01 15:03:02 localhost.localdomain pluto[10406]: HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH
juil. 01 15:03:02 localhost.localdomain pluto[10406]: AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96
juil. 01 15:03:02 localhost.localdomain pluto[10406]: AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NONE IKEv1: ESP IKEv2: IKE ESP FIPS null
juil. 01 15:03:02 localhost.localdomain pluto[10406]: DH algorithms:
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0
juil. 01 15:03:02 localhost.localdomain pluto[10406]: MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5
juil. 01 15:03:02 localhost.localdomain pluto[10406]: MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14
juil. 01 15:03:02 localhost.localdomain pluto[10406]: MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15
juil. 01 15:03:02 localhost.localdomain pluto[10406]: MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16
juil. 01 15:03:02 localhost.localdomain pluto[10406]: MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17
juil. 01 15:03:02 localhost.localdomain pluto[10406]: MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18
juil. 01 15:03:02 localhost.localdomain pluto[10406]: DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256
juil. 01 15:03:02 localhost.localdomain pluto[10406]: DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384
juil. 01 15:03:02 localhost.localdomain pluto[10406]: DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521
juil. 01 15:03:02 localhost.localdomain pluto[10406]: DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519
juil. 01 15:03:02 localhost.localdomain pluto[10406]: testing CAMELLIA_CBC:
juil. 01 15:03:02 localhost.localdomain pluto[10406]: Camellia: 16 bytes with 128-bit key
juil. 01 15:03:02 localhost.localdomain pluto[10406]: Camellia: 16 bytes with 128-bit key
juil. 01 15:03:02 localhost.localdomain pluto[10406]: Camellia: 16 bytes with 256-bit key
juil. 01 15:03:02 localhost.localdomain pluto[10406]: Camellia: 16 bytes with 256-bit key
juil. 01 15:03:02 localhost.localdomain pluto[10406]: testing AES_GCM_16:
juil. 01 15:03:02 localhost.localdomain pluto[10406]: empty string
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: one block
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: two blocks
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: two blocks with associated data
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: ABORT: ASSERTION FAILED: test_gcm_vectors(&ike_alg_encrypt_aes_gcm_16, aes_gcm_tests) (in test_ike_alg() at ike_alg_test.c:41)
juil. 01 15:03:02 localhost.localdomain ipsec[10411]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:03:02 localhost.localdomain libipsecconf[10413]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:03:02 localhost.localdomain systemd[1]: ipsec.service: Failed with result 'core-dump'.
juil. 01 15:03:02 localhost.localdomain systemd[1]: Failed to start Internet Key Exchange (IKE) Protocol Daemon for IPsec.
juil. 01 15:03:02 localhost.localdomain systemd[1]: ipsec.service: Scheduled restart job, restart counter is at 5.
juil. 01 15:03:02 localhost.localdomain systemd[1]: Stopped Internet Key Exchange (IKE) Protocol Daemon for IPsec.
juil. 01 15:03:02 localhost.localdomain systemd[1]: ipsec.service: Start request repeated too quickly.
juil. 01 15:03:02 localhost.localdomain systemd[1]: ipsec.service: Failed with result 'core-dump'.
juil. 01 15:03:02 localhost.localdomain systemd[1]: Failed to start Internet Key Exchange (IKE) Protocol Daemon for IPsec.
juil. 01 15:20:58 localhost.localdomain systemd[1]: ipsec.service: Scheduled restart job, restart counter is at 3.
juil. 01 15:20:58 localhost.localdomain systemd[1]: Stopped Internet Key Exchange (IKE) Protocol Daemon for IPsec.
juil. 01 15:20:58 localhost.localdomain systemd[1]: Starting Internet Key Exchange (IKE) Protocol Daemon for IPsec...
juil. 01 15:20:58 localhost.localdomain addconn[10426]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10426]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain _stackmanager[10427]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10429]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain _stackmanager[10427]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10434]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain ipsec[10693]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10695]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain ipsec[10693]: nflog ipsec capture disabled
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS DB directory: sql:/etc/ipsec.d
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Initializing NSS
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Opening NSS database "sql:/etc/ipsec.d" read-only
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS crypto library initialized
juil. 01 15:20:58 localhost.localdomain pluto[10704]: FIPS Mode: NO
juil. 01 15:20:58 localhost.localdomain pluto[10704]: FIPS mode disabled for pluto daemon
juil. 01 15:20:58 localhost.localdomain pluto[10704]: FIPS HMAC integrity support [disabled]
juil. 01 15:20:58 localhost.localdomain pluto[10704]: libcap-ng support [enabled]
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Linux audit support [enabled]
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Warning: kernel has no audit support
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Starting Pluto (Libreswan Version 3.32 XFRM(netkey) XFRMI esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) (native-PRF) DNSSEC SYSTEMD_WATCHDOG LABELED_IPSEC SECCOMP LIBC>
juil. 01 15:20:58 localhost.localdomain pluto[10704]: core dump dir: /run/pluto
juil. 01 15:20:58 localhost.localdomain pluto[10704]: secrets file: /etc/ipsec.secrets
juil. 01 15:20:58 localhost.localdomain pluto[10704]: leak-detective enabled
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS crypto [enabled]
juil. 01 15:20:58 localhost.localdomain pluto[10704]: XAUTH PAM support [enabled]
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NAT-Traversal support [enabled]
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Encryption algorithms:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a
juil. 01 15:20:58 localhost.localdomain pluto[10704]: 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des
juil. 01 15:20:58 localhost.localdomain pluto[10704]: CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128}
juil. 01 15:20:58 localhost.localdomain pluto[10704]: CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes
juil. 01 15:20:58 localhost.localdomain pluto[10704]: SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent
juil. 01 15:20:58 localhost.localdomain pluto[10704]: TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish
juil. 01 15:20:58 localhost.localdomain pluto[10704]: TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NULL IKEv1: ESP IKEv2: ESP []
juil. 01 15:20:58 localhost.localdomain pluto[10704]: CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Hash algorithms:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MD5 IKEv1: IKE IKEv2:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: SHA1 IKEv1: IKE IKEv2: FIPS sha
juil. 01 15:20:58 localhost.localdomain pluto[10704]: SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256
juil. 01 15:20:58 localhost.localdomain pluto[10704]: SHA2_384 IKEv1: IKE IKEv2: FIPS sha384
juil. 01 15:20:58 localhost.localdomain pluto[10704]: SHA2_512 IKEv1: IKE IKEv2: FIPS sha512
juil. 01 15:20:58 localhost.localdomain pluto[10704]: PRF algorithms:
juil. 01 15:20:58 localhost.localdomain systemd[1]: ipsec.service: Main process exited, code=dumped, status=6/ABRT
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS sha2, sha256, sha2_256
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS sha384, sha2_384
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS sha512, sha2_512
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_XCBC IKEv1: IKEv2: IKE aes128_xcbc
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Integrity algorithms:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH md5, hmac_md5
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256
juil. 01 15:20:58 localhost.localdomain pluto[10704]: HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96
juil. 01 15:20:58 localhost.localdomain pluto[10704]: AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NONE IKEv1: ESP IKEv2: IKE ESP FIPS null
juil. 01 15:20:58 localhost.localdomain pluto[10704]: DH algorithms:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17
juil. 01 15:20:58 localhost.localdomain pluto[10704]: MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18
juil. 01 15:20:58 localhost.localdomain pluto[10704]: DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256
juil. 01 15:20:58 localhost.localdomain pluto[10704]: DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384
juil. 01 15:20:58 localhost.localdomain pluto[10704]: DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521
juil. 01 15:20:58 localhost.localdomain pluto[10704]: DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519
juil. 01 15:20:58 localhost.localdomain pluto[10704]: testing CAMELLIA_CBC:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Camellia: 16 bytes with 128-bit key
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Camellia: 16 bytes with 128-bit key
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Camellia: 16 bytes with 256-bit key
juil. 01 15:20:58 localhost.localdomain pluto[10704]: Camellia: 16 bytes with 256-bit key
juil. 01 15:20:58 localhost.localdomain pluto[10704]: testing AES_GCM_16:
juil. 01 15:20:58 localhost.localdomain pluto[10704]: empty string
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: one block
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: two blocks
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: two blocks with associated data
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:20:58 localhost.localdomain pluto[10704]: ABORT: ASSERTION FAILED: test_gcm_vectors(&ike_alg_encrypt_aes_gcm_16, aes_gcm_tests) (in test_ike_alg() at ike_alg_test.c:41)
juil. 01 15:20:58 localhost.localdomain ipsec[10709]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10711]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain systemd[1]: ipsec.service: Failed with result 'core-dump'.
juil. 01 15:20:58 localhost.localdomain systemd[1]: Failed to start Internet Key Exchange (IKE) Protocol Daemon for IPsec.
juil. 01 15:20:58 localhost.localdomain systemd[1]: ipsec.service: Scheduled restart job, restart counter is at 4.
juil. 01 15:20:58 localhost.localdomain systemd[1]: Stopped Internet Key Exchange (IKE) Protocol Daemon for IPsec.
juil. 01 15:20:58 localhost.localdomain systemd[1]: Starting Internet Key Exchange (IKE) Protocol Daemon for IPsec...
juil. 01 15:20:58 localhost.localdomain addconn[10715]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10715]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain _stackmanager[10716]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:58 localhost.localdomain libipsecconf[10723]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:59 localhost.localdomain ipsec[10998]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:59 localhost.localdomain libipsecconf[11000]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:20:59 localhost.localdomain ipsec[10998]: nflog ipsec capture disabled
juil. 01 15:20:59 localhost.localdomain pluto[11009]: NSS DB directory: sql:/etc/ipsec.d
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Initializing NSS
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Opening NSS database "sql:/etc/ipsec.d" read-only
juil. 01 15:20:59 localhost.localdomain pluto[11009]: NSS crypto library initialized
juil. 01 15:20:59 localhost.localdomain pluto[11009]: FIPS Mode: NO
juil. 01 15:20:59 localhost.localdomain pluto[11009]: FIPS mode disabled for pluto daemon
juil. 01 15:20:59 localhost.localdomain pluto[11009]: FIPS HMAC integrity support [disabled]
juil. 01 15:20:59 localhost.localdomain pluto[11009]: libcap-ng support [enabled]
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Linux audit support [enabled]
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Warning: kernel has no audit support
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Starting Pluto (Libreswan Version 3.32 XFRM(netkey) XFRMI esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) (native-PRF) DNSSEC SYSTEMD_WATCHDOG LABELED_IPSEC SECCOMP LIBC>
juil. 01 15:20:59 localhost.localdomain pluto[11009]: core dump dir: /run/pluto
juil. 01 15:20:59 localhost.localdomain pluto[11009]: secrets file: /etc/ipsec.secrets
juil. 01 15:20:59 localhost.localdomain pluto[11009]: leak-detective enabled
juil. 01 15:20:59 localhost.localdomain pluto[11009]: NSS crypto [enabled]
juil. 01 15:20:59 localhost.localdomain pluto[11009]: XAUTH PAM support [enabled]
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800)
juil. 01 15:20:59 localhost.localdomain pluto[11009]: NAT-Traversal support [enabled]
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Encryption algorithms:
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a
juil. 01 15:20:59 localhost.localdomain pluto[11009]: 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des
juil. 01 15:20:59 localhost.localdomain pluto[11009]: CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128}
juil. 01 15:20:59 localhost.localdomain pluto[11009]: CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr
juil. 01 15:20:59 localhost.localdomain pluto[11009]: AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes
juil. 01 15:20:59 localhost.localdomain pluto[11009]: SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent
juil. 01 15:20:59 localhost.localdomain pluto[11009]: TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish
juil. 01 15:20:59 localhost.localdomain pluto[11009]: TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh
juil. 01 15:20:59 localhost.localdomain pluto[11009]: NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac
juil. 01 15:20:59 localhost.localdomain pluto[11009]: NULL IKEv1: ESP IKEv2: ESP []
juil. 01 15:20:59 localhost.localdomain pluto[11009]: CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305
juil. 01 15:20:59 localhost.localdomain pluto[11009]: Hash algorithms:
juil. 01 15:20:59 localhost.localdomain pluto[11009]: MD5 IKEv1: IKE IKEv2:
juil. 01 15:20:59 localhost.localdomain pluto[11009]: SHA1 IKEv1: IKE IKEv2: FIPS sha
juil. 01 15:20:59 localhost.localdomain pluto[11009]: SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256
juil. 01 15:20:59 localhost.localdomain pluto[11009]: SHA2_384 IKEv1: IKE IKEv2: FIPS sha384
juil. 01 15:20:59 localhost.localdomain pluto[11009]: SHA2_512 IKEv1: IKE IKEv2: FIPS sha512
juil. 01 15:20:59 localhost.localdomain pluto[11009]: PRF algorithms:
juil. 01 15:20:59 localhost.localdomain pluto[11009]: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5
juil. 01 15:20:59 localhost.localdomain systemd[1]: ipsec.service: Main process exited, code=dumped, status=6/ABRT
juil. 01 15:20:59 localhost.localdomain pluto[11009]: HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1
juil. 01 15:03:02 localhost.localdomain pluto[10406]: HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256
juil. 01 15:03:02 localhost.localdomain pluto[10406]: HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH
juil. 01 15:03:02 localhost.localdomain pluto[10406]: AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96
juil. 01 15:03:02 localhost.localdomain pluto[10406]: AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NONE IKEv1: ESP IKEv2: IKE ESP FIPS null
juil. 01 15:03:02 localhost.localdomain pluto[10406]: DH algorithms:
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0
juil. 01 15:03:02 localhost.localdomain pluto[10406]: MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5
juil. 01 15:03:02 localhost.localdomain pluto[10406]: MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14
juil. 01 15:03:02 localhost.localdomain pluto[10406]: MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15
juil. 01 15:03:02 localhost.localdomain pluto[10406]: MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16
juil. 01 15:03:02 localhost.localdomain pluto[10406]: MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17
juil. 01 15:03:02 localhost.localdomain pluto[10406]: MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18
juil. 01 15:03:02 localhost.localdomain pluto[10406]: DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256
juil. 01 15:03:02 localhost.localdomain pluto[10406]: DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384
juil. 01 15:03:02 localhost.localdomain pluto[10406]: DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521
juil. 01 15:03:02 localhost.localdomain pluto[10406]: DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519
juil. 01 15:03:02 localhost.localdomain pluto[10406]: testing CAMELLIA_CBC:
juil. 01 15:03:02 localhost.localdomain pluto[10406]: Camellia: 16 bytes with 128-bit key
juil. 01 15:03:02 localhost.localdomain pluto[10406]: Camellia: 16 bytes with 128-bit key
juil. 01 15:03:02 localhost.localdomain pluto[10406]: Camellia: 16 bytes with 256-bit key
juil. 01 15:03:02 localhost.localdomain pluto[10406]: Camellia: 16 bytes with 256-bit key
juil. 01 15:03:02 localhost.localdomain pluto[10406]: testing AES_GCM_16:
juil. 01 15:03:02 localhost.localdomain pluto[10406]: empty string
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: one block
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: two blocks
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: two blocks with associated data
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD decryption using AES_GCM_16_128 and PK11_Decrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: NSS: AEAD encryption using AES_GCM_16_128 and PK11_Encrypt() failed (SECERR: 2 (0x2): security library: received bad data.)
juil. 01 15:03:02 localhost.localdomain pluto[10406]: ABORT: ASSERTION FAILED: test_gcm_vectors(&ike_alg_encrypt_aes_gcm_16, aes_gcm_tests) (in test_ike_alg() at ike_alg_test.c:41)
juil. 01 15:03:02 localhost.localdomain ipsec[10411]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:03:02 localhost.localdomain libipsecconf[10413]: warning: could not open include filename: '/etc/crypto-policies/back-ends/libreswan.config'
juil. 01 15:03:02 localhost.localdomain systemd[1]: ipsec.service: Failed with result 'core-dump'.
juil. 01 15:03:02 localhost.localdomain systemd[1]: Failed to start Internet Key Exchange (IKE) Protocol Daemon for IPsec.
juil. 01 15:03:02 localhost.localdomain systemd[1]: ipsec.service: Scheduled restart job, restart counter is at 5.
juil. 01 15:03:02 localhost.localdomain systemd[1]: Stopped Internet Key Exchange (IKE) Protocol Daemon for IPsec.
juil. 01 15:03:02 localhost.localdomain systemd[1]: ipsec.service: Start request repeated too quickly.
juil. 01 15:03:02 localhost.localdomain systemd[1]: ipsec.service: Failed with result 'core-dump'.
juil. 01 15:03:02 localhost.localdomain systemd[1]: Failed to start Internet Key Exchange (IKE) Protocol Daemon for IPsec.
Merci pour votre aide,
Jacques
Édité par babs3 Le 01/07/2020 à 15h29
babs3 Membre non connecté
-
- Voir le profil du membre babs3
- Inscrit le : 22/05/2013
- Groupes :
Il y a un bug report ici :
https://bugs.mageia.org/show_bug.cgi?id=26716
"The ipsec.service provided by libreswan package version 3.32 does not start due to an error testing AES_GCM_16.
It is worth mentioning that versions 3.27 and 3.29 work perfectly. (This is tested on Mageia 7, but version 3.32 is crashing on Mageia 7 as well)"
Papoteur Membre non connecté
-
- Voir le profil du membre Papoteur
- Inscrit le : 03/10/2011
- Groupes :
-
Modérateur
-
Équipe Mageia
-
Administrateur
-
Forgeron
Comme moyen de contournement, tu pourrais essayer :
Code BASH :
urpmi --downgrade nsset vérifier que c'est bien la version 3.51 qui t'est proposée.
Le souci est-il récent, ou tu n'as jamais réussi à faire fonctionner le vpn ?
babs3 Membre non connecté
-
- Voir le profil du membre babs3
- Inscrit le : 22/05/2013
- Groupes :
Je n'ai jamais réussi à faire fonctionner le VPN.
Il me propose :
urpmi --downgrade nss
Afin de poursuivre la mise à jour, le paquetage suivant doit être désinstallé :
nss-3.52.0-1.mga7.x86_64
(pour installer le paquetage nss-3.52.0-1.mga7.x86_64) (o/N)
Merci pour tes conseils,
Jacques
Répondre
Vous n'êtes pas autorisé à écrire dans cette catégorie