Community discussions

MikroTik App
 
luberfly
just joined
Topic Author
Posts: 13
Joined: Fri Jun 02, 2017 12:31 am
Location: Italy

L2TP Site to Site - Continue IPsec-SA expired/purged IPsec-SA log message

Wed Jul 21, 2021 9:52 am

Dear friends,
I have an L2TP VPN site to site. One site (in the attached file log IP is 123.123.123.123) that is the datacenter with CISCO Firewall, and other sides one with RB-3011 and one with CCR-1009
The VPN until last year was stable, theInternet service provider was Italian Telecom.
In Genuary 2021 the owner change internet service provider from Telecom to Italian Vodafone, then I have an instable VPN into RB3011.
I have a lots of ipsec logs, sometimes there is difficult to estabilshed connection, and often appear IPsec-SA expired.
Someone can explain me the message log and help me to avoid the error ipsec logs.
I attach a file with full logs and list last entry logs.
The pear interested is 123.123.123.123 (datacenter) and 111.111.111.111 (my RB3011).

Best Regards
Luca
Italy
Jul/21/2021 06:03:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x3f4afb5
Jul/21/2021 06:03:29 ipsec Log CSU-RB3011: initiate new phase 2 negotiation: 123.123.123.123[500]<=>111.111.111.111[500]
Jul/21/2021 06:03:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0xb8751b07
Jul/21/2021 06:03:29 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[500]<=>111.111.111.111[500] 035dad65be375615:fcbd6c53f54c99c1:0000b746
Jul/21/2021 06:03:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x246b212
Jul/21/2021 06:03:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x4bdba4c9
Jul/21/2021 06:03:29 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0xb8751b07
Jul/21/2021 06:03:29 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x3f4afb5
Jul/21/2021 06:11:14 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x28770e3
Jul/21/2021 06:11:14 ipsec Log CSU-RB3011: initiate new phase 2 negotiation: 123.123.123.123[500]<=>111.111.111.111[500]
Jul/21/2021 06:11:14 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x79806ab8
Jul/21/2021 06:11:14 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[500]<=>111.111.111.111[500] 035dad65be375615:fcbd6c53f54c99c1:000099a5
Jul/21/2021 06:11:14 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x51ebdc1
Jul/21/2021 06:11:14 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0xec15acde
Jul/21/2021 06:11:14 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x79806ab8
Jul/21/2021 06:11:14 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x28770e3
Jul/21/2021 06:27:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x246b212
Jul/21/2021 06:27:29 ipsec Log CSU-RB3011: initiate new phase 2 negotiation: 123.123.123.123[500]<=>111.111.111.111[500]
Jul/21/2021 06:27:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x4bdba4c9
Jul/21/2021 06:27:29 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[500]<=>111.111.111.111[500] 035dad65be375615:fcbd6c53f54c99c1:0000eb88
Jul/21/2021 06:27:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x1ada11d
Jul/21/2021 06:27:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0xc73d591e
Jul/21/2021 06:27:59 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x4bdba4c9
Jul/21/2021 06:27:59 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x246b212
Jul/21/2021 06:35:14 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x51ebdc1
Jul/21/2021 06:35:14 ipsec Log CSU-RB3011: initiate new phase 2 negotiation: 123.123.123.123[500]<=>111.111.111.111[500]
Jul/21/2021 06:35:14 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0xec15acde
Jul/21/2021 06:35:14 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[500]<=>111.111.111.111[500] 035dad65be375615:fcbd6c53f54c99c1:00008f3d
Jul/21/2021 06:35:14 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x3e08484
Jul/21/2021 06:35:14 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0xd3b33a62
Jul/21/2021 06:35:40 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0xec15acde
Jul/21/2021 06:35:40 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x51ebdc1
Jul/21/2021 06:51:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x1ada11d
Jul/21/2021 06:51:29 ipsec Log CSU-RB3011: initiate new phase 2 negotiation: 123.123.123.123[500]<=>111.111.111.111[500]
Jul/21/2021 06:51:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0xc73d591e
Jul/21/2021 06:51:29 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[500]<=>111.111.111.111[500] 035dad65be375615:fcbd6c53f54c99c1:0000cae2
Jul/21/2021 06:51:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x968b8b4
Jul/21/2021 06:51:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0xcf0e6ff4
Jul/21/2021 06:51:59 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0xc73d591e
Jul/21/2021 06:51:59 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x1ada11d
Jul/21/2021 06:59:14 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x3e08484
Jul/21/2021 06:59:14 ipsec Log CSU-RB3011: initiate new phase 2 negotiation: 123.123.123.123[500]<=>111.111.111.111[500]
Jul/21/2021 06:59:14 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[500]<=>111.111.111.111[500] 035dad65be375615:fcbd6c53f54c99c1:0000d04f
Jul/21/2021 06:59:14 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0xd3b33a62
Jul/21/2021 06:59:14 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x3ab34c8
Jul/21/2021 06:59:14 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x12429670
Jul/21/2021 06:59:14 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0xd3b33a62
Jul/21/2021 06:59:14 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x3e08484
Jul/21/2021 07:15:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x968b8b4
Jul/21/2021 07:15:29 ipsec Log CSU-RB3011: initiate new phase 2 negotiation: 123.123.123.123[500]<=>111.111.111.111[500]
Jul/21/2021 07:15:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0xcf0e6ff4
Jul/21/2021 07:15:29 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[500]<=>111.111.111.111[500] 035dad65be375615:fcbd6c53f54c99c1:0000f4e5
Jul/21/2021 07:15:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0xa235d33
Jul/21/2021 07:15:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x7df35a1a
Jul/21/2021 07:15:59 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0xcf0e6ff4
Jul/21/2021 07:15:59 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x968b8b4
Jul/21/2021 07:23:14 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x3ab34c8
Jul/21/2021 07:23:14 ipsec Log CSU-RB3011: initiate new phase 2 negotiation: 123.123.123.123[500]<=>111.111.111.111[500]
Jul/21/2021 07:23:14 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x12429670
Jul/21/2021 07:23:14 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[500]<=>111.111.111.111[500] 035dad65be375615:fcbd6c53f54c99c1:0000ac6f
Jul/21/2021 07:23:14 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x5e9526
Jul/21/2021 07:23:14 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x36599e3
Jul/21/2021 07:23:23 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x12429670
Jul/21/2021 07:23:23 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x3ab34c8
Jul/21/2021 07:39:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0xa235d33
Jul/21/2021 07:39:29 ipsec Log CSU-RB3011: initiate new phase 2 negotiation: 123.123.123.123[500]<=>111.111.111.111[500]
Jul/21/2021 07:39:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x7df35a1a
Jul/21/2021 07:39:29 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[500]<=>111.111.111.111[500] 035dad65be375615:fcbd6c53f54c99c1:0000db28
Jul/21/2021 07:39:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x6ec05ee
Jul/21/2021 07:39:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0xa4f38fc
Jul/21/2021 07:39:32 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x7df35a1a
Jul/21/2021 07:39:32 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0xa235d33
Jul/21/2021 07:47:14 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x5e9526
Jul/21/2021 07:47:14 ipsec Log CSU-RB3011: initiate new phase 2 negotiation: 123.123.123.123[500]<=>111.111.111.111[500]
Jul/21/2021 07:47:14 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x36599e3
Jul/21/2021 07:47:14 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[500]<=>111.111.111.111[500] 035dad65be375615:fcbd6c53f54c99c1:0000b180
Jul/21/2021 07:47:14 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x7176956
Jul/21/2021 07:47:14 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x5c879c17
Jul/21/2021 07:47:14 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x36599e3
Jul/21/2021 07:47:14 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x5e9526
Jul/21/2021 08:03:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x6ec05ee
Jul/21/2021 08:03:29 ipsec Log CSU-RB3011: initiate new phase 2 negotiation: 123.123.123.123[500]<=>111.111.111.111[500]
Jul/21/2021 08:03:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0xa4f38fc
Jul/21/2021 08:03:29 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[500]<=>111.111.111.111[500] 035dad65be375615:fcbd6c53f54c99c1:0000e315
Jul/21/2021 08:03:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0xa84eb9b
Jul/21/2021 08:03:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x6fb32ab4
Jul/21/2021 08:03:33 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0xa4f38fc
Jul/21/2021 08:03:33 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x6ec05ee
Jul/21/2021 08:11:14 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x7176956
Jul/21/2021 08:11:14 ipsec Log CSU-RB3011: initiate new phase 2 negotiation: 123.123.123.123[500]<=>111.111.111.111[500]
Jul/21/2021 08:11:14 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x5c879c17
Jul/21/2021 08:11:14 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[500]<=>111.111.111.111[500] 035dad65be375615:fcbd6c53f54c99c1:00008675
Jul/21/2021 08:11:14 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0x1e16c87
Jul/21/2021 08:11:14 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0xecd45d27
Jul/21/2021 08:11:14 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x5c879c17
Jul/21/2021 08:11:14 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x7176956
Jul/21/2021 08:27:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0xa84eb9b
Jul/21/2021 08:27:29 ipsec Log CSU-RB3011: initiate new phase 2 negotiation: 123.123.123.123[500]<=>111.111.111.111[500]
Jul/21/2021 08:27:29 ipsec Log CSU-RB3011: IPsec-SA expired: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x6fb32ab4
Jul/21/2021 08:27:29 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[500]<=>111.111.111.111[500] 035dad65be375615:fcbd6c53f54c99c1:0000d0f8
Jul/21/2021 08:27:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 111.111.111.111[500]->123.123.123.123[500] spi=0xff31b2b
Jul/21/2021 08:27:29 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Tunnel 123.123.123.123[500]->111.111.111.111[500] spi=0x6c99ecb0
Jul/21/2021 08:27:37 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0x6fb32ab4
Jul/21/2021 08:27:37 ipsec Log CSU-RB3011: purged IPsec-SA proto_id=ESP spi=0xa84eb9b
Jul/21/2021 08:27:54 ipsec,info Log CSU-RB3011: respond new phase 1 (Identity Protection): 123.123.123.123[500]<=>222.222.222.222[500]
Jul/21/2021 08:27:54 ipsec Log CSU-RB3011: received MS NT5 ISAKMPOAKLEY ID version: 9
Jul/21/2021 08:27:54 ipsec Log CSU-RB3011: received Vendor ID: RFC 3947
Jul/21/2021 08:27:54 ipsec Log CSU-RB3011: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02\n
Jul/21/2021 08:27:54 ipsec Log CSU-RB3011: received Vendor ID: FRAGMENTATION
Jul/21/2021 08:27:54 ipsec Log CSU-RB3011: Fragmentation enabled
Jul/21/2021 08:27:54 ipsec Log CSU-RB3011: 222.222.222.222 Selected NAT-T version: RFC 3947
Jul/21/2021 08:27:54 ipsec Log CSU-RB3011: Adding xauth VID payload.
Jul/21/2021 08:27:54 ipsec Log CSU-RB3011: sent phase1 packet 123.123.123.123[500]<=>222.222.222.222[500] 53d81e912d266e79:a9099415672cdb52
Jul/21/2021 08:27:54 ipsec Log CSU-RB3011: NAT detected: PEER
Jul/21/2021 08:27:54 ipsec Log CSU-RB3011: Adding remote and local NAT-D payloads.
Jul/21/2021 08:27:54 ipsec Log CSU-RB3011: sent phase1 packet 123.123.123.123[500]<=>222.222.222.222[500] 53d81e912d266e79:a9099415672cdb52
Jul/21/2021 08:27:55 ipsec Log CSU-RB3011: NAT-T: ports changed to: 222.222.222.222[4500]<=>123.123.123.123[4500]
Jul/21/2021 08:27:55 ipsec Log CSU-RB3011: KA list add: 123.123.123.123[4500]->222.222.222.222[4500]
Jul/21/2021 08:27:55 ipsec,info Log CSU-RB3011: ISAKMP-SA established 123.123.123.123[4500]-222.222.222.222[4500] spi:53d81e912d266e79:a9099415672cdb52
Jul/21/2021 08:27:55 ipsec Log CSU-RB3011: respond new phase 2 negotiation: 123.123.123.123[4500]<=>222.222.222.222[4500]
Jul/21/2021 08:27:55 ipsec Log CSU-RB3011: searching for policy for selector: 123.123.123.123:1701 ip-proto:17 <=> 222.222.222.222:1701 ip-proto:17
Jul/21/2021 08:27:55 ipsec Log CSU-RB3011: generating policy
Jul/21/2021 08:27:55 ipsec Log CSU-RB3011: Adjusting my encmode UDP-Transport->Transport
Jul/21/2021 08:27:55 ipsec Log CSU-RB3011: Adjusting peer's encmode UDP-Transport(4)->Transport(2)
Jul/21/2021 08:27:55 ipsec Log CSU-RB3011: sent phase2 packet 123.123.123.123[4500]<=>222.222.222.222[4500] 53d81e912d266e79:a9099415672cdb52:00000000
Jul/21/2021 08:27:55 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Transport 222.222.222.222[4500]->123.123.123.123[4500] spi=0x6e68510
Jul/21/2021 08:27:55 ipsec Log CSU-RB3011: IPsec-SA established: ESP/Transport 123.123.123.123[4500]->222.222.222.222[4500] spi=0x305d5318
You do not have the required permissions to view the files attached to this post.

Who is online

Users browsing this forum: outtahere and 38 guests