/testing/guestbin/swan-prep --x509 Preparing X.509 files west # certutil -D -n east -d sql:/etc/ipsec.d west # ipsec start Redirecting to: [initsystem] west # /testing/pluto/bin/wait-until-pluto-started west # ipsec whack --impair suppress-retransmits west # ipsec auto --add san 002 added connection description "san" west # echo "initdone" initdone west # # this should fail west # ipsec auto --up san 002 "san" #1: initiating Main Mode 1v1 "san" #1: STATE_MAIN_I1: initiate 1v1 "san" #1: STATE_MAIN_I2: sent MI2, expecting MR2 002 "san" #1: I am sending my cert 002 "san" #1: I am sending a certificate request 1v1 "san" #1: STATE_MAIN_I3: sent MI3, expecting MR3 003 "san" #1: ignoring informational payload INVALID_ID_INFORMATION, msgid=00000000, length=12 003 "san" #1: received and ignored notification payload: INVALID_ID_INFORMATION 031 "san" #1: STATE_MAIN_I3: 10 second timeout exceeded after 0 retransmits. Possible authentication failure: no acceptable response to our first encrypted message 000 "san" #1: starting keying attempt 2 of an unlimited number, but releasing whack west # echo "done" done west # # confirm the right ID types were sent/received west # grep "ID type" /tmp/pluto.log | sort | uniq | ID type: ID_USER_FQDN (0x3) west # west # ../bin/check-for-core.sh west # if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi