<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.6.2">
</HEAD>
<BODY>
I've try to setup a vpn from a notebook running linux FC4 connected by adsl to other linux with fix ip and runing FC3.<BR>
<BR>
Aparently the tunnel is up, but some is wrong because i can't ping from any direction.<BR>
The route is create on both sides.<BR>
In log i see the message | pending review: connection "ksa-nfred" was not up, skipped<BR>
<BR>
Se attached my logs:<BR>
<BR>
/var/log/secure - Server Gateway ######################################################<BR>
<BR>
Nov 28 14:11:08 fw pluto[1452]: | *received 292 bytes from 201.19.177.138:500 on eth2 (port=500)<BR>
Nov 28 14:11:08 fw pluto[1452]: | **parse ISAKMP Message:<BR>
Nov 28 14:11:08 fw pluto[1452]: | initiator cookie:<BR>
Nov 28 14:11:08 fw pluto[1452]: | 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:08 fw pluto[1452]: | responder cookie:<BR>
Nov 28 14:11:08 fw pluto[1452]: | 00 00 00 00 00 00 00 00<BR>
Nov 28 14:11:08 fw pluto[1452]: | next payload type: ISAKMP_NEXT_SA<BR>
Nov 28 14:11:08 fw pluto[1452]: | ISAKMP version: ISAKMP Version 1.0<BR>
Nov 28 14:11:08 fw pluto[1452]: | exchange type: ISAKMP_XCHG_IDPROT<BR>
Nov 28 14:11:08 fw pluto[1452]: | flags: none<BR>
Nov 28 14:11:08 fw pluto[1452]: | message ID: 00 00 00 00<BR>
Nov 28 14:11:08 fw pluto[1452]: | length: 292<BR>
Nov 28 14:11:09 fw pluto[1452]: | processing packet with exchange type=ISAKMP_XCHG_IDPROT (2)<BR>
Nov 28 14:11:09 fw pluto[1452]: | ***parse ISAKMP Security Association Payload:<BR>
Nov 28 14:11:09 fw pluto[1452]: | next payload type: ISAKMP_NEXT_VID<BR>
Nov 28 14:11:09 fw pluto[1452]: | length: 148<BR>
Nov 28 14:11:09 fw pluto[1452]: | DOI: ISAKMP_DOI_IPSEC<BR>
Nov 28 14:11:09 fw pluto[1452]: | ***parse ISAKMP Vendor ID Payload:<BR>
Nov 28 14:11:09 fw pluto[1452]: | next payload type: ISAKMP_NEXT_VID<BR>
Nov 28 14:11:09 fw pluto[1452]: | length: 16<BR>
Nov 28 14:11:09 fw pluto[1452]: | ***parse ISAKMP Vendor ID Payload:<BR>
Nov 28 14:11:09 fw pluto[1452]: | next payload type: ISAKMP_NEXT_VID<BR>
Nov 28 14:11:09 fw pluto[1452]: | length: 20<BR>
Nov 28 14:11:09 fw pluto[1452]: | ***parse ISAKMP Vendor ID Payload:<BR>
Nov 28 14:11:09 fw pluto[1452]: | next payload type: ISAKMP_NEXT_VID<BR>
Nov 28 14:11:09 fw pluto[1452]: | length: 20<BR>
Nov 28 14:11:09 fw pluto[1452]: | ***parse ISAKMP Vendor ID Payload:<BR>
Nov 28 14:11:09 fw pluto[1452]: | next payload type: ISAKMP_NEXT_VID<BR>
Nov 28 14:11:09 fw pluto[1452]: | length: 20<BR>
Nov 28 14:11:09 fw pluto[1452]: | ***parse ISAKMP Vendor ID Payload:<BR>
Nov 28 14:11:09 fw pluto[1452]: | next payload type: ISAKMP_NEXT_VID<BR>
Nov 28 14:11:09 fw pluto[1452]: | length: 20<BR>
Nov 28 14:11:09 fw pluto[1452]: | ***parse ISAKMP Vendor ID Payload:<BR>
Nov 28 14:11:09 fw pluto[1452]: | next payload type: ISAKMP_NEXT_NONE<BR>
Nov 28 14:11:09 fw pluto[1452]: | length: 20<BR>
Nov 28 14:11:09 fw pluto[1452]: packet from 201.19.177.138:500: ignoring unknown Vendor ID payload [4f457240604e7f585d6d5869]<BR>
Nov 28 14:11:09 fw pluto[1452]: packet from 201.19.177.138:500: received Vendor ID payload [Dead Peer Detection]<BR>
Nov 28 14:11:10 fw pluto[1452]: packet from 201.19.177.138:500: received Vendor ID payload [RFC 3947] method set to=109 <BR>
Nov 28 14:11:10 fw pluto[1452]: packet from 201.19.177.138:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109<BR>
Nov 28 14:11:10 fw pluto[1452]: packet from 201.19.177.138:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109<BR>
Nov 28 14:11:10 fw pluto[1452]: packet from 201.19.177.138:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]<BR>
Nov 28 14:11:10 fw pluto[1452]: | instantiated "ksa-nfred" for 201.19.177.138<BR>
Nov 28 14:11:10 fw pluto[1452]: | creating state object #15 at 0x8d60828<BR>
Nov 28 14:11:10 fw pluto[1452]: | processing connection ksa-nfred[3] 201.19.177.138<BR>
Nov 28 14:11:10 fw pluto[1452]: | ICOOKIE: 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:10 fw pluto[1452]: | RCOOKIE: 81 ae 83 1c 9e b2 b0 6d<BR>
Nov 28 14:11:10 fw pluto[1452]: | peer: c9 13 b1 8a<BR>
Nov 28 14:11:10 fw pluto[1452]: | state hash entry 27<BR>
Nov 28 14:11:10 fw pluto[1452]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #15<BR>
Nov 28 14:11:10 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #15: responding to Main Mode from unknown peer 201.19.177.138<BR>
Nov 28 14:11:10 fw pluto[1452]: | ****parse IPsec DOI SIT:<BR>
Nov 28 14:11:10 fw pluto[1452]: | IPsec DOI SIT: SIT_IDENTITY_ONLY<BR>
Nov 28 14:11:10 fw pluto[1452]: | ****parse ISAKMP Proposal Payload:<BR>
Nov 28 14:11:10 fw pluto[1452]: | next payload type: ISAKMP_NEXT_NONE<BR>
Nov 28 14:11:10 fw pluto[1452]: | length: 136<BR>
Nov 28 14:11:10 fw pluto[1452]: | proposal number: 0<BR>
Nov 28 14:11:10 fw pluto[1452]: | protocol ID: PROTO_ISAKMP<BR>
Nov 28 14:11:10 fw pluto[1452]: | SPI size: 0<BR>
Nov 28 14:11:10 fw pluto[1452]: | number of transforms: 4<BR>
Nov 28 14:11:10 fw pluto[1452]: | *****parse ISAKMP Transform Payload (ISAKMP):<BR>
Nov 28 14:11:10 fw pluto[1452]: | next payload type: ISAKMP_NEXT_T<BR>
Nov 28 14:11:10 fw pluto[1452]: | length: 32<BR>
Nov 28 14:11:11 fw pluto[1452]: | transform number: 0<BR>
Nov 28 14:11:11 fw pluto[1452]: | transform ID: KEY_IKE<BR>
Nov 28 14:11:11 fw pluto[1452]: | ******parse ISAKMP Oakley attribute:<BR>
Nov 28 14:11:11 fw pluto[1452]: | af+type: OAKLEY_LIFE_TYPE<BR>
Nov 28 14:11:11 fw pluto[1452]: | length/value: 1<BR>
Nov 28 14:11:11 fw pluto[1452]: | [1 is OAKLEY_LIFE_SECONDS]<BR>
Nov 28 14:11:11 fw pluto[1452]: | ******parse ISAKMP Oakley attribute:<BR>
Nov 28 14:11:11 fw pluto[1452]: | af+type: OAKLEY_LIFE_DURATION<BR>
Nov 28 14:11:11 fw pluto[1452]: | length/value: 3600<BR>
Nov 28 14:11:11 fw pluto[1452]: | ******parse ISAKMP Oakley attribute:<BR>
Nov 28 14:11:11 fw pluto[1452]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM<BR>
Nov 28 14:11:11 fw pluto[1452]: | length/value: 5<BR>
Nov 28 14:11:11 fw pluto[1452]: | [5 is OAKLEY_3DES_CBC]<BR>
Nov 28 14:11:11 fw pluto[1452]: | ******parse ISAKMP Oakley attribute:<BR>
Nov 28 14:11:11 fw pluto[1452]: | af+type: OAKLEY_HASH_ALGORITHM<BR>
Nov 28 14:11:11 fw pluto[1452]: | length/value: 1<BR>
Nov 28 14:11:11 fw pluto[1452]: | [1 is OAKLEY_MD5]<BR>
Nov 28 14:11:11 fw pluto[1452]: | ******parse ISAKMP Oakley attribute:<BR>
Nov 28 14:11:11 fw pluto[1452]: | af+type: OAKLEY_AUTHENTICATION_METHOD<BR>
Nov 28 14:11:11 fw pluto[1452]: | length/value: 3<BR>
Nov 28 14:11:11 fw pluto[1452]: | [3 is OAKLEY_RSA_SIG]<BR>
Nov 28 14:11:11 fw pluto[1452]: | ******parse ISAKMP Oakley attribute:<BR>
Nov 28 14:11:11 fw pluto[1452]: | af+type: OAKLEY_GROUP_DESCRIPTION<BR>
Nov 28 14:11:11 fw pluto[1452]: | length/value: 5<BR>
Nov 28 14:11:11 fw pluto[1452]: | [5 is OAKLEY_GROUP_MODP1536]<BR>
Nov 28 14:11:12 fw pluto[1452]: | Oakley Transform 0 accepted<BR>
Nov 28 14:11:12 fw pluto[1452]: | complete state transition with STF_OK<BR>
Nov 28 14:11:12 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #15: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<BR>
Nov 28 14:11:12 fw pluto[1452]: | sending reply packet to 201.19.177.138:500 (from port=500)<BR>
Nov 28 14:11:12 fw pluto[1452]: | sending 136 bytes for STATE_MAIN_R0 through eth2:500 to 201.19.177.138:500:<BR>
Nov 28 14:11:12 fw pluto[1452]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #15<BR>
Nov 28 14:11:12 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #15: STATE_MAIN_R1: sent MR1, expecting MI2<BR>
Nov 28 14:11:12 fw pluto[1452]: | modecfg pull: noquirk policy:push not-client<BR>
Nov 28 14:11:12 fw pluto[1452]: | phase 1 is done, looking for phase 1 to unpend<BR>
Nov 28 14:11:12 fw pluto[1452]: | next event EVENT_PENDING_PHASE2 in 9 seconds<BR>
Nov 28 14:11:12 fw pluto[1452]: | <BR>
Nov 28 14:11:12 fw pluto[1452]: | *received 284 bytes from 201.19.177.138:500 on eth2 (port=500)<BR>
Nov 28 14:11:12 fw pluto[1452]: | **parse ISAKMP Message:<BR>
Nov 28 14:11:12 fw pluto[1452]: | initiator cookie:<BR>
Nov 28 14:11:12 fw pluto[1452]: | 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:12 fw pluto[1452]: | responder cookie:<BR>
Nov 28 14:11:12 fw pluto[1452]: | 81 ae 83 1c 9e b2 b0 6d<BR>
Nov 28 14:11:12 fw pluto[1452]: | next payload type: ISAKMP_NEXT_KE<BR>
Nov 28 14:11:12 fw pluto[1452]: | ISAKMP version: ISAKMP Version 1.0<BR>
Nov 28 14:11:12 fw pluto[1452]: | exchange type: ISAKMP_XCHG_IDPROT<BR>
Nov 28 14:11:12 fw pluto[1452]: | flags: none<BR>
Nov 28 14:11:12 fw pluto[1452]: | message ID: 00 00 00 00<BR>
Nov 28 14:11:13 fw pluto[1452]: | length: 284<BR>
Nov 28 14:11:13 fw pluto[1452]: | processing packet with exchange type=ISAKMP_XCHG_IDPROT (2)<BR>
Nov 28 14:11:13 fw pluto[1452]: | ICOOKIE: 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:13 fw pluto[1452]: | RCOOKIE: 81 ae 83 1c 9e b2 b0 6d<BR>
Nov 28 14:11:13 fw pluto[1452]: | peer: c9 13 b1 8a<BR>
Nov 28 14:11:13 fw pluto[1452]: | state hash entry 27<BR>
Nov 28 14:11:13 fw pluto[1452]: | peer and cookies match on #15, provided msgid 00000000 vs 00000000<BR>
Nov 28 14:11:13 fw pluto[1452]: | state object #15 found, in STATE_MAIN_R1<BR>
Nov 28 14:11:13 fw pluto[1452]: | processing connection ksa-nfred[3] 201.19.177.138<BR>
Nov 28 14:11:13 fw pluto[1452]: | ***parse ISAKMP Key Exchange Payload:<BR>
Nov 28 14:11:13 fw pluto[1452]: | next payload type: ISAKMP_NEXT_NONCE<BR>
Nov 28 14:11:13 fw pluto[1452]: | length: 196<BR>
Nov 28 14:11:13 fw pluto[1452]: | ***parse ISAKMP Nonce Payload:<BR>
Nov 28 14:11:13 fw pluto[1452]: | next payload type: ISAKMP_NEXT_NAT-D<BR>
Nov 28 14:11:13 fw pluto[1452]: | length: 20<BR>
Nov 28 14:11:13 fw pluto[1452]: | ***parse ISAKMP NAT-D Payload:<BR>
Nov 28 14:11:13 fw pluto[1452]: | next payload type: ISAKMP_NEXT_NAT-D<BR>
Nov 28 14:11:13 fw pluto[1452]: | length: 20<BR>
Nov 28 14:11:13 fw pluto[1452]: | ***parse ISAKMP NAT-D Payload:<BR>
Nov 28 14:11:13 fw pluto[1452]: | next payload type: ISAKMP_NEXT_NONE<BR>
Nov 28 14:11:13 fw pluto[1452]: | length: 20<BR>
Nov 28 14:11:13 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #15: NAT-Traversal: Result using 3: no NAT detected<BR>
Nov 28 14:11:13 fw pluto[1452]: | inserting event EVENT_NAT_T_KEEPALIVE, timeout in 20 seconds<BR>
Nov 28 14:11:13 fw pluto[1452]: | 0: w->pcw_dead: 0 w->pcw_work: 0 cnt: 1<BR>
Nov 28 14:11:13 fw pluto[1452]: | asking helper 0 to do build_kenonce op on seq: 6<BR>
Nov 28 14:11:14 fw pluto[1452]: | inserting event EVENT_CRYPTO_FAILED, timeout in 300 seconds for #15<BR>
Nov 28 14:11:14 fw pluto[1456]: ! helper -1 doing build_kenonce op id: 6<BR>
Nov 28 14:11:14 fw pluto[1452]: | complete state transition with STF_SUSPEND<BR>
Nov 28 14:11:14 fw pluto[1452]: | next event EVENT_PENDING_PHASE2 in 7 seconds<BR>
Nov 28 14:11:14 fw pluto[1452]: | processing connection ksa-nfred[3] 201.19.177.138<BR>
Nov 28 14:11:14 fw pluto[1452]: | started looking for secret for @fw.farmaciadospobres.com.br->@fred.farmaciadospobres.com.br of kind PPK_PSK<BR>
Nov 28 14:11:14 fw pluto[1452]: | instantiating him to 0.0.0.0<BR>
Nov 28 14:11:14 fw pluto[1452]: | actually looking for secret for @fw.farmaciadospobres.com.br->0.0.0.0 of kind PPK_PSK<BR>
Nov 28 14:11:14 fw pluto[1452]: | concluding with best_match=0 best=(nil) (lineno=-1)<BR>
Nov 28 14:11:14 fw pluto[1452]: | complete state transition with STF_OK<BR>
Nov 28 14:11:14 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #15: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<BR>
Nov 28 14:11:14 fw pluto[1452]: | sending reply packet to 201.19.177.138:500 (from port=500)<BR>
Nov 28 14:11:14 fw pluto[1452]: | sending 284 bytes for STATE_MAIN_R1 through eth2:500 to 201.19.177.138:500:<BR>
Nov 28 14:11:14 fw pluto[1452]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #15<BR>
Nov 28 14:11:14 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #15: STATE_MAIN_R2: sent MR2, expecting MI3<BR>
Nov 28 14:11:14 fw pluto[1452]: | modecfg pull: noquirk policy:push not-client<BR>
Nov 28 14:11:14 fw pluto[1452]: | phase 1 is done, looking for phase 1 to unpend<BR>
Nov 28 14:11:14 fw pluto[1452]: | next event EVENT_PENDING_PHASE2 in 7 seconds<BR>
Nov 28 14:11:14 fw pluto[1452]: | <BR>
Nov 28 14:11:14 fw pluto[1452]: | *received 348 bytes from 201.19.177.138:500 on eth2 (port=500)<BR>
Nov 28 14:11:14 fw pluto[1452]: | **parse ISAKMP Message:<BR>
Nov 28 14:11:14 fw pluto[1452]: | initiator cookie:<BR>
Nov 28 14:11:14 fw pluto[1452]: | 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:14 fw pluto[1452]: | responder cookie:<BR>
Nov 28 14:11:14 fw pluto[1452]: | 81 ae 83 1c 9e b2 b0 6d<BR>
Nov 28 14:11:15 fw pluto[1452]: | next payload type: ISAKMP_NEXT_ID<BR>
Nov 28 14:11:15 fw pluto[1452]: | ISAKMP version: ISAKMP Version 1.0<BR>
Nov 28 14:11:15 fw pluto[1452]: | exchange type: ISAKMP_XCHG_IDPROT<BR>
Nov 28 14:11:15 fw pluto[1452]: | flags: ISAKMP_FLAG_ENCRYPTION<BR>
Nov 28 14:11:15 fw pluto[1452]: | message ID: 00 00 00 00<BR>
Nov 28 14:11:15 fw pluto[1452]: | length: 348<BR>
Nov 28 14:11:15 fw pluto[1452]: | processing packet with exchange type=ISAKMP_XCHG_IDPROT (2)<BR>
Nov 28 14:11:15 fw pluto[1452]: | ICOOKIE: 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:15 fw pluto[1452]: | RCOOKIE: 81 ae 83 1c 9e b2 b0 6d<BR>
Nov 28 14:11:15 fw pluto[1452]: | peer: c9 13 b1 8a<BR>
Nov 28 14:11:15 fw pluto[1452]: | state hash entry 27<BR>
Nov 28 14:11:15 fw pluto[1452]: | peer and cookies match on #15, provided msgid 00000000 vs 00000000<BR>
Nov 28 14:11:15 fw pluto[1452]: | state object #15 found, in STATE_MAIN_R2<BR>
Nov 28 14:11:15 fw pluto[1452]: | processing connection ksa-nfred[3] 201.19.177.138<BR>
Nov 28 14:11:15 fw pluto[1452]: | ***parse ISAKMP Identification Payload:<BR>
Nov 28 14:11:15 fw pluto[1452]: | next payload type: ISAKMP_NEXT_SIG<BR>
Nov 28 14:11:15 fw pluto[1452]: | length: 37<BR>
Nov 28 14:11:15 fw pluto[1452]: | ID type: ID_FQDN<BR>
Nov 28 14:11:15 fw pluto[1452]: | DOI specific A: 0<BR>
Nov 28 14:11:15 fw pluto[1452]: | DOI specific B: 0<BR>
Nov 28 14:11:15 fw pluto[1452]: | ***parse ISAKMP Signature Payload:<BR>
Nov 28 14:11:15 fw pluto[1452]: | next payload type: ISAKMP_NEXT_NONE<BR>
Nov 28 14:11:15 fw pluto[1452]: | length: 278<BR>
Nov 28 14:11:15 fw pluto[1452]: | removing 5 bytes of padding<BR>
Nov 28 14:11:16 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #15: Main mode peer ID is ID_FQDN: <A HREF="mailto:'@fred.farmaciadospobres.com.br">'@fred.farmaciadospobres.com.br</A>'<BR>
Nov 28 14:11:16 fw pluto[1452]: | offered CA: '%none'<BR>
Nov 28 14:11:16 fw pluto[1452]: | required CA is '%any'<BR>
Nov 28 14:11:16 fw pluto[1452]: | key issuer CA is '%any'<BR>
Nov 28 14:11:16 fw pluto[1452]: | an RSA Sig check passed with *AQOA+Y8D1 [preloaded key]<BR>
Nov 28 14:11:16 fw pluto[1452]: | thinking about whether to send my certificate:<BR>
Nov 28 14:11:16 fw pluto[1452]: | I have RSA key: OAKLEY_RSA_SIG cert.type: CERT_NONE <BR>
Nov 28 14:11:16 fw pluto[1452]: | sendcert: CERT_ALWAYSSEND and I did not get a certificate request <BR>
Nov 28 14:11:16 fw pluto[1452]: | so do not send cert.<BR>
Nov 28 14:11:16 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #15: I did not send a certificate because I do not have one.<BR>
Nov 28 14:11:16 fw pluto[1452]: | started looking for secret for @fw.farmaciadospobres.com.br->@fred.farmaciadospobres.com.br of kind PPK_RSA<BR>
Nov 28 14:11:16 fw pluto[1452]: | instantiating him to 0.0.0.0<BR>
Nov 28 14:11:16 fw pluto[1452]: | actually looking for secret for @fw.farmaciadospobres.com.br->0.0.0.0 of kind PPK_RSA<BR>
Nov 28 14:11:16 fw pluto[1452]: | best_match 0>1 best=0x8d5da58 (line=1)<BR>
Nov 28 14:11:16 fw pluto[1452]: | concluding with best_match=1 best=0x8d5da58 (lineno=1)<BR>
Nov 28 14:11:16 fw pluto[1452]: | signing hash with RSA Key *AQNz6jkBp<BR>
Nov 28 14:11:16 fw pluto[1452]: | complete state transition with STF_OK<BR>
Nov 28 14:11:16 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #15: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3<BR>
Nov 28 14:11:16 fw pluto[1452]: | sending reply packet to 201.19.177.138:500 (from port=500)<BR>
Nov 28 14:11:16 fw pluto[1452]: | sending 348 bytes for STATE_MAIN_R2 through eth2:500 to 201.19.177.138:500:<BR>
Nov 28 14:11:16 fw pluto[1452]: | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #15<BR>
Nov 28 14:11:16 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #15: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}<BR>
Nov 28 14:11:17 fw pluto[1452]: | modecfg pull: noquirk policy:push not-client<BR>
Nov 28 14:11:17 fw pluto[1452]: | phase 1 is done, looking for phase 1 to unpend<BR>
Nov 28 14:11:17 fw pluto[1452]: | next event EVENT_PENDING_PHASE2 in 4 seconds<BR>
Nov 28 14:11:17 fw pluto[1452]: | <BR>
Nov 28 14:11:17 fw pluto[1452]: | *received 428 bytes from 201.19.177.138:500 on eth2 (port=500)<BR>
Nov 28 14:11:17 fw pluto[1452]: | **parse ISAKMP Message:<BR>
Nov 28 14:11:17 fw pluto[1452]: | initiator cookie:<BR>
Nov 28 14:11:17 fw pluto[1452]: | 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:17 fw pluto[1452]: | responder cookie:<BR>
Nov 28 14:11:17 fw pluto[1452]: | 81 ae 83 1c 9e b2 b0 6d<BR>
Nov 28 14:11:17 fw pluto[1452]: | next payload type: ISAKMP_NEXT_HASH<BR>
Nov 28 14:11:17 fw pluto[1452]: | ISAKMP version: ISAKMP Version 1.0<BR>
Nov 28 14:11:17 fw pluto[1452]: | exchange type: ISAKMP_XCHG_QUICK<BR>
Nov 28 14:11:17 fw pluto[1452]: | flags: ISAKMP_FLAG_ENCRYPTION<BR>
Nov 28 14:11:17 fw pluto[1452]: | message ID: 74 eb d2 17<BR>
Nov 28 14:11:17 fw pluto[1452]: | length: 428<BR>
Nov 28 14:11:17 fw pluto[1452]: | processing packet with exchange type=ISAKMP_XCHG_QUICK (32)<BR>
Nov 28 14:11:17 fw pluto[1452]: | ICOOKIE: 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:17 fw pluto[1452]: | RCOOKIE: 81 ae 83 1c 9e b2 b0 6d<BR>
Nov 28 14:11:17 fw pluto[1452]: | peer: c9 13 b1 8a<BR>
Nov 28 14:11:17 fw pluto[1452]: | state hash entry 27<BR>
Nov 28 14:11:17 fw pluto[1452]: | peer and cookies match on #15, provided msgid 74ebd217 vs 00000000<BR>
Nov 28 14:11:18 fw pluto[1452]: | state object not found<BR>
Nov 28 14:11:18 fw pluto[1452]: | ICOOKIE: 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:18 fw pluto[1452]: | RCOOKIE: 81 ae 83 1c 9e b2 b0 6d<BR>
Nov 28 14:11:18 fw pluto[1452]: | peer: c9 13 b1 8a<BR>
Nov 28 14:11:18 fw pluto[1452]: | state hash entry 27<BR>
Nov 28 14:11:18 fw pluto[1452]: | peer and cookies match on #15, provided msgid 00000000 vs 00000000<BR>
Nov 28 14:11:18 fw pluto[1452]: | state object #15 found, in STATE_MAIN_R3<BR>
Nov 28 14:11:18 fw pluto[1452]: | processing connection ksa-nfred[3] 201.19.177.138<BR>
Nov 28 14:11:18 fw pluto[1452]: | ***parse ISAKMP Hash Payload:<BR>
Nov 28 14:11:18 fw pluto[1452]: | next payload type: ISAKMP_NEXT_SA<BR>
Nov 28 14:11:18 fw pluto[1452]: | length: 20<BR>
Nov 28 14:11:18 fw pluto[1452]: | ***parse ISAKMP Security Association Payload:<BR>
Nov 28 14:11:18 fw pluto[1452]: | next payload type: ISAKMP_NEXT_NONCE<BR>
Nov 28 14:11:18 fw pluto[1452]: | length: 136<BR>
Nov 28 14:11:18 fw pluto[1452]: | DOI: ISAKMP_DOI_IPSEC<BR>
Nov 28 14:11:18 fw pluto[1452]: | ***parse ISAKMP Nonce Payload:<BR>
Nov 28 14:11:18 fw pluto[1452]: | next payload type: ISAKMP_NEXT_KE<BR>
Nov 28 14:11:18 fw pluto[1452]: | length: 20<BR>
Nov 28 14:11:18 fw pluto[1452]: | ***parse ISAKMP Key Exchange Payload:<BR>
Nov 28 14:11:18 fw pluto[1452]: | next payload type: ISAKMP_NEXT_ID<BR>
Nov 28 14:11:18 fw pluto[1452]: | length: 196<BR>
Nov 28 14:11:18 fw pluto[1452]: | ***parse ISAKMP Identification Payload (IPsec DOI):<BR>
Nov 28 14:11:18 fw pluto[1452]: | next payload type: ISAKMP_NEXT_ID<BR>
Nov 28 14:11:18 fw pluto[1452]: | length: 12<BR>
Nov 28 14:11:18 fw pluto[1452]: | ID type: ID_IPV4_ADDR<BR>
Nov 28 14:11:19 fw pluto[1452]: | Protocol ID: 0<BR>
Nov 28 14:11:19 fw pluto[1452]: | port: 0<BR>
Nov 28 14:11:19 fw pluto[1452]: | ***parse ISAKMP Identification Payload (IPsec DOI):<BR>
Nov 28 14:11:19 fw pluto[1452]: | next payload type: ISAKMP_NEXT_NONE<BR>
Nov 28 14:11:19 fw pluto[1452]: | length: 16<BR>
Nov 28 14:11:19 fw pluto[1452]: | ID type: ID_IPV4_ADDR_SUBNET<BR>
Nov 28 14:11:19 fw pluto[1452]: | Protocol ID: 0<BR>
Nov 28 14:11:19 fw pluto[1452]: | port: 0<BR>
Nov 28 14:11:19 fw pluto[1452]: | peer client is 201.19.177.138<BR>
Nov 28 14:11:19 fw pluto[1452]: | peer client protocol/port is 0/0<BR>
Nov 28 14:11:19 fw pluto[1452]: | our client is subnet 10.60.60.0/24<BR>
Nov 28 14:11:19 fw pluto[1452]: | our client protocol/port is 0/0<BR>
Nov 28 14:11:19 fw pluto[1452]: | duplicating state object #15<BR>
Nov 28 14:11:19 fw pluto[1452]: | creating state object #16 at 0x8d64178<BR>
Nov 28 14:11:19 fw pluto[1452]: | processing connection ksa-nfred[3] 201.19.177.138<BR>
Nov 28 14:11:19 fw pluto[1452]: | ICOOKIE: 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:19 fw pluto[1452]: | RCOOKIE: 81 ae 83 1c 9e b2 b0 6d<BR>
Nov 28 14:11:19 fw pluto[1452]: | peer: c9 13 b1 8a<BR>
Nov 28 14:11:19 fw pluto[1452]: | state hash entry 27<BR>
Nov 28 14:11:19 fw pluto[1452]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #16<BR>
Nov 28 14:11:19 fw pluto[1452]: | ****parse IPsec DOI SIT:<BR>
Nov 28 14:11:19 fw pluto[1452]: | IPsec DOI SIT: SIT_IDENTITY_ONLY<BR>
Nov 28 14:11:19 fw pluto[1452]: | ****parse ISAKMP Proposal Payload:<BR>
Nov 28 14:11:19 fw pluto[1452]: | next payload type: ISAKMP_NEXT_NONE<BR>
Nov 28 14:11:19 fw pluto[1452]: | length: 124<BR>
Nov 28 14:11:20 fw pluto[1452]: | proposal number: 0<BR>
Nov 28 14:11:20 fw pluto[1452]: | protocol ID: PROTO_IPSEC_ESP<BR>
Nov 28 14:11:20 fw pluto[1452]: | SPI size: 4<BR>
Nov 28 14:11:20 fw pluto[1452]: | number of transforms: 4<BR>
Nov 28 14:11:20 fw pluto[1452]: | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI<BR>
Nov 28 14:11:20 fw pluto[1452]: | SPI 5a 1b 87 90<BR>
Nov 28 14:11:20 fw pluto[1452]: | *****parse ISAKMP Transform Payload (ESP):<BR>
Nov 28 14:11:20 fw pluto[1452]: | next payload type: ISAKMP_NEXT_T<BR>
Nov 28 14:11:20 fw pluto[1452]: | length: 28<BR>
Nov 28 14:11:20 fw pluto[1452]: | transform number: 0<BR>
Nov 28 14:11:20 fw pluto[1452]: | transform ID: ESP_AES<BR>
Nov 28 14:11:20 fw pluto[1452]: | ******parse ISAKMP IPsec DOI attribute:<BR>
Nov 28 14:11:20 fw pluto[1452]: | af+type: GROUP_DESCRIPTION<BR>
Nov 28 14:11:20 fw pluto[1452]: | length/value: 5<BR>
Nov 28 14:11:20 fw pluto[1452]: | [5 is OAKLEY_GROUP_MODP1536]<BR>
Nov 28 14:11:20 fw pluto[1452]: | ******parse ISAKMP IPsec DOI attribute:<BR>
Nov 28 14:11:20 fw pluto[1452]: | af+type: ENCAPSULATION_MODE<BR>
Nov 28 14:11:20 fw pluto[1452]: | length/value: 1<BR>
Nov 28 14:11:20 fw pluto[1452]: | [1 is ENCAPSULATION_MODE_TUNNEL]<BR>
Nov 28 14:11:20 fw pluto[1452]: | ******parse ISAKMP IPsec DOI attribute:<BR>
Nov 28 14:11:20 fw pluto[1452]: | af+type: SA_LIFE_TYPE<BR>
Nov 28 14:11:20 fw pluto[1452]: | length/value: 1<BR>
Nov 28 14:11:20 fw pluto[1452]: | [1 is SA_LIFE_TYPE_SECONDS]<BR>
Nov 28 14:11:20 fw pluto[1452]: | ******parse ISAKMP IPsec DOI attribute:<BR>
Nov 28 14:11:20 fw pluto[1452]: | af+type: SA_LIFE_DURATION<BR>
Nov 28 14:11:21 fw pluto[1452]: | length/value: 28800<BR>
Nov 28 14:11:21 fw pluto[1452]: | ******parse ISAKMP IPsec DOI attribute:<BR>
Nov 28 14:11:21 fw pluto[1452]: | af+type: AUTH_ALGORITHM<BR>
Nov 28 14:11:21 fw pluto[1452]: | length/value: 2<BR>
Nov 28 14:11:21 fw pluto[1452]: | [2 is AUTH_ALGORITHM_HMAC_SHA1]<BR>
Nov 28 14:11:21 fw pluto[1452]: | 0: w->pcw_dead: 0 w->pcw_work: 0 cnt: 1<BR>
Nov 28 14:11:21 fw pluto[1452]: | asking helper 0 to do build_kenonce op on seq: 7<BR>
Nov 28 14:11:21 fw pluto[1452]: | inserting event EVENT_CRYPTO_FAILED, timeout in 300 seconds for #16<BR>
Nov 28 14:11:21 fw pluto[1456]: ! helper -1 doing build_kenonce op id: 7<BR>
Nov 28 14:11:21 fw pluto[1452]: | complete state transition with STF_SUSPEND<BR>
Nov 28 14:11:21 fw pluto[1452]: | next event EVENT_PENDING_PHASE2 in 0 seconds<BR>
Nov 28 14:11:21 fw pluto[1452]: | <BR>
Nov 28 14:11:21 fw pluto[1452]: | *time to handle event<BR>
Nov 28 14:11:21 fw pluto[1452]: | handling event EVENT_PENDING_PHASE2<BR>
Nov 28 14:11:21 fw pluto[1452]: | event after this is EVENT_NAT_T_KEEPALIVE in 12 seconds<BR>
Nov 28 14:11:21 fw pluto[1452]: | inserting event EVENT_PENDING_PHASE2, timeout in 120 seconds<BR>
Nov 28 14:11:21 fw pluto[1452]: | pending review: connection "ksa-nfred" was not up, skipped<BR>
Nov 28 14:11:21 fw pluto[1452]: | pending review: connection "ksa-nfred" was not up, skipped<BR>
Nov 28 14:11:21 fw pluto[1452]: | next event EVENT_NAT_T_KEEPALIVE in 12 seconds<BR>
Nov 28 14:11:21 fw pluto[1452]: | processing connection ksa-nfred[3] 201.19.177.138<BR>
Nov 28 14:11:21 fw pluto[1452]: | ****parse IPsec DOI SIT:<BR>
Nov 28 14:11:21 fw pluto[1452]: | IPsec DOI SIT: SIT_IDENTITY_ONLY<BR>
Nov 28 14:11:21 fw pluto[1452]: | ****parse ISAKMP Proposal Payload:<BR>
Nov 28 14:11:21 fw pluto[1452]: | next payload type: ISAKMP_NEXT_NONE<BR>
Nov 28 14:11:21 fw pluto[1452]: | length: 124<BR>
Nov 28 14:11:22 fw pluto[1452]: | proposal number: 0<BR>
Nov 28 14:11:22 fw pluto[1452]: | protocol ID: PROTO_IPSEC_ESP<BR>
Nov 28 14:11:22 fw pluto[1452]: | SPI size: 4<BR>
Nov 28 14:11:22 fw pluto[1452]: | number of transforms: 4<BR>
Nov 28 14:11:22 fw pluto[1452]: | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI<BR>
Nov 28 14:11:22 fw pluto[1452]: | SPI 5a 1b 87 90<BR>
Nov 28 14:11:22 fw pluto[1452]: | *****parse ISAKMP Transform Payload (ESP):<BR>
Nov 28 14:11:22 fw pluto[1452]: | next payload type: ISAKMP_NEXT_T<BR>
Nov 28 14:11:22 fw pluto[1452]: | length: 28<BR>
Nov 28 14:11:22 fw pluto[1452]: | transform number: 0<BR>
Nov 28 14:11:22 fw pluto[1452]: | transform ID: ESP_AES<BR>
Nov 28 14:11:22 fw pluto[1452]: | ******parse ISAKMP IPsec DOI attribute:<BR>
Nov 28 14:11:22 fw pluto[1452]: | af+type: GROUP_DESCRIPTION<BR>
Nov 28 14:11:22 fw pluto[1452]: | length/value: 5<BR>
Nov 28 14:11:22 fw pluto[1452]: | [5 is OAKLEY_GROUP_MODP1536]<BR>
Nov 28 14:11:22 fw pluto[1452]: | ******parse ISAKMP IPsec DOI attribute:<BR>
Nov 28 14:11:22 fw pluto[1452]: | af+type: ENCAPSULATION_MODE<BR>
Nov 28 14:11:22 fw pluto[1452]: | length/value: 1<BR>
Nov 28 14:11:22 fw pluto[1452]: | [1 is ENCAPSULATION_MODE_TUNNEL]<BR>
Nov 28 14:11:22 fw pluto[1452]: | ******parse ISAKMP IPsec DOI attribute:<BR>
Nov 28 14:11:22 fw pluto[1452]: | af+type: SA_LIFE_TYPE<BR>
Nov 28 14:11:22 fw pluto[1452]: | length/value: 1<BR>
Nov 28 14:11:22 fw pluto[1452]: | [1 is SA_LIFE_TYPE_SECONDS]<BR>
Nov 28 14:11:22 fw pluto[1452]: | ******parse ISAKMP IPsec DOI attribute:<BR>
Nov 28 14:11:22 fw pluto[1452]: | af+type: SA_LIFE_DURATION<BR>
Nov 28 14:11:23 fw pluto[1452]: | length/value: 28800<BR>
Nov 28 14:11:23 fw pluto[1452]: | ******parse ISAKMP IPsec DOI attribute:<BR>
Nov 28 14:11:23 fw pluto[1452]: | af+type: AUTH_ALGORITHM<BR>
Nov 28 14:11:23 fw pluto[1452]: | length/value: 2<BR>
Nov 28 14:11:23 fw pluto[1452]: | [2 is AUTH_ALGORITHM_HMAC_SHA1]<BR>
Nov 28 14:11:23 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #16: responding to Quick Mode {msgid:17d2eb74}<BR>
Nov 28 14:11:23 fw pluto[1452]: | started looking for secret for @fw.farmaciadospobres.com.br->@fred.farmaciadospobres.com.br of kind PPK_PSK<BR>
Nov 28 14:11:23 fw pluto[1452]: | instantiating him to 0.0.0.0<BR>
Nov 28 14:11:23 fw pluto[1452]: | actually looking for secret for @fw.farmaciadospobres.com.br->0.0.0.0 of kind PPK_PSK<BR>
Nov 28 14:11:23 fw pluto[1452]: | concluding with best_match=0 best=(nil) (lineno=-1)<BR>
Nov 28 14:11:23 fw pluto[1452]: | compute_proto_keymat:needed_len (after ESP enc)=16<BR>
Nov 28 14:11:23 fw pluto[1452]: | compute_proto_keymat:needed_len (after ESP auth)=36<BR>
Nov 28 14:11:23 fw pluto[1452]: | install_inbound_ipsec_sa() checking if we can route<BR>
Nov 28 14:11:23 fw pluto[1452]: | route owner of "ksa-nfred"[3] 201.19.177.138 unrouted: NULL; eroute owner: NULL<BR>
Nov 28 14:11:23 fw pluto[1452]: | could_route called for ksa-nfred (kind=CK_INSTANCE)<BR>
Nov 28 14:11:23 fw pluto[1452]: | add inbound eroute 201.19.177.138/32:0 --0-> 10.60.60.0/24:0 => tun.10000@200.xxx.xxx.xxx <A HREF="mailto:tun.10000@200.xxx.xxx.xxxraw_eroute">(raw_eroute</A>)<BR>
Nov 28 14:11:23 fw pluto[1452]: | complete state transition with STF_OK<BR>
Nov 28 14:11:23 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #16: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1<BR>
Nov 28 14:11:23 fw pluto[1452]: | sending reply packet to 201.19.177.138:500 (from port=500)<BR>
Nov 28 14:11:23 fw pluto[1452]: | sending 348 bytes for STATE_QUICK_R0 through eth2:500 to 201.19.177.138:500:<BR>
Nov 28 14:11:23 fw pluto[1452]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #16<BR>
Nov 28 14:11:23 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #16: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2<BR>
Nov 28 14:11:23 fw pluto[1452]: | modecfg pull: noquirk policy:push not-client<BR>
Nov 28 14:11:23 fw pluto[1452]: | phase 1 is done, looking for phase 1 to unpend<BR>
Nov 28 14:11:24 fw pluto[1452]: | next event EVENT_RETRANSMIT in 9 seconds for #16<BR>
Nov 28 14:11:24 fw pluto[1452]: | <BR>
Nov 28 14:11:24 fw pluto[1452]: | *received 428 bytes from 201.19.177.138:500 on eth2 (port=500)<BR>
Nov 28 14:11:24 fw pluto[1452]: | **parse ISAKMP Message:<BR>
Nov 28 14:11:24 fw pluto[1452]: | initiator cookie:<BR>
Nov 28 14:11:24 fw pluto[1452]: | 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:24 fw pluto[1452]: | responder cookie:<BR>
Nov 28 14:11:24 fw pluto[1452]: | 81 ae 83 1c 9e b2 b0 6d<BR>
Nov 28 14:11:24 fw pluto[1452]: | next payload type: ISAKMP_NEXT_HASH<BR>
Nov 28 14:11:24 fw pluto[1452]: | ISAKMP version: ISAKMP Version 1.0<BR>
Nov 28 14:11:24 fw pluto[1452]: | exchange type: ISAKMP_XCHG_QUICK<BR>
Nov 28 14:11:24 fw pluto[1452]: | flags: ISAKMP_FLAG_ENCRYPTION<BR>
Nov 28 14:11:24 fw pluto[1452]: | message ID: 74 eb d2 17<BR>
Nov 28 14:11:24 fw pluto[1452]: | length: 428<BR>
Nov 28 14:11:24 fw pluto[1452]: | processing packet with exchange type=ISAKMP_XCHG_QUICK (32)<BR>
Nov 28 14:11:24 fw pluto[1452]: | ICOOKIE: 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:24 fw pluto[1452]: | RCOOKIE: 81 ae 83 1c 9e b2 b0 6d<BR>
Nov 28 14:11:24 fw pluto[1452]: | peer: c9 13 b1 8a<BR>
Nov 28 14:11:24 fw pluto[1452]: | state hash entry 27<BR>
Nov 28 14:11:24 fw pluto[1452]: | peer and cookies match on #16, provided msgid 74ebd217 vs 74ebd217<BR>
Nov 28 14:11:24 fw pluto[1452]: | state object #16 found, in STATE_QUICK_R1<BR>
Nov 28 14:11:24 fw pluto[1452]: | processing connection ksa-nfred[3] 201.19.177.138<BR>
Nov 28 14:11:24 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #16: next payload type of ISAKMP Hash Payload has an unknown value: 150<BR>
Nov 28 14:11:24 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #16: malformed payload in packet<BR>
Nov 28 14:11:24 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #16: sending notification PAYLOAD_MALFORMED to 201.19.177.138:500<BR>
Nov 28 14:11:24 fw pluto[1452]: | sending 40 bytes for notification packet through eth2:500 to 201.19.177.138:500:<BR>
Nov 28 14:11:25 fw pluto[1452]: | next event EVENT_RETRANSMIT in 8 seconds for #16<BR>
Nov 28 14:11:25 fw pluto[1452]: | <BR>
Nov 28 14:11:25 fw pluto[1452]: | *received 52 bytes from 201.19.177.138:500 on eth2 (port=500)<BR>
Nov 28 14:11:25 fw pluto[1452]: | **parse ISAKMP Message:<BR>
Nov 28 14:11:25 fw pluto[1452]: | initiator cookie:<BR>
Nov 28 14:11:25 fw pluto[1452]: | 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:25 fw pluto[1452]: | responder cookie:<BR>
Nov 28 14:11:25 fw pluto[1452]: | 81 ae 83 1c 9e b2 b0 6d<BR>
Nov 28 14:11:25 fw pluto[1452]: | next payload type: ISAKMP_NEXT_HASH<BR>
Nov 28 14:11:25 fw pluto[1452]: | ISAKMP version: ISAKMP Version 1.0<BR>
Nov 28 14:11:25 fw pluto[1452]: | exchange type: ISAKMP_XCHG_QUICK<BR>
Nov 28 14:11:25 fw pluto[1452]: | flags: ISAKMP_FLAG_ENCRYPTION<BR>
Nov 28 14:11:25 fw pluto[1452]: | message ID: 74 eb d2 17<BR>
Nov 28 14:11:25 fw pluto[1452]: | length: 52<BR>
Nov 28 14:11:25 fw pluto[1452]: | processing packet with exchange type=ISAKMP_XCHG_QUICK (32)<BR>
Nov 28 14:11:25 fw pluto[1452]: | ICOOKIE: 10 89 63 79 b0 43 85 28<BR>
Nov 28 14:11:25 fw pluto[1452]: | RCOOKIE: 81 ae 83 1c 9e b2 b0 6d<BR>
Nov 28 14:11:25 fw pluto[1452]: | peer: c9 13 b1 8a<BR>
Nov 28 14:11:25 fw pluto[1452]: | state hash entry 27<BR>
Nov 28 14:11:25 fw pluto[1452]: | peer and cookies match on #16, provided msgid 74ebd217 vs 74ebd217<BR>
Nov 28 14:11:25 fw pluto[1452]: | state object #16 found, in STATE_QUICK_R1<BR>
Nov 28 14:11:25 fw pluto[1452]: | processing connection ksa-nfred[3] 201.19.177.138<BR>
Nov 28 14:11:25 fw pluto[1452]: | ***parse ISAKMP Hash Payload:<BR>
Nov 28 14:11:25 fw pluto[1452]: | next payload type: ISAKMP_NEXT_NONE<BR>
Nov 28 14:11:25 fw pluto[1452]: | length: 20<BR>
Nov 28 14:11:26 fw pluto[1452]: | removing 4 bytes of padding<BR>
Nov 28 14:11:26 fw pluto[1452]: | install_ipsec_sa() for #16: outbound only<BR>
Nov 28 14:11:26 fw pluto[1452]: | route owner of "ksa-nfred"[3] 201.19.177.138 unrouted: NULL; eroute owner: NULL<BR>
Nov 28 14:11:26 fw pluto[1452]: | could_route called for ksa-nfred (kind=CK_INSTANCE)<BR>
Nov 28 14:11:26 fw pluto[1452]: | sr for #16: unrouted<BR>
Nov 28 14:11:26 fw pluto[1452]: | route owner of "ksa-nfred"[3] 201.19.177.138 unrouted: NULL; eroute owner: NULL<BR>
Nov 28 14:11:26 fw pluto[1452]: | eroute_connection add eroute 10.60.60.0/24:0 --0-> 201.19.177.138/32:0 => tun.0@201.19.177.138 (raw_eroute)<BR>
Nov 28 14:11:26 fw pluto[1452]: | command executing up-client<BR>
Nov 28 14:11:26 fw pluto[1452]: | executing up-client: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='up-client' PLUTO_CONNECTION='ksa-nfred' PLUTO_NEXT_HOP='201.19.177.138' PLUTO_INTERFACE='eth2' PLUTO_ME='200.xxx.xxx.xxx' PLUTO_MY_ID='@fw.farmaciadospobres.com.br' PLUTO_MY_CLIENT='10.60.60.0/24' PLUTO_MY_CLIENT_NET='10.60.60.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='201.19.177.138' PLUTO_PEER_ID='@fred.farmaciadospobres.com.br' PLUTO_PEER_CLIENT='201.19.177.138/32' PLUTO_PEER_CLIENT_NET='201.19.177.138' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS' ipsec _updown<BR>
Nov 28 14:11:26 fw pluto[1452]: | route_and_eroute: firewall_notified: true<BR>
Nov 28 14:11:26 fw pluto[1452]: | command executing prepare-client<BR>
Nov 28 14:11:26 fw pluto[1452]: | executing prepare-client: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='prepare-client' PLUTO_CONNECTION='ksa-nfred' PLUTO_NEXT_HOP='201.19.177.138' PLUTO_INTERFACE='eth2' PLUTO_ME='200.xxx.xxx.xxx' PLUTO_MY_ID='@fw.farmaciadospobres.com.br' PLUTO_MY_CLIENT='10.60.60.0/24' PLUTO_MY_CLIENT_NET='10.60.60.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='201.19.177.138' PLUTO_PEER_ID='@fred.farmaciadospobres.com.br' PLUTO_PEER_CLIENT='201.19.177.138/32' PLUTO_PEER_CLIENT_NET='201.19.177.138' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS' ipsec _updown<BR>
Nov 28 14:11:26 fw pluto[1452]: | command executing route-client<BR>
Nov 28 14:11:26 fw pluto[1452]: | executing route-client: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='route-client' PLUTO_CONNECTION='ksa-nfred' PLUTO_NEXT_HOP='201.19.177.138' PLUTO_INTERFACE='eth2' PLUTO_ME='200.xxx.xxx.xxx' PLUTO_MY_ID='@fw.farmaciadospobres.com.br' PLUTO_MY_CLIENT='10.60.60.0/24' PLUTO_MY_CLIENT_NET='10.60.60.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='201.19.177.138' PLUTO_PEER_ID='@fred.farmaciadospobres.com.br' PLUTO_PEER_CLIENT='201.19.177.138/32' PLUTO_PEER_CLIENT_NET='201.19.177.138' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS' ipsec _updown<BR>
Nov 28 14:11:26 fw pluto[1452]: | route_and_eroute: instance "ksa-nfred"[3] 201.19.177.138, setting eroute_owner {spd=0x8d605cc,sr=0x8d605cc} to #16 (was #0) (newest_ipsec_sa=#0)<BR>
Nov 28 14:11:26 fw pluto[1452]: | complete state transition with STF_OK<BR>
Nov 28 14:11:26 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #16: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2<BR>
Nov 28 14:11:26 fw pluto[1452]: | inserting event EVENT_SA_REPLACE, timeout in 28530 seconds for #16<BR>
Nov 28 14:11:26 fw pluto[1452]: "ksa-nfred"[3] 201.19.177.138 #16: STATE_QUICK_R2: IPsec SA established {ESP=>0x5a1b8790 <0xe3acb687 xfrm=AES_0-HMAC_SHA1 NATD=201.19.177.138:500 DPD=none}<BR>
Nov 28 14:11:26 fw pluto[1452]: | modecfg pull: noquirk policy:push not-client<BR>
Nov 28 14:11:26 fw pluto[1452]: | phase 1 is done, looking for phase 1 to unpend<BR>
Nov 28 14:11:26 fw pluto[1452]: | next event EVENT_NAT_T_KEEPALIVE in 7 seconds<BR>
Nov 28 14:11:34 fw pluto[1452]: | <BR>
Nov 28 14:11:34 fw pluto[1452]: | *time to handle event<BR>
Nov 28 14:11:34 fw pluto[1452]: | handling event EVENT_NAT_T_KEEPALIVE<BR>
Nov 28 14:11:34 fw pluto[1452]: | event after this is EVENT_PENDING_PHASE2 in 107 seconds<BR>
Nov 28 14:11:34 fw pluto[1452]: | processing connection ksa-nfred[3] 201.19.177.138<BR>
Nov 28 14:11:34 fw pluto[1452]: | processing connection ksa-nfred[3] 201.19.177.138<BR>
Nov 28 14:11:34 fw pluto[1452]: | next event EVENT_PENDING_PHASE2 in 107 seconds<BR>
Nov 28 14:13:21 fw pluto[1452]: | <BR>
Nov 28 14:13:21 fw pluto[1452]: | *time to handle event<BR>
Nov 28 14:13:21 fw pluto[1452]: | handling event EVENT_PENDING_PHASE2<BR>
Nov 28 14:13:21 fw pluto[1452]: | event after this is EVENT_REINIT_SECRET in 2520 seconds<BR>
Nov 28 14:13:21 fw pluto[1452]: | inserting event EVENT_PENDING_PHASE2, timeout in 120 seconds<BR>
Nov 28 14:13:21 fw pluto[1452]: | pending review: connection "ksa-nfred" was not up, skipped<BR>
Nov 28 14:13:21 fw pluto[1452]: | pending review: connection "ksa-nfred" was not up, skipped<BR>
Nov 28 14:13:21 fw pluto[1452]: | next event EVENT_PENDING_PHASE2 in 120 seconds<BR>
Nov 28 14:55:15 fw pluto[1854]: | *time to handle event<BR>
Nov 28 14:55:15 fw pluto[1854]: | handling event EVENT_RETRANSMIT<BR>
Nov 28 14:55:15 fw pluto[1854]: | event after this is EVENT_PENDING_PHASE2 in 25 seconds<BR>
Nov 28 14:55:15 fw pluto[1854]: | processing connection ksa-nfred[2] 201.19.176.184<BR>
Nov 28 14:55:15 fw pluto[1854]: | handling event EVENT_RETRANSMIT for 201.19.176.184 "ksa-nfred" #6<BR>
Nov 28 14:55:15 fw pluto[1854]: | sending 148 bytes for EVENT_RETRANSMIT through eth2:500 to 201.19.176.184:500:<BR>
Nov 28 14:55:15 fw pluto[1854]: | inserting event EVENT_RETRANSMIT, timeout in 40 seconds for #6<BR>
Nov 28 14:55:15 fw pluto[1854]: | next event EVENT_PENDING_PHASE2 in 25 seconds<BR>
Nov 28 14:55:18 fw pluto[1854]: | rejected packet:<BR>
Nov 28 14:55:18 fw pluto[1854]: | b6 4f af a6 52 c9 0e 23 d1 c6 89 0e 21 fb 06 30<BR>
Nov 28 14:55:18 fw pluto[1854]: | 08 10 20 01 f6 f8 f9 05 00 00 00 94 d0 88 59 6f<BR>
Nov 28 14:55:18 fw pluto[1854]: | cc b5 a8 cd 5c 90 cf 1d 58 f9 28 37 06 a0 fe 8e<BR>
Nov 28 14:55:18 fw pluto[1854]: | 3e a4 94 6e ba c2 9b ab b0 63 18 6a bc a1 28 bf<BR>
Nov 28 14:55:18 fw pluto[1854]: | 09 fd c6 74 a0 b5 9c b1 fb 2a 72 40 f7 e4 07 98<BR>
Nov 28 14:55:18 fw pluto[1854]: | 19 c5 94 45 2a 6d 8c ce 0b 26 52 c4 b3 7e 94 5b<BR>
Nov 28 14:55:18 fw pluto[1854]: | 5c 5a 84 f2 63 68 89 f1 fe e5 49 13 78 79 38 bf<BR>
Nov 28 14:55:18 fw pluto[1854]: | 6d ca 08 df e9 7b 78 93 10 1a 48 55 9a ef 1d 15<BR>
Nov 28 14:55:18 fw pluto[1854]: | 08 20 31 30 ad 27 fe fe 8a d5 44 04 9d 60 37 d6<BR>
Nov 28 14:55:18 fw pluto[1854]: | bc f0 bd 2d<BR>
Nov 28 14:55:18 fw pluto[1854]: | control:<BR>
Nov 28 14:55:18 fw pluto[1854]: | 18 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00<BR>
Nov 28 14:55:18 fw pluto[1854]: | c8 c7 7b d2 c8 c7 7b d2 2c 00 00 00 00 00 00 00<BR>
Nov 28 14:55:18 fw pluto[1854]: | 0b 00 00 00 71 00 00 00 02 03 01 00 00 00 00 00<BR>
Nov 28 14:55:18 fw pluto[1854]: | 00 00 00 00 02 00 00 00 c8 c7 7b d2 00 00 00 00<BR>
Nov 28 14:55:18 fw pluto[1854]: | 00 00 00 00<BR>
Nov 28 14:55:18 fw pluto[1854]: | name:<BR>
Nov 28 14:55:18 fw pluto[1854]: | 02 00 01 f4 c9 13 b0 b8 00 00 00 00 00 00 00 00<BR>
Nov 28 14:55:18 fw pluto[1854]: "ksa-nfred"[2] 201.19.176.184 #6: ERROR: asynchronous network error report on eth2 (sport=500) for message to 201.19.176.184 port 500, complainant 200.xxx.xxx.xxx: No route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)]<BR>
Nov 28 14:55:18 fw pluto[1854]: | next event EVENT_PENDING_PHASE2 in 22 seconds<BR>
Nov 28 14:55:41 fw pluto[1854]: |<BR>
Nov 28 14:55:41 fw pluto[1854]: | *time to handle event<BR>
Nov 28 14:55:41 fw pluto[1854]: | handling event EVENT_PENDING_PHASE2<BR>
Nov 28 14:55:41 fw pluto[1854]: | event after this is EVENT_RETRANSMIT in 14 seconds<BR>
Nov 28 14:55:41 fw pluto[1854]: | inserting event EVENT_PENDING_PHASE2, timeout in 120 seconds<BR>
Nov 28 14:55:41 fw pluto[1854]: | pending review: connection "ksa-nfred" was not up, skipped<BR>
Nov 28 14:55:41 fw pluto[1854]: | pending review: connection "ksa-nfred" was not up, skipped<BR>
Nov 28 14:55:41 fw pluto[1854]: | next event EVENT_RETRANSMIT in 14 seconds for #6<BR>
<BR>
<BR>
/var/log/secure - From Notebook Client ################<BR>
<BR>
Nov 28 16:02:35 localhost pluto[23176]: loading secrets from "/etc/ipsec.secrets"<BR>
Nov 28 16:02:54 localhost pluto[23176]: "ksa-nfred" #1: initiating Main Mode<BR>
Nov 28 16:03:03 localhost pluto[23176]: "ksa-nfred" #1: ignoring unknown Vendor ID payload [4f457a7d4646466667725f65]<BR>
Nov 28 16:03:03 localhost pluto[23176]: "ksa-nfred" #1: received Vendor ID payload [Dead Peer Detection]<BR>
Nov 28 16:03:03 localhost pluto[23176]: "ksa-nfred" #1: received Vendor ID payload [RFC 3947] method set to=109<BR>
Nov 28 16:03:03 localhost pluto[23176]: "ksa-nfred" #1: enabling possible NAT-traversal with method 3<BR>
Nov 28 16:03:03 localhost pluto[23176]: "ksa-nfred" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2<BR>
Nov 28 16:03:03 localhost pluto[23176]: "ksa-nfred" #1: STATE_MAIN_I2: sent MI2, expecting MR2<BR>
Nov 28 16:03:09 localhost pluto[23176]: "ksa-nfred" #1: I did not send a certificate because I do not have one.<BR>
Nov 28 16:03:09 localhost pluto[23176]: "ksa-nfred" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected<BR>
Nov 28 16:03:09 localhost pluto[23176]: "ksa-nfred" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3<BR>
Nov 28 16:03:09 localhost pluto[23176]: "ksa-nfred" #1: STATE_MAIN_I3: sent MI3, expecting MR3<BR>
Nov 28 16:03:16 localhost pluto[23176]: "ksa-nfred" #1: Main mode peer ID is ID_FQDN: <A HREF="mailto:'@fw.farmaciadospobres.com.br">'@fw.farmaciadospobres.com.br</A>'<BR>
Nov 28 16:03:16 localhost pluto[23176]: "ksa-nfred" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4<BR>
Nov 28 16:03:16 localhost pluto[23176]: "ksa-nfred" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}<BR>
Nov 28 16:03:16 localhost pluto[23176]: "ksa-nfred" #2: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#1}<BR>
Nov 28 16:03:31 localhost pluto[23176]: "ksa-nfred" #2: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2<BR>
Nov 28 16:03:31 localhost pluto[23176]: "ksa-nfred" #2: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x7b8bcc98 <0x70ce7acd xfrm=AES_0-HMAC_SHA1 NATD=200.xxx.xxx.xxx:500 DPD=none}<BR>
Nov 28 16:03:33 localhost pluto[23176]: "ksa-nfred" #1: Informational Exchange message must be encrypted<BR>
<BR>
IPSEC.CONF NOTEBOOK ######################################<BR>
<BR>
<TT>config setup</TT><BR>
<TT> nat_traversal=yes</TT><BR>
<TT> interfaces=%defaultroute</TT><BR>
<TT> uniqueids=yes</TT><BR>
<TT>conn ksa-nfred</TT><BR>
<TT> auth=esp</TT><BR>
<TT> pfs=no</TT><BR>
<TT> #authby=never</TT><BR>
<TT> left=%defaultroute # Local vitals</TT><BR>
<TT> <A HREF="mailto:leftid=@fred.farmaciadospobres.com.br">leftid=@fred.farmaciadospobres.com.br</A> #</TT><BR>
<TT> leftrsasigkey= key.....</TT><BR>
<TT> rightrsasigkey=key.....</TT><BR>
<TT> right=200.xxx.xxx.xxxx # Remote vitals</TT><BR>
<TT> rightsubnet=10.60.60.0/24 #</TT><BR>
<TT> <A HREF="mailto:rightid=@fw.farmaciadospobres.com.br">rightid=@fw.farmaciadospobres.com.br</A> #</TT><BR>
<TT> auto=add</TT><BR>
<TT>#Disable Opportunistic Encryption</TT><BR>
<TT>include /etc/ipsec.d/examples/no_oe.conf</TT><BR>
<BR>
<BR>
IPSEC.CONF GATEWAY ########################<BR>
<BR>
config setup<BR>
plutodebug="control parsing"<BR>
nat_traversal=yes<BR>
interfaces=%defaultroute<BR>
<BR>
conn ksa-nfred<BR>
auth=esp<BR>
pfs=no<BR>
left=200.xxx.xxx.xxx # Local vitals<BR>
leftsubnet=10.60.60.0/24<BR>
leftid=@fw.farmaciadospobres.com.br leftrsasigkey=key ...<BR>
rightnexthop=%defaultroute<BR>
right=%any<BR>
rightid=@fred.farmaciadospobres.com.br<BR>
rightrsasigkey=key...<BR>
auto=add<BR>
#Disable Opportunistic Encryption<BR>
include /etc/ipsec.d/examples/no_oe.conf<BR>
<BR>
<BR>
<BR>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<B>Frederico Madeira</B><BR>
Coordenador de Suporte<BR>
N. Landim Comércio Ltda<BR>
e-Mail: <U><A HREF="mailto:fred@farmaciadospobres.com.br">fred@farmaciadospobres.com.br</A></U><BR>
Fone : (81) 3497.3029<BR>
PABX: (81) 3497.3000<BR>
Fax : (81). 3497.3030
</TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>