<html>
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 11 (filtered)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:PMingLiU;
panose-1:2 2 3 0 0 0 0 0 0 0;}
@font-face
{font-family:"\@PMingLiU";
panose-1:2 2 3 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
pre
{margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.EmailStyle17
{font-family:Arial;
color:windowtext;}
@page Section1
{size:595.3pt 841.9pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=EN-AU link=blue vlink=purple>
<div class=Section1><pre><font size=2 face="Courier New"><span
style='font-size:10.0pt'>Hello,</span></font></pre><pre><font size=2
face="Courier New"><span style='font-size:10.0pt'> Sorry for the repost, I think I posted my question/problem wrongly the last time. It came up in someone else’s thread rather than on a new thread. Would of course appreciate any comments on this.</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> I am trying to get Openswan running on an embedded system. My test</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>bed is a host to host network with a PC on one end and the embedded system</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>on the other. I have confirmed that the PC system work as I have tested it</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>with another PC running Openswan with the same conf file. </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>So far I have had some success but I seem to be stuck at Quick mode. Quick</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>mode starts but does not complete on the embedded system but seems to</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>complete on the PC. I have read some FAQ and troubleshooting guide on the</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>internet (the wiki) which suggest that it is a configuration/parameters</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>problem. The conf files are duplicated across both systems to make sure</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>there is not confusion there. I have tried using tcpdump to get more</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>information but since it is already encrypted at this point, I can't get</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>much out of it. I would appreciate any suggestions on what I did wrong or</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>how I can troubleshoot this. I have attached the conf file, the log and</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>terminal output of the PC and also the terminal output of the embedded</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>system.</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Thank you</span></font></pre><pre><font size=2 face="Courier New"><span style='font-size:10.0pt'>Adrian</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>ipsec.conf file</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'># /etc/ipsec.conf - Openswan IPsec configuration file</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'># RCSID $Id: ipsec.conf.in,v 1.15.2.4 2006/07/11 16:17:53 paul Exp $</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'># This file: /usr/local/share/doc/openswan/ipsec.conf-sample</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>#</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'># Manual: ipsec.conf.5</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>version 2.0 # conforms to second version of ipsec.conf specification</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'># basic configuration</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>config setup</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> # plutodebug / klipsdebug = "all", "none" or a combation from below:</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> # "raw crypt parsing emitting control klips pfkey natt x509 private"</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> # eg:</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> # plutodebug="control parsing"</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> #</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> # Only enable klipsdebug=all if you are a developer</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> #</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> # NAT-TRAVERSAL support, see README.NAT-Traversal</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> nat_traversal=no</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> #</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> #</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> # enable this if you see "failed to find any available worker"</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> nhelpers=0</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> interfaces="ipsec0=eth0"</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'># Add connections here</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>conn host-to-host</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> left=192.168.0.5</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>leftrsasigkey=0sAQO098JW9u241mh2FvotWXgX8qyeQvtZH/1Eo9/+DgnRBkUNBMd8F3Ri/7AJ</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>f7H8NYc98X05cLdzV6ApyLKHYd9rgdGSP8W9RZfw1nr4ers57Ys0PcW1medCxmOnqTgqOnpCIyXn</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>yTbZm4dC2xY3P/ot1Eg9aTS/kh2ImhVNz7A2bCNIoK4r95NNGMyT1omfFzwopV8y+wEEZdwikwP2</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>fnMuKcogVrprITFYpTq+VTKdfkYC3pQ8UTBjqeqk+sC+gEuIcyVIVsHprmK/FBxaG1Fw12slks9m</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>HPoml8tsLyLzf7v7rZvU8WfcSVFg655WEhAibVcEhYnNZvJLZQpP/wgGl+ydblChez8iBxLcgRU5</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>n4qp # Local vitals</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> right=192.168.0.10 # Remote vitals</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>rightrsasigkey=0sAQPVtiqab4v0qUoMnSaoVCXEdzI4gaBTbbm2yvh5ZWM+UTTaFTymdST5R1B</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>3BYbHdMo1kNgPW486e05XKvA/z+4N9IIX2kcXFA4wFYv/nJsezqQthhCuDGr1DlhrY1PaPvd0Ukm</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>KBK3corTuBtZBNdtPP8xBh/sfIdVPk0UxCKqzZ2A1W7f2tzcljm20Agkqx4TphuvSefQ/evtZEsF</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>8DBXDdcWsWGJ2ujNYhC26OjjOMVyPEwqupNx+d0tTHE38Xu0ykpF33ncpMvUwnZXgLtgBSaN1ihW</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>PW93DRIV45Ykn8Wa1+btmXPZCoWFroPcqiu8tJ83OBmd4HDLxk8Wu/ikUNsMojkfA06cwUjxl269</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>7YN2t #</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> auto=add # authorizes but doesn't start this</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> # connection at startup</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>#Disable Opportunistic Encryption</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>include /etc/ipsec.d/examples/no_oe.conf</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>The log output on the PC:</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:11 localhost pluto[29023]: "host-to-host" #1: responding to</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Main Mode</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:11 localhost pluto[29023]: "host-to-host" #1: transition from</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>state STATE_MAIN_R0 to state STATE_MAIN_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:11 localhost pluto[29023]: "host-to-host" #1: STATE_MAIN_R1:</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>sent MR1, expecting MI2</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:13 localhost pluto[29023]: "host-to-host" #1: transition from</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>state STATE_MAIN_R1 to state STATE_MAIN_R2</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:13 localhost pluto[29023]: "host-to-host" #1: STATE_MAIN_R2:</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>sent MR2, expecting MI3</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:20 localhost pluto[29023]: "host-to-host" #1: Main mode peer ID</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>is ID_IPV4_ADDR: '192.168.0.5'</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:20 localhost pluto[29023]: "host-to-host" #1: I did not send a</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>certificate because I do not have one.</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:20 localhost pluto[29023]: "host-to-host" #1: transition from</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>state STATE_MAIN_R2 to state STATE_MAIN_R3</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:20 localhost pluto[29023]: "host-to-host" #1: STATE_MAIN_R3:</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:22 localhost pluto[29023]: "host-to-host" #2: responding to</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Quick Mode {msgid:7ba4489f}</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:22 localhost pluto[29023]: "host-to-host" #2: transition from</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>state STATE_QUICK_R0 to state STATE_QUICK_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:22 localhost pluto[29023]: "host-to-host" #2: STATE_QUICK_R1:</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>sent QR1, inbound IPsec SA installed, expecting QI2</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:32 localhost pluto[29023]: "host-to-host" #2: discarding</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>duplicate packet; already STATE_QUICK_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:42:52 localhost pluto[29023]: "host-to-host" #2: discarding</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>duplicate packet; already STATE_QUICK_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:43:34 localhost pluto[29023]: "host-to-host" #3: responding to</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Quick Mode {msgid:4d021b53}</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:43:34 localhost pluto[29023]: "host-to-host" #3: transition from</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>state STATE_QUICK_R0 to state STATE_QUICK_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:43:34 localhost pluto[29023]: "host-to-host" #3: STATE_QUICK_R1:</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>sent QR1, inbound IPsec SA installed, expecting QI2</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:43:34 localhost pluto[29023]: "host-to-host" #1: ignoring</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>informational payload, type INVALID_MESSAGE_ID</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:43:34 localhost pluto[29023]: "host-to-host" #1: received and</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>ignored informational message</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:43:43 localhost pluto[29023]: "host-to-host" #3: discarding</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>duplicate packet; already STATE_QUICK_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:44:03 localhost pluto[29023]: "host-to-host" #3: discarding</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>duplicate packet; already STATE_QUICK_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:44:12 localhost pluto[29023]: "host-to-host" #1: ignoring</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>informational payload, type INVALID_MESSAGE_ID</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:44:12 localhost pluto[29023]: "host-to-host" #1: received and</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>ignored informational message</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:44:45 localhost pluto[29023]: "host-to-host" #4: responding to</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Quick Mode {msgid:dac39802}</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:44:45 localhost pluto[29023]: "host-to-host" #4: transition from</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>state STATE_QUICK_R0 to state STATE_QUICK_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:44:45 localhost pluto[29023]: "host-to-host" #4: STATE_QUICK_R1:</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>sent QR1, inbound IPsec SA installed, expecting QI2</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:44:45 localhost pluto[29023]: "host-to-host" #1: ignoring</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>informational payload, type INVALID_MESSAGE_ID</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:44:45 localhost pluto[29023]: "host-to-host" #1: received and</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>ignored informational message</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:44:52 localhost pluto[29023]: "host-to-host" #1: ignoring</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>informational payload, type INVALID_MESSAGE_ID</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:44:52 localhost pluto[29023]: "host-to-host" #1: received and</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>ignored informational message</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Apr 17 13:44:55 localhost pluto[29023]: "host-to-host" #4: discarding</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>duplicate packet; already STATE_QUICK_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>....keeps going on</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>The output on terminal on the PC:</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>002 "host-to-host" #2: initiating Main Mode</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>104 "host-to-host" #2: STATE_MAIN_I1: initiate</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>003 "host-to-host" #2: ignoring unknown Vendor ID payload</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>[4f456e4d43757f784f704063]</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>003 "host-to-host" #2: received Vendor ID payload [Dead Peer Detection]</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>002 "host-to-host" #2: transition from state STATE_MAIN_I1 to state</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>STATE_MAIN_I2</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>106 "host-to-host" #2: STATE_MAIN_I2: sent MI2, expecting MR2</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>002 "host-to-host" #2: I did not send a certificate because I do not have</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>one.</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>002 "host-to-host" #2: transition from state STATE_MAIN_I2 to state</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>STATE_MAIN_I3</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>108 "host-to-host" #2: STATE_MAIN_I3: sent MI3, expecting MR3</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>002 "host-to-host" #2: Main mode peer ID is ID_IPV4_ADDR: '192.168.0.5'</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>002 "host-to-host" #2: transition from state STATE_MAIN_I3 to state</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>STATE_MAIN_I4</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>004 "host-to-host" #2: STATE_MAIN_I4: ISAKMP SA established</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>{auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>group=modp1536}</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>002 "host-to-host" #3: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>{using isakmp#2}</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>117 "host-to-host" #3: STATE_QUICK_I1: initiate</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>002 "host-to-host" #3: transition from state STATE_QUICK_I1 to state</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>STATE_QUICK_I2</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>004 "host-to-host" #3: STATE_QUICK_I2: sent QI2, IPsec SA established</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>{ESP=>0x51f3bf38 <0x1dc16f43 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>The output on the terminal on the embedded system:</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>002 listening for IKE messages</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>002 adding interface ipsec0/eth0 192.168.0.5:500</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>002 loading secrets from "/tmp/nfs/version1/ipsec.secrets"</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'># Jan 1 00:29:34 pluto[104]: packet from 192.168.0.10:500: ignoring unknown</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Ven</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>dor ID payload [4f454e7c454d716b5f4d6c67]</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:34 pluto[104]: packet from 192.168.0.10:500: received Vendor ID</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>payload [Dead Peer Detection]</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:34 pluto[104]: "host-to-host" #1: responding to Main Mode</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:34 pluto[104]: "host-to-host" #1: transition from state</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>STATE_MAIN_R0 to state STATE_MAIN_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:34 pluto[104]: "host-to-host" #1: STATE_MAIN_R1: sent MR1,</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>expecting MI2</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:36 pluto[104]: "host-to-host" #1: WARNING: calc_dh_shared():</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>for OAKLEY_GROUP_MODP1536 took 1311633 usec</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:36 pluto[104]: "host-to-host" #1: transition from state</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>STATE_MAIN_R1 to state STATE_MAIN_R2</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:36 pluto[104]: "host-to-host" #1: STATE_MAIN_R2: sent MR2,</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>expecting MI3</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:37 pluto[104]: "host-to-host" #1: Main mode peer ID is</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>ID_IPV4_ADDR: '192.168.0.10'</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:37 pluto[104]: "host-to-host" #1: I did not send a certificate</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>because I do not have one.</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:43 pluto[104]: "host-to-host" #1: transition from state</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>STATE_MAIN_R2 to state STATE_MAIN_R3</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:43 pluto[104]: "host-to-host" #1: STATE_MAIN_R3: sent MR3,</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>prf=oakley_md5 group=modp1536}</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:44 pluto[104]: "host-to-host" #2: responding to Quick Mode</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>{msgid:f085e8ee}</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:46 pluto[104]: "host-to-host" #2: WARNING: calc_dh_shared():</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>for OAKLEY_GROUP_MODP1536 took 1309277 usec</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:46 pluto[104]: "host-to-host" #2: transition from state</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>STATE_QUICK_R0 to state STATE_QUICK_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:46 pluto[104]: "host-to-host" #2: STATE_QUICK_R1: sent QR1,</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>inbound IPsec SA installed, expecting QI2</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:51 pluto[104]: "host-to-host" #2: up-host output: syntax error</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:51 pluto[104]: "host-to-host" #2: up-host command exited with</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>status 255</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:29:56 pluto[104]: "host-to-host" #2: discarding duplicate packet;</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>already STATE_QUICK_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:30:16 pluto[104]: "host-to-host" #2: discarding duplicate packet;</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>already STATE_QUICK_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>...removed repeated sections....and eventually</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'> </span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>#2: max number of retransmissions (</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>20) reached STATE_QUICK_R1</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:42:56 pluto[104]: | 02 04 00 03 00 0b 00 00 00 00 00 10 00 00</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>00 68</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:42:56 pluto[104]: | 00 03 00 01 51 f3 bf 38 00 01 00 00 00 00</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>00 00</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:42:56 pluto[104]: | ff ff ff ff 00 00 00 00 00 03 00 05 00 00</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>00 00</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:42:56 pluto[104]: | 00 02 00 00 c0 a8 00 0a 00 00 00 00 00 00</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>00 00</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:42:56 pluto[104]: | 00 03 00 06 00 00 00 00 00 02 00 00 c0 a8</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>00 05</span></font></pre><pre><font
size=2 face="Courier New"><span style='font-size:10.0pt'>Jan 1 00:42:56 pluto[104]: | 00 00 00 00 00 00 00 00</span></font></pre>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'> </span></font></p>
</div>
</body>
</html>