<br>Hello<br><br>I am trying to establish a L2TP vpn connection between a Linux host and Windows Vista Business.<br><br>First of all I have tried with PSK. Then I have tried with certificates. Below, I have attached some logs about it. (PSK logs are at the end, also)
<br>Mainly I have followed guidelines from <a href="http://www.jacco2.dds.nl/networking/vista-openswan.html">http://www.jacco2.dds.nl/networking/vista-openswan.html</a>. <br><br>Vista gives the following error in both PSK and certificate configurations:
<br>Error: 789 "The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer"<br> Openswan logs says "no connection is known".
<br><br>Server is not behind any nat, directly connected to the internet.<br><br>OS configuaration is 2.6.9-42. Also 2.4.21-40 has the same result and the symptoms.<br>Openswan version is 2.4.7.<br><br>My configuration with certificates is also attached below.
<br><br>At this point I need help from the list.<br><br>Regards,<br><br>Oguz Yilmaz<br>Labris Teknoloji<br><br><br>*************<br>ipsec.conf:<br><br>version 2.0<br>config setup<br> interfaces=""<br> klipsdebug=none
<br> plutodebug=none<br> nat_traversal=yes<br> uniqueids=yes<br><br>conn b-labris.l2tp-zcert<br> authby=rsasig<br> pfs=no<br> auth=esp<br> esp=3des-md5-96<br> left=EXTERNALIP
<br> leftprotoport=17/1701<br> leftrsasigkey=%cert<br> leftcert=vpn-sertifikasi.pem<br> leftnexthop=EXTERNALIPDEFGW<br> right=%any<br> rightsubnet=vhost:%no,%priv<br> rightprotoport=17/1701
<br> rightrsasigkey=%cert<br> auto=add<br> keyingtries=3<br> rekey=no<br> rightid=%any<br><br><br>*************<br>ipsec.secrets:<br><br>EXTERNALIP %any : RSA vpn-anahtari.key "labris"
<br>: RSA vpn-anahtari.key "labris"<br><br><br>*************<br>l2tpd.conf:<br><br><br>[global]<br>listen-addr = EXTERNALIP<br><br>[lns default]<br>ip range = 172.19.32.250-172.19.32.254<br>local ip = <a href="http://172.19.32.1">
172.19.32.1</a><br>require chap = yes<br>refuse pap = yes<br>require authentication = yes<br>name = vpngateway<br>ppp debug = yes<br>pppoptfile = /etc/ppp/options.l2tpd<br>length bit = yes<br><br><br>***************<br><br>
<br><br>Windows Logs:<br><br>Server address/Phone Number = EXTERNALIP<br>Device = WAN Miniport (L2TP)<br>Port = VPN0-1<br>MediaType = VPN.<br><br>Dial-in User = labris4<br>VpnStrategy = L2TP<br>DataEncryption = Requested<br>
PrerequisiteEntry = <br>CompartmentsEnabled = No<br>AutoLogon = No<br>UseRasCredentials = Yes<br>CustomAuthKey = <br>AuthRestriction Mask = 0x00000220<br>RasIpv4DefaultGateway = Yes<br>Ipv4AddressAssignment = By Server<br>
Ipv4DNSServerAssignment = By Server<br>RasIpv6DefaultGateway = Yes<br>Ipv6DNSServerAssignment = By Server<br>IpDnsFlags = <br>IpNBTEnabled = Yes<br>UseFlags = Private Connection<br>IpSecFlags = No Pre-shared key<br>ConnectOnWinlogon = No.
<br><br><br><br><br>LOG:<br>VPN IP address has changed to EXTERNALIP for privacy purposes.<br><br>Dec 22 13:45:03 localhost pluto[9179]: Using NETKEY IPsec interface code on 2.6.9-42.EL.LBR1<br>Dec 22 13:45:03 localhost pluto[9179]: Changing to directory '/etc/ipsec.d/cacerts'
<br>Dec 22 13:45:03 localhost pluto[9179]: loaded CA cert file 'cacert.pem' (1001 bytes)<br><br><br>Dec 22 13:45:03 localhost pluto[9179]: loaded host cert file '/etc/ipsec.d/certs/vpn-sertifikasi.pem' (3237 bytes)
<br>Dec 22 13:45:03 localhost pluto[9179]: added connection description "b-labris.l2tp-zcert"<br><br>Dec 22 13:45:03 localhost pluto[9179]: loading secrets from "/etc/ipsec.secrets"<br>Dec 22 13:45:03 localhost pluto[9179]: loaded private key file '/etc/ipsec.d/private/vpn-
anahtari.key' (1606 bytes)<br>Dec 22 13:45:03 localhost pluto[9179]: loaded private key file '/etc/ipsec.d/private/vpn-anahtari.key' (1606 bytes)<br>...<br>Dec 22 13:45:12 localhost pluto[9179]: packet from
<a href="http://88.254.240.233:500">88.254.240.233:500</a>: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000005]<br>Dec 22 13:45:12 localhost pluto[9179]: packet from <a href="http://88.254.240.233:500">88.254.240.233:500
</a>: received Vendor ID payload [RFC 3947] method set to=110 <br>Dec 22 13:45:12 localhost pluto[9179]: packet from <a href="http://88.254.240.233:500">88.254.240.233:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110
<br>Dec 22 13:45:12 localhost pluto[9179]: packet from <a href="http://88.254.240.233:500">88.254.240.233:500</a>: ignoring Vendor ID payload [FRAGMENTATION]<br>Dec 22 13:45:12 localhost pluto[9179]: packet from <a href="http://88.254.240.233:500">
88.254.240.233:500</a>: ignoring unknown Vendor ID payload [fb1de3cdf341b7ea16b7e5be0855f120]<br>Dec 22 13:45:12 localhost pluto[9179]: packet from <a href="http://88.254.240.233:500">88.254.240.233:500</a>: ignoring Vendor ID payload [Vid-Initial-Contact]
<br>Dec 22 13:45:12 localhost pluto[9179]: packet from <a href="http://88.254.240.233:500">88.254.240.233:500</a>: ignoring unknown Vendor ID payload [e3a5966a76379fe707228231e5ce8652]<br>Dec 22 13:45:12 localhost pluto[9179]: "
b-labris.l2tp-zcert"[1] <a href="http://88.254.240.233">88.254.240.233</a> #6: responding to Main Mode from unknown peer <a href="http://88.254.240.233">88.254.240.233</a><br>Dec 22 13:45:12 localhost pluto[9179]: "
b-labris.l2tp-zcert"[1] <a href="http://88.254.240.233">88.254.240.233</a> #6: Diffie-Hellamn group 20 is not a supported modp group. Attribute OAKLEY_GROUP_DESCRIPTION<br>Dec 22 13:45:12 localhost pluto[9179]: "
b-labris.l2tp-zcert"[1] <a href="http://88.254.240.233">88.254.240.233</a> #6: Diffie-Hellamn group 19 is not a supported modp group. Attribute OAKLEY_GROUP_DESCRIPTION<br>Dec 22 13:45:12 localhost pluto[9179]: "
b-labris.l2tp-zcert"[1] <a href="http://88.254.240.233">88.254.240.233</a> #6: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<br>Dec 22 13:45:12 localhost pluto[9179]: "b-labris.l2tp-zcert"[1] <a href="http://88.254.240.233">
88.254.240.233</a> #6: STATE_MAIN_R1: sent MR1, expecting MI2<br>Dec 22 13:45:12 localhost pluto[9179]: "b-labris.l2tp-zcert"[1] <a href="http://88.254.240.233">88.254.240.233</a> #6: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
<br>Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[1] <a href="http://88.254.240.233">88.254.240.233</a> #6: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<br>Dec 22 13:45:13 localhost pluto[9179]: "
b-labris.l2tp-zcert"[1] <a href="http://88.254.240.233">88.254.240.233</a> #6: STATE_MAIN_R2: sent MR2, expecting MI3<br>Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[1] <a href="http://88.254.240.233">
88.254.240.233</a> #6: Main mode peer ID is ID_DER_ASN1_DN: 'C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway'<br>Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[1] <a href="http://88.254.240.233">
88.254.240.233</a> #6: no crl from issuer "C=TR, ST=AN, L=Ankara, O=Labris SG User Company" found (strict=no)<br>Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[1] <a href="http://88.254.240.233">
88.254.240.233</a> #6: switched from "b-labris.l2tp-zcert" to "b-labris.l2tp-zcert"<br>Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">88.254.240.233
</a> #6: deleting connection "b-labris.l2tp-zcert" instance with peer <a href="http://88.254.240.233">88.254.240.233</a> {isakmp=#0/ipsec=#0}<br>Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[2]
<a href="http://88.254.240.233">88.254.240.233</a> #6: I am sending my cert<br>Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">88.254.240.233</a> #6: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
<br>Dec 22 13:45:13 localhost pluto[9179]: | NAT-T: new mapping <a href="http://88.254.240.233:500/4500">88.254.240.233:500/4500</a>)<br>Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">
88.254.240.233</a> #6: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}<br>Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[2]
<a href="http://88.254.240.233">88.254.240.233</a> #6: cannot respond to IPsec SA request because no connection is known for EXTERNALIP[C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway]:17/1701...88.254.240.233[C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway]:17/1701===
<a href="http://192.168.2.3/32">192.168.2.3/32</a><br>Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">88.254.240.233</a> #6: sending encrypted notification INVALID_ID_INFORMATION to
<a href="http://88.254.240.233:4500">88.254.240.233:4500</a><br>Dec 22 13:45:14 localhost pluto[9179]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">88.254.240.233</a> #6: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
<br>Dec 22 13:45:14 localhost pluto[9179]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">88.254.240.233</a> #6: sending encrypted notification INVALID_MESSAGE_ID to <a href="http://88.254.240.233:4500">
88.254.240.233:4500</a><br>Dec 22 13:45:16 localhost pluto[9179]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">88.254.240.233</a> #6: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
<br>Dec 22 13:45:16 localhost pluto[9179]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">88.254.240.233</a> #6: sending encrypted notification INVALID_MESSAGE_ID to <a href="http://88.254.240.233:4500">
88.254.240.233:4500</a><br><br><br><br><br><br><br>Also detailed debug is below:<br>*debug=all LOG<br><br>...<br>Dec 22 13:44:14 localhost pluto[8271]: | subject: 'C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway'
<br>Dec 22 13:44:14 localhost pluto[8271]: | issuer: 'C=TR, ST=AN, L=Ankara, O=Labris SG User Company'<br>Dec 22 13:44:14 localhost pluto[8271]: | authkey: 05:65:14:87:f8:ac:10:9f:5b:15:fb:d0:95:fc:c4:6e:a3:e4:00:e3
<br>Dec 22 13:44:14 localhost pluto[8271]: | not before : Dec 22 09:26:25 UTC 2007<br>Dec 22 13:44:14 localhost pluto[8271]: | current time: Dec 22 11:44:14 UTC 2007<br>Dec 22 13:44:14 localhost pluto[8271]: | not after : Nov 21 09:26:25 UTC 2009
<br>Dec 22 13:44:14 localhost pluto[8271]: | certificate for "C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway" is valid<br>Dec 22 13:44:14 localhost pluto[8271]: | issuer cacert "C=TR, ST=AN, L=Ankara, O=Labris SG User Company" found
<br>Dec 22 13:44:14 localhost pluto[8271]: | signature algorithm: 'md5WithRSAEncryption'<br>Dec 22 13:44:14 localhost pluto[8271]: | digest: f9 fe cf 26 1f c1 cc ce b5 29 11 b4 90 d2 81 57<br>Dec 22 13:44:14 localhost pluto[8271]: | decrypted signature:
<br>Dec 22 13:44:14 localhost pluto[8271]: | 00 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff<br>Dec 22 13:44:14 localhost pluto[8271]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff<br>Dec 22 13:44:14 localhost last message repeated 3 times
<br>Dec 22 13:44:14 localhost pluto[8271]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 30<br>Dec 22 13:44:14 localhost pluto[8271]: | 20 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 04<br>Dec 22 13:44:14 localhost pluto[8271]: | 10 f9 fe cf 26 1f c1 cc ce b5 29 11 b4 90 d2 81
<br>Dec 22 13:44:14 localhost pluto[8271]: | 57<br>Dec 22 13:44:14 localhost pluto[8271]: | valid certificate signature (C=TR, ST=AN, L=Ankara, O=Labris SG User Company -> C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway)
<br>Dec 22 13:44:14 localhost pluto[8271]: "b-labris.l2tp-zcert"[1] <a href="http://88.254.240.233">88.254.240.233</a> #7: no crl from issuer "C=TR, ST=AN, L=Ankara, O=Labris SG User Company" found (strict=no)
<br>Dec 22 13:44:14 localhost pluto[8271]: | subject: 'C=TR, ST=AN, L=Ankara, O=Labris SG User Company'<br>Dec 22 13:44:14 localhost pluto[8271]: | issuer: 'C=TR, ST=AN, L=Ankara, O=Labris SG User Company'
<br>Dec 22 13:44:14 localhost pluto[8271]: | authkey: 05:65:14:87:f8:ac:10:9f:5b:15:fb:d0:95:fc:c4:6e:a3:e4:00:e3<br>Dec 22 13:44:14 localhost pluto[8271]: | not before : Dec 22 09:14:05 UTC 2007<br>Dec 22 13:44:14 localhost pluto[8271]: | current time: Dec 22 11:44:14 UTC 2007
<br>Dec 22 13:44:14 localhost pluto[8271]: | not after : Dec 21 09:14:05 UTC 2008<br>Dec 22 13:44:14 localhost pluto[8271]: | certificate for "C=TR, ST=AN, L=Ankara, O=Labris SG User Company" is valid<br>Dec 22 13:44:14 localhost pluto[8271]: | issuer cacert "C=TR, ST=AN, L=Ankara, O=Labris SG User Company" found
<br>Dec 22 13:44:14 localhost pluto[8271]: | signature algorithm: 'md5WithRSAEncryption'<br>Dec 22 13:44:14 localhost pluto[8271]: | digest: 79 60 a9 ae ab 6b 74 b6 df ea f3 fa 15 bf 40 e8<br>Dec 22 13:44:14 localhost pluto[8271]: | decrypted signature:
<br>Dec 22 13:44:14 localhost pluto[8271]: | 00 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff<br>Dec 22 13:44:14 localhost pluto[8271]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff<br>Dec 22 13:44:14 localhost last message repeated 3 times
<br>Dec 22 13:44:14 localhost pluto[8271]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 30<br>Dec 22 13:44:14 localhost pluto[8271]: | 20 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 04<br>Dec 22 13:44:14 localhost pluto[8271]: | 10 79 60 a9 ae ab 6b 74 b6 df ea f3 fa 15 bf 40
<br>Dec 22 13:44:14 localhost pluto[8271]: | e8<br>Dec 22 13:44:14 localhost pluto[8271]: | valid certificate signature (C=TR, ST=AN, L=Ankara, O=Labris SG User Company -> C=TR, ST=AN, L=Ankara, O=Labris SG User Company)
<br>Dec 22 13:44:14 localhost pluto[8271]: | reached self-signed root ca<br>Dec 22 13:44:14 localhost pluto[8271]: | Public key validated<br>Dec 22 13:44:14 localhost pluto[8271]: | unreference key: 0x9df0938 C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway cnt 1--
<br>Dec 22 13:44:14 localhost pluto[8271]: | CR 30 4c 31 0b 30 09 06 03 55 04 06 13 02 54 52 31<br>Dec 22 13:44:14 localhost pluto[8271]: | 0b 30 09 06 03 55 04 08 13 02 41 4e 31 0f 30 0d<br>Dec 22 13:44:14 localhost pluto[8271]: | 06 03 55 04 07 13 06 41 6e 6b 61 72 61 31 1f 30
<br>Dec 22 13:44:14 localhost pluto[8271]: | 1d 06 03 55 04 0a 13 16 4c 61 62 72 69 73 20 53<br>Dec 22 13:44:14 localhost pluto[8271]: | 47 20 55 73 65 72 20 43 6f 6d 70 61 6e 79<br>Dec 22 13:44:14 localhost pluto[8271]: | requested CA: 'C=TR, ST=AN, L=Ankara, O=Labris SG User Company'
<br>Dec 22 13:44:14 localhost pluto[8271]: | refine_connection: starting with b-labris.l2tp-zcert<br>Dec 22 13:44:14 localhost pluto[8271]: | match_id a=C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway<br>
Dec 22 13:44:14 localhost pluto[8271]: | b=<a href="http://88.254.240.233">88.254.240.233</a><br>Dec 22 13:44:14 localhost pluto[8271]: | results fail<br>Dec 22 13:44:14 localhost pluto[8271]: | trusted_ca called with a=C=TR, ST=AN, L=Ankara, O=Labris SG User Company b=(empty)
<br>Dec 22 13:44:14 localhost pluto[8271]: | trusted_ca called with a=C=TR, ST=AN, L=Ankara, O=Labris SG User Company b=C=TR, ST=AN, L=Ankara, O=Labris SG User Company<br>Dec 22 13:44:14 localhost pluto[8271]: | refine_connection: checking
b-labris.l2tp-zcert against b-labris.l2tp-zcert, best=(none) with match=0(id=0/ca=1/reqca=1)<br>Dec 22 13:44:14 localhost pluto[8271]: | find_host_pair: comparing to EXTERNALIP:500 <a href="http://88.254.240.233:500">88.254.240.233:500
</a> <br>Dec 22 13:44:14 localhost pluto[8271]: | find_host_pair: comparing to EXTERNALIP:500 <a href="http://0.0.0.0:500">0.0.0.0:500</a> <br>Dec 22 13:44:14 localhost pluto[8271]: | find_host_pair_conn (refine_host_connection): EXTERNALIP:500 %any:500 -> hp:
b-labris.l2tp-zcert <br>Dec 22 13:44:14 localhost pluto[8271]: | match_id a=C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway<br>Dec 22 13:44:14 localhost pluto[8271]: | b=(none)<br>Dec 22 13:44:14 localhost pluto[8271]: | results matched
<br>Dec 22 13:44:14 localhost pluto[8271]: | trusted_ca called with a=C=TR, ST=AN, L=Ankara, O=Labris SG User Company b=(empty)<br>Dec 22 13:44:14 localhost pluto[8271]: | trusted_ca called with a=C=TR, ST=AN, L=Ankara, O=Labris SG User Company b=C=TR, ST=AN, L=Ankara, O=Labris SG User Company
<br>Dec 22 13:44:14 localhost pluto[8271]: | refine_connection: checking b-labris.l2tp-zcert against b-labris.l2tp-zcert, best=(none) with match=1(id=1/ca=1/reqca=1)<br>Dec 22 13:44:14 localhost pluto[8271]: | refine_connection: checked
b-labris.l2tp-zcert against b-labris.l2tp-zcert, now for see if best<br>Dec 22 13:44:14 localhost pluto[8271]: | started looking for secret for C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway->(none) of kind PPK_RSA
<br>Dec 22 13:44:14 localhost pluto[8271]: | searching for certificate PPK_RSA:AwEAAcds8 vs PPK_RSA:AwEAAcds8<br>Dec 22 13:44:14 localhost pluto[8271]: | refine_connection: picking new best b-labris.l2tp-zcert (wild=15, peer_pathlen=7/our=0)
<br>Dec 22 13:44:14 localhost pluto[8271]: | offered CA: 'C=TR, ST=AN, L=Ankara, O=Labris SG User Company'<br>Dec 22 13:44:14 localhost pluto[8271]: "b-labris.l2tp-zcert"[1] <a href="http://88.254.240.233">
88.254.240.233</a> #7: switched from "b-labris.l2tp-zcert" to "b-labris.l2tp-zcert"<br>Dec 22 13:44:14 localhost pluto[8271]: | match_id a=C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway
<br>Dec 22 13:44:14 localhost pluto[8271]: | b=(none)<br>Dec 22 13:44:14 localhost pluto[8271]: | results matched<br>Dec 22 13:44:14 localhost pluto[8271]: | alg_info_addref() alg_info->ref_cnt=5<br>Dec 22 13:44:14 localhost pluto[8271]: | alg_info_addref() alg_info->ref_cnt=6
<br>Dec 22 13:44:14 localhost pluto[8271]: | find_host_pair: comparing to EXTERNALIP:500 <a href="http://0.0.0.0:500">0.0.0.0:500</a> <br>Dec 22 13:44:14 localhost pluto[8271]: | find_host_pair: comparing to EXTERNALIP:500
<a href="http://88.254.240.233:500">88.254.240.233:500</a> <br>Dec 22 13:44:14 localhost pluto[8271]: | connect_to_host_pair: EXTERNALIP:500 <a href="http://88.254.240.233:500">88.254.240.233:500</a> -> hp:b-labris.l2tp-zcert
<br>Dec 22 13:44:14 localhost pluto[8271]: | instantiated "b-labris.l2tp-zcert" for <a href="http://88.254.240.233">88.254.240.233</a><br>Dec 22 13:44:14 localhost pluto[8271]: | processing connection b-labris.l2tp-zcert
[2] <a href="http://88.254.240.233">88.254.240.233</a><br>Dec 22 13:44:14 localhost pluto[8271]: | hashing 168 bytes of SA<br>Dec 22 13:44:14 localhost pluto[8271]: | required CA is '%any'<br>Dec 22 13:44:14 localhost pluto[8271]: | trusted_ca called with a=C=TR, ST=AN, L=Ankara, O=Labris SG User Company b=(empty)
<br>Dec 22 13:44:14 localhost pluto[8271]: | key issuer CA is 'C=TR, ST=AN, L=Ankara, O=Labris SG User Company'<br>Dec 22 13:44:14 localhost pluto[8271]: | an RSA Sig check passed with *AwEAAcds8 [preloaded key]<br>
Dec 22 13:44:14 localhost pluto[8271]: | authentication succeeded<br>Dec 22 13:44:14 localhost pluto[8271]: | thinking about whether to send my certificate:<br>Dec 22 13:44:14 localhost pluto[8271]: | I have RSA key: OAKLEY_RSA_SIG
cert.type: CERT_X509_SIGNATURE <br>Dec 22 13:44:14 localhost pluto[8271]: | sendcert: CERT_ALWAYSSEND and I did not get a certificate request <br>Dec 22 13:44:14 localhost pluto[8271]: | so send cert.<br>Dec 22 13:44:14 localhost pluto[8271]: | **emit ISAKMP Message:
<br>Dec 22 13:44:14 localhost pluto[8271]: | initiator cookie:<br>Dec 22 13:44:14 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63<br>Dec 22 13:44:14 localhost pluto[8271]: | responder cookie:<br>Dec 22 13:44:14 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c
<br>Dec 22 13:44:14 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_ID<br>Dec 22 13:44:14 localhost pluto[8271]: | ISAKMP version: ISAKMP Version 1.0<br>Dec 22 13:44:14 localhost pluto[8271]: | exchange type: ISAKMP_XCHG_IDPROT
<br>Dec 22 13:44:14 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION<br>Dec 22 13:44:14 localhost pluto[8271]: | message ID: 00 00 00 00<br>Dec 22 13:44:14 localhost pluto[8271]: | ***emit ISAKMP Identification Payload (IPsec DOI):
<br>Dec 22 13:44:14 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_CERT<br>Dec 22 13:44:14 localhost pluto[8271]: | ID type: ID_DER_ASN1_DN<br>Dec 22 13:44:14 localhost pluto[8271]: | Protocol ID: 0<br>Dec 22 13:44:14 localhost pluto[8271]: | port: 0
<br>Dec 22 13:44:14 localhost pluto[8271]: | emitting 99 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)<br>Dec 22 13:44:14 localhost pluto[8271]: | my identity 30 61 31 0b 30 09 06 03 55 04 06 13 02 54 52 31
<br>Dec 22 13:44:14 localhost pluto[8271]: | 0b 30 09 06 03 55 04 08 13 02 41 4e 31 0f 30 0d<br>Dec 22 13:44:14 localhost pluto[8271]: | 06 03 55 04 07 13 06 41 6e 6b 61 72 61 31 1f 30<br>Dec 22 13:44:14 localhost pluto[8271]: | 1d 06 03 55 04 0a 13 16 4c 61 62 72 69 73 20 53
<br>Dec 22 13:44:14 localhost pluto[8271]: | 47 20 55 73 65 72 20 43 6f 6d 70 61 6e 79 31 13<br>Dec 22 13:44:14 localhost pluto[8271]: | 30 11 06 03 55 04 03 13 0a 76 70 6e 67 61 74 65<br>Dec 22 13:44:14 localhost pluto[8271]: | 77 61 79
<br>Dec 22 13:44:14 localhost pluto[8271]: | emitting length of ISAKMP Identification Payload (IPsec DOI): 107<br>Dec 22 13:44:14 localhost pluto[8271]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">88.254.240.233
</a> #7: I am sending my cert<br>Dec 22 13:44:14 localhost pluto[8271]: | ***emit ISAKMP Certificate Payload:<br>Dec 22 13:44:14 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_SIG<br>Dec 22 13:44:14 localhost pluto[8271]: | cert encoding: CERT_X509_SIGNATURE
<br>Dec 22 13:44:14 localhost pluto[8271]: | emitting 761 raw bytes of CERT into ISAKMP Certificate Payload<br>Dec 22 13:44:14 localhost pluto[8271]: | CERT 30 82 02 f5 30 82 02 5e a0 03 02 01 02 02 01 01<br>Dec 22 13:44:14 localhost pluto[8271]: | 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30
<br>Dec 22 13:44:14 localhost pluto[8271]: | 4c 31 0b 30 09 06 03 55 04 06 13 02 54 52 31 0b<br>Dec 22 13:44:14 localhost pluto[8271]: | 30 09 06 03 55 04 08 13 02 41 4e 31 0f 30 0d 06<br>Dec 22 13:44:14 localhost pluto[8271]: | 03 55 04 07 13 06 41 6e 6b 61 72 61 31 1f 30 1d
<br>Dec 22 13:44:14 localhost pluto[8271]: | 06 03 55 04 0a 13 16 4c 61 62 72 69 73 20 53 47<br>Dec 22 13:44:14 localhost pluto[8271]: | 20 55 73 65 72 20 43 6f 6d 70 61 6e 79 30 1e 17<br>Dec 22 13:44:14 localhost pluto[8271]: | 0d 30 37 31 32 32 32 30 39 32 36 32 35 5a 17 0d
<br>Dec 22 13:44:14 localhost pluto[8271]: | 30 39 31 31 32 31 30 39 32 36 32 35 5a 30 61 31<br>Dec 22 13:44:14 localhost pluto[8271]: | 0b 30 09 06 03 55 04 06 13 02 54 52 31 0b 30 09<br>Dec 22 13:44:14 localhost pluto[8271]: | 06 03 55 04 08 13 02 41 4e 31 0f 30 0d 06 03 55
<br>Dec 22 13:44:14 localhost pluto[8271]: | 04 07 13 06 41 6e 6b 61 72 61 31 1f 30 1d 06 03<br>Dec 22 13:44:14 localhost pluto[8271]: | 55 04 0a 13 16 4c 61 62 72 69 73 20 53 47 20 55<br>Dec 22 13:44:14 localhost pluto[8271]: | 73 65 72 20 43 6f 6d 70 61 6e 79 31 13 30 11 06
<br>Dec 22 13:44:14 localhost pluto[8271]: | 03 55 04 03 13 0a 76 70 6e 67 61 74 65 77 61 79<br>Dec 22 13:44:14 localhost pluto[8271]: | 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01<br>Dec 22 13:44:14 localhost pluto[8271]: | 05 00 03 81 8d 00 30 81 89 02 81 81 00 c7 6c f2
<br>Dec 22 13:44:14 localhost pluto[8271]: | f6 69 6f c1 3c a9 84 88 23 34 2a 95 19 7c c4 e1<br>Dec 22 13:44:14 localhost pluto[8271]: | 41 60 e1 da 13 fb 62 71 81 c6 37 de 98 e3 9b 88<br>Dec 22 13:44:14 localhost pluto[8271]: | 28 5f 6f df 22 2d 40 00 49 2b 7a 57 7b e9 1b 9f
<br>Dec 22 13:44:14 localhost pluto[8271]: | ac 66 09 ad 0c a6 67 a3 b5 b9 33 24 70 8e d1 67<br>Dec 22 13:44:14 localhost pluto[8271]: | 6b 60 51 65 49 ef b3 e1 3f ed ab f3 35 77 cd 4b<br>Dec 22 13:44:14 localhost pluto[8271]: | 53 e1 62 ae 0d a8 d9 9a 99 cb 33 60 d8 a1 a2 0f
<br>Dec 22 13:44:14 localhost pluto[8271]: | 07 9a 02 01 5f 0e b7 dc ce 3a 27 ef fa 3a 98 d4<br>Dec 22 13:44:14 localhost pluto[8271]: | ab 5c 55 17 f3 59 c7 5f 30 b7 ea e5 83 02 03 01<br>Dec 22 13:44:14 localhost pluto[8271]: | 00 01 a3 81 d1 30 81 ce 30 09 06 03 55 1d 13 04
<br>Dec 22 13:44:14 localhost pluto[8271]: | 02 30 00 30 2c 06 09 60 86 48 01 86 f8 42 01 0d<br>Dec 22 13:44:14 localhost pluto[8271]: | 04 1f 16 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65<br>Dec 22 13:44:14 localhost pluto[8271]: | 72 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74
<br>Dec 22 13:44:14 localhost pluto[8271]: | 65 30 1d 06 03 55 1d 0e 04 16 04 14 1b f8 cd 1d<br>Dec 22 13:44:14 localhost pluto[8271]: | 97 c8 c4 0b da 9b bc 5d 66 eb dc 8f 65 5b f1 0f<br>Dec 22 13:44:14 localhost pluto[8271]: | 30 74 06 03 55 1d 23 04 6d 30 6b 80 14 05 65 14
<br>Dec 22 13:44:14 localhost pluto[8271]: | 87 f8 ac 10 9f 5b 15 fb d0 95 fc c4 6e a3 e4 00<br>Dec 22 13:44:14 localhost pluto[8271]: | e3 a1 50 a4 4e 30 4c 31 0b 30 09 06 03 55 04 06<br>Dec 22 13:44:14 localhost pluto[8271]: | 13 02 54 52 31 0b 30 09 06 03 55 04 08 13 02 41
<br>Dec 22 13:44:14 localhost pluto[8271]: | 4e 31 0f 30 0d 06 03 55 04 07 13 06 41 6e 6b 61<br>Dec 22 13:44:14 localhost pluto[8271]: | 72 61 31 1f 30 1d 06 03 55 04 0a 13 16 4c 61 62<br>Dec 22 13:44:14 localhost pluto[8271]: | 72 69 73 20 53 47 20 55 73 65 72 20 43 6f 6d 70
<br>Dec 22 13:44:14 localhost pluto[8271]: | 61 6e 79 82 01 00 30 0d 06 09 2a 86 48 86 f7 0d<br>Dec 22 13:44:14 localhost pluto[8271]: | 01 01 04 05 00 03 81 81 00 42 85 82 d5 1e 56 91<br>Dec 22 13:44:14 localhost pluto[8271]: | 22 5d d0 3c ae 90 75 35 31 72 a1 87 1a 7f e4 33
<br>Dec 22 13:44:14 localhost pluto[8271]: | 0e a0 c0 6d 0a c5 ac 18 b5 8c b2 5b 55 ac 6a 72<br>Dec 22 13:44:14 localhost pluto[8271]: | 67 ec 9d 47 29 a0 0f f4 1d a9 04 3b a0 33 16 68<br>Dec 22 13:44:14 localhost pluto[8271]: | ab 61 a7 9c 3c 2a 3f e6 31 2d 6d 0a 99 d5 23 e7
<br>Dec 22 13:44:14 localhost pluto[8271]: | 67 4f 2e e3 d4 e7 11 bc df f9 38 89 89 33 d1 9d<br>Dec 22 13:44:14 localhost pluto[8271]: | 9e ee 07 a2 71 00 13 55 62 ad c1 06 6a 1d 2f 9f<br>Dec 22 13:44:14 localhost pluto[8271]: | 45 54 ca 04 a9 5f 04 e8 ab 4e 50 18 44 08 e1 dd
<br>Dec 22 13:44:14 localhost pluto[8271]: | 4c 11 d0 44 8f 49 be 80 8d<br>Dec 22 13:44:14 localhost pluto[8271]: | emitting length of ISAKMP Certificate Payload: 766<br>Dec 22 13:44:14 localhost pluto[8271]: | hashing 168 bytes of SA
<br>Dec 22 13:44:14 localhost pluto[8271]: | started looking for secret for C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway->C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway of kind PPK_RSA
<br>Dec 22 13:44:14 localhost pluto[8271]: | searching for certificate PPK_RSA:AwEAAcds8 vs PPK_RSA:AwEAAcds8<br>Dec 22 13:44:14 localhost pluto[8271]: | signing hash with RSA Key *AwEAAcds8<br>Dec 22 13:44:14 localhost pluto[8271]: | ***emit ISAKMP Signature Payload:
<br>Dec 22 13:44:14 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_NONE<br>Dec 22 13:44:14 localhost pluto[8271]: | emitting 128 raw bytes of SIG_R into ISAKMP Signature Payload<br>Dec 22 13:44:14 localhost pluto[8271]: | SIG_R 5e 6e ab ae b7 60 3c 46 c1 34 77 8d 43 ad 4a db
<br>Dec 22 13:44:14 localhost pluto[8271]: | 28 f8 74 ce 6d 83 aa 0c b0 ac 2c 33 8c d4 fd 7d<br>Dec 22 13:44:14 localhost pluto[8271]: | 50 f6 c3 8e 1d 73 52 0f 5f c5 9b 52 6f e0 b8 ec<br>Dec 22 13:44:14 localhost pluto[8271]: | 3d 6f 9c 54 de b7 fb c9 ac 36 5f b7 0f d9 1a 1e
<br>Dec 22 13:44:14 localhost pluto[8271]: | 58 26 3e 24 59 49 d8 a5 30 f0 5e 03 44 2f e5 12<br>Dec 22 13:44:14 localhost pluto[8271]: | 62 42 0e 8f 9e 6a 6b 83 2a 2f a7 c2 ee 79 14 06<br>Dec 22 13:44:14 localhost pluto[8271]: | 5f eb d6 03 2d ce e2 44 78 50 74 b3 b3 e7 6c 38
<br>Dec 22 13:44:14 localhost pluto[8271]: | fb aa ca 22 06 da 5d 0c 4e 3a 65 77 19 30 17 df<br>Dec 22 13:44:14 localhost pluto[8271]: | emitting length of ISAKMP Signature Payload: 132<br>Dec 22 13:44:14 localhost pluto[8271]: | encrypting:
<br>Dec 22 13:44:14 localhost pluto[8271]: | 06 00 00 6b 09 00 00 00 30 61 31 0b 30 09 06 03<br>Dec 22 13:44:14 localhost pluto[8271]: | 55 04 06 13 02 54 52 31 0b 30 09 06 03 55 04 08<br>Dec 22 13:44:14 localhost pluto[8271]: | 13 02 41 4e 31 0f 30 0d 06 03 55 04 07 13 06 41
<br>Dec 22 13:44:14 localhost pluto[8271]: | 6e 6b 61 72 61 31 1f 30 1d 06 03 55 04 0a 13 16<br>Dec 22 13:44:14 localhost pluto[8271]: | 4c 61 62 72 69 73 20 53 47 20 55 73 65 72 20 43<br>Dec 22 13:44:14 localhost pluto[8271]: | 6f 6d 70 61 6e 79 31 13 30 11 06 03 55 04 03 13
<br>Dec 22 13:44:14 localhost pluto[8271]: | 0a 76 70 6e 67 61 74 65 77 61 79 09 00 02 fe 04<br>Dec 22 13:44:14 localhost pluto[8271]: | 30 82 02 f5 30 82 02 5e a0 03 02 01 02 02 01 01<br>Dec 22 13:44:14 localhost pluto[8271]: | 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30
<br>Dec 22 13:44:14 localhost pluto[8271]: | 4c 31 0b 30 09 06 03 55 04 06 13 02 54 52 31 0b<br>Dec 22 13:44:14 localhost pluto[8271]: | 30 09 06 03 55 04 08 13 02 41 4e 31 0f 30 0d 06<br>Dec 22 13:44:14 localhost pluto[8271]: | 03 55 04 07 13 06 41 6e 6b 61 72 61 31 1f 30 1d
<br>Dec 22 13:44:14 localhost pluto[8271]: | 06 03 55 04 0a 13 16 4c 61 62 72 69 73 20 53 47<br>Dec 22 13:44:14 localhost pluto[8271]: | 20 55 73 65 72 20 43 6f 6d 70 61 6e 79 30 1e 17<br>Dec 22 13:44:14 localhost pluto[8271]: | 0d 30 37 31 32 32 32 30 39 32 36 32 35 5a 17 0d
<br>Dec 22 13:44:14 localhost pluto[8271]: | 30 39 31 31 32 31 30 39 32 36 32 35 5a 30 61 31<br>Dec 22 13:44:14 localhost pluto[8271]: | 0b 30 09 06 03 55 04 06 13 02 54 52 31 0b 30 09<br>Dec 22 13:44:14 localhost pluto[8271]: | 06 03 55 04 08 13 02 41 4e 31 0f 30 0d 06 03 55
<br>Dec 22 13:44:14 localhost pluto[8271]: | 04 07 13 06 41 6e 6b 61 72 61 31 1f 30 1d 06 03<br>Dec 22 13:44:14 localhost pluto[8271]: | 55 04 0a 13 16 4c 61 62 72 69 73 20 53 47 20 55<br>Dec 22 13:44:14 localhost pluto[8271]: | 73 65 72 20 43 6f 6d 70 61 6e 79 31 13 30 11 06
<br>Dec 22 13:44:14 localhost pluto[8271]: | 03 55 04 03 13 0a 76 70 6e 67 61 74 65 77 61 79<br>Dec 22 13:44:14 localhost pluto[8271]: | 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01<br>Dec 22 13:44:14 localhost pluto[8271]: | 05 00 03 81 8d 00 30 81 89 02 81 81 00 c7 6c f2
<br>Dec 22 13:44:14 localhost pluto[8271]: | f6 69 6f c1 3c a9 84 88 23 34 2a 95 19 7c c4 e1<br>Dec 22 13:44:14 localhost pluto[8271]: | 41 60 e1 da 13 fb 62 71 81 c6 37 de 98 e3 9b 88<br>Dec 22 13:44:14 localhost pluto[8271]: | 28 5f 6f df 22 2d 40 00 49 2b 7a 57 7b e9 1b 9f
<br>Dec 22 13:44:14 localhost pluto[8271]: | ac 66 09 ad 0c a6 67 a3 b5 b9 33 24 70 8e d1 67<br>Dec 22 13:44:14 localhost pluto[8271]: | 6b 60 51 65 49 ef b3 e1 3f ed ab f3 35 77 cd 4b<br>Dec 22 13:44:14 localhost pluto[8271]: | 53 e1 62 ae 0d a8 d9 9a 99 cb 33 60 d8 a1 a2 0f
<br>Dec 22 13:44:14 localhost pluto[8271]: | 07 9a 02 01 5f 0e b7 dc ce 3a 27 ef fa 3a 98 d4<br>Dec 22 13:44:14 localhost pluto[8271]: | ab 5c 55 17 f3 59 c7 5f 30 b7 ea e5 83 02 03 01<br>Dec 22 13:44:14 localhost pluto[8271]: | 00 01 a3 81 d1 30 81 ce 30 09 06 03 55 1d 13 04
<br>Dec 22 13:44:14 localhost pluto[8271]: | 02 30 00 30 2c 06 09 60 86 48 01 86 f8 42 01 0d<br>Dec 22 13:44:14 localhost pluto[8271]: | 04 1f 16 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65<br>Dec 22 13:44:14 localhost pluto[8271]: | 72 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74
<br>Dec 22 13:44:14 localhost pluto[8271]: | 65 30 1d 06 03 55 1d 0e 04 16 04 14 1b f8 cd 1d<br>Dec 22 13:44:14 localhost pluto[8271]: | 97 c8 c4 0b da 9b bc 5d 66 eb dc 8f 65 5b f1 0f<br>Dec 22 13:44:14 localhost pluto[8271]: | 30 74 06 03 55 1d 23 04 6d 30 6b 80 14 05 65 14
<br>Dec 22 13:44:14 localhost pluto[8271]: | 87 f8 ac 10 9f 5b 15 fb d0 95 fc c4 6e a3 e4 00<br>Dec 22 13:44:14 localhost pluto[8271]: | e3 a1 50 a4 4e 30 4c 31 0b 30 09 06 03 55 04 06<br>Dec 22 13:44:14 localhost pluto[8271]: | 13 02 54 52 31 0b 30 09 06 03 55 04 08 13 02 41
<br>Dec 22 13:44:14 localhost pluto[8271]: | 4e 31 0f 30 0d 06 03 55 04 07 13 06 41 6e 6b 61<br>Dec 22 13:44:14 localhost pluto[8271]: | 72 61 31 1f 30 1d 06 03 55 04 0a 13 16 4c 61 62<br>Dec 22 13:44:14 localhost pluto[8271]: | 72 69 73 20 53 47 20 55 73 65 72 20 43 6f 6d 70
<br>Dec 22 13:44:14 localhost pluto[8271]: | 61 6e 79 82 01 00 30 0d 06 09 2a 86 48 86 f7 0d<br>Dec 22 13:44:14 localhost pluto[8271]: | 01 01 04 05 00 03 81 81 00 42 85 82 d5 1e 56 91<br>Dec 22 13:44:14 localhost pluto[8271]: | 22 5d d0 3c ae 90 75 35 31 72 a1 87 1a 7f e4 33
<br>Dec 22 13:44:14 localhost pluto[8271]: | 0e a0 c0 6d 0a c5 ac 18 b5 8c b2 5b 55 ac 6a 72<br>Dec 22 13:44:14 localhost pluto[8271]: | 67 ec 9d 47 29 a0 0f f4 1d a9 04 3b a0 33 16 68<br>Dec 22 13:44:14 localhost pluto[8271]: | ab 61 a7 9c 3c 2a 3f e6 31 2d 6d 0a 99 d5 23 e7
<br>Dec 22 13:44:14 localhost pluto[8271]: | 67 4f 2e e3 d4 e7 11 bc df f9 38 89 89 33 d1 9d<br>Dec 22 13:44:14 localhost pluto[8271]: | 9e ee 07 a2 71 00 13 55 62 ad c1 06 6a 1d 2f 9f<br>Dec 22 13:44:14 localhost pluto[8271]: | 45 54 ca 04 a9 5f 04 e8 ab 4e 50 18 44 08 e1 dd
<br>Dec 22 13:44:14 localhost pluto[8271]: | 4c 11 d0 44 8f 49 be 80 8d 00 00 00 84 5e 6e ab<br>Dec 22 13:44:14 localhost pluto[8271]: | ae b7 60 3c 46 c1 34 77 8d 43 ad 4a db 28 f8 74<br>Dec 22 13:44:14 localhost pluto[8271]: | ce 6d 83 aa 0c b0 ac 2c 33 8c d4 fd 7d 50 f6 c3
<br>Dec 22 13:44:14 localhost pluto[8271]: | 8e 1d 73 52 0f 5f c5 9b 52 6f e0 b8 ec 3d 6f 9c<br>Dec 22 13:44:14 localhost pluto[8271]: | 54 de b7 fb c9 ac 36 5f b7 0f d9 1a 1e 58 26 3e<br>Dec 22 13:44:14 localhost pluto[8271]: | 24 59 49 d8 a5 30 f0 5e 03 44 2f e5 12 62 42 0e
<br>Dec 22 13:44:14 localhost pluto[8271]: | 8f 9e 6a 6b 83 2a 2f a7 c2 ee 79 14 06 5f eb d6<br>Dec 22 13:44:14 localhost pluto[8271]: | 03 2d ce e2 44 78 50 74 b3 b3 e7 6c 38 fb aa ca<br>Dec 22 13:44:14 localhost pluto[8271]: | 22 06 da 5d 0c 4e 3a 65 77 19 30 17 df
<br>Dec 22 13:44:14 localhost pluto[8271]: | IV:<br>Dec 22 13:44:14 localhost pluto[8271]: | 07 f7 83 d6 c1 8f 91 73<br>Dec 22 13:44:14 localhost pluto[8271]: | emitting 3 zero bytes of encryption padding into ISAKMP Message
<br>Dec 22 13:44:14 localhost pluto[8271]: | encrypting using OAKLEY_3DES_CBC<br>Dec 22 13:44:14 localhost pluto[8271]: | next IV: eb 89 cc 2a b8 48 d9 8a<br>Dec 22 13:44:14 localhost pluto[8271]: | emitting length of ISAKMP Message: 1036
<br>Dec 22 13:44:14 localhost pluto[8271]: | last encrypted block of Phase 1:<br>Dec 22 13:44:14 localhost pluto[8271]: | eb 89 cc 2a b8 48 d9 8a<br>Dec 22 13:44:14 localhost pluto[8271]: | complete state transition with STF_OK
<br>Dec 22 13:44:14 localhost pluto[8271]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">88.254.240.233</a> #7: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3<br>Dec 22 13:44:14 localhost pluto[8271]: | sending reply packet to
<a href="http://88.254.240.233:500">88.254.240.233:500</a> (from port=500)<br>Dec 22 13:44:14 localhost pluto[8271]: | NAT-T: new mapping <a href="http://88.254.240.233:500/4500">88.254.240.233:500/4500</a>)<br>Dec 22 13:44:14 localhost pluto[8271]: | processing connection vpnerp-over-adsl2
<br>Dec 22 13:44:14 localhost pluto[8271]: | processing connection vpnerp-over-adsl2<br>Dec 22 13:44:14 localhost pluto[8271]: | processing connection b-labris.l2tp-zcert[1] <a href="http://88.254.240.233">88.254.240.233</a>
<br>Dec 22 13:44:14 localhost pluto[8271]: | processing connection vpnlan2-over-adsl1<br>Dec 22 13:44:14 localhost pluto[8271]: | processing connection vpnlan1-over-adsl1<br>Dec 22 13:44:14 localhost pluto[8271]: | processing connection vpnlan2-over-adsl1
<br>Dec 22 13:44:14 localhost pluto[8271]: | processing connection b-labris.l2tp-zcert[2] <a href="http://88.254.240.233">88.254.240.233</a><br>Dec 22 13:44:14 localhost pluto[8271]: | NAT-T: updating local port to 4500<br>
Dec 22 13:44:14 localhost pluto[8271]: | NAT-T connection has wrong interface definition EXTERNALIP:4500 vs EXTERNALIP:500<br>Dec 22 13:44:14 localhost pluto[8271]: | NAT-T: using interface ppp0:4500<br>Dec 22 13:44:14 localhost pluto[8271]: | sending 1036 bytes for STATE_MAIN_R2 through ppp0:4500 to
<a href="http://88.254.240.233:4500">88.254.240.233:4500</a>:<br>Dec 22 13:44:14 localhost pluto[8271]: | 00 00 00 00 54 0b 44 fa 30 5f 01 63 48 e2 02 2f<br>Dec 22 13:44:14 localhost pluto[8271]: | ab 05 97 7c 05 10 02 01 00 00 00 00 00 00 04 0c
<br>Dec 22 13:44:14 localhost pluto[8271]: | df 41 1f 50 4b 5b 61 44 31 7c 21 91 7c d1 82 34<br>Dec 22 13:44:14 localhost pluto[8271]: | e3 28 4a 52 3c 4c 89 a4 ac 1b be 2e 3b 79 0a b5<br>Dec 22 13:44:14 localhost pluto[8271]: | 92 52 99 31 e7 7c db e4 db 11 f6 8c 0e a7 40 4f
<br>Dec 22 13:44:14 localhost pluto[8271]: | 1b 8b 11 86 bb 7e 15 50 e6 09 3c 86 6c 31 50 d5<br>Dec 22 13:44:14 localhost pluto[8271]: | 41 f8 c8 96 dc e9 e3 22 20 ba 5e df 41 98 12 02<br>Dec 22 13:44:14 localhost pluto[8271]: | f2 d4 e8 69 f2 97 ef f9 bf e3 dd 5e ba 27 4c b6
<br>Dec 22 13:44:14 localhost pluto[8271]: | fe 14 dc 33 e9 53 57 91 56 75 5d ad 7b 0f ea 75<br>Dec 22 13:44:14 localhost pluto[8271]: | 3e 80 ef 5e 99 08 0d fc 39 5e 1a 82 42 d6 49 d3<br>Dec 22 13:44:14 localhost pluto[8271]: | 10 3b 67 2d ea bc 1c 67 b9 ce 14 cb a8 80 a9 9a
<br>Dec 22 13:44:14 localhost pluto[8271]: | 8b 4f f1 dd b7 be f7 10 19 58 6a 4a 65 55 2e 8c<br>Dec 22 13:44:14 localhost pluto[8271]: | b5 65 81 27 26 bd 68 57 55 24 38 18 fd c6 29 e5<br>Dec 22 13:44:14 localhost pluto[8271]: | f1 b9 b6 cb 62 ee 22 a3 44 57 1e 9a 90 fb f0 97
<br>Dec 22 13:44:14 localhost pluto[8271]: | 1c eb c7 31 f4 57 ff e3 3e 5b 35 a1 c5 9d 0b ba<br>Dec 22 13:44:14 localhost pluto[8271]: | 48 f6 ff 3c 0e f7 18 b0 e5 89 75 cc a4 a0 a1 60<br>Dec 22 13:44:14 localhost pluto[8271]: | 1b 0e cd 55 e8 65 fb d7 3f 72 85 c0 2a c5 fd 2d
<br>Dec 22 13:44:14 localhost pluto[8271]: | 6d a6 c0 e5 34 34 5e ae 1e 2f 63 50 b3 81 d9 b2<br>Dec 22 13:44:14 localhost pluto[8271]: | b1 6d b4 74 2e b7 2a a5 08 c6 e5 23 b6 a6 63 8d<br>Dec 22 13:44:15 localhost pluto[8271]: | e2 34 fa a6 ef be 01 9f e2 65 a9 c7 01 de 41 b4
<br>Dec 22 13:44:15 localhost pluto[8271]: | df c3 d0 1a 98 50 80 21 75 64 b4 9f 6a 02 4b c6<br>Dec 22 13:44:15 localhost pluto[8271]: | c3 80 98 22 a6 d4 c8 c8 63 12 4b 3d 84 f1 6c ce<br>Dec 22 13:44:15 localhost pluto[8271]: | 52 6b 16 cb 6e d1 4d 38 97 ad 7e 60 bd 23 3b d3
<br>Dec 22 13:44:15 localhost pluto[8271]: | 04 35 d7 50 54 50 13 a2 2f f6 c1 4e 74 ab 51 91<br>Dec 22 13:44:15 localhost pluto[8271]: | 5a 75 65 2a 1e 14 aa fc 8e 9e f7 fd 1d 7c 2f 7f<br>Dec 22 13:44:15 localhost pluto[8271]: | c6 e8 21 93 cb 61 72 0c 84 27 9c ea 98 a3 37 cb
<br>Dec 22 13:44:15 localhost pluto[8271]: | 13 28 b0 d6 28 b3 2d 35 cd ab 44 44 5d 78 c8 54<br>Dec 22 13:44:15 localhost pluto[8271]: | f9 07 4d ce 28 cd 4a 3c 95 b8 13 1f 82 ad 73 d3<br>Dec 22 13:44:15 localhost pluto[8271]: | 8e d6 f3 3e c8 a8 12 05 52 31 3c 15 e0 0d 3f 9c
<br>Dec 22 13:44:15 localhost pluto[8271]: | aa de a2 e5 b3 aa 6a 20 b3 d4 25 7f 6f 79 68 a4<br>Dec 22 13:44:15 localhost pluto[8271]: | 6c 8b 9a 67 4a 53 7f 1e 6f 1b 2c 51 02 46 5a 4d<br>Dec 22 13:44:15 localhost pluto[8271]: | 8e fd 7b c3 9e b2 a5 de 10 18 5e 97 21 0d 2f b7
<br>Dec 22 13:44:15 localhost pluto[8271]: | bf a6 dd d5 a9 8b 2a e7 7a ec a5 da 85 38 1a 0c<br>Dec 22 13:44:15 localhost pluto[8271]: | e2 6e d6 cb 61 88 f3 5f 3e 5d b9 bf 7e d1 19 3f<br>Dec 22 13:44:15 localhost pluto[8271]: | be 7d 36 23 e9 62 12 ae d3 4c 88 fb 11 c9 46 3b
<br>Dec 22 13:44:15 localhost pluto[8271]: | ad 18 3b f4 e3 15 13 cc 20 b8 d2 fa 7d a7 b1 84<br>Dec 22 13:44:15 localhost pluto[8271]: | bb f1 4a 90 d6 15 02 d1 17 70 60 e5 63 bb 3b d1<br>Dec 22 13:44:15 localhost pluto[8271]: | c7 e5 c4 05 8c bd 80 2c e3 1d 85 17 7e 54 8e 2a
<br>Dec 22 13:44:15 localhost pluto[8271]: | b5 54 e3 a5 bc dd 64 23 10 74 e5 9b 9a 15 0c 7a<br>Dec 22 13:44:15 localhost pluto[8271]: | d8 2e 84 d1 36 40 c8 5e 12 6e 4c 37 1a 97 3a 4a<br>Dec 22 13:44:15 localhost pluto[8271]: | 2e 73 50 7d 5c f7 91 bd c6 3b a8 39 55 e8 64 81
<br>Dec 22 13:44:15 localhost pluto[8271]: | 51 31 32 35 9e 88 d7 81 7e ab 5b d4 55 9b 43 d3<br>Dec 22 13:44:15 localhost pluto[8271]: | d6 a3 ca 12 8f 86 18 7c 46 8e 8b 73 1c 27 30 aa<br>Dec 22 13:44:15 localhost pluto[8271]: | 78 30 1d fb a8 cf db 90 04 51 14 b9 30 7b b7 bf
<br>Dec 22 13:44:15 localhost pluto[8271]: | c1 a6 a6 d1 61 b3 af d2 ce e7 01 96 27 a6 a6 87<br>Dec 22 13:44:15 localhost pluto[8271]: | 15 85 a0 0b e3 cd 05 74 9c 85 47 88 0d a4 2a bc<br>Dec 22 13:44:15 localhost pluto[8271]: | 25 f6 d4 a4 6b e2 b4 47 25 b6 29 aa f5 86 b5 72
<br>Dec 22 13:44:15 localhost pluto[8271]: | a1 49 d0 87 09 ab a4 bf c1 de df 59 af 1e 9a e3<br>Dec 22 13:44:15 localhost pluto[8271]: | 97 3b 6c 72 a0 6f 99 07 65 dd a4 28 26 79 8c f6<br>Dec 22 13:44:15 localhost pluto[8271]: | 17 94 e6 c9 5e 55 8b e7 89 2d fc 78 7d 11 6b 1d
<br>Dec 22 13:44:15 localhost pluto[8271]: | 6f e8 98 fb fa a3 f3 26 c0 4d cf a7 cc f6 68 0c<br>Dec 22 13:44:15 localhost pluto[8271]: | e6 1f 28 04 5f 4c 85 f9 dd 7c 82 6c 2d e9 f0 13<br>Dec 22 13:44:15 localhost pluto[8271]: | 24 63 a4 f5 9d 25 db 94 30 c6 e7 1c 08 06 21 74
<br>Dec 22 13:44:15 localhost pluto[8271]: | bf d9 2e d1 05 08 6a 1c 27 53 df 3d fb 1d 30 92<br>Dec 22 13:44:15 localhost pluto[8271]: | 7d 28 78 85 e2 25 de 0b ed 57 bf d9 7a 92 81 c1<br>Dec 22 13:44:15 localhost pluto[8271]: | 57 1c ec 0c 9b 1d 0f 7e b7 ad d2 8c 9a 11 b4 97
<br>Dec 22 13:44:15 localhost pluto[8271]: | 87 ed cf 13 c7 b1 46 67 c4 c1 ce 2b 76 10 7a 30<br>Dec 22 13:44:15 localhost pluto[8271]: | f9 4c a3 87 03 7d c0 0e 5b db 38 f5 b1 10 db 13<br>Dec 22 13:44:15 localhost pluto[8271]: | 46 43 32 ee dd ff bd 00 59 3f 44 04 0a 63 c9 9d
<br>Dec 22 13:44:15 localhost pluto[8271]: | 45 0a 2f d8 c6 9c 8c 5b 8e 19 c7 06 ef 00 59 37<br>Dec 22 13:44:15 localhost pluto[8271]: | 38 9f 1a 91 8e 2a d7 86 ab 4e c1 24 b2 2d 35 6f<br>Dec 22 13:44:15 localhost pluto[8271]: | 8d 93 df e6 59 51 a7 f6 23 b1 47 5a 7a 5b 96 5b
<br>Dec 22 13:44:15 localhost pluto[8271]: | ad 81 e2 67 f0 53 62 11 33 53 c6 df 01 d8 da d4<br>Dec 22 13:44:15 localhost pluto[8271]: | 2a 8d 29 01 cc 14 fc 32 e3 11 54 04 44 59 58 70<br>Dec 22 13:44:15 localhost pluto[8271]: | 75 36 9f ba 8d 58 85 91 eb 89 cc 2a b8 48 d9 8a
<br>Dec 22 13:44:15 localhost pluto[8271]: | inserting event EVENT_SA_EXPIRE, timeout in 28800 seconds for #7<br>Dec 22 13:44:15 localhost pluto[8271]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">88.254.240.233
</a> #7: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}<br>Dec 22 13:44:15 localhost pluto[8271]: | modecfg pull: noquirk policy:push not-client
<br>Dec 22 13:44:15 localhost pluto[8271]: | phase 1 is done, looking for phase 1 to unpend<br>Dec 22 13:44:15 localhost pluto[8271]: | next event EVENT_RETRANSMIT in 17 seconds for #2<br>Dec 22 13:44:15 localhost pluto[8271]: |
<br>Dec 22 13:44:15 localhost pluto[8271]: | *received 316 bytes from <a href="http://88.254.240.233:4500">88.254.240.233:4500</a> on ppp0 (port=4500)<br>Dec 22 13:44:15 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63 48 e2 02 2f ab 05 97 7c
<br>Dec 22 13:44:15 localhost pluto[8271]: | 08 10 20 01 00 00 00 01 00 00 01 3c bb 44 ad cc<br>Dec 22 13:44:15 localhost pluto[8271]: | c2 c4 88 3d 92 d2 45 b4 e9 a0 e5 2f 62 c6 33 e8<br>Dec 22 13:44:15 localhost pluto[8271]: | a8 6c d5 a5 38 63 ce ca ac dd 3b 22 ba 48 a1 4b
<br>Dec 22 13:44:15 localhost pluto[8271]: | 58 47 11 32 91 79 62 c8 67 cb 45 56 69 95 00 a3<br>Dec 22 13:44:15 localhost pluto[8271]: | 35 6f 81 92 d7 bf 77 a4 6a b9 7b a0 81 9c fc d8<br>Dec 22 13:44:15 localhost pluto[8271]: | 3e b7 5a 14 f1 5e 69 a1 4c 14 99 d1 6e 25 9d ef
<br>Dec 22 13:44:15 localhost pluto[8271]: | 2c b4 3f 3f 12 d6 8c 45 c1 67 b9 17 c5 7e 3d 1e<br>Dec 22 13:44:15 localhost pluto[8271]: | 0e 05 b8 89 db 6e e8 13 21 dd 2e 6a 69 2b f0 0c<br>Dec 22 13:44:15 localhost pluto[8271]: | 2d 51 f2 83 80 93 60 75 e4 4d 4e 44 0f cd 95 4b
<br>Dec 22 13:44:15 localhost pluto[8271]: | 10 0d 64 9b 29 c4 57 71 ff d8 a2 d0 c7 da 88 74<br>Dec 22 13:44:15 localhost pluto[8271]: | 7d 35 e9 7f db 1f a1 3b 2b 96 75 dc 3d 3d 9f 9e<br>Dec 22 13:44:15 localhost pluto[8271]: | 04 56 44 98 ff 32 48 78 9b 0f 76 67 71 37 02 c8
<br>Dec 22 13:44:15 localhost pluto[8271]: | 75 f0 38 eb e2 56 23 ba 7f 73 e5 bf 1b e6 f6 9a<br>Dec 22 13:44:15 localhost pluto[8271]: | fb b2 c6 1f 26 2a 73 ff fe 0c c0 c4 94 fb 4e 51<br>Dec 22 13:44:15 localhost pluto[8271]: | 99 a2 7c e0 b1 62 b9 e5 c1 ea 2e 7d 1b 62 f3 a2
<br>Dec 22 13:44:15 localhost pluto[8271]: | 81 59 30 d9 30 4c d4 e8 6a f5 3a 11 b6 cb 59 be<br>Dec 22 13:44:15 localhost pluto[8271]: | 8e 2a a2 f2 52 13 ca 6d 18 82 57 f1 a2 26 9a af<br>Dec 22 13:44:15 localhost pluto[8271]: | 22 6e 24 bc ba 15 6f 3d a8 a6 50 9e 12 8c f5 b6
<br>Dec 22 13:44:15 localhost pluto[8271]: | fc 88 60 36 f5 d1 88 f5 ad b6 2f 03<br>Dec 22 13:44:15 localhost pluto[8271]: | **parse ISAKMP Message:<br>Dec 22 13:44:15 localhost pluto[8271]: | initiator cookie:<br>
Dec 22 13:44:15 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63<br>Dec 22 13:44:15 localhost pluto[8271]: | responder cookie:<br>Dec 22 13:44:15 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c<br>Dec 22 13:44:15 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_HASH
<br>Dec 22 13:44:15 localhost pluto[8271]: | ISAKMP version: ISAKMP Version 1.0<br>Dec 22 13:44:15 localhost pluto[8271]: | exchange type: ISAKMP_XCHG_QUICK<br>Dec 22 13:44:15 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION
<br>Dec 22 13:44:15 localhost pluto[8271]: | message ID: 00 00 00 01<br>Dec 22 13:44:15 localhost pluto[8271]: | length: 316<br>Dec 22 13:44:15 localhost pluto[8271]: | processing packet with exchange type=ISAKMP_XCHG_QUICK (32)
<br>Dec 22 13:44:15 localhost pluto[8271]: | ICOOKIE: 54 0b 44 fa 30 5f 01 63<br>Dec 22 13:44:15 localhost pluto[8271]: | RCOOKIE: 48 e2 02 2f ab 05 97 7c<br>Dec 22 13:44:15 localhost pluto[8271]: | peer: 58 fe f0 e9
<br>Dec 22 13:44:15 localhost pluto[8271]: | state hash entry 27<br>Dec 22 13:44:15 localhost pluto[8271]: | peer and cookies match on #7, provided msgid 00000001 vs 00000000<br>Dec 22 13:44:15 localhost pluto[8271]: | state object not found
<br>Dec 22 13:44:15 localhost pluto[8271]: | ICOOKIE: 54 0b 44 fa 30 5f 01 63<br>Dec 22 13:44:15 localhost pluto[8271]: | RCOOKIE: 48 e2 02 2f ab 05 97 7c<br>Dec 22 13:44:15 localhost pluto[8271]: | peer: 58 fe f0 e9
<br>Dec 22 13:44:15 localhost pluto[8271]: | state hash entry 27<br>Dec 22 13:44:15 localhost pluto[8271]: | peer and cookies match on #7, provided msgid 00000000 vs 00000000<br>Dec 22 13:44:15 localhost pluto[8271]: | state object #7 found, in STATE_MAIN_R3
<br>Dec 22 13:44:15 localhost pluto[8271]: | processing connection b-labris.l2tp-zcert[2] <a href="http://88.254.240.233">88.254.240.233</a><br>Dec 22 13:44:15 localhost pluto[8271]: | last Phase 1 IV: eb 89 cc 2a b8 48 d9 8a
<br>Dec 22 13:44:15 localhost pluto[8271]: | current Phase 1 IV: eb 89 cc 2a b8 48 d9 8a<br>Dec 22 13:44:15 localhost pluto[8271]: | computed Phase 2 IV:<br>Dec 22 13:44:15 localhost pluto[8271]: | e3 d9 57 c5 aa 81 1e d1 3b 99 ae 4b b9 86 e4 bd
<br>Dec 22 13:44:15 localhost pluto[8271]: | a2 c1 d4 c1<br>Dec 22 13:44:15 localhost pluto[8271]: | received encrypted packet from <a href="http://88.254.240.233:4500">88.254.240.233:4500</a><br>Dec 22 13:44:15 localhost pluto[8271]: | decrypting 288 bytes using algorithm OAKLEY_3DES_CBC
<br>Dec 22 13:44:15 localhost pluto[8271]: | decrypted:<br>Dec 22 13:44:15 localhost pluto[8271]: | 01 00 00 18 25 cb c3 51 fa f5 1b 29 42 16 68 c3<br>Dec 22 13:44:15 localhost pluto[8271]: | 65 cc 5a bd 35 7e 8b 52 0a 00 00 ac 00 00 00 01
<br>Dec 22 13:44:15 localhost pluto[8271]: | 00 00 00 01 02 00 00 38 01 03 04 01 5a 09 a3 30<br>Dec 22 13:44:15 localhost pluto[8271]: | 00 00 00 2c 01 0c 00 00 80 04 00 04 80 06 00 80<br>Dec 22 13:44:15 localhost pluto[8271]: | 80 05 00 02 80 01 00 01 00 02 00 04 00 00 0e 10
<br>Dec 22 13:44:15 localhost pluto[8271]: | 80 01 00 02 00 02 00 04 00 03 d0 90 02 00 00 34<br>Dec 22 13:44:15 localhost pluto[8271]: | 02 03 04 01 5a 09 a3 30 00 00 00 28 01 03 00 00<br>Dec 22 13:44:15 localhost pluto[8271]: | 80 04 00 04 80 05 00 02 80 01 00 01 00 02 00 04
<br>Dec 22 13:44:15 localhost pluto[8271]: | 00 00 0e 10 80 01 00 02 00 02 00 04 00 03 d0 90<br>Dec 22 13:44:15 localhost pluto[8271]: | 00 00 00 34 03 03 04 01 5a 09 a3 30 00 00 00 28<br>Dec 22 13:44:15 localhost pluto[8271]: | 01 0b 00 00 80 04 00 04 80 05 00 02 80 01 00 01
<br>Dec 22 13:44:15 localhost pluto[8271]: | 00 02 00 04 00 00 0e 10 80 01 00 02 00 02 00 04<br>Dec 22 13:44:15 localhost pluto[8271]: | 00 03 d0 90 05 00 00 34 09 20 d0 75 a1 c5 1b 39<br>Dec 22 13:44:15 localhost pluto[8271]: | 8e 56 91 09 40 c7 a8 70 13 19 93 a0 f8 56 52 e0
<br>Dec 22 13:44:15 localhost pluto[8271]: | 5b b6 e5 ae 5f 87 19 fa ba 9c 71 83 1a 59 a2 b7<br>Dec 22 13:44:15 localhost pluto[8271]: | 3b b9 af 04 9a b1 2a d1 05 00 00 0c 01 11 06 a5<br>Dec 22 13:44:15 localhost pluto[8271]: | c0 a8 02 03 15 00 00 0c 01 11 06 a5 58 e1 e8 6f
<br>Dec 22 13:44:15 localhost pluto[8271]: | 00 00 00 0c 01 00 00 00 c0 a8 02 03 00 00 00 00<br>Dec 22 13:44:15 localhost pluto[8271]: | next IV: f5 d1 88 f5 ad b6 2f 03<br>Dec 22 13:44:15 localhost pluto[8271]: | ***parse ISAKMP Hash Payload:
<br>Dec 22 13:44:15 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_SA<br>Dec 22 13:44:15 localhost pluto[8271]: | length: 24<br>Dec 22 13:44:15 localhost pluto[8271]: | ***parse ISAKMP Security Association Payload:
<br>Dec 22 13:44:15 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_NONCE<br>Dec 22 13:44:15 localhost pluto[8271]: | length: 172<br>Dec 22 13:44:15 localhost pluto[8271]: | DOI: ISAKMP_DOI_IPSEC<br>Dec 22 13:44:15 localhost pluto[8271]: | ***parse ISAKMP Nonce Payload:
<br>Dec 22 13:44:15 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_ID<br>Dec 22 13:44:15 localhost pluto[8271]: | length: 52<br>Dec 22 13:44:15 localhost pluto[8271]: | ***parse ISAKMP Identification Payload (IPsec DOI):
<br>Dec 22 13:44:15 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_ID<br>Dec 22 13:44:15 localhost pluto[8271]: | length: 12<br>Dec 22 13:44:15 localhost pluto[8271]: | ID type: ID_IPV4_ADDR<br>Dec 22 13:44:15 localhost pluto[8271]: | Protocol ID: 17
<br>Dec 22 13:44:15 localhost pluto[8271]: | port: 1701<br>Dec 22 13:44:15 localhost pluto[8271]: | ***parse ISAKMP Identification Payload (IPsec DOI):<br>Dec 22 13:44:15 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_NAT-OA
<br>Dec 22 13:44:15 localhost pluto[8271]: | length: 12<br>Dec 22 13:44:15 localhost pluto[8271]: | ID type: ID_IPV4_ADDR<br>Dec 22 13:44:15 localhost pluto[8271]: | Protocol ID: 17<br>Dec 22 13:44:15 localhost pluto[8271]: | port: 1701
<br>Dec 22 13:44:15 localhost pluto[8271]: | ***parse ISAKMP NAT-OA Payload:<br>Dec 22 13:44:15 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_NONE<br>Dec 22 13:44:15 localhost pluto[8271]: | length: 12<br>
Dec 22 13:44:15 localhost pluto[8271]: | ID type: ID_IPV4_ADDR<br>Dec 22 13:44:15 localhost pluto[8271]: | removing 4 bytes of padding<br>Dec 22 13:44:15 localhost pluto[8271]: | HASH(1) computed:<br>Dec 22 13:44:15 localhost pluto[8271]: | 25 cb c3 51 fa f5 1b 29 42 16 68 c3 65 cc 5a bd
<br>Dec 22 13:44:15 localhost pluto[8271]: | 35 7e 8b 52<br>Dec 22 13:44:15 localhost pluto[8271]: | peer client is <a href="http://192.168.2.3">192.168.2.3</a><br>Dec 22 13:44:15 localhost pluto[8271]: | peer client protocol/port is 17/1701
<br>Dec 22 13:44:15 localhost pluto[8271]: | our client is EXTERNALIP<br>Dec 22 13:44:15 localhost pluto[8271]: | our client protocol/port is 17/1701<br>Dec 22 13:44:15 localhost pluto[8271]: | find_client_connection starting with
b-labris.l2tp-zcert<br>Dec 22 13:44:15 localhost pluto[8271]: | looking for EXTERNALIP/32:17/1701 -> <a href="http://192.168.2.3/32:17/1701">192.168.2.3/32:17/1701</a><br>Dec 22 13:44:15 localhost pluto[8271]: | concrete checking against sr#0 EXTERNALIP/32 ->
<a href="http://0.0.0.0/32">0.0.0.0/32</a><br>Dec 22 13:44:15 localhost pluto[8271]: | match_id a=C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway<br>Dec 22 13:44:15 localhost pluto[8271]: | b=C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway
<br>Dec 22 13:44:15 localhost pluto[8271]: | results matched<br>Dec 22 13:44:15 localhost pluto[8271]: | trusted_ca called with a=(empty) b=(empty)<br>Dec 22 13:44:15 localhost pluto[8271]: | fc_try trying b-labris.l2tp-zcert:EXTERNALIP/32:17/1701
-> <a href="http://192.168.2.3/32:17/1701">192.168.2.3/32:17/1701</a> vs b-labris.l2tp-zcert:EXTERNALIP/32:17/1701 -> <a href="http://0.0.0.0/32:17/1701">0.0.0.0/32:17/1701</a><br>Dec 22 13:44:15 localhost pluto[8271]: | match_id a=C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway
<br>Dec 22 13:44:15 localhost pluto[8271]: | b=<a href="http://88.254.240.233">88.254.240.233</a><br>Dec 22 13:44:15 localhost pluto[8271]: | results fail<br>Dec 22 13:44:15 localhost pluto[8271]: | fc_try concluding with none [0]
<br>Dec 22 13:44:15 localhost pluto[8271]: | fc_try b-labris.l2tp-zcert gives none<br>Dec 22 13:44:15 localhost pluto[8271]: | find_host_pair: comparing to EXTERNALIP:500 <a href="http://88.254.240.233:500">88.254.240.233:500
</a> <br>Dec 22 13:44:15 localhost pluto[8271]: | find_host_pair: comparing to EXTERNALIP:500 <a href="http://0.0.0.0:500">0.0.0.0:500</a> <br>Dec 22 13:44:15 localhost pluto[8271]: | checking hostpair EXTERNALIP/32 ->
<a href="http://0.0.0.0/32">0.0.0.0/32</a> is found<br>Dec 22 13:44:15 localhost pluto[8271]: | match_id a=C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway<br>Dec 22 13:44:15 localhost pluto[8271]: | b=(none)
<br>Dec 22 13:44:15 localhost pluto[8271]: | results matched<br>Dec 22 13:44:15 localhost pluto[8271]: | trusted_ca called with a=(empty) b=(empty)<br>Dec 22 13:44:15 localhost pluto[8271]: | fc_try trying b-labris.l2tp-zcert:EXTERNALIP/32:17/1701
-> <a href="http://192.168.2.3/32:17/1701">192.168.2.3/32:17/1701</a> vs b-labris.l2tp-zcert:EXTERNALIP/32:17/1701 -> <a href="http://0.0.0.0/32:17/1701">0.0.0.0/32:17/1701</a><br>Dec 22 13:44:15 localhost pluto[8271]: | fc_try concluding with none [0]
<br>Dec 22 13:44:15 localhost pluto[8271]: | match_id a=C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway<br>Dec 22 13:44:15 localhost pluto[8271]: | b=(none)<br>Dec 22 13:44:15 localhost pluto[8271]: | results matched
<br>Dec 22 13:44:15 localhost pluto[8271]: | trusted_ca called with a=(empty) b=(empty)<br>Dec 22 13:44:15 localhost pluto[8271]: | fc_try_oppo trying b-labris.l2tp-zcert:EXTERNALIP/32 -> <a href="http://192.168.2.3/32">
192.168.2.3/32</a> vs b-labris.l2tp-zcert:EXTERNALIP/32 -> <a href="http://0.0.0.0/32">0.0.0.0/32</a><br>Dec 22 13:44:15 localhost pluto[8271]: | fc_try_oppo concluding with none [0]<br>Dec 22 13:44:15 localhost pluto[8271]: | concluding with d = none
<br>Dec 22 13:44:15 localhost pluto[8271]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">88.254.240.233</a> #7: cannot respond to IPsec SA request because no connection is known for EXTERNALIP[C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway]:17/1701...88.254.240.233[C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway]:17/1701===
<a href="http://192.168.2.3/32">192.168.2.3/32</a><br>Dec 22 13:44:15 localhost pluto[8271]: | complete state transition with (null)<br>Dec 22 13:44:15 localhost pluto[8271]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">
88.254.240.233</a> #7: sending encrypted notification INVALID_ID_INFORMATION to <a href="http://88.254.240.233:4500">88.254.240.233:4500</a><br>Dec 22 13:44:15 localhost pluto[8271]: | **emit ISAKMP Message:<br>Dec 22 13:44:15 localhost pluto[8271]: | initiator cookie:
<br>Dec 22 13:44:15 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63<br>Dec 22 13:44:15 localhost pluto[8271]: | responder cookie:<br>Dec 22 13:44:15 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c<br>Dec 22 13:44:15 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_HASH
<br>Dec 22 13:44:15 localhost pluto[8271]: | ISAKMP version: ISAKMP Version 1.0<br>Dec 22 13:44:15 localhost pluto[8271]: | exchange type: ISAKMP_XCHG_INFO<br>Dec 22 13:44:15 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION
<br>Dec 22 13:44:15 localhost pluto[8271]: | message ID: 2f 7a 41 a0<br>Dec 22 13:44:15 localhost pluto[8271]: | ***emit ISAKMP Hash Payload:<br>Dec 22 13:44:15 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_N
<br>Dec 22 13:44:15 localhost pluto[8271]: | emitting 20 zero bytes of HASH(1) into ISAKMP Hash Payload<br>Dec 22 13:44:15 localhost pluto[8271]: | emitting length of ISAKMP Hash Payload: 24<br>Dec 22 13:44:15 localhost pluto[8271]: | ***emit ISAKMP Notification Payload:
<br>Dec 22 13:44:15 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_NONE<br>Dec 22 13:44:15 localhost pluto[8271]: | DOI: ISAKMP_DOI_IPSEC<br>Dec 22 13:44:15 localhost pluto[8271]: | protocol ID: 1<br>Dec 22 13:44:15 localhost pluto[8271]: | SPI size: 0
<br>Dec 22 13:44:15 localhost pluto[8271]: | Notify Message Type: INVALID_ID_INFORMATION<br>Dec 22 13:44:15 localhost pluto[8271]: | emitting length of ISAKMP Notification Payload: 12<br>Dec 22 13:44:15 localhost pluto[8271]: | HASH(1) computed:
<br>Dec 22 13:44:15 localhost pluto[8271]: | 09 7a 1a 8f 19 7d d9 24 24 de 00 cf ee 5c e3 43<br>Dec 22 13:44:15 localhost pluto[8271]: | 9a ae 5c b0<br>Dec 22 13:44:15 localhost pluto[8271]: | last Phase 1 IV: eb 89 cc 2a b8 48 d9 8a
<br>Dec 22 13:44:15 localhost pluto[8271]: | current Phase 1 IV: eb 89 cc 2a b8 48 d9 8a<br>Dec 22 13:44:15 localhost pluto[8271]: | computed Phase 2 IV:<br>Dec 22 13:44:15 localhost pluto[8271]: | f5 2a c8 33 89 5e ae 09 bb 08 ee cc 71 00 a9 c0
<br>Dec 22 13:44:15 localhost pluto[8271]: | 23 f7 18 8d<br>Dec 22 13:44:15 localhost pluto[8271]: | encrypting:<br>Dec 22 13:44:15 localhost pluto[8271]: | 0b 00 00 18 09 7a 1a 8f 19 7d d9 24 24 de 00 cf<br>Dec 22 13:44:15 localhost pluto[8271]: | ee 5c e3 43 9a ae 5c b0 00 00 00 0c 00 00 00 01
<br>Dec 22 13:44:15 localhost pluto[8271]: | 01 00 00 12<br>Dec 22 13:44:15 localhost pluto[8271]: | IV:<br>Dec 22 13:44:15 localhost pluto[8271]: | f5 2a c8 33 89 5e ae 09 bb 08 ee cc 71 00 a9 c0<br>Dec 22 13:44:15 localhost pluto[8271]: | 23 f7 18 8d
<br>Dec 22 13:44:15 localhost pluto[8271]: | emitting 4 zero bytes of encryption padding into ISAKMP Message<br>Dec 22 13:44:15 localhost pluto[8271]: | encrypting using OAKLEY_3DES_CBC<br>Dec 22 13:44:15 localhost pluto[8271]: | next IV: 8c a5 68 80 90 2d 79 52
<br>Dec 22 13:44:15 localhost pluto[8271]: | emitting length of ISAKMP Message: 68<br>Dec 22 13:44:15 localhost pluto[8271]: | sending 68 bytes for notification packet through ppp0:4500 to <a href="http://88.254.240.233:4500">
88.254.240.233:4500</a>:<br>Dec 22 13:44:15 localhost pluto[8271]: | 00 00 00 00 54 0b 44 fa 30 5f 01 63 48 e2 02 2f<br>Dec 22 13:44:15 localhost pluto[8271]: | ab 05 97 7c 08 10 05 01 2f 7a 41 a0 00 00 00 44<br>
Dec 22 13:44:15 localhost pluto[8271]: | 0b 54 c2 99 00 6e 81 0e d3 0b ee a2 46 41 c5 1c<br>Dec 22 13:44:15 localhost pluto[8271]: | 9c 69 d2 c7 14 cc f7 a5 13 fe 58 6a 97 76 9e 2d<br>Dec 22 13:44:15 localhost pluto[8271]: | 8c a5 68 80 90 2d 79 52
<br>Dec 22 13:44:15 localhost pluto[8271]: | state transition function for STATE_QUICK_R0 failed: INVALID_ID_INFORMATION<br>Dec 22 13:44:15 localhost pluto[8271]: | next event EVENT_RETRANSMIT in 17 seconds for #2<br>Dec 22 13:44:16 localhost pluto[8271]: |
<br>Dec 22 13:44:16 localhost pluto[8271]: | *received 316 bytes from <a href="http://88.254.240.233:4500">88.254.240.233:4500</a> on ppp0 (port=4500)<br>Dec 22 13:44:16 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63 48 e2 02 2f ab 05 97 7c
<br>Dec 22 13:44:16 localhost pluto[8271]: | 08 10 20 01 00 00 00 01 00 00 01 3c bb 44 ad cc<br>Dec 22 13:44:16 localhost pluto[8271]: | c2 c4 88 3d 92 d2 45 b4 e9 a0 e5 2f 62 c6 33 e8<br>Dec 22 13:44:16 localhost pluto[8271]: | a8 6c d5 a5 38 63 ce ca ac dd 3b 22 ba 48 a1 4b
<br>Dec 22 13:44:16 localhost pluto[8271]: | 58 47 11 32 91 79 62 c8 67 cb 45 56 69 95 00 a3<br>Dec 22 13:44:16 localhost pluto[8271]: | 35 6f 81 92 d7 bf 77 a4 6a b9 7b a0 81 9c fc d8<br>Dec 22 13:44:16 localhost pluto[8271]: | 3e b7 5a 14 f1 5e 69 a1 4c 14 99 d1 6e 25 9d ef
<br>Dec 22 13:44:16 localhost pluto[8271]: | 2c b4 3f 3f 12 d6 8c 45 c1 67 b9 17 c5 7e 3d 1e<br>Dec 22 13:44:16 localhost pluto[8271]: | 0e 05 b8 89 db 6e e8 13 21 dd 2e 6a 69 2b f0 0c<br>Dec 22 13:44:16 localhost pluto[8271]: | 2d 51 f2 83 80 93 60 75 e4 4d 4e 44 0f cd 95 4b
<br>Dec 22 13:44:16 localhost pluto[8271]: | 10 0d 64 9b 29 c4 57 71 ff d8 a2 d0 c7 da 88 74<br>Dec 22 13:44:16 localhost pluto[8271]: | 7d 35 e9 7f db 1f a1 3b 2b 96 75 dc 3d 3d 9f 9e<br>Dec 22 13:44:16 localhost pluto[8271]: | 04 56 44 98 ff 32 48 78 9b 0f 76 67 71 37 02 c8
<br>Dec 22 13:44:16 localhost pluto[8271]: | 75 f0 38 eb e2 56 23 ba 7f 73 e5 bf 1b e6 f6 9a<br>Dec 22 13:44:16 localhost pluto[8271]: | fb b2 c6 1f 26 2a 73 ff fe 0c c0 c4 94 fb 4e 51<br>Dec 22 13:44:16 localhost pluto[8271]: | 99 a2 7c e0 b1 62 b9 e5 c1 ea 2e 7d 1b 62 f3 a2
<br>Dec 22 13:44:16 localhost pluto[8271]: | 81 59 30 d9 30 4c d4 e8 6a f5 3a 11 b6 cb 59 be<br>Dec 22 13:44:16 localhost pluto[8271]: | 8e 2a a2 f2 52 13 ca 6d 18 82 57 f1 a2 26 9a af<br>Dec 22 13:44:16 localhost pluto[8271]: | 22 6e 24 bc ba 15 6f 3d a8 a6 50 9e 12 8c f5 b6
<br>Dec 22 13:44:16 localhost pluto[8271]: | fc 88 60 36 f5 d1 88 f5 ad b6 2f 03<br>Dec 22 13:44:16 localhost pluto[8271]: | **parse ISAKMP Message:<br>Dec 22 13:44:16 localhost pluto[8271]: | initiator cookie:<br>
Dec 22 13:44:16 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63<br>Dec 22 13:44:16 localhost pluto[8271]: | responder cookie:<br>Dec 22 13:44:16 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c<br>Dec 22 13:44:16 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_HASH
<br>Dec 22 13:44:16 localhost pluto[8271]: | ISAKMP version: ISAKMP Version 1.0<br>Dec 22 13:44:16 localhost pluto[8271]: | exchange type: ISAKMP_XCHG_QUICK<br>Dec 22 13:44:16 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION
<br>Dec 22 13:44:16 localhost pluto[8271]: | message ID: 00 00 00 01<br>Dec 22 13:44:16 localhost pluto[8271]: | length: 316<br>Dec 22 13:44:16 localhost pluto[8271]: | processing packet with exchange type=ISAKMP_XCHG_QUICK (32)
<br>Dec 22 13:44:16 localhost pluto[8271]: | ICOOKIE: 54 0b 44 fa 30 5f 01 63<br>Dec 22 13:44:16 localhost pluto[8271]: | RCOOKIE: 48 e2 02 2f ab 05 97 7c<br>Dec 22 13:44:16 localhost pluto[8271]: | peer: 58 fe f0 e9
<br>Dec 22 13:44:16 localhost pluto[8271]: | state hash entry 27<br>Dec 22 13:44:16 localhost pluto[8271]: | peer and cookies match on #7, provided msgid 00000001 vs 00000000<br>Dec 22 13:44:16 localhost pluto[8271]: | state object not found
<br>Dec 22 13:44:16 localhost pluto[8271]: | ICOOKIE: 54 0b 44 fa 30 5f 01 63<br>Dec 22 13:44:16 localhost pluto[8271]: | RCOOKIE: 48 e2 02 2f ab 05 97 7c<br>Dec 22 13:44:16 localhost pluto[8271]: | peer: 58 fe f0 e9
<br>Dec 22 13:44:16 localhost pluto[8271]: | state hash entry 27<br>Dec 22 13:44:16 localhost pluto[8271]: | peer and cookies match on #7, provided msgid 00000000 vs 00000000<br>Dec 22 13:44:16 localhost pluto[8271]: | state object #7 found, in STATE_MAIN_R3
<br>Dec 22 13:44:16 localhost pluto[8271]: | processing connection b-labris.l2tp-zcert[2] <a href="http://88.254.240.233">88.254.240.233</a><br>Dec 22 13:44:16 localhost pluto[8271]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">
88.254.240.233</a> #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)<br>Dec 22 13:44:16 localhost pluto[8271]: "b-labris.l2tp-zcert
"[2] <a href="http://88.254.240.233">88.254.240.233</a> #7: sending encrypted notification INVALID_MESSAGE_ID to <a href="http://88.254.240.233:4500">88.254.240.233:4500</a><br>Dec 22 13:44:16 localhost pluto[8271]: | **emit ISAKMP Message:
<br>Dec 22 13:44:16 localhost pluto[8271]: | initiator cookie:<br>Dec 22 13:44:16 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63<br>Dec 22 13:44:16 localhost pluto[8271]: | responder cookie:<br>Dec 22 13:44:16 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c
<br>Dec 22 13:44:16 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_HASH<br>Dec 22 13:44:16 localhost pluto[8271]: | ISAKMP version: ISAKMP Version 1.0<br>Dec 22 13:44:16 localhost pluto[8271]: | exchange type: ISAKMP_XCHG_INFO
<br>Dec 22 13:44:16 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION<br>Dec 22 13:44:16 localhost pluto[8271]: | message ID: d2 de 71 42<br>Dec 22 13:44:16 localhost pluto[8271]: | ***emit ISAKMP Hash Payload:
<br>Dec 22 13:44:16 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_N<br>Dec 22 13:44:16 localhost pluto[8271]: | emitting 20 zero bytes of HASH(1) into ISAKMP Hash Payload<br>Dec 22 13:44:16 localhost pluto[8271]: | emitting length of ISAKMP Hash Payload: 24
<br>Dec 22 13:44:16 localhost pluto[8271]: | ***emit ISAKMP Notification Payload:<br>Dec 22 13:44:16 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_NONE<br>Dec 22 13:44:16 localhost pluto[8271]: | DOI: ISAKMP_DOI_IPSEC
<br>Dec 22 13:44:16 localhost pluto[8271]: | protocol ID: 1<br>Dec 22 13:44:16 localhost pluto[8271]: | SPI size: 0<br>Dec 22 13:44:16 localhost pluto[8271]: | Notify Message Type: INVALID_MESSAGE_ID<br>Dec 22 13:44:16 localhost pluto[8271]: | emitting length of ISAKMP Notification Payload: 12
<br>Dec 22 13:44:16 localhost pluto[8271]: | HASH(1) computed:<br>Dec 22 13:44:16 localhost pluto[8271]: | fa 06 d1 7c 51 06 61 49 dc d7 92 cb 8c 7a 6d fc<br>Dec 22 13:44:16 localhost pluto[8271]: | 8c 52 76 28<br>
Dec 22 13:44:16 localhost pluto[8271]: | last Phase 1 IV: eb 89 cc 2a b8 48 d9 8a<br>Dec 22 13:44:16 localhost pluto[8271]: | current Phase 1 IV: eb 89 cc 2a b8 48 d9 8a<br>Dec 22 13:44:16 localhost pluto[8271]: | computed Phase 2 IV:
<br>Dec 22 13:44:16 localhost pluto[8271]: | 18 6b 0b d1 4b ce 76 e7 5c 98 0a 88 90 31 2c c1<br>Dec 22 13:44:16 localhost pluto[8271]: | d6 5c 65 bc<br>Dec 22 13:44:16 localhost pluto[8271]: | encrypting:<br>Dec 22 13:44:16 localhost pluto[8271]: | 0b 00 00 18 fa 06 d1 7c 51 06 61 49 dc d7 92 cb
<br>Dec 22 13:44:16 localhost pluto[8271]: | 8c 7a 6d fc 8c 52 76 28 00 00 00 0c 00 00 00 01<br>Dec 22 13:44:16 localhost pluto[8271]: | 01 00 00 09<br>Dec 22 13:44:16 localhost pluto[8271]: | IV:<br>Dec 22 13:44:16 localhost pluto[8271]: | 18 6b 0b d1 4b ce 76 e7 5c 98 0a 88 90 31 2c c1
<br>Dec 22 13:44:16 localhost pluto[8271]: | d6 5c 65 bc<br>Dec 22 13:44:16 localhost pluto[8271]: | emitting 4 zero bytes of encryption padding into ISAKMP Message<br>Dec 22 13:44:16 localhost pluto[8271]: | encrypting using OAKLEY_3DES_CBC
<br>Dec 22 13:44:16 localhost pluto[8271]: | next IV: 57 f7 ff c1 24 7e b5 8e<br>Dec 22 13:44:16 localhost pluto[8271]: | emitting length of ISAKMP Message: 68<br>Dec 22 13:44:16 localhost pluto[8271]: | sending 68 bytes for notification packet through ppp0:4500 to
<a href="http://88.254.240.233:4500">88.254.240.233:4500</a>:<br>Dec 22 13:44:16 localhost pluto[8271]: | 00 00 00 00 54 0b 44 fa 30 5f 01 63 48 e2 02 2f<br>Dec 22 13:44:16 localhost pluto[8271]: | ab 05 97 7c 08 10 05 01 d2 de 71 42 00 00 00 44
<br>Dec 22 13:44:16 localhost pluto[8271]: | d4 88 e1 90 6e fa 06 e7 f9 37 d6 1b 88 a7 5d a1<br>Dec 22 13:44:16 localhost pluto[8271]: | 50 26 f6 05 af 87 d6 6e 33 c8 7d 20 46 ac 5b 06<br>Dec 22 13:44:16 localhost pluto[8271]: | 57 f7 ff c1 24 7e b5 8e
<br>Dec 22 13:44:16 localhost pluto[8271]: | next event EVENT_RETRANSMIT in 16 seconds for #2<br>Dec 22 13:44:18 localhost pluto[8271]: | <br>Dec 22 13:44:18 localhost pluto[8271]: | *received 316 bytes from <a href="http://88.254.240.233:4500">
88.254.240.233:4500</a> on ppp0 (port=4500)<br>Dec 22 13:44:18 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63 48 e2 02 2f ab 05 97 7c<br>Dec 22 13:44:18 localhost pluto[8271]: | 08 10 20 01 00 00 00 01 00 00 01 3c bb 44 ad cc
<br>Dec 22 13:44:18 localhost pluto[8271]: | c2 c4 88 3d 92 d2 45 b4 e9 a0 e5 2f 62 c6 33 e8<br>Dec 22 13:44:18 localhost pluto[8271]: | a8 6c d5 a5 38 63 ce ca ac dd 3b 22 ba 48 a1 4b<br>Dec 22 13:44:18 localhost pluto[8271]: | 58 47 11 32 91 79 62 c8 67 cb 45 56 69 95 00 a3
<br>Dec 22 13:44:18 localhost pluto[8271]: | 35 6f 81 92 d7 bf 77 a4 6a b9 7b a0 81 9c fc d8<br>Dec 22 13:44:18 localhost pluto[8271]: | 3e b7 5a 14 f1 5e 69 a1 4c 14 99 d1 6e 25 9d ef<br>Dec 22 13:44:18 localhost pluto[8271]: | 2c b4 3f 3f 12 d6 8c 45 c1 67 b9 17 c5 7e 3d 1e
<br>Dec 22 13:44:18 localhost pluto[8271]: | 0e 05 b8 89 db 6e e8 13 21 dd 2e 6a 69 2b f0 0c<br>Dec 22 13:44:18 localhost pluto[8271]: | 2d 51 f2 83 80 93 60 75 e4 4d 4e 44 0f cd 95 4b<br>Dec 22 13:44:18 localhost pluto[8271]: | 10 0d 64 9b 29 c4 57 71 ff d8 a2 d0 c7 da 88 74
<br>Dec 22 13:44:18 localhost pluto[8271]: | 7d 35 e9 7f db 1f a1 3b 2b 96 75 dc 3d 3d 9f 9e<br>Dec 22 13:44:18 localhost pluto[8271]: | 04 56 44 98 ff 32 48 78 9b 0f 76 67 71 37 02 c8<br>Dec 22 13:44:18 localhost pluto[8271]: | 75 f0 38 eb e2 56 23 ba 7f 73 e5 bf 1b e6 f6 9a
<br>Dec 22 13:44:18 localhost pluto[8271]: | fb b2 c6 1f 26 2a 73 ff fe 0c c0 c4 94 fb 4e 51<br>Dec 22 13:44:18 localhost pluto[8271]: | 99 a2 7c e0 b1 62 b9 e5 c1 ea 2e 7d 1b 62 f3 a2<br>Dec 22 13:44:18 localhost pluto[8271]: | 81 59 30 d9 30 4c d4 e8 6a f5 3a 11 b6 cb 59 be
<br>Dec 22 13:44:18 localhost pluto[8271]: | 8e 2a a2 f2 52 13 ca 6d 18 82 57 f1 a2 26 9a af<br>Dec 22 13:44:18 localhost pluto[8271]: | 22 6e 24 bc ba 15 6f 3d a8 a6 50 9e 12 8c f5 b6<br>Dec 22 13:44:18 localhost pluto[8271]: | fc 88 60 36 f5 d1 88 f5 ad b6 2f 03
<br>Dec 22 13:44:18 localhost pluto[8271]: | **parse ISAKMP Message:<br>Dec 22 13:44:18 localhost pluto[8271]: | initiator cookie:<br>Dec 22 13:44:18 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63<br>Dec 22 13:44:18 localhost pluto[8271]: | responder cookie:
<br>Dec 22 13:44:18 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c<br>Dec 22 13:44:18 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_HASH<br>Dec 22 13:44:18 localhost pluto[8271]: | ISAKMP version: ISAKMP Version
1.0<br>Dec 22 13:44:18 localhost pluto[8271]: | exchange type: ISAKMP_XCHG_QUICK<br>Dec 22 13:44:18 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION<br>Dec 22 13:44:18 localhost pluto[8271]: | message ID: 00 00 00 01
<br>Dec 22 13:44:18 localhost pluto[8271]: | length: 316<br>Dec 22 13:44:18 localhost pluto[8271]: | processing packet with exchange type=ISAKMP_XCHG_QUICK (32)<br>Dec 22 13:44:18 localhost pluto[8271]: | ICOOKIE: 54 0b 44 fa 30 5f 01 63
<br>Dec 22 13:44:18 localhost pluto[8271]: | RCOOKIE: 48 e2 02 2f ab 05 97 7c<br>Dec 22 13:44:18 localhost pluto[8271]: | peer: 58 fe f0 e9<br>Dec 22 13:44:18 localhost pluto[8271]: | state hash entry 27<br>Dec 22 13:44:18 localhost pluto[8271]: | peer and cookies match on #7, provided msgid 00000001 vs 00000000
<br>Dec 22 13:44:18 localhost pluto[8271]: | state object not found<br>Dec 22 13:44:18 localhost pluto[8271]: | ICOOKIE: 54 0b 44 fa 30 5f 01 63<br>Dec 22 13:44:18 localhost pluto[8271]: | RCOOKIE: 48 e2 02 2f ab 05 97 7c
<br>Dec 22 13:44:18 localhost pluto[8271]: | peer: 58 fe f0 e9<br>Dec 22 13:44:18 localhost pluto[8271]: | state hash entry 27<br>Dec 22 13:44:18 localhost pluto[8271]: | peer and cookies match on #7, provided msgid 00000000 vs 00000000
<br>Dec 22 13:44:18 localhost pluto[8271]: | state object #7 found, in STATE_MAIN_R3<br>Dec 22 13:44:18 localhost pluto[8271]: | processing connection b-labris.l2tp-zcert[2] <a href="http://88.254.240.233">88.254.240.233</a>
<br>Dec 22 13:44:18 localhost pluto[8271]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">88.254.240.233</a> #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
<br>Dec 22 13:44:18 localhost pluto[8271]: "b-labris.l2tp-zcert"[2] <a href="http://88.254.240.233">88.254.240.233</a> #7: sending encrypted notification INVALID_MESSAGE_ID to <a href="http://88.254.240.233:4500">
88.254.240.233:4500</a><br>Dec 22 13:44:18 localhost pluto[8271]: | **emit ISAKMP Message:<br>Dec 22 13:44:18 localhost pluto[8271]: | initiator cookie:<br>Dec 22 13:44:18 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63
<br>Dec 22 13:44:18 localhost pluto[8271]: | responder cookie:<br>Dec 22 13:44:18 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c<br>Dec 22 13:44:18 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_HASH<br>
Dec 22 13:44:18 localhost pluto[8271]: | ISAKMP version: ISAKMP Version 1.0<br>Dec 22 13:44:18 localhost pluto[8271]: | exchange type: ISAKMP_XCHG_INFO<br>Dec 22 13:44:18 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION
<br>Dec 22 13:44:18 localhost pluto[8271]: | message ID: c0 8b 32 3b<br>Dec 22 13:44:18 localhost pluto[8271]: | ***emit ISAKMP Hash Payload:<br>Dec 22 13:44:18 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_N
<br>Dec 22 13:44:18 localhost pluto[8271]: | emitting 20 zero bytes of HASH(1) into ISAKMP Hash Payload<br>Dec 22 13:44:18 localhost pluto[8271]: | emitting length of ISAKMP Hash Payload: 24<br>Dec 22 13:44:18 localhost pluto[8271]: | ***emit ISAKMP Notification Payload:
<br>Dec 22 13:44:18 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_NONE<br>Dec 22 13:44:18 localhost pluto[8271]: | DOI: ISAKMP_DOI_IPSEC<br>Dec 22 13:44:18 localhost pluto[8271]: | protocol ID: 1<br>Dec 22 13:44:18 localhost pluto[8271]: | SPI size: 0
<br>Dec 22 13:44:18 localhost pluto[8271]: | Notify Message Type: INVALID_MESSAGE_ID<br>Dec 22 13:44:18 localhost pluto[8271]: | emitting length of ISAKMP Notification Payload: 12<br>Dec 22 13:44:18 localhost pluto[8271]: | HASH(1) computed:
<br>Dec 22 13:44:18 localhost pluto[8271]: | b4 4b 1d 82 53 06 4a f0 90 32 52 48 6b f6 1a 0b<br>Dec 22 13:44:18 localhost pluto[8271]: | cb ed dd 88<br>Dec 22 13:44:18 localhost pluto[8271]: | last Phase 1 IV: eb 89 cc 2a b8 48 d9 8a
<br>Dec 22 13:44:18 localhost pluto[8271]: | current Phase 1 IV: eb 89 cc 2a b8 48 d9 8a<br>Dec 22 13:44:18 localhost pluto[8271]: | computed Phase 2 IV:<br>Dec 22 13:44:18 localhost pluto[8271]: | bd 7e 08 6f 36 93 cb 27 2c b7 d2 02 c2 d4 e4 24
<br>Dec 22 13:44:18 localhost pluto[8271]: | 67 28 25 8b<br>Dec 22 13:44:18 localhost pluto[8271]: | encrypting:<br>Dec 22 13:44:18 localhost pluto[8271]: | 0b 00 00 18 b4 4b 1d 82 53 06 4a f0 90 32 52 48<br>Dec 22 13:44:18 localhost pluto[8271]: | 6b f6 1a 0b cb ed dd 88 00 00 00 0c 00 00 00 01
<br>Dec 22 13:44:18 localhost pluto[8271]: | 01 00 00 09<br>Dec 22 13:44:18 localhost pluto[8271]: | IV:<br>Dec 22 13:44:18 localhost pluto[8271]: | bd 7e 08 6f 36 93 cb 27 2c b7 d2 02 c2 d4 e4 24<br>Dec 22 13:44:18 localhost pluto[8271]: | 67 28 25 8b
<br>Dec 22 13:44:18 localhost pluto[8271]: | emitting 4 zero bytes of encryption padding into ISAKMP Message<br>Dec 22 13:44:18 localhost pluto[8271]: | encrypting using OAKLEY_3DES_CBC<br>Dec 22 13:44:18 localhost pluto[8271]: | next IV: f4 95 3a ea 59 e2 a5 d0
<br>Dec 22 13:44:18 localhost pluto[8271]: | emitting length of ISAKMP Message: 68<br>Dec 22 13:44:18 localhost pluto[8271]: | sending 68 bytes for notification packet through ppp0:4500 to <a href="http://88.254.240.233:4500">
88.254.240.233:4500</a>:<br>Dec 22 13:44:18 localhost pluto[8271]: | 00 00 00 00 54 0b 44 fa 30 5f 01 63 48 e2 02 2f<br>Dec 22 13:44:18 localhost pluto[8271]: | ab 05 97 7c 08 10 05 01 c0 8b 32 3b 00 00 00 44<br>
Dec 22 13:44:18 localhost pluto[8271]: | 02 5b b5 7b 47 ee b0 b5 12 11 66 c7 64 27 dc cc<br>Dec 22 13:44:18 localhost pluto[8271]: | 67 86 db 80 01 b2 f7 37 ca a8 73 eb ba 2e 79 9d<br>Dec 22 13:44:18 localhost pluto[8271]: | f4 95 3a ea 59 e2 a5 d0
<br>Dec 22 13:44:18 localhost pluto[8271]: | next event EVENT_RETRANSMIT in 14 seconds for #2<br>Dec 22 13:44:22 localhost pluto[8271]: | <br><br><br><br><br><br><br><br><br><br>PSK LOGS: (PSK trials were with 2.4 kernel)
<br><br><br>Dec 22 02:52:21 localhost pluto[9274]: packet from <a href="http://88.254.240.233:500">88.254.240.233:500</a>: received Vendor ID payload [RFC 3947] method set to=110<br>Dec 22 02:52:21 localhost pluto[9274]: packet from
<a href="http://88.254.240.233:500">88.254.240.233:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110<br>Dec 22 02:52:21 localhost pluto[9274]: packet from <a href="http://88.254.240.233:500">
88.254.240.233:500</a>: ignoring Vendor ID payload [FRAGMENTATION]<br>Dec 22 02:52:21 localhost pluto[9274]: packet from <a href="http://88.254.240.233:500">88.254.240.233:500</a>: ignoring unknown Vendor ID payload [fb1de3cdf341b7ea16b7e5be0855f120]
<br>Dec 22 02:52:21 localhost pluto[9274]: packet from <a href="http://88.254.240.233:500">88.254.240.233:500</a>: ignoring Vendor ID payload [Vid-Initial-Contact]<br>Dec 22 02:52:21 localhost pluto[9274]: packet from <a href="http://88.254.240.233:500">
88.254.240.233:500</a>: ignoring unknown Vendor ID payload [e3a5966a76379fe707228231e5ce8652]<br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] <a href="http://88.254.240.233">88.254.240.233</a> #7: responding to Main Mode from unknown peer
<a href="http://88.254.240.233">88.254.240.233</a><br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] <a href="http://88.254.240.233">88.254.240.233</a> #7: Diffie-Hellamn group 20 is not a supported modp group. Attribute OAKLEY_GROUP_DESCRIPTION
<br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] <a href="http://88.254.240.233">88.254.240.233</a> #7: Diffie-Hellamn group 19 is not a supported modp group. Attribute OAKLEY_GROUP_DESCRIPTION<br>Dec 22 02:52:21 localhost pluto[9274]: "
labris.l2tp"[5] <a href="http://88.254.240.233">88.254.240.233</a> #7: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] <a href="http://88.254.240.233">
88.254.240.233</a> #7: STATE_MAIN_R1: sent MR1, expecting MI2<br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] <a href="http://88.254.240.233">88.254.240.233</a> #7: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
<br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] <a href="http://88.254.240.233">88.254.240.233</a> #7: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<br>Dec 22 02:52:21 localhost pluto[9274]: "
labris.l2tp"[5] <a href="http://88.254.240.233">88.254.240.233</a> #7: STATE_MAIN_R2: sent MR2, expecting MI3<br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] <a href="http://88.254.240.233">88.254.240.233
</a> #7: Main mode peer ID is ID_IPV4_ADDR: '<a href="http://192.168.2.3">192.168.2.3</a>'<br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] <a href="http://88.254.240.233">88.254.240.233</a> #7: switched from "
labris.l2tp" to "labris.l2tp"<br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[6] <a href="http://88.254.240.233">88.254.240.233</a> #7: deleting connection "labris.l2tp" instance with peer
<a href="http://88.254.240.233">88.254.240.233</a> {isakmp=#0/ipsec=#0}<br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[6] <a href="http://88.254.240.233">88.254.240.233</a> #7: I did not send a certificate because I do not have one.
<br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[6] <a href="http://88.254.240.233">88.254.240.233</a> #7: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3<br>Dec 22 02:52:21 localhost pluto[9274]: | NAT-T: new mapping
<a href="http://88.254.240.233:500/1024">88.254.240.233:500/1024</a>)<br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[6] <a href="http://88.254.240.233">88.254.240.233</a> #7: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
<br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[6] <a href="http://88.254.240.233">88.254.240.233</a> #7: cannot respond to IPsec SA request because no connection is known for EXTERNALIP:17/1701...88.254.240.233[
<a href="http://192.168.2.3">192.168.2.3</a>]:17/1701===<a href="http://192.168.2.3/32">192.168.2.3/32</a><br>Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[6] <a href="http://88.254.240.233">88.254.240.233
</a> #7: sending encrypted notification INVALID_ID_INFORMATION to <a href="http://88.254.240.233:1024">88.254.240.233:1024</a><br>Dec 22 02:52:23 localhost pluto[9274]: "labris.l2tp"[6] <a href="http://88.254.240.233">
88.254.240.233</a> #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)<br>Dec 22 02:52:23 localhost pluto[9274]: "labris.l2tp"[6]
<a href="http://88.254.240.233">88.254.240.233</a> #7: sending encrypted notification INVALID_MESSAGE_ID to <a href="http://88.254.240.233:1024">88.254.240.233:1024</a><br>Dec 22 02:52:25 localhost pluto[9274]: "labris.l2tp
"[6] <a href="http://88.254.240.233">88.254.240.233</a> #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)<br>Dec 22 02:52:25 localhost pluto[9274]: "
labris.l2tp"[6] <a href="http://88.254.240.233">88.254.240.233</a> #7: sending encrypted notification INVALID_MESSAGE_ID to <a href="http://88.254.240.233:1024">88.254.240.233:1024</a><br>Dec 22 02:52:29 localhost pluto[9274]: "
labris.l2tp"[6] <a href="http://88.254.240.233">88.254.240.233</a> #7: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x01000000 (perhaps this is a duplicated packet)<br>Dec 22 02:52:29 localhost pluto[9274]: "
labris.l2tp"[6] <a href="http://88.254.240.233">88.254.240.233</a> #7: sending encrypted notification INVALID_MESSAGE_ID to <a href="http://88.254.240.233:1024">88.254.240.233:1024</a><br><br><br>