i got the same problem with a macosx 10.5.2 client... strange, it seems not a iphone specific problem...<br><br>here is the logs with "controlmore" : <br><br><br><br><br>Mar 31 19:40:01 nebu pluto[22614]: | <br>
Mar 31 19:40:01 nebu pluto[22614]: | *received 300 bytes from XX.XX.XX.XX:500 on eth0 (port=500)<br>Mar 31 19:40:01 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1 00 00 00 00 00 00 00 00<br>Mar 31 19:40:01 nebu pluto[22614]: | 01 10 02 00 00 00 00 00 00 00 01 2c 0d 00 00 34<br>
Mar 31 19:40:01 nebu pluto[22614]: | 00 00 00 01 00 00 00 01 00 00 00 28 01 01 00 01<br>Mar 31 19:40:01 nebu pluto[22614]: | 00 00 00 20 01 01 00 00 80 0b 00 01 80 0c 0e 10<br>Mar 31 19:40:01 nebu pluto[22614]: | 80 01 00 05 80 03 00 01 80 02 00 02 80 04 00 02<br>
Mar 31 19:40:01 nebu pluto[22614]: | 0d 00 00 14 4a 13 1c 81 07 03 58 45 5c 57 28 f2<br>Mar 31 19:40:01 nebu pluto[22614]: | 0e 95 45 2f 0d 00 00 14 4d f3 79 28 e9 fc 4f d1<br>Mar 31 19:40:01 nebu pluto[22614]: | b3 26 21 70 d5 15 c6 62 0d 00 00 14 8f 8d 83 82<br>
Mar 31 19:40:01 nebu pluto[22614]: | 6d 24 6b 6f c7 a8 a6 a4 28 c1 1d e8 0d 00 00 14<br>Mar 31 19:40:01 nebu pluto[22614]: | 43 9b 59 f8 ba 67 6c 4c 77 37 ae 22 ea b8 f5 82<br>Mar 31 19:40:01 nebu pluto[22614]: | 0d 00 00 14 4d 1e 0e 13 6d ea fa 34 c4 f3 ea 9f<br>
Mar 31 19:40:01 nebu pluto[22614]: | 02 ec 72 85 0d 00 00 14 80 d0 bb 3d ef 54 56 5e<br>Mar 31 19:40:01 nebu pluto[22614]: | e8 46 45 d4 c8 5c e3 ee 0d 00 00 14 99 09 b6 4e<br>Mar 31 19:40:01 nebu pluto[22614]: | ed 93 7c 65 73 de 52 ac e9 52 fa 6b 0d 00 00 14<br>
Mar 31 19:40:01 nebu pluto[22614]: | 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56<br>Mar 31 19:40:01 nebu pluto[22614]: | 0d 00 00 14 cd 60 46 43 35 df 21 f8 7c fd b2 fc<br>Mar 31 19:40:01 nebu pluto[22614]: | 68 b6 a4 48 0d 00 00 14 90 cb 80 91 3e bb 69 6e<br>
Mar 31 19:40:01 nebu pluto[22614]: | 08 63 81 b5 ec 42 7b 1f 00 00 00 14 af ca d7 13<br>Mar 31 19:40:01 nebu pluto[22614]: | 68 a1 f1 c9 6b 86 96 fc 77 57 01 00<br>Mar 31 19:40:01 nebu pluto[22614]: | **parse ISAKMP Message:<br>
Mar 31 19:40:01 nebu pluto[22614]: | initiator cookie:<br>Mar 31 19:40:01 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:01 nebu pluto[22614]: | responder cookie:<br>Mar 31 19:40:01 nebu pluto[22614]: | 00 00 00 00 00 00 00 00<br>
Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_SA<br>Mar 31 19:40:01 nebu pluto[22614]: | ISAKMP version: ISAKMP Version 1.0<br>Mar 31 19:40:01 nebu pluto[22614]: | exchange type: ISAKMP_XCHG_IDPROT<br>
Mar 31 19:40:01 nebu pluto[22614]: | flags: none<br>Mar 31 19:40:01 nebu pluto[22614]: | message ID: 00 00 00 00<br>Mar 31 19:40:01 nebu pluto[22614]: | length: 300<br>Mar 31 19:40:01 nebu pluto[22614]: | processing packet with exchange type=ISAKMP_XCHG_IDPROT (2)<br>
Mar 31 19:40:01 nebu pluto[22614]: | np=1 and sd=0x80e1380 <br>Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Security Association Payload:<br>Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>
Mar 31 19:40:01 nebu pluto[22614]: | length: 52<br>Mar 31 19:40:01 nebu pluto[22614]: | DOI: ISAKMP_DOI_IPSEC<br>Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c <br>Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:<br>
Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>Mar 31 19:40:01 nebu pluto[22614]: | length: 20<br>Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c <br>Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:<br>
Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>Mar 31 19:40:01 nebu pluto[22614]: | length: 20<br>Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c <br>Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:<br>
Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>Mar 31 19:40:01 nebu pluto[22614]: | length: 20<br>Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c <br>Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:<br>
Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>Mar 31 19:40:01 nebu pluto[22614]: | length: 20<br>Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c <br>Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:<br>
Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>Mar 31 19:40:01 nebu pluto[22614]: | length: 20<br>Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c <br>Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:<br>
Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>Mar 31 19:40:01 nebu pluto[22614]: | length: 20<br>Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c <br>Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:<br>
Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>Mar 31 19:40:01 nebu pluto[22614]: | length: 20<br>Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c <br>Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:<br>
Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>Mar 31 19:40:01 nebu pluto[22614]: | length: 20<br>Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c <br>Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:<br>
Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>Mar 31 19:40:01 nebu pluto[22614]: | length: 20<br>Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c <br>Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:<br>
Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>Mar 31 19:40:01 nebu pluto[22614]: | length: 20<br>Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c <br>Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:<br>
Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>Mar 31 19:40:01 nebu pluto[22614]: | length: 20<br>Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: received Vendor ID payload [RFC 3947] method set to=109 <br>
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike] method set to=110 <br>Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]<br>
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]<br>Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]<br>
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]<br>Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b]<br>
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 110<br>Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 110<br>
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110<br>Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: received Vendor ID payload [Dead Peer Detection]<br>
Mar 31 19:40:01 nebu pluto[22614]: | nat-t detected, sending nat-t VID<br>Mar 31 19:40:01 nebu pluto[22614]: | find_host_connection called from main_inI1_outR1<br>Mar 31 19:40:01 nebu pluto[22614]: | find_host_pair: comparing to <a href="http://10.199.37.2:500">10.199.37.2:500</a> <a href="http://0.0.0.0:500">0.0.0.0:500</a> <br>
Mar 31 19:40:01 nebu pluto[22614]: | find_host_pair: comparing to <a href="http://10.199.37.2:500">10.199.37.2:500</a> XX.XX.XX.XX:500 <br>Mar 31 19:40:01 nebu pluto[22614]: | find_host_pair_conn (find_host_connection2): <a href="http://10.199.37.2:500">10.199.37.2:500</a> XX.XX.XX.XX:500 -> hp:iphone <br>
Mar 31 19:40:01 nebu pluto[22614]: | creating state object #5 at 0x80fe480<br>Mar 31 19:40:01 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:01 nebu pluto[22614]: | ICOOKIE: 27 e0 47 b6 99 15 5a c1<br>
Mar 31 19:40:01 nebu pluto[22614]: | RCOOKIE: 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:01 nebu pluto[22614]: | peer: 52 ee e3 25<br>Mar 31 19:40:01 nebu pluto[22614]: | state hash entry 12<br>Mar 31 19:40:01 nebu pluto[22614]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #5<br>
Mar 31 19:40:01 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: responding to Main Mode from unknown peer XX.XX.XX.XX<br>Mar 31 19:40:01 nebu pluto[22614]: | **emit ISAKMP Message:<br>Mar 31 19:40:01 nebu pluto[22614]: | initiator cookie:<br>
Mar 31 19:40:01 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:01 nebu pluto[22614]: | responder cookie:<br>Mar 31 19:40:01 nebu pluto[22614]: | 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_SA<br>
Mar 31 19:40:01 nebu pluto[22614]: | ISAKMP version: ISAKMP Version 1.0<br>Mar 31 19:40:01 nebu pluto[22614]: | exchange type: ISAKMP_XCHG_IDPROT<br>Mar 31 19:40:01 nebu pluto[22614]: | flags: none<br>Mar 31 19:40:01 nebu pluto[22614]: | message ID: 00 00 00 00<br>
Mar 31 19:40:01 nebu pluto[22614]: | ***emit ISAKMP Security Association Payload:<br>Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>Mar 31 19:40:01 nebu pluto[22614]: | DOI: ISAKMP_DOI_IPSEC<br>
Mar 31 19:40:01 nebu pluto[22614]: | ****parse IPsec DOI SIT:<br>Mar 31 19:40:01 nebu pluto[22614]: | IPsec DOI SIT: SIT_IDENTITY_ONLY<br>Mar 31 19:40:01 nebu pluto[22614]: | ****parse ISAKMP Proposal Payload:<br>Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>
Mar 31 19:40:01 nebu pluto[22614]: | length: 40<br>Mar 31 19:40:01 nebu pluto[22614]: | proposal number: 1<br>Mar 31 19:40:01 nebu pluto[22614]: | protocol ID: PROTO_ISAKMP<br>Mar 31 19:40:01 nebu pluto[22614]: | SPI size: 0<br>
Mar 31 19:40:01 nebu pluto[22614]: | number of transforms: 1<br>Mar 31 19:40:01 nebu pluto[22614]: | *****parse ISAKMP Transform Payload (ISAKMP):<br>Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>
Mar 31 19:40:01 nebu pluto[22614]: | length: 32<br>Mar 31 19:40:01 nebu pluto[22614]: | transform number: 1<br>Mar 31 19:40:01 nebu pluto[22614]: | transform ID: KEY_IKE<br>Mar 31 19:40:01 nebu pluto[22614]: | ******parse ISAKMP Oakley attribute:<br>
Mar 31 19:40:01 nebu pluto[22614]: | af+type: OAKLEY_LIFE_TYPE<br>Mar 31 19:40:01 nebu pluto[22614]: | length/value: 1<br>Mar 31 19:40:01 nebu pluto[22614]: | [1 is OAKLEY_LIFE_SECONDS]<br>Mar 31 19:40:01 nebu pluto[22614]: | ******parse ISAKMP Oakley attribute:<br>
Mar 31 19:40:01 nebu pluto[22614]: | af+type: OAKLEY_LIFE_DURATION<br>Mar 31 19:40:01 nebu pluto[22614]: | length/value: 3600<br>Mar 31 19:40:01 nebu pluto[22614]: | ******parse ISAKMP Oakley attribute:<br>Mar 31 19:40:01 nebu pluto[22614]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM<br>
Mar 31 19:40:01 nebu pluto[22614]: | length/value: 5<br>Mar 31 19:40:01 nebu pluto[22614]: | [5 is OAKLEY_3DES_CBC]<br>Mar 31 19:40:01 nebu pluto[22614]: | ike_alg_enc_ok(ealg=5,key_len=0): blocksize=8, keyminlen=192, keydeflen=192, keymaxlen=192, ret=1<br>
Mar 31 19:40:01 nebu pluto[22614]: | ******parse ISAKMP Oakley attribute:<br>Mar 31 19:40:01 nebu pluto[22614]: | af+type: OAKLEY_AUTHENTICATION_METHOD<br>Mar 31 19:40:01 nebu pluto[22614]: | length/value: 1<br>Mar 31 19:40:01 nebu pluto[22614]: | [1 is OAKLEY_PRESHARED_KEY]<br>
Mar 31 19:40:01 nebu pluto[22614]: | started looking for secret for 10.199.37.2-><a href="http://192.168.0.12">192.168.0.12</a> of kind PPK_PSK<br>Mar 31 19:40:01 nebu pluto[22614]: | replace him to <a href="http://0.0.0.0">0.0.0.0</a><br>
Mar 31 19:40:01 nebu pluto[22614]: | actually looking for secret for 10.199.37.2-><a href="http://0.0.0.0">0.0.0.0</a> of kind PPK_PSK<br>Mar 31 19:40:01 nebu pluto[22614]: | 1: compared PSK <a href="http://0.0.0.0">0.0.0.0</a> to <a href="http://10.199.37.2">10.199.37.2</a> / <a href="http://192.168.0.12">192.168.0.12</a> -> 2<br>
Mar 31 19:40:01 nebu pluto[22614]: | 2: compared PSK <a href="http://10.199.37.2">10.199.37.2</a> to <a href="http://10.199.37.2">10.199.37.2</a> / <a href="http://192.168.0.12">192.168.0.12</a> -> 6<br>Mar 31 19:40:01 nebu pluto[22614]: | best_match 0>6 best=0x80faed8 (line=10)<br>
Mar 31 19:40:01 nebu pluto[22614]: | concluding with best_match=6 best=0x80faed8 (lineno=10)<br>Mar 31 19:40:01 nebu pluto[22614]: | ******parse ISAKMP Oakley attribute:<br>Mar 31 19:40:01 nebu pluto[22614]: | af+type: OAKLEY_HASH_ALGORITHM<br>
Mar 31 19:40:01 nebu pluto[22614]: | length/value: 2<br>Mar 31 19:40:01 nebu pluto[22614]: | [2 is OAKLEY_SHA1]<br>Mar 31 19:40:01 nebu pluto[22614]: | ******parse ISAKMP Oakley attribute:<br>Mar 31 19:40:01 nebu pluto[22614]: | af+type: OAKLEY_GROUP_DESCRIPTION<br>
Mar 31 19:40:01 nebu pluto[22614]: | length/value: 2<br>Mar 31 19:40:01 nebu pluto[22614]: | [2 is OAKLEY_GROUP_MODP1024]<br>Mar 31 19:40:01 nebu pluto[22614]: | Oakley Transform 1 accepted<br>Mar 31 19:40:01 nebu pluto[22614]: | ****emit IPsec DOI SIT:<br>
Mar 31 19:40:01 nebu pluto[22614]: | IPsec DOI SIT: SIT_IDENTITY_ONLY<br>Mar 31 19:40:01 nebu pluto[22614]: | ****emit ISAKMP Proposal Payload:<br>Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>
Mar 31 19:40:01 nebu pluto[22614]: | proposal number: 1<br>Mar 31 19:40:01 nebu pluto[22614]: | protocol ID: PROTO_ISAKMP<br>Mar 31 19:40:01 nebu pluto[22614]: | SPI size: 0<br>Mar 31 19:40:01 nebu pluto[22614]: | number of transforms: 1<br>
Mar 31 19:40:01 nebu pluto[22614]: | *****emit ISAKMP Transform Payload (ISAKMP):<br>Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>Mar 31 19:40:01 nebu pluto[22614]: | transform number: 1<br>
Mar 31 19:40:01 nebu pluto[22614]: | transform ID: KEY_IKE<br>Mar 31 19:40:01 nebu pluto[22614]: | emitting 24 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP)<br>Mar 31 19:40:01 nebu pluto[22614]: | attributes 80 0b 00 01 80 0c 0e 10 80 01 00 05 80 03 00 01<br>
Mar 31 19:40:01 nebu pluto[22614]: | 80 02 00 02 80 04 00 02<br>Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32<br>Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Proposal Payload: 40<br>
Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Security Association Payload: 52<br>Mar 31 19:40:01 nebu pluto[22614]: | ***emit ISAKMP Vendor ID Payload:<br>Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>
Mar 31 19:40:01 nebu pluto[22614]: | emitting 12 raw bytes of Vendor ID into ISAKMP Vendor ID Payload<br>Mar 31 19:40:01 nebu pluto[22614]: | Vendor ID 4f 45 4b 42 7a 64 59 7b 77 4d 5d 40<br>Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Vendor ID Payload: 16<br>
Mar 31 19:40:01 nebu pluto[22614]: | ***emit ISAKMP Vendor ID Payload:<br>Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_VID<br>Mar 31 19:40:01 nebu pluto[22614]: | emitting 16 raw bytes of DPP Vendor ID into ISAKMP Vendor ID Payload<br>
Mar 31 19:40:01 nebu pluto[22614]: | DPP Vendor ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00<br>Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Vendor ID Payload: 20<br>Mar 31 19:40:01 nebu pluto[22614]: | sender checking NAT-t: 1 and 110<br>
Mar 31 19:40:01 nebu pluto[22614]: | out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike]<br>Mar 31 19:40:01 nebu pluto[22614]: | ***emit ISAKMP Vendor ID Payload:<br>Mar 31 19:40:01 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>
Mar 31 19:40:01 nebu pluto[22614]: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload<br>Mar 31 19:40:01 nebu pluto[22614]: | V_ID 4d f3 79 28 e9 fc 4f d1 b3 26 21 70 d5 15 c6 62<br>Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Vendor ID Payload: 20<br>
Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Message: 136<br>Mar 31 19:40:01 nebu pluto[22614]: | complete state transition with STF_OK<br>Mar 31 19:40:01 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<br>
Mar 31 19:40:01 nebu pluto[22614]: | sending reply packet to XX.XX.XX.XX:500 (from port=500)<br>Mar 31 19:40:01 nebu pluto[22614]: | sending 136 bytes for STATE_MAIN_R0 through eth0:500 to XX.XX.XX.XX:500:<br>Mar 31 19:40:01 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1 36 a4 14 99 ea 0e 87 a5<br>
Mar 31 19:40:01 nebu pluto[22614]: | 01 10 02 00 00 00 00 00 00 00 00 88 0d 00 00 34<br>Mar 31 19:40:01 nebu pluto[22614]: | 00 00 00 01 00 00 00 01 00 00 00 28 01 01 00 01<br>Mar 31 19:40:01 nebu pluto[22614]: | 00 00 00 20 01 01 00 00 80 0b 00 01 80 0c 0e 10<br>
Mar 31 19:40:01 nebu pluto[22614]: | 80 01 00 05 80 03 00 01 80 02 00 02 80 04 00 02<br>Mar 31 19:40:01 nebu pluto[22614]: | 0d 00 00 10 4f 45 4b 42 7a 64 59 7b 77 4d 5d 40<br>Mar 31 19:40:01 nebu pluto[22614]: | 0d 00 00 14 af ca d7 13 68 a1 f1 c9 6b 86 96 fc<br>
Mar 31 19:40:01 nebu pluto[22614]: | 77 57 01 00 00 00 00 14 4d f3 79 28 e9 fc 4f d1<br>Mar 31 19:40:01 nebu pluto[22614]: | b3 26 21 70 d5 15 c6 62<br>Mar 31 19:40:01 nebu pluto[22614]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #5<br>
Mar 31 19:40:01 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: STATE_MAIN_R1: sent MR1, expecting MI2<br>Mar 31 19:40:01 nebu pluto[22614]: | modecfg pull: noquirk policy:push not-client<br>Mar 31 19:40:01 nebu pluto[22614]: | phase 1 is done, looking for phase 1 to unpend<br>
Mar 31 19:40:01 nebu pluto[22614]: | next event EVENT_RETRANSMIT in 10 seconds for #5<br>Mar 31 19:40:02 nebu pluto[22619]: ! helper 0 doing build_kenonce op id: 5<br>Mar 31 19:40:02 nebu pluto[22614]: | <br>Mar 31 19:40:02 nebu pluto[22614]: | *received 228 bytes from XX.XX.XX.XX:500 on eth0 (port=500)<br>
Mar 31 19:40:02 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:02 nebu pluto[22614]: | 04 10 02 00 00 00 00 00 00 00 00 e4 0a 00 00 84<br>Mar 31 19:40:02 nebu pluto[22614]: | 66 64 9a 34 5a 12 4e 78 5f d3 9d c2 ba 33 df 47<br>
Mar 31 19:40:02 nebu pluto[22614]: | 96 58 17 d7 e5 7f 04 5e b6 03 59 48 e3 1c fb a7<br>Mar 31 19:40:02 nebu pluto[22614]: | da 06 57 6e a3 eb 07 60 88 10 d9 4b cd 49 c3 cf<br>Mar 31 19:40:02 nebu pluto[22614]: | 8c b2 16 9f df 6a 00 7e cf 47 0b 62 b0 8c 1b bc<br>
Mar 31 19:40:02 nebu pluto[22614]: | 90 15 84 d5 ec 5a 81 9e 5e 0f 03 b3 18 49 e0 f6<br>Mar 31 19:40:02 nebu pluto[22614]: | 27 4b 14 fe 84 57 59 9d 3e b9 48 89 f2 9a 8c 57<br>Mar 31 19:40:02 nebu pluto[22614]: | 1d fa cf 9c 50 a1 f1 e2 91 7d f6 94 7c 3b 82 00<br>
Mar 31 19:40:02 nebu pluto[22614]: | ec 27 34 34 cf f9 1d 31 4d 4e 6d 24 79 d4 02 2a<br>Mar 31 19:40:02 nebu pluto[22614]: | 0f 00 00 14 a7 6e f1 a3 0b e5 f0 f0 43 bf 3c e1<br>Mar 31 19:40:02 nebu pluto[22614]: | e2 7f 1d 16 0f 00 00 18 5c 08 24 b3 74 26 78 f5<br>
Mar 31 19:40:02 nebu pluto[22614]: | e8 23 d1 8d 5d fb d9 b7 97 b3 3f 00 00 00 00 18<br>Mar 31 19:40:02 nebu pluto[22614]: | a4 dd a0 c3 92 cc 84 ae 1b 3e e7 9f 25 79 43 8d<br>Mar 31 19:40:02 nebu pluto[22614]: | 6e cc 24 a3<br>
Mar 31 19:40:02 nebu pluto[22614]: | **parse ISAKMP Message:<br>Mar 31 19:40:02 nebu pluto[22614]: | initiator cookie:<br>Mar 31 19:40:02 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:02 nebu pluto[22614]: | responder cookie:<br>
Mar 31 19:40:02 nebu pluto[22614]: | 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_KE<br>Mar 31 19:40:02 nebu pluto[22614]: | ISAKMP version: ISAKMP Version 1.0<br>
Mar 31 19:40:02 nebu pluto[22614]: | exchange type: ISAKMP_XCHG_IDPROT<br>Mar 31 19:40:02 nebu pluto[22614]: | flags: none<br>Mar 31 19:40:02 nebu pluto[22614]: | message ID: 00 00 00 00<br>Mar 31 19:40:02 nebu pluto[22614]: | length: 228<br>
Mar 31 19:40:02 nebu pluto[22614]: | processing packet with exchange type=ISAKMP_XCHG_IDPROT (2)<br>Mar 31 19:40:02 nebu pluto[22614]: | ICOOKIE: 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:02 nebu pluto[22614]: | RCOOKIE: 36 a4 14 99 ea 0e 87 a5<br>
Mar 31 19:40:02 nebu pluto[22614]: | peer: 52 ee e3 25<br>Mar 31 19:40:02 nebu pluto[22614]: | state hash entry 12<br>Mar 31 19:40:02 nebu pluto[22614]: | peer and cookies match on #5, provided msgid 00000000 vs 00000000<br>
Mar 31 19:40:02 nebu pluto[22614]: | state object #5 found, in STATE_MAIN_R1<br>Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:02 nebu pluto[22614]: | np=4 and sd=0x80e13d4 <br>
Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP Key Exchange Payload:<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONCE<br>Mar 31 19:40:02 nebu pluto[22614]: | length: 132<br>Mar 31 19:40:02 nebu pluto[22614]: | np=10 and sd=0x80e1428 <br>
Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP Nonce Payload:<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_15<br>Mar 31 19:40:02 nebu pluto[22614]: | length: 20<br>Mar 31 19:40:02 nebu pluto[22614]: | np=15 and sd=(nil) <br>
Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP NAT-D Payload:<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_15<br>Mar 31 19:40:02 nebu pluto[22614]: | length: 24<br>Mar 31 19:40:02 nebu pluto[22614]: | np=15 and sd=(nil) <br>
Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP NAT-D Payload:<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>Mar 31 19:40:02 nebu pluto[22614]: | length: 24<br>Mar 31 19:40:02 nebu pluto[22614]: | **emit ISAKMP Message:<br>
Mar 31 19:40:02 nebu pluto[22614]: | initiator cookie:<br>Mar 31 19:40:02 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:02 nebu pluto[22614]: | responder cookie:<br>Mar 31 19:40:02 nebu pluto[22614]: | 36 a4 14 99 ea 0e 87 a5<br>
Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_KE<br>Mar 31 19:40:02 nebu pluto[22614]: | ISAKMP version: ISAKMP Version 1.0<br>Mar 31 19:40:02 nebu pluto[22614]: | exchange type: ISAKMP_XCHG_IDPROT<br>
Mar 31 19:40:02 nebu pluto[22614]: | flags: none<br>Mar 31 19:40:02 nebu pluto[22614]: | message ID: 00 00 00 00<br>Mar 31 19:40:02 nebu pluto[22614]: | DH public value received:<br>Mar 31 19:40:02 nebu pluto[22614]: | 66 64 9a 34 5a 12 4e 78 5f d3 9d c2 ba 33 df 47<br>
Mar 31 19:40:02 nebu pluto[22614]: | 96 58 17 d7 e5 7f 04 5e b6 03 59 48 e3 1c fb a7<br>Mar 31 19:40:02 nebu pluto[22614]: | da 06 57 6e a3 eb 07 60 88 10 d9 4b cd 49 c3 cf<br>Mar 31 19:40:02 nebu pluto[22614]: | 8c b2 16 9f df 6a 00 7e cf 47 0b 62 b0 8c 1b bc<br>
Mar 31 19:40:02 nebu pluto[22614]: | 90 15 84 d5 ec 5a 81 9e 5e 0f 03 b3 18 49 e0 f6<br>Mar 31 19:40:02 nebu pluto[22614]: | 27 4b 14 fe 84 57 59 9d 3e b9 48 89 f2 9a 8c 57<br>Mar 31 19:40:02 nebu pluto[22614]: | 1d fa cf 9c 50 a1 f1 e2 91 7d f6 94 7c 3b 82 00<br>
Mar 31 19:40:02 nebu pluto[22614]: | ec 27 34 34 cf f9 1d 31 4d 4e 6d 24 79 d4 02 2a<br>Mar 31 19:40:02 nebu pluto[22614]: | inI2: checking NAT-t: 1 and 16<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hasher=0x80e34e0(20)<br>
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: icookie=<br>Mar 31 19:40:02 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: rcookie=<br>Mar 31 19:40:02 nebu pluto[22614]: | 36 a4 14 99 ea 0e 87 a5<br>
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: ip= 0a c7 25 02<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: port=500<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hash= a2 7c 06 57 2b 40 a6 bb 96 fb 15 a1 57 d0 e7 d4<br>
Mar 31 19:40:02 nebu pluto[22614]: | 57 05 c3 0a<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hasher=0x80e34e0(20)<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: icookie=<br>Mar 31 19:40:02 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: rcookie=<br>Mar 31 19:40:02 nebu pluto[22614]: | 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: ip= 52 ee e3 25<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: port=500<br>
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hash= e3 1d de c8 45 e1 95 17 f2 54 93 1c dd 94 4a e8<br>Mar 31 19:40:02 nebu pluto[22614]: | e5 10 27 80<br>Mar 31 19:40:02 nebu pluto[22614]: | NAT_TRAVERSAL hash=0 (me:0) (him:0)<br>
Mar 31 19:40:02 nebu pluto[22614]: | expected NAT-D(me): a2 7c 06 57 2b 40 a6 bb 96 fb 15 a1 57 d0 e7 d4<br>Mar 31 19:40:02 nebu pluto[22614]: | 57 05 c3 0a<br>Mar 31 19:40:02 nebu pluto[22614]: | expected NAT-D(him):<br>
Mar 31 19:40:02 nebu pluto[22614]: | e3 1d de c8 45 e1 95 17 f2 54 93 1c dd 94 4a e8<br>Mar 31 19:40:02 nebu pluto[22614]: | e5 10 27 80<br>Mar 31 19:40:02 nebu pluto[22614]: | received NAT-D: 5c 08 24 b3 74 26 78 f5 e8 23 d1 8d 5d fb d9 b7<br>
Mar 31 19:40:02 nebu pluto[22614]: | 97 b3 3f 00<br>Mar 31 19:40:02 nebu pluto[22614]: | NAT_TRAVERSAL hash=1 (me:0) (him:0)<br>Mar 31 19:40:02 nebu pluto[22614]: | expected NAT-D(me): a2 7c 06 57 2b 40 a6 bb 96 fb 15 a1 57 d0 e7 d4<br>
Mar 31 19:40:02 nebu pluto[22614]: | 57 05 c3 0a<br>Mar 31 19:40:02 nebu pluto[22614]: | expected NAT-D(him):<br>Mar 31 19:40:02 nebu pluto[22614]: | e3 1d de c8 45 e1 95 17 f2 54 93 1c dd 94 4a e8<br>Mar 31 19:40:02 nebu pluto[22614]: | e5 10 27 80<br>
Mar 31 19:40:02 nebu pluto[22614]: | received NAT-D: a4 dd a0 c3 92 cc 84 ae 1b 3e e7 9f 25 79 43 8d<br>Mar 31 19:40:02 nebu pluto[22614]: | 6e cc 24 a3<br>Mar 31 19:40:02 nebu pluto[22614]: | NAT_TRAVERSAL hash=2 (me:0) (him:0)<br>
Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): both are NATed<br>Mar 31 19:40:02 nebu pluto[22614]: | 0: w->pcw_dead: 0 w->pcw_work: 0 cnt: 1<br>
Mar 31 19:40:02 nebu pluto[22614]: | asking helper 0 to do build_kenonce op on seq: 5<br>Mar 31 19:40:02 nebu pluto[22614]: | inserting event EVENT_CRYPTO_FAILED, timeout in 300 seconds for #5<br>Mar 31 19:40:02 nebu pluto[22614]: | complete state transition with STF_SUSPEND<br>
Mar 31 19:40:02 nebu pluto[22614]: | next event EVENT_NAT_T_KEEPALIVE in 13 seconds<br>Mar 31 19:40:02 nebu pluto[22619]: ! Local DH secret:<br>Mar 31 19:40:02 nebu pluto[22619]: ! 50 46 b7 51 f4 aa de 0f 30 c9 60 28 8a d3 93 7e<br>
Mar 31 19:40:02 nebu pluto[22619]: ! ad c1 8f 0c 8f 8e 3b ed 5f af 84 52 cf 99 f2 4d<br>Mar 31 19:40:02 nebu pluto[22619]: ! Public DH value sent:<br>Mar 31 19:40:02 nebu pluto[22619]: ! fd 14 c6 6c f7 25 76 a6 2c 7f b2 6b cc b6 1e cf<br>
Mar 31 19:40:02 nebu pluto[22619]: ! d3 82 ee f9 8f ca bf 56 e7 bf 1a 96 c3 b4 b4 d4<br>Mar 31 19:40:02 nebu pluto[22619]: ! 7a 6c 7e 0c e9 2c c8 80 0b 2b 22 2b bd 94 ac 2a<br>Mar 31 19:40:02 nebu pluto[22619]: ! 97 54 3b 5a 56 04 1f 36 d1 08 41 7c b4 73 9b a2<br>
Mar 31 19:40:02 nebu pluto[22619]: ! a4 a5 ef 01 1d 72 ff ad f8 f6 22 cf 7c ff 07 dd<br>Mar 31 19:40:02 nebu pluto[22619]: ! 62 8d 60 88 8c ed d9 65 8a 71 bd e2 05 c2 61 47<br>Mar 31 19:40:02 nebu pluto[22619]: ! 61 1e 32 3d 04 39 67 69 44 c3 29 1a 3c 13 06 c4<br>
Mar 31 19:40:02 nebu pluto[22619]: ! e7 fa 0b 23 5c d9 31 f2 39 40 63 fb fa df bb de<br>Mar 31 19:40:02 nebu pluto[22619]: ! Generated nonce:<br>Mar 31 19:40:02 nebu pluto[22619]: ! 79 7e 0b 30 06 72 bc 4b 43 ac 72 92 52 cb 61 39<br>
Mar 31 19:40:02 nebu pluto[22614]: | helper 0 has work (cnt now 0)<br>Mar 31 19:40:02 nebu pluto[22614]: | helper 0 replies to sequence 5<br>Mar 31 19:40:02 nebu pluto[22614]: | calling callback function 0x8063790<br>Mar 31 19:40:02 nebu pluto[22614]: | main inI2_outR2: calculated ke+nonce, sending R2<br>
Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:02 nebu pluto[22614]: | ***emit ISAKMP Key Exchange Payload:<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONCE<br>
Mar 31 19:40:02 nebu pluto[22614]: | emitting 128 raw bytes of keyex value into ISAKMP Key Exchange Payload<br>Mar 31 19:40:02 nebu pluto[22614]: | keyex value fd 14 c6 6c f7 25 76 a6 2c 7f b2 6b cc b6 1e cf<br>Mar 31 19:40:02 nebu pluto[22614]: | d3 82 ee f9 8f ca bf 56 e7 bf 1a 96 c3 b4 b4 d4<br>
Mar 31 19:40:02 nebu pluto[22614]: | 7a 6c 7e 0c e9 2c c8 80 0b 2b 22 2b bd 94 ac 2a<br>Mar 31 19:40:02 nebu pluto[22614]: | 97 54 3b 5a 56 04 1f 36 d1 08 41 7c b4 73 9b a2<br>Mar 31 19:40:02 nebu pluto[22614]: | a4 a5 ef 01 1d 72 ff ad f8 f6 22 cf 7c ff 07 dd<br>
Mar 31 19:40:02 nebu pluto[22614]: | 62 8d 60 88 8c ed d9 65 8a 71 bd e2 05 c2 61 47<br>Mar 31 19:40:02 nebu pluto[22614]: | 61 1e 32 3d 04 39 67 69 44 c3 29 1a 3c 13 06 c4<br>Mar 31 19:40:02 nebu pluto[22614]: | e7 fa 0b 23 5c d9 31 f2 39 40 63 fb fa df bb de<br>
Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP Key Exchange Payload: 132<br>Mar 31 19:40:02 nebu pluto[22614]: | ***emit ISAKMP Nonce Payload:<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>
Mar 31 19:40:02 nebu pluto[22614]: | emitting 16 raw bytes of Nr into ISAKMP Nonce Payload<br>Mar 31 19:40:02 nebu pluto[22614]: | Nr 79 7e 0b 30 06 72 bc 4b 43 ac 72 92 52 cb 61 39<br>Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP Nonce Payload: 20<br>
Mar 31 19:40:02 nebu pluto[22614]: | sending NATD payloads<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hasher=0x80e34e0(20)<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: icookie=<br>Mar 31 19:40:02 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: rcookie=<br>Mar 31 19:40:02 nebu pluto[22614]: | 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: ip= 52 ee e3 25<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: port=0<br>
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hash= a2 60 40 d9 7d d6 7f f9 49 89 be 62 43 82 24 f4<br>Mar 31 19:40:02 nebu pluto[22614]: | f8 77 55 98<br>Mar 31 19:40:02 nebu pluto[22614]: | ***emit ISAKMP NAT-D Payload:<br>
Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_15<br>Mar 31 19:40:02 nebu pluto[22614]: | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload<br>Mar 31 19:40:02 nebu pluto[22614]: | NAT-D a2 60 40 d9 7d d6 7f f9 49 89 be 62 43 82 24 f4<br>
Mar 31 19:40:02 nebu pluto[22614]: | f8 77 55 98<br>Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP NAT-D Payload: 24<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hasher=0x80e34e0(20)<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: icookie=<br>
Mar 31 19:40:02 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: rcookie=<br>Mar 31 19:40:02 nebu pluto[22614]: | 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: ip= 0a c7 25 02<br>
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: port=0<br>Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hash= 62 f7 70 f7 c6 fe 6f 03 f4 24 8a e9 c3 82 10 10<br>Mar 31 19:40:02 nebu pluto[22614]: | e2 27 1f 1b<br>
Mar 31 19:40:02 nebu pluto[22614]: | ***emit ISAKMP NAT-D Payload:<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>Mar 31 19:40:02 nebu pluto[22614]: | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload<br>
Mar 31 19:40:02 nebu pluto[22614]: | NAT-D 62 f7 70 f7 c6 fe 6f 03 f4 24 8a e9 c3 82 10 10<br>Mar 31 19:40:02 nebu pluto[22614]: | e2 27 1f 1b<br>Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP NAT-D Payload: 24<br>
Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP Message: 228<br>Mar 31 19:40:02 nebu pluto[22614]: | started looking for secret for 10.199.37.2-><a href="http://192.168.0.12">192.168.0.12</a> of kind PPK_PSK<br>
Mar 31 19:40:02 nebu pluto[22614]: | replace him to <a href="http://0.0.0.0">0.0.0.0</a><br>Mar 31 19:40:02 nebu pluto[22614]: | actually looking for secret for 10.199.37.2-><a href="http://0.0.0.0">0.0.0.0</a> of kind PPK_PSK<br>
Mar 31 19:40:02 nebu pluto[22614]: | 1: compared PSK <a href="http://0.0.0.0">0.0.0.0</a> to <a href="http://10.199.37.2">10.199.37.2</a> / <a href="http://192.168.0.12">192.168.0.12</a> -> 2<br>Mar 31 19:40:02 nebu pluto[22614]: | 2: compared PSK <a href="http://10.199.37.2">10.199.37.2</a> to <a href="http://10.199.37.2">10.199.37.2</a> / <a href="http://192.168.0.12">192.168.0.12</a> -> 6<br>
Mar 31 19:40:02 nebu pluto[22614]: | best_match 0>6 best=0x80faed8 (line=10)<br>Mar 31 19:40:02 nebu pluto[22614]: | concluding with best_match=6 best=0x80faed8 (lineno=10)<br>Mar 31 19:40:02 nebu pluto[22614]: | calc_dh_shared(): time elapsed (OAKLEY_GROUP_MODP1024): 4096 usec<br>
Mar 31 19:40:02 nebu pluto[22614]: | DH shared secret:<br>Mar 31 19:40:02 nebu pluto[22614]: | 2c d4 27 d6 ad 9a ae ae a6 d5 fa 93 bd a6 80 7d<br>Mar 31 19:40:02 nebu pluto[22614]: | 12 af d2 e1 6c da f5 20 f8 06 be 56 09 ee 09 bc<br>
Mar 31 19:40:02 nebu pluto[22614]: | 37 c6 e8 6a d7 01 40 d5 cc df f5 64 7c 40 4b 5a<br>Mar 31 19:40:02 nebu pluto[22614]: | e5 4c 3b b7 0e d2 0f e1 e8 77 be 5f a6 a3 11 37<br>Mar 31 19:40:02 nebu pluto[22614]: | 9f 96 3e 17 9d 3a 26 ba 87 a2 16 39 f0 11 e6 61<br>
Mar 31 19:40:02 nebu pluto[22614]: | c3 52 1e 97 fb b1 e3 39 19 9c 60 ae fb e9 88 19<br>Mar 31 19:40:02 nebu pluto[22614]: | 30 c2 57 00 8e f5 0b 24 79 25 70 d1 2e dd 23 77<br>Mar 31 19:40:02 nebu pluto[22614]: | c5 ce 31 76 19 cd 2d 6d 0d e4 54 24 68 bb d7 34<br>
Mar 31 19:40:02 nebu pluto[22614]: | Skey inputs (PSK+NI+NR)<br>Mar 31 19:40:02 nebu pluto[22614]: | ni: a7 6e f1 a3 0b e5 f0 f0 43 bf 3c e1 e2 7f 1d 16<br>Mar 31 19:40:02 nebu pluto[22614]: | nr: 79 7e 0b 30 06 72 bc 4b 43 ac 72 92 52 cb 61 39<br>
Mar 31 19:40:02 nebu pluto[22614]: | keyid: d3 99 c6 3b 50 46 8e d0 af cb 83 36 10 bc e0 13<br>Mar 31 19:40:02 nebu pluto[22614]: | 4b 91 70 5f<br>Mar 31 19:40:02 nebu pluto[22614]: | DH_i: 66 64 9a 34 5a 12 4e 78 5f d3 9d c2 ba 33 df 47<br>
Mar 31 19:40:02 nebu pluto[22614]: | 96 58 17 d7 e5 7f 04 5e b6 03 59 48 e3 1c fb a7<br>Mar 31 19:40:02 nebu pluto[22614]: | da 06 57 6e a3 eb 07 60 88 10 d9 4b cd 49 c3 cf<br>Mar 31 19:40:02 nebu pluto[22614]: | 8c b2 16 9f df 6a 00 7e cf 47 0b 62 b0 8c 1b bc<br>
Mar 31 19:40:02 nebu pluto[22614]: | 90 15 84 d5 ec 5a 81 9e 5e 0f 03 b3 18 49 e0 f6<br>Mar 31 19:40:02 nebu pluto[22614]: | 27 4b 14 fe 84 57 59 9d 3e b9 48 89 f2 9a 8c 57<br>Mar 31 19:40:02 nebu pluto[22614]: | 1d fa cf 9c 50 a1 f1 e2 91 7d f6 94 7c 3b 82 00<br>
Mar 31 19:40:02 nebu pluto[22614]: | ec 27 34 34 cf f9 1d 31 4d 4e 6d 24 79 d4 02 2a<br>Mar 31 19:40:02 nebu pluto[22614]: | DH_r: fd 14 c6 6c f7 25 76 a6 2c 7f b2 6b cc b6 1e cf<br>Mar 31 19:40:02 nebu pluto[22614]: | d3 82 ee f9 8f ca bf 56 e7 bf 1a 96 c3 b4 b4 d4<br>
Mar 31 19:40:02 nebu pluto[22614]: | 7a 6c 7e 0c e9 2c c8 80 0b 2b 22 2b bd 94 ac 2a<br>Mar 31 19:40:02 nebu pluto[22614]: | 97 54 3b 5a 56 04 1f 36 d1 08 41 7c b4 73 9b a2<br>Mar 31 19:40:02 nebu pluto[22614]: | a4 a5 ef 01 1d 72 ff ad f8 f6 22 cf 7c ff 07 dd<br>
Mar 31 19:40:02 nebu pluto[22614]: | 62 8d 60 88 8c ed d9 65 8a 71 bd e2 05 c2 61 47<br>Mar 31 19:40:02 nebu pluto[22614]: | 61 1e 32 3d 04 39 67 69 44 c3 29 1a 3c 13 06 c4<br>Mar 31 19:40:02 nebu pluto[22614]: | e7 fa 0b 23 5c d9 31 f2 39 40 63 fb fa df bb de<br>
Mar 31 19:40:02 nebu pluto[22614]: | Skeyid: d3 99 c6 3b 50 46 8e d0 af cb 83 36 10 bc e0 13<br>Mar 31 19:40:02 nebu pluto[22614]: | 4b 91 70 5f<br>Mar 31 19:40:02 nebu pluto[22614]: | Skeyid_d: 59 ab 63 b7 d3 e8 bc 0d 06 5f 5f 0c 5d 21 19 4c<br>
Mar 31 19:40:02 nebu pluto[22614]: | f3 e4 44 0a<br>Mar 31 19:40:02 nebu pluto[22614]: | Skeyid_a: 61 c0 65 dc 44 03 81 d3 87 e1 8a 7e 5b 4f f8 70<br>Mar 31 19:40:02 nebu pluto[22614]: | f1 99 c2 c7<br>Mar 31 19:40:02 nebu pluto[22614]: | Skeyid_e: c1 da d0 c6 46 7b 64 b8 e8 4e 34 fc bd 05 dc 4e<br>
Mar 31 19:40:02 nebu pluto[22614]: | df 73 cb e5<br>Mar 31 19:40:02 nebu pluto[22614]: | enc key: d3 93 81 10 70 aa 93 55 d0 b2 32 d1 4d ca 14 47<br>Mar 31 19:40:02 nebu pluto[22614]: | f1 39 65 61 8f 45 4f 69<br>
Mar 31 19:40:02 nebu pluto[22614]: | IV: 05 d3 48 04 11 de 52 2b 38 f6 bf f7 a6 b1 19 31<br>Mar 31 19:40:02 nebu pluto[22614]: | 7d a1 fd f1<br>Mar 31 19:40:02 nebu pluto[22614]: | complete state transition with STF_OK<br>
Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<br>Mar 31 19:40:02 nebu pluto[22614]: | sending reply packet to XX.XX.XX.XX:500 (from port=500)<br>
Mar 31 19:40:02 nebu pluto[22614]: | sending 228 bytes for STATE_MAIN_R1 through eth0:500 to XX.XX.XX.XX:500:<br>Mar 31 19:40:02 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:02 nebu pluto[22614]: | 04 10 02 00 00 00 00 00 00 00 00 e4 0a 00 00 84<br>
Mar 31 19:40:02 nebu pluto[22614]: | fd 14 c6 6c f7 25 76 a6 2c 7f b2 6b cc b6 1e cf<br>Mar 31 19:40:02 nebu pluto[22614]: | d3 82 ee f9 8f ca bf 56 e7 bf 1a 96 c3 b4 b4 d4<br>Mar 31 19:40:02 nebu pluto[22614]: | 7a 6c 7e 0c e9 2c c8 80 0b 2b 22 2b bd 94 ac 2a<br>
Mar 31 19:40:02 nebu pluto[22614]: | 97 54 3b 5a 56 04 1f 36 d1 08 41 7c b4 73 9b a2<br>Mar 31 19:40:02 nebu pluto[22614]: | a4 a5 ef 01 1d 72 ff ad f8 f6 22 cf 7c ff 07 dd<br>Mar 31 19:40:02 nebu pluto[22614]: | 62 8d 60 88 8c ed d9 65 8a 71 bd e2 05 c2 61 47<br>
Mar 31 19:40:02 nebu pluto[22614]: | 61 1e 32 3d 04 39 67 69 44 c3 29 1a 3c 13 06 c4<br>Mar 31 19:40:02 nebu pluto[22614]: | e7 fa 0b 23 5c d9 31 f2 39 40 63 fb fa df bb de<br>Mar 31 19:40:02 nebu pluto[22614]: | 0f 00 00 14 79 7e 0b 30 06 72 bc 4b 43 ac 72 92<br>
Mar 31 19:40:02 nebu pluto[22614]: | 52 cb 61 39 0f 00 00 18 a2 60 40 d9 7d d6 7f f9<br>Mar 31 19:40:02 nebu pluto[22614]: | 49 89 be 62 43 82 24 f4 f8 77 55 98 00 00 00 18<br>Mar 31 19:40:02 nebu pluto[22614]: | 62 f7 70 f7 c6 fe 6f 03 f4 24 8a e9 c3 82 10 10<br>
Mar 31 19:40:02 nebu pluto[22614]: | e2 27 1f 1b<br>Mar 31 19:40:02 nebu pluto[22614]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #5<br>Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: STATE_MAIN_R2: sent MR2, expecting MI3<br>
Mar 31 19:40:02 nebu pluto[22614]: | modecfg pull: noquirk policy:push not-client<br>Mar 31 19:40:02 nebu pluto[22614]: | phase 1 is done, looking for phase 1 to unpend<br>Mar 31 19:40:02 nebu pluto[22614]: | next event EVENT_RETRANSMIT in 10 seconds for #5<br>
Mar 31 19:40:02 nebu pluto[22614]: | <br>Mar 31 19:40:02 nebu pluto[22614]: | *received 68 bytes from XX.XX.XX.XX:4500 on eth0 (port=4500)<br>Mar 31 19:40:02 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1 36 a4 14 99 ea 0e 87 a5<br>
Mar 31 19:40:02 nebu pluto[22614]: | 05 10 02 01 00 00 00 00 00 00 00 44 2e 0f 0c 11<br>Mar 31 19:40:02 nebu pluto[22614]: | 9f ea 77 64 90 5e 9f 0f e3 07 08 84 18 c0 e6 c0<br>Mar 31 19:40:02 nebu pluto[22614]: | c0 27 59 15 8d 02 79 a4 16 ec 06 9a 36 25 a4 8f<br>
Mar 31 19:40:02 nebu pluto[22614]: | 93 91 f4 b7<br>Mar 31 19:40:02 nebu pluto[22614]: | **parse ISAKMP Message:<br>Mar 31 19:40:02 nebu pluto[22614]: | initiator cookie:<br>Mar 31 19:40:02 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>
Mar 31 19:40:02 nebu pluto[22614]: | responder cookie:<br>Mar 31 19:40:02 nebu pluto[22614]: | 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_ID<br>Mar 31 19:40:02 nebu pluto[22614]: | ISAKMP version: ISAKMP Version 1.0<br>
Mar 31 19:40:02 nebu pluto[22614]: | exchange type: ISAKMP_XCHG_IDPROT<br>Mar 31 19:40:02 nebu pluto[22614]: | flags: ISAKMP_FLAG_ENCRYPTION<br>Mar 31 19:40:02 nebu pluto[22614]: | message ID: 00 00 00 00<br>Mar 31 19:40:02 nebu pluto[22614]: | length: 68<br>
Mar 31 19:40:02 nebu pluto[22614]: | processing packet with exchange type=ISAKMP_XCHG_IDPROT (2)<br>Mar 31 19:40:02 nebu pluto[22614]: | ICOOKIE: 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:02 nebu pluto[22614]: | RCOOKIE: 36 a4 14 99 ea 0e 87 a5<br>
Mar 31 19:40:02 nebu pluto[22614]: | peer: 52 ee e3 25<br>Mar 31 19:40:02 nebu pluto[22614]: | state hash entry 12<br>Mar 31 19:40:02 nebu pluto[22614]: | peer and cookies match on #5, provided msgid 00000000 vs 00000000<br>
Mar 31 19:40:02 nebu pluto[22614]: | state object #5 found, in STATE_MAIN_R2<br>Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:02 nebu pluto[22614]: | received encrypted packet from XX.XX.XX.XX:4500<br>
Mar 31 19:40:02 nebu pluto[22614]: | decrypting 40 bytes using algorithm OAKLEY_3DES_CBC<br>Mar 31 19:40:02 nebu pluto[22614]: | decrypted:<br>Mar 31 19:40:02 nebu pluto[22614]: | 08 00 00 0c 01 11 01 f4 c0 a8 00 0c 00 00 00 18<br>
Mar 31 19:40:02 nebu pluto[22614]: | 77 1b c3 c9 6f 3a 16 70 c0 16 70 58 cc 94 21 e9<br>Mar 31 19:40:02 nebu pluto[22614]: | 4e 78 32 50 00 00 00 04<br>Mar 31 19:40:02 nebu pluto[22614]: | next IV: 36 25 a4 8f 93 91 f4 b7<br>
Mar 31 19:40:02 nebu pluto[22614]: | np=5 and sd=(nil) <br>Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP Identification Payload:<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_HASH<br>Mar 31 19:40:02 nebu pluto[22614]: | length: 12<br>
Mar 31 19:40:02 nebu pluto[22614]: | ID type: ID_IPV4_ADDR<br>Mar 31 19:40:02 nebu pluto[22614]: | DOI specific A: 17<br>Mar 31 19:40:02 nebu pluto[22614]: | DOI specific B: 500<br>Mar 31 19:40:02 nebu pluto[22614]: | np=8 and sd=0x80e1410 <br>
Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP Hash Payload:<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>Mar 31 19:40:02 nebu pluto[22614]: | length: 24<br>Mar 31 19:40:02 nebu pluto[22614]: | removing 4 bytes of padding<br>
Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: Main mode peer ID is ID_IPV4_ADDR: '<a href="http://192.168.0.12">192.168.0.12</a>'<br>Mar 31 19:40:02 nebu pluto[22614]: | refine_connection: starting with iphone<br>
Mar 31 19:40:02 nebu pluto[22614]: | trusted_ca called with a=(empty) b=(empty)<br>Mar 31 19:40:02 nebu pluto[22614]: | refine_connection: happy with starting point: iphone<br>Mar 31 19:40:02 nebu pluto[22614]: | offered CA: '%none'<br>
Mar 31 19:40:02 nebu pluto[22614]: | hashing 48 bytes of SA<br>Mar 31 19:40:02 nebu pluto[22614]: | authentication succeeded<br>Mar 31 19:40:02 nebu pluto[22614]: | thinking about whether to send my certificate:<br>Mar 31 19:40:02 nebu pluto[22614]: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: CERT_NONE <br>
Mar 31 19:40:02 nebu pluto[22614]: | sendcert: CERT_ALWAYSSEND and I did not get a certificate request <br>Mar 31 19:40:02 nebu pluto[22614]: | so do not send cert.<br>Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: I did not send a certificate because I do not have one.<br>
Mar 31 19:40:02 nebu pluto[22614]: | **emit ISAKMP Message:<br>Mar 31 19:40:02 nebu pluto[22614]: | initiator cookie:<br>Mar 31 19:40:02 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:02 nebu pluto[22614]: | responder cookie:<br>
Mar 31 19:40:02 nebu pluto[22614]: | 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_ID<br>Mar 31 19:40:02 nebu pluto[22614]: | ISAKMP version: ISAKMP Version 1.0<br>
Mar 31 19:40:02 nebu pluto[22614]: | exchange type: ISAKMP_XCHG_IDPROT<br>Mar 31 19:40:02 nebu pluto[22614]: | flags: ISAKMP_FLAG_ENCRYPTION<br>Mar 31 19:40:02 nebu pluto[22614]: | message ID: 00 00 00 00<br>Mar 31 19:40:02 nebu pluto[22614]: | ***emit ISAKMP Identification Payload (IPsec DOI):<br>
Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_HASH<br>Mar 31 19:40:02 nebu pluto[22614]: | ID type: ID_IPV4_ADDR<br>Mar 31 19:40:02 nebu pluto[22614]: | Protocol ID: 0<br>Mar 31 19:40:02 nebu pluto[22614]: | port: 0<br>
Mar 31 19:40:02 nebu pluto[22614]: | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)<br>Mar 31 19:40:02 nebu pluto[22614]: | my identity 0a c7 25 02<br>Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP Identification Payload (IPsec DOI): 12<br>
Mar 31 19:40:02 nebu pluto[22614]: | hashing 48 bytes of SA<br>Mar 31 19:40:02 nebu pluto[22614]: | ***emit ISAKMP Hash Payload:<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>Mar 31 19:40:02 nebu pluto[22614]: | emitting 20 raw bytes of HASH_R into ISAKMP Hash Payload<br>
Mar 31 19:40:02 nebu pluto[22614]: | HASH_R 31 c7 db 4f 1a af 58 af 1f d7 cc 47 96 75 2e a5<br>Mar 31 19:40:02 nebu pluto[22614]: | ac 83 3f af<br>Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP Hash Payload: 24<br>
Mar 31 19:40:02 nebu pluto[22614]: | encrypting:<br>Mar 31 19:40:02 nebu pluto[22614]: | 08 00 00 0c 01 00 00 00 0a c7 25 02 00 00 00 18<br>Mar 31 19:40:02 nebu pluto[22614]: | 31 c7 db 4f 1a af 58 af 1f d7 cc 47 96 75 2e a5<br>
Mar 31 19:40:02 nebu pluto[22614]: | ac 83 3f af<br>Mar 31 19:40:02 nebu pluto[22614]: | IV:<br>Mar 31 19:40:02 nebu pluto[22614]: | 36 25 a4 8f 93 91 f4 b7<br>Mar 31 19:40:02 nebu pluto[22614]: | emitting 4 zero bytes of encryption padding into ISAKMP Message<br>
Mar 31 19:40:02 nebu pluto[22614]: | encrypting using OAKLEY_3DES_CBC<br>Mar 31 19:40:02 nebu pluto[22614]: | next IV: ad ea 68 be a9 72 0c 08<br>Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP Message: 68<br>
Mar 31 19:40:02 nebu pluto[22614]: | last encrypted block of Phase 1:<br>Mar 31 19:40:02 nebu pluto[22614]: | ad ea 68 be a9 72 0c 08<br>Mar 31 19:40:02 nebu pluto[22614]: | complete state transition with STF_OK<br>Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3<br>
Mar 31 19:40:02 nebu pluto[22614]: | sending reply packet to XX.XX.XX.XX:500 (from port=500)<br>Mar 31 19:40:02 nebu pluto[22614]: | NAT-T: new mapping XX.XX.XX.XX:500/4500)<br>Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>
Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>
Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:02 nebu pluto[22614]: | NAT-T: updating local port to 4500<br>Mar 31 19:40:02 nebu pluto[22614]: | NAT-T connection has wrong interface definition <a href="http://10.199.37.2:4500">10.199.37.2:4500</a> vs <a href="http://10.199.37.2:500">10.199.37.2:500</a><br>
Mar 31 19:40:02 nebu pluto[22614]: | NAT-T: using interface eth0:4500<br>Mar 31 19:40:02 nebu pluto[22614]: | sending 68 bytes for STATE_MAIN_R2 through eth0:4500 to XX.XX.XX.XX:4500:<br>Mar 31 19:40:02 nebu pluto[22614]: | 00 00 00 00 27 e0 47 b6 99 15 5a c1 36 a4 14 99<br>
Mar 31 19:40:02 nebu pluto[22614]: | ea 0e 87 a5 05 10 02 01 00 00 00 00 00 00 00 44<br>Mar 31 19:40:02 nebu pluto[22614]: | b6 3a 84 2f c3 87 48 5d ae a1 e1 4a fa 56 af 1c<br>Mar 31 19:40:02 nebu pluto[22614]: | c8 8a 51 72 77 7b ea 9d 21 77 4a 80 39 fe 77 05<br>
Mar 31 19:40:02 nebu pluto[22614]: | ad ea 68 be a9 72 0c 08<br>Mar 31 19:40:02 nebu pluto[22614]: | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #5<br>Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}<br>
Mar 31 19:40:02 nebu pluto[22614]: | modecfg pull: noquirk policy:push not-client<br>Mar 31 19:40:02 nebu pluto[22614]: | phase 1 is done, looking for phase 1 to unpend<br>Mar 31 19:40:02 nebu pluto[22614]: | next event EVENT_NAT_T_KEEPALIVE in 13 seconds<br>
Mar 31 19:40:02 nebu pluto[22614]: | <br>Mar 31 19:40:02 nebu pluto[22614]: | *received 84 bytes from XX.XX.XX.XX:4500 on eth0 (port=4500)<br>Mar 31 19:40:02 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1 36 a4 14 99 ea 0e 87 a5<br>
Mar 31 19:40:02 nebu pluto[22614]: | 08 10 05 01 ba 0c dc bd 00 00 00 54 b5 cd 64 6a<br>Mar 31 19:40:02 nebu pluto[22614]: | 63 31 60 7c 28 c7 c2 1f e6 a6 95 56 20 a8 2d c7<br>Mar 31 19:40:02 nebu pluto[22614]: | cc 43 0f d3 9e 8e d7 45 99 60 52 7e 24 6a 8b 6f<br>
Mar 31 19:40:02 nebu pluto[22614]: | 0e 47 61 3e 98 f0 7f d4 18 2a be 71 c8 75 a4 65<br>Mar 31 19:40:02 nebu pluto[22614]: | 10 67 65 52<br>Mar 31 19:40:02 nebu pluto[22614]: | **parse ISAKMP Message:<br>Mar 31 19:40:02 nebu pluto[22614]: | initiator cookie:<br>
Mar 31 19:40:02 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:02 nebu pluto[22614]: | responder cookie:<br>Mar 31 19:40:02 nebu pluto[22614]: | 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_HASH<br>
Mar 31 19:40:02 nebu pluto[22614]: | ISAKMP version: ISAKMP Version 1.0<br>Mar 31 19:40:02 nebu pluto[22614]: | exchange type: ISAKMP_XCHG_INFO<br>Mar 31 19:40:02 nebu pluto[22614]: | flags: ISAKMP_FLAG_ENCRYPTION<br>
Mar 31 19:40:02 nebu pluto[22614]: | message ID: ba 0c dc bd<br>Mar 31 19:40:02 nebu pluto[22614]: | length: 84<br>Mar 31 19:40:02 nebu pluto[22614]: | processing packet with exchange type=ISAKMP_XCHG_INFO (5)<br>
Mar 31 19:40:02 nebu pluto[22614]: | ICOOKIE: 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:02 nebu pluto[22614]: | RCOOKIE: 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:02 nebu pluto[22614]: | peer: 52 ee e3 25<br>Mar 31 19:40:02 nebu pluto[22614]: | state hash entry 12<br>
Mar 31 19:40:02 nebu pluto[22614]: | peer and cookies match on #5, provided msgid 00000000 vs 00000000/00000000<br>Mar 31 19:40:02 nebu pluto[22614]: | p15 state object #5 found, in STATE_MAIN_R3<br>Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>
Mar 31 19:40:02 nebu pluto[22614]: | last Phase 1 IV: ad ea 68 be a9 72 0c 08<br>Mar 31 19:40:02 nebu pluto[22614]: | current Phase 1 IV: ad ea 68 be a9 72 0c 08<br>Mar 31 19:40:02 nebu pluto[22614]: | computed Phase 2 IV:<br>
Mar 31 19:40:02 nebu pluto[22614]: | f3 05 4e 35 d8 5c 6d f0 61 78 ba 73 8c 25 a1 c2<br>Mar 31 19:40:02 nebu pluto[22614]: | 0b e7 b3 75<br>Mar 31 19:40:02 nebu pluto[22614]: | received encrypted packet from XX.XX.XX.XX:4500<br>
Mar 31 19:40:02 nebu pluto[22614]: | decrypting 56 bytes using algorithm OAKLEY_3DES_CBC<br>Mar 31 19:40:02 nebu pluto[22614]: | decrypted:<br>Mar 31 19:40:02 nebu pluto[22614]: | 0b 00 00 18 8b f9 a2 48 8f 44 49 b7 d4 24 d8 d6<br>
Mar 31 19:40:02 nebu pluto[22614]: | d1 27 a2 c7 fa 26 81 9a 00 00 00 1c 00 00 00 01<br>Mar 31 19:40:02 nebu pluto[22614]: | 01 10 60 02 27 e0 47 b6 99 15 5a c1 36 a4 14 99<br>Mar 31 19:40:02 nebu pluto[22614]: | ea 0e 87 a5 00 00 00 04<br>
Mar 31 19:40:02 nebu pluto[22614]: | next IV: c8 75 a4 65 10 67 65 52<br>Mar 31 19:40:02 nebu pluto[22614]: | np=8 and sd=0x80e1410 <br>Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP Hash Payload:<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_N<br>
Mar 31 19:40:02 nebu pluto[22614]: | length: 24<br>Mar 31 19:40:02 nebu pluto[22614]: | np=11 and sd=0x80e1434 <br>Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP Notification Payload:<br>Mar 31 19:40:02 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>
Mar 31 19:40:02 nebu pluto[22614]: | length: 28<br>Mar 31 19:40:02 nebu pluto[22614]: | DOI: ISAKMP_DOI_IPSEC<br>Mar 31 19:40:02 nebu pluto[22614]: | protocol ID: 1<br>Mar 31 19:40:02 nebu pluto[22614]: | SPI size: 16<br>
Mar 31 19:40:02 nebu pluto[22614]: | Notify Message Type: IPSEC_INITIAL_CONTACT<br>Mar 31 19:40:02 nebu pluto[22614]: | removing 4 bytes of padding<br>Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: ignoring informational payload, type IPSEC_INITIAL_CONTACT<br>
Mar 31 19:40:02 nebu pluto[22614]: | info: 27 e0 47 b6 99 15 5a c1 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:02 nebu pluto[22614]: | processing informational IPSEC_INITIAL_CONTACT (24578)<br>Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: received and ignored informational message<br>
Mar 31 19:40:02 nebu pluto[22614]: | complete state transition with STF_IGNORE<br>Mar 31 19:40:02 nebu pluto[22614]: | next event EVENT_NAT_T_KEEPALIVE in 13 seconds<br>Mar 31 19:40:03 nebu pluto[22619]: ! helper 0 doing build_nonce op id: 6<br>
Mar 31 19:40:03 nebu pluto[22619]: ! Generated nonce:<br>Mar 31 19:40:03 nebu pluto[22619]: ! 55 5f 07 15 7f 7b ac ba ac 0a 0c 1f db 8e 30 2e<br>Mar 31 19:40:03 nebu pluto[22614]: | <br>Mar 31 19:40:03 nebu pluto[22614]: | *received 228 bytes from XX.XX.XX.XX:4500 on eth0 (port=4500)<br>
Mar 31 19:40:03 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:03 nebu pluto[22614]: | 08 10 20 01 bb b5 56 85 00 00 00 e4 21 1d 75 f6<br>Mar 31 19:40:03 nebu pluto[22614]: | a5 f4 1c d0 9e 28 5e 06 e4 b4 f8 3b d6 a0 66 4f<br>
Mar 31 19:40:03 nebu pluto[22614]: | a5 6a f3 59 bd 40 ab 66 02 bd d8 18 61 78 43 67<br>Mar 31 19:40:03 nebu pluto[22614]: | fc 8c f0 05 9b 6c 07 03 ab f5 c5 7a 57 86 17 e8<br>Mar 31 19:40:03 nebu pluto[22614]: | cc 0b 9c c5 c2 1b d9 c8 c1 02 d0 30 c3 31 f3 ed<br>
Mar 31 19:40:03 nebu pluto[22614]: | f3 04 bf af 22 70 26 9d fa b3 0a 27 a1 09 d6 7f<br>Mar 31 19:40:03 nebu pluto[22614]: | 0d 40 47 b7 4c d4 c2 be 97 16 6d 6d 89 06 d8 1c<br>Mar 31 19:40:03 nebu pluto[22614]: | 47 fe 92 4d 64 5f bc 2e 0b 36 da 53 9d 1e 7d 8b<br>
Mar 31 19:40:03 nebu pluto[22614]: | 0a 08 f0 d6 87 9d 8c 6b 51 1f 15 62 a0 df 8f 9a<br>Mar 31 19:40:03 nebu pluto[22614]: | 77 dc 64 e6 bc 4e 38 78 86 25 b4 04 87 ae 0b d6<br>Mar 31 19:40:03 nebu pluto[22614]: | 5a 7b bc e4 03 b5 79 75 a3 ef e9 b4 2e 40 df b8<br>
Mar 31 19:40:03 nebu pluto[22614]: | d5 e6 83 95 d7 41 39 2b e1 a3 5a ac 8f 0b 2f f6<br>Mar 31 19:40:03 nebu pluto[22614]: | dc 70 a7 ec 03 f2 ae b1 41 51 4b 7f b3 81 41 80<br>Mar 31 19:40:03 nebu pluto[22614]: | c0 e1 af b6<br>
Mar 31 19:40:03 nebu pluto[22614]: | **parse ISAKMP Message:<br>Mar 31 19:40:03 nebu pluto[22614]: | initiator cookie:<br>Mar 31 19:40:03 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:03 nebu pluto[22614]: | responder cookie:<br>
Mar 31 19:40:03 nebu pluto[22614]: | 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_HASH<br>Mar 31 19:40:03 nebu pluto[22614]: | ISAKMP version: ISAKMP Version 1.0<br>
Mar 31 19:40:03 nebu pluto[22614]: | exchange type: ISAKMP_XCHG_QUICK<br>Mar 31 19:40:03 nebu pluto[22614]: | flags: ISAKMP_FLAG_ENCRYPTION<br>Mar 31 19:40:03 nebu pluto[22614]: | message ID: bb b5 56 85<br>Mar 31 19:40:03 nebu pluto[22614]: | length: 228<br>
Mar 31 19:40:03 nebu pluto[22614]: | processing packet with exchange type=ISAKMP_XCHG_QUICK (32)<br>Mar 31 19:40:03 nebu pluto[22614]: | ICOOKIE: 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:03 nebu pluto[22614]: | RCOOKIE: 36 a4 14 99 ea 0e 87 a5<br>
Mar 31 19:40:03 nebu pluto[22614]: | peer: 52 ee e3 25<br>Mar 31 19:40:03 nebu pluto[22614]: | state hash entry 12<br>Mar 31 19:40:03 nebu pluto[22614]: | peer and cookies match on #5, provided msgid bbb55685 vs 00000000<br>
Mar 31 19:40:03 nebu pluto[22614]: | state object not found<br>Mar 31 19:40:03 nebu pluto[22614]: | ICOOKIE: 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:03 nebu pluto[22614]: | RCOOKIE: 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:03 nebu pluto[22614]: | peer: 52 ee e3 25<br>
Mar 31 19:40:03 nebu pluto[22614]: | state hash entry 12<br>Mar 31 19:40:03 nebu pluto[22614]: | peer and cookies match on #5, provided msgid 00000000 vs 00000000<br>Mar 31 19:40:03 nebu pluto[22614]: | state object #5 found, in STATE_MAIN_R3<br>
Mar 31 19:40:03 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:03 nebu pluto[22614]: | last Phase 1 IV: ad ea 68 be a9 72 0c 08<br>Mar 31 19:40:03 nebu pluto[22614]: | current Phase 1 IV: ad ea 68 be a9 72 0c 08<br>
Mar 31 19:40:03 nebu pluto[22614]: | computed Phase 2 IV:<br>Mar 31 19:40:03 nebu pluto[22614]: | 38 f2 6b 5c 7c e4 26 93 6d cb 56 01 be 49 a2 b7<br>Mar 31 19:40:03 nebu pluto[22614]: | 47 e2 30 00<br>Mar 31 19:40:03 nebu pluto[22614]: | received encrypted packet from XX.XX.XX.XX:4500<br>
Mar 31 19:40:03 nebu pluto[22614]: | decrypting 200 bytes using algorithm OAKLEY_3DES_CBC<br>Mar 31 19:40:03 nebu pluto[22614]: | decrypted:<br>Mar 31 19:40:03 nebu pluto[22614]: | 01 00 00 18 99 94 8b 68 a1 fb 88 b9 33 c0 d4 bb<br>
Mar 31 19:40:03 nebu pluto[22614]: | 43 83 da d3 a3 c0 2d 1c 0a 00 00 80 00 00 00 01<br>Mar 31 19:40:03 nebu pluto[22614]: | 00 00 00 01 00 00 00 74 01 03 04 04 01 5f 68 50<br>Mar 31 19:40:03 nebu pluto[22614]: | 03 00 00 1c 01 0c 00 00 80 01 00 01 80 02 0e 10<br>
Mar 31 19:40:03 nebu pluto[22614]: | 80 04 00 04 80 06 00 80 80 05 00 02 03 00 00 1c<br>Mar 31 19:40:03 nebu pluto[22614]: | 02 0c 00 00 80 01 00 01 80 02 0e 10 80 04 00 04<br>Mar 31 19:40:03 nebu pluto[22614]: | 80 06 00 80 80 05 00 01 03 00 00 18 03 03 00 00<br>
Mar 31 19:40:03 nebu pluto[22614]: | 80 01 00 01 80 02 0e 10 80 04 00 04 80 05 00 02<br>Mar 31 19:40:03 nebu pluto[22614]: | 00 00 00 18 04 03 00 00 80 01 00 01 80 02 0e 10<br>Mar 31 19:40:03 nebu pluto[22614]: | 80 04 00 04 80 05 00 01 05 00 00 14 f6 d5 01 f4<br>
Mar 31 19:40:03 nebu pluto[22614]: | 0d a2 ca 4b 75 e2 cb 8b ef 56 70 58 05 00 00 0c<br>Mar 31 19:40:03 nebu pluto[22614]: | 01 11 c2 41 c0 a8 00 0c 00 00 00 0c 01 11 06 a5<br>Mar 31 19:40:03 nebu pluto[22614]: | 52 e9 ff 79 00 00 00 04<br>
Mar 31 19:40:03 nebu pluto[22614]: | next IV: b3 81 41 80 c0 e1 af b6<br>Mar 31 19:40:03 nebu pluto[22614]: | np=8 and sd=0x80e1410 <br>Mar 31 19:40:03 nebu pluto[22614]: | ***parse ISAKMP Hash Payload:<br>Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_SA<br>
Mar 31 19:40:03 nebu pluto[22614]: | length: 24<br>Mar 31 19:40:03 nebu pluto[22614]: | np=1 and sd=0x80e1380 <br>Mar 31 19:40:03 nebu pluto[22614]: | ***parse ISAKMP Security Association Payload:<br>Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONCE<br>
Mar 31 19:40:03 nebu pluto[22614]: | length: 128<br>Mar 31 19:40:03 nebu pluto[22614]: | DOI: ISAKMP_DOI_IPSEC<br>Mar 31 19:40:03 nebu pluto[22614]: | np=10 and sd=0x80e1428 <br>Mar 31 19:40:03 nebu pluto[22614]: | ***parse ISAKMP Nonce Payload:<br>
Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_ID<br>Mar 31 19:40:03 nebu pluto[22614]: | length: 20<br>Mar 31 19:40:03 nebu pluto[22614]: | np=5 and sd=(nil) <br>Mar 31 19:40:03 nebu pluto[22614]: | ***parse ISAKMP Identification Payload (IPsec DOI):<br>
Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_ID<br>Mar 31 19:40:03 nebu pluto[22614]: | length: 12<br>Mar 31 19:40:03 nebu pluto[22614]: | ID type: ID_IPV4_ADDR<br>Mar 31 19:40:03 nebu pluto[22614]: | Protocol ID: 17<br>
Mar 31 19:40:03 nebu pluto[22614]: | port: 49729<br>Mar 31 19:40:03 nebu pluto[22614]: | np=5 and sd=(nil) <br>Mar 31 19:40:03 nebu pluto[22614]: | ***parse ISAKMP Identification Payload (IPsec DOI):<br>Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>
Mar 31 19:40:03 nebu pluto[22614]: | length: 12<br>Mar 31 19:40:03 nebu pluto[22614]: | ID type: ID_IPV4_ADDR<br>Mar 31 19:40:03 nebu pluto[22614]: | Protocol ID: 17<br>Mar 31 19:40:03 nebu pluto[22614]: | port: 1701<br>
Mar 31 19:40:03 nebu pluto[22614]: | removing 4 bytes of padding<br>Mar 31 19:40:03 nebu pluto[22614]: | HASH(1) computed:<br>Mar 31 19:40:03 nebu pluto[22614]: | 99 94 8b 68 a1 fb 88 b9 33 c0 d4 bb 43 83 da d3<br>Mar 31 19:40:03 nebu pluto[22614]: | a3 c0 2d 1c<br>
Mar 31 19:40:03 nebu pluto[22614]: | peer client is <a href="http://192.168.0.12">192.168.0.12</a><br>Mar 31 19:40:03 nebu pluto[22614]: | peer client protocol/port is 17/49729<br>Mar 31 19:40:03 nebu pluto[22614]: | our client is <a href="http://82.233.255.121">82.233.255.121</a><br>
Mar 31 19:40:03 nebu pluto[22614]: | our client protocol/port is 17/1701<br>Mar 31 19:40:03 nebu pluto[22614]: | find_client_connection starting with iphone<br>Mar 31 19:40:03 nebu pluto[22614]: | looking for <a href="http://82.233.255.121/32:17/1701">82.233.255.121/32:17/1701</a> -> <a href="http://192.168.0.12/32:17/49729">192.168.0.12/32:17/49729</a><br>
Mar 31 19:40:03 nebu pluto[22614]: | concrete checking against sr#0 <a href="http://10.199.37.2/32">10.199.37.2/32</a> -> <a href="http://192.168.0.12/32">192.168.0.12/32</a><br>Mar 31 19:40:03 nebu pluto[22614]: | match_id a=<a href="http://192.168.0.12">192.168.0.12</a><br>
Mar 31 19:40:03 nebu pluto[22614]: | b=<a href="http://192.168.0.12">192.168.0.12</a><br>Mar 31 19:40:03 nebu pluto[22614]: | results matched<br>Mar 31 19:40:03 nebu pluto[22614]: | trusted_ca called with a=(empty) b=(empty)<br>
Mar 31 19:40:03 nebu pluto[22614]: | fc_try concluding with none [0]<br>Mar 31 19:40:03 nebu pluto[22614]: | fc_try iphone gives none<br>Mar 31 19:40:03 nebu pluto[22614]: | find_host_pair: comparing to <a href="http://10.199.37.2:500">10.199.37.2:500</a> XX.XX.XX.XX:500 <br>
Mar 31 19:40:03 nebu pluto[22614]: | find_host_pair: comparing to <a href="http://10.199.37.2:500">10.199.37.2:500</a> <a href="http://0.0.0.0:500">0.0.0.0:500</a> <br>Mar 31 19:40:03 nebu pluto[22614]: | checking hostpair <a href="http://10.199.37.2/32">10.199.37.2/32</a> -> <a href="http://192.168.0.12/32">192.168.0.12/32</a> is found<br>
Mar 31 19:40:03 nebu pluto[22614]: | match_id a=<a href="http://192.168.0.12">192.168.0.12</a><br>Mar 31 19:40:03 nebu pluto[22614]: | b=(none)<br>Mar 31 19:40:03 nebu pluto[22614]: | results matched<br>
Mar 31 19:40:03 nebu pluto[22614]: | trusted_ca called with a=(empty) b=(empty)<br>Mar 31 19:40:03 nebu pluto[22614]: | fc_try trying iphone:<a href="http://82.233.255.121/32:17/1701">82.233.255.121/32:17/1701</a> -> <a href="http://192.168.0.12/32:17/49701">192.168.0.12/32:17/49701</a> vs iphone:<a href="http://10.199.37.2/32:17/1701">10.199.37.2/32:17/1701</a> -> <a href="http://0.0.0.0/32:17/0">0.0.0.0/32:17/0</a><br>
Mar 31 19:40:03 nebu pluto[22614]: | fc_try concluding with none [0]<br>Mar 31 19:40:03 nebu pluto[22614]: | match_id a=<a href="http://192.168.0.12">192.168.0.12</a><br>Mar 31 19:40:03 nebu pluto[22614]: | b=(none)<br>
Mar 31 19:40:03 nebu pluto[22614]: | results matched<br>Mar 31 19:40:03 nebu pluto[22614]: | trusted_ca called with a=(empty) b=(empty)<br>Mar 31 19:40:03 nebu pluto[22614]: | fc_try_oppo trying iphone:<a href="http://82.233.255.121/32">82.233.255.121/32</a> -> <a href="http://192.168.0.12/32">192.168.0.12/32</a> vs iphone:<a href="http://10.199.37.2/32">10.199.37.2/32</a> -> <a href="http://0.0.0.0/32">0.0.0.0/32</a><br>
Mar 31 19:40:03 nebu pluto[22614]: | fc_try_oppo concluding with none [0]<br>Mar 31 19:40:03 nebu pluto[22614]: | concluding with d = none<br>Mar 31 19:40:03 nebu pluto[22614]: | using (something) old for transport mode connection "iphone"<br>
Mar 31 19:40:03 nebu pluto[22614]: | duplicating state object #5<br>Mar 31 19:40:03 nebu pluto[22614]: | creating state object #6 at 0x80febe0<br>Mar 31 19:40:03 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>
Mar 31 19:40:03 nebu pluto[22614]: | ICOOKIE: 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:03 nebu pluto[22614]: | RCOOKIE: 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:03 nebu pluto[22614]: | peer: 52 ee e3 25<br>Mar 31 19:40:03 nebu pluto[22614]: | state hash entry 12<br>
Mar 31 19:40:03 nebu pluto[22614]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #6<br>Mar 31 19:40:03 nebu pluto[22614]: | ****parse IPsec DOI SIT:<br>Mar 31 19:40:03 nebu pluto[22614]: | IPsec DOI SIT: SIT_IDENTITY_ONLY<br>
Mar 31 19:40:03 nebu pluto[22614]: | ****parse ISAKMP Proposal Payload:<br>Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>Mar 31 19:40:03 nebu pluto[22614]: | length: 116<br>Mar 31 19:40:03 nebu pluto[22614]: | proposal number: 1<br>
Mar 31 19:40:03 nebu pluto[22614]: | protocol ID: PROTO_IPSEC_ESP<br>Mar 31 19:40:03 nebu pluto[22614]: | SPI size: 4<br>Mar 31 19:40:03 nebu pluto[22614]: | number of transforms: 4<br>Mar 31 19:40:03 nebu pluto[22614]: | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI<br>
Mar 31 19:40:03 nebu pluto[22614]: | SPI 01 5f 68 50<br>Mar 31 19:40:03 nebu pluto[22614]: | *****parse ISAKMP Transform Payload (ESP):<br>Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_T<br>Mar 31 19:40:03 nebu pluto[22614]: | length: 28<br>
Mar 31 19:40:03 nebu pluto[22614]: | transform number: 1<br>Mar 31 19:40:03 nebu pluto[22614]: | transform ID: ESP_AES<br>Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:<br>Mar 31 19:40:03 nebu pluto[22614]: | af+type: SA_LIFE_TYPE<br>
Mar 31 19:40:03 nebu pluto[22614]: | length/value: 1<br>Mar 31 19:40:03 nebu pluto[22614]: | [1 is SA_LIFE_TYPE_SECONDS]<br>Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:<br>Mar 31 19:40:03 nebu pluto[22614]: | af+type: SA_LIFE_DURATION<br>
Mar 31 19:40:03 nebu pluto[22614]: | length/value: 3600<br>Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:<br>Mar 31 19:40:03 nebu pluto[22614]: | af+type: ENCAPSULATION_MODE<br>Mar 31 19:40:03 nebu pluto[22614]: | length/value: 4<br>
Mar 31 19:40:03 nebu pluto[22614]: | [4 is ENCAPSULATION_MODE_UDP_TRANSPORT]<br>Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:<br>Mar 31 19:40:03 nebu pluto[22614]: | af+type: KEY_LENGTH<br>
Mar 31 19:40:03 nebu pluto[22614]: | length/value: 128<br>Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:<br>Mar 31 19:40:03 nebu pluto[22614]: | af+type: AUTH_ALGORITHM<br>Mar 31 19:40:03 nebu pluto[22614]: | length/value: 2<br>
Mar 31 19:40:03 nebu pluto[22614]: | [2 is AUTH_ALGORITHM_HMAC_SHA1]<br>Mar 31 19:40:03 nebu pluto[22614]: | 0: w->pcw_dead: 0 w->pcw_work: 0 cnt: 1<br>Mar 31 19:40:03 nebu pluto[22614]: | asking helper 0 to do build_nonce op on seq: 6<br>
Mar 31 19:40:03 nebu pluto[22614]: | inserting event EVENT_CRYPTO_FAILED, timeout in 300 seconds for #6<br>Mar 31 19:40:03 nebu pluto[22614]: | complete state transition with STF_SUSPEND<br>Mar 31 19:40:03 nebu pluto[22614]: | next event EVENT_NAT_T_KEEPALIVE in 12 seconds<br>
Mar 31 19:40:03 nebu pluto[22614]: | helper 0 has work (cnt now 0)<br>Mar 31 19:40:03 nebu pluto[22614]: | helper 0 replies to sequence 6<br>Mar 31 19:40:03 nebu pluto[22614]: | calling callback function 0x806b0a0<br>Mar 31 19:40:03 nebu pluto[22614]: | quick inI1_outR1: calculated ke+nonce, sending R1<br>
Mar 31 19:40:03 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:03 nebu pluto[22614]: | **emit ISAKMP Message:<br>Mar 31 19:40:03 nebu pluto[22614]: | initiator cookie:<br>Mar 31 19:40:03 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>
Mar 31 19:40:03 nebu pluto[22614]: | responder cookie:<br>Mar 31 19:40:03 nebu pluto[22614]: | 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_HASH<br>Mar 31 19:40:03 nebu pluto[22614]: | ISAKMP version: ISAKMP Version 1.0<br>
Mar 31 19:40:03 nebu pluto[22614]: | exchange type: ISAKMP_XCHG_QUICK<br>Mar 31 19:40:03 nebu pluto[22614]: | flags: ISAKMP_FLAG_ENCRYPTION<br>Mar 31 19:40:03 nebu pluto[22614]: | message ID: bb b5 56 85<br>Mar 31 19:40:03 nebu pluto[22614]: | ***emit ISAKMP Hash Payload:<br>
Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_SA<br>Mar 31 19:40:03 nebu pluto[22614]: | emitting 20 zero bytes of HASH into ISAKMP Hash Payload<br>Mar 31 19:40:03 nebu pluto[22614]: | emitting length of ISAKMP Hash Payload: 24<br>
Mar 31 19:40:03 nebu pluto[22614]: | ***emit ISAKMP Security Association Payload:<br>Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONCE<br>Mar 31 19:40:03 nebu pluto[22614]: | DOI: ISAKMP_DOI_IPSEC<br>
Mar 31 19:40:03 nebu pluto[22614]: | ****parse IPsec DOI SIT:<br>Mar 31 19:40:03 nebu pluto[22614]: | IPsec DOI SIT: SIT_IDENTITY_ONLY<br>Mar 31 19:40:03 nebu pluto[22614]: | ****parse ISAKMP Proposal Payload:<br>Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>
Mar 31 19:40:03 nebu pluto[22614]: | length: 116<br>Mar 31 19:40:03 nebu pluto[22614]: | proposal number: 1<br>Mar 31 19:40:03 nebu pluto[22614]: | protocol ID: PROTO_IPSEC_ESP<br>Mar 31 19:40:03 nebu pluto[22614]: | SPI size: 4<br>
Mar 31 19:40:03 nebu pluto[22614]: | number of transforms: 4<br>Mar 31 19:40:03 nebu pluto[22614]: | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI<br>Mar 31 19:40:03 nebu pluto[22614]: | SPI 01 5f 68 50<br>Mar 31 19:40:03 nebu pluto[22614]: | *****parse ISAKMP Transform Payload (ESP):<br>
Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_T<br>Mar 31 19:40:03 nebu pluto[22614]: | length: 28<br>Mar 31 19:40:03 nebu pluto[22614]: | transform number: 1<br>Mar 31 19:40:03 nebu pluto[22614]: | transform ID: ESP_AES<br>
Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:<br>Mar 31 19:40:03 nebu pluto[22614]: | af+type: SA_LIFE_TYPE<br>Mar 31 19:40:03 nebu pluto[22614]: | length/value: 1<br>Mar 31 19:40:03 nebu pluto[22614]: | [1 is SA_LIFE_TYPE_SECONDS]<br>
Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:<br>Mar 31 19:40:03 nebu pluto[22614]: | af+type: SA_LIFE_DURATION<br>Mar 31 19:40:03 nebu pluto[22614]: | length/value: 3600<br>Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:<br>
Mar 31 19:40:03 nebu pluto[22614]: | af+type: ENCAPSULATION_MODE<br>Mar 31 19:40:03 nebu pluto[22614]: | length/value: 4<br>Mar 31 19:40:03 nebu pluto[22614]: | [4 is ENCAPSULATION_MODE_UDP_TRANSPORT]<br>Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:<br>
Mar 31 19:40:03 nebu pluto[22614]: | af+type: KEY_LENGTH<br>Mar 31 19:40:03 nebu pluto[22614]: | length/value: 128<br>Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:<br>Mar 31 19:40:03 nebu pluto[22614]: | af+type: AUTH_ALGORITHM<br>
Mar 31 19:40:03 nebu pluto[22614]: | length/value: 2<br>Mar 31 19:40:03 nebu pluto[22614]: | [2 is AUTH_ALGORITHM_HMAC_SHA1]<br>Mar 31 19:40:03 nebu pluto[22614]: | ****emit IPsec DOI SIT:<br>Mar 31 19:40:03 nebu pluto[22614]: | IPsec DOI SIT: SIT_IDENTITY_ONLY<br>
Mar 31 19:40:03 nebu pluto[22614]: | ****emit ISAKMP Proposal Payload:<br>Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>Mar 31 19:40:03 nebu pluto[22614]: | proposal number: 1<br>Mar 31 19:40:03 nebu pluto[22614]: | protocol ID: PROTO_IPSEC_ESP<br>
Mar 31 19:40:03 nebu pluto[22614]: | SPI size: 4<br>Mar 31 19:40:03 nebu pluto[22614]: | number of transforms: 1<br>Mar 31 19:40:03 nebu pluto[22614]: | netlink_get_spi: allocated 0x3f3ead76 for <a href="mailto:esp.0@10.199.37.2">esp.0@10.199.37.2</a><br>
Mar 31 19:40:03 nebu pluto[22614]: | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload<br>Mar 31 19:40:03 nebu pluto[22614]: | SPI 3f 3e ad 76<br>Mar 31 19:40:03 nebu pluto[22614]: | *****emit ISAKMP Transform Payload (ESP):<br>
Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>Mar 31 19:40:03 nebu pluto[22614]: | transform number: 1<br>Mar 31 19:40:03 nebu pluto[22614]: | transform ID: ESP_AES<br>Mar 31 19:40:03 nebu pluto[22614]: | emitting 20 raw bytes of attributes into ISAKMP Transform Payload (ESP)<br>
Mar 31 19:40:03 nebu pluto[22614]: | attributes 80 01 00 01 80 02 0e 10 80 04 00 04 80 06 00 80<br>Mar 31 19:40:03 nebu pluto[22614]: | 80 05 00 02<br>Mar 31 19:40:03 nebu pluto[22614]: | emitting length of ISAKMP Transform Payload (ESP): 28<br>
Mar 31 19:40:03 nebu pluto[22614]: | emitting length of ISAKMP Proposal Payload: 40<br>Mar 31 19:40:03 nebu pluto[22614]: | emitting length of ISAKMP Security Association Payload: 52<br>Mar 31 19:40:03 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #6: responding to Quick Mode {msgid:8556b5bb}<br>
Mar 31 19:40:03 nebu pluto[22614]: | ***emit ISAKMP Nonce Payload:<br>Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_ID<br>Mar 31 19:40:03 nebu pluto[22614]: | emitting 16 raw bytes of Nr into ISAKMP Nonce Payload<br>
Mar 31 19:40:03 nebu pluto[22614]: | Nr 55 5f 07 15 7f 7b ac ba ac 0a 0c 1f db 8e 30 2e<br>Mar 31 19:40:03 nebu pluto[22614]: | emitting length of ISAKMP Nonce Payload: 20<br>Mar 31 19:40:03 nebu pluto[22614]: | emitting 12 raw bytes of IDci into ISAKMP Message<br>
Mar 31 19:40:03 nebu pluto[22614]: | IDci 05 00 00 0c 01 11 c2 41 c0 a8 00 0c<br>Mar 31 19:40:03 nebu pluto[22614]: | emitting 12 raw bytes of IDcr into ISAKMP Message<br>Mar 31 19:40:03 nebu pluto[22614]: | IDcr 00 00 00 0c 01 11 06 a5 52 e9 ff 79<br>
Mar 31 19:40:03 nebu pluto[22614]: | HASH(2) computed:<br>Mar 31 19:40:03 nebu pluto[22614]: | af 5d 32 d0 94 e6 b5 ea 38 a3 d8 a0 56 61 bf 4e<br>Mar 31 19:40:03 nebu pluto[22614]: | 73 36 68 2f<br>Mar 31 19:40:03 nebu pluto[22614]: | compute_proto_keymat:needed_len (after ESP enc)=16<br>
Mar 31 19:40:03 nebu pluto[22614]: | compute_proto_keymat:needed_len (after ESP auth)=36<br>Mar 31 19:40:03 nebu pluto[22614]: | KEYMAT computed:<br>Mar 31 19:40:03 nebu pluto[22614]: | 8f d9 1f 33 0a 68 04 57 dc 23 04 11 29 a9 c5 ba<br>
Mar 31 19:40:03 nebu pluto[22614]: | 3c 9f 59 1b 52 54 b5 51 9a 18 5d 05 0e 15 30 af<br>Mar 31 19:40:03 nebu pluto[22614]: | 45 1e 73 99<br>Mar 31 19:40:03 nebu pluto[22614]: | Peer KEYMAT computed:<br>Mar 31 19:40:03 nebu pluto[22614]: | 23 88 36 a3 d7 f9 3d 12 64 77 e8 27 a9 d0 22 f2<br>
Mar 31 19:40:03 nebu pluto[22614]: | 74 98 fb 1c 4a 89 e4 cf b6 83 12 04 e9 c9 d8 f3<br>Mar 31 19:40:03 nebu pluto[22614]: | 5a 27 23 56<br>Mar 31 19:40:03 nebu pluto[22614]: | install_inbound_ipsec_sa() checking if we can route<br>
Mar 31 19:40:03 nebu pluto[22614]: | route owner of "iphone"[2] XX.XX.XX.XX erouted: self; eroute owner: self<br>Mar 31 19:40:03 nebu pluto[22614]: | could_route called for iphone (kind=CK_INSTANCE)<br>Mar 31 19:40:03 nebu pluto[22614]: | looking for alg with transid: 12 keylen: 128 auth: 2 <br>
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 11 keylen: 0 auth: 1 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 11 keylen: 0 auth: 2 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 2 keylen: 8 auth: 0 <br>
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 2 keylen: 8 auth: 1 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 2 keylen: 8 auth: 2 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 3 keylen: 24 auth: 0 <br>
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 3 keylen: 24 auth: 1 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 3 keylen: 24 auth: 2 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 12 keylen: 16 auth: 0 <br>
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 12 keylen: 16 auth: 1 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 12 keylen: 16 auth: 2 <br>Mar 31 19:40:03 nebu pluto[22614]: | encrypting:<br>Mar 31 19:40:03 nebu pluto[22614]: | 01 00 00 18 af 5d 32 d0 94 e6 b5 ea 38 a3 d8 a0<br>
Mar 31 19:40:03 nebu pluto[22614]: | 56 61 bf 4e 73 36 68 2f 0a 00 00 34 00 00 00 01<br>Mar 31 19:40:03 nebu pluto[22614]: | 00 00 00 01 00 00 00 28 01 03 04 01 3f 3e ad 76<br>Mar 31 19:40:03 nebu pluto[22614]: | 00 00 00 1c 01 0c 00 00 80 01 00 01 80 02 0e 10<br>
Mar 31 19:40:03 nebu pluto[22614]: | 80 04 00 04 80 06 00 80 80 05 00 02 05 00 00 14<br>Mar 31 19:40:03 nebu pluto[22614]: | 55 5f 07 15 7f 7b ac ba ac 0a 0c 1f db 8e 30 2e<br>Mar 31 19:40:03 nebu pluto[22614]: | 05 00 00 0c 01 11 c2 41 c0 a8 00 0c 00 00 00 0c<br>
Mar 31 19:40:03 nebu pluto[22614]: | 01 11 06 a5 52 e9 ff 79<br>Mar 31 19:40:03 nebu pluto[22614]: | IV:<br>Mar 31 19:40:03 nebu pluto[22614]: | b3 81 41 80 c0 e1 af b6<br>Mar 31 19:40:03 nebu pluto[22614]: | encrypting using OAKLEY_3DES_CBC<br>
Mar 31 19:40:03 nebu pluto[22614]: | next IV: 38 57 79 b6 03 cd a4 89<br>Mar 31 19:40:03 nebu pluto[22614]: | emitting length of ISAKMP Message: 148<br>Mar 31 19:40:03 nebu pluto[22614]: | finished processing quick inI1<br>
Mar 31 19:40:03 nebu pluto[22614]: | complete state transition with STF_OK<br>Mar 31 19:40:03 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #6: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1<br>Mar 31 19:40:03 nebu pluto[22614]: | sending reply packet to XX.XX.XX.XX:4500 (from port=4500)<br>
Mar 31 19:40:03 nebu pluto[22614]: | sending 148 bytes for STATE_QUICK_R0 through eth0:4500 to XX.XX.XX.XX:4500:<br>Mar 31 19:40:03 nebu pluto[22614]: | 00 00 00 00 27 e0 47 b6 99 15 5a c1 36 a4 14 99<br>Mar 31 19:40:03 nebu pluto[22614]: | ea 0e 87 a5 08 10 20 01 bb b5 56 85 00 00 00 94<br>
Mar 31 19:40:03 nebu pluto[22614]: | b0 0c 50 e3 79 79 44 90 38 84 5b c3 95 b0 a0 65<br>Mar 31 19:40:03 nebu pluto[22614]: | b9 5e ab 43 39 ad 44 93 c4 e1 7b 4c 95 19 57 cc<br>Mar 31 19:40:03 nebu pluto[22614]: | 77 48 98 46 3a 33 69 26 b1 f9 15 e3 d5 18 fc d2<br>
Mar 31 19:40:03 nebu pluto[22614]: | af a5 26 b5 2e 2b 0c a0 56 12 3d 09 1a b1 6b 19<br>Mar 31 19:40:03 nebu pluto[22614]: | 3c 37 01 ff 10 d0 66 50 7c ff 7f 55 d3 29 34 04<br>Mar 31 19:40:03 nebu pluto[22614]: | 0a 42 c1 22 69 a0 87 08 ee 39 0a bd 51 08 f1 2a<br>
Mar 31 19:40:03 nebu pluto[22614]: | 8d 85 7c 54 76 03 23 46 3e 69 15 ff b0 89 b2 d7<br>Mar 31 19:40:03 nebu pluto[22614]: | 38 57 79 b6 03 cd a4 89<br>Mar 31 19:40:03 nebu pluto[22614]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #6<br>
Mar 31 19:40:03 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #6: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2<br>Mar 31 19:40:03 nebu pluto[22614]: | modecfg pull: noquirk policy:push not-client<br>
Mar 31 19:40:03 nebu pluto[22614]: | phase 1 is done, looking for phase 1 to unpend<br>Mar 31 19:40:03 nebu pluto[22614]: | next event EVENT_RETRANSMIT in 10 seconds for #6<br>Mar 31 19:40:03 nebu pluto[22614]: | <br>Mar 31 19:40:03 nebu pluto[22614]: | *received 60 bytes from XX.XX.XX.XX:4500 on eth0 (port=4500)<br>
Mar 31 19:40:03 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:03 nebu pluto[22614]: | 08 10 20 01 bb b5 56 85 00 00 00 3c 86 eb 9f b7<br>Mar 31 19:40:03 nebu pluto[22614]: | f6 e7 0b a8 16 55 99 a8 67 47 61 20 1f db 9c 4e<br>
Mar 31 19:40:03 nebu pluto[22614]: | 51 37 35 48 c1 1f dc 86 f8 2d 13 3d<br>Mar 31 19:40:03 nebu pluto[22614]: | **parse ISAKMP Message:<br>Mar 31 19:40:03 nebu pluto[22614]: | initiator cookie:<br>Mar 31 19:40:03 nebu pluto[22614]: | 27 e0 47 b6 99 15 5a c1<br>
Mar 31 19:40:03 nebu pluto[22614]: | responder cookie:<br>Mar 31 19:40:03 nebu pluto[22614]: | 36 a4 14 99 ea 0e 87 a5<br>Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_HASH<br>Mar 31 19:40:03 nebu pluto[22614]: | ISAKMP version: ISAKMP Version 1.0<br>
Mar 31 19:40:03 nebu pluto[22614]: | exchange type: ISAKMP_XCHG_QUICK<br>Mar 31 19:40:03 nebu pluto[22614]: | flags: ISAKMP_FLAG_ENCRYPTION<br>Mar 31 19:40:03 nebu pluto[22614]: | message ID: bb b5 56 85<br>Mar 31 19:40:03 nebu pluto[22614]: | length: 60<br>
Mar 31 19:40:03 nebu pluto[22614]: | processing packet with exchange type=ISAKMP_XCHG_QUICK (32)<br>Mar 31 19:40:03 nebu pluto[22614]: | ICOOKIE: 27 e0 47 b6 99 15 5a c1<br>Mar 31 19:40:03 nebu pluto[22614]: | RCOOKIE: 36 a4 14 99 ea 0e 87 a5<br>
Mar 31 19:40:03 nebu pluto[22614]: | peer: 52 ee e3 25<br>Mar 31 19:40:03 nebu pluto[22614]: | state hash entry 12<br>Mar 31 19:40:03 nebu pluto[22614]: | peer and cookies match on #6, provided msgid bbb55685 vs bbb55685<br>
Mar 31 19:40:03 nebu pluto[22614]: | state object #6 found, in STATE_QUICK_R1<br>Mar 31 19:40:03 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:03 nebu pluto[22614]: | received encrypted packet from XX.XX.XX.XX:4500<br>
Mar 31 19:40:03 nebu pluto[22614]: | decrypting 32 bytes using algorithm OAKLEY_3DES_CBC<br>Mar 31 19:40:03 nebu pluto[22614]: | decrypted:<br>Mar 31 19:40:03 nebu pluto[22614]: | 00 00 00 18 01 2f 6d fa 00 41 63 26 05 38 ed 8d<br>
Mar 31 19:40:03 nebu pluto[22614]: | 41 5c 9c 07 75 e9 ca 8a 00 00 00 00 00 00 00 08<br>Mar 31 19:40:03 nebu pluto[22614]: | next IV: c1 1f dc 86 f8 2d 13 3d<br>Mar 31 19:40:03 nebu pluto[22614]: | np=8 and sd=0x80e1410 <br>
Mar 31 19:40:03 nebu pluto[22614]: | ***parse ISAKMP Hash Payload:<br>Mar 31 19:40:03 nebu pluto[22614]: | next payload type: ISAKMP_NEXT_NONE<br>Mar 31 19:40:03 nebu pluto[22614]: | length: 24<br>Mar 31 19:40:03 nebu pluto[22614]: | removing 8 bytes of padding<br>
Mar 31 19:40:03 nebu pluto[22614]: | HASH(3) computed: 01 2f 6d fa 00 41 63 26 05 38 ed 8d 41 5c 9c 07<br>Mar 31 19:40:03 nebu pluto[22614]: | 75 e9 ca 8a<br>Mar 31 19:40:03 nebu pluto[22614]: | install_ipsec_sa() for #6: outbound only<br>
Mar 31 19:40:03 nebu pluto[22614]: | route owner of "iphone"[2] XX.XX.XX.XX erouted: self; eroute owner: self<br>Mar 31 19:40:03 nebu pluto[22614]: | could_route called for iphone (kind=CK_INSTANCE)<br>Mar 31 19:40:03 nebu pluto[22614]: | looking for alg with transid: 12 keylen: 128 auth: 2 <br>
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 11 keylen: 0 auth: 1 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 11 keylen: 0 auth: 2 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 2 keylen: 8 auth: 0 <br>
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 2 keylen: 8 auth: 1 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 2 keylen: 8 auth: 2 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 3 keylen: 24 auth: 0 <br>
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 3 keylen: 24 auth: 1 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 3 keylen: 24 auth: 2 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 12 keylen: 16 auth: 0 <br>
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 12 keylen: 16 auth: 1 <br>Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 12 keylen: 16 auth: 2 <br>Mar 31 19:40:03 nebu pluto[22614]: | sr for #6: erouted<br>
Mar 31 19:40:03 nebu pluto[22614]: | route owner of "iphone"[2] XX.XX.XX.XX erouted: self; eroute owner: self<br>Mar 31 19:40:03 nebu pluto[22614]: | route_and_eroute with c: iphone (next: none) ero:iphone esr:{(nil)} ro:iphone rosr:{(nil)} and state: 6<br>
Mar 31 19:40:03 nebu pluto[22614]: | eroute_connection replace eroute <a href="http://10.199.37.2/32:1701">10.199.37.2/32:1701</a> --17-> <a href="http://192.168.0.12/32:49727">192.168.0.12/32:49727</a> => <a href="mailto:esp.15f6850@XX.XX.XX.XX">esp.15f6850@XX.XX.XX.XX</a> (raw_eroute)<br>
Mar 31 19:40:03 nebu pluto[22614]: | route_and_eroute: firewall_notified: true<br>Mar 31 19:40:03 nebu pluto[22614]: | route_and_eroute: instance "iphone"[2] XX.XX.XX.XX, setting eroute_owner {spd=0x80fd13c,sr=0x80fd13c} to #6 (was #4) (newest_ipsec_sa=#4)<br>
Mar 31 19:40:03 nebu pluto[22614]: | inI2: instance iphone[2], setting newest_ipsec_sa to #6 (was #4) (spd.eroute=#6)<br>Mar 31 19:40:03 nebu pluto[22614]: | complete state transition with STF_OK<br>Mar 31 19:40:03 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #6: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2<br>
Mar 31 19:40:03 nebu pluto[22614]: | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #6<br>Mar 31 19:40:03 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #6: STATE_QUICK_R2: IPsec SA established {ESP/NAT=>0x015f6850 <0x3f3ead76 xfrm=AES_128-HMAC_SHA1 NATD=XX.XX.XX.XX:4500 DPD=none}<br>
Mar 31 19:40:03 nebu pluto[22614]: | modecfg pull: noquirk policy:push not-client<br>Mar 31 19:40:03 nebu pluto[22614]: | phase 1 is done, looking for phase 1 to unpend<br>Mar 31 19:40:03 nebu pluto[22614]: | next event EVENT_NAT_T_KEEPALIVE in 12 seconds<br>
Mar 31 19:40:15 nebu pluto[22614]: | <br>Mar 31 19:40:15 nebu pluto[22614]: | *time to handle event<br>Mar 31 19:40:15 nebu pluto[22614]: | handling event EVENT_NAT_T_KEEPALIVE<br>Mar 31 19:40:15 nebu pluto[22614]: | event after this is EVENT_PENDING_PHASE2 in 92 seconds<br>
Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>
Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:15 nebu pluto[22614]: | ka_event: send NAT-KA to XX.XX.XX.XX:4500 (state=#6)<br>Mar 31 19:40:15 nebu pluto[22614]: | sending 1 bytes for NAT-T Keep Alive through eth0:4500 to XX.XX.XX.XX:4500:<br>
Mar 31 19:40:15 nebu pluto[22614]: | ff<br>Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:15 nebu pluto[22614]: | ka_event: send NAT-KA to XX.XX.XX.XX:4500 (state=#5)<br>
Mar 31 19:40:15 nebu pluto[22614]: | sending 1 bytes for NAT-T Keep Alive through eth0:4500 to XX.XX.XX.XX:4500:<br>Mar 31 19:40:15 nebu pluto[22614]: | ff<br>Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>
Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2] XX.XX.XX.XX<br>Mar 31 19:40:15 nebu pluto[22614]: | inserting event EVENT_NAT_T_KEEPALIVE, timeout in 20 seconds<br>Mar 31 19:40:15 nebu pluto[22614]: | next event EVENT_NAT_T_KEEPALIVE in 20 seconds<br>
<br><br><br><br><div class="gmail_quote">On Mon, Mar 31, 2008 at 7:06 PM, Paul Wouters <<a href="mailto:paul@xelerance.com">paul@xelerance.com</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Mon, 31 Mar 2008, christophe yayon wrote:<br>
<br>
> I am trying to create a IPSEC/L2TP connection between an openswan 2.4.12 /<br>
> l2tpd (or xl2tp) and an iphone...<br>
<br>
</div>Unfortunately, only Americans are allowed to have the iphone, or the iphone<br>
SDK which comes with an emulator.....<br>
<div class="Ih2E3d"><br>
> I had no problem with the FIRST connection (no problem at all), but, when i<br>
> disconnect the vpn tunnel (by turning if off on the device - client) and<br>
> reconnect, it fail and get these repeated messages in my logs :<br>
<br>
</div>If you compiled with -DTRUST_PPPD_TO_DIE, you might want to try disabling<br>
that. But I don't think that is your real problem.<br>
<div class="Ih2E3d"><br>
> i need to restart ipsec service or put down (manually) the ipsec conn (ipsec<br>
> auto --down XXX)...<br>
<br>
</div>Show us the logs of openswan configured with plutodebug="controlmore"?<br>
<br>
Paul<br>
<font color="#888888">--<br>
Building and integrating Virtual Private Networks with Openswan:<br>
<a href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155" target="_blank">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a><br>
</font></blockquote></div><br><br clear="all"><br>-- <br>Christophe Yayon<br><a href="mailto:cyayon@nbux.org">cyayon@nbux.org</a>