ubuntu Wed May 5 15:04:39 UTC 2010 + _________________________ version + + ipsec --version Linux Openswan U2.6.25/K2.6.32.9 (netkey) See `ipsec --copyright' for copyright information. + _________________________ /proc/version + + cat /proc/version Linux version 2.6.32.9 (kelly@speedy) (gcc version 4.4.3 (Sourcery G++ Lite er) ) #3 PREEMPT Fri Feb 26 13:11:43 MST 2010 + _________________________ /proc/net/ipsec_eroute + + test -r /proc/net/ipsec_eroute + _________________________ netstat-rn + + head -n 100 + netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 10.64.64.64 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0 + _________________________ /proc/net/ipsec_spi + + test -r /proc/net/ipsec_spi + _________________________ /proc/net/ipsec_spigrp + + test -r /proc/net/ipsec_spigrp + _________________________ /proc/net/ipsec_tncfg + + test -r /proc/net/ipsec_tncfg + _________________________ /proc/net/pfkey + + test -r /proc/net/pfkey + cat /proc/net/pfkey sk RefCnt Rmem Wmem User Inode + _________________________ ip-xfrm-state + + ip xfrm state src 213.177.243.97 dst 10.8.11.254 proto esp spi 0x1789947e reqid 16409 mode transport replay-window 32 auth hmac(md5) 0xd361f495a680530c1c0ba7a66d5beb01 enc cbc(des3_ede) 0xa1497f974ba37397d0de08f6b014c6d1f91897d569aebafa encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x404ba705 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0xc6fcb240533bf6a6b7596d3569e157bb enc cbc(des3_ede) 0x83c4fc1166c0d43e305718e0e1c47be3c7178c3fb791fa1e encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0x9ecbb86d reqid 16409 mode transport replay-window 32 auth hmac(md5) 0xf83c06879d7bc51f3822306df5ceaf5d enc cbc(des3_ede) 0x7dc9108d89fd51367f3feeeeb5ad50c2bddefe9ef6196e94 encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0xa5ff77a0 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0xc5a76bbf5d8e5215db08af3faa2c5f13 enc cbc(des3_ede) 0xf70f2abeb5763fcbec6a23f0be55abc5f7b663cb02a99a18 encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0x13a044b9 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0xe902bd8b63dd02c35adcbde084701bba enc cbc(des3_ede) 0xaa7136c8eddb4e30378fad95637a2ef3ff72a429c260ff1a encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x22f80f8e reqid 16409 mode transport replay-window 32 auth hmac(md5) 0xac27568d40603519499bd6437fc27d88 enc cbc(des3_ede) 0x9cde42ae264f66c9563c8a4fee4a736b2e4b5ec1de897dde encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0xa5d4f152 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x546cd0bf1f8fee0e2e03ae1f185819f0 enc cbc(des3_ede) 0xa37d3e3c0ec12a66778e02a4229bb424de07a316772776f6 encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x0b6ab6b2 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x40f5ad23215889255799cd796159b39f enc cbc(des3_ede) 0x4632d7b31d4d132b78355f46b35501d2402d58875314aaca encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0xdcfafc63 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x635f873f9abf1fd95fc4515fe1575a89 enc cbc(des3_ede) 0x5a571fac93ddb7c9514e16d52f13b5f4e8cfa2f5fca8aa7d encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x4326f908 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x25d41737c02b969e64acc215c219c3da enc cbc(des3_ede) 0x658f7aa872663a2199333375b9807a8783d45f0670cfe95c encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0xeb14c240 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x4bfdcc7b7941d1ec65a1f1617dfeb58c enc cbc(des3_ede) 0xfa3736ddfdc50c0602511d77862891c54ce646e3325dd7b3 encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0xa7fa90c8 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0xa51e0459040150e6142db87fbd944506 enc cbc(des3_ede) 0x4b8a81c0f3fef568633f44edb9bd89bd2cb70809e5f0f963 encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0x93e49f5a reqid 16409 mode transport replay-window 32 auth hmac(md5) 0xe43608dca8cca6f917407fb0ec4a7e12 enc cbc(des3_ede) 0x684185507849e46e9c3a1e269b6e47038407cc010af3ca60 encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x63e0fff7 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x56138d61df8495f1e40d56d37e5dadae enc cbc(des3_ede) 0x3c646d44ccfc25e2e3a08f36b6b0bb19f8d3a2a452d37c4e encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0x67e2eaf8 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x8da435dadc505cc6ebb8114175fbeea6 enc cbc(des3_ede) 0x413fb8a2435218b7f57e42f16c9256c32dfe1a018ca99eab encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x3ea4cc6e reqid 16409 mode transport replay-window 32 auth hmac(md5) 0xce5f4f10f4dfe964f628fb64d2f9ca7f enc cbc(des3_ede) 0x84a11df9de3a3c3f419a8f4f13c03a2a1cd3f0a53bc32c37 encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0x7de4aa70 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0xabafb863917b2c7a353d096f4ad48039 enc cbc(des3_ede) 0x3c28d86122e3bde8f0fc167c065b0699a85ef52f6f32e836 encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x79171657 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x03b03b362bb8863bf88fd43eba5bf980 enc cbc(des3_ede) 0xbd3fa34f83a7b1a306f210b033c1bca19f659ca56f2a010f encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0xabaf86f0 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x1661f6665c52491373303271f53d5bf3 enc cbc(des3_ede) 0xce8868bdd93ad86c1e3e3a7ccce9dd24262ad2e0c3c35cae encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x6fb62c4f reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x4c709d988be25b465aed52c1d397586f enc cbc(des3_ede) 0xb0d817d8feaf8613c26b3f9745f999c42524ff93d6c7267d encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0xb3cd04c6 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x8c97084db67e433cc3c7ab3d2ce71e9e enc cbc(des3_ede) 0x8d73ccc7306189d47797e90f7fa79977b7b0022b9be5c315 encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x53c8e097 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x3ae409d2bf68ceaf227eb2d6a7a31f04 enc cbc(des3_ede) 0xbca24ab073ecf6fac7f5d9259707d2d1ce98250b745b337a encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0x247b75d0 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0xc8a330dc4af160f0dcb15f585b1bb2c8 enc cbc(des3_ede) 0x1187bd4e4523332db388c8c65e36a5a0233010bbd2b064ab encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x6c85f613 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x6b8eac7431a7d7ddf636401a69b8352d enc cbc(des3_ede) 0x1f1df4a8908ef4b8804e969c8ff8c7cefb8b8ab188d46a82 encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0xda796d25 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0xd74d97159ca1569f474650db8834a3e9 enc cbc(des3_ede) 0x67b690a43bd3ce76505d71c713e73cf51dfdf0986f204f93 encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x1ab95098 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x9faec179b15018c1c7d7e3bc115f6191 enc cbc(des3_ede) 0x48a7d1cd01b762d7e96cd10cf4c5cd02f386e12240832c7f encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0x2504fb97 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x34d2d1b8a182d579100a9d7aa49f26eb enc cbc(des3_ede) 0x45e09234dd1741fa20a29726ddb7a457e8f0a4420f8d555a encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x44e09c9a reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x186a294cc54d54e3b2196d7ab7662091 enc cbc(des3_ede) 0x5e0f9dfdb9dfbaf7abe30057fbe1a163cc4a3d2d8b33495e encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0xb008b3ed reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x00a4eff686a6b655280bfe69d8652bf5 enc cbc(des3_ede) 0x75f84a1a860c3a1662b57089be4bbcd9cb3cf41bd467b536 encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x72238d53 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x1ce324854f9dd3f9eb792c6aace05b68 enc cbc(des3_ede) 0x60c05a00b333c8773cc724bde1822cad2628ee1f36515d4f encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0x66b4bc3f reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x33b7e8f5dec7594275a190297e38414f enc cbc(des3_ede) 0x3653f31e7af4988af697fcf8e0af24de02c3fbd12ac50d4c encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.97 dst 10.8.11.254 proto esp spi 0x93fa7090 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0x3a6f50252f582ba6e194254fe618a523 enc cbc(des3_ede) 0x561a286ebd50127c77676ca910f2001c6c7bd93a08868d5a encap type espinudp sport 30306 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.97 proto esp spi 0x5b81b923 reqid 16409 mode transport replay-window 32 auth hmac(md5) 0xdec1b7594dacfbf26536e94d61e65db6 enc cbc(des3_ede) 0xc6c574e1b2a39000a530573a7c7ae420a1b9fc22c5835cf8 encap type espinudp sport 4500 dport 30306 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0x7b03bc46 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x74ac95ada70e3028a4993789868c77fa enc cbc(des3_ede) 0xb37d8295bf390442b16cc5fbdb0b9cc6ea3db410860b9105 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0x8fe47db2 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0xc3ad5f420622547b0c28f0973ececc43 enc cbc(des3_ede) 0x1cb46d11d1f7f50f21b0f1bfe4ba99ec16de535db7a3d084 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0xf8400fb1 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0xb972a7556d09b983fa3ef0b4a8c04b0c enc cbc(des3_ede) 0x755800af9c3be862ea84765697eb5be3841d662d0d3ac7dd encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0xe648eb9d reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x23011d646ffbd6d3d01123298ab09349 enc cbc(des3_ede) 0x1eb98200b2310fad1a52c890aee7015c2481daf6ec17b193 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0x68fdeedd reqid 16401 mode transport replay-window 32 auth hmac(md5) 0xa4e7d5341280795862e48dac78682e9f enc cbc(des3_ede) 0xd85e719ddedb5acfe604e0f44142f39453fa21dd76e1d293 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0x52c8e52b reqid 16401 mode transport replay-window 32 auth hmac(md5) 0xc554a4db5fa2eea450fa98af89ce4f22 enc cbc(des3_ede) 0x08a87c83c8e0c60f69bbf80a2f612bfbb6584552f33b61bb encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0xc4466d4a reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x634018f8163ba38054a241596ecf1531 enc cbc(des3_ede) 0x1046da1c0e2b3b23dee04b4a94e6ed867ee957db709c0249 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0x03d86f68 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x6fa02daac34fa84739d3c4534008a4a0 enc cbc(des3_ede) 0xc1c41a8f1317adf9ce3c01f6e93085f3e3a266cd5b93855a encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0x76dfd28a reqid 16401 mode transport replay-window 32 auth hmac(md5) 0xe0eee7bf3407dfdbfad108c6ad3a7cab enc cbc(des3_ede) 0x37e9f681f792e3f5b3d8dbf3cb662e08c86dc151bd82939d encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0x604ee2e8 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x4039fd9341482fa47aeba2e7e1d91324 enc cbc(des3_ede) 0x74e5b77487673d2678fd4d90d09f069b0ba059af19bd0cca encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0xbae19ce3 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x70b8dddf48af345f23e5c239afe8998a enc cbc(des3_ede) 0x7f2fc02663eeb38112cc5e600bd4be553c8007ae65a59a52 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0xfe6e0ba0 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x576e1837eea03badc89ed7b3266cbe02 enc cbc(des3_ede) 0xf9276b61642adc805b8fd2150e4f488ef1301296664b242a encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0x18223b75 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0xb1e2ab1a4a6458068943f44e76a4054d enc cbc(des3_ede) 0xc2d12cd4f5a99e9455e14352a63a2811894f62b1cc71836f encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0x49d33c82 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0xac3b43bfea9ead5fe954044dc08f72eb enc cbc(des3_ede) 0x033b1581b7915be9004cd71b25dbddeba38e60850e61e20b encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0xd2776193 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0xe90c0fa9e1e08cae03989bdb5814151f enc cbc(des3_ede) 0x95e89bd6012353d52fc07861223142305f9ec1dff8cb9fdc encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0x15034428 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x4862f658167a2fe36991b5deccd44893 enc cbc(des3_ede) 0x26218ee6e370c56676b8621b82dfe0ff2cc48f4e30ac8e56 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0x59657396 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x9e0f93c2467d684e149bcee5f30f3aed enc cbc(des3_ede) 0x8d9d5af2fce478d57cef03149b964dce9451d2b7c98c1b5b encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0x2824460d reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x48a22edaec40b6b08b501c93a1654538 enc cbc(des3_ede) 0xeb3f49a14a8d4ac59f38a0bf44bf065c5a5efc1ea58003ab encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0x0c6e547d reqid 16401 mode transport replay-window 32 auth hmac(md5) 0xb56fc55282ff69f52afd4bd1357bec80 enc cbc(des3_ede) 0x2b7b60168d65ff10220374c77d0e9d1833adfbb294b9f161 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0x07ed11a2 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0xe76478998c96a1417c6fc6addc8e3467 enc cbc(des3_ede) 0xb4149878c40bde25d4cc5d015fc08880d049ffe46b30ced4 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0x9fb61e57 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x384cff1de5a1e120613824eebeedcf26 enc cbc(des3_ede) 0x70080b1a647206f2825efa3e4effb50d9f43f8e181c6d3b1 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0x440f2673 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x1c82c0bc8c2a6ecb12be34b7b7547223 enc cbc(des3_ede) 0x7344ebad8f5df5b9f2a0b592efa2995fb8aac3b0d07a0fa8 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0x93f75c83 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x7fd2a2a156709863658902954759a27c enc cbc(des3_ede) 0x7bb2a16d3c9f4652bd42de1c2d4f1a27106d92397a8f8ba1 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0x91b02e8f reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x881949df471b708f4b899cf0278d6e55 enc cbc(des3_ede) 0xbc20a8cc535d400d0a3609e4362983d48f6a3b25ec86b3e6 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0x8bb0c9de reqid 16401 mode transport replay-window 32 auth hmac(md5) 0xa068567e62c256caff5bc498032c688e enc cbc(des3_ede) 0xb10ea682d5356f2c28daf897fec7262260ae4baa1cbddda5 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0xbe89c782 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x7db7cb0b6d041869604f45afc8cf9d64 enc cbc(des3_ede) 0x69341990a1db941dacdd839b562747e7f470a1281e425f17 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 213.177.243.100 dst 10.8.11.254 proto esp spi 0x178029f3 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0xbb70d45e189af9c3b8eeeeaf9fb17dc9 enc cbc(des3_ede) 0x1afe4902cb7b834ee5df905831410119a98fdd47dbdc790b encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 src 10.8.11.254 dst 213.177.243.100 proto esp spi 0xe67a2331 reqid 16401 mode transport replay-window 32 auth hmac(md5) 0x6e1a3f31ac63bce99d4df6a2f7911024 enc cbc(des3_ede) 0x7dd5ed43a0438580f47083632fb61043debc94a05fbe19a3 encap type espinudp sport 4500 dport 4500 addr 0.0.0.0 sel src 0.0.0.0/0 dst 0.0.0.0/0 + _________________________ ip-xfrm-policy + + ip xfrm policy src ::/0 dst ::/0 dir 4 priority 0 src ::/0 dst ::/0 dir 3 priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 dir 4 priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 dir 3 priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 dir 4 priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 dir 3 priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 dir 4 priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 dir 3 priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 dir 4 priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 dir 3 priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 dir 4 priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 dir 3 priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 dir 4 priority 0 src 0.0.0.0/0 dst 0.0.0.0/0 dir 3 priority 0 + _________________________ /proc/crypto + + test -r /proc/crypto + cat /proc/crypto name : authenc(hmac(md5),cbc(des3_ede)) driver : authenc(hmac(md5-generic),cbc(des3_ede-generic)) module : authenc priority : 0 refcnt : 62 selftest : passed type : aead async : yes blocksize : 8 ivsize : 8 maxauthsize : 16 geniv : name : cbc(des3_ede) driver : cbc(des3_ede-generic) module : kernel priority : 0 refcnt : 62 selftest : passed type : givcipher async : yes blocksize : 8 min keysize : 24 max keysize : 24 ivsize : 8 geniv : chainiv name : sha512 driver : sha512-generic module : sha512_generic priority : 0 refcnt : 1 selftest : passed type : shash blocksize : 128 digestsize : 64 name : sha384 driver : sha384-generic module : sha512_generic priority : 0 refcnt : 1 selftest : passed type : shash blocksize : 128 digestsize : 48 name : rfc3686(ctr(aes)) driver : rfc3686(ctr(aes-generic)) module : ctr priority : 100 refcnt : 1 selftest : passed type : blkcipher blocksize : 1 min keysize : 20 max keysize : 36 ivsize : 8 geniv : seqiv name : ctr(aes) driver : ctr(aes-generic) module : ctr priority : 100 refcnt : 1 selftest : passed type : blkcipher blocksize : 1 min keysize : 16 max keysize : 32 ivsize : 16 geniv : chainiv name : cbc(twofish) driver : cbc(twofish-generic) module : kernel priority : 100 refcnt : 1 selftest : passed type : blkcipher blocksize : 16 min keysize : 16 max keysize : 32 ivsize : 16 geniv : name : twofish driver : twofish-generic module : twofish priority : 100 refcnt : 1 selftest : passed type : cipher blocksize : 16 min keysize : 16 max keysize : 32 name : cbc(camellia) driver : cbc(camellia-generic) module : kernel priority : 100 refcnt : 1 selftest : passed type : blkcipher blocksize : 16 min keysize : 16 max keysize : 32 ivsize : 16 geniv : name : camellia driver : camellia-generic module : camellia priority : 100 refcnt : 1 selftest : passed type : cipher blocksize : 16 min keysize : 16 max keysize : 32 name : cbc(serpent) driver : cbc(serpent-generic) module : kernel priority : 0 refcnt : 1 selftest : passed type : blkcipher blocksize : 16 min keysize : 0 max keysize : 32 ivsize : 16 geniv : name : tnepres driver : tnepres-generic module : serpent priority : 0 refcnt : 1 selftest : passed type : cipher blocksize : 16 min keysize : 0 max keysize : 32 name : serpent driver : serpent-generic module : serpent priority : 0 refcnt : 1 selftest : passed type : cipher blocksize : 16 min keysize : 0 max keysize : 32 name : cbc(aes) driver : cbc(aes-generic) module : kernel priority : 100 refcnt : 1 selftest : passed type : blkcipher blocksize : 16 min keysize : 16 max keysize : 32 ivsize : 16 geniv : name : cbc(blowfish) driver : cbc(blowfish-generic) module : kernel priority : 0 refcnt : 1 selftest : passed type : blkcipher blocksize : 8 min keysize : 4 max keysize : 56 ivsize : 8 geniv : name : blowfish driver : blowfish-generic module : blowfish priority : 0 refcnt : 1 selftest : passed type : cipher blocksize : 8 min keysize : 4 max keysize : 56 name : cbc(cast5) driver : cbc(cast5-generic) module : kernel priority : 0 refcnt : 1 selftest : passed type : blkcipher blocksize : 8 min keysize : 5 max keysize : 16 ivsize : 8 geniv : name : cast5 driver : cast5-generic module : cast5 priority : 0 refcnt : 1 selftest : passed type : cipher blocksize : 8 min keysize : 5 max keysize : 16 name : cbc(des3_ede) driver : cbc(des3_ede-generic) module : kernel priority : 0 refcnt : 62 selftest : passed type : blkcipher blocksize : 8 min keysize : 24 max keysize : 24 ivsize : 8 geniv : name : cbc(des) driver : cbc(des-generic) module : kernel priority : 0 refcnt : 1 selftest : passed type : blkcipher blocksize : 8 min keysize : 8 max keysize : 8 ivsize : 8 geniv : name : xcbc(aes) driver : xcbc(aes-generic) module : xcbc priority : 100 refcnt : 1 selftest : passed type : shash blocksize : 16 digestsize : 16 name : hmac(rmd160) driver : hmac(rmd160-generic) module : hmac priority : 0 refcnt : 1 selftest : passed type : shash blocksize : 64 digestsize : 20 name : rmd160 driver : rmd160-generic module : rmd160 priority : 0 refcnt : 1 selftest : passed type : shash blocksize : 64 digestsize : 20 name : hmac(sha256) driver : hmac(sha256-generic) module : hmac priority : 0 refcnt : 1 selftest : passed type : shash blocksize : 64 digestsize : 32 name : sha256 driver : sha256-generic module : sha256_generic priority : 0 refcnt : 1 selftest : passed type : shash blocksize : 64 digestsize : 32 name : sha224 driver : sha224-generic module : sha256_generic priority : 0 refcnt : 1 selftest : passed type : shash blocksize : 64 digestsize : 28 name : hmac(sha1) driver : hmac(sha1-generic) module : hmac priority : 0 refcnt : 1 selftest : passed type : shash blocksize : 64 digestsize : 20 name : sha1 driver : sha1-generic module : sha1_generic priority : 0 refcnt : 1 selftest : passed type : shash blocksize : 64 digestsize : 20 name : hmac(md5) driver : hmac(md5-generic) module : hmac priority : 0 refcnt : 123 selftest : passed type : shash blocksize : 64 digestsize : 16 name : compress_null driver : compress_null-generic module : crypto_null priority : 0 refcnt : 1 selftest : passed type : compression name : digest_null driver : digest_null-generic module : crypto_null priority : 0 refcnt : 1 selftest : passed type : shash blocksize : 1 digestsize : 0 name : ecb(cipher_null) driver : ecb-cipher_null module : crypto_null priority : 100 refcnt : 1 selftest : passed type : blkcipher blocksize : 1 min keysize : 0 max keysize : 0 ivsize : 0 geniv : name : cipher_null driver : cipher_null-generic module : crypto_null priority : 0 refcnt : 1 selftest : passed type : cipher blocksize : 1 min keysize : 0 max keysize : 0 name : cbc(aes) driver : mv-cbc-aes module : mv_cesa priority : 300 refcnt : 1 selftest : passed type : ablkcipher async : yes blocksize : 16 min keysize : 16 max keysize : 32 ivsize : 16 geniv : name : ecb(aes) driver : mv-ecb-aes module : mv_cesa priority : 300 refcnt : 1 selftest : passed type : ablkcipher async : yes blocksize : 16 min keysize : 16 max keysize : 32 ivsize : 0 geniv : name : stdrng driver : krng module : kernel priority : 200 refcnt : 2 selftest : passed type : rng seedsize : 0 name : lzo driver : lzo-generic module : kernel priority : 0 refcnt : 2 selftest : passed type : compression name : crc32c driver : crc32c-generic module : kernel priority : 100 refcnt : 2 selftest : passed type : shash blocksize : 1 digestsize : 4 name : deflate driver : deflate-generic module : kernel priority : 0 refcnt : 2 selftest : passed type : compression name : arc4 driver : arc4-generic module : kernel priority : 0 refcnt : 1 selftest : passed type : cipher blocksize : 1 min keysize : 1 max keysize : 256 name : aes driver : aes-generic module : kernel priority : 100 refcnt : 1 selftest : passed type : cipher blocksize : 16 min keysize : 16 max keysize : 32 name : des3_ede driver : des3_ede-generic module : kernel priority : 0 refcnt : 62 selftest : passed type : cipher blocksize : 8 min keysize : 24 max keysize : 24 name : des driver : des-generic module : kernel priority : 0 refcnt : 1 selftest : passed type : cipher blocksize : 8 min keysize : 8 max keysize : 8 name : md5 driver : md5-generic module : kernel priority : 0 refcnt : 62 selftest : passed type : shash blocksize : 64 digestsize : 16 + __________________________/proc/sys/net/core/xfrm-star /usr/local/libexec/ipsec/barf: 1: __________________________/proc/sys/net/core/xfrm-star: not found + echo -n /proc/sys/net/core/xfrm_acq_expires: /proc/sys/net/core/xfrm_acq_expires: + cat /proc/sys/net/core/xfrm_acq_expires 30 + echo -n /proc/sys/net/core/xfrm_aevent_etime: /proc/sys/net/core/xfrm_aevent_etime: + cat /proc/sys/net/core/xfrm_aevent_etime 10 + echo -n /proc/sys/net/core/xfrm_aevent_rseqth: /proc/sys/net/core/xfrm_aevent_rseqth: + cat /proc/sys/net/core/xfrm_aevent_rseqth 2 + echo -n /proc/sys/net/core/xfrm_larval_drop: /proc/sys/net/core/xfrm_larval_drop: + cat /proc/sys/net/core/xfrm_larval_drop 1 + _________________________ /proc/sys/net/ipsec-star + + test -d /proc/sys/net/ipsec + _________________________ ipsec/status + + ipsec auto --status 000 using kernel interface: netkey 000 interface lo/lo ::1 000 interface lo/lo 127.0.0.1 000 interface lo/lo 127.0.0.1 000 interface eth0/eth0 192.168.3.1 000 interface eth0/eth0 192.168.3.1 000 interface ppp0/ppp0 10.8.11.254 000 interface ppp0/ppp0 10.8.11.254 000 %myid = (none) 000 debug none 000 000 virtual_private (%priv): 000 - allowed 0 subnets: 000 - disallowed 0 subnets: 000 WARNING: Either virtual_private= was not specified, or there was a syntax 000 error in that line. 'left/rightsubnet=%priv' will not work! 000 000 algorithm ESP encrypt: id=2, name=ESP_DES, ivlen=8, keysizemin=64, keysizemax=64 000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=8, keysizemin=192, keysizemax=192 000 algorithm ESP encrypt: id=6, name=ESP_CAST, ivlen=8, keysizemin=40, keysizemax=128 000 algorithm ESP encrypt: id=7, name=ESP_BLOWFISH, ivlen=8, keysizemin=40, keysizemax=448 000 algorithm ESP encrypt: id=11, name=ESP_NULL, ivlen=0, keysizemin=0, keysizemax=0 000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=8, keysizemin=128, keysizemax=256 000 algorithm ESP encrypt: id=13, name=ESP_AES_CTR, ivlen=8, keysizemin=128, keysizemax=256 000 algorithm ESP encrypt: id=14, name=ESP_AES_CCM_A, ivlen=8, keysizemin=128, keysizemax=256 000 algorithm ESP encrypt: id=15, name=ESP_AES_CCM_B, ivlen=8, keysizemin=128, keysizemax=256 000 algorithm ESP encrypt: id=16, name=ESP_AES_CCM_C, ivlen=8, keysizemin=128, keysizemax=256 000 algorithm ESP encrypt: id=18, name=ESP_AES_GCM_A, ivlen=8, keysizemin=128, keysizemax=256 000 algorithm ESP encrypt: id=19, name=ESP_AES_GCM_B, ivlen=8, keysizemin=128, keysizemax=256 000 algorithm ESP encrypt: id=20, name=ESP_AES_GCM_C, ivlen=8, keysizemin=128, keysizemax=256 000 algorithm ESP encrypt: id=22, name=ESP_CAMELLIA, ivlen=8, keysizemin=128, keysizemax=256 000 algorithm ESP encrypt: id=252, name=ESP_SERPENT, ivlen=8, keysizemin=128, keysizemax=256 000 algorithm ESP encrypt: id=253, name=ESP_TWOFISH, ivlen=8, keysizemin=128, keysizemax=256 000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128 000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160 000 algorithm ESP auth attr: id=5, name=AUTH_ALGORITHM_HMAC_SHA2_256, keysizemin=256, keysizemax=256 000 algorithm ESP auth attr: id=8, name=AUTH_ALGORITHM_HMAC_RIPEMD, keysizemin=160, keysizemax=160 000 algorithm ESP auth attr: id=9, name=AUTH_ALGORITHM_AES_CBC, keysizemin=128, keysizemax=128 000 algorithm ESP auth attr: id=251, name=(null), keysizemin=0, keysizemax=0 000 000 algorithm IKE encrypt: id=0, name=(null), blocksize=16, keydeflen=131 000 algorithm IKE encrypt: id=3, name=OAKLEY_BLOWFISH_CBC, blocksize=8, keydeflen=128 000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192 000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128 000 algorithm IKE encrypt: id=65004, name=OAKLEY_SERPENT_CBC, blocksize=16, keydeflen=128 000 algorithm IKE encrypt: id=65005, name=OAKLEY_TWOFISH_CBC, blocksize=16, keydeflen=128 000 algorithm IKE encrypt: id=65289, name=OAKLEY_TWOFISH_CBC_SSH, blocksize=16, keydeflen=128 000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16 000 algorithm IKE hash: id=2, name=OAKLEY_SHA1, hashsize=20 000 algorithm IKE hash: id=4, name=OAKLEY_SHA2_256, hashsize=32 000 algorithm IKE hash: id=6, name=OAKLEY_SHA2_512, hashsize=64 000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024 000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536 000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048 000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072 000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096 000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144 000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192 000 000 stats db_ops: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0} 000 000 "L2TP-PSK-NAT": 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64...%virtual[+S=C]:17/0===?; unrouted; eroute owner: #0 000 "L2TP-PSK-NAT": myip=unset; hisip=unset; 000 "L2TP-PSK-NAT": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3 000 "L2TP-PSK-NAT": policy: PSK+ENCRYPT+DONTREKEY+IKEv2ALLOW+lKOD+rKOD; prio: 32,32; interface: ppp0; 000 "L2TP-PSK-NAT": newest ISAKMP SA: #0; newest IPsec SA: #0; 000 "L2TP-PSK-NAT"[3]: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64...213.177.243.100[+S=C]:17/0; unrouted; eroute owner: #0 000 "L2TP-PSK-NAT"[3]: myip=unset; hisip=unset; 000 "L2TP-PSK-NAT"[3]: ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3 000 "L2TP-PSK-NAT"[3]: policy: PSK+ENCRYPT+DONTREKEY+IKEv2ALLOW+lKOD+rKOD; prio: 32,32; interface: ppp0; 000 "L2TP-PSK-NAT"[3]: newest ISAKMP SA: #0; newest IPsec SA: #0; 000 "L2TP-PSK-NAT"[5]: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64...213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0; unrouted; eroute owner: #0 000 "L2TP-PSK-NAT"[5]: myip=unset; hisip=unset; 000 "L2TP-PSK-NAT"[5]: ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3 000 "L2TP-PSK-NAT"[5]: policy: PSK+ENCRYPT+DONTREKEY+IKEv2ALLOW+lKOD+rKOD; prio: 32,32; interface: ppp0; 000 "L2TP-PSK-NAT"[5]: newest ISAKMP SA: #0; newest IPsec SA: #0; 000 "L2TP-PSK-noNAT": 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64...%any[+S=C]:17/0; unrouted; eroute owner: #0 000 "L2TP-PSK-noNAT": myip=unset; hisip=unset; 000 "L2TP-PSK-noNAT": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3 000 "L2TP-PSK-noNAT": policy: PSK+ENCRYPT+DONTREKEY+IKEv2ALLOW+lKOD+rKOD; prio: 32,32; interface: ppp0; 000 "L2TP-PSK-noNAT": newest ISAKMP SA: #0; newest IPsec SA: #0; 000 000 #58: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2556s; isakmp#57; idle; import:not set 000 #58: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.8bb0c9de@213.177.243.100 esp.be89c782@10.8.11.254 ref=0 refhim=4294901761 000 #79: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2575s; isakmp#78; idle; import:not set 000 #79: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.68fdeedd@213.177.243.100 esp.52c8e52b@10.8.11.254 ref=0 refhim=4294901761 000 #56: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2554s; isakmp#53; idle; import:not set 000 #56: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.e67a2331@213.177.243.100 esp.178029f3@10.8.11.254 ref=0 refhim=4294901761 000 #60: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2558s; isakmp#59; idle; import:not set 000 #60: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.93f75c83@213.177.243.100 esp.91b02e8f@10.8.11.254 ref=0 refhim=4294901761 000 #64: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2560s; isakmp#63; idle; import:not set 000 #64: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.c6e547d@213.177.243.100 esp.7ed11a2@10.8.11.254 ref=0 refhim=4294901761 000 #62: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2559s; isakmp#61; idle; import:not set 000 #62: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.9fb61e57@213.177.243.100 esp.440f2673@10.8.11.254 ref=0 refhim=4294901761 000 #84: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2579s; isakmp#82; idle; import:not set 000 #84: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.7b03bc46@213.177.243.100 esp.8fe47db2@10.8.11.254 ref=0 refhim=4294901761 000 #70: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2565s; isakmp#69; idle; import:not set 000 #70: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.18223b75@213.177.243.100 esp.49d33c82@10.8.11.254 ref=0 refhim=4294901761 000 #75: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2571s; isakmp#73; idle; import:not set 000 #75: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.76dfd28a@213.177.243.100 esp.604ee2e8@10.8.11.254 ref=0 refhim=4294901761 000 #66: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2561s; isakmp#65; idle; import:not set 000 #66: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.59657396@213.177.243.100 esp.2824460d@10.8.11.254 ref=0 refhim=4294901761 000 #77: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2573s; isakmp#76; idle; import:not set 000 #77: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.c4466d4a@213.177.243.100 esp.3d86f68@10.8.11.254 ref=0 refhim=4294901761 000 #68: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2563s; isakmp#67; idle; import:not set 000 #68: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.d2776193@213.177.243.100 esp.15034428@10.8.11.254 ref=0 refhim=4294901761 000 #72: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2569s; isakmp#71; idle; import:not set 000 #72: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.bae19ce3@213.177.243.100 esp.fe6e0ba0@10.8.11.254 ref=0 refhim=4294901761 000 #81: "L2TP-PSK-NAT"[3] 213.177.243.100:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 2576s; isakmp#80; idle; import:not set 000 #81: "L2TP-PSK-NAT"[3] 213.177.243.100 esp.f8400fb1@213.177.243.100 esp.e648eb9d@10.8.11.254 ref=0 refhim=4294901761 000 #104: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3373s; isakmp#103; idle; import:not set 000 #104: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.44e09c9a@213.177.243.97 esp.b008b3ed@10.8.11.254 ref=0 refhim=4294901761 000 #122: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3387s; isakmp#121; idle; import:not set 000 #122: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.a7fa90c8@213.177.243.97 esp.93e49f5a@10.8.11.254 ref=0 refhim=4294901761 000 #113: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3380s; isakmp#112; idle; import:not set 000 #113: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.6fb62c4f@213.177.243.97 esp.b3cd04c6@10.8.11.254 ref=0 refhim=4294901761 000 #127: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3390s; isakmp#126; idle; import:not set 000 #127: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.b6ab6b2@213.177.243.97 esp.dcfafc63@10.8.11.254 ref=0 refhim=4294901761 000 #106: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3374s; isakmp#105; idle; import:not set 000 #106: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.1ab95098@213.177.243.97 esp.2504fb97@10.8.11.254 ref=0 refhim=4294901761 000 #133: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3396s; isakmp#132; idle; import:not set 000 #133: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.404ba705@213.177.243.97 esp.9ecbb86d@10.8.11.254 ref=0 refhim=4294901761 000 #109: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3377s; isakmp#107; idle; import:not set 000 #109: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.6c85f613@213.177.243.97 esp.da796d25@10.8.11.254 ref=0 refhim=4294901761 000 #129: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3393s; isakmp#128; idle; import:not set 000 #129: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.22f80f8e@213.177.243.97 esp.a5d4f152@10.8.11.254 ref=0 refhim=4294901761 000 #120: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3385s; isakmp#119; idle; import:not set 000 #120: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.63e0fff7@213.177.243.97 esp.67e2eaf8@10.8.11.254 ref=0 refhim=4294901761 000 #102: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3372s; isakmp#101; idle; import:not set 000 #102: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.72238d53@213.177.243.97 esp.66b4bc3f@10.8.11.254 ref=0 refhim=4294901761 000 #100: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3370s; isakmp#99; idle; import:not set 000 #100: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.5b81b923@213.177.243.97 esp.93fa7090@10.8.11.254 ref=0 refhim=4294901761 000 #115: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3382s; isakmp#114; idle; import:not set 000 #115: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.79171657@213.177.243.97 esp.abaf86f0@10.8.11.254 ref=0 refhim=4294901761 000 #125: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3389s; isakmp#123; idle; import:not set 000 #125: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.4326f908@213.177.243.97 esp.eb14c240@10.8.11.254 ref=0 refhim=4294901761 000 #118: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3383s; isakmp#116; idle; import:not set 000 #118: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.3ea4cc6e@213.177.243.97 esp.7de4aa70@10.8.11.254 ref=0 refhim=4294901761 000 #147: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R1 (sent QR1, inbound IPsec SA installed, expecting QI2); EVENT_RETRANSMIT in 35s; nodpd; idle; import:not set 000 #131: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3394s; isakmp#130; idle; import:not set 000 #131: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.a5ff77a0@213.177.243.97 esp.13a044b9@10.8.11.254 ref=0 refhim=4294901761 000 #111: "L2TP-PSK-NAT"[5] 213.177.243.97:30306 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_EXPIRE in 3379s; isakmp#110; idle; import:not set 000 #111: "L2TP-PSK-NAT"[5] 213.177.243.97 esp.53c8e097@213.177.243.97 esp.247b75d0@10.8.11.254 ref=0 refhim=4294901761 000 + _________________________ ifconfig-a + + ifconfig -a eth0 Link encap:Ethernet HWaddr 00:50:43:01:62:25 inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0 inet6 addr: fe80::250:43ff:fe01:6225/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3679 errors:0 dropped:0 overruns:0 frame:0 TX packets:2371 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:424462 (424.4 KB) TX bytes:280198 (280.1 KB) Interrupt:11 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:82 errors:0 dropped:0 overruns:0 frame:0 TX packets:82 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:6456 (6.4 KB) TX bytes:6456 (6.4 KB) ppp0 Link encap:Point-to-Point Protocol inet addr:10.8.11.254 P-t-P:10.64.64.64 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:761 errors:0 dropped:0 overruns:0 frame:0 TX packets:4109 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:392297 (392.2 KB) TX bytes:257860 (257.8 KB) + _________________________ ip-addr-list + + ip addr list 1: lo: mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: mtu 1500 qdisc mq state UP qlen 1000 link/ether 00:50:43:01:62:25 brd ff:ff:ff:ff:ff:ff inet 192.168.3.1/24 brd 192.168.3.255 scope global eth0 inet6 fe80::250:43ff:fe01:6225/64 scope link valid_lft forever preferred_lft forever 4: ppp0: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 3 link/ppp inet 10.8.11.254 peer 10.64.64.64/32 scope global ppp0 + _________________________ ip-route-list + + ip route list 10.64.64.64 dev ppp0 proto kernel scope link src 10.8.11.254 192.168.3.0/24 dev eth0 proto kernel scope link src 192.168.3.1 default dev ppp0 scope link + _________________________ ip-rule-list + + ip rule list RTNETLINK answers: Operation not supported Dump terminated + _________________________ ipsec_verify + + ipsec verify --nocolour Checking your system to see if IPsec got installed and started correctly: Version check and ipsec on-path [OK] Linux Openswan U2.6.25/K2.6.32.9 (netkey) Checking for IPsec support in kernel [OK] NETKEY detected, testing for disabled ICMP send_redirects [FAILED] Please disable /proc/sys/net/ipv4/conf/*/send_redirects or NETKEY will cause the sending of bogus ICMP redirects! NETKEY detected, testing for disabled ICMP accept_redirects [FAILED] Please disable /proc/sys/net/ipv4/conf/*/accept_redirects or NETKEY will accept bogus ICMP redirects! Checking for RSA private key (/etc/ipsec.secrets) [OK] Checking that pluto is running [OK] Pluto listening for IKE on udp 500 [OK] Pluto listening for NAT-T on udp 4500 [OK] Two or more interfaces found, checking IP forwarding [OK] Checking NAT and MASQUERADEing [OK] Checking for 'ip' command [OK] Checking for 'iptables' command [OK] Opportunistic Encryption Support [DISABLED] + _________________________ mii-tool + + [ -x /sbin/mii-tool ] + /sbin/mii-tool -v eth0: negotiated 100baseTx-FD, link ok product info: vendor 00:50:43, model 36 rev 0 basic mode: autonegotiation enabled basic status: autonegotiation complete, link ok capabilities: 1000baseT-FD 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD link partner: 1000baseT-FD 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control + _________________________ ipsec/directory + + ipsec --directory /usr/local/lib/ipsec + _________________________ hostname/fqdn + + hostname --fqdn ubuntu + _________________________ hostname/ipaddress + + hostname --ip-address 127.0.0.1 + _________________________ uptime + + uptime 15:04:41 up 1 day, 1:10, 1 user, load average: 0.57, 0.31, 0.14 + _________________________ ps + + egrep -i ppid|pluto|ipsec|klips + ps alxwf F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND 0 0 3913 2133 20 0 1584 524 wait S+ ttyS0 0:00 \_ /bin/sh /usr/local/libexec/ipsec/barf 0 0 4007 3913 20 0 1884 568 pipe_w S+ ttyS0 0:00 \_ egrep -i ppid|pluto|ipsec|klips 1 0 3747 1 20 0 1584 188 wait S ttyS0 0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug --uniqueids yes --force_busy no --nocrsend no --strictcrlpolicy no --nat_traversal yes --keep_alive --protostack auto --force_keepalive no --disable_port_floating no --virtual_private --crlcheckinterval 0 --ocspuri --nhelpers 0 --dump --opts --stderrlog --wait no --pre --post --log daemon.error --plutorestartoncrash true --pid /var/run/pluto/pluto.pid 1 0 3751 3747 20 0 1584 224 wait S ttyS0 0:00 \_ /bin/sh /usr/local/lib/ipsec/_plutorun --debug --uniqueids yes --force_busy no --nocrsend no --strictcrlpolicy no --nat_traversal yes --keep_alive --protostack auto --force_keepalive no --disable_port_floating no --virtual_private --crlcheckinterval 0 --ocspuri --nhelpers 0 --dump --opts --stderrlog --wait no --pre --post --log daemon.error --plutorestartoncrash true --pid /var/run/pluto/pluto.pid 4 0 3753 3751 20 0 3308 1720 poll_s S ttyS0 0:02 | \_ /usr/local/libexec/ipsec/pluto --nofork --secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec.d --use-auto --uniqueids --nat_traversal --nhelpers 0 0 0 3781 3753 20 0 1448 300 poll_s S ttyS0 0:00 | \_ _pluto_adns 0 0 3752 3747 20 0 1584 508 pipe_w S ttyS0 0:00 \_ /bin/sh /usr/local/lib/ipsec/_plutoload --wait no --post 0 0 3748 1 20 0 1504 536 pipe_w S ttyS0 0:00 logger -s -p daemon.error -t ipsec__plutorun + _________________________ ipsec/showdefaults + + ipsec showdefaults ipsec showdefaults: cannot find defaults file `/var/run/pluto/ipsec.info' + _________________________ ipsec/conf + + ipsec _keycensor + ipsec _include /etc/ipsec.conf #< /etc/ipsec.conf 1 # /etc/ipsec.conf - Openswan IPsec configuration file # RCSID $Id: ipsec.conf.in,v 1.15.2.6 2006-10-19 03:49:46 paul Exp $ # This file: /usr/share/doc/openswan/ipsec.conf-sample # # Manual: ipsec.conf.5 version 2.0 # conforms to second version of ipsec.conf specification # basic configuration config setup # plutodebug / klipsdebug = "all", "none" or a combation from below: # "raw crypt parsing emitting control klips pfkey natt x509 private" # eg: plutodebug="control parsing" # # ONLY enable plutodebug=all or klipsdebug=all if you are a developer !! # # NAT-TRAVERSAL support, see README.NAT-Traversal nat_traversal=yes #virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.3.0/24,%v4:!192.168.19.0/24 # # enable this if you see "failed to find any available worker" nhelpers=0 # Add connections here #conn L2TP-CERT # left=192.168.3.1 # rightsubnet=vhost:%no,%priv # sample VPN connections, see /etc/ipsec.d/examples/ #Disable Opportunistic Encryption #< /etc/ipsec.d/examples/no_oe.conf 1 # 'include' this file to disable Opportunistic Encryption. # See /usr/share/doc/openswan/policygroups.html for details. # # RCSID $Id: no_oe.conf.in,v 1.2 2004-10-03 19:33:10 paul Exp $ conn block auto=ignore conn private auto=ignore conn private-or-clear auto=ignore conn clear-or-private auto=ignore conn clear auto=ignore conn packetdefault auto=ignore #> /etc/ipsec.conf 37 #< /etc/ipsec.d/l2tp-psk.conf 1 conn L2TP-PSK-NAT rightsubnet=vhost:%priv also=L2TP-PSK-noNAT conn L2TP-PSK-noNAT # # Configuration for one user with any type of IPsec/L2TP client # including the updated Windows 2000/XP (MS KB Q818043), but # excluding the non-updated Windows 2000/XP. # # # Use a Preshared Key. Disable Perfect Forward Secrecy. # # PreSharedSecret needs to be specified in /etc/ipsec.secrets as # YourIPAddress %any: "sharedsecret" authby=secret pfs=no auto=add keyingtries=3 # we cannot rekey for %any, let client rekey rekey=no type=transport # #left=%defaultroute left=10.8.11.254 leftnexthop=10.64.64.64 # or you can use: left=YourIPAddress # # For updated Windows 2000/XP clients, # to support old clients as well, use leftprotoport=17/%any leftprotoport=17/1701 # # The remote user. # right=%any # Using the magic port of "0" means "any one single port". This is # a work around required for Apple OSX clients that use a randomly # high port, but propose "0" instead of their port. rightprotoport=17/0 #> /etc/ipsec.conf 38 + _________________________ ipsec/secrets + + ipsec _secretcensor + ipsec _include /etc/ipsec.secrets #< /etc/ipsec.secrets 1 # RCSID $Id: ipsec.secrets.proto,v 1.3.6.1 2005-09-28 13:59:14 paul Exp $ # This file holds shared secrets or RSA private keys for inter-Pluto # authentication. See ipsec_pluto(8) manpage, and HTML documentation. # RSA private key for this host, authenticating it to any other host # which knows the public part. Suitable public keys, for ipsec.conf, DNS, # or configuration of other implementations, can be extracted conveniently # with "[sums to ef67...]". 10.8.11.254 %any: PSK "[sums to 39c4...]" + _________________________ ipsec/listall + + ipsec auto --listall 000 000 List of Public Keys: 000 000 List of Pre-shared secrets (from /etc/ipsec.secrets) 000 10: PSK %any 10.8.11.254 + [ /etc/ipsec.d/policies ] + basename /etc/ipsec.d/policies/block + base=block + _________________________ ipsec/policies/block + + cat /etc/ipsec.d/policies/block # This file defines the set of CIDRs (network/mask-length) to which # communication should never be allowed. # # See /usr/local/share/doc/openswan/policygroups.html for details. # # $Id: block.in,v 1.4 2003/02/17 02:22:15 mcr Exp $ # + basename /etc/ipsec.d/policies/clear + base=clear + _________________________ ipsec/policies/clear + + cat /etc/ipsec.d/policies/clear # This file defines the set of CIDRs (network/mask-length) to which # communication should always be in the clear. # # See /usr/local/share/doc/openswan/policygroups.html for details. # # root name servers should be in the clear 192.58.128.30/32 198.41.0.4/32 192.228.79.201/32 192.33.4.12/32 128.8.10.90/32 192.203.230.10/32 192.5.5.241/32 192.112.36.4/32 128.63.2.53/32 192.36.148.17/32 193.0.14.129/32 199.7.83.42/32 202.12.27.33/32 + basename /etc/ipsec.d/policies/clear-or-private + base=clear-or-private + _________________________ ipsec/policies/clear-or-private + + cat /etc/ipsec.d/policies/clear-or-private # This file defines the set of CIDRs (network/mask-length) to which # we will communicate in the clear, or, if the other side initiates IPSEC, # using encryption. This behaviour is also called "Opportunistic Responder". # # See /usr/local/share/doc/openswan/policygroups.html for details. # # $Id: clear-or-private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $ # + basename /etc/ipsec.d/policies/private + base=private + _________________________ ipsec/policies/private + + cat /etc/ipsec.d/policies/private # This file defines the set of CIDRs (network/mask-length) to which # communication should always be private (i.e. encrypted). # See /usr/local/share/doc/openswan/policygroups.html for details. # # $Id: private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $ # + basename /etc/ipsec.d/policies/private-or-clear + base=private-or-clear + _________________________ ipsec/policies/private-or-clear + + cat /etc/ipsec.d/policies/private-or-clear # This file defines the set of CIDRs (network/mask-length) to which # communication should be private, if possible, but in the clear otherwise. # # If the target has a TXT (later IPSECKEY) record that specifies # authentication material, we will require private (i.e. encrypted) # communications. If no such record is found, communications will be # in the clear. # # See /usr/local/share/doc/openswan/policygroups.html for details. # # $Id: private-or-clear.in,v 1.5 2003/02/17 02:22:15 mcr Exp $ # 0.0.0.0/0 + _________________________ ipsec/ls-libdir + + ls -l /usr/local/lib/ipsec total 128 -rwxr-xr-x 1 root root 14408 May 4 12:42 _copyright -rwxr-xr-x 1 root root 2379 May 4 12:42 _include -rwxr-xr-x 1 root root 1475 May 4 12:42 _keycensor -rwxr-xr-x 1 root root 2632 May 4 12:42 _plutoload -rwxr-xr-x 1 root root 8221 May 4 12:42 _plutorun -rwxr-xr-x 1 root root 12943 May 4 12:42 _realsetup -rwxr-xr-x 1 root root 1975 May 4 12:42 _secretcensor -rwxr-xr-x 1 root root 8572 May 4 12:42 _startklips -rwxr-xr-x 1 root root 6042 May 4 12:42 _startnetkey -rwxr-xr-x 1 root root 4886 May 4 12:42 _updown -rwxr-xr-x 1 root root 15798 May 4 12:42 _updown.klips -rwxr-xr-x 1 root root 11868 May 4 12:42 _updown.mast -rwxr-xr-x 1 root root 10559 May 4 12:42 _updown.netkey + _________________________ ipsec/ls-execdir + + ls -l /usr/local/libexec/ipsec total 5180 -rwxr-xr-x 1 root root 30572 May 4 12:42 _pluto_adns -rwxr-xr-x 1 root root 438764 May 4 12:42 addconn -rwxr-xr-x 1 root root 6015 May 4 12:42 auto -rwxr-xr-x 1 root root 10828 May 4 12:42 barf -rwxr-xr-x 1 root root 201146 May 4 12:42 eroute -rwxr-xr-x 1 root root 60486 May 4 12:42 ikeping -rwxr-xr-x 1 root root 138230 May 4 12:42 klipsdebug -rwxr-xr-x 1 root root 2591 May 4 12:42 look -rwxr-xr-x 1 root root 2182 May 4 12:42 newhostkey -rwxr-xr-x 1 root root 132442 May 4 12:42 pf_key -rwxr-xr-x 1 root root 2692828 May 4 12:42 pluto -rwxr-xr-x 1 root root 21412 May 4 12:42 ranbits -rwxr-xr-x 1 root root 43367 May 4 12:42 rsasigkey -rwxr-xr-x 1 root root 766 May 4 12:42 secrets lrwxrwxrwx 1 root root 17 May 4 12:42 setup -> /etc/init.d/ipsec -rwxr-xr-x 1 root root 1054 May 4 12:42 showdefaults -rwxr-xr-x 1 root root 550642 May 4 12:42 showhostkey -rwxr-xr-x 1 root root 69515 May 4 12:42 showpolicy -rwxr-xr-x 1 root root 329781 May 4 12:42 spi -rwxr-xr-x 1 root root 176741 May 4 12:42 spigrp -rwxr-xr-x 1 root root 153541 May 4 12:42 tncfg -rwxr-xr-x 1 root root 13469 May 4 12:42 verify -rwxr-xr-x 1 root root 128601 May 4 12:42 whack + _________________________ /proc/net/dev + + cat /proc/net/dev Inter-| Receive | Transmit face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed lo: 6456 82 0 0 0 0 0 0 6456 82 0 0 0 0 0 0 eth0: 424462 3679 0 0 0 0 0 0 280198 2371 0 0 0 0 0 0 ppp0: 393038 766 0 0 0 0 0 0 258258 4114 0 0 0 0 0 0 + _________________________ /proc/net/route + + cat /proc/net/route Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT ppp0 4040400A 00000000 0005 0 0 0 FFFFFFFF 0 0 0 eth0 0003A8C0 00000000 0001 0 0 0 00FFFFFF 0 0 0 ppp0 00000000 00000000 0001 0 0 0 00000000 0 0 0 + _________________________ /proc/sys/net/ipv4/ip_no_pmtu_disc + + cat /proc/sys/net/ipv4/ip_no_pmtu_disc 0 + _________________________ /proc/sys/net/ipv4/ip_forward + + cat /proc/sys/net/ipv4/ip_forward 1 + _________________________ /proc/sys/net/ipv4/tcp_ecn + + cat /proc/sys/net/ipv4/tcp_ecn 2 + _________________________ /proc/sys/net/ipv4/conf/star-rp_filter + + cd /proc/sys/net/ipv4/conf + egrep ^ all/rp_filter default/rp_filter eth0/rp_filter lo/rp_filter ppp0/rp_filter all/rp_filter:1 default/rp_filter:1 eth0/rp_filter:0 lo/rp_filter:0 ppp0/rp_filter:1 + _________________________ /proc/sys/net/ipv4/conf/star-star-redirects + + cd /proc/sys/net/ipv4/conf + egrep ^ all/accept_redirects all/secure_redirects all/send_redirects default/accept_redirects default/secure_redirects default/send_redirects eth0/accept_redirects eth0/secure_redirects eth0/send_redirects lo/accept_redirects lo/secure_redirects lo/send_redirects ppp0/accept_redirects ppp0/secure_redirects ppp0/send_redirects all/accept_redirects:0 all/secure_redirects:1 all/send_redirects:1 default/accept_redirects:1 default/secure_redirects:1 default/send_redirects:1 eth0/accept_redirects:1 eth0/secure_redirects:1 eth0/send_redirects:1 lo/accept_redirects:1 lo/secure_redirects:1 lo/send_redirects:1 ppp0/accept_redirects:1 ppp0/secure_redirects:1 ppp0/send_redirects:1 + _________________________ /proc/sys/net/ipv4/tcp_window_scaling + + cat /proc/sys/net/ipv4/tcp_window_scaling 1 + _________________________ /proc/sys/net/ipv4/tcp_adv_win_scale + + cat /proc/sys/net/ipv4/tcp_adv_win_scale 2 + _________________________ uname-a + + uname -a Linux ubuntu 2.6.32.9 #3 PREEMPT Fri Feb 26 13:11:43 MST 2010 armv5tel GNU/Linux + _________________________ config-built-with + + test -r /proc/config_built_with + _________________________ distro-release + + test -f /etc/redhat-release + test -f /etc/debian-release + test -f /etc/SuSE-release + test -f /etc/mandrake-release + test -f /etc/mandriva-release + test -f /etc/gentoo-release + _________________________ /proc/net/ipsec_version + + test -r /proc/net/ipsec_version + test -r /proc/net/pfkey + uname -r + echo NETKEY (2.6.32.9) support detected NETKEY (2.6.32.9) support detected + _________________________ iptables + + test -r /sbin/iptables + iptables -L -v -n Chain INPUT (policy ACCEPT 1135 packets, 461K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 1330 packets, 135K bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 9740 packets, 564K bytes) pkts bytes target prot opt in out source destination + _________________________ iptables-nat + + iptables -t nat -L -v -n Chain PREROUTING (policy ACCEPT 2155 packets, 221K bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 548 packets, 46118 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 44 packets, 4217 bytes) pkts bytes target prot opt in out source destination + _________________________ iptables-mangle + + iptables -t mangle -L -v -n Chain PREROUTING (policy ACCEPT 3607 packets, 707K bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 873 packets, 414K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 1143 packets, 119K bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 6310 packets, 438K bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 7453 packets, 557K bytes) pkts bytes target prot opt in out source destination + _________________________ /proc/modules + + test -f /proc/modules + cat /proc/modules xfrm_user 17333 2 - Live 0xbf368000 ah6 3853 0 - Live 0xbf362000 ah4 3583 0 - Live 0xbf35c000 esp6 4383 0 - Live 0xbf355000 esp4 4615 61 - Live 0xbf34e000 xfrm4_mode_beet 1696 0 - Live 0xbf348000 xfrm4_tunnel 1383 0 - Live 0xbf342000 xfrm4_mode_tunnel 1486 0 - Live 0xbf33c000 xfrm4_mode_transport 1020 122 - Live 0xbf336000 xfrm6_mode_transport 1048 0 - Live 0xbf330000 xfrm6_mode_beet 1472 0 - Live 0xbf32a000 xfrm6_mode_tunnel 1402 0 - Live 0xbf324000 ipcomp 1670 0 - Live 0xbf31e000 ipcomp6 1678 0 - Live 0xbf318000 xfrm6_tunnel 4425 1 ipcomp6, Live 0xbf311000 af_key 29226 0 - Live 0xbf302000 iptable_mangle 1563 0 - Live 0xbf28b000 iptable_nat 3340 0 - Live 0xbf285000 nf_nat 12111 1 iptable_nat, Live 0xbf27c000 nf_conntrack_ipv4 9062 3 iptable_nat,nf_nat, Live 0xbf273000 nf_conntrack 44258 3 iptable_nat,nf_nat,nf_conntrack_ipv4, Live 0xbf25e000 nf_defrag_ipv4 913 1 nf_conntrack_ipv4, Live 0xbf258000 authenc 5764 61 - Live 0xbf251000 ppp_deflate 3900 0 - Live 0xbf1da000 bsd_comp 4844 0 - Live 0xbf1d3000 ppp_async 6773 1 - Live 0xbf1cc000 ccm 7252 0 - Live 0xbf1c5000 sha512_generic 10635 0 - Live 0xbf1bd000 tunnel4 1963 1 xfrm4_tunnel, Live 0xbf186000 xfrm_ipcomp 3641 2 ipcomp,ipcomp6, Live 0xbf156000 tunnel6 1794 1 xfrm6_tunnel, Live 0xbf149000 ppp_generic 20724 7 ppp_deflate,bsd_comp,ppp_async, Live 0xbf13d000 slhc 4559 1 ppp_generic, Live 0xbf136000 iptable_filter 1216 0 - Live 0xbf130000 ip_tables 9279 3 iptable_mangle,iptable_nat,iptable_filter, Live 0xbf128000 x_tables 10919 2 iptable_nat,ip_tables, Live 0xbf11f000 ctr 3145 0 - Live 0xbf119000 twofish 7803 0 - Live 0xbf112000 twofish_common 14447 1 twofish, Live 0xbf109000 camellia 23387 0 - Live 0xbf0fe000 serpent 26349 0 - Live 0xbf0f2000 blowfish 8210 0 - Live 0xbf0ea000 cast5 18083 0 - Live 0xbf0e0000 xcbc 2183 0 - Live 0xbf0da000 rmd160 8746 0 - Live 0xbf0d2000 sha256_generic 10571 0 - Live 0xbf0ca000 sha1_generic 1693 0 - Live 0xbf0c4000 hmac 2431 122 - Live 0xbf0be000 crypto_null 2070 0 - Live 0xbf0b8000 dm_crypt 11162 0 - Live 0xbf0a0000 dm_mod 55664 1 dm_crypt, Live 0xbf088000 ipv6 232735 24 ah6,esp6,xfrm6_mode_beet,xfrm6_mode_tunnel,ipcomp6,xfrm6_tunnel,tunnel6, Live 0xbf03b000 sr_mod 12999 0 - Live 0xbf031000 cdrom 33438 1 sr_mod, Live 0xbf022000 option 15610 1 - Live 0xbf016000 usbserial 28324 3 option, Live 0xbf007000 mv_cesa 4714 0 - Live 0xbf000000 + _________________________ /proc/meminfo + + cat /proc/meminfo MemTotal: 513480 kB MemFree: 362196 kB Buffers: 75136 kB Cached: 50612 kB SwapCached: 0 kB Active: 76472 kB Inactive: 55044 kB Active(anon): 5972 kB Inactive(anon): 0 kB Active(file): 70500 kB Inactive(file): 55044 kB Unevictable: 0 kB Mlocked: 0 kB SwapTotal: 0 kB SwapFree: 0 kB Dirty: 72 kB Writeback: 0 kB AnonPages: 5784 kB Mapped: 4000 kB Shmem: 204 kB Slab: 13320 kB SReclaimable: 10128 kB SUnreclaim: 3192 kB KernelStack: 528 kB PageTables: 328 kB NFS_Unstable: 0 kB Bounce: 0 kB WritebackTmp: 0 kB CommitLimit: 256740 kB Committed_AS: 10380 kB VmallocTotal: 491520 kB VmallocUsed: 3064 kB VmallocChunk: 488032 kB + _________________________ /proc/net/ipsec-ls + + test -f /proc/net/ipsec_version + _________________________ usr/src/linux/.config + + test -f /proc/config.gz + egrep CONFIG_IPSEC|CONFIG_KLIPS|CONFIG_NET_KEY|CONFIG_INET|CONFIG_IP|CONFIG_HW_RANDOM|CONFIG_CRYPTO_DEV|_XFRM + zcat /proc/config.gz # CONFIG_IPC_NS is not set CONFIG_XFRM=y CONFIG_XFRM_USER=m # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=m CONFIG_NET_KEY=m # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y # CONFIG_IP_MULTIPLE_TABLES is not set # CONFIG_IP_ROUTE_MULTIPATH is not set # CONFIG_IP_ROUTE_VERBOSE is not set CONFIG_IP_PNP=y CONFIG_IP_PNP_DHCP=y CONFIG_IP_PNP_BOOTP=y # CONFIG_IP_PNP_RARP is not set # CONFIG_IP_MROUTE is not set CONFIG_INET_AH=m CONFIG_INET_ESP=m CONFIG_INET_IPCOMP=m CONFIG_INET_XFRM_TUNNEL=m CONFIG_INET_TUNNEL=m CONFIG_INET_XFRM_MODE_TRANSPORT=m CONFIG_INET_XFRM_MODE_TUNNEL=m CONFIG_INET_XFRM_MODE_BEET=m CONFIG_INET_LRO=y CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y CONFIG_IPV6=m # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set CONFIG_INET6_AH=m CONFIG_INET6_ESP=m CONFIG_INET6_IPCOMP=m # CONFIG_IPV6_MIP6 is not set CONFIG_INET6_XFRM_TUNNEL=m CONFIG_INET6_TUNNEL=m CONFIG_INET6_XFRM_MODE_TRANSPORT=m CONFIG_INET6_XFRM_MODE_TUNNEL=m CONFIG_INET6_XFRM_MODE_BEET=m # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=m CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_IP_VS is not set # CONFIG_IP_NF_QUEUE is not set CONFIG_IP_NF_IPTABLES=m CONFIG_IP_NF_MATCH_ADDRTYPE=m CONFIG_IP_NF_MATCH_AH=m CONFIG_IP_NF_MATCH_ECN=m CONFIG_IP_NF_MATCH_TTL=m CONFIG_IP_NF_FILTER=m CONFIG_IP_NF_TARGET_REJECT=m CONFIG_IP_NF_TARGET_LOG=m CONFIG_IP_NF_TARGET_ULOG=m CONFIG_IP_NF_TARGET_MASQUERADE=m CONFIG_IP_NF_TARGET_NETMAP=m CONFIG_IP_NF_TARGET_REDIRECT=m CONFIG_IP_NF_MANGLE=m # CONFIG_IP_NF_TARGET_CLUSTERIP is not set CONFIG_IP_NF_TARGET_ECN=m CONFIG_IP_NF_TARGET_TTL=m CONFIG_IP_NF_RAW=m CONFIG_IP_NF_ARPTABLES=m CONFIG_IP_NF_ARPFILTER=m CONFIG_IP_NF_ARP_MANGLE=m # CONFIG_IP6_NF_QUEUE is not set CONFIG_IP6_NF_IPTABLES=m CONFIG_IP6_NF_MATCH_AH=m CONFIG_IP6_NF_MATCH_EUI64=m CONFIG_IP6_NF_MATCH_FRAG=m CONFIG_IP6_NF_MATCH_OPTS=m CONFIG_IP6_NF_MATCH_HL=m CONFIG_IP6_NF_MATCH_IPV6HEADER=m CONFIG_IP6_NF_MATCH_MH=m CONFIG_IP6_NF_MATCH_RT=m CONFIG_IP6_NF_TARGET_HL=m CONFIG_IP6_NF_TARGET_LOG=m CONFIG_IP6_NF_FILTER=m CONFIG_IP6_NF_TARGET_REJECT=m CONFIG_IP6_NF_MANGLE=m CONFIG_IP6_NF_RAW=m # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_IPX is not set # CONFIG_IPDDP is not set # CONFIG_IP1000 is not set # CONFIG_IPW2100 is not set # CONFIG_IPW2200 is not set # CONFIG_IPMI_HANDLER is not set # CONFIG_HW_RANDOM is not set CONFIG_CRYPTO_DEV_MV_CESA=m # CONFIG_CRYPTO_DEV_HIFN_795X is not set + _________________________ etc/syslog.conf + + _________________________ etc/syslog-ng/syslog-ng.conf + + cat /etc/syslog-ng/syslog-ng.conf cat: /etc/syslog-ng/syslog-ng.conf: No such file or directory + cat /etc/syslog.conf # /etc/syslog.conf Configuration file for syslogd. # # For more information see syslog.conf(5) # manpage. # # First some standard logfiles. Log by facility. # auth,authpriv.* /var/log/auth.log *.*;auth,authpriv.none -/var/log/syslog #cron.* /var/log/cron.log daemon.* -/var/log/daemon.log kern.* -/var/log/kern.log lpr.* -/var/log/lpr.log mail.* -/var/log/mail.log user.* -/var/log/user.log # # Logging for the mail system. Split it up so that # it is easy to write scripts to parse these files. # mail.info -/var/log/mail.info mail.warning -/var/log/mail.warn mail.err /var/log/mail.err # Logging for INN news system # news.crit /var/log/news/news.crit news.err /var/log/news/news.err news.notice -/var/log/news/news.notice # # Some `catch-all' logfiles. # *.=debug;\ auth,authpriv.none;\ news.none;mail.none -/var/log/debug *.=info;*.=notice;*.=warning;\ auth,authpriv.none;\ cron,daemon.none;\ mail,news.none -/var/log/messages # # Emergencies are sent to everybody logged in. # *.emerg * # # I like to have messages displayed on the console, but only on a virtual # console I usually leave idle. # #daemon,mail.*;\ # news.=crit;news.=err;news.=notice;\ # *.=debug;*.=info;\ # *.=notice;*.=warning /dev/tty8 # The named pipe /dev/xconsole is for the `xconsole' utility. To use it, # you must invoke `xconsole' with the `-file' option: # # $ xconsole -file /dev/xconsole [...] # # NOTE: adjust the list below, or you'll go crazy if you have a reasonably # busy site.. # daemon.*;mail.*;\ news.err;\ *.=debug;*.=info;\ *.=notice;*.=warning |/dev/xconsole + _________________________ etc/resolv.conf + + cat /etc/resolv.conf # resolv.conf created by pppconfig for wireless-logic nameserver 207.126.96.162 nameserver 207.126.105.146 + _________________________ lib/modules-ls + + ls -ltr /lib/modules total 8 drwxr-xr-x 3 root root 4096 Dec 6 11:04 2.6.30.2 drwxr-xr-x 3 root root 4096 Feb 26 20:15 2.6.32.9 + _________________________ fipscheck + + cat /proc/sys/crypto/fips_enabled 0 + _________________________ /proc/ksyms-netif_rx + + test -r /proc/ksyms + test -r /proc/kallsyms + egrep netif_rx /proc/kallsyms c03431d0 T netif_rx c034409c T netif_rx_ni c050f518 r __ksymtab_netif_rx_ni c050f520 r __ksymtab_netif_rx c0523110 r __kstrtab_netif_rx_ni c052311c r __kstrtab_netif_rx + _________________________ lib/modules-netif_rx + + modulegoo kernel/net/ipv4/ipip.o netif_rx + set +x 2.6.30.2: 2.6.32.9: + _________________________ kern.debug + + test -f /var/log/kern.debug + _________________________ klog + + cat + egrep -i ipsec|klips|pluto + sed -n 94,$p /var/log/syslog May 5 07:37:13 ubuntu ipsec_setup: Starting Openswan IPsec 2.6.25... May 5 07:37:13 ubuntu ipsec_setup: Using KLIPS/legacy stack May 5 07:37:14 ubuntu ipsec_setup: No KLIPS support found while requested, desperately falling back to netkey May 5 07:37:14 ubuntu ipsec_setup: NETKEY support found. Use protostack=netkey in /etc/ipsec.conf to avoid attempts to use KLIPS. Attempting to continue with NETKEY May 5 07:37:14 ubuntu ipsec_setup: Using NETKEY(XFRM) stack May 5 07:37:15 ubuntu ipsec_setup: ...Openswan IPsec started May 5 07:37:15 ubuntu ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d May 5 07:37:15 ubuntu pluto: adjusting ipsec.d to /etc/ipsec.d May 5 07:37:16 ubuntu ipsec__plutorun: 002 added connection description "L2TP-PSK-NAT" May 5 07:37:16 ubuntu ipsec__plutorun: 002 added connection description "L2TP-PSK-noNAT" May 5 07:37:16 ubuntu ipsec__plutorun: 003 NAT-Traversal: Trying new style NAT-T May 5 07:37:16 ubuntu ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1) setup failed for new style NAT-T family IPv4 (errno=19) May 5 07:37:16 ubuntu ipsec__plutorun: 003 NAT-Traversal: Trying old style NAT-T + _________________________ plog + + cat + egrep -i pluto + sed -n 3399,$p /var/log/auth.log May 5 07:37:15 ubuntu ipsec__plutorun: Starting Pluto subsystem... May 5 07:37:15 ubuntu pluto[3753]: Starting Pluto (Openswan Version 2.6.25; Vendor ID OEC`nT{wo^XH) pid:3753 May 5 07:37:15 ubuntu pluto[3753]: Setting NAT-Traversal port-4500 floating to on May 5 07:37:15 ubuntu pluto[3753]: port floating activation criteria nat_t=1/port_float=1 May 5 07:37:15 ubuntu pluto[3753]: NAT-Traversal support [enabled] May 5 07:37:15 ubuntu pluto[3753]: using /dev/urandom as source of random entropy May 5 07:37:15 ubuntu pluto[3753]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0) May 5 07:37:15 ubuntu pluto[3753]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC: Ok (ret=0) May 5 07:37:15 ubuntu pluto[3753]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC: Ok (ret=0) May 5 07:37:15 ubuntu pluto[3753]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0) May 5 07:37:15 ubuntu pluto[3753]: ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC: Ok (ret=0) May 5 07:37:15 ubuntu pluto[3753]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok (ret=0) May 5 07:37:15 ubuntu pluto[3753]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok (ret=0) May 5 07:37:15 ubuntu pluto[3753]: no helpers will be started, all cryptographic operations will be done inline May 5 07:37:15 ubuntu pluto[3753]: Using Linux 2.6 IPsec interface code on 2.6.32.9 (experimental code) May 5 07:37:15 ubuntu pluto[3753]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names May 5 07:37:15 ubuntu pluto[3753]: ike_alg_register_enc(): Activating : Ok (ret=0) May 5 07:37:15 ubuntu pluto[3753]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names May 5 07:37:15 ubuntu pluto[3753]: ike_alg_add(): ERROR: Algorithm already exists May 5 07:37:15 ubuntu pluto[3753]: ike_alg_register_enc(): Activating : FAILED (ret=-17) May 5 07:37:15 ubuntu pluto[3753]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names May 5 07:37:15 ubuntu pluto[3753]: ike_alg_add(): ERROR: Algorithm already exists May 5 07:37:16 ubuntu pluto[3753]: ike_alg_register_enc(): Activating : FAILED (ret=-17) May 5 07:37:16 ubuntu pluto[3753]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names May 5 07:37:16 ubuntu pluto[3753]: ike_alg_add(): ERROR: Algorithm already exists May 5 07:37:16 ubuntu pluto[3753]: ike_alg_register_enc(): Activating : FAILED (ret=-17) May 5 07:37:16 ubuntu pluto[3753]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names May 5 07:37:16 ubuntu pluto[3753]: ike_alg_add(): ERROR: Algorithm already exists May 5 07:37:16 ubuntu pluto[3753]: ike_alg_register_enc(): Activating : FAILED (ret=-17) May 5 07:37:16 ubuntu pluto[3753]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names May 5 07:37:16 ubuntu pluto[3753]: ike_alg_add(): ERROR: Algorithm already exists May 5 07:37:16 ubuntu pluto[3753]: ike_alg_register_enc(): Activating : FAILED (ret=-17) May 5 07:37:16 ubuntu pluto[3753]: Changed path to directory '/etc/ipsec.d/cacerts' May 5 07:37:16 ubuntu pluto[3753]: Changed path to directory '/etc/ipsec.d/aacerts' May 5 07:37:16 ubuntu pluto[3753]: Changed path to directory '/etc/ipsec.d/ocspcerts' May 5 07:37:16 ubuntu pluto[3753]: Changing to directory '/etc/ipsec.d/crls' May 5 07:37:16 ubuntu pluto[3753]: Warning: empty directory May 5 07:37:16 ubuntu pluto[3753]: added connection description "L2TP-PSK-NAT" May 5 07:37:16 ubuntu pluto[3753]: added connection description "L2TP-PSK-noNAT" May 5 07:37:16 ubuntu pluto[3753]: listening for IKE messages May 5 07:37:16 ubuntu pluto[3753]: NAT-Traversal: Trying new style NAT-T May 5 07:37:16 ubuntu pluto[3753]: NAT-Traversal: ESPINUDP(1) setup failed for new style NAT-T family IPv4 (errno=19) May 5 07:37:16 ubuntu pluto[3753]: NAT-Traversal: Trying old style NAT-T May 5 07:37:16 ubuntu pluto[3753]: adding interface ppp0/ppp0 10.8.11.254:500 May 5 07:37:16 ubuntu pluto[3753]: adding interface ppp0/ppp0 10.8.11.254:4500 May 5 07:37:16 ubuntu pluto[3753]: adding interface eth0/eth0 192.168.3.1:500 May 5 07:37:16 ubuntu pluto[3753]: adding interface eth0/eth0 192.168.3.1:4500 May 5 07:37:16 ubuntu pluto[3753]: adding interface lo/lo 127.0.0.1:500 May 5 07:37:16 ubuntu pluto[3753]: adding interface lo/lo 127.0.0.1:4500 May 5 07:37:16 ubuntu pluto[3753]: adding interface lo/lo ::1:500 May 5 07:37:16 ubuntu pluto[3753]: loading secrets from "/etc/ipsec.secrets" May 5 07:38:21 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:21 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:21 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:21 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[1] 213.177.243.97 #1: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[1] 213.177.243.97 #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[1] 213.177.243.97 #1: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[1] 213.177.243.97 #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[1] 213.177.243.97 #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[1] 213.177.243.97 #1: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[1] 213.177.243.97 #1: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[1] 213.177.243.97 #1: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT" May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #1: deleting connection "L2TP-PSK-NAT" instance with peer 213.177.243.97 {isakmp=#0/ipsec=#0} May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #1: new NAT mapping for #1, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #1: packet rejected: should have been encrypted May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #1: sending notification INVALID_FLAGS to 213.177.243.97:21387 May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #1: peer client type is FQDN May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #1: Applying workaround for MS-818043 NAT-T bug May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #1: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #1: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #2: responding to Quick Mode proposal {msgid:fcf5aa4d} May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #2: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #2: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0===192.168.19.199/32 May 5 07:38:23 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #2: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #2: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x0451f577 <0xb03d5afb xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:23 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:23 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:23 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:23 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: new NAT mapping for #3, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: peer client type is FQDN May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: Applying workaround for MS-818043 NAT-T bug May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #4: responding to Quick Mode proposal {msgid:d11a1629} May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #4: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #4: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:24 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #4: keeping refhim=4294901761 during rekey May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #4: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #4: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #4: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #4: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xa87e8069 <0xe4ca5cff xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:25 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:25 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:25 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:25 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: new NAT mapping for #5, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: peer client type is FQDN May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: Applying workaround for MS-818043 NAT-T bug May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #6: responding to Quick Mode proposal {msgid:ef45002e} May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #6: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #6: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:26 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #6: keeping refhim=4294901761 during rekey May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #6: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #6: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #6: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #6: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x52db59c4 <0x1d96c32e xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:26 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:26 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:26 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:26 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: new NAT mapping for #7, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: peer client type is FQDN May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: Applying workaround for MS-818043 NAT-T bug May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #8: responding to Quick Mode proposal {msgid:72246f2b} May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #8: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #8: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:27 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #8: keeping refhim=4294901761 during rekey May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #8: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #8: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #8: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #8: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x42d117e7 <0x4d2e640f xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:27 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:27 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:27 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:27 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:27 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:27 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:27 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:28 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #10: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #10: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #10: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: new NAT mapping for #9, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: peer client type is FQDN May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: Applying workaround for MS-818043 NAT-T bug May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #11: responding to Quick Mode proposal {msgid:cad78b88} May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #11: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #11: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:29 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #11: keeping refhim=4294901761 during rekey May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #11: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #11: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #11: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #11: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x1d623a52 <0x49ae37fa xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:29 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:29 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:29 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:29 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: new NAT mapping for #12, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: peer client type is FQDN May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: Applying workaround for MS-818043 NAT-T bug May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #13: responding to Quick Mode proposal {msgid:306b45be} May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #13: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #13: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:30 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #13: keeping refhim=4294901761 during rekey May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #13: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #13: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #13: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #13: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xe0e3837c <0xdf66e7ee xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:30 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:30 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:31 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:31 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:31 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:31 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:31 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:31 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #15: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #15: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #15: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: new NAT mapping for #14, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: peer client type is FQDN May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: Applying workaround for MS-818043 NAT-T bug May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #16: responding to Quick Mode proposal {msgid:d300f36c} May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #16: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #16: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:32 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #16: keeping refhim=4294901761 during rekey May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #16: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #16: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #1: received Delete SA payload: deleting ISAKMP State #1 May 5 07:38:32 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #16: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #16: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x69008c39 <0xbe64b3ab xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:32 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:32 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:32 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:32 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: new NAT mapping for #17, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: peer client type is FQDN May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: Applying workaround for MS-818043 NAT-T bug May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #18: responding to Quick Mode proposal {msgid:23f809bd} May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #18: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #18: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:34 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #18: keeping refhim=4294901761 during rekey May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #18: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #18: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #3: received Delete SA payload: deleting ISAKMP State #3 May 5 07:38:34 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #18: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #18: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xb4253ab0 <0x6fbd08ef xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:34 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:34 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:34 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:34 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: new NAT mapping for #19, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: peer client type is FQDN May 5 07:38:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: Applying workaround for MS-818043 NAT-T bug May 5 07:38:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #20: responding to Quick Mode proposal {msgid:408f7d85} May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #20: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #20: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:36 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #20: keeping refhim=4294901761 during rekey May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #20: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #20: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #5: received Delete SA payload: deleting ISAKMP State #5 May 5 07:38:36 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #20: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #20: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x2482dd14 <0x2f9c6018 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:36 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:36 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:36 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:36 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:36 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:36 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:36 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:36 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #22: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #22: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #22: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: new NAT mapping for #21, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: peer client type is FQDN May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: Applying workaround for MS-818043 NAT-T bug May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #23: responding to Quick Mode proposal {msgid:13dd4694} May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #23: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #23: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:37 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #23: keeping refhim=4294901761 during rekey May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #23: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #23: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #7: received Delete SA payload: deleting ISAKMP State #7 May 5 07:38:37 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #23: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #23: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x80a7fa7b <0x89246bee xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:37 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:37 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:37 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:37 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: new NAT mapping for #24, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: peer client type is FQDN May 5 07:38:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: Applying workaround for MS-818043 NAT-T bug May 5 07:38:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #25: responding to Quick Mode proposal {msgid:38855f99} May 5 07:38:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #25: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #25: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:38 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #25: keeping refhim=4294901761 during rekey May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #25: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #25: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #9: received Delete SA payload: deleting ISAKMP State #9 May 5 07:38:39 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #25: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #25: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xf7982b38 <0x7707bbb9 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:39 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:39 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:39 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:39 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: new NAT mapping for #26, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: peer client type is FQDN May 5 07:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: Applying workaround for MS-818043 NAT-T bug May 5 07:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #27: responding to Quick Mode proposal {msgid:91140c99} May 5 07:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #27: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #27: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:40 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #27: keeping refhim=4294901761 during rekey May 5 07:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #27: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #27: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #12: received Delete SA payload: deleting ISAKMP State #12 May 5 07:38:40 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #27: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #27: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x9c09a3c3 <0x0c018d62 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:40 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:40 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:40 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:40 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: new NAT mapping for #28, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: peer client type is FQDN May 5 07:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: Applying workaround for MS-818043 NAT-T bug May 5 07:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #29: responding to Quick Mode proposal {msgid:5922211f} May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #29: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #29: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:42 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #29: keeping refhim=4294901761 during rekey May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #29: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #29: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #14: received Delete SA payload: deleting ISAKMP State #14 May 5 07:38:42 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #29: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #29: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x2ce25430 <0x8c0e63fb xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:42 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:42 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:42 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:42 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: new NAT mapping for #30, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: peer client type is FQDN May 5 07:38:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: Applying workaround for MS-818043 NAT-T bug May 5 07:38:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #31: responding to Quick Mode proposal {msgid:48b22a44} May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #31: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #31: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:45 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #31: keeping refhim=4294901761 during rekey May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #31: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #31: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #17: received Delete SA payload: deleting ISAKMP State #17 May 5 07:38:45 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #31: discarding duplicate packet; already STATE_QUICK_R1 May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #31: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #31: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x310ff0a6 <0x4ef6989c xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:45 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:45 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:45 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:45 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: new NAT mapping for #32, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: peer client type is FQDN May 5 07:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: Applying workaround for MS-818043 NAT-T bug May 5 07:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #33: responding to Quick Mode proposal {msgid:a0c67b76} May 5 07:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #33: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #33: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:46 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #33: keeping refhim=4294901761 during rekey May 5 07:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #33: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #33: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #19: received Delete SA payload: deleting ISAKMP State #19 May 5 07:38:46 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #33: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #33: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x5997de0d <0x24aea45e xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:47 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:47 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:47 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:47 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:47 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:47 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:47 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:47 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #35: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #35: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #35: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: new NAT mapping for #34, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: peer client type is FQDN May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: Applying workaround for MS-818043 NAT-T bug May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #36: responding to Quick Mode proposal {msgid:026de155} May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #36: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #36: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:48 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #36: keeping refhim=4294901761 during rekey May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #36: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #36: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #21: received Delete SA payload: deleting ISAKMP State #21 May 5 07:38:48 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #36: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #36: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xe35a9277 <0x245ec050 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:48 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:48 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:48 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:48 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: new NAT mapping for #37, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: peer client type is FQDN May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: Applying workaround for MS-818043 NAT-T bug May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #38: responding to Quick Mode proposal {msgid:74503c1b} May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #38: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #38: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:49 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #38: keeping refhim=4294901761 during rekey May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #38: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #38: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #24: received Delete SA payload: deleting ISAKMP State #24 May 5 07:38:49 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #38: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #38: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x5a71347f <0x7e9ed2bf xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:49 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:50 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:50 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:50 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:50 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:50 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:50 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:50 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #40: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #40: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #40: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: new NAT mapping for #39, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: peer client type is FQDN May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: Applying workaround for MS-818043 NAT-T bug May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #41: responding to Quick Mode proposal {msgid:70927f53} May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #41: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #41: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:51 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #41: keeping refhim=4294901761 during rekey May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #41: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #41: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #26: received Delete SA payload: deleting ISAKMP State #26 May 5 07:38:51 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #41: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #41: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x77732a16 <0xb37b708b xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:51 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:51 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:51 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:51 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: new NAT mapping for #42, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: peer client type is FQDN May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: Applying workaround for MS-818043 NAT-T bug May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #43: responding to Quick Mode proposal {msgid:8bd03450} May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #43: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #43: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:52 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #43: keeping refhim=4294901761 during rekey May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #43: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #43: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #28: received Delete SA payload: deleting ISAKMP State #28 May 5 07:38:52 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:52 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:52 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:52 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:52 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #43: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #43: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x039271f0 <0x15a71d1b xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:53 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:53 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:53 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:53 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #45: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #45: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #45: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: new NAT mapping for #44, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: peer client type is FQDN May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: Applying workaround for MS-818043 NAT-T bug May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #46: responding to Quick Mode proposal {msgid:3b606afd} May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #46: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #46: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:53 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #46: keeping refhim=4294901761 during rekey May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #46: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #46: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #30: received Delete SA payload: deleting ISAKMP State #30 May 5 07:38:54 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #46: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #46: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xf47aa02c <0x28566737 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:54 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:54 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:54 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:54 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: new NAT mapping for #47, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: peer client type is FQDN May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: Applying workaround for MS-818043 NAT-T bug May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #48: responding to Quick Mode proposal {msgid:3a5ae204} May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #48: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #48: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:55 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #48: keeping refhim=4294901761 during rekey May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #48: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #48: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #32: received Delete SA payload: deleting ISAKMP State #32 May 5 07:38:55 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #48: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #48: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xe50ed1b2 <0x08e323f6 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:55 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:55 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:55 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:55 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: new NAT mapping for #49, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: peer client type is FQDN May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: Applying workaround for MS-818043 NAT-T bug May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #50: responding to Quick Mode proposal {msgid:3ad9ec69} May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #50: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #50: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:56 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #50: keeping refhim=4294901761 during rekey May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #50: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #50: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #34: received Delete SA payload: deleting ISAKMP State #34 May 5 07:38:56 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #50: discarding duplicate packet; already STATE_QUICK_R1 May 5 07:38:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #50: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 07:38:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #50: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x55ec2c69 <0x8fc07067 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:21387 DPD=none} May 5 07:38:57 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 07:38:57 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [FRAGMENTATION] May 5 07:38:57 ubuntu pluto[3753]: packet from 213.177.243.97:21386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 07:38:57 ubuntu pluto[3753]: packet from 213.177.243.97:21386: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 07:38:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: responding to Main Mode from unknown peer 213.177.243.97 May 5 07:38:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 07:38:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 07:38:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 07:38:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 07:38:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 07:38:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 07:38:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: new NAT mapping for #51, was 213.177.243.97:21386, now 213.177.243.97:21387 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: peer client type is FQDN May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: Applying workaround for MS-818043 NAT-T bug May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #52: responding to Quick Mode proposal {msgid:5cab6107} May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #52: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #52: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 07:38:58 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #52: keeping refhim=4294901761 during rekey May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #52: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #52: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #37: received Delete SA payload: deleting ISAKMP State #37 May 5 07:38:58 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: received Delete SA(0xe50ed1b2) payload: deleting IPSEC State #48 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: received and ignored informational message May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: received Delete SA(0x55ec2c69) payload: deleting IPSEC State #50 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy eroute_connection delete inbound was too long: 168 > 36 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy eroute_connection delete inbound was too long: 168 > 36 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 07:38:58 ubuntu pluto[3753]: | raw_eroute result=0 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: received and ignored informational message May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: received Delete SA(0x039271f0) payload: deleting IPSEC State #43 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 07:38:58 ubuntu pluto[3753]: | raw_eroute result=0 May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: received and ignored informational message May 5 07:38:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: received Delete SA(0xf47aa02c) payload: deleting IPSEC State #46 May 5 07:38:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 07:38:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 07:38:59 ubuntu pluto[3753]: | raw_eroute result=0 May 5 07:38:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: received and ignored informational message May 5 07:38:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: received Delete SA(0x77732a16) payload: deleting IPSEC State #41 May 5 07:38:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 07:38:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 07:38:59 ubuntu pluto[3753]: | raw_eroute result=0 May 5 07:38:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: received and ignored informational message May 5 07:38:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #51: received Delete SA payload: deleting ISAKMP State #51 May 5 07:38:59 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #49: received Delete SA payload: deleting ISAKMP State #49 May 5 07:38:59 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #47: received Delete SA payload: deleting ISAKMP State #47 May 5 07:38:59 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #44: received Delete SA payload: deleting ISAKMP State #44 May 5 07:38:59 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #42: received Delete SA payload: deleting ISAKMP State #42 May 5 07:38:59 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #39: received Delete SA payload: deleting ISAKMP State #39 May 5 07:38:59 ubuntu pluto[3753]: packet from 213.177.243.97:21387: received and ignored informational message May 5 07:38:59 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x3d604e1c May 5 07:38:59 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x7e25b408 May 5 07:38:59 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x5eb2ec86 May 5 07:38:59 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x627ace4f May 5 07:38:59 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x78a4574f May 5 07:39:00 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0xe78241e5 May 5 07:39:00 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x5a06b155 May 5 07:39:00 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x16501f26 May 5 07:39:00 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x357cd2cc May 5 07:39:00 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x1836e125 May 5 07:39:00 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x0a46679a May 5 07:39:00 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0xbe15eee7 May 5 07:39:00 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x32bc1bf5 May 5 07:39:00 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x402c0286 May 5 07:39:00 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x2f58c870 May 5 07:39:00 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0x1a73b8c8 May 5 07:39:00 ubuntu pluto[3753]: packet from 213.177.243.97:21387: Informational Exchange is for an unknown (expired?) SA with MSGID:0xdc2a50a8 May 5 07:39:22 ubuntu pluto[3753]: ERROR: "L2TP-PSK-NAT"[2] 213.177.243.97 #45: sendto on ppp0 to 213.177.243.97:21386 failed in EVENT_RETRANSMIT. Errno 105: No buffer space available May 5 07:39:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #10: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 07:39:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #15: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 07:39:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #22: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 07:39:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #35: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 07:40:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #40: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 07:40:02 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #45: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 07:52:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #52: max number of retransmissions (20) reached STATE_QUICK_R1 May 5 07:52:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #52: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 07:52:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #52: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 07:52:09 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #2: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #2: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:24 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #4: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #4: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:24 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #6: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #6: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:26 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #8: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #8: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:27 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #11: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #11: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:29 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #13: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #13: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:30 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #16: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #16: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:32 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #18: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #18: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:34 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #20: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #20: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:35 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #23: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #23: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:37 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #25: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #25: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:38 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #27: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #27: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:40 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #29: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #29: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:41 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #31: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #31: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:45 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #33: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #33: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:46 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #36: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #36: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:48 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #38: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97 #38: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 08:38:49 ubuntu pluto[3753]: | raw_eroute result=0 May 5 08:38:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[2] 213.177.243.97: deleting connection "L2TP-PSK-NAT" instance with peer 213.177.243.97 {isakmp=#0/ipsec=#0} May 5 14:47:11 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:11 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:11 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:11 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:12 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:12 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:12 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:12 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #54: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #54: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #54: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:12 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:12 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:12 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:12 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #55: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #55: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #55: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: new NAT mapping for #53, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: retransmitting in response to duplicate packet; already STATE_MAIN_R3 May 5 14:47:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: peer client type is FQDN May 5 14:47:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: Applying workaround for MS-818043 NAT-T bug May 5 14:47:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #56: responding to Quick Mode proposal {msgid:6df17b6d} May 5 14:47:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #56: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #56: them: 213.177.243.100[+S=C]:17/0===? May 5 14:47:14 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #56: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #56: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #56: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #56: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xe67a2331 <0x178029f3 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:14 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:14 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:14 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:14 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: new NAT mapping for #57, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: peer client type is FQDN May 5 14:47:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: Applying workaround for MS-818043 NAT-T bug May 5 14:47:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #58: responding to Quick Mode proposal {msgid:851e1a87} May 5 14:47:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #58: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #58: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:15 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #58: keeping refhim=4294901761 during rekey May 5 14:47:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #58: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #58: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #58: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #58: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x8bb0c9de <0xbe89c782 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:15 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:16 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:16 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:16 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: new NAT mapping for #59, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: peer client type is FQDN May 5 14:47:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: Applying workaround for MS-818043 NAT-T bug May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #60: responding to Quick Mode proposal {msgid:0e4dde39} May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #60: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #60: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:17 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #60: keeping refhim=4294901761 during rekey May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #60: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #60: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #60: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #60: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x93f75c83 <0x91b02e8f xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:17 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:17 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:17 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:17 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: new NAT mapping for #61, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: peer client type is FQDN May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: Applying workaround for MS-818043 NAT-T bug May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #62: responding to Quick Mode proposal {msgid:dcdb2576} May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #62: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #62: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:18 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #62: keeping refhim=4294901761 during rekey May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #62: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #62: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #62: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #62: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x9fb61e57 <0x440f2673 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:18 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:18 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:18 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:18 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: new NAT mapping for #63, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: peer client type is FQDN May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: Applying workaround for MS-818043 NAT-T bug May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #64: responding to Quick Mode proposal {msgid:db9312d7} May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #64: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #64: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:19 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #64: keeping refhim=4294901761 during rekey May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #64: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #64: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #64: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #64: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x0c6e547d <0x07ed11a2 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:19 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:19 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:19 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:19 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: new NAT mapping for #65, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: peer client type is FQDN May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: Applying workaround for MS-818043 NAT-T bug May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #66: responding to Quick Mode proposal {msgid:6446ae14} May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #66: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #66: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:20 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #66: keeping refhim=4294901761 during rekey May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #66: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #66: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #66: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #66: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x59657396 <0x2824460d xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:20 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:20 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:20 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:20 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: new NAT mapping for #67, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: peer client type is FQDN May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: Applying workaround for MS-818043 NAT-T bug May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #68: responding to Quick Mode proposal {msgid:d650157b} May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #68: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #68: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:22 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #68: keeping refhim=4294901761 during rekey May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #68: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #68: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #53: received Delete SA payload: deleting ISAKMP State #53 May 5 14:47:22 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #68: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #68: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xd2776193 <0x15034428 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:22 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:22 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:22 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:22 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: new NAT mapping for #69, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: peer client type is FQDN May 5 14:47:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: Applying workaround for MS-818043 NAT-T bug May 5 14:47:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #70: responding to Quick Mode proposal {msgid:4dc75dc6} May 5 14:47:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #70: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #70: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:24 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #70: keeping refhim=4294901761 during rekey May 5 14:47:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #70: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #70: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #57: received Delete SA payload: deleting ISAKMP State #57 May 5 14:47:27 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #70: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #70: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x18223b75 <0x49d33c82 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:27 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:27 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:27 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:27 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: new NAT mapping for #71, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: packet rejected: should have been encrypted May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: sending notification INVALID_FLAGS to 213.177.243.100:4500 May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: peer client type is FQDN May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: Applying workaround for MS-818043 NAT-T bug May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #72: responding to Quick Mode proposal {msgid:12d20b70} May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #72: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:28 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #72: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:29 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #72: keeping refhim=4294901761 during rekey May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #72: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #72: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #59: received Delete SA payload: deleting ISAKMP State #59 May 5 14:47:29 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #72: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #72: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xbae19ce3 <0xfe6e0ba0 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:29 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:29 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:29 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:29 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:29 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:29 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:29 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:29 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #74: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #74: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #74: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:29 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: new NAT mapping for #73, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: peer client type is FQDN May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: Applying workaround for MS-818043 NAT-T bug May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #75: responding to Quick Mode proposal {msgid:82f7cf35} May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #75: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #75: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:30 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #75: keeping refhim=4294901761 during rekey May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #75: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #75: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #61: received Delete SA payload: deleting ISAKMP State #61 May 5 14:47:30 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #75: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #75: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x76dfd28a <0x604ee2e8 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:30 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:30 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:30 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:30 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:30 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:31 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: new NAT mapping for #76, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: peer client type is FQDN May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: Applying workaround for MS-818043 NAT-T bug May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #77: responding to Quick Mode proposal {msgid:c5284650} May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #77: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #77: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:32 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #77: keeping refhim=4294901761 during rekey May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #77: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #77: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #63: received Delete SA payload: deleting ISAKMP State #63 May 5 14:47:32 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:32 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:32 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:32 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:32 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #77: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:32 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #77: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xc4466d4a <0x03d86f68 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: new NAT mapping for #78, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: peer client type is FQDN May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: Applying workaround for MS-818043 NAT-T bug May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #79: responding to Quick Mode proposal {msgid:1f2cb0f4} May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #79: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #79: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:34 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #79: keeping refhim=4294901761 during rekey May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #79: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #79: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #65: received Delete SA payload: deleting ISAKMP State #65 May 5 14:47:34 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #79: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #79: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x68fdeedd <0x52c8e52b xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:34 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:34 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:34 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:34 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:34 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: new NAT mapping for #80, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: peer client type is FQDN May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: Applying workaround for MS-818043 NAT-T bug May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #81: responding to Quick Mode proposal {msgid:209dc0c3} May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #81: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #81: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:35 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #81: keeping refhim=4294901761 during rekey May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #81: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #81: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:35 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #67: received Delete SA payload: deleting ISAKMP State #67 May 5 14:47:35 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #81: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #81: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xf8400fb1 <0xe648eb9d xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:36 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:36 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:36 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:36 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:36 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:36 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:36 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:36 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #83: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #83: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:36 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #83: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: new NAT mapping for #82, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: peer client type is FQDN May 5 14:47:37 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: Applying workaround for MS-818043 NAT-T bug May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #84: responding to Quick Mode proposal {msgid:c4187749} May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #84: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #84: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:38 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #84: keeping refhim=4294901761 during rekey May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #84: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #84: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #69: received Delete SA payload: deleting ISAKMP State #69 May 5 14:47:38 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:38 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:38 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:38 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:38 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #84: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #84: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x7b03bc46 <0x8fe47db2 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:38 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: new NAT mapping for #85, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: peer client type is FQDN May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: Applying workaround for MS-818043 NAT-T bug May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #86: responding to Quick Mode proposal {msgid:97553a4e} May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #86: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #86: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:39 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #86: keeping refhim=4294901761 during rekey May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #86: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #86: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #71: received Delete SA payload: deleting ISAKMP State #71 May 5 14:47:39 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #86: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #86: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x42644b2c <0xa265c8bd xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:39 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:40 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:40 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:40 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:40 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:40 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:40 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:40 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #88: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #88: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #88: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:40 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: new NAT mapping for #87, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: peer client type is FQDN May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: Applying workaround for MS-818043 NAT-T bug May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #89: responding to Quick Mode proposal {msgid:93be231a} May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #89: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #89: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:41 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #89: keeping refhim=4294901761 during rekey May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #89: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #89: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #73: received Delete SA payload: deleting ISAKMP State #73 May 5 14:47:41 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #89: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #89: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xac916e6f <0x195bddd6 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:41 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:41 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:41 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:41 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:41 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:42 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: new NAT mapping for #90, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: peer client type is FQDN May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: Applying workaround for MS-818043 NAT-T bug May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #91: responding to Quick Mode proposal {msgid:96842242} May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #91: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #91: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:43 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #91: keeping refhim=4294901761 during rekey May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #91: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #91: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #76: received Delete SA payload: deleting ISAKMP State #76 May 5 14:47:43 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #91: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:43 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #91: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x87ff42f8 <0x03b4d86a xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:44 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:44 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:44 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:44 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: new NAT mapping for #92, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:44 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: peer client type is FQDN May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: Applying workaround for MS-818043 NAT-T bug May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #93: responding to Quick Mode proposal {msgid:b5df4c9e} May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #93: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #93: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:45 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #93: keeping refhim=4294901761 during rekey May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #93: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #93: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #78: received Delete SA payload: deleting ISAKMP State #78 May 5 14:47:45 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #93: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #93: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xfd361a90 <0x86dcf3a3 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:45 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:45 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:45 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:45 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:45 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: new NAT mapping for #94, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: peer client type is FQDN May 5 14:47:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: Applying workaround for MS-818043 NAT-T bug May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #95: responding to Quick Mode proposal {msgid:95363381} May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #95: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #95: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:47 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #95: keeping refhim=4294901761 during rekey May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #95: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #95: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #80: received Delete SA payload: deleting ISAKMP State #80 May 5 14:47:47 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #95: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #95: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x3de92fe0 <0x21a57b03 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:47 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:47 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:47 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:47 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 14:47:47 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 14:47:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: Main mode peer ID is ID_IPV4_ADDR: '213.177.243.100' May 5 14:47:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 14:47:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: new NAT mapping for #96, was 213.177.243.100:500, now 213.177.243.100:4500 May 5 14:47:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 14:47:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: peer client type is FQDN May 5 14:47:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: Applying workaround for MS-818043 NAT-T bug May 5 14:47:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: IDci was FQDN: mF\341\376, using NAT_OA=0.0.0.0/32 as IDci May 5 14:47:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: the peer proposed: 109.70.225.254/32:17/1701 -> 0.0.0.0/32:17/0 May 5 14:47:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #97: responding to Quick Mode proposal {msgid:ea000dff} May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #97: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #97: them: 213.177.243.100[+S=C]:17/0 May 5 14:47:49 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #97: keeping refhim=4294901761 during rekey May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #97: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #97: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #82: received Delete SA payload: deleting ISAKMP State #82 May 5 14:47:49 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #97: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #97: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xd2500a88 <0x1f070a9f xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=213.177.243.100:4500 DPD=none} May 5 14:47:49 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 14:47:49 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [FRAGMENTATION] May 5 14:47:49 ubuntu pluto[3753]: packet from 213.177.243.100:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 14:47:49 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #98: responding to Main Mode from unknown peer 213.177.243.100 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #98: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #98: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: received Delete SA(0xd2500a88) payload: deleting IPSEC State #97 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy eroute_connection delete inbound was too long: 168 > 36 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy eroute_connection delete inbound was too long: 168 > 36 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 14:47:49 ubuntu pluto[3753]: | raw_eroute result=0 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: received and ignored informational message May 5 14:47:49 ubuntu pluto[3753]: packet from 213.177.243.100:500: ignoring Delete SA payload: not encrypted May 5 14:47:49 ubuntu pluto[3753]: packet from 213.177.243.100:500: received and ignored informational message May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: received Delete SA(0x3de92fe0) payload: deleting IPSEC State #95 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 14:47:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 14:47:49 ubuntu pluto[3753]: | raw_eroute result=0 May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: received and ignored informational message May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: received Delete SA(0xfd361a90) payload: deleting IPSEC State #93 May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 14:47:50 ubuntu pluto[3753]: | raw_eroute result=0 May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: received and ignored informational message May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: received Delete SA(0x87ff42f8) payload: deleting IPSEC State #91 May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 14:47:50 ubuntu pluto[3753]: | raw_eroute result=0 May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: received and ignored informational message May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: received Delete SA(0xac916e6f) payload: deleting IPSEC State #89 May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 14:47:50 ubuntu pluto[3753]: | raw_eroute result=0 May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: received and ignored informational message May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: received Delete SA(0x42644b2c) payload: deleting IPSEC State #86 May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 14:47:50 ubuntu pluto[3753]: | raw_eroute result=0 May 5 14:47:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: received and ignored informational message May 5 14:47:50 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x143928f5 May 5 14:47:50 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x07902e48 May 5 14:47:50 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x89139050 May 5 14:47:50 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x922e70f9 May 5 14:47:50 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x44ec7e22 May 5 14:47:50 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0xbb660b43 May 5 14:47:50 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0xbdb8499d May 5 14:47:50 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0xe852f0ba May 5 14:47:51 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x7608da17 May 5 14:47:51 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0xd1d3bd92 May 5 14:47:51 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0xae97ce64 May 5 14:47:51 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x0d34f021 May 5 14:47:51 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x07c272d7 May 5 14:47:51 ubuntu pluto[3753]: packet from 213.177.243.100:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x9e7e0223 May 5 14:47:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #96: received Delete SA payload: deleting ISAKMP State #96 May 5 14:47:51 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #94: received Delete SA payload: deleting ISAKMP State #94 May 5 14:47:51 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #92: received Delete SA payload: deleting ISAKMP State #92 May 5 14:47:51 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #90: received Delete SA payload: deleting ISAKMP State #90 May 5 14:47:51 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #87: received Delete SA payload: deleting ISAKMP State #87 May 5 14:47:51 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:47:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #85: received Delete SA payload: deleting ISAKMP State #85 May 5 14:47:51 ubuntu pluto[3753]: packet from 213.177.243.100:4500: received and ignored informational message May 5 14:48:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #54: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 14:48:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #55: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 14:48:39 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #74: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 14:48:46 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #83: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 14:48:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #88: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 14:48:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[3] 213.177.243.100 #98: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 15:00:47 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:00:48 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:00:48 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:00:48 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:00:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[4] 213.177.243.97 #99: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:00:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[4] 213.177.243.97 #99: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:00:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[4] 213.177.243.97 #99: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:00:48 ubuntu pluto[3753]: "L2TP-PSK-NAT"[4] 213.177.243.97 #99: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[4] 213.177.243.97 #99: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[4] 213.177.243.97 #99: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[4] 213.177.243.97 #99: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[4] 213.177.243.97 #99: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT" May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #99: deleting connection "L2TP-PSK-NAT" instance with peer 213.177.243.97 {isakmp=#0/ipsec=#0} May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #99: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #99: new NAT mapping for #99, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #99: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #99: retransmitting in response to duplicate packet; already STATE_MAIN_R3 May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #99: peer client type is FQDN May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #99: Applying workaround for MS-818043 NAT-T bug May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #99: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #99: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #100: responding to Quick Mode proposal {msgid:38db35a7} May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #100: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #100: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0===192.168.19.199/32 May 5 15:00:49 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #100: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #100: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:00:49 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #100: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:00:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #100: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x5b81b923 <0x93fa7090 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:00:50 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:00:50 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:00:50 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:00:50 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:00:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:00:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:00:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:00:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:00:50 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: new NAT mapping for #101, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: peer client type is FQDN May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: Applying workaround for MS-818043 NAT-T bug May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #102: responding to Quick Mode proposal {msgid:69730bc7} May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #102: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #102: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:00:51 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #102: keeping refhim=4294901761 during rekey May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #102: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #102: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #102: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #102: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x72238d53 <0x66b4bc3f xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:00:51 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:00:51 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:00:51 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:00:51 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:00:51 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: new NAT mapping for #103, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: peer client type is FQDN May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: Applying workaround for MS-818043 NAT-T bug May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #104: responding to Quick Mode proposal {msgid:d77e8d54} May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #104: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #104: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:00:52 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #104: keeping refhim=4294901761 during rekey May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #104: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #104: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #104: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #104: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x44e09c9a <0xb008b3ed xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:00:52 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:00:52 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:00:52 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:00:52 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:00:52 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:00:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:00:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:00:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:00:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:00:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:00:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: new NAT mapping for #105, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:00:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:00:53 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: peer client type is FQDN May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: Applying workaround for MS-818043 NAT-T bug May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #106: responding to Quick Mode proposal {msgid:70d7ef41} May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #106: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #106: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:00:54 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #106: keeping refhim=4294901761 during rekey May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #106: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #106: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #106: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #106: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x1ab95098 <0x2504fb97 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:00:54 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:00:54 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:00:54 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:00:54 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:00:54 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:00:54 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:00:54 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:00:54 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #108: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #108: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:00:54 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #108: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:00:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:00:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:00:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:00:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: discarding duplicate packet; already STATE_MAIN_R2 May 5 15:00:55 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: new NAT mapping for #107, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: peer client type is FQDN May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: Applying workaround for MS-818043 NAT-T bug May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #109: responding to Quick Mode proposal {msgid:4d2309a2} May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #109: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #109: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:00:56 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #109: keeping refhim=4294901761 during rekey May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #109: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #109: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #109: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #109: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x6c85f613 <0xda796d25 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:00:56 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:00:56 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:00:56 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:00:56 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:00:56 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:00:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:00:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:00:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:00:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:00:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:00:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: new NAT mapping for #110, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:00:57 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: peer client type is FQDN May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: Applying workaround for MS-818043 NAT-T bug May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #111: responding to Quick Mode proposal {msgid:68bd9c0a} May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #111: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #111: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:00:58 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #111: keeping refhim=4294901761 during rekey May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #111: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #111: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #111: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #111: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x53c8e097 <0x247b75d0 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:00:58 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:00:58 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:00:58 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:00:58 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:00:58 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: new NAT mapping for #112, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: peer client type is FQDN May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: Applying workaround for MS-818043 NAT-T bug May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #113: responding to Quick Mode proposal {msgid:4742a830} May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #113: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #113: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:00:59 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #113: keeping refhim=4294901761 during rekey May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #113: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:00:59 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #113: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #99: received Delete SA payload: deleting ISAKMP State #99 May 5 15:01:00 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #113: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #113: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x6fb62c4f <0xb3cd04c6 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:00 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:00 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:00 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:00 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: new NAT mapping for #114, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: peer client type is FQDN May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: Applying workaround for MS-818043 NAT-T bug May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:00 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #115: responding to Quick Mode proposal {msgid:81c5e2af} May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #115: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #115: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:01 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #115: keeping refhim=4294901761 during rekey May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #115: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #115: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #101: received Delete SA payload: deleting ISAKMP State #101 May 5 15:01:01 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #115: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #115: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x79171657 <0xabaf86f0 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:01 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:01 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:01 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:01 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:01 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:01 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:01 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:01 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #117: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #117: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:01 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #117: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:02 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:02 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:02 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:02 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:02 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:02 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: new NAT mapping for #116, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:02 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:02 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: peer client type is FQDN May 5 15:01:02 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: Applying workaround for MS-818043 NAT-T bug May 5 15:01:02 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:02 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:02 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #118: responding to Quick Mode proposal {msgid:3d26a122} May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #118: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #118: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:03 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #118: keeping refhim=4294901761 during rekey May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #118: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #118: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #103: received Delete SA payload: deleting ISAKMP State #103 May 5 15:01:03 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #118: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #118: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x3ea4cc6e <0x7de4aa70 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:03 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:03 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:03 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:03 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: new NAT mapping for #119, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:03 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: peer client type is FQDN May 5 15:01:04 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: Applying workaround for MS-818043 NAT-T bug May 5 15:01:04 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:04 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:04 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #120: responding to Quick Mode proposal {msgid:c4b17b09} May 5 15:01:04 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #120: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:04 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #120: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:04 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:04 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #120: keeping refhim=4294901761 during rekey May 5 15:01:04 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #120: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:04 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #120: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:04 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #105: received Delete SA payload: deleting ISAKMP State #105 May 5 15:01:04 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #120: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #120: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x63e0fff7 <0x67e2eaf8 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:05 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:05 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:05 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:05 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: new NAT mapping for #121, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: peer client type is FQDN May 5 15:01:05 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: Applying workaround for MS-818043 NAT-T bug May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #122: responding to Quick Mode proposal {msgid:850f65aa} May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #122: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #122: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:06 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #122: keeping refhim=4294901761 during rekey May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #122: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #122: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #107: received Delete SA payload: deleting ISAKMP State #107 May 5 15:01:06 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #122: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #122: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xa7fa90c8 <0x93e49f5a xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:06 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:06 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:06 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:06 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:06 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:06 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:06 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:06 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #124: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #124: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #124: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:06 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:07 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:07 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:07 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:07 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: new NAT mapping for #123, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:07 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:07 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: peer client type is FQDN May 5 15:01:07 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: Applying workaround for MS-818043 NAT-T bug May 5 15:01:07 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:07 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:07 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #125: responding to Quick Mode proposal {msgid:b766761f} May 5 15:01:07 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #125: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #125: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:08 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #125: keeping refhim=4294901761 during rekey May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #125: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #125: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #110: received Delete SA payload: deleting ISAKMP State #110 May 5 15:01:08 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #125: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #125: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x4326f908 <0xeb14c240 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:08 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:08 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:08 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:08 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:08 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: new NAT mapping for #126, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: peer client type is FQDN May 5 15:01:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: Applying workaround for MS-818043 NAT-T bug May 5 15:01:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #127: responding to Quick Mode proposal {msgid:679e7873} May 5 15:01:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #127: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #127: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:09 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #127: keeping refhim=4294901761 during rekey May 5 15:01:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #127: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #127: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #112: received Delete SA payload: deleting ISAKMP State #112 May 5 15:01:09 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:09 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:09 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:09 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:09 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:09 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:10 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:11 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:11 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #127: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:11 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #127: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x0b6ab6b2 <0xdcfafc63 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:11 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:11 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:11 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:11 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:11 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:11 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: new NAT mapping for #128, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:11 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: peer client type is FQDN May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: Applying workaround for MS-818043 NAT-T bug May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #129: responding to Quick Mode proposal {msgid:cf43b87b} May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #129: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #129: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:12 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #129: keeping refhim=4294901761 during rekey May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #129: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #129: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #114: received Delete SA payload: deleting ISAKMP State #114 May 5 15:01:12 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #129: discarding duplicate packet; already STATE_QUICK_R1 May 5 15:01:12 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:12 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:12 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:12 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #129: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #129: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x22f80f8e <0xa5d4f152 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: new NAT mapping for #130, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:12 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: peer client type is FQDN May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: Applying workaround for MS-818043 NAT-T bug May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #131: responding to Quick Mode proposal {msgid:0ff29774} May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #131: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #131: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:13 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #131: keeping refhim=4294901761 during rekey May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #131: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #131: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #116: received Delete SA payload: deleting ISAKMP State #116 May 5 15:01:13 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #131: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #131: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xa5ff77a0 <0x13a044b9 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:13 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:13 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:13 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:13 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:13 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: new NAT mapping for #132, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: peer client type is FQDN May 5 15:01:14 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: Applying workaround for MS-818043 NAT-T bug May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #133: responding to Quick Mode proposal {msgid:6f5e6d03} May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #133: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #133: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:15 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #133: keeping refhim=4294901761 during rekey May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #133: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #133: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #119: received Delete SA payload: deleting ISAKMP State #119 May 5 15:01:15 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #133: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #133: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x404ba705 <0x9ecbb86d xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:15 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:15 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:15 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:15 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:15 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:15 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:15 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:15 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #135: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #135: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:15 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #135: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: new NAT mapping for #134, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: peer client type is FQDN May 5 15:01:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: Applying workaround for MS-818043 NAT-T bug May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #136: responding to Quick Mode proposal {msgid:26d3c8cc} May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #136: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #136: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:17 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #136: keeping refhim=4294901761 during rekey May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #136: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #136: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #121: received Delete SA payload: deleting ISAKMP State #121 May 5 15:01:17 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #136: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #136: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x0530f762 <0x74cc0a49 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:17 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:17 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:17 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:17 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:17 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: new NAT mapping for #137, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: peer client type is FQDN May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: Applying workaround for MS-818043 NAT-T bug May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #138: responding to Quick Mode proposal {msgid:ccd9af41} May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #138: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #138: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:18 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #138: keeping refhim=4294901761 during rekey May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #138: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #138: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #123: received Delete SA payload: deleting ISAKMP State #123 May 5 15:01:18 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:18 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:18 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:18 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:18 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #138: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:18 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #138: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xf59d37c7 <0x4d2250d4 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: new NAT mapping for #139, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:19 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: peer client type is FQDN May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: Applying workaround for MS-818043 NAT-T bug May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #140: responding to Quick Mode proposal {msgid:c35a850e} May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #140: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #140: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:20 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #140: keeping refhim=4294901761 during rekey May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #140: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #140: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #126: received Delete SA payload: deleting ISAKMP State #126 May 5 15:01:20 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #140: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #140: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x9d2051bb <0x03f50b27 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:20 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:20 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:20 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:20 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: new NAT mapping for #141, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:20 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: peer client type is FQDN May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: Applying workaround for MS-818043 NAT-T bug May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #142: responding to Quick Mode proposal {msgid:10ea5305} May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #142: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #142: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:21 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #142: keeping refhim=4294901761 during rekey May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #142: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #142: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #128: received Delete SA payload: deleting ISAKMP State #128 May 5 15:01:21 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #142: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #142: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x16ea8ecb <0x0c0740c9 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:21 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:21 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:21 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:21 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:21 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: new NAT mapping for #143, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: peer client type is FQDN May 5 15:01:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: Applying workaround for MS-818043 NAT-T bug May 5 15:01:22 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #144: responding to Quick Mode proposal {msgid:06f143f0} May 5 15:01:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #144: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #144: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:23 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #144: keeping refhim=4294901761 during rekey May 5 15:01:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #144: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #144: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #130: received Delete SA payload: deleting ISAKMP State #130 May 5 15:01:23 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #144: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 May 5 15:01:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #144: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x1733d250 <0x84435215 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.19.199 NATD=213.177.243.97:30306 DPD=none} May 5 15:01:23 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:23 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:23 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:23 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:23 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:23 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004] May 5 15:01:23 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [FRAGMENTATION] May 5 15:01:24 ubuntu pluto[3753]: packet from 213.177.243.97:30305: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 May 5 15:01:24 ubuntu pluto[3753]: packet from 213.177.243.97:30305: ignoring Vendor ID payload [Vid-Initial-Contact] May 5 15:01:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #146: responding to Main Mode from unknown peer 213.177.243.97 May 5 15:01:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #146: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 May 5 15:01:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #146: STATE_MAIN_R1: sent MR1, expecting MI2 May 5 15:01:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed May 5 15:01:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 May 5 15:01:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: STATE_MAIN_R2: sent MR2, expecting MI3 May 5 15:01:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: Main mode peer ID is ID_FQDN: '@mikegeng.ad.KentonResearch.co.uk' May 5 15:01:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 May 5 15:01:24 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: new NAT mapping for #145, was 213.177.243.97:30305, now 213.177.243.97:30306 May 5 15:01:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048} May 5 15:01:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: peer client type is FQDN May 5 15:01:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: Applying workaround for MS-818043 NAT-T bug May 5 15:01:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: IDci was FQDN: mF\341\376, using NAT_OA=192.168.19.199/32 as IDci May 5 15:01:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: the peer proposed: 109.70.225.254/32:17/1701 -> 192.168.19.199/32:17/0 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #147: responding to Quick Mode proposal {msgid:35a9f461} May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #147: us: 10.8.11.254<10.8.11.254>[+S=C]:17/1701---10.64.64.64 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #147: them: 213.177.243.97[@mikegeng.ad.KentonResearch.co.uk,+S=C]:17/0 May 5 15:01:26 ubuntu pluto[3753]: | NAT-OA: 4 tunnel: 1 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #147: keeping refhim=4294901761 during rekey May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #147: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #147: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #132: received Delete SA payload: deleting ISAKMP State #132 May 5 15:01:26 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: received Delete SA(0x1733d250) payload: deleting IPSEC State #144 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy eroute_connection delete inbound was too long: 168 > 36 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy eroute_connection delete inbound was too long: 168 > 36 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 15:01:26 ubuntu pluto[3753]: | raw_eroute result=0 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: received and ignored informational message May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: received Delete SA(0x16ea8ecb) payload: deleting IPSEC State #142 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 15:01:26 ubuntu pluto[3753]: | raw_eroute result=0 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: received and ignored informational message May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: received Delete SA(0x9d2051bb) payload: deleting IPSEC State #140 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 15:01:26 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 15:01:26 ubuntu pluto[3753]: | raw_eroute result=0 May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: received and ignored informational message May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: received Delete SA(0xf59d37c7) payload: deleting IPSEC State #138 May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 15:01:27 ubuntu pluto[3753]: | raw_eroute result=0 May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: received and ignored informational message May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: received Delete SA(0x0530f762) payload: deleting IPSEC State #136 May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@10.8.11.254 was too long: 168 > 36 May 5 15:01:27 ubuntu pluto[3753]: | raw_eroute result=0 May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: received and ignored informational message May 5 15:01:27 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0x9d6cb3d8 May 5 15:01:27 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0x798d05f1 May 5 15:01:27 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0x2035ccc6 May 5 15:01:27 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0xd1a31ebc May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #145: received Delete SA payload: deleting ISAKMP State #145 May 5 15:01:27 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #143: received Delete SA payload: deleting ISAKMP State #143 May 5 15:01:27 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #141: received Delete SA payload: deleting ISAKMP State #141 May 5 15:01:27 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #139: received Delete SA payload: deleting ISAKMP State #139 May 5 15:01:27 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #137: received Delete SA payload: deleting ISAKMP State #137 May 5 15:01:27 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:27 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #134: received Delete SA payload: deleting ISAKMP State #134 May 5 15:01:27 ubuntu pluto[3753]: packet from 213.177.243.97:30306: received and ignored informational message May 5 15:01:27 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0xc8952234 May 5 15:01:27 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0xc2ad6034 May 5 15:01:27 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0xde62fa7e May 5 15:01:28 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0xfdff7437 May 5 15:01:28 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0x5dce3f5a May 5 15:01:28 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0x0ab8daf6 May 5 15:01:28 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0x99ef84b5 May 5 15:01:28 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0x91df93df May 5 15:01:28 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0xf03680c7 May 5 15:01:28 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0xf2c28be5 May 5 15:01:28 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0xbe44cb9f May 5 15:01:28 ubuntu pluto[3753]: packet from 213.177.243.97:30306: Informational Exchange is for an unknown (expired?) SA with MSGID:0xe4509c26 May 5 15:01:53 ubuntu pluto[3753]: ERROR: "L2TP-PSK-NAT"[5] 213.177.243.97 #146: sendto on ppp0 to 213.177.243.97:30305 failed in EVENT_RETRANSMIT. Errno 105: No buffer space available May 5 15:02:04 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #108: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 15:02:11 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #117: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 15:02:16 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #124: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 15:02:25 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #135: max number of retransmissions (2) reached STATE_MAIN_R1 May 5 15:02:33 ubuntu pluto[3753]: "L2TP-PSK-NAT"[5] 213.177.243.97 #146: max number of retransmissions (2) reached STATE_MAIN_R1 + _________________________ date + + date Wed May 5 15:04:42 UTC 2010