[Openswan Users] FC3 connection to Netscreen over linksys lo
oks established but pi ngs do not go through
Tomislav Stambolija
t.stambolija at ktgtrading.com
Thu Dec 2 09:11:25 CET 2004
Sorry I forgot to attach log file.
-----Original Message-----
From: Tomislav Stambolija [mailto:t.stambolija at ktgtrading.com]
Sent: December 2, 2004 8:30 AM
To: users at openswan.org
Subject: [Openswan Users] FC3 connection to Netscreen over linksys looks
established but pi ngs do not go through
Hi,
I would appreciate some help in tracking down this connection
My home PC OS is FC3 updated to most recent IPSEC.
Connection that I am trying to establish looks like:
<Home PC-192.168.1.2 ><192.168.1.1 Linksys 69.197.152.202> ........
<62.25.200.13 Netscreen .....><172.100.100.0/24 Corporate-LAN>.
In addition to ipsec.conf there is detailed secure log attached.
Regards,
Tomislav
ipsec.conf:
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
klipsdebug=all
plutodebug=all
nat_traversal=yes
interfaces=%defaultroute
# Add connections here.
conn %default
type=tunnel
authby=secret
left=192.168.1.2
#left=69.197.152.202
#leftnexthop=69.197.152.1
leftid=test at validation.com
keyexchange=ike
keylife=8h
keyingtries=0
# Add connections here.
conn Corporate-LAN
right=62.25.200.13
rightnexthop=69.197.152.202
rightsubnet=172.100.100.0/24
auto=start
include /etc/ipsec.d/examples/no_oe.conf
_______________________________________________
Users mailing list
Users at openswan.org
http://lists.openswan.org/mailman/listinfo/users
-------------- next part --------------
Dec 2 07:47:17 tost ipsec__plutorun: Starting Pluto subsystem...
Dec 2 07:47:17 tost pluto[3418]: Starting Pluto (Openswan Version 2.2.0 X.509-1.5.4 PLUTO_USES_KEYRR)
Dec 2 07:47:17 tost pluto[3418]: including NAT-Traversal patch (Version 0.6c)
Dec 2 07:47:17 tost pluto[3418]: | opening /dev/urandom
Dec 2 07:47:17 tost pluto[3418]: | inserting event EVENT_REINIT_SECRET, timeout in 3600 seconds
Dec 2 07:47:17 tost pluto[3418]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Dec 2 07:47:17 tost pluto[3418]: | process 3418 listening for PF_KEY_V2 on file descriptor 6
Dec 2 07:47:17 tost pluto[3418]: Using Linux 2.6 IPsec interface code
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_hdr_build:
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=0p0xfee05b60 pfkey_ext=0p0xfee06bc0 *pfkey_ext=0p(nil).
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=0p0xfee05b60 pfkey_ext=0p0xfee06bc0 *pfkey_ext=0p0x9c733b0.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_build: pfkey_msg=0p0x9c733c8 allocated 16 bytes, &(extensions[0])=0p0xfee06bc0
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_build: extensions permitted=00000001, seen=00000001, required=00000001.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_parse: parsing message ver=2, type=7(register), errno=0, satype=2(AH), len=2, res=0, seq=1, pid=3418.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_parse: remain=0, ext_type=0(reserved), ext_len=0.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_parse: extensions permitted=00000001, required=00000001.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_parse: extensions permitted=00000001, seen=00000001, required=00000001.
Dec 2 07:47:17 tost pluto[3418]: | finish_pfkey_msg: SADB_REGISTER message 1 for AH
Dec 2 07:47:17 tost pluto[3418]: | 02 07 00 02 02 00 00 00 01 00 00 00 5a 0d 00 00
Dec 2 07:47:17 tost pluto[3418]: | pfkey_get: SADB_REGISTER message 1
Dec 2 07:47:17 tost pluto[3418]: | AH registered with kernel.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_hdr_build:
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=0p0xfee05b60 pfkey_ext=0p0xfee06bc0 *pfkey_ext=0p(nil).
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=0p0xfee05b60 pfkey_ext=0p0xfee06bc0 *pfkey_ext=0p0x9c733b0.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_build: pfkey_msg=0p0x9c733c8 allocated 16 bytes, &(extensions[0])=0p0xfee06bc0
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_build: extensions permitted=00000001, seen=00000001, required=00000001.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_parse: parsing message ver=2, type=7(register), errno=0, satype=3(ESP), len=2, res=0, seq=2, pid=3418.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_parse: remain=0, ext_type=0(reserved), ext_len=0.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_parse: extensions permitted=00000001, required=00000001.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_parse: extensions permitted=00000001, seen=00000001, required=00000001.
Dec 2 07:47:17 tost pluto[3418]: | finish_pfkey_msg: SADB_REGISTER message 2 for ESP
Dec 2 07:47:17 tost pluto[3418]: | 02 07 00 03 02 00 00 00 02 00 00 00 5a 0d 00 00
Dec 2 07:47:17 tost pluto[3418]: | pfkey_get: SADB_REGISTER message 2
Dec 2 07:47:17 tost pluto[3418]: | alg_init():memset(0x80dfa00, 0, 2016) memset(0x80e01e0, 0, 2048)
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: sadb_msg_len=15 sadb_supported_len=40
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_add():satype=3, exttype=14, alg_id=251
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[0], exttype=14, satype=3, alg_id=251, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, res=0, ret=1
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_add():satype=3, exttype=14, alg_id=2
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[1], exttype=14, satype=3, alg_id=2, alg_ivlen=0, alg_minbits=128, alg_maxbits=128, res=0, ret=1
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_add():satype=3, exttype=14, alg_id=3
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[2], exttype=14, satype=3, alg_id=3, alg_ivlen=0, alg_minbits=160, alg_maxbits=160, res=0, ret=1
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_add():satype=3, exttype=14, alg_id=5
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[3], exttype=14, satype=3, alg_id=5, alg_ivlen=0, alg_minbits=256, alg_maxbits=256, res=0, ret=1
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: sadb_msg_len=15 sadb_supported_len=64
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_add():satype=3, exttype=15, alg_id=11
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[4], exttype=15, satype=3, alg_id=11, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, res=0, ret=1
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_add():satype=3, exttype=15, alg_id=2
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[5], exttype=15, satype=3, alg_id=2, alg_ivlen=8, alg_minbits=64, alg_maxbits=64, res=0, ret=1
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_add():satype=3, exttype=15, alg_id=3
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[6], exttype=15, satype=3, alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_add():satype=3, exttype=15, alg_id=7
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[7], exttype=15, satype=3, alg_id=7, alg_ivlen=8, alg_minbits=40, alg_maxbits=448, res=0, ret=1
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_add():satype=3, exttype=15, alg_id=12
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[8], exttype=15, satype=3, alg_id=12, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=1
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_add():satype=3, exttype=15, alg_id=252
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[9], exttype=15, satype=3, alg_id=252, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=1
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_add():satype=3, exttype=15, alg_id=253
Dec 2 07:47:17 tost pluto[3418]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[10], exttype=15, satype=3, alg_id=253, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=1
Dec 2 07:47:17 tost pluto[3418]: | ESP registered with kernel.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_hdr_build:
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=0p0xfee05b60 pfkey_ext=0p0xfee06bc0 *pfkey_ext=0p(nil).
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=0p0xfee05b60 pfkey_ext=0p0xfee06bc0 *pfkey_ext=0p0x9c733b0.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_build: pfkey_msg=0p0x9c733c8 allocated 16 bytes, &(extensions[0])=0p0xfee06bc0
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_build: extensions permitted=00000001, seen=00000001, required=00000001.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_parse: parsing message ver=2, type=7(register), errno=0, satype=9(IPIP), len=2, res=0, seq=3, pid=3418.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_parse: remain=0, ext_type=0(reserved), ext_len=0.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_parse: extensions permitted=00000001, required=00000001.
Dec 2 07:47:17 tost pluto[3418]: | pfkey_lib_debug:pfkey_msg_parse: extensions permitted=00000001, seen=00000001, required=00000001.
Dec 2 07:47:17 tost pluto[3418]: | finish_pfkey_msg: SADB_REGISTER message 3 for IPCOMP
Dec 2 07:47:17 tost pluto[3418]: | 02 07 00 09 02 00 00 00 03 00 00 00 5a 0d 00 00
Dec 2 07:47:17 tost pluto[3418]: | pfkey_get: SADB_REGISTER message 3
Dec 2 07:47:17 tost pluto[3418]: | IPCOMP registered with kernel.
Dec 2 07:47:17 tost pluto[3418]: Changing to directory '/etc/ipsec.d/cacerts'
Dec 2 07:47:17 tost pluto[3418]: Could not change to directory '/etc/ipsec.d/aacerts'
Dec 2 07:47:17 tost pluto[3418]: Changing to directory '/etc/ipsec.d/ocspcerts'
Dec 2 07:47:17 tost pluto[3418]: Changing to directory '/etc/ipsec.d/crls'
Dec 2 07:47:17 tost pluto[3418]: Warning: empty directory
Dec 2 07:47:17 tost pluto[3418]: | inserting event 11??, timeout in 58363 seconds
Dec 2 07:47:17 tost pluto[3418]: | next event EVENT_REINIT_SECRET in 3600 seconds
Dec 2 07:47:17 tost pluto[3418]: |
Dec 2 07:47:17 tost pluto[3418]: | *received whack message
Dec 2 07:47:17 tost pluto[3418]: | Added new connection Corporate-LAN with policy PSK+ENCRYPT+TUNNEL+PFS
Dec 2 07:47:17 tost pluto[3418]: | from whack: got --esp=3des-md5,3des-sha1
Dec 2 07:47:17 tost pluto[3418]: | alg_info_parse_str() ealg_buf=3des aalg_buf=md5eklen=0 aklen=0
Dec 2 07:47:17 tost pluto[3418]: | enum_search_prefix () calling enum_search(0x80c174c, "ESP_3DES")
Dec 2 07:47:17 tost pluto[3418]: | parser_alg_info_add() ealg_getbyname("3des")=3
Dec 2 07:47:17 tost pluto[3418]: | enum_search_prefix () calling enum_search(0x80c1500, "AUTH_ALGORITHM_HMAC_MD5")
Dec 2 07:47:17 tost pluto[3418]: | parser_alg_info_add() aalg_getbyname("md5")=1
Dec 2 07:47:17 tost pluto[3418]: | __alg_info_esp_add() ealg=3 aalg=1 cnt=1
Dec 2 07:47:17 tost pluto[3418]: | alg_info_parse_str() ealg_buf=3des aalg_buf=sha1eklen=0 aklen=0
Dec 2 07:47:17 tost pluto[3418]: | enum_search_prefix () calling enum_search(0x80c174c, "ESP_3DES")
Dec 2 07:47:17 tost pluto[3418]: | parser_alg_info_add() ealg_getbyname("3des")=3
Dec 2 07:47:17 tost pluto[3418]: | enum_search_prefix () calling enum_search(0x80c1500, "AUTH_ALGORITHM_HMAC_SHA1")
Dec 2 07:47:17 tost pluto[3418]: | parser_alg_info_add() aalg_getbyname("sha1")=2
Dec 2 07:47:17 tost pluto[3418]: | __alg_info_esp_add() ealg=3 aalg=2 cnt=2
Dec 2 07:47:17 tost pluto[3418]: | esp string values: 3_000-1, 3_000-2, flags=-strict
Dec 2 07:47:17 tost pluto[3418]: | from whack: got --ike=3des-md5,3des-sha
Dec 2 07:47:17 tost pluto[3418]: | alg_info_parse_str() ealg_buf=3des aalg_buf=md5eklen=0 aklen=0
Dec 2 07:47:17 tost pluto[3418]: | enum_search_prefix () calling enum_search(0x80c1330, "OAKLEY_3DES")
Dec 2 07:47:17 tost pluto[3418]: | enum_search_ppfixi () calling enum_search(0x80c1330, "OAKLEY_3DES_CBC")
Dec 2 07:47:17 tost pluto[3418]: | parser_alg_info_add() ealg_getbyname("3des")=5
Dec 2 07:47:17 tost pluto[3418]: | enum_search_prefix () calling enum_search(0x80c1308, "OAKLEY_MD5")
Dec 2 07:47:17 tost pluto[3418]: | parser_alg_info_add() aalg_getbyname("md5")=1
Dec 2 07:47:17 tost pluto[3418]: | __alg_info_ike_add() ealg=5 aalg=1 modp_id=5, cnt=1
Dec 2 07:47:17 tost pluto[3418]: | __alg_info_ike_add() ealg=5 aalg=1 modp_id=2, cnt=2
Dec 2 07:47:17 tost pluto[3418]: | alg_info_parse_str() ealg_buf=3des aalg_buf=shaeklen=0 aklen=0
Dec 2 07:47:17 tost pluto[3418]: | enum_search_prefix () calling enum_search(0x80c1330, "OAKLEY_3DES")
Dec 2 07:47:17 tost pluto[3418]: | enum_search_ppfixi () calling enum_search(0x80c1330, "OAKLEY_3DES_CBC")
Dec 2 07:47:17 tost pluto[3418]: | parser_alg_info_add() ealg_getbyname("3des")=5
Dec 2 07:47:17 tost pluto[3418]: | enum_search_prefix () calling enum_search(0x80c1308, "OAKLEY_SHA")
Dec 2 07:47:17 tost pluto[3418]: | parser_alg_info_add() aalg_getbyname("sha")=2
Dec 2 07:47:17 tost pluto[3418]: | __alg_info_ike_add() ealg=5 aalg=2 modp_id=5, cnt=3
Dec 2 07:47:17 tost pluto[3418]: | __alg_info_ike_add() ealg=5 aalg=2 modp_id=2, cnt=4
Dec 2 07:47:17 tost pluto[3418]: | ike string values: 5_000-1-5, 5_000-1-2, 5_000-2-5, 5_000-2-2, flags=-strict
Dec 2 07:47:17 tost pluto[3418]: | counting wild cards for test at validation.com is 0
Dec 2 07:47:17 tost pluto[3418]: | sendcert is 3
Dec 2 07:47:17 tost pluto[3418]: | counting wild cards for (none) is 15
Dec 2 07:47:17 tost pluto[3418]: | sendcert is 3
Dec 2 07:47:17 tost pluto[3418]: | alg_info_addref() alg_info->ref_cnt=1
Dec 2 07:47:17 tost pluto[3418]: | alg_info_addref() alg_info->ref_cnt=1
Dec 2 07:47:17 tost pluto[3418]: | alg_info_addref() alg_info->ref_cnt=2
Dec 2 07:47:17 tost pluto[3418]: | alg_info_addref() alg_info->ref_cnt=2
Dec 2 07:47:17 tost pluto[3418]: added connection description "Corporate-LAN"
Dec 2 07:47:17 tost pluto[3418]: | 192.168.1.2[test at validation.com]...69.197.152.202---62.25.200.13===172.100.100.0/24
Dec 2 07:47:17 tost pluto[3418]: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; policy: PSK+ENCRYPT+TUNNEL+PFS
Dec 2 07:47:17 tost pluto[3418]: | next event EVENT_REINIT_SECRET in 3600 seconds
Dec 2 07:47:17 tost pluto[3418]: |
Dec 2 07:47:17 tost pluto[3418]: | *received whack message
Dec 2 07:47:17 tost pluto[3418]: listening for IKE messages
Dec 2 07:47:17 tost pluto[3418]: | found lo with address 127.0.0.1
Dec 2 07:47:17 tost pluto[3418]: | found eth0 with address 192.168.1.2
Dec 2 07:47:17 tost pluto[3418]: adding interface eth0/eth0 192.168.1.2
Dec 2 07:47:17 tost pluto[3418]: adding interface eth0/eth0 192.168.1.2:4500
Dec 2 07:47:17 tost pluto[3418]: adding interface lo/lo 127.0.0.1
Dec 2 07:47:17 tost pluto[3418]: adding interface lo/lo 127.0.0.1:4500
Dec 2 07:47:17 tost pluto[3418]: | found lo with address 0000:0000:0000:0000:0000:0000:0000:0001
Dec 2 07:47:17 tost pluto[3418]: adding interface lo/lo ::1
Dec 2 07:47:17 tost pluto[3418]: loading secrets from "/etc/ipsec.secrets"
Dec 2 07:47:17 tost pluto[3418]: | loaded private key for keyid: PPK_RSA:AQN50Rf9t
Dec 2 07:47:17 tost pluto[3418]: | next event EVENT_REINIT_SECRET in 3600 seconds
Dec 2 07:47:17 tost pluto[3418]: |
Dec 2 07:47:17 tost pluto[3418]: | *received whack message
Dec 2 07:47:17 tost pluto[3418]: | route owner of "Corporate-LAN" unrouted: NULL; eroute owner: NULL
Dec 2 07:47:17 tost pluto[3418]: | could_route called for Corporate-LAN (kind=CK_PERMANENT)
Dec 2 07:47:17 tost pluto[3418]: | route owner of "Corporate-LAN" unrouted: NULL; eroute owner: NULL
Dec 2 07:47:17 tost pluto[3418]: | route_and_eroute with c: Corporate-LAN (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: 0
Dec 2 07:47:17 tost pluto[3418]: | add eroute 172.100.100.0/24:0 --0-> 192.168.1.2/32:0 => %trap (raw_eroute)
Dec 2 07:47:17 tost pluto[3418]: | eroute_connection add eroute 192.168.1.2/32:0 --0-> 172.100.100.0/24:0 => %trap (raw_eroute)
Dec 2 07:47:17 tost pluto[3418]: | route_and_eroute: firewall_notified: true
Dec 2 07:47:17 tost pluto[3418]: | executing prepare-host: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='prepare-host' PLUTO_CONNECTION='Corporate-LAN' PLUTO_NEXT_HOP='62.25.200.13
' PLUTO_INTERFACE='eth0' PLUTO_ME='192.168.1.2' PLUTO_MY_ID='test at validation.com' PLUTO_MY_CLIENT='192.168.1.2/32' PLUTO_MY_CLIENT_NET='192.168.1.2' PLUTO_MY_CLIENT_MASK='255.255.255.255' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='62.25.200.13' PLUTO_PEER_ID='62.25.200.13' PLUTO_PEER_CLIENT='172.100.100.0/24' PLUTO_PEER_CLIENT_NET='172.100.100.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS' ipsec _updown
Dec 2 07:47:17 tost pluto[3418]: | executing route-host: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='route-host' PLUTO_CONNECTION='Corporate-LAN' PLUTO_NEXT_HOP='62.25.200.13' PLUTO_INTERFACE='eth0' PLUTO_ME='192.168.1.2' PLUTO_MY_ID='test at validation.com' PLUTO_MY_CLIENT='192.168.1.2/32' PLUTO_MY_CLIENT_NET='192.168.1.2' PLUTO_MY_CLIENT_MASK='255.255.255.255' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='62.25.200.13' PLUTO_PEER_ID='62.25.200.13' PLUTO_PEER_CLIENT='172.100.100.0/24' PLUTO_PEER_CLIENT_NET='172.100.100.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS' ipsec _updown
Dec 2 07:47:17 tost pluto[3418]: "Corporate-LAN": route-host output: /usr/lib/ipsec/_updown: doroute `ip route add 172.100.100.0/24 via 62.25.200.13 dev eth0 ' failed (RTNETLINK answers: Network is unreachable)
Dec 2 07:47:17 tost pluto[3418]: | next event EVENT_REINIT_SECRET in 3600 seconds
Dec 2 07:47:17 tost pluto[3418]: |
Dec 2 07:47:17 tost pluto[3418]: | *received whack message
Dec 2 07:47:17 tost pluto[3418]: | creating state object #1 at 0x9c739a8
Dec 2 07:47:17 tost pluto[3418]: | ICOOKIE: a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:17 tost pluto[3418]: | RCOOKIE: 00 00 00 00 00 00 00 00
Dec 2 07:47:17 tost pluto[3418]: | peer: 42 26 c4 0d
Dec 2 07:47:17 tost pluto[3418]: | state hash entry 10
Dec 2 07:47:17 tost pluto[3418]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #1
Dec 2 07:47:17 tost pluto[3418]: | Queuing pending Quick Mode with 62.25.200.13 "Corporate-LAN"
Dec 2 07:47:17 tost pluto[3418]: "Corporate-LAN" #1: initiating Main Mode
Dec 2 07:47:17 tost pluto[3418]: | **emit ISAKMP Message:
Dec 2 07:47:17 tost pluto[3418]: | initiator cookie:
Dec 2 07:47:17 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:17 tost pluto[3418]: | responder cookie:
Dec 2 07:47:17 tost pluto[3418]: | 00 00 00 00 00 00 00 00
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_SA
Dec 2 07:47:17 tost pluto[3418]: | ISAKMP version: ISAKMP Version 1.0
Dec 2 07:47:17 tost pluto[3418]: | exchange type: ISAKMP_XCHG_IDPROT
Dec 2 07:47:17 tost pluto[3418]: | flags: none
Dec 2 07:47:17 tost pluto[3418]: | message ID: 00 00 00 00
Dec 2 07:47:17 tost pluto[3418]: | ***emit ISAKMP Security Association Payload:
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:17 tost pluto[3418]: | DOI: ISAKMP_DOI_IPSEC
Dec 2 07:47:17 tost pluto[3418]: | ****emit IPsec DOI SIT:
Dec 2 07:47:17 tost pluto[3418]: | IPsec DOI SIT: SIT_IDENTITY_ONLY
Dec 2 07:47:17 tost pluto[3418]: | out_sa pcn: 0 has 1 valid proposals
Dec 2 07:47:17 tost pluto[3418]: | 5_000-1-5, 5_000-1-2, 5_000-2-5, 5_000-2-2, flags=-strict
Dec 2 07:47:17 tost pluto[3418]: | out_sa pcn: 0 pn: 0<1 valid_count: 1
Dec 2 07:47:17 tost pluto[3418]: | ****emit ISAKMP Proposal Payload:
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:17 tost pluto[3418]: | proposal number: 0
Dec 2 07:47:17 tost pluto[3418]: | protocol ID: PROTO_ISAKMP
Dec 2 07:47:17 tost pluto[3418]: | SPI size: 0
Dec 2 07:47:17 tost pluto[3418]: | number of transforms: 4
Dec 2 07:47:17 tost pluto[3418]: | *****emit ISAKMP Transform Payload (ISAKMP):
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_T
Dec 2 07:47:17 tost pluto[3418]: | transform number: 0
Dec 2 07:47:17 tost pluto[3418]: | transform ID: KEY_IKE
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_LIFE_TYPE
Dec 2 07:47:17 tost pluto[3418]: | length/value: 1
Dec 2 07:47:17 tost pluto[3418]: | [1 is OAKLEY_LIFE_SECONDS]
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_LIFE_DURATION
Dec 2 07:47:17 tost pluto[3418]: | length/value: 3600
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
Dec 2 07:47:17 tost pluto[3418]: | length/value: 5
Dec 2 07:47:17 tost pluto[3418]: | [5 is OAKLEY_3DES_CBC]
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_HASH_ALGORITHM
Dec 2 07:47:17 tost pluto[3418]: | length/value: 1
Dec 2 07:47:17 tost pluto[3418]: | [1 is OAKLEY_MD5]
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_AUTHENTICATION_METHOD
Dec 2 07:47:17 tost pluto[3418]: | length/value: 1
Dec 2 07:47:17 tost pluto[3418]: | [1 is OAKLEY_PRESHARED_KEY]
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_GROUP_DESCRIPTION
Dec 2 07:47:17 tost pluto[3418]: | length/value: 5
Dec 2 07:47:17 tost pluto[3418]: | [5 is OAKLEY_GROUP_MODP1536]
Dec 2 07:47:17 tost pluto[3418]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Dec 2 07:47:17 tost pluto[3418]: | *****emit ISAKMP Transform Payload (ISAKMP):
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_T
Dec 2 07:47:17 tost pluto[3418]: | transform number: 1
Dec 2 07:47:17 tost pluto[3418]: | transform ID: KEY_IKE
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_LIFE_TYPE
Dec 2 07:47:17 tost pluto[3418]: | length/value: 1
Dec 2 07:47:17 tost pluto[3418]: | [1 is OAKLEY_LIFE_SECONDS]
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_LIFE_DURATION
Dec 2 07:47:17 tost pluto[3418]: | length/value: 3600
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
Dec 2 07:47:17 tost pluto[3418]: | length/value: 5
Dec 2 07:47:17 tost pluto[3418]: | [5 is OAKLEY_3DES_CBC]
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_HASH_ALGORITHM
Dec 2 07:47:17 tost pluto[3418]: | length/value: 2
Dec 2 07:47:17 tost pluto[3418]: | [2 is OAKLEY_SHA]
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_AUTHENTICATION_METHOD
Dec 2 07:47:17 tost pluto[3418]: | length/value: 1
Dec 2 07:47:17 tost pluto[3418]: | [1 is OAKLEY_PRESHARED_KEY]
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_GROUP_DESCRIPTION
Dec 2 07:47:17 tost pluto[3418]: | length/value: 5
Dec 2 07:47:17 tost pluto[3418]: | [5 is OAKLEY_GROUP_MODP1536]
Dec 2 07:47:17 tost pluto[3418]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Dec 2 07:47:17 tost pluto[3418]: | *****emit ISAKMP Transform Payload (ISAKMP):
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:17 tost pluto[3418]: | transform number: 3
Dec 2 07:47:17 tost pluto[3418]: | transform ID: KEY_IKE
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_LIFE_TYPE
Dec 2 07:47:17 tost pluto[3418]: | length/value: 1
Dec 2 07:47:17 tost pluto[3418]: | [1 is OAKLEY_LIFE_SECONDS]
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_LIFE_DURATION
Dec 2 07:47:17 tost pluto[3418]: | length/value: 3600
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
Dec 2 07:47:17 tost pluto[3418]: | length/value: 5
Dec 2 07:47:17 tost pluto[3418]: | [5 is OAKLEY_3DES_CBC]
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_HASH_ALGORITHM
Dec 2 07:47:17 tost pluto[3418]: | length/value: 2
Dec 2 07:47:17 tost pluto[3418]: | [2 is OAKLEY_SHA]
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_AUTHENTICATION_METHOD
Dec 2 07:47:17 tost pluto[3418]: | length/value: 1
Dec 2 07:47:17 tost pluto[3418]: | [1 is OAKLEY_PRESHARED_KEY]
Dec 2 07:47:17 tost pluto[3418]: | ******emit ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_GROUP_DESCRIPTION
Dec 2 07:47:17 tost pluto[3418]: | length/value: 2
Dec 2 07:47:17 tost pluto[3418]: | [2 is OAKLEY_GROUP_MODP1024]
Dec 2 07:47:17 tost pluto[3418]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Dec 2 07:47:17 tost pluto[3418]: | emitting length of ISAKMP Proposal Payload: 136
Dec 2 07:47:17 tost pluto[3418]: | emitting length of ISAKMP Security Association Payload: 148
Dec 2 07:47:17 tost pluto[3418]: | out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-03]
Dec 2 07:47:17 tost pluto[3418]: | ***emit ISAKMP Vendor ID Payload:
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:17 tost pluto[3418]: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Dec 2 07:47:17 tost pluto[3418]: | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
Dec 2 07:47:17 tost pluto[3418]: | emitting length of ISAKMP Vendor ID Payload: 20
Dec 2 07:47:17 tost pluto[3418]: | out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-02]
Dec 2 07:47:17 tost pluto[3418]: | ***emit ISAKMP Vendor ID Payload:
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:17 tost pluto[3418]: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Dec 2 07:47:17 tost pluto[3418]: | V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48
Dec 2 07:47:17 tost pluto[3418]: | emitting length of ISAKMP Vendor ID Payload: 20
Dec 2 07:47:17 tost pluto[3418]: | out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-00]
Dec 2 07:47:17 tost pluto[3418]: | ***emit ISAKMP Vendor ID Payload:
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:17 tost pluto[3418]: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Dec 2 07:47:17 tost pluto[3418]: | V_ID 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
Dec 2 07:47:17 tost pluto[3418]: | emitting length of ISAKMP Vendor ID Payload: 20
Dec 2 07:47:17 tost pluto[3418]: | emitting length of ISAKMP Message: 236
Dec 2 07:47:17 tost pluto[3418]: | sending 236 bytes for main_outI1 through eth0 to 62.25.200.13:500:
Dec 2 07:47:17 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c 00 00 00 00 00 00 00 00
Dec 2 07:47:17 tost pluto[3418]: | 01 10 02 00 00 00 00 00 00 00 00 ec 0d 00 00 94
Dec 2 07:47:17 tost pluto[3418]: | 00 00 00 01 00 00 00 01 00 00 00 88 00 01 00 04
Dec 2 07:47:17 tost pluto[3418]: | 03 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10
Dec 2 07:47:17 tost pluto[3418]: | 80 01 00 05 80 02 00 01 80 03 00 01 80 04 00 05
Dec 2 07:47:17 tost pluto[3418]: | 03 00 00 20 01 01 00 00 80 0b 00 01 80 0c 0e 10
Dec 2 07:47:17 tost pluto[3418]: | 80 01 00 05 80 02 00 01 80 03 00 01 80 04 00 02
Dec 2 07:47:17 tost pluto[3418]: | 03 00 00 20 02 01 00 00 80 0b 00 01 80 0c 0e 10
Dec 2 07:47:17 tost pluto[3418]: | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 05
Dec 2 07:47:17 tost pluto[3418]: | 00 00 00 20 03 01 00 00 80 0b 00 01 80 0c 0e 10
Dec 2 07:47:17 tost pluto[3418]: | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 02
Dec 2 07:47:17 tost pluto[3418]: | 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
Dec 2 07:47:17 tost pluto[3418]: | 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
Dec 2 07:47:17 tost pluto[3418]: | 7c fd b2 fc 68 b6 a4 48 00 00 00 14 44 85 15 2d
Dec 2 07:47:17 tost pluto[3418]: | 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
Dec 2 07:47:17 tost pluto[3418]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
Dec 2 07:47:17 tost pluto[3418]: | next event EVENT_RETRANSMIT in 10 seconds for #1
Dec 2 07:47:17 tost pluto[3418]: |
Dec 2 07:47:17 tost pluto[3418]: | *received 156 bytes from 62.25.200.13:500 on eth0
Dec 2 07:47:17 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c ad 30 a8 21 db 8a aa 26
Dec 2 07:47:17 tost pluto[3418]: | 01 10 02 00 00 00 00 00 00 00 00 9c 0d 00 00 34
Dec 2 07:47:17 tost pluto[3418]: | 00 00 00 01 00 00 00 01 00 00 00 28 01 01 00 01
Dec 2 07:47:17 tost pluto[3418]: | 00 00 00 20 01 01 00 00 80 01 00 05 80 02 00 02
Dec 2 07:47:17 tost pluto[3418]: | 80 04 00 02 80 03 00 01 80 0b 00 01 80 0c 0e 10
Dec 2 07:47:17 tost pluto[3418]: | 0d 00 00 20 47 d2 b1 26 bf cd 83 48 97 60 e2 cf
Dec 2 07:47:17 tost pluto[3418]: | 8c 5d 4d 5a 03 49 7c 15 00 00 00 03 00 00 05 00
Dec 2 07:47:17 tost pluto[3418]: | 0d 00 00 14 44 85 15 2d 18 b6 bb cd 0b e8 a8 46
Dec 2 07:47:17 tost pluto[3418]: | 95 79 dd cc 00 00 00 18 48 65 61 72 74 42 65 61
Dec 2 07:47:17 tost pluto[3418]: | 74 5f 4e 6f 74 69 66 79 38 6b 01 00
Dec 2 07:47:17 tost pluto[3418]: | **parse ISAKMP Message:
Dec 2 07:47:17 tost pluto[3418]: | initiator cookie:
Dec 2 07:47:17 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:17 tost pluto[3418]: | responder cookie:
Dec 2 07:47:17 tost pluto[3418]: | ad 30 a8 21 db 8a aa 26
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_SA
Dec 2 07:47:17 tost pluto[3418]: | ISAKMP version: ISAKMP Version 1.0
Dec 2 07:47:17 tost pluto[3418]: | exchange type: ISAKMP_XCHG_IDPROT
Dec 2 07:47:17 tost pluto[3418]: | flags: none
Dec 2 07:47:17 tost pluto[3418]: | message ID: 00 00 00 00
Dec 2 07:47:17 tost pluto[3418]: | length: 156
Dec 2 07:47:17 tost pluto[3418]: | ICOOKIE: a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:17 tost pluto[3418]: | RCOOKIE: ad 30 a8 21 db 8a aa 26
Dec 2 07:47:17 tost pluto[3418]: | peer: 42 26 c4 0d
Dec 2 07:47:17 tost pluto[3418]: | state hash entry 17
Dec 2 07:47:17 tost pluto[3418]: | state object not found
Dec 2 07:47:17 tost pluto[3418]: | ICOOKIE: a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:17 tost pluto[3418]: | RCOOKIE: 00 00 00 00 00 00 00 00
Dec 2 07:47:17 tost pluto[3418]: | peer: 42 26 c4 0d
Dec 2 07:47:17 tost pluto[3418]: | state hash entry 10
Dec 2 07:47:17 tost pluto[3418]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Dec 2 07:47:17 tost pluto[3418]: | state object #1 found, in STATE_MAIN_I1
Dec 2 07:47:17 tost pluto[3418]: | ***parse ISAKMP Security Association Payload:
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_VID
Dec 2 07:47:17 tost pluto[3418]: | length: 52
Dec 2 07:47:17 tost pluto[3418]: | DOI: ISAKMP_DOI_IPSEC
Dec 2 07:47:17 tost pluto[3418]: | ***parse ISAKMP Vendor ID Payload:
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_VID
Dec 2 07:47:17 tost pluto[3418]: | length: 32
Dec 2 07:47:17 tost pluto[3418]: | ***parse ISAKMP Vendor ID Payload:
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_VID
Dec 2 07:47:17 tost pluto[3418]: | length: 20
Dec 2 07:47:17 tost pluto[3418]: | ***parse ISAKMP Vendor ID Payload:
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:17 tost pluto[3418]: | length: 24
Dec 2 07:47:17 tost pluto[3418]: "Corporate-LAN" #1: ignoring Vendor ID payload [47d2b126bfcd83489760e2cf8c5d4d5a03497c150000000300000500]
Dec 2 07:47:17 tost pluto[3418]: "Corporate-LAN" #1: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Dec 2 07:47:17 tost pluto[3418]: "Corporate-LAN" #1: ignoring Vendor ID payload [HeartBeat Notify 386b0100]
Dec 2 07:47:17 tost pluto[3418]: | ****parse IPsec DOI SIT:
Dec 2 07:47:17 tost pluto[3418]: | IPsec DOI SIT: SIT_IDENTITY_ONLY
Dec 2 07:47:17 tost pluto[3418]: | ****parse ISAKMP Proposal Payload:
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:17 tost pluto[3418]: | length: 40
Dec 2 07:47:17 tost pluto[3418]: | proposal number: 1
Dec 2 07:47:17 tost pluto[3418]: | protocol ID: PROTO_ISAKMP
Dec 2 07:47:17 tost pluto[3418]: | SPI size: 0
Dec 2 07:47:17 tost pluto[3418]: | number of transforms: 1
Dec 2 07:47:17 tost pluto[3418]: | *****parse ISAKMP Transform Payload (ISAKMP):
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:17 tost pluto[3418]: | length: 32
Dec 2 07:47:17 tost pluto[3418]: | transform number: 1
Dec 2 07:47:17 tost pluto[3418]: | transform ID: KEY_IKE
Dec 2 07:47:17 tost pluto[3418]: | ******parse ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
Dec 2 07:47:17 tost pluto[3418]: | length/value: 5
Dec 2 07:47:17 tost pluto[3418]: | [5 is OAKLEY_3DES_CBC]
Dec 2 07:47:17 tost pluto[3418]: | ike_alg_enc_ok(ealg=5,key_len=0): blocksize=8, keyminlen=192, keydeflen=192, keymaxlen=192, ret=1
Dec 2 07:47:17 tost pluto[3418]: | ******parse ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_HASH_ALGORITHM
Dec 2 07:47:17 tost pluto[3418]: | length/value: 2
Dec 2 07:47:17 tost pluto[3418]: | [2 is OAKLEY_SHA]
Dec 2 07:47:17 tost pluto[3418]: | ******parse ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_GROUP_DESCRIPTION
Dec 2 07:47:17 tost pluto[3418]: | length/value: 2
Dec 2 07:47:17 tost pluto[3418]: | [2 is OAKLEY_GROUP_MODP1024]
Dec 2 07:47:17 tost pluto[3418]: | ******parse ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_AUTHENTICATION_METHOD
Dec 2 07:47:17 tost pluto[3418]: | length/value: 1
Dec 2 07:47:17 tost pluto[3418]: | [1 is OAKLEY_PRESHARED_KEY]
Dec 2 07:47:17 tost pluto[3418]: | looking for secret for test at validation.com->62.25.200.13 of kind PPK_PSK
Dec 2 07:47:17 tost pluto[3418]: | ******parse ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_LIFE_TYPE
Dec 2 07:47:17 tost pluto[3418]: | length/value: 1
Dec 2 07:47:17 tost pluto[3418]: | [1 is OAKLEY_LIFE_SECONDS]
Dec 2 07:47:17 tost pluto[3418]: | ******parse ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_LIFE_DURATION
Dec 2 07:47:17 tost pluto[3418]: | length/value: 3600
Dec 2 07:47:17 tost pluto[3418]: | Oakley Transform 1 accepted
Dec 2 07:47:17 tost pluto[3418]: | sender checking NAT-t: 1 and 105
Dec 2 07:47:17 tost pluto[3418]: "Corporate-LAN" #1: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Dec 2 07:47:17 tost pluto[3418]: | **emit ISAKMP Message:
Dec 2 07:47:17 tost pluto[3418]: | initiator cookie:
Dec 2 07:47:17 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:17 tost pluto[3418]: | responder cookie:
Dec 2 07:47:17 tost pluto[3418]: | ad 30 a8 21 db 8a aa 26
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_KE
Dec 2 07:47:17 tost pluto[3418]: | ISAKMP version: ISAKMP Version 1.0
Dec 2 07:47:17 tost pluto[3418]: | exchange type: ISAKMP_XCHG_IDPROT
Dec 2 07:47:17 tost pluto[3418]: | flags: none
Dec 2 07:47:17 tost pluto[3418]: | message ID: 00 00 00 00
Dec 2 07:47:17 tost pluto[3418]: | Local DH secret:
Dec 2 07:47:17 tost pluto[3418]: | 0e 17 9e 71 02 85 7e 67 1f 79 fa 0b f0 2d d3 8f
Dec 2 07:47:17 tost pluto[3418]: | 39 c6 3a 6d 01 9e c9 5e 9b ca 5d 46 01 e1 5b ca
Dec 2 07:47:17 tost pluto[3418]: | Public DH value sent:
Dec 2 07:47:17 tost pluto[3418]: | 32 90 ba a4 04 2c 3b 15 8c 2f a1 9d 4d ee bb 52
Dec 2 07:47:17 tost pluto[3418]: | ee ce 79 09 56 e9 ea dd 38 9e 27 6c 14 e6 13 59
Dec 2 07:47:17 tost pluto[3418]: | 73 15 2d 3b 6d ff bc b6 c4 50 ad 30 e5 d2 0c 44
Dec 2 07:47:17 tost pluto[3418]: | 0a a1 28 4a 87 cf 65 f1 9c 0f 24 d7 fb e1 fe f0
Dec 2 07:47:17 tost pluto[3418]: | 13 2e 56 ab 2a 07 fb a4 be 5e ac b6 e0 29 08 ca
Dec 2 07:47:17 tost pluto[3418]: | 14 5f 93 3d 44 4b db ac ff af 7e b8 3f 0c 20 17
Dec 2 07:47:17 tost pluto[3418]: | 8a 0c d4 25 49 8c 87 d3 8f f5 82 8c a6 1b 84 c3
Dec 2 07:47:17 tost pluto[3418]: | 34 19 f3 cb 24 bd e9 b2 3a 80 af 36 b4 13 43 79
Dec 2 07:47:18 tost pluto[3418]: | ***emit ISAKMP Key Exchange Payload:
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONCE
Dec 2 07:47:18 tost pluto[3418]: | emitting 128 raw bytes of keyex value into ISAKMP Key Exchange Payload
Dec 2 07:47:18 tost pluto[3418]: | keyex value 32 90 ba a4 04 2c 3b 15 8c 2f a1 9d 4d ee bb 52
Dec 2 07:47:18 tost pluto[3418]: | ee ce 79 09 56 e9 ea dd 38 9e 27 6c 14 e6 13 59
Dec 2 07:47:18 tost pluto[3418]: | 73 15 2d 3b 6d ff bc b6 c4 50 ad 30 e5 d2 0c 44
Dec 2 07:47:18 tost pluto[3418]: | 0a a1 28 4a 87 cf 65 f1 9c 0f 24 d7 fb e1 fe f0
Dec 2 07:47:18 tost pluto[3418]: | 13 2e 56 ab 2a 07 fb a4 be 5e ac b6 e0 29 08 ca
Dec 2 07:47:18 tost pluto[3418]: | 14 5f 93 3d 44 4b db ac ff af 7e b8 3f 0c 20 17
Dec 2 07:47:18 tost pluto[3418]: | 8a 0c d4 25 49 8c 87 d3 8f f5 82 8c a6 1b 84 c3
Dec 2 07:47:18 tost pluto[3418]: | 34 19 f3 cb 24 bd e9 b2 3a 80 af 36 b4 13 43 79
Dec 2 07:47:18 tost pluto[3418]: | emitting length of ISAKMP Key Exchange Payload: 132
Dec 2 07:47:18 tost pluto[3418]: | ***emit ISAKMP Nonce Payload:
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:18 tost pluto[3418]: | emitting 16 raw bytes of Ni into ISAKMP Nonce Payload
Dec 2 07:47:18 tost pluto[3418]: | Ni 49 0b a1 e0 5c 5b 70 9c 6b 09 3f 91 dc c7 19 d1
Dec 2 07:47:18 tost pluto[3418]: | emitting length of ISAKMP Nonce Payload: 20
Dec 2 07:47:18 tost pluto[3418]: | sending NATD payloads
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: hasher=0x80ca75c(20)
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: icookie=
Dec 2 07:47:18 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: rcookie=
Dec 2 07:47:18 tost pluto[3418]: | ad 30 a8 21 db 8a aa 26
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: ip= 42 26 c4 0d
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: port=62465
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: hash= 48 59 a4 85 56 96 43 fe af 21 c8 f6 33 72 92 3b
Dec 2 07:47:18 tost pluto[3418]: | 52 33 32 2d
Dec 2 07:47:18 tost pluto[3418]: | ***emit ISAKMP NAT-D Payload:
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NAT-D
Dec 2 07:47:18 tost pluto[3418]: | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload
Dec 2 07:47:18 tost pluto[3418]: | NAT-D 48 59 a4 85 56 96 43 fe af 21 c8 f6 33 72 92 3b
Dec 2 07:47:18 tost pluto[3418]: | 52 33 32 2d
Dec 2 07:47:18 tost pluto[3418]: | emitting length of ISAKMP NAT-D Payload: 24
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: hasher=0x80ca75c(20)
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: icookie=
Dec 2 07:47:18 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: rcookie=
Dec 2 07:47:18 tost pluto[3418]: | ad 30 a8 21 db 8a aa 26
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: ip= c0 a8 01 02
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: port=62465
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: hash= 69 32 92 9e ac b1 02 58 2e 03 5a f3 d9 39 1d 94
Dec 2 07:47:18 tost pluto[3418]: | d2 0d 91 65
Dec 2 07:47:18 tost pluto[3418]: | ***emit ISAKMP NAT-D Payload:
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:18 tost pluto[3418]: | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload
Dec 2 07:47:18 tost pluto[3418]: | NAT-D 69 32 92 9e ac b1 02 58 2e 03 5a f3 d9 39 1d 94
Dec 2 07:47:18 tost pluto[3418]: | d2 0d 91 65
Dec 2 07:47:18 tost pluto[3418]: | emitting length of ISAKMP NAT-D Payload: 24
Dec 2 07:47:18 tost pluto[3418]: | emitting length of ISAKMP Message: 228
Dec 2 07:47:18 tost pluto[3418]: | ICOOKIE: a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:18 tost pluto[3418]: | RCOOKIE: 00 00 00 00 00 00 00 00
Dec 2 07:47:18 tost pluto[3418]: | peer: 42 26 c4 0d
Dec 2 07:47:18 tost pluto[3418]: | state hash entry 10
Dec 2 07:47:18 tost pluto[3418]: | ICOOKIE: a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:18 tost pluto[3418]: | RCOOKIE: ad 30 a8 21 db 8a aa 26
Dec 2 07:47:18 tost pluto[3418]: | peer: 42 26 c4 0d
Dec 2 07:47:18 tost pluto[3418]: | state hash entry 17
Dec 2 07:47:18 tost pluto[3418]: "Corporate-LAN" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Dec 2 07:47:18 tost pluto[3418]: | sending 228 bytes for STATE_MAIN_I1 through eth0 to 62.25.200.13:500:
Dec 2 07:47:18 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c ad 30 a8 21 db 8a aa 26
Dec 2 07:47:18 tost pluto[3418]: | 04 10 02 00 00 00 00 00 00 00 00 e4 0a 00 00 84
Dec 2 07:47:18 tost pluto[3418]: | 32 90 ba a4 04 2c 3b 15 8c 2f a1 9d 4d ee bb 52
Dec 2 07:47:18 tost pluto[3418]: | ee ce 79 09 56 e9 ea dd 38 9e 27 6c 14 e6 13 59
Dec 2 07:47:18 tost pluto[3418]: | 73 15 2d 3b 6d ff bc b6 c4 50 ad 30 e5 d2 0c 44
Dec 2 07:47:18 tost pluto[3418]: | 0a a1 28 4a 87 cf 65 f1 9c 0f 24 d7 fb e1 fe f0
Dec 2 07:47:18 tost pluto[3418]: | 13 2e 56 ab 2a 07 fb a4 be 5e ac b6 e0 29 08 ca
Dec 2 07:47:18 tost pluto[3418]: | 14 5f 93 3d 44 4b db ac ff af 7e b8 3f 0c 20 17
Dec 2 07:47:18 tost pluto[3418]: | 8a 0c d4 25 49 8c 87 d3 8f f5 82 8c a6 1b 84 c3
Dec 2 07:47:18 tost pluto[3418]: | 34 19 f3 cb 24 bd e9 b2 3a 80 af 36 b4 13 43 79
Dec 2 07:47:18 tost pluto[3418]: | 82 00 00 14 49 0b a1 e0 5c 5b 70 9c 6b 09 3f 91
Dec 2 07:47:18 tost pluto[3418]: | dc c7 19 d1 82 00 00 18 48 59 a4 85 56 96 43 fe
Dec 2 07:47:18 tost pluto[3418]: | af 21 c8 f6 33 72 92 3b 52 33 32 2d 00 00 00 18
Dec 2 07:47:18 tost pluto[3418]: | 69 32 92 9e ac b1 02 58 2e 03 5a f3 d9 39 1d 94
Dec 2 07:47:18 tost pluto[3418]: | d2 0d 91 65
Dec 2 07:47:18 tost pluto[3418]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
Dec 2 07:47:18 tost pluto[3418]: | next event EVENT_RETRANSMIT in 10 seconds for #1
Dec 2 07:47:18 tost pluto[3418]: |
Dec 2 07:47:18 tost pluto[3418]: | *received 232 bytes from 62.25.200.13:500 on eth0
Dec 2 07:47:18 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c ad 30 a8 21 db 8a aa 26
Dec 2 07:47:18 tost pluto[3418]: | 04 10 02 00 00 00 00 00 00 00 00 e8 0a 00 00 84
Dec 2 07:47:18 tost pluto[3418]: | 52 84 2d cb 69 68 b2 81 ed ec 93 b8 fc 92 3c 72
Dec 2 07:47:18 tost pluto[3418]: | f3 4d b6 6e 7a 78 b1 d7 11 79 bc cd 82 e4 21 60
Dec 2 07:47:18 tost pluto[3418]: | bf 47 50 fd 79 46 a0 49 bd 85 32 2c 89 63 23 bc
Dec 2 07:47:18 tost pluto[3418]: | f8 9d 97 b4 ae 8f a1 cd 5f 43 9c 9d b3 76 73 f1
Dec 2 07:47:18 tost pluto[3418]: | 5f b9 d9 52 80 43 0c 2f 40 0a 2f 91 9b 68 9c 50
Dec 2 07:47:18 tost pluto[3418]: | fc d0 9c e6 90 1f cb e5 48 6b 26 71 62 f1 35 1f
Dec 2 07:47:18 tost pluto[3418]: | 96 7f 1e 83 1d 1e 4f 1f b1 94 7f cd a1 89 ba fa
Dec 2 07:47:18 tost pluto[3418]: | e7 42 71 6a fd 6c 06 7e 43 df f3 6a bf f8 06 98
Dec 2 07:47:18 tost pluto[3418]: | 82 00 00 18 86 f5 13 9f 4c 9e c3 5c a7 97 eb 67
Dec 2 07:47:18 tost pluto[3418]: | 0b 24 a1 cf ab e1 73 af 82 00 00 18 2b 8a 2a 20
Dec 2 07:47:18 tost pluto[3418]: | 2f 28 fb b9 cf b5 1a 6b 04 cb a4 df be 4c 8c 7c
Dec 2 07:47:18 tost pluto[3418]: | 00 00 00 18 48 59 a4 85 56 96 43 fe af 21 c8 f6
Dec 2 07:47:18 tost pluto[3418]: | 33 72 92 3b 52 33 32 2d
Dec 2 07:47:18 tost pluto[3418]: | **parse ISAKMP Message:
Dec 2 07:47:18 tost pluto[3418]: | initiator cookie:
Dec 2 07:47:18 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:18 tost pluto[3418]: | responder cookie:
Dec 2 07:47:18 tost pluto[3418]: | ad 30 a8 21 db 8a aa 26
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_KE
Dec 2 07:47:18 tost pluto[3418]: | ISAKMP version: ISAKMP Version 1.0
Dec 2 07:47:18 tost pluto[3418]: | exchange type: ISAKMP_XCHG_IDPROT
Dec 2 07:47:17 tost pluto[3418]: | ****parse IPsec DOI SIT:
Dec 2 07:47:17 tost pluto[3418]: | IPsec DOI SIT: SIT_IDENTITY_ONLY
Dec 2 07:47:17 tost pluto[3418]: | ****parse ISAKMP Proposal Payload:
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:17 tost pluto[3418]: | length: 40
Dec 2 07:47:17 tost pluto[3418]: | proposal number: 1
Dec 2 07:47:17 tost pluto[3418]: | protocol ID: PROTO_ISAKMP
Dec 2 07:47:17 tost pluto[3418]: | SPI size: 0
Dec 2 07:47:17 tost pluto[3418]: | number of transforms: 1
Dec 2 07:47:17 tost pluto[3418]: | *****parse ISAKMP Transform Payload (ISAKMP):
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:17 tost pluto[3418]: | length: 32
Dec 2 07:47:17 tost pluto[3418]: | transform number: 1
Dec 2 07:47:17 tost pluto[3418]: | transform ID: KEY_IKE
Dec 2 07:47:17 tost pluto[3418]: | ******parse ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
Dec 2 07:47:17 tost pluto[3418]: | length/value: 5
Dec 2 07:47:17 tost pluto[3418]: | [5 is OAKLEY_3DES_CBC]
Dec 2 07:47:17 tost pluto[3418]: | ike_alg_enc_ok(ealg=5,key_len=0): blocksize=8, keyminlen=192, keydeflen=192, keymaxlen=192, ret=1
Dec 2 07:47:17 tost pluto[3418]: | ******parse ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_HASH_ALGORITHM
Dec 2 07:47:17 tost pluto[3418]: | length/value: 2
Dec 2 07:47:17 tost pluto[3418]: | [2 is OAKLEY_SHA]
Dec 2 07:47:17 tost pluto[3418]: | ******parse ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_GROUP_DESCRIPTION
Dec 2 07:47:17 tost pluto[3418]: | length/value: 2
Dec 2 07:47:17 tost pluto[3418]: | [2 is OAKLEY_GROUP_MODP1024]
Dec 2 07:47:17 tost pluto[3418]: | ******parse ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_AUTHENTICATION_METHOD
Dec 2 07:47:17 tost pluto[3418]: | length/value: 1
Dec 2 07:47:17 tost pluto[3418]: | [1 is OAKLEY_PRESHARED_KEY]
Dec 2 07:47:17 tost pluto[3418]: | looking for secret for test at validation.com->62.25.200.13 of kind PPK_PSK
Dec 2 07:47:17 tost pluto[3418]: | ******parse ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_LIFE_TYPE
Dec 2 07:47:17 tost pluto[3418]: | length/value: 1
Dec 2 07:47:17 tost pluto[3418]: | [1 is OAKLEY_LIFE_SECONDS]
Dec 2 07:47:17 tost pluto[3418]: | ******parse ISAKMP Oakley attribute:
Dec 2 07:47:17 tost pluto[3418]: | af+type: OAKLEY_LIFE_DURATION
Dec 2 07:47:17 tost pluto[3418]: | length/value: 3600
Dec 2 07:47:17 tost pluto[3418]: | Oakley Transform 1 accepted
Dec 2 07:47:17 tost pluto[3418]: | sender checking NAT-t: 1 and 105
Dec 2 07:47:17 tost pluto[3418]: "Corporate-LAN" #1: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Dec 2 07:47:17 tost pluto[3418]: | **emit ISAKMP Message:
Dec 2 07:47:17 tost pluto[3418]: | initiator cookie:
Dec 2 07:47:17 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:17 tost pluto[3418]: | responder cookie:
Dec 2 07:47:17 tost pluto[3418]: | ad 30 a8 21 db 8a aa 26
Dec 2 07:47:17 tost pluto[3418]: | next payload type: ISAKMP_NEXT_KE
Dec 2 07:47:17 tost pluto[3418]: | ISAKMP version: ISAKMP Version 1.0
Dec 2 07:47:17 tost pluto[3418]: | exchange type: ISAKMP_XCHG_IDPROT
Dec 2 07:47:17 tost pluto[3418]: | flags: none
Dec 2 07:47:17 tost pluto[3418]: | message ID: 00 00 00 00
Dec 2 07:47:17 tost pluto[3418]: | Local DH secret:
Dec 2 07:47:17 tost pluto[3418]: | 0e 17 9e 71 02 85 7e 67 1f 79 fa 0b f0 2d d3 8f
Dec 2 07:47:17 tost pluto[3418]: | 39 c6 3a 6d 01 9e c9 5e 9b ca 5d 46 01 e1 5b ca
Dec 2 07:47:17 tost pluto[3418]: | Public DH value sent:
Dec 2 07:47:17 tost pluto[3418]: | 32 90 ba a4 04 2c 3b 15 8c 2f a1 9d 4d ee bb 52
Dec 2 07:47:17 tost pluto[3418]: | ee ce 79 09 56 e9 ea dd 38 9e 27 6c 14 e6 13 59
Dec 2 07:47:17 tost pluto[3418]: | 73 15 2d 3b 6d ff bc b6 c4 50 ad 30 e5 d2 0c 44
Dec 2 07:47:17 tost pluto[3418]: | 0a a1 28 4a 87 cf 65 f1 9c 0f 24 d7 fb e1 fe f0
Dec 2 07:47:17 tost pluto[3418]: | 13 2e 56 ab 2a 07 fb a4 be 5e ac b6 e0 29 08 ca
Dec 2 07:47:17 tost pluto[3418]: | 14 5f 93 3d 44 4b db ac ff af 7e b8 3f 0c 20 17
Dec 2 07:47:17 tost pluto[3418]: | 8a 0c d4 25 49 8c 87 d3 8f f5 82 8c a6 1b 84 c3
Dec 2 07:47:17 tost pluto[3418]: | 34 19 f3 cb 24 bd e9 b2 3a 80 af 36 b4 13 43 79
Dec 2 07:47:18 tost pluto[3418]: | ***emit ISAKMP Key Exchange Payload:
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONCE
Dec 2 07:47:18 tost pluto[3418]: | emitting 128 raw bytes of keyex value into ISAKMP Key Exchange Payload
Dec 2 07:47:18 tost pluto[3418]: | keyex value 32 90 ba a4 04 2c 3b 15 8c 2f a1 9d 4d ee bb 52
Dec 2 07:47:18 tost pluto[3418]: | ee ce 79 09 56 e9 ea dd 38 9e 27 6c 14 e6 13 59
Dec 2 07:47:18 tost pluto[3418]: | 73 15 2d 3b 6d ff bc b6 c4 50 ad 30 e5 d2 0c 44
Dec 2 07:47:18 tost pluto[3418]: | 0a a1 28 4a 87 cf 65 f1 9c 0f 24 d7 fb e1 fe f0
Dec 2 07:47:18 tost pluto[3418]: | 13 2e 56 ab 2a 07 fb a4 be 5e ac b6 e0 29 08 ca
Dec 2 07:47:18 tost pluto[3418]: | 14 5f 93 3d 44 4b db ac ff af 7e b8 3f 0c 20 17
Dec 2 07:47:18 tost pluto[3418]: | 8a 0c d4 25 49 8c 87 d3 8f f5 82 8c a6 1b 84 c3
Dec 2 07:47:18 tost pluto[3418]: | 34 19 f3 cb 24 bd e9 b2 3a 80 af 36 b4 13 43 79
Dec 2 07:47:18 tost pluto[3418]: | emitting length of ISAKMP Key Exchange Payload: 132
Dec 2 07:47:18 tost pluto[3418]: | ***emit ISAKMP Nonce Payload:
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:18 tost pluto[3418]: | emitting 16 raw bytes of Ni into ISAKMP Nonce Payload
Dec 2 07:47:18 tost pluto[3418]: | Ni 49 0b a1 e0 5c 5b 70 9c 6b 09 3f 91 dc c7 19 d1
Dec 2 07:47:18 tost pluto[3418]: | emitting length of ISAKMP Nonce Payload: 20
Dec 2 07:47:18 tost pluto[3418]: | sending NATD payloads
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: hasher=0x80ca75c(20)
Dec 2 07:47:18 tost pluto[3418]: | message ID: 00 00 00 00
Dec 2 07:47:18 tost pluto[3418]: | length: 232
Dec 2 07:47:18 tost pluto[3418]: | ICOOKIE: a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:18 tost pluto[3418]: | RCOOKIE: ad 30 a8 21 db 8a aa 26
Dec 2 07:47:18 tost pluto[3418]: | peer: 42 26 c4 0d
Dec 2 07:47:18 tost pluto[3418]: | state hash entry 17
Dec 2 07:47:18 tost pluto[3418]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Dec 2 07:47:18 tost pluto[3418]: | state object #1 found, in STATE_MAIN_I2
Dec 2 07:47:18 tost pluto[3418]: | ***parse ISAKMP Key Exchange Payload:
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONCE
Dec 2 07:47:18 tost pluto[3418]: | length: 132
Dec 2 07:47:18 tost pluto[3418]: | ***parse ISAKMP Nonce Payload:
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NAT-D
Dec 2 07:47:18 tost pluto[3418]: | length: 24
Dec 2 07:47:18 tost pluto[3418]: | ***parse ISAKMP NAT-D Payload:
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NAT-D
Dec 2 07:47:18 tost pluto[3418]: | length: 24
Dec 2 07:47:18 tost pluto[3418]: | ***parse ISAKMP NAT-D Payload:
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:18 tost pluto[3418]: | length: 24
Dec 2 07:47:18 tost pluto[3418]: | **emit ISAKMP Message:
Dec 2 07:47:18 tost pluto[3418]: | initiator cookie:
Dec 2 07:47:18 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:18 tost pluto[3418]: | responder cookie:
Dec 2 07:47:18 tost pluto[3418]: | ad 30 a8 21 db 8a aa 26
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_ID
Dec 2 07:47:18 tost pluto[3418]: | ISAKMP version: ISAKMP Version 1.0
Dec 2 07:47:18 tost pluto[3418]: | exchange type: ISAKMP_XCHG_IDPROT
Dec 2 07:47:18 tost pluto[3418]: | flags: ISAKMP_FLAG_ENCRYPTION
Dec 2 07:47:18 tost pluto[3418]: | message ID: 00 00 00 00
Dec 2 07:47:18 tost pluto[3418]: | DH public value received:
Dec 2 07:47:18 tost pluto[3418]: | 52 84 2d cb 69 68 b2 81 ed ec 93 b8 fc 92 3c 72
Dec 2 07:47:18 tost pluto[3418]: | f3 4d b6 6e 7a 78 b1 d7 11 79 bc cd 82 e4 21 60
Dec 2 07:47:18 tost pluto[3418]: | bf 47 50 fd 79 46 a0 49 bd 85 32 2c 89 63 23 bc
Dec 2 07:47:18 tost pluto[3418]: | f8 9d 97 b4 ae 8f a1 cd 5f 43 9c 9d b3 76 73 f1
Dec 2 07:47:18 tost pluto[3418]: | 5f b9 d9 52 80 43 0c 2f 40 0a 2f 91 9b 68 9c 50
Dec 2 07:47:18 tost pluto[3418]: | fc d0 9c e6 90 1f cb e5 48 6b 26 71 62 f1 35 1f
Dec 2 07:47:18 tost pluto[3418]: | 96 7f 1e 83 1d 1e 4f 1f b1 94 7f cd a1 89 ba fa
Dec 2 07:47:18 tost pluto[3418]: | e7 42 71 6a fd 6c 06 7e 43 df f3 6a bf f8 06 98
Dec 2 07:47:18 tost pluto[3418]: | thinking about whether to send my certificate:
Dec 2 07:47:18 tost pluto[3418]: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: CERT_NONE
Dec 2 07:47:18 tost pluto[3418]: | sendcert: CERT_ALWAYSSEND and I did not get a certificate request
Dec 2 07:47:18 tost pluto[3418]: | so do not send cert.
Dec 2 07:47:18 tost pluto[3418]: "Corporate-LAN" #1: I did not send a certificate because I do not have one.
Dec 2 07:47:18 tost pluto[3418]: | I am not sending a certificate request
Dec 2 07:47:18 tost pluto[3418]: | compute_dh_shared(): time elapsed (OAKLEY_GROUP_MODP1024): 1973 usec
Dec 2 07:47:18 tost pluto[3418]: | DH shared secret:
Dec 2 07:47:18 tost pluto[3418]: | ff e3 48 41 af 69 45 16 be ff 08 ac 94 c5 27 8f
Dec 2 07:47:18 tost pluto[3418]: | 09 e4 96 9d f1 db d3 8f fb 2b 77 9b 79 3a 97 01
Dec 2 07:47:18 tost pluto[3418]: | 7d cb 5e b9 6e 24 94 91 d3 20 ca a9 3c 05 e3 ba
Dec 2 07:47:18 tost pluto[3418]: | 85 79 3c 91 20 a1 9d 26 41 15 0d 53 df e3 f3 d3
Dec 2 07:47:18 tost pluto[3418]: | 29 ce 10 3c e2 d6 51 17 bc 54 c8 ea 93 8e a0 9b
Dec 2 07:47:18 tost pluto[3418]: | 61 fb d2 50 02 47 bb 57 ee ce 70 2a 36 73 9e 4b
Dec 2 07:47:18 tost pluto[3418]: | 64 d0 b9 c8 c0 fc 48 ad 84 4f c3 ad f7 67 3e 5d
Dec 2 07:47:18 tost pluto[3418]: | 41 b2 fb db db 46 be 9a e9 e8 9f 92 22 a4 94 e6
Dec 2 07:47:18 tost pluto[3418]: | looking for secret for test at validation.com->62.25.200.13 of kind PPK_PSK
Dec 2 07:47:18 tost pluto[3418]: | DH_i: 32 90 ba a4 04 2c 3b 15 8c 2f a1 9d 4d ee bb 52
Dec 2 07:47:18 tost pluto[3418]: | ee ce 79 09 56 e9 ea dd 38 9e 27 6c 14 e6 13 59
Dec 2 07:47:18 tost pluto[3418]: | 73 15 2d 3b 6d ff bc b6 c4 50 ad 30 e5 d2 0c 44
Dec 2 07:47:18 tost pluto[3418]: | 0a a1 28 4a 87 cf 65 f1 9c 0f 24 d7 fb e1 fe f0
Dec 2 07:47:18 tost pluto[3418]: | 13 2e 56 ab 2a 07 fb a4 be 5e ac b6 e0 29 08 ca
Dec 2 07:47:18 tost pluto[3418]: | 14 5f 93 3d 44 4b db ac ff af 7e b8 3f 0c 20 17
Dec 2 07:47:18 tost pluto[3418]: | 8a 0c d4 25 49 8c 87 d3 8f f5 82 8c a6 1b 84 c3
Dec 2 07:47:18 tost pluto[3418]: | 34 19 f3 cb 24 bd e9 b2 3a 80 af 36 b4 13 43 79
Dec 2 07:47:18 tost pluto[3418]: | DH_r: 52 84 2d cb 69 68 b2 81 ed ec 93 b8 fc 92 3c 72
Dec 2 07:47:18 tost pluto[3418]: | f3 4d b6 6e 7a 78 b1 d7 11 79 bc cd 82 e4 21 60
Dec 2 07:47:18 tost pluto[3418]: | bf 47 50 fd 79 46 a0 49 bd 85 32 2c 89 63 23 bc
Dec 2 07:47:18 tost pluto[3418]: | f8 9d 97 b4 ae 8f a1 cd 5f 43 9c 9d b3 76 73 f1
Dec 2 07:47:18 tost pluto[3418]: | 5f b9 d9 52 80 43 0c 2f 40 0a 2f 91 9b 68 9c 50
Dec 2 07:47:18 tost pluto[3418]: | fc d0 9c e6 90 1f cb e5 48 6b 26 71 62 f1 35 1f
Dec 2 07:47:18 tost pluto[3418]: | 96 7f 1e 83 1d 1e 4f 1f b1 94 7f cd a1 89 ba fa
Dec 2 07:47:18 tost pluto[3418]: | e7 42 71 6a fd 6c 06 7e 43 df f3 6a bf f8 06 98
Dec 2 07:47:18 tost pluto[3418]: | Skeyid: 95 37 eb 13 b7 02 0c fc bf 74 0a 12 4f e1 4e ec
Dec 2 07:47:18 tost pluto[3418]: | 30 d2 9c c6
Dec 2 07:47:18 tost pluto[3418]: | Skeyid_d: e8 7a 21 d3 d1 c5 42 be 6e 86 f1 78 b4 45 37 26
Dec 2 07:47:18 tost pluto[3418]: | f5 81 a1 f2
Dec 2 07:47:18 tost pluto[3418]: | Skeyid_a: 75 b5 6c 9b 6e 51 1e 5f 04 b3 76 70 9f 9f bf 6d
Dec 2 07:47:18 tost pluto[3418]: | 46 63 29 95
Dec 2 07:47:18 tost pluto[3418]: | Skeyid_e: 88 e4 53 6d c4 b5 66 c8 96 dd 89 53 a8 99 7e 64
Dec 2 07:47:18 tost pluto[3418]: | 90 b1 b9 95
Dec 2 07:47:18 tost pluto[3418]: | enc key: 4a 16 47 30 0c 7c 05 a9 b9 6e 7d 19 82 39 eb d7
Dec 2 07:47:18 tost pluto[3418]: | 76 7f a5 e3 50 97 ab 59
Dec 2 07:47:18 tost pluto[3418]: | IV: f0 5f 35 87 c3 6d ea d6 dd 93 90 f7 8c 65 17 db
Dec 2 07:47:18 tost pluto[3418]: | a1 c9 39 90
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: hasher=0x80ca75c(20)
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: icookie=
Dec 2 07:47:18 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: rcookie=
Dec 2 07:47:18 tost pluto[3418]: | ad 30 a8 21 db 8a aa 26
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: ip= c0 a8 01 02
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: port=62465
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: hash= 69 32 92 9e ac b1 02 58 2e 03 5a f3 d9 39 1d 94
Dec 2 07:47:18 tost pluto[3418]: | d2 0d 91 65
Dec 2 07:47:18 tost pluto[3418]: | NAT_TRAVERSAL_NAT_BHND_ME
Dec 2 07:47:18 tost pluto[3418]: | expected NAT-D: 69 32 92 9e ac b1 02 58 2e 03 5a f3 d9 39 1d 94
Dec 2 07:47:18 tost pluto[3418]: | d2 0d 91 65
Dec 2 07:47:18 tost pluto[3418]: | received NAT-D: 2b 8a 2a 20 2f 28 fb b9 cf b5 1a 6b 04 cb a4 df
Dec 2 07:47:18 tost pluto[3418]: | be 4c 8c 7c
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: hasher=0x80ca75c(20)
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: icookie=
Dec 2 07:47:18 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: rcookie=
Dec 2 07:47:18 tost pluto[3418]: | ad 30 a8 21 db 8a aa 26
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: ip= 42 26 c4 0d
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: port=62465
Dec 2 07:47:18 tost pluto[3418]: | _natd_hash: hash= 48 59 a4 85 56 96 43 fe af 21 c8 f6 33 72 92 3b
Dec 2 07:47:18 tost pluto[3418]: | 52 33 32 2d
Dec 2 07:47:18 tost pluto[3418]: "Corporate-LAN" #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: i am NATed
Dec 2 07:47:18 tost pluto[3418]: | inserting event EVENT_NAT_T_KEEPALIVE, timeout in 20 seconds
Dec 2 07:47:18 tost pluto[3418]: | ***emit ISAKMP Identification Payload (IPsec DOI):
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_HASH
Dec 2 07:47:18 tost pluto[3418]: | ID type: ID_USER_FQDN
Dec 2 07:47:18 tost pluto[3418]: | Protocol ID: 0
Dec 2 07:47:18 tost pluto[3418]: | port: 0
Dec 2 07:47:18 tost pluto[3418]: | emitting 22 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)
Dec 2 07:47:18 tost pluto[3418]: | my identity 73 75 70 70 6f 72 74 40 6b 74 67 74 72 61 64 69
Dec 2 07:47:18 tost pluto[3418]: | 6e 67 2e 63 6f 6d
Dec 2 07:47:18 tost pluto[3418]: | emitting length of ISAKMP Identification Payload (IPsec DOI): 30
Dec 2 07:47:18 tost pluto[3418]: | hashing 144 bytes of SA
Dec 2 07:47:18 tost pluto[3418]: | ***emit ISAKMP Hash Payload:
Dec 2 07:47:18 tost pluto[3418]: | next payload type: ISAKMP_NEXT_NONE
Dec 2 07:47:18 tost pluto[3418]: | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload
Dec 2 07:47:18 tost pluto[3418]: | HASH_I 2e 8a b9 20 a3 95 a2 65 1c 5c 52 99 74 5f 6d a8
Dec 2 07:47:18 tost pluto[3418]: | 88 4f 09 80
Dec 2 07:47:18 tost pluto[3418]: | emitting length of ISAKMP Hash Payload: 24
Dec 2 07:47:18 tost pluto[3418]: | encrypting:
Dec 2 07:47:18 tost pluto[3418]: | 08 00 00 1e 03 00 00 00 73 75 70 70 6f 72 74 40
Dec 2 07:47:18 tost pluto[3418]: | 6b 74 67 74 72 61 64 69 6e 67 2e 63 6f 6d 00 00
Dec 2 07:47:18 tost pluto[3418]: | 00 18 2e 8a b9 20 a3 95 a2 65 1c 5c 52 99 74 5f
Dec 2 07:47:18 tost pluto[3418]: | 6d a8 88 4f 09 80
Dec 2 07:47:18 tost pluto[3418]: | emitting 2 zero bytes of encryption padding into ISAKMP Message
Dec 2 07:47:18 tost pluto[3418]: | encrypting using OAKLEY_3DES_CBC
Dec 2 07:47:18 tost pluto[3418]: | next IV: ab 30 94 73 8f 57 0f 73
Dec 2 07:47:18 tost pluto[3418]: | emitting length of ISAKMP Message: 84
Dec 2 07:47:18 tost pluto[3418]: "Corporate-LAN" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Dec 2 07:47:18 tost pluto[3418]: | sending 84 bytes for STATE_MAIN_I2 through eth0 to 62.25.200.13:500:
Dec 2 07:47:18 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c ad 30 a8 21 db 8a aa 26
Dec 2 07:47:18 tost pluto[3418]: | 05 10 02 01 00 00 00 00 00 00 00 54 89 03 ed bc
Dec 2 07:47:18 tost pluto[3418]: | 97 be 7a bc 91 66 0e 4f be 85 9b cc 47 55 7b 77
Dec 2 07:47:18 tost pluto[3418]: | 18 01 92 5b a5 b2 31 74 33 d5 96 8b d2 ca 2a 22
Dec 2 07:47:18 tost pluto[3418]: | a8 53 85 60 4c d5 ae c2 65 cf a1 29 ab 30 94 73
Dec 2 07:47:18 tost pluto[3418]: | 8f 57 0f 73
Dec 2 07:47:18 tost pluto[3418]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
Dec 2 07:47:18 tost pluto[3418]: | next event EVENT_RETRANSMIT in 10 seconds for #1
Dec 2 07:47:26 tost pluto[3418]: |
Dec 2 07:47:26 tost pluto[3418]: | *received kernel message
Dec 2 07:47:26 tost pluto[3418]: | netlink_get: XFRM_MSG_ACQUIRE message
Dec 2 07:47:26 tost pluto[3418]: | add bare shunt 0x9c73fd8 192.168.1.2/32:0 -17-> 172.100.100.7/32:0 => %hold 0 %acquire-netlink
Dec 2 07:47:26 tost pluto[3418]: | initiate on demand from 192.168.1.2:0 to 172.100.100.7:0 proto=0 state: fos_start because: acquire
Dec 2 07:47:26 tost pluto[3418]: | find_connection: looking for policy for connection: 192.168.1.2:0/0 -> 172.100.100.7:0/0
Dec 2 07:47:26 tost pluto[3418]: | find_connection: conn "Corporate-LAN" has compatible peers: 192.168.1.2/32 -> 172.100.100.0/24 [pri: 16826381]
Dec 2 07:47:26 tost pluto[3418]: | find_connection: comparing best "Corporate-LAN" [pri:16826381]{0x9c71dc0} (child none) to "Corporate-LAN" [pri:16826381]{0x9c71dc0} (child none)
Dec 2 07:47:26 tost pluto[3418]: | find_connection: concluding with "Corporate-LAN" [pri:16826381]{0x9c71dc0} kind=CK_PERMANENT
Dec 2 07:47:26 tost pluto[3418]: | assign hold, routing was prospective erouted, needs to be erouted HOLD
Dec 2 07:47:26 tost pluto[3418]: | eroute_connection replace %trap with broad %hold eroute 192.168.1.2/32:0 --0-> 172.100.100.0/24:0 => %hold (raw_eroute)
Dec 2 07:47:26 tost pluto[3418]: | delete narrow %hold eroute 192.168.1.2/32:0 --0-> 172.100.100.7/32:0 => %hold (raw_eroute)
Dec 2 07:47:26 tost pluto[3418]: | delete bare shunt: null pointer
Dec 2 07:47:26 tost pluto[3418]: | Queuing pending Quick Mode with 62.25.200.13 "Corporate-LAN"
Dec 2 07:47:26 tost pluto[3418]: | next event EVENT_RETRANSMIT in 2 seconds for #1
Dec 2 07:47:28 tost pluto[3418]: |
Dec 2 07:47:28 tost pluto[3418]: |
Dec 2 07:47:28 tost pluto[3418]: | *time to handle event
Dec 2 07:47:28 tost pluto[3418]: | event after this is EVENT_NAT_T_KEEPALIVE in 10 seconds
Dec 2 07:47:28 tost pluto[3418]: | handling event EVENT_RETRANSMIT for 62.25.200.13 "Corporate-LAN" #1
Dec 2 07:47:28 tost pluto[3418]: | sending 84 bytes for EVENT_RETRANSMIT through eth0 to 62.25.200.13:500:
Dec 2 07:47:28 tost pluto[3418]: | a5 6b 69 3d e7 56 64 5c ad 30 a8 21 db 8a aa 26
Dec 2 07:47:28 tost pluto[3418]: | 05 10 02 01 00 00 00 00 00 00 00 54 89 03 ed bc
Dec 2 07:47:28 tost pluto[3418]: | 97 be 7a bc 91 66 0e 4f be 85 9b cc 47 55 7b 77
Dec 2 07:47:28 tost pluto[3418]: | 18 01 92 5b a5 b2 31 74 33 d5 96 8b d2 ca 2a 22
Dec 2 07:47:28 tost pluto[3418]: | a8 53 85 60 4c d5 ae c2 65 cf a1 29 ab 30 94 73
Dec 2 07:47:28 tost pluto[3418]: | 8f 57 0f 73
Dec 2 07:47:28 tost pluto[3418]: | inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #1
Dec 2 07:47:28 tost pluto[3418]: | next event EVENT_NAT_T_KEEPALIVE in 10 seconds
Dec 2 07:47:34 tost pluto[3418]: |
Dec 2 07:47:34 tost pluto[3418]: | *received whack message
Dec 2 07:47:34 tost pluto[3418]: shutting down
Dec 2 07:47:34 tost pluto[3418]: forgetting secrets
Dec 2 07:47:34 tost pluto[3418]: "Corporate-LAN": deleting connection
Dec 2 07:47:34 tost pluto[3418]: "Corporate-LAN" #1: deleting state (STATE_MAIN_I3)
Dec 2 07:47:34 tost pluto[3418]: | ICOOKIE: a5 6b 69 3d e7 56 64 5c
Dec 2 07:47:34 tost pluto[3418]: | RCOOKIE: ad 30 a8 21 db 8a aa 26
Dec 2 07:47:34 tost pluto[3418]: | peer: 42 26 c4 0d
Dec 2 07:47:34 tost pluto[3418]: | state hash entry 17
Dec 2 07:47:34 tost pluto[3418]: | delete eroute 172.100.100.0/24:0 --0-> 192.168.1.2/32:0 => int.0 at 192.168.1.2 (raw_eroute)
Dec 2 07:47:34 tost pluto[3418]: | eroute_connection delete eroute 192.168.1.2/32:0 --0-> 172.100.100.0/24:0 => int.0 at 0.0.0.0 (raw_eroute)
Dec 2 07:47:34 tost pluto[3418]: | route owner of "Corporate-LAN" unrouted: NULL
Dec 2 07:47:34 tost pluto[3418]: | executing unroute-host: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='unroute-host' PLUTO_CONNECTION='Corporate-LAN' PLUTO_NEXT_HOP='62.25.200.13' PLUTO_INTERFACE='eth0' PLUTO_ME='192.168.1.2' PLUTO_MY_ID='test at validation.com' PLUTO_MY_CLIENT='192.168.1.2/32' PLUTO_MY_CLIENT_NET='192.168.1.2' PLUTO_MY_CLIENT_MASK='255.255.255.255' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='62.25.200.13' PLUTO_PEER_ID='62.25.200.13' PLUTO_PEER_CLIENT='172.100.100.0/24' PLUTO_PEER_CLIENT_NET='172.100.100.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+PFS+UP' ipsec _updown
Dec 2 07:47:34 tost pluto[3418]: "Corporate-LAN": unroute-host output: /usr/lib/ipsec/_updown: doroute `ip route delete 172.100.100.0/24 via 62.25.200.13 dev eth0 ' failed (RTNETLINK answers: No such process)
Dec 2 07:47:34 tost pluto[3418]: | alg_info_delref(0x9c72050)
Dec 2 07:47:34 tost pluto[3418]: | alg_info_delref(0x9c72050) alg_info->ref_cnt=2
Dec 2 07:47:34 tost pluto[3418]: | alg_info_delref(0x9c72468)
Dec 2 07:47:34 tost pluto[3418]: | alg_info_delref(0x9c72468) alg_info->ref_cnt=2
Dec 2 07:47:34 tost pluto[3418]: shutting down interface lo/lo ::1
Dec 2 07:47:34 tost pluto[3418]: shutting down interface lo/lo 127.0.0.1
Dec 2 07:47:34 tost pluto[3418]: shutting down interface lo/lo 127.0.0.1
Dec 2 07:47:34 tost pluto[3418]: shutting down interface eth0/eth0 192.168.1.2
Type :quit<Enter> to exit Vim
More information about the Users
mailing list