[Openswan Users] IPSEC / L2TP / PANTHER
Christian Tardif
christian.tardif at servinfo.ca
Thu Oct 28 12:48:26 CEST 2004
Hi,
I'm desperate !!!
I'm trying to establisk an IPSEC/L2TP connection between Linux and
MacOSX (MacOSX being the client). I followed the instructions given by
Jacco de Leeuw, nd it just does not work for me. On the Mac side, I
don't see anything clear (who's surprised ?), and on the Linux side, I
can see that the IPSEC connection shows up (on line 361 in the log).
After a while (not shown in the log), I get:
KLIPS device ipsec0 shut down
on the console.
1) What causes that ?
2) How can this type of connection succeed ?
Thanks,
--
Christian Tardif
ServInfo
Tél: 514.237.6332
christian.tardif at servinfo.ca
-------------- next part --------------
|
| *received 100 bytes from 204.19.185.3:500 on eth0
| 92 61 f5 a0 10 33 62 56 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 00 64 0d 00 00 34
| 00 00 00 01 00 00 00 01 00 00 00 28 01 01 00 01
| 00 00 00 20 01 01 00 00 80 0b 00 01 80 0c 0e 10
| 80 01 00 05 80 03 00 01 80 02 00 02 80 04 00 02
| 00 00 00 14 4d f3 79 28 e9 fc 4f d1 b3 26 21 70
| d5 15 c6 62
| **parse ISAKMP Message:
| initiator cookie:
| 92 61 f5 a0 10 33 62 56
| responder cookie:
| 00 00 00 00 00 00 00 00
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 100
| ***parse ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 52
| DOI: ISAKMP_DOI_IPSEC
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 20
packet from 204.19.185.3:500: ignoring Vendor ID payload [4df37928e9fc4fd1b3262170d515c662]
| creating state object #1 at 0x80e6680
| ICOOKIE: 92 61 f5 a0 10 33 62 56
| RCOOKIE: 19 80 ec e3 e8 4b 85 a9
| peer: cc 13 b9 03
| state hash entry 21
| inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #1
"mac" #1: responding to Main Mode
| **emit ISAKMP Message:
| initiator cookie:
| 92 61 f5 a0 10 33 62 56
| responder cookie:
| 19 80 ec e3 e8 4b 85 a9
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| ***emit ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_NONE
| DOI: ISAKMP_DOI_IPSEC
| ****parse IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| ****parse ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 40
| proposal number: 1
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****parse ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| length: 32
| transform number: 1
| transform ID: KEY_IKE
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_TYPE
| length/value: 1
| [1 is OAKLEY_LIFE_SECONDS]
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_DURATION
| length/value: 3600
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_ENCRYPTION_ALGORITHM
| length/value: 5
| [5 is OAKLEY_3DES_CBC]
| ike_alg_enc_ok(ealg=5,key_len=0): blocksize=8, keyminlen=192, keydeflen=192, keymaxlen=192, ret=1
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 1
| [1 is OAKLEY_PRESHARED_KEY]
| looking for secret for 204.19.187.2->204.19.185.3 of kind PPK_PSK
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_HASH_ALGORITHM
| length/value: 2
| [2 is OAKLEY_SHA]
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_GROUP_DESCRIPTION
| length/value: 2
| [2 is OAKLEY_GROUP_MODP1024]
| Oakley Transform 1 accepted
| ****emit IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| ****emit ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| proposal number: 1
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****emit ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| transform number: 1
| transform ID: KEY_IKE
| emitting 24 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP)
| attributes 80 0b 00 01 80 0c 0e 10 80 01 00 05 80 03 00 01
| 80 02 00 02 80 04 00 02
| emitting length of ISAKMP Transform Payload (ISAKMP): 32
| emitting length of ISAKMP Proposal Payload: 40
| emitting length of ISAKMP Security Association Payload: 52
| sender checking NAT-t: 0 and 0
| emitting length of ISAKMP Message: 80
"mac" #1: transition from state (null) to state STATE_MAIN_R1
| sending 80 bytes for STATE_MAIN_R0 through eth0 to 204.19.185.3:500:
| 92 61 f5 a0 10 33 62 56 19 80 ec e3 e8 4b 85 a9
| 01 10 02 00 00 00 00 00 00 00 00 50 00 00 00 34
| 00 00 00 01 00 00 00 01 00 00 00 28 01 01 00 01
| 00 00 00 20 01 01 00 00 80 0b 00 01 80 0c 0e 10
| 80 01 00 05 80 03 00 01 80 02 00 02 80 04 00 02
| inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
| next event EVENT_RETRANSMIT in 10 seconds for #1
|
| *received 200 bytes from 204.19.185.3:500 on eth0
| 92 61 f5 a0 10 33 62 56 19 80 ec e3 e8 4b 85 a9
| 04 10 02 00 00 00 00 00 00 00 00 c8 0a 00 00 84
| a0 2e 96 65 e2 84 b3 67 92 b2 3f f2 92 54 ba bc
| 6f 3b cc a2 fb 6b 09 b9 e0 24 c9 0f 38 58 57 5d
| 64 e9 b0 64 09 2c a5 8d 00 4d 8d ba 97 2c 1a 2b
| ab 80 be ee 34 64 2e d3 15 74 58 86 2e 19 ae ed
| bb dc 67 11 a3 05 c9 eb bc dc 82 e8 63 37 65 63
| 70 f0 da 47 07 59 ba 48 00 0c 31 d3 2b 8a d5 37
| 15 c9 4a 6b 26 2f 7f d8 ea 07 b9 1c 7d 0b 07 82
| 75 c0 0b 56 3a 76 02 c1 c0 68 68 a7 b6 69 3f 55
| 0d 00 00 14 af ef 69 01 16 35 d7 9d c3 09 d9 d5
| 3c ea 21 ab 00 00 00 14 70 03 cb c1 09 7d be 9c
| 26 00 ba 69 83 bc 8b 35
| **parse ISAKMP Message:
| initiator cookie:
| 92 61 f5 a0 10 33 62 56
| responder cookie:
| 19 80 ec e3 e8 4b 85 a9
| next payload type: ISAKMP_NEXT_KE
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 200
| ICOOKIE: 92 61 f5 a0 10 33 62 56
| RCOOKIE: 19 80 ec e3 e8 4b 85 a9
| peer: cc 13 b9 03
| state hash entry 21
| peer and cookies match on #1, provided msgid 00000000 vs 00000000
| state object #1 found, in STATE_MAIN_R1
| ***parse ISAKMP Key Exchange Payload:
| next payload type: ISAKMP_NEXT_NONCE
| length: 132
| ***parse ISAKMP Nonce Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 20
"mac" #1: ignoring Vendor ID payload [KAME/racoon]
| **emit ISAKMP Message:
| initiator cookie:
| 92 61 f5 a0 10 33 62 56
| responder cookie:
| 19 80 ec e3 e8 4b 85 a9
| next payload type: ISAKMP_NEXT_KE
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| DH public value received:
| a0 2e 96 65 e2 84 b3 67 92 b2 3f f2 92 54 ba bc
| 6f 3b cc a2 fb 6b 09 b9 e0 24 c9 0f 38 58 57 5d
| 64 e9 b0 64 09 2c a5 8d 00 4d 8d ba 97 2c 1a 2b
| ab 80 be ee 34 64 2e d3 15 74 58 86 2e 19 ae ed
| bb dc 67 11 a3 05 c9 eb bc dc 82 e8 63 37 65 63
| 70 f0 da 47 07 59 ba 48 00 0c 31 d3 2b 8a d5 37
| 15 c9 4a 6b 26 2f 7f d8 ea 07 b9 1c 7d 0b 07 82
| 75 c0 0b 56 3a 76 02 c1 c0 68 68 a7 b6 69 3f 55
| inI2: checking NAT-t: 0 and 0
| Local DH secret:
| 48 c4 80 d2 b9 ee 55 7c f0 42 33 e6 02 46 dd e5
| de 66 76 87 ce 07 13 82 d4 d4 e1 5c 10 69 f4 bd
| Public DH value sent:
| 04 fd 9b 4c 03 eb b2 c3 08 10 a3 51 12 33 82 62
| e5 08 c4 5b 83 a3 2f 28 1c e4 4e ce e9 5a 20 d2
| 2d 12 1b 67 43 c4 a7 1e 02 05 0b 87 fc 62 22 7b
| 5d 95 e0 e3 f1 e7 e5 05 78 33 81 b4 f9 8c 52 c0
| e3 bb 65 f3 2a e4 3c 30 5e da 04 f3 0a a5 4f b1
| 10 4b 16 02 a2 7b 43 57 aa 11 93 33 0c 9d 91 7a
| 53 c5 9c 25 3d 62 6d 2b 05 79 47 c1 c1 2d a5 4c
| 27 62 a2 c8 1f c6 bc 0f c4 57 77 c6 b6 7d 83 59
| ***emit ISAKMP Key Exchange Payload:
| next payload type: ISAKMP_NEXT_NONCE
| emitting 128 raw bytes of keyex value into ISAKMP Key Exchange Payload
| keyex value 04 fd 9b 4c 03 eb b2 c3 08 10 a3 51 12 33 82 62
| e5 08 c4 5b 83 a3 2f 28 1c e4 4e ce e9 5a 20 d2
| 2d 12 1b 67 43 c4 a7 1e 02 05 0b 87 fc 62 22 7b
| 5d 95 e0 e3 f1 e7 e5 05 78 33 81 b4 f9 8c 52 c0
| e3 bb 65 f3 2a e4 3c 30 5e da 04 f3 0a a5 4f b1
| 10 4b 16 02 a2 7b 43 57 aa 11 93 33 0c 9d 91 7a
| 53 c5 9c 25 3d 62 6d 2b 05 79 47 c1 c1 2d a5 4c
| 27 62 a2 c8 1f c6 bc 0f c4 57 77 c6 b6 7d 83 59
| emitting length of ISAKMP Key Exchange Payload: 132
| ***emit ISAKMP Nonce Payload:
| next payload type: ISAKMP_NEXT_NONE
| emitting 16 raw bytes of Nr into ISAKMP Nonce Payload
| Nr e7 0c e1 4a a5 f5 d4 6b 97 83 b7 3a 8b b2 5e fa
| emitting length of ISAKMP Nonce Payload: 20
| emitting length of ISAKMP Message: 180
| compute_dh_shared(): time elapsed (OAKLEY_GROUP_MODP1024): 29570 usec
| DH shared secret:
| 05 a5 8b 73 30 33 e1 15 b4 33 08 a9 24 51 be b8
| 94 74 68 bd 14 d0 62 41 8a 51 c3 71 fc 44 ba ca
| 08 cb ba 9a 2b 68 e3 6e ef 75 b2 e3 0d f9 fe 5d
| 1c 8d c2 a2 6b 66 a6 7a 9e 9b 76 41 56 2f 0a e6
| 7e ef ca 58 d1 00 e9 17 a1 b2 fd ec 29 84 b8 68
| 34 18 5b ea 0f 30 23 44 91 c8 05 42 1d 95 49 74
| 8c 9c ee 12 6f 9d 7a 5b b2 6e 4d dc a0 76 92 8e
| ac a9 7d 3b 02 3e fb 55 4c 49 b1 09 e0 01 87 78
| looking for secret for 204.19.187.2->204.19.185.3 of kind PPK_PSK
| DH_i: a0 2e 96 65 e2 84 b3 67 92 b2 3f f2 92 54 ba bc
| 6f 3b cc a2 fb 6b 09 b9 e0 24 c9 0f 38 58 57 5d
| 64 e9 b0 64 09 2c a5 8d 00 4d 8d ba 97 2c 1a 2b
| ab 80 be ee 34 64 2e d3 15 74 58 86 2e 19 ae ed
| bb dc 67 11 a3 05 c9 eb bc dc 82 e8 63 37 65 63
| 70 f0 da 47 07 59 ba 48 00 0c 31 d3 2b 8a d5 37
| 15 c9 4a 6b 26 2f 7f d8 ea 07 b9 1c 7d 0b 07 82
| 75 c0 0b 56 3a 76 02 c1 c0 68 68 a7 b6 69 3f 55
| DH_r: 04 fd 9b 4c 03 eb b2 c3 08 10 a3 51 12 33 82 62
| e5 08 c4 5b 83 a3 2f 28 1c e4 4e ce e9 5a 20 d2
| 2d 12 1b 67 43 c4 a7 1e 02 05 0b 87 fc 62 22 7b
| 5d 95 e0 e3 f1 e7 e5 05 78 33 81 b4 f9 8c 52 c0
| e3 bb 65 f3 2a e4 3c 30 5e da 04 f3 0a a5 4f b1
| 10 4b 16 02 a2 7b 43 57 aa 11 93 33 0c 9d 91 7a
| 53 c5 9c 25 3d 62 6d 2b 05 79 47 c1 c1 2d a5 4c
| 27 62 a2 c8 1f c6 bc 0f c4 57 77 c6 b6 7d 83 59
| Skeyid: e7 ad 7e 51 d4 f2 23 db d4 15 0e 13 1b 29 88 92
| df 7d c7 90
| Skeyid_d: 80 98 d0 13 92 63 a0 37 6c 0c c8 f4 78 bf cf 84
| da 1f e0 73
| Skeyid_a: d6 4d 93 a2 a9 2b 79 d9 5d d0 d0 d8 72 f8 37 e4
| 8d c9 c2 15
| Skeyid_e: ba 54 e7 17 34 1d ef f9 8c 6b 55 67 5a d2 cf 60
| 01 b8 dc f4
| enc key: d2 40 61 fb 50 30 e1 24 a0 3d 94 8c 09 33 d1 b7
| e0 85 ea 53 de 48 7d f1
| IV: a1 fb 91 6b aa 7f 16 34 a3 25 ed 74 59 2f 1a 22
| 42 ac 53 c5
"mac" #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
| sending 180 bytes for STATE_MAIN_R1 through eth0 to 204.19.185.3:500:
| 92 61 f5 a0 10 33 62 56 19 80 ec e3 e8 4b 85 a9
| 04 10 02 00 00 00 00 00 00 00 00 b4 0a 00 00 84
| 04 fd 9b 4c 03 eb b2 c3 08 10 a3 51 12 33 82 62
| e5 08 c4 5b 83 a3 2f 28 1c e4 4e ce e9 5a 20 d2
| 2d 12 1b 67 43 c4 a7 1e 02 05 0b 87 fc 62 22 7b
| 5d 95 e0 e3 f1 e7 e5 05 78 33 81 b4 f9 8c 52 c0
| e3 bb 65 f3 2a e4 3c 30 5e da 04 f3 0a a5 4f b1
| 10 4b 16 02 a2 7b 43 57 aa 11 93 33 0c 9d 91 7a
| 53 c5 9c 25 3d 62 6d 2b 05 79 47 c1 c1 2d a5 4c
| 27 62 a2 c8 1f c6 bc 0f c4 57 77 c6 b6 7d 83 59
| 00 00 00 14 e7 0c e1 4a a5 f5 d4 6b 97 83 b7 3a
| 8b b2 5e fa
| inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
| next event EVENT_RETRANSMIT in 10 seconds for #1
|
| *received 68 bytes from 204.19.185.3:500 on eth0
| 92 61 f5 a0 10 33 62 56 19 80 ec e3 e8 4b 85 a9
| 05 10 02 01 00 00 00 00 00 00 00 44 33 ca 80 98
| cb 78 e3 64 01 ce 77 ec 5f f5 b0 9b c7 a2 00 50
| 80 89 b9 84 3a 2e 3c bc 7c b1 ed 36 3f f5 b3 82
| 12 e1 aa 0a
| **parse ISAKMP Message:
| initiator cookie:
| 92 61 f5 a0 10 33 62 56
| responder cookie:
| 19 80 ec e3 e8 4b 85 a9
| next payload type: ISAKMP_NEXT_ID
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: ISAKMP_FLAG_ENCRYPTION
| message ID: 00 00 00 00
| length: 68
| ICOOKIE: 92 61 f5 a0 10 33 62 56
| RCOOKIE: 19 80 ec e3 e8 4b 85 a9
| peer: cc 13 b9 03
| state hash entry 21
| peer and cookies match on #1, provided msgid 00000000 vs 00000000
| state object #1 found, in STATE_MAIN_R2
| received encrypted packet from 204.19.185.3:500
| decrypting 40 bytes using algorithm OAKLEY_3DES_CBC
| decrypted:
| 08 00 00 0c 01 11 01 f4 cc 13 b9 03 00 00 00 18
| 96 dd 56 2b d2 39 d1 0a 15 a5 88 22 b6 68 0f 1c
| 20 8f 47 c4 00 00 00 04
| next IV: 3f f5 b3 82 12 e1 aa 0a
| ***parse ISAKMP Identification Payload:
| next payload type: ISAKMP_NEXT_HASH
| length: 12
| ID type: ID_IPV4_ADDR
| DOI specific A: 17
| DOI specific B: 500
| ***parse ISAKMP Hash Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 24
| removing 4 bytes of padding
"mac" #1: Peer ID is ID_IPV4_ADDR: '204.19.185.3'
| refine_connection: starting with mac
| trusted_ca called with a=(empty) b=(empty)
| refine_connection: happy with starting point: mac
| offered CA: '%none'
| hashing 48 bytes of SA
| authentication succeeded
| thinking about whether to send my certificate:
| I have RSA key: OAKLEY_PRESHARED_KEY cert.type: CERT_NONE
| sendcert: CERT_ALWAYSSEND and I did not get a certificate request
| so do not send cert.
"mac" #1: I did not send a certificate because I do not have one.
| **emit ISAKMP Message:
| initiator cookie:
| 92 61 f5 a0 10 33 62 56
| responder cookie:
| 19 80 ec e3 e8 4b 85 a9
| next payload type: ISAKMP_NEXT_ID
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: ISAKMP_FLAG_ENCRYPTION
| message ID: 00 00 00 00
| ***emit ISAKMP Identification Payload (IPsec DOI):
| next payload type: ISAKMP_NEXT_HASH
| ID type: ID_IPV4_ADDR
| Protocol ID: 0
| port: 0
| emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)
| my identity cc 13 bb 02
| emitting length of ISAKMP Identification Payload (IPsec DOI): 12
| hashing 48 bytes of SA
| ***emit ISAKMP Hash Payload:
| next payload type: ISAKMP_NEXT_NONE
| emitting 20 raw bytes of HASH_R into ISAKMP Hash Payload
| HASH_R 3f 37 b7 46 3f 7a 31 64 71 56 82 8d 39 b1 07 19
| fd ed df 6b
| emitting length of ISAKMP Hash Payload: 24
| encrypting:
| 08 00 00 0c 01 00 00 00 cc 13 bb 02 00 00 00 18
| 3f 37 b7 46 3f 7a 31 64 71 56 82 8d 39 b1 07 19
| fd ed df 6b
| emitting 4 zero bytes of encryption padding into ISAKMP Message
| encrypting using OAKLEY_3DES_CBC
| next IV: b9 30 ae 5a 77 53 96 f2
| emitting length of ISAKMP Message: 68
| last encrypted block of Phase 1:
| b9 30 ae 5a 77 53 96 f2
"mac" #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
| sending 68 bytes for STATE_MAIN_R2 through eth0 to 204.19.185.3:500:
| 92 61 f5 a0 10 33 62 56 19 80 ec e3 e8 4b 85 a9
| 05 10 02 01 00 00 00 00 00 00 00 44 8f f6 94 25
| 91 86 f9 7d 0f c2 76 53 71 29 90 71 80 52 ca e4
| c4 87 2d 34 34 ac 28 3a 5a 9a 9f e8 b9 30 ae 5a
| 77 53 96 f2
| inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #1
"mac" #1: sent MR3, ISAKMP SA established
| next event EVENT_SHUNT_SCAN in 86 seconds
|
| *received 228 bytes from 204.19.185.3:500 on eth0
| 92 61 f5 a0 10 33 62 56 19 80 ec e3 e8 4b 85 a9
| 08 10 20 01 32 60 aa 83 00 00 00 e4 73 3b 99 ff
| 6b 4e 09 55 3a 23 e5 7a 57 4e 0e 7e 65 ad 63 6f
| ee 85 35 49 d7 9b 2d f2 d0 d9 58 48 70 6e a0 f6
| 34 23 d2 c8 37 d5 28 8b 8e e7 e8 00 87 92 8a 9d
| 26 5d cc 73 41 56 7d 56 1d 74 bc ac dd 26 4a 3f
| a2 57 bc a7 a6 ff 99 b6 c8 23 8e f0 4f bd 9f 13
| 2d 8b da d0 b8 fc 8d c4 09 72 95 b9 cd 4e 48 8d
| 18 d1 16 2d 28 e3 50 a3 b2 51 c0 24 41 4c e5 a4
| 78 fa 27 92 95 b3 c4 22 d9 9d 0e 34 7f cc e9 4b
| 13 65 b6 99 38 19 6a 18 32 22 cf fb 17 54 af 27
| af c6 a0 94 fb 73 a4 43 82 81 dd 1b 01 13 76 60
| aa 74 df cd ff c7 01 2f 22 28 dd 6f fc 10 a0 42
| 27 88 b3 fb ad d0 7b 2b 89 ba a5 e8 ac 5f 65 b9
| fc 9e 0e 39
| **parse ISAKMP Message:
| initiator cookie:
| 92 61 f5 a0 10 33 62 56
| responder cookie:
| 19 80 ec e3 e8 4b 85 a9
| next payload type: ISAKMP_NEXT_HASH
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_QUICK
| flags: ISAKMP_FLAG_ENCRYPTION
| message ID: 32 60 aa 83
| length: 228
| ICOOKIE: 92 61 f5 a0 10 33 62 56
| RCOOKIE: 19 80 ec e3 e8 4b 85 a9
| peer: cc 13 b9 03
| state hash entry 21
| peer and cookies match on #1, provided msgid 3260aa83 vs 00000000
| state object not found
| ICOOKIE: 92 61 f5 a0 10 33 62 56
| RCOOKIE: 19 80 ec e3 e8 4b 85 a9
| peer: cc 13 b9 03
| state hash entry 21
| peer and cookies match on #1, provided msgid 00000000 vs 00000000
| state object #1 found, in STATE_MAIN_R3
| last Phase 1 IV: b9 30 ae 5a 77 53 96 f2
| last Phase 1 IV: b9 30 ae 5a 77 53 96 f2
| computed Phase 2 IV:
| d3 39 91 5d b4 af e2 ef b4 ee 27 98 b2 f0 11 e4
| eb df 22 e3
| received encrypted packet from 204.19.185.3:500
| decrypting 200 bytes using algorithm OAKLEY_3DES_CBC
| decrypted:
| 01 00 00 18 f1 4c 8b 1a cd 23 ae b2 23 29 83 55
| 2e ad 6b 80 c0 9b a7 c9 0a 00 00 80 00 00 00 01
| 00 00 00 01 00 00 00 74 01 03 04 04 05 2f 6e f0
| 03 00 00 1c 01 0c 00 00 80 01 00 01 80 02 0e 10
| 80 04 00 02 80 06 00 80 80 05 00 02 03 00 00 1c
| 02 0c 00 00 80 01 00 01 80 02 0e 10 80 04 00 02
| 80 06 00 80 80 05 00 01 03 00 00 18 03 03 00 00
| 80 01 00 01 80 02 0e 10 80 04 00 02 80 05 00 02
| 00 00 00 18 04 03 00 00 80 01 00 01 80 02 0e 10
| 80 04 00 02 80 05 00 01 05 00 00 14 cf 08 91 c2
| 9e 9e a9 f9 c3 3c 47 a8 78 1f 58 86 05 00 00 0c
| 01 11 c2 74 cc 13 b9 03 00 00 00 0c 01 11 06 a5
| cc 13 bb 02 00 00 00 04
| next IV: ac 5f 65 b9 fc 9e 0e 39
| ***parse ISAKMP Hash Payload:
| next payload type: ISAKMP_NEXT_SA
| length: 24
| ***parse ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_NONCE
| length: 128
| DOI: ISAKMP_DOI_IPSEC
| ***parse ISAKMP Nonce Payload:
| next payload type: ISAKMP_NEXT_ID
| length: 20
| ***parse ISAKMP Identification Payload (IPsec DOI):
| next payload type: ISAKMP_NEXT_ID
| length: 12
| ID type: ID_IPV4_ADDR
| Protocol ID: 17
| port: 49780
| ***parse ISAKMP Identification Payload (IPsec DOI):
| next payload type: ISAKMP_NEXT_NONE
| length: 12
| ID type: ID_IPV4_ADDR
| Protocol ID: 17
| port: 1701
| removing 4 bytes of padding
| HASH(1) computed:
| f1 4c 8b 1a cd 23 ae b2 23 29 83 55 2e ad 6b 80
| c0 9b a7 c9
| peer client is 204.19.185.3
| peer client protocol/port is 17/49780
| our client is 204.19.187.2
| our client protocol/port is 17/1701
| find_client_connection starting with mac
| looking for 204.19.187.2/32:17/1701 -> 204.19.185.3/32:17/49780
| concrete checking against sr#0 204.19.187.2/32 -> 204.19.185.3/32
| match_id a=204.19.185.3 b=204.19.185.3
| match_id called with a=204.19.185.3 b=204.19.185.3
| trusted_ca called with a=(empty) b=(empty)
| fc_try trying mac:204.19.187.2/32:17/1701 -> 204.19.185.3/32:17/0 vs mac:204.19.187.2/32:17/1701 -> 204.19.185.3/32:17/0
| fc_try concluding with mac [128]
| fc_try mac gives mac
| concluding with d = mac
| duplicating state object #1
| creating state object #2 at 0x80e6f98
| ICOOKIE: 92 61 f5 a0 10 33 62 56
| RCOOKIE: 19 80 ec e3 e8 4b 85 a9
| peer: cc 13 b9 03
| state hash entry 21
| inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #2
| **emit ISAKMP Message:
| initiator cookie:
| 92 61 f5 a0 10 33 62 56
| responder cookie:
| 19 80 ec e3 e8 4b 85 a9
| next payload type: ISAKMP_NEXT_HASH
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_QUICK
| flags: ISAKMP_FLAG_ENCRYPTION
| message ID: 32 60 aa 83
| ***emit ISAKMP Hash Payload:
| next payload type: ISAKMP_NEXT_SA
| emitting 20 zero bytes of HASH into ISAKMP Hash Payload
| emitting length of ISAKMP Hash Payload: 24
| ***emit ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_NONCE
| DOI: ISAKMP_DOI_IPSEC
| ****parse IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| ****parse ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 116
| proposal number: 1
| protocol ID: PROTO_IPSEC_ESP
| SPI size: 4
| number of transforms: 4
| parsing 4 raw bytes of ISAKMP Proposal Payload into SPI
| SPI 05 2f 6e f0
| *****parse ISAKMP Transform Payload (ESP):
| next payload type: ISAKMP_NEXT_T
| length: 28
| transform number: 1
| transform ID: ESP_AES
| ******parse ISAKMP IPsec DOI attribute:
| af+type: SA_LIFE_TYPE
| length/value: 1
| [1 is SA_LIFE_TYPE_SECONDS]
| ******parse ISAKMP IPsec DOI attribute:
| af+type: SA_LIFE_DURATION
| length/value: 3600
| ******parse ISAKMP IPsec DOI attribute:
| af+type: ENCAPSULATION_MODE
| length/value: 2
| [2 is ENCAPSULATION_MODE_TRANSPORT]
| ******parse ISAKMP IPsec DOI attribute:
| af+type: KEY_LENGTH
| length/value: 128
| ******parse ISAKMP IPsec DOI attribute:
| af+type: AUTH_ALGORITHM
| length/value: 2
| [2 is AUTH_ALGORITHM_HMAC_SHA1]
More information about the Users
mailing list