[Openswan Users] Help: no suitable connection for peer

Rodrigo nobregasz at yahoo.com.br
Sun Feb 6 16:38:36 CET 2005


Hi Paul, tks for ur help...

im forgot to get ipsec.secrets but im put my passphrase... i didnt put 
any pass in the last time when i create my CA but now i do it.

so... do i need put FORWARD im my iptables?

imtrying trying and notthing.. i hate it :/ :)


maybe some problem with dhcp??
if u have a better sample lan i can test. ill appreciate :)

my sample lan:

NOTE (WinXP)                     GW(dhcp server)                         
     VPN
10.10.1.141 ------------------- 10.10.1.200 
---------------------10.10.1.231  /  192.168.0.1
dhcp                                                              dhcp

i got this log when try ping 10.10.1.231 and 192.168.0.1.

tks

Rodrigo






------------------------------------------------------------------------

Feb  4 12:03:10 vpn pluto[288]: can not use our IP (10.10.1.231:TXT) as identity: we don't know our own RSA key
Feb  4 12:03:15 vpn pluto[288]: can not use our hostname (@vpn:TXT) as identity: we don't know our own RSA key
Feb  4 12:03:16 vpn pluto[288]: "roadwarrior-net"[1] 10.10.1.141 #2: next payload type of ISAKMP Hash Payload has an unknown value: 221
Feb  4 12:03:16 vpn pluto[288]: "roadwarrior-net"[1] 10.10.1.141 #2: malformed payload in packet
Feb  4 12:03:16 vpn pluto[288]: "roadwarrior-net"[1] 10.10.1.141 #2: sending notification PAYLOAD_MALFORMED to 10.10.1.141:500
Feb  4 12:03:20 vpn pluto[288]: can not use our IP (10.10.1.231:KEY) as identity: we don't know our own RSA key
Feb  4 12:03:23 vpn pluto[288]: "roadwarrior-net"[1] 10.10.1.141 #2: max number of retransmissions (2) reached STATE_MAIN_R2
Feb  4 12:03:23 vpn pluto[288]: "roadwarrior-net"[1] 10.10.1.141: deleting connection "roadwarrior-net" instance with peer 10.10.1.141 {isakmp=#0/ipsec=#0}
Feb  4 12:08:01 vpn PAM_unix[697]: (cron) session opened for user mail by (uid=0)
Feb  4 12:08:01 vpn PAM_unix[697]: (cron) session closed for user mail
Feb  4 12:08:05 vpn pluto[288]: packet from 10.10.1.141:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Feb  4 12:08:05 vpn pluto[288]: packet from 10.10.1.141:500: ignoring Vendor ID payload [FRAGMENTATION]
Feb  4 12:08:05 vpn pluto[288]: packet from 10.10.1.141:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 
Feb  4 12:08:05 vpn pluto[288]: packet from 10.10.1.141:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Feb  4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: responding to Main Mode from unknown peer 10.10.1.141
Feb  4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Feb  4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected
Feb  4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Feb  4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb  4 12:08:07 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:08:07 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:08:07 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb  4 12:08:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:08:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:08:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb  4 12:08:13 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:08:13 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:08:13 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb  4 12:08:21 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:08:21 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:08:21 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb  4 12:08:37 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:08:37 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:08:37 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb  4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: byte 2 of ISAKMP Hash Payload must be zero, but is not
Feb  4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: malformed payload in packet
Feb  4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending notification PAYLOAD_MALFORMED to 10.10.1.141:500
Feb  4 12:09:09 vpn pluto[288]: packet from 10.10.1.141:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Feb  4 12:09:09 vpn pluto[288]: packet from 10.10.1.141:500: ignoring Vendor ID payload [FRAGMENTATION]
Feb  4 12:09:09 vpn pluto[288]: packet from 10.10.1.141:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 
Feb  4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: responding to Main Mode from unknown peer 10.10.1.141
Feb  4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Feb  4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected
Feb  4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Feb  4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb  4 12:09:10 vpn su[706]: + pts/1 rodrigo-root 
Feb  4 12:09:10 vpn PAM_unix[706]: (su) session opened for user root by (uid=1000)
Feb  4 12:09:10 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:09:10 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:09:10 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb  4 12:09:12 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:09:12 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:09:12 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb  4 12:09:15 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: max number of retransmissions (2) reached STATE_MAIN_R2
Feb  4 12:09:16 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:09:16 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:09:16 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb  4 12:09:24 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:09:24 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb  4 12:09:24 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500

------------------------------------------------------------------------

 2-04: 12:07:59:34:b8 isadb_schedule_kill_oldPolicy_sas: 84fa0099-d005-44a5-9cb5d129080900c5 4
 2-04: 12:07:59:34:b8 isadb_schedule_kill_oldPolicy_sas: 3e0a663a-f18a-4582-b07a739f43710e04 4
 2-04: 12:07:59:34:b8 isadb_schedule_kill_oldPolicy_sas: 27affbe1-d7d5-4ec8-9c09b329784ca47c 1
 2-04: 12:07:59:44:7ec entered kill_old_policy_sas 4
 2-04: 12:07:59:44:7ec entered kill_old_policy_sas 4
 2-04: 12:07:59:44:7ec entered kill_old_policy_sas 1
 2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: 84fa0099-d005-44a5-9cb5d129080900c5 4
 2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: 3e0a663a-f18a-4582-b07a739f43710e04 4
 2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: ff580d2d-ec6d-4198-90f5737e5db74ebe 3
 2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: eb485646-4aca-4c16-b95fdecb47f916d1 3
 2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: c04c78a6-f434-44cc-864a970de645671f 3
 2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: 160d3b34-5a9f-4461-ad35d34edbec00a7 3
 2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: 0508392b-0c05-421f-af2d26c9cf2683a4 1
 2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: bfc3a5b4-63ba-411a-a640df9ca28a9e99 2
 2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: 7e09ba43-e79c-4030-b8e2b92196bb3ce7 2
 2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: d5b94763-8ab5-4ec4-80ea87c36d8e4d18 2
 2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: 45deb501-be93-4049-a611a20cb969e16f 2
 2-04: 12:07:59:54:7ec entered kill_old_policy_sas 4
 2-04: 12:07:59:54:7ec entered kill_old_policy_sas 4
 2-04: 12:07:59:54:7ec entered kill_old_policy_sas 3
 2-04: 12:07:59:54:7ec entered kill_old_policy_sas 3
 2-04: 12:07:59:54:7ec entered kill_old_policy_sas 3
 2-04: 12:07:59:54:7ec entered kill_old_policy_sas 3
 2-04: 12:07:59:54:7ec entered kill_old_policy_sas 1
 2-04: 12:07:59:54:7ec entered kill_old_policy_sas 2
 2-04: 12:07:59:54:7ec entered kill_old_policy_sas 2
 2-04: 12:07:59:54:7ec entered kill_old_policy_sas 2
 2-04: 12:07:59:54:7ec entered kill_old_policy_sas 2
 2-04: 12:08:33:223:284 Acquire from driver: op=0000000B src=10.10.1.141.0 dst=192.168.0.1.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.0, Tunnel 1, TunnelEndpt=10.10.1.231 Inbound TunnelEndpt=10.10.1.141
 2-04: 12:08:33:234:7ec Filter to match: Src 10.10.1.231 Dst 10.10.1.141
 2-04: 12:08:33:294:7ec MM PolicyName: 9
 2-04: 12:08:33:294:7ec MMPolicy dwFlags 2 SoftSAExpireTime 28800
 2-04: 12:08:33:294:7ec MMOffer[0] LifetimeSec 28800 QMLimit 1 DHGroup 2
 2-04: 12:08:33:294:7ec MMOffer[0] Encrypt: Triplo DES CBC Hash: SHA
 2-04: 12:08:33:294:7ec MMOffer[1] LifetimeSec 28800 QMLimit 1 DHGroup 2
 2-04: 12:08:33:294:7ec MMOffer[1] Encrypt: Triplo DES CBC Hash: MD5
 2-04: 12:08:33:294:7ec MMOffer[2] LifetimeSec 28800 QMLimit 1 DHGroup 1
 2-04: 12:08:33:294:7ec MMOffer[2] Encrypt: DES CBC Hash: SHA
 2-04: 12:08:33:294:7ec MMOffer[3] LifetimeSec 28800 QMLimit 1 DHGroup 1
 2-04: 12:08:33:294:7ec MMOffer[3] Encrypt: DES CBC Hash: MD5
 2-04: 12:08:33:294:7ec Auth[0]:RSA Sig C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br AuthFlags 0
 2-04: 12:08:33:294:7ec QM PolicyName: Host-roadwarrior-net filter action dwFlags 1
 2-04: 12:08:33:294:7ec QMOffer[0] LifetimeKBytes 50000 LifetimeSec 3600
 2-04: 12:08:33:294:7ec QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
 2-04: 12:08:33:294:7ec  Algo[0] Operation: ESP Algo: Triplo DES CBC HMAC: MD5
 2-04: 12:08:33:294:7ec Starting Negotiation: src = 10.10.1.141.0500, dst = 10.10.1.231.0500, proto = 00, context = 0000000B, ProxySrc = 10.10.1.141.0000, ProxyDst = 192.168.0.0.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.0
 2-04: 12:08:33:294:7ec constructing ISAKMP Header
 2-04: 12:08:33:294:7ec constructing SA (ISAKMP)
 2-04: 12:08:33:294:7ec Constructing Vendor MS NT5 ISAKMPOAKLEY
 2-04: 12:08:33:314:7ec Constructing Vendor FRAGMENTATION
 2-04: 12:08:33:314:7ec Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
 2-04: 12:08:33:314:7ec Constructing Vendor Vid-Initial-Contact
 2-04: 12:08:33:314:7ec 
 2-04: 12:08:33:314:7ec Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:08:33:314:7ec ISAKMP Header: (V1.0), len = 276
 2-04: 12:08:33:314:7ec   I-COOKIE c379b220ef4de448
 2-04: 12:08:33:314:7ec   R-COOKIE 0000000000000000
 2-04: 12:08:33:314:7ec   exchange: Oakley Main Mode
 2-04: 12:08:33:314:7ec   flags: 0
 2-04: 12:08:33:314:7ec   next payload: SA
 2-04: 12:08:33:314:7ec   message ID: 00000000
 2-04: 12:08:33:314:7ec Ports S:f401 D:f401
 2-04: 12:08:33:394:7ec 
 2-04: 12:08:33:394:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:08:33:394:7ec ISAKMP Header: (V1.0), len = 124
 2-04: 12:08:33:394:7ec   I-COOKIE c379b220ef4de448
 2-04: 12:08:33:394:7ec   R-COOKIE e540e25cc603eb38
 2-04: 12:08:33:394:7ec   exchange: Oakley Main Mode
 2-04: 12:08:33:394:7ec   flags: 0
 2-04: 12:08:33:394:7ec   next payload: SA
 2-04: 12:08:33:394:7ec   message ID: 00000000
 2-04: 12:08:33:394:7ec processing payload SA
 2-04: 12:08:33:394:7ec Received Phase 1 Transform 1
 2-04: 12:08:33:394:7ec      Encryption Alg Triplo DES CBC(5)
 2-04: 12:08:33:394:7ec      Hash Alg SHA(2)
 2-04: 12:08:33:394:7ec      Oakley Group 2
 2-04: 12:08:33:394:7ec      Auth Method Assinatura RSA com Certificados (3)
 2-04: 12:08:33:394:7ec      Life type in Seconds
 2-04: 12:08:33:394:7ec      Life duration of 28800
 2-04: 12:08:33:394:7ec Phase 1 SA accepted: transform=1
 2-04: 12:08:33:394:7ec SA - Oakley proposal accepted
 2-04: 12:08:33:394:7ec processing payload VENDOR ID
 2-04: 12:08:33:394:7ec processing payload VENDOR ID
 2-04: 12:08:33:394:7ec Received VendorId draft-ietf-ipsec-nat-t-ike-02
 2-04: 12:08:33:394:7ec ClearFragList
 2-04: 12:08:33:394:7ec constructing ISAKMP Header
 2-04: 12:08:33:474:7ec constructing KE
 2-04: 12:08:33:474:7ec constructing NONCE (ISAKMP)
 2-04: 12:08:33:474:7ec Constructing NatDisc
 2-04: 12:08:33:474:7ec 
 2-04: 12:08:33:474:7ec Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:08:33:474:7ec ISAKMP Header: (V1.0), len = 232
 2-04: 12:08:33:474:7ec   I-COOKIE c379b220ef4de448
 2-04: 12:08:33:474:7ec   R-COOKIE e540e25cc603eb38
 2-04: 12:08:33:474:7ec   exchange: Oakley Main Mode
 2-04: 12:08:33:474:7ec   flags: 0
 2-04: 12:08:33:474:7ec   next payload: KE
 2-04: 12:08:33:474:7ec   message ID: 00000000
 2-04: 12:08:33:474:7ec Ports S:f401 D:f401
 2-04: 12:08:33:504:7ec 
 2-04: 12:08:33:504:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:08:33:504:7ec ISAKMP Header: (V1.0), len = 228
 2-04: 12:08:33:504:7ec   I-COOKIE c379b220ef4de448
 2-04: 12:08:33:504:7ec   R-COOKIE e540e25cc603eb38
 2-04: 12:08:33:504:7ec   exchange: Oakley Main Mode
 2-04: 12:08:33:504:7ec   flags: 0
 2-04: 12:08:33:504:7ec   next payload: KE
 2-04: 12:08:33:504:7ec   message ID: 00000000
 2-04: 12:08:33:504:7ec processing payload KE
 2-04: 12:08:33:534:7ec processing payload NONCE
 2-04: 12:08:33:534:7ec processing payload NATDISC
 2-04: 12:08:33:534:7ec Processing NatHash
 2-04: 12:08:33:534:7ec Nat hash c2b61d5d7dd25f7f1ce0b91a96c3d640
 2-04: 12:08:33:534:7ec c052892e
 2-04: 12:08:33:534:7ec SA StateMask2 f
 2-04: 12:08:33:534:7ec processing payload NATDISC
 2-04: 12:08:33:534:7ec Processing NatHash
 2-04: 12:08:33:534:7ec Nat hash f121bcc9b299b50f36bb8413e60158d1
 2-04: 12:08:33:534:7ec 0a0eb805
 2-04: 12:08:33:534:7ec SA StateMask2 8f
 2-04: 12:08:33:534:7ec ClearFragList
 2-04: 12:08:33:534:7ec constructing ISAKMP Header
 2-04: 12:08:33:534:7ec constructing ID
 2-04: 12:08:33:534:7ec Received no valid CRPs.  Using all configured
 2-04: 12:08:33:534:7ec Looking for IPSec only cert
 2-04: 12:08:33:534:7ec Cert Trustes.  0 100
 2-04: 12:08:33:534:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
 2-04: 12:08:33:534:7ec fbeb65a0
 2-04: 12:08:33:534:7ec CertFindExtenstion failed with 0
 2-04: 12:08:33:574:7ec Entered CRL check
 2-04: 12:08:33:574:7ec Left CRL check
 2-04: 12:08:33:574:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
 2-04: 12:08:33:574:7ec fbeb65a0
 2-04: 12:08:33:574:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br
 2-04: 12:08:33:574:7ec Cert Serialnumber 02
 2-04: 12:08:33:574:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
 2-04: 12:08:33:574:7ec fbeb65a0
 2-04: 12:08:33:574:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
 2-04: 12:08:33:574:7ec Cert Serialnumber 00
 2-04: 12:08:33:574:7ec Cert SHA Thumbprint 3b9b8df006afe6e1c52b6ae783d0776c
 2-04: 12:08:33:574:7ec ece1fd71
 2-04: 12:08:33:574:7ec Not storing My cert chain in SA.
 2-04: 12:08:33:574:7ec MM ID Type 9
 2-04: 12:08:33:574:7ec MM ID 308184310b3009060355040613026272
 2-04: 12:08:33:574:7ec 3110300e060355040813077061726169
 2-04: 12:08:33:574:7ec 6261311430120603550407130b6a6f61
 2-04: 12:08:33:574:7ec 6f20706573736f61310e300c06035504
 2-04: 12:08:33:574:7ec 0a1305736566696e3116301406035504
 2-04: 12:08:33:574:7ec 03130d74657374652e636c69656e7465
 2-04: 12:08:33:574:7ec 3125302306092a864886f70d01090116
 2-04: 12:08:33:574:7ec 166e6f6272656761737a407961686f6f
 2-04: 12:08:33:574:7ec 2e636f6d2e6272
 2-04: 12:08:33:574:7ec constructing CERT
 2-04: 12:08:33:574:7ec Construct SIG
 2-04: 12:08:33:584:7ec Constructing Cert Request
 2-04: 12:08:33:584:7ec C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
 2-04: 12:08:33:584:7ec 
 2-04: 12:08:33:584:7ec Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:08:33:584:7ec ISAKMP Header: (V1.0), len = 1356
 2-04: 12:08:33:584:7ec   I-COOKIE c379b220ef4de448
 2-04: 12:08:33:584:7ec   R-COOKIE e540e25cc603eb38
 2-04: 12:08:33:584:7ec   exchange: Oakley Main Mode
 2-04: 12:08:33:584:7ec   flags: 1 ( encrypted )
 2-04: 12:08:33:584:7ec   next payload: ID
 2-04: 12:08:33:584:7ec   message ID: 00000000
 2-04: 12:08:33:584:7ec Ports S:f401 D:f401
 2-04: 12:08:33:594:7ec 
 2-04: 12:08:33:594:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:08:33:594:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:08:33:594:7ec   I-COOKIE c379b220ef4de448
 2-04: 12:08:33:594:7ec   R-COOKIE e540e25cc603eb38
 2-04: 12:08:33:594:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:08:33:594:7ec   flags: 1 ( encrypted )
 2-04: 12:08:33:594:7ec   next payload: HASH
 2-04: 12:08:33:594:7ec   message ID: d506f734
 2-04: 12:08:33:594:7ec invalid payload received
 2-04: 12:08:33:594:7ec GetPacket failed 3613
 2-04: 12:08:34:285:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 1
 2-04: 12:08:34:285:5b0 
 2-04: 12:08:34:285:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:08:34:285:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:08:34:285:5b0   I-COOKIE c379b220ef4de448
 2-04: 12:08:34:285:5b0   R-COOKIE e540e25cc603eb38
 2-04: 12:08:34:285:5b0   exchange: Oakley Main Mode
 2-04: 12:08:34:285:5b0   flags: 1 ( encrypted )
 2-04: 12:08:34:285:5b0   next payload: ID
 2-04: 12:08:34:285:5b0   message ID: 00000000
 2-04: 12:08:34:285:5b0 Ports S:f401 D:f401
 2-04: 12:08:34:285:7ec 
 2-04: 12:08:34:285:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:08:34:285:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:08:34:285:7ec   I-COOKIE c379b220ef4de448
 2-04: 12:08:34:285:7ec   R-COOKIE e540e25cc603eb38
 2-04: 12:08:34:285:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:08:34:285:7ec   flags: 1 ( encrypted )
 2-04: 12:08:34:285:7ec   next payload: HASH
 2-04: 12:08:34:285:7ec   message ID: acfbeac6
 2-04: 12:08:34:285:7ec invalid payload received
 2-04: 12:08:34:285:7ec GetPacket failed 3613
 2-04: 12:08:36:288:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 2
 2-04: 12:08:36:288:5b0 
 2-04: 12:08:36:288:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:08:36:288:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:08:36:288:5b0   I-COOKIE c379b220ef4de448
 2-04: 12:08:36:288:5b0   R-COOKIE e540e25cc603eb38
 2-04: 12:08:36:288:5b0   exchange: Oakley Main Mode
 2-04: 12:08:36:288:5b0   flags: 1 ( encrypted )
 2-04: 12:08:36:288:5b0   next payload: ID
 2-04: 12:08:36:288:5b0   message ID: 00000000
 2-04: 12:08:36:288:5b0 Ports S:f401 D:f401
 2-04: 12:08:36:288:7ec 
 2-04: 12:08:36:288:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:08:36:288:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:08:36:288:7ec   I-COOKIE c379b220ef4de448
 2-04: 12:08:36:288:7ec   R-COOKIE e540e25cc603eb38
 2-04: 12:08:36:288:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:08:36:288:7ec   flags: 1 ( encrypted )
 2-04: 12:08:36:288:7ec   next payload: HASH
 2-04: 12:08:36:288:7ec   message ID: c728e8ae
 2-04: 12:08:36:288:7ec invalid payload received
 2-04: 12:08:36:288:7ec GetPacket failed 3613
 2-04: 12:08:40:294:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 3
 2-04: 12:08:40:294:5b0 
 2-04: 12:08:40:294:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:08:40:294:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:08:40:294:5b0   I-COOKIE c379b220ef4de448
 2-04: 12:08:40:294:5b0   R-COOKIE e540e25cc603eb38
 2-04: 12:08:40:294:5b0   exchange: Oakley Main Mode
 2-04: 12:08:40:294:5b0   flags: 1 ( encrypted )
 2-04: 12:08:40:294:5b0   next payload: ID
 2-04: 12:08:40:294:5b0   message ID: 00000000
 2-04: 12:08:40:294:5b0 Ports S:f401 D:f401
 2-04: 12:08:40:294:7ec 
 2-04: 12:08:40:294:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:08:40:294:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:08:40:294:7ec   I-COOKIE c379b220ef4de448
 2-04: 12:08:40:294:7ec   R-COOKIE e540e25cc603eb38
 2-04: 12:08:40:294:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:08:40:294:7ec   flags: 1 ( encrypted )
 2-04: 12:08:40:294:7ec   next payload: HASH
 2-04: 12:08:40:294:7ec   message ID: 33ee0805
 2-04: 12:08:40:294:7ec invalid payload received
 2-04: 12:08:40:294:7ec GetPacket failed 3613
 2-04: 12:08:43:218:284 Acquire from driver: op=0000000C src=10.10.1.141.0 dst=10.10.1.231.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 1, TunnelEndpt=10.10.1.231 Inbound TunnelEndpt=10.10.1.141
 2-04: 12:08:43:218:7ec Main mode in progress. Acquire queued
 2-04: 12:08:43:218:7ec Queued Acquire Context c on SA 13f460
 2-04: 12:08:43:288:7ec 
 2-04: 12:08:43:288:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:08:43:288:7ec ISAKMP Header: (V1.0), len = 228
 2-04: 12:08:43:288:7ec   I-COOKIE c379b220ef4de448
 2-04: 12:08:43:288:7ec   R-COOKIE e540e25cc603eb38
 2-04: 12:08:43:288:7ec   exchange: Oakley Main Mode
 2-04: 12:08:43:288:7ec   flags: 0
 2-04: 12:08:43:288:7ec   next payload: KE
 2-04: 12:08:43:288:7ec   message ID: 00000000
 2-04: 12:08:43:288:7ec received an unencrypted packet when crypto active
 2-04: 12:08:43:288:7ec GetPacket failed 35ec
 2-04: 12:08:48:305:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 4
 2-04: 12:08:48:305:5b0 
 2-04: 12:08:48:305:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:08:48:305:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:08:48:305:5b0   I-COOKIE c379b220ef4de448
 2-04: 12:08:48:305:5b0   R-COOKIE e540e25cc603eb38
 2-04: 12:08:48:305:5b0   exchange: Oakley Main Mode
 2-04: 12:08:48:305:5b0   flags: 1 ( encrypted )
 2-04: 12:08:48:305:5b0   next payload: ID
 2-04: 12:08:48:305:5b0   message ID: 00000000
 2-04: 12:08:48:305:5b0 Ports S:f401 D:f401
 2-04: 12:08:48:305:7ec 
 2-04: 12:08:48:305:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:08:48:305:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:08:48:305:7ec   I-COOKIE c379b220ef4de448
 2-04: 12:08:48:305:7ec   R-COOKIE e540e25cc603eb38
 2-04: 12:08:48:305:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:08:48:305:7ec   flags: 1 ( encrypted )
 2-04: 12:08:48:305:7ec   next payload: HASH
 2-04: 12:08:48:305:7ec   message ID: 16be85bb
 2-04: 12:08:48:305:7ec invalid payload received
 2-04: 12:08:48:305:7ec GetPacket failed 3613
 2-04: 12:09:03:307:7ec 
 2-04: 12:09:03:307:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:09:03:307:7ec ISAKMP Header: (V1.0), len = 228
 2-04: 12:09:03:307:7ec   I-COOKIE c379b220ef4de448
 2-04: 12:09:03:307:7ec   R-COOKIE e540e25cc603eb38
 2-04: 12:09:03:307:7ec   exchange: Oakley Main Mode
 2-04: 12:09:03:307:7ec   flags: 0
 2-04: 12:09:03:307:7ec   next payload: KE
 2-04: 12:09:03:307:7ec   message ID: 00000000
 2-04: 12:09:03:307:7ec received an unencrypted packet when crypto active
 2-04: 12:09:03:307:7ec GetPacket failed 35ec
 2-04: 12:09:04:328:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 5
 2-04: 12:09:04:328:5b0 
 2-04: 12:09:04:328:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:09:04:328:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:09:04:328:5b0   I-COOKIE c379b220ef4de448
 2-04: 12:09:04:328:5b0   R-COOKIE e540e25cc603eb38
 2-04: 12:09:04:328:5b0   exchange: Oakley Main Mode
 2-04: 12:09:04:328:5b0   flags: 1 ( encrypted )
 2-04: 12:09:04:328:5b0   next payload: ID
 2-04: 12:09:04:328:5b0   message ID: 00000000
 2-04: 12:09:04:328:5b0 Ports S:f401 D:f401
 2-04: 12:09:04:328:7ec 
 2-04: 12:09:04:328:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:09:04:328:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:09:04:328:7ec   I-COOKIE c379b220ef4de448
 2-04: 12:09:04:328:7ec   R-COOKIE e540e25cc603eb38
 2-04: 12:09:04:328:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:09:04:328:7ec   flags: 1 ( encrypted )
 2-04: 12:09:04:328:7ec   next payload: HASH
 2-04: 12:09:04:328:7ec   message ID: 9f94ccf5
 2-04: 12:09:04:328:7ec invalid payload received
 2-04: 12:09:04:328:7ec GetPacket failed 3613
 2-04: 12:09:36:374:5b0 retransmit exhausted: sa = 0013F460 centry 00000000, count = 6
 2-04: 12:09:36:374:5b0 SA Dead. sa:0013F460 status:35ed
 2-04: 12:09:36:374:5b0 Posting new acquire context c
 2-04: 12:09:36:374:5b0 Internal Acquire: op=0000000C src=10.10.1.141.0 dst=10.10.1.231.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 1, TunnelEndpt=10.10.1.231 Inbound TunnelEndpt=10.10.1.141, InitiateEvent=00000000, IKE SrcPort=0 IKE DstPort=0
 2-04: 12:09:36:374:5b0 isadb_set_status sa:0013F460 centry:00000000 status 35ed
 2-04: 12:09:36:374:5b0 Modo de troca de chave (Modo principal)
 2-04: 12:09:36:374:5b0 Endereço IP de origem 10.10.1.141  Máscara do endereço IP de origem 255.255.255.255  Endereço IP de destino 10.10.1.231  Máscara do endereço IP de destino 255.255.255.255  Protocolo 0  Porta de origem 0  Porta de destino 0  End. local IKE 10.10.1.141  End. IKE de mesmo nível 10.10.1.231
 2-04: 12:09:36:374:5b0 Identidade baseada no certificado.  Entidade de mesmo nível   Impressão digital SHA de mesmo nível 0000000000000000000000000000000000000000  Autoridade de certificação emitente   Autoridade de certificação raiz   Minha entidade C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br  Minha impressão digital SHA 2d16b509f9321a54e03090781b660713fbeb65a0  Endereço IP de mesmo nível: 10.10.1.231
 2-04: 12:09:36:374:5b0 Eu
 2-04: 12:09:36:374:5b0 Tempo limite da negociação esgotado
 2-04: 12:09:36:374:5b0 0x0 0x0
 2-04: 12:09:36:374:5b0 constructing ISAKMP Header
 2-04: 12:09:36:374:5b0 constructing HASH (null)
 2-04: 12:09:36:374:5b0 constructing DELETE. MM 0013F460
 2-04: 12:09:36:374:5b0 constructing HASH (Notify/Delete)
 2-04: 12:09:36:374:5b0 
 2-04: 12:09:36:374:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 1.500
 2-04: 12:09:36:374:5b0 ISAKMP Header: (V1.0), len = 84
 2-04: 12:09:36:374:5b0   I-COOKIE c379b220ef4de448
 2-04: 12:09:36:374:5b0   R-COOKIE e540e25cc603eb38
 2-04: 12:09:36:374:5b0   exchange: ISAKMP Informational Exchange
 2-04: 12:09:36:374:5b0   flags: 1 ( encrypted )
 2-04: 12:09:36:374:5b0   next payload: HASH
 2-04: 12:09:36:374:5b0   message ID: 1e0e7dc9
 2-04: 12:09:36:374:5b0 Ports S:f401 D:f401
 2-04: 12:09:36:695:544 
 2-04: 12:09:36:695:544 Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:09:36:695:544 ISAKMP Header: (V1.0), len = 40
 2-04: 12:09:36:695:544   I-COOKIE c379b220ef4de448
 2-04: 12:09:36:695:544   R-COOKIE e540e25cc603eb38
 2-04: 12:09:36:695:544   exchange: ISAKMP Informational Exchange
 2-04: 12:09:36:695:544   flags: 0
 2-04: 12:09:36:695:544   next payload: NOTIFY
 2-04: 12:09:36:695:544   message ID: 6ea04b06
 2-04: 12:09:36:695:544 received an unencrypted packet when crypto active
 2-04: 12:09:36:695:544 GetPacket failed 35ec
 2-04: 12:09:36:725:7ec Filter to match: Src 10.10.1.231 Dst 10.10.1.141
 2-04: 12:09:36:725:7ec MM PolicyName: 9
 2-04: 12:09:36:725:7ec MMPolicy dwFlags 2 SoftSAExpireTime 28800
 2-04: 12:09:36:725:7ec MMOffer[0] LifetimeSec 28800 QMLimit 1 DHGroup 2
 2-04: 12:09:36:725:7ec MMOffer[0] Encrypt: Triplo DES CBC Hash: SHA
 2-04: 12:09:36:725:7ec MMOffer[1] LifetimeSec 28800 QMLimit 1 DHGroup 2
 2-04: 12:09:36:725:7ec MMOffer[1] Encrypt: Triplo DES CBC Hash: MD5
 2-04: 12:09:36:725:7ec MMOffer[2] LifetimeSec 28800 QMLimit 1 DHGroup 1
 2-04: 12:09:36:725:7ec MMOffer[2] Encrypt: DES CBC Hash: SHA
 2-04: 12:09:36:725:7ec MMOffer[3] LifetimeSec 28800 QMLimit 1 DHGroup 1
 2-04: 12:09:36:725:7ec MMOffer[3] Encrypt: DES CBC Hash: MD5
 2-04: 12:09:36:725:7ec Auth[0]:RSA Sig C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br AuthFlags 0
 2-04: 12:09:36:725:7ec QM PolicyName: Host-roadwarrior filter action dwFlags 1
 2-04: 12:09:36:725:7ec QMOffer[0] LifetimeKBytes 50000 LifetimeSec 3600
 2-04: 12:09:36:725:7ec QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
 2-04: 12:09:36:725:7ec  Algo[0] Operation: ESP Algo: Triplo DES CBC HMAC: MD5
 2-04: 12:09:36:725:7ec Starting Negotiation: src = 10.10.1.141.0500, dst = 10.10.1.231.0500, proto = 00, context = 0000000C, ProxySrc = 10.10.1.141.0000, ProxyDst = 10.10.1.231.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.255
 2-04: 12:09:36:725:7ec constructing ISAKMP Header
 2-04: 12:09:36:725:7ec constructing SA (ISAKMP)
 2-04: 12:09:36:725:7ec Constructing Vendor MS NT5 ISAKMPOAKLEY
 2-04: 12:09:36:725:7ec Constructing Vendor FRAGMENTATION
 2-04: 12:09:36:725:7ec Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
 2-04: 12:09:36:725:7ec 
 2-04: 12:09:36:725:7ec Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:09:36:725:7ec ISAKMP Header: (V1.0), len = 256
 2-04: 12:09:36:725:7ec   I-COOKIE ce459f4801157448
 2-04: 12:09:36:725:7ec   R-COOKIE 0000000000000000
 2-04: 12:09:36:725:7ec   exchange: Oakley Main Mode
 2-04: 12:09:36:725:7ec   flags: 0
 2-04: 12:09:36:725:7ec   next payload: SA
 2-04: 12:09:36:725:7ec   message ID: 00000000
 2-04: 12:09:36:725:7ec Ports S:f401 D:f401
 2-04: 12:09:36:725:7ec 
 2-04: 12:09:36:725:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:09:36:725:7ec ISAKMP Header: (V1.0), len = 124
 2-04: 12:09:36:725:7ec   I-COOKIE ce459f4801157448
 2-04: 12:09:36:725:7ec   R-COOKIE 621f593e4657ba25
 2-04: 12:09:36:725:7ec   exchange: Oakley Main Mode
 2-04: 12:09:36:725:7ec   flags: 0
 2-04: 12:09:36:725:7ec   next payload: SA
 2-04: 12:09:36:725:7ec   message ID: 00000000
 2-04: 12:09:36:725:7ec processing payload SA
 2-04: 12:09:36:725:7ec Received Phase 1 Transform 1
 2-04: 12:09:36:725:7ec      Encryption Alg Triplo DES CBC(5)
 2-04: 12:09:36:725:7ec      Hash Alg SHA(2)
 2-04: 12:09:36:725:7ec      Oakley Group 2
 2-04: 12:09:36:725:7ec      Auth Method Assinatura RSA com Certificados (3)
 2-04: 12:09:36:725:7ec      Life type in Seconds
 2-04: 12:09:36:725:7ec      Life duration of 28800
 2-04: 12:09:36:725:7ec Phase 1 SA accepted: transform=1
 2-04: 12:09:36:725:7ec SA - Oakley proposal accepted
 2-04: 12:09:36:725:7ec processing payload VENDOR ID
 2-04: 12:09:36:725:7ec processing payload VENDOR ID
 2-04: 12:09:36:725:7ec Received VendorId draft-ietf-ipsec-nat-t-ike-02
 2-04: 12:09:36:725:7ec ClearFragList
 2-04: 12:09:36:725:7ec constructing ISAKMP Header
 2-04: 12:09:36:795:7ec constructing KE
 2-04: 12:09:36:795:7ec constructing NONCE (ISAKMP)
 2-04: 12:09:36:795:7ec Constructing NatDisc
 2-04: 12:09:36:795:7ec 
 2-04: 12:09:36:795:7ec Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:09:36:795:7ec ISAKMP Header: (V1.0), len = 232
 2-04: 12:09:36:795:7ec   I-COOKIE ce459f4801157448
 2-04: 12:09:36:795:7ec   R-COOKIE 621f593e4657ba25
 2-04: 12:09:36:795:7ec   exchange: Oakley Main Mode
 2-04: 12:09:36:795:7ec   flags: 0
 2-04: 12:09:36:795:7ec   next payload: KE
 2-04: 12:09:36:795:7ec   message ID: 00000000
 2-04: 12:09:36:795:7ec Ports S:f401 D:f401
 2-04: 12:09:36:815:7ec 
 2-04: 12:09:36:815:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:09:36:815:7ec ISAKMP Header: (V1.0), len = 228
 2-04: 12:09:36:815:7ec   I-COOKIE ce459f4801157448
 2-04: 12:09:36:815:7ec   R-COOKIE 621f593e4657ba25
 2-04: 12:09:36:815:7ec   exchange: Oakley Main Mode
 2-04: 12:09:36:815:7ec   flags: 0
 2-04: 12:09:36:815:7ec   next payload: KE
 2-04: 12:09:36:815:7ec   message ID: 00000000
 2-04: 12:09:36:815:7ec processing payload KE
 2-04: 12:09:36:845:7ec processing payload NONCE
 2-04: 12:09:36:845:7ec processing payload NATDISC
 2-04: 12:09:36:845:7ec Processing NatHash
 2-04: 12:09:36:845:7ec Nat hash 7cc2c66e45fd3dcc126f941ebcf2da3e
 2-04: 12:09:36:845:7ec 1bda0185
 2-04: 12:09:36:845:7ec SA StateMask2 f
 2-04: 12:09:36:845:7ec processing payload NATDISC
 2-04: 12:09:36:845:7ec Processing NatHash
 2-04: 12:09:36:845:7ec Nat hash 29167530ac65e585c29ead9a7fd99890
 2-04: 12:09:36:845:7ec e4934f84
 2-04: 12:09:36:845:7ec SA StateMask2 8f
 2-04: 12:09:36:845:7ec ClearFragList
 2-04: 12:09:36:845:7ec constructing ISAKMP Header
 2-04: 12:09:36:845:7ec constructing ID
 2-04: 12:09:36:845:7ec Received no valid CRPs.  Using all configured
 2-04: 12:09:36:845:7ec Looking for IPSec only cert
 2-04: 12:09:36:845:7ec Cert Trustes.  0 100
 2-04: 12:09:36:845:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
 2-04: 12:09:36:845:7ec fbeb65a0
 2-04: 12:09:36:845:7ec CertFindExtenstion failed with 0
 2-04: 12:09:36:845:7ec Entered CRL check
 2-04: 12:09:36:845:7ec Left CRL check
 2-04: 12:09:36:855:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
 2-04: 12:09:36:855:7ec fbeb65a0
 2-04: 12:09:36:855:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br
 2-04: 12:09:36:855:7ec Cert Serialnumber 02
 2-04: 12:09:36:855:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
 2-04: 12:09:36:855:7ec fbeb65a0
 2-04: 12:09:36:855:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
 2-04: 12:09:36:855:7ec Cert Serialnumber 00
 2-04: 12:09:36:855:7ec Cert SHA Thumbprint 3b9b8df006afe6e1c52b6ae783d0776c
 2-04: 12:09:36:855:7ec ece1fd71
 2-04: 12:09:36:855:7ec Not storing My cert chain in SA.
 2-04: 12:09:36:855:7ec MM ID Type 9
 2-04: 12:09:36:855:7ec MM ID 308184310b3009060355040613026272
 2-04: 12:09:36:855:7ec 3110300e060355040813077061726169
 2-04: 12:09:36:855:7ec 6261311430120603550407130b6a6f61
 2-04: 12:09:36:855:7ec 6f20706573736f61310e300c06035504
 2-04: 12:09:36:855:7ec 0a1305736566696e3116301406035504
 2-04: 12:09:36:855:7ec 03130d74657374652e636c69656e7465
 2-04: 12:09:36:855:7ec 3125302306092a864886f70d01090116
 2-04: 12:09:36:855:7ec 166e6f6272656761737a407961686f6f
 2-04: 12:09:36:855:7ec 2e636f6d2e6272
 2-04: 12:09:36:855:7ec constructing CERT
 2-04: 12:09:36:855:7ec Construct SIG
 2-04: 12:09:36:865:7ec Constructing Cert Request
 2-04: 12:09:36:865:7ec C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
 2-04: 12:09:36:865:7ec 
 2-04: 12:09:36:865:7ec Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:09:36:865:7ec ISAKMP Header: (V1.0), len = 1356
 2-04: 12:09:36:865:7ec   I-COOKIE ce459f4801157448
 2-04: 12:09:36:865:7ec   R-COOKIE 621f593e4657ba25
 2-04: 12:09:36:865:7ec   exchange: Oakley Main Mode
 2-04: 12:09:36:865:7ec   flags: 1 ( encrypted )
 2-04: 12:09:36:865:7ec   next payload: ID
 2-04: 12:09:36:865:7ec   message ID: 00000000
 2-04: 12:09:36:865:7ec Ports S:f401 D:f401
 2-04: 12:09:36:865:7ec 
 2-04: 12:09:36:865:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:09:36:865:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:09:36:865:7ec   I-COOKIE ce459f4801157448
 2-04: 12:09:36:865:7ec   R-COOKIE 621f593e4657ba25
 2-04: 12:09:36:865:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:09:36:865:7ec   flags: 1 ( encrypted )
 2-04: 12:09:36:865:7ec   next payload: HASH
 2-04: 12:09:36:865:7ec   message ID: caee6b34
 2-04: 12:09:36:865:7ec invalid payload received
 2-04: 12:09:36:865:7ec GetPacket failed 3613
 2-04: 12:09:37:376:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 1
 2-04: 12:09:37:376:5b0 
 2-04: 12:09:37:376:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:09:37:376:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:09:37:376:5b0   I-COOKIE ce459f4801157448
 2-04: 12:09:37:376:5b0   R-COOKIE 621f593e4657ba25
 2-04: 12:09:37:376:5b0   exchange: Oakley Main Mode
 2-04: 12:09:37:376:5b0   flags: 1 ( encrypted )
 2-04: 12:09:37:376:5b0   next payload: ID
 2-04: 12:09:37:376:5b0   message ID: 00000000
 2-04: 12:09:37:376:5b0 Ports S:f401 D:f401
 2-04: 12:09:37:376:7ec 
 2-04: 12:09:37:376:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:09:37:376:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:09:37:376:7ec   I-COOKIE ce459f4801157448
 2-04: 12:09:37:376:7ec   R-COOKIE 621f593e4657ba25
 2-04: 12:09:37:376:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:09:37:376:7ec   flags: 1 ( encrypted )
 2-04: 12:09:37:376:7ec   next payload: HASH
 2-04: 12:09:37:376:7ec   message ID: 4c919ca9
 2-04: 12:09:37:376:7ec invalid payload received
 2-04: 12:09:37:376:7ec GetPacket failed 3613
 2-04: 12:09:39:379:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 2
 2-04: 12:09:39:379:5b0 
 2-04: 12:09:39:379:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:09:39:379:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:09:39:379:5b0   I-COOKIE ce459f4801157448
 2-04: 12:09:39:379:5b0   R-COOKIE 621f593e4657ba25
 2-04: 12:09:39:379:5b0   exchange: Oakley Main Mode
 2-04: 12:09:39:379:5b0   flags: 1 ( encrypted )
 2-04: 12:09:39:379:5b0   next payload: ID
 2-04: 12:09:39:379:5b0   message ID: 00000000
 2-04: 12:09:39:379:5b0 Ports S:f401 D:f401
 2-04: 12:09:39:379:7ec 
 2-04: 12:09:39:379:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:09:39:379:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:09:39:379:7ec   I-COOKIE ce459f4801157448
 2-04: 12:09:39:379:7ec   R-COOKIE 621f593e4657ba25
 2-04: 12:09:39:379:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:09:39:379:7ec   flags: 1 ( encrypted )
 2-04: 12:09:39:379:7ec   next payload: HASH
 2-04: 12:09:39:379:7ec   message ID: 24f0ac68
 2-04: 12:09:39:379:7ec invalid payload received
 2-04: 12:09:39:379:7ec GetPacket failed 3613
 2-04: 12:09:43:384:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 3
 2-04: 12:09:43:384:5b0 
 2-04: 12:09:43:384:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:09:43:384:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:09:43:384:5b0   I-COOKIE ce459f4801157448
 2-04: 12:09:43:384:5b0   R-COOKIE 621f593e4657ba25
 2-04: 12:09:43:384:5b0   exchange: Oakley Main Mode
 2-04: 12:09:43:384:5b0   flags: 1 ( encrypted )
 2-04: 12:09:43:384:5b0   next payload: ID
 2-04: 12:09:43:384:5b0   message ID: 00000000
 2-04: 12:09:43:384:5b0 Ports S:f401 D:f401
 2-04: 12:09:43:384:7ec 
 2-04: 12:09:43:384:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:09:43:384:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:09:43:384:7ec   I-COOKIE ce459f4801157448
 2-04: 12:09:43:384:7ec   R-COOKIE 621f593e4657ba25
 2-04: 12:09:43:384:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:09:43:384:7ec   flags: 1 ( encrypted )
 2-04: 12:09:43:384:7ec   next payload: HASH
 2-04: 12:09:43:384:7ec   message ID: b947c8a4
 2-04: 12:09:43:384:7ec invalid payload received
 2-04: 12:09:43:384:7ec GetPacket failed 3613
 2-04: 12:09:46:379:7ec 
 2-04: 12:09:46:379:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:09:46:379:7ec ISAKMP Header: (V1.0), len = 228
 2-04: 12:09:46:379:7ec   I-COOKIE ce459f4801157448
 2-04: 12:09:46:379:7ec   R-COOKIE 621f593e4657ba25
 2-04: 12:09:46:389:7ec   exchange: Oakley Main Mode
 2-04: 12:09:46:389:7ec   flags: 0
 2-04: 12:09:46:389:7ec   next payload: KE
 2-04: 12:09:46:389:7ec   message ID: 00000000
 2-04: 12:09:46:389:7ec received an unencrypted packet when crypto active
 2-04: 12:09:46:389:7ec GetPacket failed 35ec
 2-04: 12:09:47:170:7ec ClearFragList
 2-04: 12:09:51:396:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 4
 2-04: 12:09:51:396:5b0 
 2-04: 12:09:51:396:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:09:51:396:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:09:51:396:5b0   I-COOKIE ce459f4801157448
 2-04: 12:09:51:396:5b0   R-COOKIE 621f593e4657ba25
 2-04: 12:09:51:396:5b0   exchange: Oakley Main Mode
 2-04: 12:09:51:396:5b0   flags: 1 ( encrypted )
 2-04: 12:09:51:396:5b0   next payload: ID
 2-04: 12:09:51:396:5b0   message ID: 00000000
 2-04: 12:09:51:396:5b0 Ports S:f401 D:f401
 2-04: 12:09:51:396:7ec 
 2-04: 12:09:51:396:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:09:51:396:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:09:51:396:7ec   I-COOKIE ce459f4801157448
 2-04: 12:09:51:396:7ec   R-COOKIE 621f593e4657ba25
 2-04: 12:09:51:396:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:09:51:396:7ec   flags: 1 ( encrypted )
 2-04: 12:09:51:396:7ec   next payload: HASH
 2-04: 12:09:51:396:7ec   message ID: ec1df876
 2-04: 12:09:51:396:7ec invalid payload received
 2-04: 12:09:51:396:7ec GetPacket failed 3613
 2-04: 12:10:06:397:7ec 
 2-04: 12:10:06:397:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:10:06:397:7ec ISAKMP Header: (V1.0), len = 228
 2-04: 12:10:06:397:7ec   I-COOKIE ce459f4801157448
 2-04: 12:10:06:397:7ec   R-COOKIE 621f593e4657ba25
 2-04: 12:10:06:397:7ec   exchange: Oakley Main Mode
 2-04: 12:10:06:397:7ec   flags: 0
 2-04: 12:10:06:397:7ec   next payload: KE
 2-04: 12:10:06:397:7ec   message ID: 00000000
 2-04: 12:10:06:397:7ec received an unencrypted packet when crypto active
 2-04: 12:10:06:397:7ec GetPacket failed 35ec
 2-04: 12:10:07:419:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 5
 2-04: 12:10:07:419:5b0 
 2-04: 12:10:07:419:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:10:07:419:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:10:07:419:5b0   I-COOKIE ce459f4801157448
 2-04: 12:10:07:419:5b0   R-COOKIE 621f593e4657ba25
 2-04: 12:10:07:419:5b0   exchange: Oakley Main Mode
 2-04: 12:10:07:419:5b0   flags: 1 ( encrypted )
 2-04: 12:10:07:419:5b0   next payload: ID
 2-04: 12:10:07:419:5b0   message ID: 00000000
 2-04: 12:10:07:419:5b0 Ports S:f401 D:f401
 2-04: 12:10:07:419:7ec 
 2-04: 12:10:07:419:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:10:07:419:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:10:07:419:7ec   I-COOKIE ce459f4801157448
 2-04: 12:10:07:419:7ec   R-COOKIE 621f593e4657ba25
 2-04: 12:10:07:419:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:10:07:419:7ec   flags: 1 ( encrypted )
 2-04: 12:10:07:419:7ec   next payload: HASH
 2-04: 12:10:07:419:7ec   message ID: 45925b38
 2-04: 12:10:07:419:7ec invalid payload received
 2-04: 12:10:07:419:7ec GetPacket failed 3613
 2-04: 12:10:39:465:5b0 retransmit exhausted: sa = 0010BD58 centry 00000000, count = 6
 2-04: 12:10:39:465:5b0 SA Dead. sa:0010BD58 status:35ed
 2-04: 12:10:39:465:5b0 isadb_set_status sa:0010BD58 centry:00000000 status 35ed
 2-04: 12:10:39:465:5b0 Modo de troca de chave (Modo principal)
 2-04: 12:10:39:465:5b0 Endereço IP de origem 10.10.1.141  Máscara do endereço IP de origem 255.255.255.255  Endereço IP de destino 10.10.1.231  Máscara do endereço IP de destino 255.255.255.255  Protocolo 0  Porta de origem 0  Porta de destino 0  End. local IKE 10.10.1.141  End. IKE de mesmo nível 10.10.1.231
 2-04: 12:10:39:465:5b0 Identidade baseada no certificado.  Entidade de mesmo nível   Impressão digital SHA de mesmo nível 0000000000000000000000000000000000000000  Autoridade de certificação emitente   Autoridade de certificação raiz   Minha entidade C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br  Minha impressão digital SHA 2d16b509f9321a54e03090781b660713fbeb65a0  Endereço IP de mesmo nível: 10.10.1.231
 2-04: 12:10:39:465:5b0 Eu
 2-04: 12:10:39:465:5b0 Tempo limite da negociação esgotado
 2-04: 12:10:39:465:5b0 0x0 0x0
 2-04: 12:10:39:465:5b0 constructing ISAKMP Header
 2-04: 12:10:39:465:5b0 constructing HASH (null)
 2-04: 12:10:39:465:5b0 constructing DELETE. MM 0010BD58
 2-04: 12:10:39:465:5b0 constructing HASH (Notify/Delete)
 2-04: 12:10:39:465:5b0 
 2-04: 12:10:39:465:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 1.500
 2-04: 12:10:39:465:5b0 ISAKMP Header: (V1.0), len = 84
 2-04: 12:10:39:465:5b0   I-COOKIE ce459f4801157448
 2-04: 12:10:39:465:5b0   R-COOKIE 621f593e4657ba25
 2-04: 12:10:39:465:5b0   exchange: ISAKMP Informational Exchange
 2-04: 12:10:39:465:5b0   flags: 1 ( encrypted )
 2-04: 12:10:39:465:5b0   next payload: HASH
 2-04: 12:10:39:465:5b0   message ID: 082bdff8
 2-04: 12:10:39:465:5b0 Ports S:f401 D:f401
 2-04: 12:10:39:465:7ec 
 2-04: 12:10:39:465:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:10:39:465:7ec ISAKMP Header: (V1.0), len = 40
 2-04: 12:10:39:465:7ec   I-COOKIE ce459f4801157448
 2-04: 12:10:39:465:7ec   R-COOKIE 621f593e4657ba25
 2-04: 12:10:39:465:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:10:39:465:7ec   flags: 0
 2-04: 12:10:39:465:7ec   next payload: NOTIFY
 2-04: 12:10:39:465:7ec   message ID: 0f58c953
 2-04: 12:10:39:465:7ec received an unencrypted packet when crypto active
 2-04: 12:10:39:465:7ec GetPacket failed 35ec
 2-04: 12:11:17:179:7ec ClearFragList
 2-04: 12:15:12:518:b8 isadb_schedule_kill_oldPolicy_sas: ad521afa-3668-4534-b36b3f40af903461 4
 2-04: 12:15:12:518:b8 isadb_schedule_kill_oldPolicy_sas: 5a67936e-68c7-45bc-bbe6719d15569135 4
 2-04: 12:15:12:518:b8 isadb_schedule_kill_oldPolicy_sas: ff580d2d-ec6d-4198-90f5737e5db74ebe 3
 2-04: 12:15:12:518:b8 isadb_schedule_kill_oldPolicy_sas: eb485646-4aca-4c16-b95fdecb47f916d1 3
 2-04: 12:15:12:528:7ec entered kill_old_policy_sas 4
 2-04: 12:15:12:528:7ec entered kill_old_policy_sas 4
 2-04: 12:15:12:528:7ec entered kill_old_policy_sas 3
 2-04: 12:15:12:528:7ec entered kill_old_policy_sas 3
 2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: c04c78a6-f434-44cc-864a970de645671f 3
 2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: 160d3b34-5a9f-4461-ad35d34edbec00a7 3
 2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: 0508392b-0c05-421f-af2d26c9cf2683a4 1
 2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: bfc3a5b4-63ba-411a-a640df9ca28a9e99 2
 2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: 7e09ba43-e79c-4030-b8e2b92196bb3ce7 2
 2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: d5b94763-8ab5-4ec4-80ea87c36d8e4d18 2
 2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: 45deb501-be93-4049-a611a20cb969e16f 2
 2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 3
 2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 3
 2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 1
 2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 2
 2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 2
 2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 2
 2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 2
 2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: 75577683-373b-4d3d-b211a3e45784f332 4
 2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: df4c2af8-bd6d-4dee-b673e58c2ed650dc 4
 2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: d12c1e4c-5ec0-469a-91bf313c3bf24442 3
 2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: 985f168b-74e2-4c8a-97c77e755dd4d7c1 3
 2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: 030a96e9-e8d1-47d6-b632c7334ef52332 1
 2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: 3a246cb4-b2c4-46cc-9afcedd95d2225ad 2
 2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: cf5d5d18-3337-4670-a5a9e985d8bfbb3c 2
 2-04: 12:15:13:349:7ec entered kill_old_policy_sas 4
 2-04: 12:15:13:349:7ec entered kill_old_policy_sas 4
 2-04: 12:15:13:349:7ec entered kill_old_policy_sas 3
 2-04: 12:15:13:349:7ec entered kill_old_policy_sas 3
 2-04: 12:15:13:349:7ec entered kill_old_policy_sas 1
 2-04: 12:15:13:349:7ec entered kill_old_policy_sas 2
 2-04: 12:15:13:349:7ec entered kill_old_policy_sas 2
 2-04: 12:15:28:721:284 Acquire from driver: op=0000000D src=10.10.1.141.0 dst=192.168.0.1.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.0, Tunnel 1, TunnelEndpt=10.10.1.231 Inbound TunnelEndpt=10.10.1.141
 2-04: 12:15:28:721:7ec Filter to match: Src 10.10.1.231 Dst 10.10.1.141
 2-04: 12:15:28:721:7ec MM PolicyName: 11
 2-04: 12:15:28:721:7ec MMPolicy dwFlags 2 SoftSAExpireTime 28800
 2-04: 12:15:28:721:7ec MMOffer[0] LifetimeSec 28800 QMLimit 1 DHGroup 2
 2-04: 12:15:28:721:7ec MMOffer[0] Encrypt: Triplo DES CBC Hash: SHA
 2-04: 12:15:28:721:7ec MMOffer[1] LifetimeSec 28800 QMLimit 1 DHGroup 2
 2-04: 12:15:28:721:7ec MMOffer[1] Encrypt: Triplo DES CBC Hash: MD5
 2-04: 12:15:28:721:7ec MMOffer[2] LifetimeSec 28800 QMLimit 1 DHGroup 1
 2-04: 12:15:28:721:7ec MMOffer[2] Encrypt: DES CBC Hash: SHA
 2-04: 12:15:28:721:7ec MMOffer[3] LifetimeSec 28800 QMLimit 1 DHGroup 1
 2-04: 12:15:28:721:7ec MMOffer[3] Encrypt: DES CBC Hash: MD5
 2-04: 12:15:28:721:7ec Auth[0]:RSA Sig C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br AuthFlags 0
 2-04: 12:15:28:721:7ec QM PolicyName: Host-roadwarrior-net filter action dwFlags 1
 2-04: 12:15:28:721:7ec QMOffer[0] LifetimeKBytes 50000 LifetimeSec 3600
 2-04: 12:15:28:721:7ec QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
 2-04: 12:15:28:721:7ec  Algo[0] Operation: ESP Algo: Triplo DES CBC HMAC: MD5
 2-04: 12:15:28:721:7ec Starting Negotiation: src = 10.10.1.141.0500, dst = 10.10.1.231.0500, proto = 00, context = 0000000D, ProxySrc = 10.10.1.141.0000, ProxyDst = 192.168.0.0.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.0
 2-04: 12:15:28:721:7ec constructing ISAKMP Header
 2-04: 12:15:28:721:7ec constructing SA (ISAKMP)
 2-04: 12:15:28:721:7ec Constructing Vendor MS NT5 ISAKMPOAKLEY
 2-04: 12:15:28:721:7ec Constructing Vendor FRAGMENTATION
 2-04: 12:15:28:721:7ec Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
 2-04: 12:15:28:721:7ec Constructing Vendor Vid-Initial-Contact
 2-04: 12:15:28:721:7ec 
 2-04: 12:15:28:721:7ec Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:15:28:721:7ec ISAKMP Header: (V1.0), len = 276
 2-04: 12:15:28:721:7ec   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:28:721:7ec   R-COOKIE 0000000000000000
 2-04: 12:15:28:721:7ec   exchange: Oakley Main Mode
 2-04: 12:15:28:721:7ec   flags: 0
 2-04: 12:15:28:721:7ec   next payload: SA
 2-04: 12:15:28:721:7ec   message ID: 00000000
 2-04: 12:15:28:721:7ec Ports S:f401 D:f401
 2-04: 12:15:28:721:7ec 
 2-04: 12:15:28:721:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:15:28:721:7ec ISAKMP Header: (V1.0), len = 124
 2-04: 12:15:28:721:7ec   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:28:721:7ec   R-COOKIE 4965758a1c833986
 2-04: 12:15:28:721:7ec   exchange: Oakley Main Mode
 2-04: 12:15:28:721:7ec   flags: 0
 2-04: 12:15:28:721:7ec   next payload: SA
 2-04: 12:15:28:721:7ec   message ID: 00000000
 2-04: 12:15:28:721:7ec processing payload SA
 2-04: 12:15:28:721:7ec Received Phase 1 Transform 1
 2-04: 12:15:28:721:7ec      Encryption Alg Triplo DES CBC(5)
 2-04: 12:15:28:721:7ec      Hash Alg SHA(2)
 2-04: 12:15:28:721:7ec      Oakley Group 2
 2-04: 12:15:28:721:7ec      Auth Method Assinatura RSA com Certificados (3)
 2-04: 12:15:28:721:7ec      Life type in Seconds
 2-04: 12:15:28:721:7ec      Life duration of 28800
 2-04: 12:15:28:721:7ec Phase 1 SA accepted: transform=1
 2-04: 12:15:28:721:7ec SA - Oakley proposal accepted
 2-04: 12:15:28:721:7ec processing payload VENDOR ID
 2-04: 12:15:28:731:7ec processing payload VENDOR ID
 2-04: 12:15:28:731:7ec Received VendorId draft-ietf-ipsec-nat-t-ike-02
 2-04: 12:15:28:731:7ec ClearFragList
 2-04: 12:15:28:731:7ec constructing ISAKMP Header
 2-04: 12:15:28:801:7ec constructing KE
 2-04: 12:15:28:801:7ec constructing NONCE (ISAKMP)
 2-04: 12:15:28:801:7ec Constructing NatDisc
 2-04: 12:15:28:801:7ec 
 2-04: 12:15:28:801:7ec Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:15:28:801:7ec ISAKMP Header: (V1.0), len = 232
 2-04: 12:15:28:801:7ec   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:28:801:7ec   R-COOKIE 4965758a1c833986
 2-04: 12:15:28:801:7ec   exchange: Oakley Main Mode
 2-04: 12:15:28:801:7ec   flags: 0
 2-04: 12:15:28:801:7ec   next payload: KE
 2-04: 12:15:28:801:7ec   message ID: 00000000
 2-04: 12:15:28:801:7ec Ports S:f401 D:f401
 2-04: 12:15:28:821:7ec 
 2-04: 12:15:28:821:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:15:28:821:7ec ISAKMP Header: (V1.0), len = 228
 2-04: 12:15:28:821:7ec   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:28:821:7ec   R-COOKIE 4965758a1c833986
 2-04: 12:15:28:821:7ec   exchange: Oakley Main Mode
 2-04: 12:15:28:821:7ec   flags: 0
 2-04: 12:15:28:821:7ec   next payload: KE
 2-04: 12:15:28:821:7ec   message ID: 00000000
 2-04: 12:15:28:821:7ec processing payload KE
 2-04: 12:15:28:841:7ec processing payload NONCE
 2-04: 12:15:28:841:7ec processing payload NATDISC
 2-04: 12:15:28:841:7ec Processing NatHash
 2-04: 12:15:28:841:7ec Nat hash d0e4dcafd9b7414016b515fc2e17cd5d
 2-04: 12:15:28:841:7ec a3b14493
 2-04: 12:15:28:841:7ec SA StateMask2 f
 2-04: 12:15:28:841:7ec processing payload NATDISC
 2-04: 12:15:28:841:7ec Processing NatHash
 2-04: 12:15:28:841:7ec Nat hash ee5b1798d9a3564a847d56594cb9607b
 2-04: 12:15:28:851:7ec 609aa20c
 2-04: 12:15:28:851:7ec SA StateMask2 8f
 2-04: 12:15:28:851:7ec ClearFragList
 2-04: 12:15:28:851:7ec constructing ISAKMP Header
 2-04: 12:15:28:851:7ec constructing ID
 2-04: 12:15:28:851:7ec Received no valid CRPs.  Using all configured
 2-04: 12:15:28:851:7ec Looking for IPSec only cert
 2-04: 12:15:28:851:7ec Cert Trustes.  0 100
 2-04: 12:15:28:851:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
 2-04: 12:15:28:851:7ec fbeb65a0
 2-04: 12:15:28:851:7ec CertFindExtenstion failed with 0
 2-04: 12:15:28:851:7ec Entered CRL check
 2-04: 12:15:28:851:7ec Left CRL check
 2-04: 12:15:28:851:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
 2-04: 12:15:28:851:7ec fbeb65a0
 2-04: 12:15:28:851:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br
 2-04: 12:15:28:851:7ec Cert Serialnumber 02
 2-04: 12:15:28:851:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
 2-04: 12:15:28:851:7ec fbeb65a0
 2-04: 12:15:28:851:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
 2-04: 12:15:28:851:7ec Cert Serialnumber 00
 2-04: 12:15:28:851:7ec Cert SHA Thumbprint 3b9b8df006afe6e1c52b6ae783d0776c
 2-04: 12:15:28:851:7ec ece1fd71
 2-04: 12:15:28:851:7ec Not storing My cert chain in SA.
 2-04: 12:15:28:851:7ec MM ID Type 9
 2-04: 12:15:28:851:7ec MM ID 308184310b3009060355040613026272
 2-04: 12:15:28:851:7ec 3110300e060355040813077061726169
 2-04: 12:15:28:851:7ec 6261311430120603550407130b6a6f61
 2-04: 12:15:28:851:7ec 6f20706573736f61310e300c06035504
 2-04: 12:15:28:851:7ec 0a1305736566696e3116301406035504
 2-04: 12:15:28:851:7ec 03130d74657374652e636c69656e7465
 2-04: 12:15:28:851:7ec 3125302306092a864886f70d01090116
 2-04: 12:15:28:851:7ec 166e6f6272656761737a407961686f6f
 2-04: 12:15:28:851:7ec 2e636f6d2e6272
 2-04: 12:15:28:851:7ec constructing CERT
 2-04: 12:15:28:851:7ec Construct SIG
 2-04: 12:15:28:861:7ec Constructing Cert Request
 2-04: 12:15:28:861:7ec C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
 2-04: 12:15:28:861:7ec 
 2-04: 12:15:28:861:7ec Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:15:28:861:7ec ISAKMP Header: (V1.0), len = 1356
 2-04: 12:15:28:861:7ec   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:28:861:7ec   R-COOKIE 4965758a1c833986
 2-04: 12:15:28:861:7ec   exchange: Oakley Main Mode
 2-04: 12:15:28:861:7ec   flags: 1 ( encrypted )
 2-04: 12:15:28:861:7ec   next payload: ID
 2-04: 12:15:28:861:7ec   message ID: 00000000
 2-04: 12:15:28:861:7ec Ports S:f401 D:f401
 2-04: 12:15:28:871:7ec 
 2-04: 12:15:28:871:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:15:28:871:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:15:28:871:7ec   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:28:871:7ec   R-COOKIE 4965758a1c833986
 2-04: 12:15:28:871:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:15:28:871:7ec   flags: 1 ( encrypted )
 2-04: 12:15:28:871:7ec   next payload: HASH
 2-04: 12:15:28:871:7ec   message ID: f6276d68
 2-04: 12:15:28:871:7ec invalid payload received
 2-04: 12:15:28:871:7ec GetPacket failed 3613
 2-04: 12:15:30:3:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 1
 2-04: 12:15:30:3:5b0 
 2-04: 12:15:30:3:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:15:30:3:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:15:30:3:5b0   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:30:3:5b0   R-COOKIE 4965758a1c833986
 2-04: 12:15:30:3:5b0   exchange: Oakley Main Mode
 2-04: 12:15:30:3:5b0   flags: 1 ( encrypted )
 2-04: 12:15:30:3:5b0   next payload: ID
 2-04: 12:15:30:3:5b0   message ID: 00000000
 2-04: 12:15:30:3:5b0 Ports S:f401 D:f401
 2-04: 12:15:30:3:7ec 
 2-04: 12:15:30:3:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:15:30:3:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:15:30:3:7ec   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:30:3:7ec   R-COOKIE 4965758a1c833986
 2-04: 12:15:30:3:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:15:30:3:7ec   flags: 1 ( encrypted )
 2-04: 12:15:30:3:7ec   next payload: HASH
 2-04: 12:15:30:3:7ec   message ID: fac24b2d
 2-04: 12:15:30:3:7ec invalid payload received
 2-04: 12:15:30:3:7ec GetPacket failed 3613
 2-04: 12:15:32:6:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 2
 2-04: 12:15:32:6:5b0 
 2-04: 12:15:32:6:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:15:32:6:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:15:32:6:5b0   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:32:6:5b0   R-COOKIE 4965758a1c833986
 2-04: 12:15:32:6:5b0   exchange: Oakley Main Mode
 2-04: 12:15:32:6:5b0   flags: 1 ( encrypted )
 2-04: 12:15:32:6:5b0   next payload: ID
 2-04: 12:15:32:6:5b0   message ID: 00000000
 2-04: 12:15:32:6:5b0 Ports S:f401 D:f401
 2-04: 12:15:32:6:7ec 
 2-04: 12:15:32:6:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:15:32:6:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:15:32:6:7ec   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:32:6:7ec   R-COOKIE 4965758a1c833986
 2-04: 12:15:32:6:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:15:32:6:7ec   flags: 1 ( encrypted )
 2-04: 12:15:32:6:7ec   next payload: HASH
 2-04: 12:15:32:6:7ec   message ID: b70ab5a8
 2-04: 12:15:32:6:7ec invalid payload received
 2-04: 12:15:32:6:7ec GetPacket failed 3613
 2-04: 12:15:36:11:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 3
 2-04: 12:15:36:11:5b0 
 2-04: 12:15:36:11:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:15:36:11:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:15:36:11:5b0   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:36:11:5b0   R-COOKIE 4965758a1c833986
 2-04: 12:15:36:11:5b0   exchange: Oakley Main Mode
 2-04: 12:15:36:11:5b0   flags: 1 ( encrypted )
 2-04: 12:15:36:11:5b0   next payload: ID
 2-04: 12:15:36:11:5b0   message ID: 00000000
 2-04: 12:15:36:11:5b0 Ports S:f401 D:f401
 2-04: 12:15:36:11:7ec 
 2-04: 12:15:36:11:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:15:36:11:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:15:36:11:7ec   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:36:11:7ec   R-COOKIE 4965758a1c833986
 2-04: 12:15:36:11:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:15:36:11:7ec   flags: 1 ( encrypted )
 2-04: 12:15:36:11:7ec   next payload: HASH
 2-04: 12:15:36:11:7ec   message ID: 3a80be4d
 2-04: 12:15:36:11:7ec invalid payload received
 2-04: 12:15:36:11:7ec GetPacket failed 3613
 2-04: 12:15:37:153:284 Acquire from driver: op=0000000E src=10.10.1.141.0 dst=10.10.1.231.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 1, TunnelEndpt=10.10.1.231 Inbound TunnelEndpt=10.10.1.141
 2-04: 12:15:37:153:7ec Main mode in progress. Acquire queued
 2-04: 12:15:37:153:7ec Queued Acquire Context e on SA 10bd58
 2-04: 12:15:38:4:7ec 
 2-04: 12:15:38:4:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:15:38:4:7ec ISAKMP Header: (V1.0), len = 228
 2-04: 12:15:38:4:7ec   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:38:4:7ec   R-COOKIE 4965758a1c833986
 2-04: 12:15:38:4:7ec   exchange: Oakley Main Mode
 2-04: 12:15:38:4:7ec   flags: 0
 2-04: 12:15:38:4:7ec   next payload: KE
 2-04: 12:15:38:4:7ec   message ID: 00000000
 2-04: 12:15:38:4:7ec received an unencrypted packet when crypto active
 2-04: 12:15:38:4:7ec GetPacket failed 35ec
 2-04: 12:15:44:23:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 4
 2-04: 12:15:44:23:5b0 
 2-04: 12:15:44:23:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:15:44:23:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:15:44:23:5b0   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:44:23:5b0   R-COOKIE 4965758a1c833986
 2-04: 12:15:44:23:5b0   exchange: Oakley Main Mode
 2-04: 12:15:44:23:5b0   flags: 1 ( encrypted )
 2-04: 12:15:44:23:5b0   next payload: ID
 2-04: 12:15:44:23:5b0   message ID: 00000000
 2-04: 12:15:44:23:5b0 Ports S:f401 D:f401
 2-04: 12:15:44:33:7ec 
 2-04: 12:15:44:33:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:15:44:33:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:15:44:33:7ec   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:44:33:7ec   R-COOKIE 4965758a1c833986
 2-04: 12:15:44:33:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:15:44:33:7ec   flags: 1 ( encrypted )
 2-04: 12:15:44:33:7ec   next payload: HASH
 2-04: 12:15:44:33:7ec   message ID: 0085de99
 2-04: 12:15:44:33:7ec invalid payload received
 2-04: 12:15:44:33:7ec GetPacket failed 3613
 2-04: 12:15:58:23:7ec 
 2-04: 12:15:58:23:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:15:58:23:7ec ISAKMP Header: (V1.0), len = 228
 2-04: 12:15:58:23:7ec   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:15:58:23:7ec   R-COOKIE 4965758a1c833986
 2-04: 12:15:58:23:7ec   exchange: Oakley Main Mode
 2-04: 12:15:58:23:7ec   flags: 0
 2-04: 12:15:58:23:7ec   next payload: KE
 2-04: 12:15:58:23:7ec   message ID: 00000000
 2-04: 12:15:58:23:7ec received an unencrypted packet when crypto active
 2-04: 12:15:58:23:7ec GetPacket failed 35ec
 2-04: 12:16:00:46:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 5
 2-04: 12:16:00:46:5b0 
 2-04: 12:16:00:46:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
 2-04: 12:16:00:46:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:16:00:46:5b0   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:16:00:46:5b0   R-COOKIE 4965758a1c833986
 2-04: 12:16:00:46:5b0   exchange: Oakley Main Mode
 2-04: 12:16:00:46:5b0   flags: 1 ( encrypted )
 2-04: 12:16:00:46:5b0   next payload: ID
 2-04: 12:16:00:46:5b0   message ID: 00000000
 2-04: 12:16:00:46:5b0 Ports S:f401 D:f401
 2-04: 12:16:00:46:7ec 
 2-04: 12:16:00:46:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:16:00:46:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:16:00:46:7ec   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:16:00:46:7ec   R-COOKIE 4965758a1c833986
 2-04: 12:16:00:46:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:16:00:46:7ec   flags: 1 ( encrypted )
 2-04: 12:16:00:46:7ec   next payload: HASH
 2-04: 12:16:00:46:7ec   message ID: cdececfe
 2-04: 12:16:00:46:7ec invalid payload received
 2-04: 12:16:00:46:7ec GetPacket failed 3613
 2-04: 12:16:32:92:5b0 retransmit exhausted: sa = 0010BD58 centry 00000000, count = 6
 2-04: 12:16:32:92:5b0 SA Dead. sa:0010BD58 status:35ed
 2-04: 12:16:32:92:5b0 Posting new acquire context e
 2-04: 12:16:32:92:5b0 Internal Acquire: op=0000000E src=10.10.1.141.0 dst=10.10.1.231.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 1, TunnelEndpt=10.10.1.231 Inbound TunnelEndpt=10.10.1.141, InitiateEvent=00000000, IKE SrcPort=0 IKE DstPort=0
 2-04: 12:16:32:92:5b0 isadb_set_status sa:0010BD58 centry:00000000 status 35ed
 2-04: 12:16:32:92:5b0 Modo de troca de chave (Modo principal)
 2-04: 12:16:32:92:5b0 Endereço IP de origem 10.10.1.141  Máscara do endereço IP de origem 255.255.255.255  Endereço IP de destino 10.10.1.231  Máscara do endereço IP de destino 255.255.255.255  Protocolo 0  Porta de origem 0  Porta de destino 0  End. local IKE 10.10.1.141  End. IKE de mesmo nível 10.10.1.231
 2-04: 12:16:32:92:5b0 Identidade baseada no certificado.  Entidade de mesmo nível   Impressão digital SHA de mesmo nível 0000000000000000000000000000000000000000  Autoridade de certificação emitente   Autoridade de certificação raiz   Minha entidade C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br  Minha impressão digital SHA 2d16b509f9321a54e03090781b660713fbeb65a0  Endereço IP de mesmo nível: 10.10.1.231
 2-04: 12:16:32:92:5b0 Eu
 2-04: 12:16:32:92:5b0 Tempo limite da negociação esgotado
 2-04: 12:16:32:92:5b0 0x0 0x0
 2-04: 12:16:32:92:5b0 constructing ISAKMP Header
 2-04: 12:16:32:92:5b0 constructing HASH (null)
 2-04: 12:16:32:92:5b0 constructing DELETE. MM 0010BD58
 2-04: 12:16:32:92:5b0 constructing HASH (Notify/Delete)
 2-04: 12:16:32:92:5b0 
 2-04: 12:16:32:92:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 1.500
 2-04: 12:16:32:92:5b0 ISAKMP Header: (V1.0), len = 84
 2-04: 12:16:32:92:5b0   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:16:32:92:5b0   R-COOKIE 4965758a1c833986
 2-04: 12:16:32:92:5b0   exchange: ISAKMP Informational Exchange
 2-04: 12:16:32:92:5b0   flags: 1 ( encrypted )
 2-04: 12:16:32:92:5b0   next payload: HASH
 2-04: 12:16:32:92:5b0   message ID: f67dcfd8
 2-04: 12:16:32:92:5b0 Ports S:f401 D:f401
 2-04: 12:16:32:92:238 
 2-04: 12:16:32:92:238 Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
 2-04: 12:16:32:92:238 ISAKMP Header: (V1.0), len = 40
 2-04: 12:16:32:92:238   I-COOKIE c0ae6fb6fd7cba77
 2-04: 12:16:32:92:238   R-COOKIE 4965758a1c833986
 2-04: 12:16:32:92:238   exchange: ISAKMP Informational Exchange
 2-04: 12:16:32:92:238   flags: 0
 2-04: 12:16:32:92:238   next payload: NOTIFY
 2-04: 12:16:32:92:238   message ID: 006d8f67
 2-04: 12:16:32:92:238 received an unencrypted packet when crypto active
 2-04: 12:16:32:92:238 GetPacket failed 35ec
 2-04: 12:16:32:142:7ec Filter to match: Src 10.10.1.231 Dst 10.10.1.141
 2-04: 12:16:32:142:7ec MM PolicyName: 11
 2-04: 12:16:32:142:7ec MMPolicy dwFlags 2 SoftSAExpireTime 28800
 2-04: 12:16:32:142:7ec MMOffer[0] LifetimeSec 28800 QMLimit 1 DHGroup 2
 2-04: 12:16:32:142:7ec MMOffer[0] Encrypt: Triplo DES CBC Hash: SHA
 2-04: 12:16:32:142:7ec MMOffer[1] LifetimeSec 28800 QMLimit 1 DHGroup 2
 2-04: 12:16:32:142:7ec MMOffer[1] Encrypt: Triplo DES CBC Hash: MD5
 2-04: 12:16:32:142:7ec MMOffer[2] LifetimeSec 28800 QMLimit 1 DHGroup 1
 2-04: 12:16:32:142:7ec MMOffer[2] Encrypt: DES CBC Hash: SHA
 2-04: 12:16:32:142:7ec MMOffer[3] LifetimeSec 28800 QMLimit 1 DHGroup 1
 2-04: 12:16:32:142:7ec MMOffer[3] Encrypt: DES CBC Hash: MD5
 2-04: 12:16:32:142:7ec Auth[0]:RSA Sig C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br AuthFlags 0
 2-04: 12:16:32:142:7ec QM PolicyName: Host-roadwarrior filter action dwFlags 1
 2-04: 12:16:32:142:7ec QMOffer[0] LifetimeKBytes 50000 LifetimeSec 3600
 2-04: 12:16:32:142:7ec QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
 2-04: 12:16:32:142:7ec  Algo[0] Operation: ESP Algo: Triplo DES CBC HMAC: MD5
 2-04: 12:16:32:142:7ec Starting Negotiation: src = 10.10.1.141.0500, dst = 10.10.1.231.0500, proto = 00, context = 0000000E, ProxySrc = 10.10.1.141.0000, ProxyDst = 10.10.1.231.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.255
 2-04: 12:16:32:142:7ec constructing ISAKMP Header
 2-04: 12:16:32:142:7ec constructing SA (ISAKMP)
 2-04: 12:16:32:142:7ec Constructing Vendor MS NT5 ISAKMPOAKLEY
 2-04: 12:16:32:142:7ec Constructing Vendor FRAGMENTATION
 2-04: 12:16:32:142:7ec Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
 2-04: 12:16:32:142:7ec 
 2-04: 12:16:32:142:7ec Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:16:32:142:7ec ISAKMP Header: (V1.0), len = 256
 2-04: 12:16:32:142:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:32:142:7ec   R-COOKIE 0000000000000000
 2-04: 12:16:32:142:7ec   exchange: Oakley Main Mode
 2-04: 12:16:32:142:7ec   flags: 0
 2-04: 12:16:32:142:7ec   next payload: SA
 2-04: 12:16:32:142:7ec   message ID: 00000000
 2-04: 12:16:32:142:7ec Ports S:f401 D:f401
 2-04: 12:16:32:142:7ec 
 2-04: 12:16:32:142:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:16:32:142:7ec ISAKMP Header: (V1.0), len = 124
 2-04: 12:16:32:142:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:32:142:7ec   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:32:142:7ec   exchange: Oakley Main Mode
 2-04: 12:16:32:142:7ec   flags: 0
 2-04: 12:16:32:142:7ec   next payload: SA
 2-04: 12:16:32:142:7ec   message ID: 00000000
 2-04: 12:16:32:142:7ec processing payload SA
 2-04: 12:16:32:142:7ec Received Phase 1 Transform 1
 2-04: 12:16:32:142:7ec      Encryption Alg Triplo DES CBC(5)
 2-04: 12:16:32:142:7ec      Hash Alg SHA(2)
 2-04: 12:16:32:142:7ec      Oakley Group 2
 2-04: 12:16:32:142:7ec      Auth Method Assinatura RSA com Certificados (3)
 2-04: 12:16:32:142:7ec      Life type in Seconds
 2-04: 12:16:32:142:7ec      Life duration of 28800
 2-04: 12:16:32:142:7ec Phase 1 SA accepted: transform=1
 2-04: 12:16:32:142:7ec SA - Oakley proposal accepted
 2-04: 12:16:32:142:7ec processing payload VENDOR ID
 2-04: 12:16:32:142:7ec processing payload VENDOR ID
 2-04: 12:16:32:142:7ec Received VendorId draft-ietf-ipsec-nat-t-ike-02
 2-04: 12:16:32:142:7ec ClearFragList
 2-04: 12:16:32:142:7ec constructing ISAKMP Header
 2-04: 12:16:32:222:7ec constructing KE
 2-04: 12:16:32:222:7ec constructing NONCE (ISAKMP)
 2-04: 12:16:32:222:7ec Constructing NatDisc
 2-04: 12:16:32:222:7ec 
 2-04: 12:16:32:222:7ec Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:16:32:222:7ec ISAKMP Header: (V1.0), len = 232
 2-04: 12:16:32:222:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:32:222:7ec   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:32:222:7ec   exchange: Oakley Main Mode
 2-04: 12:16:32:222:7ec   flags: 0
 2-04: 12:16:32:222:7ec   next payload: KE
 2-04: 12:16:32:222:7ec   message ID: 00000000
 2-04: 12:16:32:222:7ec Ports S:f401 D:f401
 2-04: 12:16:32:242:7ec ClearFragList
 2-04: 12:16:32:242:7ec 
 2-04: 12:16:32:242:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:16:32:242:7ec ISAKMP Header: (V1.0), len = 228
 2-04: 12:16:32:242:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:32:242:7ec   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:32:242:7ec   exchange: Oakley Main Mode
 2-04: 12:16:32:242:7ec   flags: 0
 2-04: 12:16:32:242:7ec   next payload: KE
 2-04: 12:16:32:242:7ec   message ID: 00000000
 2-04: 12:16:32:242:7ec processing payload KE
 2-04: 12:16:32:262:7ec processing payload NONCE
 2-04: 12:16:32:262:7ec processing payload NATDISC
 2-04: 12:16:32:262:7ec Processing NatHash
 2-04: 12:16:32:262:7ec Nat hash f866bde9f9201d5325692944fe9cdc58
 2-04: 12:16:32:262:7ec 3045c00b
 2-04: 12:16:32:262:7ec SA StateMask2 f
 2-04: 12:16:32:262:7ec processing payload NATDISC
 2-04: 12:16:32:262:7ec Processing NatHash
 2-04: 12:16:32:262:7ec Nat hash 972d67606363b00c4762bbb64c2e974e
 2-04: 12:16:32:262:7ec ff3d76c1
 2-04: 12:16:32:262:7ec SA StateMask2 8f
 2-04: 12:16:32:262:7ec ClearFragList
 2-04: 12:16:32:262:7ec constructing ISAKMP Header
 2-04: 12:16:32:262:7ec constructing ID
 2-04: 12:16:32:262:7ec Received no valid CRPs.  Using all configured
 2-04: 12:16:32:262:7ec Looking for IPSec only cert
 2-04: 12:16:32:262:7ec Cert Trustes.  0 100
 2-04: 12:16:32:262:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
 2-04: 12:16:32:262:7ec fbeb65a0
 2-04: 12:16:32:262:7ec CertFindExtenstion failed with 0
 2-04: 12:16:32:272:7ec Entered CRL check
 2-04: 12:16:32:272:7ec Left CRL check
 2-04: 12:16:32:272:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
 2-04: 12:16:32:272:7ec fbeb65a0
 2-04: 12:16:32:272:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br
 2-04: 12:16:32:272:7ec Cert Serialnumber 02
 2-04: 12:16:32:272:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
 2-04: 12:16:32:272:7ec fbeb65a0
 2-04: 12:16:32:272:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
 2-04: 12:16:32:272:7ec Cert Serialnumber 00
 2-04: 12:16:32:272:7ec Cert SHA Thumbprint 3b9b8df006afe6e1c52b6ae783d0776c
 2-04: 12:16:32:272:7ec ece1fd71
 2-04: 12:16:32:272:7ec Not storing My cert chain in SA.
 2-04: 12:16:32:272:7ec MM ID Type 9
 2-04: 12:16:32:272:7ec MM ID 308184310b3009060355040613026272
 2-04: 12:16:32:272:7ec 3110300e060355040813077061726169
 2-04: 12:16:32:272:7ec 6261311430120603550407130b6a6f61
 2-04: 12:16:32:272:7ec 6f20706573736f61310e300c06035504
 2-04: 12:16:32:272:7ec 0a1305736566696e3116301406035504
 2-04: 12:16:32:272:7ec 03130d74657374652e636c69656e7465
 2-04: 12:16:32:272:7ec 3125302306092a864886f70d01090116
 2-04: 12:16:32:272:7ec 166e6f6272656761737a407961686f6f
 2-04: 12:16:32:272:7ec 2e636f6d2e6272
 2-04: 12:16:32:272:7ec constructing CERT
 2-04: 12:16:32:272:7ec Construct SIG
 2-04: 12:16:32:282:7ec Constructing Cert Request
 2-04: 12:16:32:282:7ec C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
 2-04: 12:16:32:282:7ec 
 2-04: 12:16:32:282:7ec Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:16:32:282:7ec ISAKMP Header: (V1.0), len = 1356
 2-04: 12:16:32:282:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:32:282:7ec   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:32:282:7ec   exchange: Oakley Main Mode
 2-04: 12:16:32:282:7ec   flags: 1 ( encrypted )
 2-04: 12:16:32:282:7ec   next payload: ID
 2-04: 12:16:32:282:7ec   message ID: 00000000
 2-04: 12:16:32:282:7ec Ports S:f401 D:f401
 2-04: 12:16:32:292:7ec 
 2-04: 12:16:32:292:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:16:32:292:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:16:32:292:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:32:292:7ec   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:32:292:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:16:32:292:7ec   flags: 1 ( encrypted )
 2-04: 12:16:32:292:7ec   next payload: HASH
 2-04: 12:16:32:292:7ec   message ID: 8013ca7d
 2-04: 12:16:32:292:7ec invalid payload received
 2-04: 12:16:32:292:7ec GetPacket failed 3613
 2-04: 12:16:33:94:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 1
 2-04: 12:16:33:94:5b0 
 2-04: 12:16:33:94:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:16:33:94:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:16:33:94:5b0   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:33:94:5b0   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:33:94:5b0   exchange: Oakley Main Mode
 2-04: 12:16:33:94:5b0   flags: 1 ( encrypted )
 2-04: 12:16:33:94:5b0   next payload: ID
 2-04: 12:16:33:94:5b0   message ID: 00000000
 2-04: 12:16:33:94:5b0 Ports S:f401 D:f401
 2-04: 12:16:33:94:7ec 
 2-04: 12:16:33:94:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:16:33:94:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:16:33:94:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:33:94:7ec   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:33:94:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:16:33:94:7ec   flags: 1 ( encrypted )
 2-04: 12:16:33:94:7ec   next payload: HASH
 2-04: 12:16:33:94:7ec   message ID: 24332a56
 2-04: 12:16:33:94:7ec invalid payload received
 2-04: 12:16:33:94:7ec GetPacket failed 3613
 2-04: 12:16:35:96:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 2
 2-04: 12:16:35:96:5b0 
 2-04: 12:16:35:96:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:16:35:96:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:16:35:96:5b0   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:35:96:5b0   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:35:96:5b0   exchange: Oakley Main Mode
 2-04: 12:16:35:96:5b0   flags: 1 ( encrypted )
 2-04: 12:16:35:96:5b0   next payload: ID
 2-04: 12:16:35:96:5b0   message ID: 00000000
 2-04: 12:16:35:96:5b0 Ports S:f401 D:f401
 2-04: 12:16:35:96:7ec 
 2-04: 12:16:35:96:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:16:35:96:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:16:35:96:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:35:96:7ec   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:35:96:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:16:35:96:7ec   flags: 1 ( encrypted )
 2-04: 12:16:35:96:7ec   next payload: HASH
 2-04: 12:16:35:96:7ec   message ID: 49fa74bd
 2-04: 12:16:35:96:7ec invalid payload received
 2-04: 12:16:35:96:7ec GetPacket failed 3613
 2-04: 12:16:39:102:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 3
 2-04: 12:16:39:102:5b0 
 2-04: 12:16:39:102:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:16:39:102:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:16:39:102:5b0   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:39:102:5b0   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:39:102:5b0   exchange: Oakley Main Mode
 2-04: 12:16:39:102:5b0   flags: 1 ( encrypted )
 2-04: 12:16:39:102:5b0   next payload: ID
 2-04: 12:16:39:102:5b0   message ID: 00000000
 2-04: 12:16:39:102:5b0 Ports S:f401 D:f401
 2-04: 12:16:39:102:7ec 
 2-04: 12:16:39:102:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:16:39:102:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:16:39:102:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:39:102:7ec   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:39:102:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:16:39:102:7ec   flags: 1 ( encrypted )
 2-04: 12:16:39:102:7ec   next payload: HASH
 2-04: 12:16:39:102:7ec   message ID: 57fd9b41
 2-04: 12:16:39:102:7ec invalid payload received
 2-04: 12:16:39:102:7ec GetPacket failed 3613
 2-04: 12:16:42:96:7ec 
 2-04: 12:16:42:96:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:16:42:96:7ec ISAKMP Header: (V1.0), len = 228
 2-04: 12:16:42:96:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:42:96:7ec   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:42:96:7ec   exchange: Oakley Main Mode
 2-04: 12:16:42:96:7ec   flags: 0
 2-04: 12:16:42:96:7ec   next payload: KE
 2-04: 12:16:42:96:7ec   message ID: 00000000
 2-04: 12:16:42:96:7ec received an unencrypted packet when crypto active
 2-04: 12:16:42:96:7ec GetPacket failed 35ec
 2-04: 12:16:47:114:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 4
 2-04: 12:16:47:114:5b0 
 2-04: 12:16:47:114:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:16:47:114:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:16:47:114:5b0   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:47:114:5b0   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:47:114:5b0   exchange: Oakley Main Mode
 2-04: 12:16:47:114:5b0   flags: 1 ( encrypted )
 2-04: 12:16:47:114:5b0   next payload: ID
 2-04: 12:16:47:114:5b0   message ID: 00000000
 2-04: 12:16:47:114:5b0 Ports S:f401 D:f401
 2-04: 12:16:47:114:7ec 
 2-04: 12:16:47:114:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:16:47:114:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:16:47:114:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:16:47:114:7ec   R-COOKIE 7df1bcba41b279e0
 2-04: 12:16:47:114:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:16:47:114:7ec   flags: 1 ( encrypted )
 2-04: 12:16:47:114:7ec   next payload: HASH
 2-04: 12:16:47:114:7ec   message ID: a714df86
 2-04: 12:16:47:114:7ec invalid payload received
 2-04: 12:16:47:114:7ec GetPacket failed 3613
 2-04: 12:17:02:115:7ec 
 2-04: 12:17:02:115:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:17:02:115:7ec ISAKMP Header: (V1.0), len = 228
 2-04: 12:17:02:115:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:17:02:115:7ec   R-COOKIE 7df1bcba41b279e0
 2-04: 12:17:02:115:7ec   exchange: Oakley Main Mode
 2-04: 12:17:02:115:7ec   flags: 0
 2-04: 12:17:02:115:7ec   next payload: KE
 2-04: 12:17:02:115:7ec   message ID: 00000000
 2-04: 12:17:02:115:7ec received an unencrypted packet when crypto active
 2-04: 12:17:02:115:7ec GetPacket failed 35ec
 2-04: 12:17:03:137:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 5
 2-04: 12:17:03:137:5b0 
 2-04: 12:17:03:137:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
 2-04: 12:17:03:137:5b0 ISAKMP Header: (V1.0), len = 1356
 2-04: 12:17:03:137:5b0   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:17:03:137:5b0   R-COOKIE 7df1bcba41b279e0
 2-04: 12:17:03:137:5b0   exchange: Oakley Main Mode
 2-04: 12:17:03:137:5b0   flags: 1 ( encrypted )
 2-04: 12:17:03:137:5b0   next payload: ID
 2-04: 12:17:03:137:5b0   message ID: 00000000
 2-04: 12:17:03:137:5b0 Ports S:f401 D:f401
 2-04: 12:17:03:137:7ec 
 2-04: 12:17:03:137:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:17:03:137:7ec ISAKMP Header: (V1.0), len = 68
 2-04: 12:17:03:137:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:17:03:137:7ec   R-COOKIE 7df1bcba41b279e0
 2-04: 12:17:03:137:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:17:03:137:7ec   flags: 1 ( encrypted )
 2-04: 12:17:03:137:7ec   next payload: HASH
 2-04: 12:17:03:137:7ec   message ID: 7fbd2ed3
 2-04: 12:17:03:137:7ec invalid payload received
 2-04: 12:17:03:137:7ec GetPacket failed 3613
 2-04: 12:17:35:183:5b0 retransmit exhausted: sa = 0013F460 centry 00000000, count = 6
 2-04: 12:17:35:183:5b0 SA Dead. sa:0013F460 status:35ed
 2-04: 12:17:35:183:5b0 isadb_set_status sa:0013F460 centry:00000000 status 35ed
 2-04: 12:17:35:183:5b0 Modo de troca de chave (Modo principal)
 2-04: 12:17:35:183:5b0 Endereço IP de origem 10.10.1.141  Máscara do endereço IP de origem 255.255.255.255  Endereço IP de destino 10.10.1.231  Máscara do endereço IP de destino 255.255.255.255  Protocolo 0  Porta de origem 0  Porta de destino 0  End. local IKE 10.10.1.141  End. IKE de mesmo nível 10.10.1.231
 2-04: 12:17:35:183:5b0 Identidade baseada no certificado.  Entidade de mesmo nível   Impressão digital SHA de mesmo nível 0000000000000000000000000000000000000000  Autoridade de certificação emitente   Autoridade de certificação raiz   Minha entidade C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br  Minha impressão digital SHA 2d16b509f9321a54e03090781b660713fbeb65a0  Endereço IP de mesmo nível: 10.10.1.231
 2-04: 12:17:35:183:5b0 Eu
 2-04: 12:17:35:183:5b0 Tempo limite da negociação esgotado
 2-04: 12:17:35:183:5b0 0x0 0x0
 2-04: 12:17:35:183:5b0 constructing ISAKMP Header
 2-04: 12:17:35:183:5b0 constructing HASH (null)
 2-04: 12:17:35:183:5b0 constructing DELETE. MM 0013F460
 2-04: 12:17:35:183:5b0 constructing HASH (Notify/Delete)
 2-04: 12:17:35:183:5b0 
 2-04: 12:17:35:183:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 1.500
 2-04: 12:17:35:183:5b0 ISAKMP Header: (V1.0), len = 84
 2-04: 12:17:35:183:5b0   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:17:35:183:5b0   R-COOKIE 7df1bcba41b279e0
 2-04: 12:17:35:183:5b0   exchange: ISAKMP Informational Exchange
 2-04: 12:17:35:183:5b0   flags: 1 ( encrypted )
 2-04: 12:17:35:183:5b0   next payload: HASH
 2-04: 12:17:35:183:5b0   message ID: 178f623e
 2-04: 12:17:35:183:5b0 Ports S:f401 D:f401
 2-04: 12:17:35:183:7ec 
 2-04: 12:17:35:183:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
 2-04: 12:17:35:183:7ec ISAKMP Header: (V1.0), len = 40
 2-04: 12:17:35:183:7ec   I-COOKIE 86245ea1e95cc5ef
 2-04: 12:17:35:183:7ec   R-COOKIE 7df1bcba41b279e0
 2-04: 12:17:35:183:7ec   exchange: ISAKMP Informational Exchange
 2-04: 12:17:35:183:7ec   flags: 0
 2-04: 12:17:35:183:7ec   next payload: NOTIFY
 2-04: 12:17:35:183:7ec   message ID: 5ddc9bb5
 2-04: 12:17:35:183:7ec received an unencrypted packet when crypto active
 2-04: 12:17:35:183:7ec GetPacket failed 35ec
 2-04: 12:18:02:252:7ec ClearFragList
 2-04: 12:21:26:806:b8 isadb_schedule_kill_oldPolicy_sas: 30f733f0-3cc2-4907-b8aa13e9f9103681 4
 2-04: 12:21:26:806:b8 isadb_schedule_kill_oldPolicy_sas: ee531cf2-378f-492c-802f425506f6ff51 4
 2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 31d70ce2-a3d7-473b-bb569269a9418d56 3
 2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 5eae223a-9c0e-4166-9f924a18948eef9b 3
 2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: d12c1e4c-5ec0-469a-91bf313c3bf24442 3
 2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 985f168b-74e2-4c8a-97c77e755dd4d7c1 3
 2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 70d08237-45fb-4c06-8b0fc1addcf5fa38 1
 2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 8cb0bbd7-2a59-43f1-abe33455af576b4f 2
 2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 330a0ad2-3e89-432a-a1138726fb999498 2
 2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 3a246cb4-b2c4-46cc-9afcedd95d2225ad 2
 2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: cf5d5d18-3337-4670-a5a9e985d8bfbb3c 2
 2-04: 12:21:26:826:7ec entered kill_old_policy_sas 4
 2-04: 12:21:26:826:7ec entered kill_old_policy_sas 4
 2-04: 12:21:26:826:7ec entered kill_old_policy_sas 3
 2-04: 12:21:26:826:7ec entered kill_old_policy_sas 3
 2-04: 12:21:26:826:7ec entered kill_old_policy_sas 3
 2-04: 12:21:26:826:7ec entered kill_old_policy_sas 3
 2-04: 12:21:26:826:7ec entered kill_old_policy_sas 1
 2-04: 12:21:26:826:7ec entered kill_old_policy_sas 2
 2-04: 12:21:26:826:7ec entered kill_old_policy_sas 2
 2-04: 12:21:26:826:7ec entered kill_old_policy_sas 2
 2-04: 12:21:26:826:7ec entered kill_old_policy_sas 2

------------------------------------------------------------------------

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     esp  --  anywhere             anywhere           
LOG        esp  --  anywhere             anywhere           LOG level warning 
ACCEPT     ah   --  anywhere             anywhere           
LOG        ah   --  anywhere             anywhere           LOG level warning 
ACCEPT     udp  --  anywhere             anywhere           udp spt:500 dpt:500 
LOG        udp  --  anywhere             anywhere           udp spt:500 dpt:500 LOG level warning 
ACCEPT     udp  --  anywhere             anywhere           udp dpt:4500 
LOG        udp  --  anywhere             anywhere           udp dpt:4500 LOG level warning 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
LOG        ah   --  anywhere             anywhere           LOG level warning 
ACCEPT     ah   --  anywhere             anywhere           
ACCEPT     esp  --  anywhere             anywhere           
LOG        esp  --  anywhere             anywhere           LOG level warning 
LOG        udp  --  anywhere             anywhere           udp spt:500 dpt:500 LOG level warning 
ACCEPT     udp  --  anywhere             anywhere           udp spt:500 dpt:500 
LOG        udp  --  anywhere             anywhere           udp spt:4500 LOG level warning 
ACCEPT     udp  --  anywhere             anywhere           udp spt:4500 

------------------------------------------------------------------------

Feb  4 12:03:16 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=68 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=48 
Feb  4 12:08:05 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=152 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=132 
Feb  4 12:08:05 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=256 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=236 
Feb  4 12:08:05 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=76 
Feb  4 12:08:13 vpn last message repeated 3 times
Feb  4 12:08:15 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=256 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=236 
Feb  4 12:08:21 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=76 
Feb  4 12:08:35 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=256 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=236 
Feb  4 12:08:37 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=76 
Feb  4 12:09:09 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=68 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=48 
Feb  4 12:09:09 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=152 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=132 
Feb  4 12:09:09 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=256 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=236 
Feb  4 12:09:09 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=76 
Feb  4 12:09:16 vpn last message repeated 3 times
Feb  4 12:09:19 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=256 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=236 
Feb  4 12:09:24 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=76 
Feb  4 12:09:39 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=256 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=236 
Feb  4 12:09:40 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=76 

------------------------------------------------------------------------

Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path                                  	[OK]
Linux Openswan 2.3.0 (klips)
Checking for IPsec support in kernel                             	[OK]
Checking for RSA private key (/etc/ipsec.secrets)                	[FAILED]
ipsec showhostkey: no default key in "/etc/ipsec.secrets"
Checking that pluto is running                                   	[OK]
Two or more interfaces found, checking IP forwarding             	[OK]
Checking NAT and MASQUERADEing                                   	[OK]
Checking for 'ip' command                                        	[OK]
Checking for 'iptables' command                                  	[OK]

Opportunistic Encryption DNS checks:
   Looking for TXT in forward dns zone: vpn                      	[MISSING]
vpn.sre.pb.gov.br does not exist (Authoritative answer)
   Does the machine have at least one non-private address?       	[FAILED]

------------------------------------------------------------------------

conn roadwarrior
	left=%any
	right=10.10.1.231
	rightca="C=br,ST=paraiba,L=joao pessoa,O=sefin,CN=vpn.teste,Email=nobregasz at yahoo.com.br"
	network=auto
	auto=start
	pfs=yes

conn roadwarrior-net
	left=%any
	right=10.10.1.231
	rightsubnet=192.168.0.0/255.255.255.0
	rightca="C=br,ST=paraiba,L=joao pessoa,O=sefin,CN=vpn.teste,Email=nobregasz at yahoo.com.br"
	network=auto
	auto=start
	pfs=yes




More information about the Users mailing list