[Openswan Users] Help: no suitable connection for peer
Rodrigo
nobregasz at yahoo.com.br
Sun Feb 6 16:38:36 CET 2005
Hi Paul, tks for ur help...
im forgot to get ipsec.secrets but im put my passphrase... i didnt put
any pass in the last time when i create my CA but now i do it.
so... do i need put FORWARD im my iptables?
imtrying trying and notthing.. i hate it :/ :)
maybe some problem with dhcp??
if u have a better sample lan i can test. ill appreciate :)
my sample lan:
NOTE (WinXP) GW(dhcp server)
VPN
10.10.1.141 ------------------- 10.10.1.200
---------------------10.10.1.231 / 192.168.0.1
dhcp dhcp
i got this log when try ping 10.10.1.231 and 192.168.0.1.
tks
Rodrigo
------------------------------------------------------------------------
Feb 4 12:03:10 vpn pluto[288]: can not use our IP (10.10.1.231:TXT) as identity: we don't know our own RSA key
Feb 4 12:03:15 vpn pluto[288]: can not use our hostname (@vpn:TXT) as identity: we don't know our own RSA key
Feb 4 12:03:16 vpn pluto[288]: "roadwarrior-net"[1] 10.10.1.141 #2: next payload type of ISAKMP Hash Payload has an unknown value: 221
Feb 4 12:03:16 vpn pluto[288]: "roadwarrior-net"[1] 10.10.1.141 #2: malformed payload in packet
Feb 4 12:03:16 vpn pluto[288]: "roadwarrior-net"[1] 10.10.1.141 #2: sending notification PAYLOAD_MALFORMED to 10.10.1.141:500
Feb 4 12:03:20 vpn pluto[288]: can not use our IP (10.10.1.231:KEY) as identity: we don't know our own RSA key
Feb 4 12:03:23 vpn pluto[288]: "roadwarrior-net"[1] 10.10.1.141 #2: max number of retransmissions (2) reached STATE_MAIN_R2
Feb 4 12:03:23 vpn pluto[288]: "roadwarrior-net"[1] 10.10.1.141: deleting connection "roadwarrior-net" instance with peer 10.10.1.141 {isakmp=#0/ipsec=#0}
Feb 4 12:08:01 vpn PAM_unix[697]: (cron) session opened for user mail by (uid=0)
Feb 4 12:08:01 vpn PAM_unix[697]: (cron) session closed for user mail
Feb 4 12:08:05 vpn pluto[288]: packet from 10.10.1.141:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Feb 4 12:08:05 vpn pluto[288]: packet from 10.10.1.141:500: ignoring Vendor ID payload [FRAGMENTATION]
Feb 4 12:08:05 vpn pluto[288]: packet from 10.10.1.141:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
Feb 4 12:08:05 vpn pluto[288]: packet from 10.10.1.141:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Feb 4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: responding to Main Mode from unknown peer 10.10.1.141
Feb 4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Feb 4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected
Feb 4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Feb 4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:08:05 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb 4 12:08:07 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:08:07 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:08:07 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb 4 12:08:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:08:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:08:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb 4 12:08:13 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:08:13 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:08:13 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb 4 12:08:21 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:08:21 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:08:21 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb 4 12:08:37 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:08:37 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:08:37 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb 4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: byte 2 of ISAKMP Hash Payload must be zero, but is not
Feb 4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: malformed payload in packet
Feb 4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: sending notification PAYLOAD_MALFORMED to 10.10.1.141:500
Feb 4 12:09:09 vpn pluto[288]: packet from 10.10.1.141:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Feb 4 12:09:09 vpn pluto[288]: packet from 10.10.1.141:500: ignoring Vendor ID payload [FRAGMENTATION]
Feb 4 12:09:09 vpn pluto[288]: packet from 10.10.1.141:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
Feb 4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: responding to Main Mode from unknown peer 10.10.1.141
Feb 4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Feb 4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected
Feb 4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Feb 4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:09:09 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb 4 12:09:10 vpn su[706]: + pts/1 rodrigo-root
Feb 4 12:09:10 vpn PAM_unix[706]: (su) session opened for user root by (uid=1000)
Feb 4 12:09:10 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:09:10 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:09:10 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb 4 12:09:12 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:09:12 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:09:12 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb 4 12:09:15 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #3: max number of retransmissions (2) reached STATE_MAIN_R2
Feb 4 12:09:16 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:09:16 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:09:16 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
Feb 4 12:09:24 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: Main mode peer ID is ID_DER_ASN1_DN: 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:09:24 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: no suitable connection for peer 'C=br, ST=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br'
Feb 4 12:09:24 vpn pluto[288]: "roadwarrior-net"[2] 10.10.1.141 #4: sending encrypted notification INVALID_ID_INFORMATION to 10.10.1.141:500
------------------------------------------------------------------------
2-04: 12:07:59:34:b8 isadb_schedule_kill_oldPolicy_sas: 84fa0099-d005-44a5-9cb5d129080900c5 4
2-04: 12:07:59:34:b8 isadb_schedule_kill_oldPolicy_sas: 3e0a663a-f18a-4582-b07a739f43710e04 4
2-04: 12:07:59:34:b8 isadb_schedule_kill_oldPolicy_sas: 27affbe1-d7d5-4ec8-9c09b329784ca47c 1
2-04: 12:07:59:44:7ec entered kill_old_policy_sas 4
2-04: 12:07:59:44:7ec entered kill_old_policy_sas 4
2-04: 12:07:59:44:7ec entered kill_old_policy_sas 1
2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: 84fa0099-d005-44a5-9cb5d129080900c5 4
2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: 3e0a663a-f18a-4582-b07a739f43710e04 4
2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: ff580d2d-ec6d-4198-90f5737e5db74ebe 3
2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: eb485646-4aca-4c16-b95fdecb47f916d1 3
2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: c04c78a6-f434-44cc-864a970de645671f 3
2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: 160d3b34-5a9f-4461-ad35d34edbec00a7 3
2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: 0508392b-0c05-421f-af2d26c9cf2683a4 1
2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: bfc3a5b4-63ba-411a-a640df9ca28a9e99 2
2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: 7e09ba43-e79c-4030-b8e2b92196bb3ce7 2
2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: d5b94763-8ab5-4ec4-80ea87c36d8e4d18 2
2-04: 12:07:59:44:b8 isadb_schedule_kill_oldPolicy_sas: 45deb501-be93-4049-a611a20cb969e16f 2
2-04: 12:07:59:54:7ec entered kill_old_policy_sas 4
2-04: 12:07:59:54:7ec entered kill_old_policy_sas 4
2-04: 12:07:59:54:7ec entered kill_old_policy_sas 3
2-04: 12:07:59:54:7ec entered kill_old_policy_sas 3
2-04: 12:07:59:54:7ec entered kill_old_policy_sas 3
2-04: 12:07:59:54:7ec entered kill_old_policy_sas 3
2-04: 12:07:59:54:7ec entered kill_old_policy_sas 1
2-04: 12:07:59:54:7ec entered kill_old_policy_sas 2
2-04: 12:07:59:54:7ec entered kill_old_policy_sas 2
2-04: 12:07:59:54:7ec entered kill_old_policy_sas 2
2-04: 12:07:59:54:7ec entered kill_old_policy_sas 2
2-04: 12:08:33:223:284 Acquire from driver: op=0000000B src=10.10.1.141.0 dst=192.168.0.1.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.0, Tunnel 1, TunnelEndpt=10.10.1.231 Inbound TunnelEndpt=10.10.1.141
2-04: 12:08:33:234:7ec Filter to match: Src 10.10.1.231 Dst 10.10.1.141
2-04: 12:08:33:294:7ec MM PolicyName: 9
2-04: 12:08:33:294:7ec MMPolicy dwFlags 2 SoftSAExpireTime 28800
2-04: 12:08:33:294:7ec MMOffer[0] LifetimeSec 28800 QMLimit 1 DHGroup 2
2-04: 12:08:33:294:7ec MMOffer[0] Encrypt: Triplo DES CBC Hash: SHA
2-04: 12:08:33:294:7ec MMOffer[1] LifetimeSec 28800 QMLimit 1 DHGroup 2
2-04: 12:08:33:294:7ec MMOffer[1] Encrypt: Triplo DES CBC Hash: MD5
2-04: 12:08:33:294:7ec MMOffer[2] LifetimeSec 28800 QMLimit 1 DHGroup 1
2-04: 12:08:33:294:7ec MMOffer[2] Encrypt: DES CBC Hash: SHA
2-04: 12:08:33:294:7ec MMOffer[3] LifetimeSec 28800 QMLimit 1 DHGroup 1
2-04: 12:08:33:294:7ec MMOffer[3] Encrypt: DES CBC Hash: MD5
2-04: 12:08:33:294:7ec Auth[0]:RSA Sig C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br AuthFlags 0
2-04: 12:08:33:294:7ec QM PolicyName: Host-roadwarrior-net filter action dwFlags 1
2-04: 12:08:33:294:7ec QMOffer[0] LifetimeKBytes 50000 LifetimeSec 3600
2-04: 12:08:33:294:7ec QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
2-04: 12:08:33:294:7ec Algo[0] Operation: ESP Algo: Triplo DES CBC HMAC: MD5
2-04: 12:08:33:294:7ec Starting Negotiation: src = 10.10.1.141.0500, dst = 10.10.1.231.0500, proto = 00, context = 0000000B, ProxySrc = 10.10.1.141.0000, ProxyDst = 192.168.0.0.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.0
2-04: 12:08:33:294:7ec constructing ISAKMP Header
2-04: 12:08:33:294:7ec constructing SA (ISAKMP)
2-04: 12:08:33:294:7ec Constructing Vendor MS NT5 ISAKMPOAKLEY
2-04: 12:08:33:314:7ec Constructing Vendor FRAGMENTATION
2-04: 12:08:33:314:7ec Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
2-04: 12:08:33:314:7ec Constructing Vendor Vid-Initial-Contact
2-04: 12:08:33:314:7ec
2-04: 12:08:33:314:7ec Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:08:33:314:7ec ISAKMP Header: (V1.0), len = 276
2-04: 12:08:33:314:7ec I-COOKIE c379b220ef4de448
2-04: 12:08:33:314:7ec R-COOKIE 0000000000000000
2-04: 12:08:33:314:7ec exchange: Oakley Main Mode
2-04: 12:08:33:314:7ec flags: 0
2-04: 12:08:33:314:7ec next payload: SA
2-04: 12:08:33:314:7ec message ID: 00000000
2-04: 12:08:33:314:7ec Ports S:f401 D:f401
2-04: 12:08:33:394:7ec
2-04: 12:08:33:394:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:08:33:394:7ec ISAKMP Header: (V1.0), len = 124
2-04: 12:08:33:394:7ec I-COOKIE c379b220ef4de448
2-04: 12:08:33:394:7ec R-COOKIE e540e25cc603eb38
2-04: 12:08:33:394:7ec exchange: Oakley Main Mode
2-04: 12:08:33:394:7ec flags: 0
2-04: 12:08:33:394:7ec next payload: SA
2-04: 12:08:33:394:7ec message ID: 00000000
2-04: 12:08:33:394:7ec processing payload SA
2-04: 12:08:33:394:7ec Received Phase 1 Transform 1
2-04: 12:08:33:394:7ec Encryption Alg Triplo DES CBC(5)
2-04: 12:08:33:394:7ec Hash Alg SHA(2)
2-04: 12:08:33:394:7ec Oakley Group 2
2-04: 12:08:33:394:7ec Auth Method Assinatura RSA com Certificados (3)
2-04: 12:08:33:394:7ec Life type in Seconds
2-04: 12:08:33:394:7ec Life duration of 28800
2-04: 12:08:33:394:7ec Phase 1 SA accepted: transform=1
2-04: 12:08:33:394:7ec SA - Oakley proposal accepted
2-04: 12:08:33:394:7ec processing payload VENDOR ID
2-04: 12:08:33:394:7ec processing payload VENDOR ID
2-04: 12:08:33:394:7ec Received VendorId draft-ietf-ipsec-nat-t-ike-02
2-04: 12:08:33:394:7ec ClearFragList
2-04: 12:08:33:394:7ec constructing ISAKMP Header
2-04: 12:08:33:474:7ec constructing KE
2-04: 12:08:33:474:7ec constructing NONCE (ISAKMP)
2-04: 12:08:33:474:7ec Constructing NatDisc
2-04: 12:08:33:474:7ec
2-04: 12:08:33:474:7ec Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:08:33:474:7ec ISAKMP Header: (V1.0), len = 232
2-04: 12:08:33:474:7ec I-COOKIE c379b220ef4de448
2-04: 12:08:33:474:7ec R-COOKIE e540e25cc603eb38
2-04: 12:08:33:474:7ec exchange: Oakley Main Mode
2-04: 12:08:33:474:7ec flags: 0
2-04: 12:08:33:474:7ec next payload: KE
2-04: 12:08:33:474:7ec message ID: 00000000
2-04: 12:08:33:474:7ec Ports S:f401 D:f401
2-04: 12:08:33:504:7ec
2-04: 12:08:33:504:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:08:33:504:7ec ISAKMP Header: (V1.0), len = 228
2-04: 12:08:33:504:7ec I-COOKIE c379b220ef4de448
2-04: 12:08:33:504:7ec R-COOKIE e540e25cc603eb38
2-04: 12:08:33:504:7ec exchange: Oakley Main Mode
2-04: 12:08:33:504:7ec flags: 0
2-04: 12:08:33:504:7ec next payload: KE
2-04: 12:08:33:504:7ec message ID: 00000000
2-04: 12:08:33:504:7ec processing payload KE
2-04: 12:08:33:534:7ec processing payload NONCE
2-04: 12:08:33:534:7ec processing payload NATDISC
2-04: 12:08:33:534:7ec Processing NatHash
2-04: 12:08:33:534:7ec Nat hash c2b61d5d7dd25f7f1ce0b91a96c3d640
2-04: 12:08:33:534:7ec c052892e
2-04: 12:08:33:534:7ec SA StateMask2 f
2-04: 12:08:33:534:7ec processing payload NATDISC
2-04: 12:08:33:534:7ec Processing NatHash
2-04: 12:08:33:534:7ec Nat hash f121bcc9b299b50f36bb8413e60158d1
2-04: 12:08:33:534:7ec 0a0eb805
2-04: 12:08:33:534:7ec SA StateMask2 8f
2-04: 12:08:33:534:7ec ClearFragList
2-04: 12:08:33:534:7ec constructing ISAKMP Header
2-04: 12:08:33:534:7ec constructing ID
2-04: 12:08:33:534:7ec Received no valid CRPs. Using all configured
2-04: 12:08:33:534:7ec Looking for IPSec only cert
2-04: 12:08:33:534:7ec Cert Trustes. 0 100
2-04: 12:08:33:534:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
2-04: 12:08:33:534:7ec fbeb65a0
2-04: 12:08:33:534:7ec CertFindExtenstion failed with 0
2-04: 12:08:33:574:7ec Entered CRL check
2-04: 12:08:33:574:7ec Left CRL check
2-04: 12:08:33:574:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
2-04: 12:08:33:574:7ec fbeb65a0
2-04: 12:08:33:574:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br
2-04: 12:08:33:574:7ec Cert Serialnumber 02
2-04: 12:08:33:574:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
2-04: 12:08:33:574:7ec fbeb65a0
2-04: 12:08:33:574:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
2-04: 12:08:33:574:7ec Cert Serialnumber 00
2-04: 12:08:33:574:7ec Cert SHA Thumbprint 3b9b8df006afe6e1c52b6ae783d0776c
2-04: 12:08:33:574:7ec ece1fd71
2-04: 12:08:33:574:7ec Not storing My cert chain in SA.
2-04: 12:08:33:574:7ec MM ID Type 9
2-04: 12:08:33:574:7ec MM ID 308184310b3009060355040613026272
2-04: 12:08:33:574:7ec 3110300e060355040813077061726169
2-04: 12:08:33:574:7ec 6261311430120603550407130b6a6f61
2-04: 12:08:33:574:7ec 6f20706573736f61310e300c06035504
2-04: 12:08:33:574:7ec 0a1305736566696e3116301406035504
2-04: 12:08:33:574:7ec 03130d74657374652e636c69656e7465
2-04: 12:08:33:574:7ec 3125302306092a864886f70d01090116
2-04: 12:08:33:574:7ec 166e6f6272656761737a407961686f6f
2-04: 12:08:33:574:7ec 2e636f6d2e6272
2-04: 12:08:33:574:7ec constructing CERT
2-04: 12:08:33:574:7ec Construct SIG
2-04: 12:08:33:584:7ec Constructing Cert Request
2-04: 12:08:33:584:7ec C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
2-04: 12:08:33:584:7ec
2-04: 12:08:33:584:7ec Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:08:33:584:7ec ISAKMP Header: (V1.0), len = 1356
2-04: 12:08:33:584:7ec I-COOKIE c379b220ef4de448
2-04: 12:08:33:584:7ec R-COOKIE e540e25cc603eb38
2-04: 12:08:33:584:7ec exchange: Oakley Main Mode
2-04: 12:08:33:584:7ec flags: 1 ( encrypted )
2-04: 12:08:33:584:7ec next payload: ID
2-04: 12:08:33:584:7ec message ID: 00000000
2-04: 12:08:33:584:7ec Ports S:f401 D:f401
2-04: 12:08:33:594:7ec
2-04: 12:08:33:594:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:08:33:594:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:08:33:594:7ec I-COOKIE c379b220ef4de448
2-04: 12:08:33:594:7ec R-COOKIE e540e25cc603eb38
2-04: 12:08:33:594:7ec exchange: ISAKMP Informational Exchange
2-04: 12:08:33:594:7ec flags: 1 ( encrypted )
2-04: 12:08:33:594:7ec next payload: HASH
2-04: 12:08:33:594:7ec message ID: d506f734
2-04: 12:08:33:594:7ec invalid payload received
2-04: 12:08:33:594:7ec GetPacket failed 3613
2-04: 12:08:34:285:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 1
2-04: 12:08:34:285:5b0
2-04: 12:08:34:285:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:08:34:285:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:08:34:285:5b0 I-COOKIE c379b220ef4de448
2-04: 12:08:34:285:5b0 R-COOKIE e540e25cc603eb38
2-04: 12:08:34:285:5b0 exchange: Oakley Main Mode
2-04: 12:08:34:285:5b0 flags: 1 ( encrypted )
2-04: 12:08:34:285:5b0 next payload: ID
2-04: 12:08:34:285:5b0 message ID: 00000000
2-04: 12:08:34:285:5b0 Ports S:f401 D:f401
2-04: 12:08:34:285:7ec
2-04: 12:08:34:285:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:08:34:285:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:08:34:285:7ec I-COOKIE c379b220ef4de448
2-04: 12:08:34:285:7ec R-COOKIE e540e25cc603eb38
2-04: 12:08:34:285:7ec exchange: ISAKMP Informational Exchange
2-04: 12:08:34:285:7ec flags: 1 ( encrypted )
2-04: 12:08:34:285:7ec next payload: HASH
2-04: 12:08:34:285:7ec message ID: acfbeac6
2-04: 12:08:34:285:7ec invalid payload received
2-04: 12:08:34:285:7ec GetPacket failed 3613
2-04: 12:08:36:288:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 2
2-04: 12:08:36:288:5b0
2-04: 12:08:36:288:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:08:36:288:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:08:36:288:5b0 I-COOKIE c379b220ef4de448
2-04: 12:08:36:288:5b0 R-COOKIE e540e25cc603eb38
2-04: 12:08:36:288:5b0 exchange: Oakley Main Mode
2-04: 12:08:36:288:5b0 flags: 1 ( encrypted )
2-04: 12:08:36:288:5b0 next payload: ID
2-04: 12:08:36:288:5b0 message ID: 00000000
2-04: 12:08:36:288:5b0 Ports S:f401 D:f401
2-04: 12:08:36:288:7ec
2-04: 12:08:36:288:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:08:36:288:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:08:36:288:7ec I-COOKIE c379b220ef4de448
2-04: 12:08:36:288:7ec R-COOKIE e540e25cc603eb38
2-04: 12:08:36:288:7ec exchange: ISAKMP Informational Exchange
2-04: 12:08:36:288:7ec flags: 1 ( encrypted )
2-04: 12:08:36:288:7ec next payload: HASH
2-04: 12:08:36:288:7ec message ID: c728e8ae
2-04: 12:08:36:288:7ec invalid payload received
2-04: 12:08:36:288:7ec GetPacket failed 3613
2-04: 12:08:40:294:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 3
2-04: 12:08:40:294:5b0
2-04: 12:08:40:294:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:08:40:294:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:08:40:294:5b0 I-COOKIE c379b220ef4de448
2-04: 12:08:40:294:5b0 R-COOKIE e540e25cc603eb38
2-04: 12:08:40:294:5b0 exchange: Oakley Main Mode
2-04: 12:08:40:294:5b0 flags: 1 ( encrypted )
2-04: 12:08:40:294:5b0 next payload: ID
2-04: 12:08:40:294:5b0 message ID: 00000000
2-04: 12:08:40:294:5b0 Ports S:f401 D:f401
2-04: 12:08:40:294:7ec
2-04: 12:08:40:294:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:08:40:294:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:08:40:294:7ec I-COOKIE c379b220ef4de448
2-04: 12:08:40:294:7ec R-COOKIE e540e25cc603eb38
2-04: 12:08:40:294:7ec exchange: ISAKMP Informational Exchange
2-04: 12:08:40:294:7ec flags: 1 ( encrypted )
2-04: 12:08:40:294:7ec next payload: HASH
2-04: 12:08:40:294:7ec message ID: 33ee0805
2-04: 12:08:40:294:7ec invalid payload received
2-04: 12:08:40:294:7ec GetPacket failed 3613
2-04: 12:08:43:218:284 Acquire from driver: op=0000000C src=10.10.1.141.0 dst=10.10.1.231.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 1, TunnelEndpt=10.10.1.231 Inbound TunnelEndpt=10.10.1.141
2-04: 12:08:43:218:7ec Main mode in progress. Acquire queued
2-04: 12:08:43:218:7ec Queued Acquire Context c on SA 13f460
2-04: 12:08:43:288:7ec
2-04: 12:08:43:288:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:08:43:288:7ec ISAKMP Header: (V1.0), len = 228
2-04: 12:08:43:288:7ec I-COOKIE c379b220ef4de448
2-04: 12:08:43:288:7ec R-COOKIE e540e25cc603eb38
2-04: 12:08:43:288:7ec exchange: Oakley Main Mode
2-04: 12:08:43:288:7ec flags: 0
2-04: 12:08:43:288:7ec next payload: KE
2-04: 12:08:43:288:7ec message ID: 00000000
2-04: 12:08:43:288:7ec received an unencrypted packet when crypto active
2-04: 12:08:43:288:7ec GetPacket failed 35ec
2-04: 12:08:48:305:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 4
2-04: 12:08:48:305:5b0
2-04: 12:08:48:305:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:08:48:305:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:08:48:305:5b0 I-COOKIE c379b220ef4de448
2-04: 12:08:48:305:5b0 R-COOKIE e540e25cc603eb38
2-04: 12:08:48:305:5b0 exchange: Oakley Main Mode
2-04: 12:08:48:305:5b0 flags: 1 ( encrypted )
2-04: 12:08:48:305:5b0 next payload: ID
2-04: 12:08:48:305:5b0 message ID: 00000000
2-04: 12:08:48:305:5b0 Ports S:f401 D:f401
2-04: 12:08:48:305:7ec
2-04: 12:08:48:305:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:08:48:305:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:08:48:305:7ec I-COOKIE c379b220ef4de448
2-04: 12:08:48:305:7ec R-COOKIE e540e25cc603eb38
2-04: 12:08:48:305:7ec exchange: ISAKMP Informational Exchange
2-04: 12:08:48:305:7ec flags: 1 ( encrypted )
2-04: 12:08:48:305:7ec next payload: HASH
2-04: 12:08:48:305:7ec message ID: 16be85bb
2-04: 12:08:48:305:7ec invalid payload received
2-04: 12:08:48:305:7ec GetPacket failed 3613
2-04: 12:09:03:307:7ec
2-04: 12:09:03:307:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:09:03:307:7ec ISAKMP Header: (V1.0), len = 228
2-04: 12:09:03:307:7ec I-COOKIE c379b220ef4de448
2-04: 12:09:03:307:7ec R-COOKIE e540e25cc603eb38
2-04: 12:09:03:307:7ec exchange: Oakley Main Mode
2-04: 12:09:03:307:7ec flags: 0
2-04: 12:09:03:307:7ec next payload: KE
2-04: 12:09:03:307:7ec message ID: 00000000
2-04: 12:09:03:307:7ec received an unencrypted packet when crypto active
2-04: 12:09:03:307:7ec GetPacket failed 35ec
2-04: 12:09:04:328:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 5
2-04: 12:09:04:328:5b0
2-04: 12:09:04:328:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:09:04:328:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:09:04:328:5b0 I-COOKIE c379b220ef4de448
2-04: 12:09:04:328:5b0 R-COOKIE e540e25cc603eb38
2-04: 12:09:04:328:5b0 exchange: Oakley Main Mode
2-04: 12:09:04:328:5b0 flags: 1 ( encrypted )
2-04: 12:09:04:328:5b0 next payload: ID
2-04: 12:09:04:328:5b0 message ID: 00000000
2-04: 12:09:04:328:5b0 Ports S:f401 D:f401
2-04: 12:09:04:328:7ec
2-04: 12:09:04:328:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:09:04:328:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:09:04:328:7ec I-COOKIE c379b220ef4de448
2-04: 12:09:04:328:7ec R-COOKIE e540e25cc603eb38
2-04: 12:09:04:328:7ec exchange: ISAKMP Informational Exchange
2-04: 12:09:04:328:7ec flags: 1 ( encrypted )
2-04: 12:09:04:328:7ec next payload: HASH
2-04: 12:09:04:328:7ec message ID: 9f94ccf5
2-04: 12:09:04:328:7ec invalid payload received
2-04: 12:09:04:328:7ec GetPacket failed 3613
2-04: 12:09:36:374:5b0 retransmit exhausted: sa = 0013F460 centry 00000000, count = 6
2-04: 12:09:36:374:5b0 SA Dead. sa:0013F460 status:35ed
2-04: 12:09:36:374:5b0 Posting new acquire context c
2-04: 12:09:36:374:5b0 Internal Acquire: op=0000000C src=10.10.1.141.0 dst=10.10.1.231.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 1, TunnelEndpt=10.10.1.231 Inbound TunnelEndpt=10.10.1.141, InitiateEvent=00000000, IKE SrcPort=0 IKE DstPort=0
2-04: 12:09:36:374:5b0 isadb_set_status sa:0013F460 centry:00000000 status 35ed
2-04: 12:09:36:374:5b0 Modo de troca de chave (Modo principal)
2-04: 12:09:36:374:5b0 Endereço IP de origem 10.10.1.141 Máscara do endereço IP de origem 255.255.255.255 Endereço IP de destino 10.10.1.231 Máscara do endereço IP de destino 255.255.255.255 Protocolo 0 Porta de origem 0 Porta de destino 0 End. local IKE 10.10.1.141 End. IKE de mesmo nível 10.10.1.231
2-04: 12:09:36:374:5b0 Identidade baseada no certificado. Entidade de mesmo nível Impressão digital SHA de mesmo nível 0000000000000000000000000000000000000000 Autoridade de certificação emitente Autoridade de certificação raiz Minha entidade C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br Minha impressão digital SHA 2d16b509f9321a54e03090781b660713fbeb65a0 Endereço IP de mesmo nível: 10.10.1.231
2-04: 12:09:36:374:5b0 Eu
2-04: 12:09:36:374:5b0 Tempo limite da negociação esgotado
2-04: 12:09:36:374:5b0 0x0 0x0
2-04: 12:09:36:374:5b0 constructing ISAKMP Header
2-04: 12:09:36:374:5b0 constructing HASH (null)
2-04: 12:09:36:374:5b0 constructing DELETE. MM 0013F460
2-04: 12:09:36:374:5b0 constructing HASH (Notify/Delete)
2-04: 12:09:36:374:5b0
2-04: 12:09:36:374:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 1.500
2-04: 12:09:36:374:5b0 ISAKMP Header: (V1.0), len = 84
2-04: 12:09:36:374:5b0 I-COOKIE c379b220ef4de448
2-04: 12:09:36:374:5b0 R-COOKIE e540e25cc603eb38
2-04: 12:09:36:374:5b0 exchange: ISAKMP Informational Exchange
2-04: 12:09:36:374:5b0 flags: 1 ( encrypted )
2-04: 12:09:36:374:5b0 next payload: HASH
2-04: 12:09:36:374:5b0 message ID: 1e0e7dc9
2-04: 12:09:36:374:5b0 Ports S:f401 D:f401
2-04: 12:09:36:695:544
2-04: 12:09:36:695:544 Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:09:36:695:544 ISAKMP Header: (V1.0), len = 40
2-04: 12:09:36:695:544 I-COOKIE c379b220ef4de448
2-04: 12:09:36:695:544 R-COOKIE e540e25cc603eb38
2-04: 12:09:36:695:544 exchange: ISAKMP Informational Exchange
2-04: 12:09:36:695:544 flags: 0
2-04: 12:09:36:695:544 next payload: NOTIFY
2-04: 12:09:36:695:544 message ID: 6ea04b06
2-04: 12:09:36:695:544 received an unencrypted packet when crypto active
2-04: 12:09:36:695:544 GetPacket failed 35ec
2-04: 12:09:36:725:7ec Filter to match: Src 10.10.1.231 Dst 10.10.1.141
2-04: 12:09:36:725:7ec MM PolicyName: 9
2-04: 12:09:36:725:7ec MMPolicy dwFlags 2 SoftSAExpireTime 28800
2-04: 12:09:36:725:7ec MMOffer[0] LifetimeSec 28800 QMLimit 1 DHGroup 2
2-04: 12:09:36:725:7ec MMOffer[0] Encrypt: Triplo DES CBC Hash: SHA
2-04: 12:09:36:725:7ec MMOffer[1] LifetimeSec 28800 QMLimit 1 DHGroup 2
2-04: 12:09:36:725:7ec MMOffer[1] Encrypt: Triplo DES CBC Hash: MD5
2-04: 12:09:36:725:7ec MMOffer[2] LifetimeSec 28800 QMLimit 1 DHGroup 1
2-04: 12:09:36:725:7ec MMOffer[2] Encrypt: DES CBC Hash: SHA
2-04: 12:09:36:725:7ec MMOffer[3] LifetimeSec 28800 QMLimit 1 DHGroup 1
2-04: 12:09:36:725:7ec MMOffer[3] Encrypt: DES CBC Hash: MD5
2-04: 12:09:36:725:7ec Auth[0]:RSA Sig C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br AuthFlags 0
2-04: 12:09:36:725:7ec QM PolicyName: Host-roadwarrior filter action dwFlags 1
2-04: 12:09:36:725:7ec QMOffer[0] LifetimeKBytes 50000 LifetimeSec 3600
2-04: 12:09:36:725:7ec QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
2-04: 12:09:36:725:7ec Algo[0] Operation: ESP Algo: Triplo DES CBC HMAC: MD5
2-04: 12:09:36:725:7ec Starting Negotiation: src = 10.10.1.141.0500, dst = 10.10.1.231.0500, proto = 00, context = 0000000C, ProxySrc = 10.10.1.141.0000, ProxyDst = 10.10.1.231.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.255
2-04: 12:09:36:725:7ec constructing ISAKMP Header
2-04: 12:09:36:725:7ec constructing SA (ISAKMP)
2-04: 12:09:36:725:7ec Constructing Vendor MS NT5 ISAKMPOAKLEY
2-04: 12:09:36:725:7ec Constructing Vendor FRAGMENTATION
2-04: 12:09:36:725:7ec Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
2-04: 12:09:36:725:7ec
2-04: 12:09:36:725:7ec Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:09:36:725:7ec ISAKMP Header: (V1.0), len = 256
2-04: 12:09:36:725:7ec I-COOKIE ce459f4801157448
2-04: 12:09:36:725:7ec R-COOKIE 0000000000000000
2-04: 12:09:36:725:7ec exchange: Oakley Main Mode
2-04: 12:09:36:725:7ec flags: 0
2-04: 12:09:36:725:7ec next payload: SA
2-04: 12:09:36:725:7ec message ID: 00000000
2-04: 12:09:36:725:7ec Ports S:f401 D:f401
2-04: 12:09:36:725:7ec
2-04: 12:09:36:725:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:09:36:725:7ec ISAKMP Header: (V1.0), len = 124
2-04: 12:09:36:725:7ec I-COOKIE ce459f4801157448
2-04: 12:09:36:725:7ec R-COOKIE 621f593e4657ba25
2-04: 12:09:36:725:7ec exchange: Oakley Main Mode
2-04: 12:09:36:725:7ec flags: 0
2-04: 12:09:36:725:7ec next payload: SA
2-04: 12:09:36:725:7ec message ID: 00000000
2-04: 12:09:36:725:7ec processing payload SA
2-04: 12:09:36:725:7ec Received Phase 1 Transform 1
2-04: 12:09:36:725:7ec Encryption Alg Triplo DES CBC(5)
2-04: 12:09:36:725:7ec Hash Alg SHA(2)
2-04: 12:09:36:725:7ec Oakley Group 2
2-04: 12:09:36:725:7ec Auth Method Assinatura RSA com Certificados (3)
2-04: 12:09:36:725:7ec Life type in Seconds
2-04: 12:09:36:725:7ec Life duration of 28800
2-04: 12:09:36:725:7ec Phase 1 SA accepted: transform=1
2-04: 12:09:36:725:7ec SA - Oakley proposal accepted
2-04: 12:09:36:725:7ec processing payload VENDOR ID
2-04: 12:09:36:725:7ec processing payload VENDOR ID
2-04: 12:09:36:725:7ec Received VendorId draft-ietf-ipsec-nat-t-ike-02
2-04: 12:09:36:725:7ec ClearFragList
2-04: 12:09:36:725:7ec constructing ISAKMP Header
2-04: 12:09:36:795:7ec constructing KE
2-04: 12:09:36:795:7ec constructing NONCE (ISAKMP)
2-04: 12:09:36:795:7ec Constructing NatDisc
2-04: 12:09:36:795:7ec
2-04: 12:09:36:795:7ec Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:09:36:795:7ec ISAKMP Header: (V1.0), len = 232
2-04: 12:09:36:795:7ec I-COOKIE ce459f4801157448
2-04: 12:09:36:795:7ec R-COOKIE 621f593e4657ba25
2-04: 12:09:36:795:7ec exchange: Oakley Main Mode
2-04: 12:09:36:795:7ec flags: 0
2-04: 12:09:36:795:7ec next payload: KE
2-04: 12:09:36:795:7ec message ID: 00000000
2-04: 12:09:36:795:7ec Ports S:f401 D:f401
2-04: 12:09:36:815:7ec
2-04: 12:09:36:815:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:09:36:815:7ec ISAKMP Header: (V1.0), len = 228
2-04: 12:09:36:815:7ec I-COOKIE ce459f4801157448
2-04: 12:09:36:815:7ec R-COOKIE 621f593e4657ba25
2-04: 12:09:36:815:7ec exchange: Oakley Main Mode
2-04: 12:09:36:815:7ec flags: 0
2-04: 12:09:36:815:7ec next payload: KE
2-04: 12:09:36:815:7ec message ID: 00000000
2-04: 12:09:36:815:7ec processing payload KE
2-04: 12:09:36:845:7ec processing payload NONCE
2-04: 12:09:36:845:7ec processing payload NATDISC
2-04: 12:09:36:845:7ec Processing NatHash
2-04: 12:09:36:845:7ec Nat hash 7cc2c66e45fd3dcc126f941ebcf2da3e
2-04: 12:09:36:845:7ec 1bda0185
2-04: 12:09:36:845:7ec SA StateMask2 f
2-04: 12:09:36:845:7ec processing payload NATDISC
2-04: 12:09:36:845:7ec Processing NatHash
2-04: 12:09:36:845:7ec Nat hash 29167530ac65e585c29ead9a7fd99890
2-04: 12:09:36:845:7ec e4934f84
2-04: 12:09:36:845:7ec SA StateMask2 8f
2-04: 12:09:36:845:7ec ClearFragList
2-04: 12:09:36:845:7ec constructing ISAKMP Header
2-04: 12:09:36:845:7ec constructing ID
2-04: 12:09:36:845:7ec Received no valid CRPs. Using all configured
2-04: 12:09:36:845:7ec Looking for IPSec only cert
2-04: 12:09:36:845:7ec Cert Trustes. 0 100
2-04: 12:09:36:845:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
2-04: 12:09:36:845:7ec fbeb65a0
2-04: 12:09:36:845:7ec CertFindExtenstion failed with 0
2-04: 12:09:36:845:7ec Entered CRL check
2-04: 12:09:36:845:7ec Left CRL check
2-04: 12:09:36:855:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
2-04: 12:09:36:855:7ec fbeb65a0
2-04: 12:09:36:855:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br
2-04: 12:09:36:855:7ec Cert Serialnumber 02
2-04: 12:09:36:855:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
2-04: 12:09:36:855:7ec fbeb65a0
2-04: 12:09:36:855:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
2-04: 12:09:36:855:7ec Cert Serialnumber 00
2-04: 12:09:36:855:7ec Cert SHA Thumbprint 3b9b8df006afe6e1c52b6ae783d0776c
2-04: 12:09:36:855:7ec ece1fd71
2-04: 12:09:36:855:7ec Not storing My cert chain in SA.
2-04: 12:09:36:855:7ec MM ID Type 9
2-04: 12:09:36:855:7ec MM ID 308184310b3009060355040613026272
2-04: 12:09:36:855:7ec 3110300e060355040813077061726169
2-04: 12:09:36:855:7ec 6261311430120603550407130b6a6f61
2-04: 12:09:36:855:7ec 6f20706573736f61310e300c06035504
2-04: 12:09:36:855:7ec 0a1305736566696e3116301406035504
2-04: 12:09:36:855:7ec 03130d74657374652e636c69656e7465
2-04: 12:09:36:855:7ec 3125302306092a864886f70d01090116
2-04: 12:09:36:855:7ec 166e6f6272656761737a407961686f6f
2-04: 12:09:36:855:7ec 2e636f6d2e6272
2-04: 12:09:36:855:7ec constructing CERT
2-04: 12:09:36:855:7ec Construct SIG
2-04: 12:09:36:865:7ec Constructing Cert Request
2-04: 12:09:36:865:7ec C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
2-04: 12:09:36:865:7ec
2-04: 12:09:36:865:7ec Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:09:36:865:7ec ISAKMP Header: (V1.0), len = 1356
2-04: 12:09:36:865:7ec I-COOKIE ce459f4801157448
2-04: 12:09:36:865:7ec R-COOKIE 621f593e4657ba25
2-04: 12:09:36:865:7ec exchange: Oakley Main Mode
2-04: 12:09:36:865:7ec flags: 1 ( encrypted )
2-04: 12:09:36:865:7ec next payload: ID
2-04: 12:09:36:865:7ec message ID: 00000000
2-04: 12:09:36:865:7ec Ports S:f401 D:f401
2-04: 12:09:36:865:7ec
2-04: 12:09:36:865:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:09:36:865:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:09:36:865:7ec I-COOKIE ce459f4801157448
2-04: 12:09:36:865:7ec R-COOKIE 621f593e4657ba25
2-04: 12:09:36:865:7ec exchange: ISAKMP Informational Exchange
2-04: 12:09:36:865:7ec flags: 1 ( encrypted )
2-04: 12:09:36:865:7ec next payload: HASH
2-04: 12:09:36:865:7ec message ID: caee6b34
2-04: 12:09:36:865:7ec invalid payload received
2-04: 12:09:36:865:7ec GetPacket failed 3613
2-04: 12:09:37:376:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 1
2-04: 12:09:37:376:5b0
2-04: 12:09:37:376:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:09:37:376:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:09:37:376:5b0 I-COOKIE ce459f4801157448
2-04: 12:09:37:376:5b0 R-COOKIE 621f593e4657ba25
2-04: 12:09:37:376:5b0 exchange: Oakley Main Mode
2-04: 12:09:37:376:5b0 flags: 1 ( encrypted )
2-04: 12:09:37:376:5b0 next payload: ID
2-04: 12:09:37:376:5b0 message ID: 00000000
2-04: 12:09:37:376:5b0 Ports S:f401 D:f401
2-04: 12:09:37:376:7ec
2-04: 12:09:37:376:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:09:37:376:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:09:37:376:7ec I-COOKIE ce459f4801157448
2-04: 12:09:37:376:7ec R-COOKIE 621f593e4657ba25
2-04: 12:09:37:376:7ec exchange: ISAKMP Informational Exchange
2-04: 12:09:37:376:7ec flags: 1 ( encrypted )
2-04: 12:09:37:376:7ec next payload: HASH
2-04: 12:09:37:376:7ec message ID: 4c919ca9
2-04: 12:09:37:376:7ec invalid payload received
2-04: 12:09:37:376:7ec GetPacket failed 3613
2-04: 12:09:39:379:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 2
2-04: 12:09:39:379:5b0
2-04: 12:09:39:379:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:09:39:379:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:09:39:379:5b0 I-COOKIE ce459f4801157448
2-04: 12:09:39:379:5b0 R-COOKIE 621f593e4657ba25
2-04: 12:09:39:379:5b0 exchange: Oakley Main Mode
2-04: 12:09:39:379:5b0 flags: 1 ( encrypted )
2-04: 12:09:39:379:5b0 next payload: ID
2-04: 12:09:39:379:5b0 message ID: 00000000
2-04: 12:09:39:379:5b0 Ports S:f401 D:f401
2-04: 12:09:39:379:7ec
2-04: 12:09:39:379:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:09:39:379:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:09:39:379:7ec I-COOKIE ce459f4801157448
2-04: 12:09:39:379:7ec R-COOKIE 621f593e4657ba25
2-04: 12:09:39:379:7ec exchange: ISAKMP Informational Exchange
2-04: 12:09:39:379:7ec flags: 1 ( encrypted )
2-04: 12:09:39:379:7ec next payload: HASH
2-04: 12:09:39:379:7ec message ID: 24f0ac68
2-04: 12:09:39:379:7ec invalid payload received
2-04: 12:09:39:379:7ec GetPacket failed 3613
2-04: 12:09:43:384:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 3
2-04: 12:09:43:384:5b0
2-04: 12:09:43:384:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:09:43:384:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:09:43:384:5b0 I-COOKIE ce459f4801157448
2-04: 12:09:43:384:5b0 R-COOKIE 621f593e4657ba25
2-04: 12:09:43:384:5b0 exchange: Oakley Main Mode
2-04: 12:09:43:384:5b0 flags: 1 ( encrypted )
2-04: 12:09:43:384:5b0 next payload: ID
2-04: 12:09:43:384:5b0 message ID: 00000000
2-04: 12:09:43:384:5b0 Ports S:f401 D:f401
2-04: 12:09:43:384:7ec
2-04: 12:09:43:384:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:09:43:384:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:09:43:384:7ec I-COOKIE ce459f4801157448
2-04: 12:09:43:384:7ec R-COOKIE 621f593e4657ba25
2-04: 12:09:43:384:7ec exchange: ISAKMP Informational Exchange
2-04: 12:09:43:384:7ec flags: 1 ( encrypted )
2-04: 12:09:43:384:7ec next payload: HASH
2-04: 12:09:43:384:7ec message ID: b947c8a4
2-04: 12:09:43:384:7ec invalid payload received
2-04: 12:09:43:384:7ec GetPacket failed 3613
2-04: 12:09:46:379:7ec
2-04: 12:09:46:379:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:09:46:379:7ec ISAKMP Header: (V1.0), len = 228
2-04: 12:09:46:379:7ec I-COOKIE ce459f4801157448
2-04: 12:09:46:379:7ec R-COOKIE 621f593e4657ba25
2-04: 12:09:46:389:7ec exchange: Oakley Main Mode
2-04: 12:09:46:389:7ec flags: 0
2-04: 12:09:46:389:7ec next payload: KE
2-04: 12:09:46:389:7ec message ID: 00000000
2-04: 12:09:46:389:7ec received an unencrypted packet when crypto active
2-04: 12:09:46:389:7ec GetPacket failed 35ec
2-04: 12:09:47:170:7ec ClearFragList
2-04: 12:09:51:396:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 4
2-04: 12:09:51:396:5b0
2-04: 12:09:51:396:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:09:51:396:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:09:51:396:5b0 I-COOKIE ce459f4801157448
2-04: 12:09:51:396:5b0 R-COOKIE 621f593e4657ba25
2-04: 12:09:51:396:5b0 exchange: Oakley Main Mode
2-04: 12:09:51:396:5b0 flags: 1 ( encrypted )
2-04: 12:09:51:396:5b0 next payload: ID
2-04: 12:09:51:396:5b0 message ID: 00000000
2-04: 12:09:51:396:5b0 Ports S:f401 D:f401
2-04: 12:09:51:396:7ec
2-04: 12:09:51:396:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:09:51:396:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:09:51:396:7ec I-COOKIE ce459f4801157448
2-04: 12:09:51:396:7ec R-COOKIE 621f593e4657ba25
2-04: 12:09:51:396:7ec exchange: ISAKMP Informational Exchange
2-04: 12:09:51:396:7ec flags: 1 ( encrypted )
2-04: 12:09:51:396:7ec next payload: HASH
2-04: 12:09:51:396:7ec message ID: ec1df876
2-04: 12:09:51:396:7ec invalid payload received
2-04: 12:09:51:396:7ec GetPacket failed 3613
2-04: 12:10:06:397:7ec
2-04: 12:10:06:397:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:10:06:397:7ec ISAKMP Header: (V1.0), len = 228
2-04: 12:10:06:397:7ec I-COOKIE ce459f4801157448
2-04: 12:10:06:397:7ec R-COOKIE 621f593e4657ba25
2-04: 12:10:06:397:7ec exchange: Oakley Main Mode
2-04: 12:10:06:397:7ec flags: 0
2-04: 12:10:06:397:7ec next payload: KE
2-04: 12:10:06:397:7ec message ID: 00000000
2-04: 12:10:06:397:7ec received an unencrypted packet when crypto active
2-04: 12:10:06:397:7ec GetPacket failed 35ec
2-04: 12:10:07:419:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 5
2-04: 12:10:07:419:5b0
2-04: 12:10:07:419:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:10:07:419:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:10:07:419:5b0 I-COOKIE ce459f4801157448
2-04: 12:10:07:419:5b0 R-COOKIE 621f593e4657ba25
2-04: 12:10:07:419:5b0 exchange: Oakley Main Mode
2-04: 12:10:07:419:5b0 flags: 1 ( encrypted )
2-04: 12:10:07:419:5b0 next payload: ID
2-04: 12:10:07:419:5b0 message ID: 00000000
2-04: 12:10:07:419:5b0 Ports S:f401 D:f401
2-04: 12:10:07:419:7ec
2-04: 12:10:07:419:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:10:07:419:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:10:07:419:7ec I-COOKIE ce459f4801157448
2-04: 12:10:07:419:7ec R-COOKIE 621f593e4657ba25
2-04: 12:10:07:419:7ec exchange: ISAKMP Informational Exchange
2-04: 12:10:07:419:7ec flags: 1 ( encrypted )
2-04: 12:10:07:419:7ec next payload: HASH
2-04: 12:10:07:419:7ec message ID: 45925b38
2-04: 12:10:07:419:7ec invalid payload received
2-04: 12:10:07:419:7ec GetPacket failed 3613
2-04: 12:10:39:465:5b0 retransmit exhausted: sa = 0010BD58 centry 00000000, count = 6
2-04: 12:10:39:465:5b0 SA Dead. sa:0010BD58 status:35ed
2-04: 12:10:39:465:5b0 isadb_set_status sa:0010BD58 centry:00000000 status 35ed
2-04: 12:10:39:465:5b0 Modo de troca de chave (Modo principal)
2-04: 12:10:39:465:5b0 Endereço IP de origem 10.10.1.141 Máscara do endereço IP de origem 255.255.255.255 Endereço IP de destino 10.10.1.231 Máscara do endereço IP de destino 255.255.255.255 Protocolo 0 Porta de origem 0 Porta de destino 0 End. local IKE 10.10.1.141 End. IKE de mesmo nível 10.10.1.231
2-04: 12:10:39:465:5b0 Identidade baseada no certificado. Entidade de mesmo nível Impressão digital SHA de mesmo nível 0000000000000000000000000000000000000000 Autoridade de certificação emitente Autoridade de certificação raiz Minha entidade C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br Minha impressão digital SHA 2d16b509f9321a54e03090781b660713fbeb65a0 Endereço IP de mesmo nível: 10.10.1.231
2-04: 12:10:39:465:5b0 Eu
2-04: 12:10:39:465:5b0 Tempo limite da negociação esgotado
2-04: 12:10:39:465:5b0 0x0 0x0
2-04: 12:10:39:465:5b0 constructing ISAKMP Header
2-04: 12:10:39:465:5b0 constructing HASH (null)
2-04: 12:10:39:465:5b0 constructing DELETE. MM 0010BD58
2-04: 12:10:39:465:5b0 constructing HASH (Notify/Delete)
2-04: 12:10:39:465:5b0
2-04: 12:10:39:465:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 1.500
2-04: 12:10:39:465:5b0 ISAKMP Header: (V1.0), len = 84
2-04: 12:10:39:465:5b0 I-COOKIE ce459f4801157448
2-04: 12:10:39:465:5b0 R-COOKIE 621f593e4657ba25
2-04: 12:10:39:465:5b0 exchange: ISAKMP Informational Exchange
2-04: 12:10:39:465:5b0 flags: 1 ( encrypted )
2-04: 12:10:39:465:5b0 next payload: HASH
2-04: 12:10:39:465:5b0 message ID: 082bdff8
2-04: 12:10:39:465:5b0 Ports S:f401 D:f401
2-04: 12:10:39:465:7ec
2-04: 12:10:39:465:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:10:39:465:7ec ISAKMP Header: (V1.0), len = 40
2-04: 12:10:39:465:7ec I-COOKIE ce459f4801157448
2-04: 12:10:39:465:7ec R-COOKIE 621f593e4657ba25
2-04: 12:10:39:465:7ec exchange: ISAKMP Informational Exchange
2-04: 12:10:39:465:7ec flags: 0
2-04: 12:10:39:465:7ec next payload: NOTIFY
2-04: 12:10:39:465:7ec message ID: 0f58c953
2-04: 12:10:39:465:7ec received an unencrypted packet when crypto active
2-04: 12:10:39:465:7ec GetPacket failed 35ec
2-04: 12:11:17:179:7ec ClearFragList
2-04: 12:15:12:518:b8 isadb_schedule_kill_oldPolicy_sas: ad521afa-3668-4534-b36b3f40af903461 4
2-04: 12:15:12:518:b8 isadb_schedule_kill_oldPolicy_sas: 5a67936e-68c7-45bc-bbe6719d15569135 4
2-04: 12:15:12:518:b8 isadb_schedule_kill_oldPolicy_sas: ff580d2d-ec6d-4198-90f5737e5db74ebe 3
2-04: 12:15:12:518:b8 isadb_schedule_kill_oldPolicy_sas: eb485646-4aca-4c16-b95fdecb47f916d1 3
2-04: 12:15:12:528:7ec entered kill_old_policy_sas 4
2-04: 12:15:12:528:7ec entered kill_old_policy_sas 4
2-04: 12:15:12:528:7ec entered kill_old_policy_sas 3
2-04: 12:15:12:528:7ec entered kill_old_policy_sas 3
2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: c04c78a6-f434-44cc-864a970de645671f 3
2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: 160d3b34-5a9f-4461-ad35d34edbec00a7 3
2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: 0508392b-0c05-421f-af2d26c9cf2683a4 1
2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: bfc3a5b4-63ba-411a-a640df9ca28a9e99 2
2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: 7e09ba43-e79c-4030-b8e2b92196bb3ce7 2
2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: d5b94763-8ab5-4ec4-80ea87c36d8e4d18 2
2-04: 12:15:12:538:b8 isadb_schedule_kill_oldPolicy_sas: 45deb501-be93-4049-a611a20cb969e16f 2
2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 3
2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 3
2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 1
2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 2
2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 2
2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 2
2-04: 12:15:12:548:7f8 entered kill_old_policy_sas 2
2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: 75577683-373b-4d3d-b211a3e45784f332 4
2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: df4c2af8-bd6d-4dee-b673e58c2ed650dc 4
2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: d12c1e4c-5ec0-469a-91bf313c3bf24442 3
2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: 985f168b-74e2-4c8a-97c77e755dd4d7c1 3
2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: 030a96e9-e8d1-47d6-b632c7334ef52332 1
2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: 3a246cb4-b2c4-46cc-9afcedd95d2225ad 2
2-04: 12:15:13:339:b8 isadb_schedule_kill_oldPolicy_sas: cf5d5d18-3337-4670-a5a9e985d8bfbb3c 2
2-04: 12:15:13:349:7ec entered kill_old_policy_sas 4
2-04: 12:15:13:349:7ec entered kill_old_policy_sas 4
2-04: 12:15:13:349:7ec entered kill_old_policy_sas 3
2-04: 12:15:13:349:7ec entered kill_old_policy_sas 3
2-04: 12:15:13:349:7ec entered kill_old_policy_sas 1
2-04: 12:15:13:349:7ec entered kill_old_policy_sas 2
2-04: 12:15:13:349:7ec entered kill_old_policy_sas 2
2-04: 12:15:28:721:284 Acquire from driver: op=0000000D src=10.10.1.141.0 dst=192.168.0.1.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.0, Tunnel 1, TunnelEndpt=10.10.1.231 Inbound TunnelEndpt=10.10.1.141
2-04: 12:15:28:721:7ec Filter to match: Src 10.10.1.231 Dst 10.10.1.141
2-04: 12:15:28:721:7ec MM PolicyName: 11
2-04: 12:15:28:721:7ec MMPolicy dwFlags 2 SoftSAExpireTime 28800
2-04: 12:15:28:721:7ec MMOffer[0] LifetimeSec 28800 QMLimit 1 DHGroup 2
2-04: 12:15:28:721:7ec MMOffer[0] Encrypt: Triplo DES CBC Hash: SHA
2-04: 12:15:28:721:7ec MMOffer[1] LifetimeSec 28800 QMLimit 1 DHGroup 2
2-04: 12:15:28:721:7ec MMOffer[1] Encrypt: Triplo DES CBC Hash: MD5
2-04: 12:15:28:721:7ec MMOffer[2] LifetimeSec 28800 QMLimit 1 DHGroup 1
2-04: 12:15:28:721:7ec MMOffer[2] Encrypt: DES CBC Hash: SHA
2-04: 12:15:28:721:7ec MMOffer[3] LifetimeSec 28800 QMLimit 1 DHGroup 1
2-04: 12:15:28:721:7ec MMOffer[3] Encrypt: DES CBC Hash: MD5
2-04: 12:15:28:721:7ec Auth[0]:RSA Sig C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br AuthFlags 0
2-04: 12:15:28:721:7ec QM PolicyName: Host-roadwarrior-net filter action dwFlags 1
2-04: 12:15:28:721:7ec QMOffer[0] LifetimeKBytes 50000 LifetimeSec 3600
2-04: 12:15:28:721:7ec QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
2-04: 12:15:28:721:7ec Algo[0] Operation: ESP Algo: Triplo DES CBC HMAC: MD5
2-04: 12:15:28:721:7ec Starting Negotiation: src = 10.10.1.141.0500, dst = 10.10.1.231.0500, proto = 00, context = 0000000D, ProxySrc = 10.10.1.141.0000, ProxyDst = 192.168.0.0.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.0
2-04: 12:15:28:721:7ec constructing ISAKMP Header
2-04: 12:15:28:721:7ec constructing SA (ISAKMP)
2-04: 12:15:28:721:7ec Constructing Vendor MS NT5 ISAKMPOAKLEY
2-04: 12:15:28:721:7ec Constructing Vendor FRAGMENTATION
2-04: 12:15:28:721:7ec Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
2-04: 12:15:28:721:7ec Constructing Vendor Vid-Initial-Contact
2-04: 12:15:28:721:7ec
2-04: 12:15:28:721:7ec Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:15:28:721:7ec ISAKMP Header: (V1.0), len = 276
2-04: 12:15:28:721:7ec I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:28:721:7ec R-COOKIE 0000000000000000
2-04: 12:15:28:721:7ec exchange: Oakley Main Mode
2-04: 12:15:28:721:7ec flags: 0
2-04: 12:15:28:721:7ec next payload: SA
2-04: 12:15:28:721:7ec message ID: 00000000
2-04: 12:15:28:721:7ec Ports S:f401 D:f401
2-04: 12:15:28:721:7ec
2-04: 12:15:28:721:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:15:28:721:7ec ISAKMP Header: (V1.0), len = 124
2-04: 12:15:28:721:7ec I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:28:721:7ec R-COOKIE 4965758a1c833986
2-04: 12:15:28:721:7ec exchange: Oakley Main Mode
2-04: 12:15:28:721:7ec flags: 0
2-04: 12:15:28:721:7ec next payload: SA
2-04: 12:15:28:721:7ec message ID: 00000000
2-04: 12:15:28:721:7ec processing payload SA
2-04: 12:15:28:721:7ec Received Phase 1 Transform 1
2-04: 12:15:28:721:7ec Encryption Alg Triplo DES CBC(5)
2-04: 12:15:28:721:7ec Hash Alg SHA(2)
2-04: 12:15:28:721:7ec Oakley Group 2
2-04: 12:15:28:721:7ec Auth Method Assinatura RSA com Certificados (3)
2-04: 12:15:28:721:7ec Life type in Seconds
2-04: 12:15:28:721:7ec Life duration of 28800
2-04: 12:15:28:721:7ec Phase 1 SA accepted: transform=1
2-04: 12:15:28:721:7ec SA - Oakley proposal accepted
2-04: 12:15:28:721:7ec processing payload VENDOR ID
2-04: 12:15:28:731:7ec processing payload VENDOR ID
2-04: 12:15:28:731:7ec Received VendorId draft-ietf-ipsec-nat-t-ike-02
2-04: 12:15:28:731:7ec ClearFragList
2-04: 12:15:28:731:7ec constructing ISAKMP Header
2-04: 12:15:28:801:7ec constructing KE
2-04: 12:15:28:801:7ec constructing NONCE (ISAKMP)
2-04: 12:15:28:801:7ec Constructing NatDisc
2-04: 12:15:28:801:7ec
2-04: 12:15:28:801:7ec Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:15:28:801:7ec ISAKMP Header: (V1.0), len = 232
2-04: 12:15:28:801:7ec I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:28:801:7ec R-COOKIE 4965758a1c833986
2-04: 12:15:28:801:7ec exchange: Oakley Main Mode
2-04: 12:15:28:801:7ec flags: 0
2-04: 12:15:28:801:7ec next payload: KE
2-04: 12:15:28:801:7ec message ID: 00000000
2-04: 12:15:28:801:7ec Ports S:f401 D:f401
2-04: 12:15:28:821:7ec
2-04: 12:15:28:821:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:15:28:821:7ec ISAKMP Header: (V1.0), len = 228
2-04: 12:15:28:821:7ec I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:28:821:7ec R-COOKIE 4965758a1c833986
2-04: 12:15:28:821:7ec exchange: Oakley Main Mode
2-04: 12:15:28:821:7ec flags: 0
2-04: 12:15:28:821:7ec next payload: KE
2-04: 12:15:28:821:7ec message ID: 00000000
2-04: 12:15:28:821:7ec processing payload KE
2-04: 12:15:28:841:7ec processing payload NONCE
2-04: 12:15:28:841:7ec processing payload NATDISC
2-04: 12:15:28:841:7ec Processing NatHash
2-04: 12:15:28:841:7ec Nat hash d0e4dcafd9b7414016b515fc2e17cd5d
2-04: 12:15:28:841:7ec a3b14493
2-04: 12:15:28:841:7ec SA StateMask2 f
2-04: 12:15:28:841:7ec processing payload NATDISC
2-04: 12:15:28:841:7ec Processing NatHash
2-04: 12:15:28:841:7ec Nat hash ee5b1798d9a3564a847d56594cb9607b
2-04: 12:15:28:851:7ec 609aa20c
2-04: 12:15:28:851:7ec SA StateMask2 8f
2-04: 12:15:28:851:7ec ClearFragList
2-04: 12:15:28:851:7ec constructing ISAKMP Header
2-04: 12:15:28:851:7ec constructing ID
2-04: 12:15:28:851:7ec Received no valid CRPs. Using all configured
2-04: 12:15:28:851:7ec Looking for IPSec only cert
2-04: 12:15:28:851:7ec Cert Trustes. 0 100
2-04: 12:15:28:851:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
2-04: 12:15:28:851:7ec fbeb65a0
2-04: 12:15:28:851:7ec CertFindExtenstion failed with 0
2-04: 12:15:28:851:7ec Entered CRL check
2-04: 12:15:28:851:7ec Left CRL check
2-04: 12:15:28:851:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
2-04: 12:15:28:851:7ec fbeb65a0
2-04: 12:15:28:851:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br
2-04: 12:15:28:851:7ec Cert Serialnumber 02
2-04: 12:15:28:851:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
2-04: 12:15:28:851:7ec fbeb65a0
2-04: 12:15:28:851:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
2-04: 12:15:28:851:7ec Cert Serialnumber 00
2-04: 12:15:28:851:7ec Cert SHA Thumbprint 3b9b8df006afe6e1c52b6ae783d0776c
2-04: 12:15:28:851:7ec ece1fd71
2-04: 12:15:28:851:7ec Not storing My cert chain in SA.
2-04: 12:15:28:851:7ec MM ID Type 9
2-04: 12:15:28:851:7ec MM ID 308184310b3009060355040613026272
2-04: 12:15:28:851:7ec 3110300e060355040813077061726169
2-04: 12:15:28:851:7ec 6261311430120603550407130b6a6f61
2-04: 12:15:28:851:7ec 6f20706573736f61310e300c06035504
2-04: 12:15:28:851:7ec 0a1305736566696e3116301406035504
2-04: 12:15:28:851:7ec 03130d74657374652e636c69656e7465
2-04: 12:15:28:851:7ec 3125302306092a864886f70d01090116
2-04: 12:15:28:851:7ec 166e6f6272656761737a407961686f6f
2-04: 12:15:28:851:7ec 2e636f6d2e6272
2-04: 12:15:28:851:7ec constructing CERT
2-04: 12:15:28:851:7ec Construct SIG
2-04: 12:15:28:861:7ec Constructing Cert Request
2-04: 12:15:28:861:7ec C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
2-04: 12:15:28:861:7ec
2-04: 12:15:28:861:7ec Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:15:28:861:7ec ISAKMP Header: (V1.0), len = 1356
2-04: 12:15:28:861:7ec I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:28:861:7ec R-COOKIE 4965758a1c833986
2-04: 12:15:28:861:7ec exchange: Oakley Main Mode
2-04: 12:15:28:861:7ec flags: 1 ( encrypted )
2-04: 12:15:28:861:7ec next payload: ID
2-04: 12:15:28:861:7ec message ID: 00000000
2-04: 12:15:28:861:7ec Ports S:f401 D:f401
2-04: 12:15:28:871:7ec
2-04: 12:15:28:871:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:15:28:871:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:15:28:871:7ec I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:28:871:7ec R-COOKIE 4965758a1c833986
2-04: 12:15:28:871:7ec exchange: ISAKMP Informational Exchange
2-04: 12:15:28:871:7ec flags: 1 ( encrypted )
2-04: 12:15:28:871:7ec next payload: HASH
2-04: 12:15:28:871:7ec message ID: f6276d68
2-04: 12:15:28:871:7ec invalid payload received
2-04: 12:15:28:871:7ec GetPacket failed 3613
2-04: 12:15:30:3:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 1
2-04: 12:15:30:3:5b0
2-04: 12:15:30:3:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:15:30:3:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:15:30:3:5b0 I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:30:3:5b0 R-COOKIE 4965758a1c833986
2-04: 12:15:30:3:5b0 exchange: Oakley Main Mode
2-04: 12:15:30:3:5b0 flags: 1 ( encrypted )
2-04: 12:15:30:3:5b0 next payload: ID
2-04: 12:15:30:3:5b0 message ID: 00000000
2-04: 12:15:30:3:5b0 Ports S:f401 D:f401
2-04: 12:15:30:3:7ec
2-04: 12:15:30:3:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:15:30:3:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:15:30:3:7ec I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:30:3:7ec R-COOKIE 4965758a1c833986
2-04: 12:15:30:3:7ec exchange: ISAKMP Informational Exchange
2-04: 12:15:30:3:7ec flags: 1 ( encrypted )
2-04: 12:15:30:3:7ec next payload: HASH
2-04: 12:15:30:3:7ec message ID: fac24b2d
2-04: 12:15:30:3:7ec invalid payload received
2-04: 12:15:30:3:7ec GetPacket failed 3613
2-04: 12:15:32:6:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 2
2-04: 12:15:32:6:5b0
2-04: 12:15:32:6:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:15:32:6:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:15:32:6:5b0 I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:32:6:5b0 R-COOKIE 4965758a1c833986
2-04: 12:15:32:6:5b0 exchange: Oakley Main Mode
2-04: 12:15:32:6:5b0 flags: 1 ( encrypted )
2-04: 12:15:32:6:5b0 next payload: ID
2-04: 12:15:32:6:5b0 message ID: 00000000
2-04: 12:15:32:6:5b0 Ports S:f401 D:f401
2-04: 12:15:32:6:7ec
2-04: 12:15:32:6:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:15:32:6:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:15:32:6:7ec I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:32:6:7ec R-COOKIE 4965758a1c833986
2-04: 12:15:32:6:7ec exchange: ISAKMP Informational Exchange
2-04: 12:15:32:6:7ec flags: 1 ( encrypted )
2-04: 12:15:32:6:7ec next payload: HASH
2-04: 12:15:32:6:7ec message ID: b70ab5a8
2-04: 12:15:32:6:7ec invalid payload received
2-04: 12:15:32:6:7ec GetPacket failed 3613
2-04: 12:15:36:11:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 3
2-04: 12:15:36:11:5b0
2-04: 12:15:36:11:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:15:36:11:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:15:36:11:5b0 I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:36:11:5b0 R-COOKIE 4965758a1c833986
2-04: 12:15:36:11:5b0 exchange: Oakley Main Mode
2-04: 12:15:36:11:5b0 flags: 1 ( encrypted )
2-04: 12:15:36:11:5b0 next payload: ID
2-04: 12:15:36:11:5b0 message ID: 00000000
2-04: 12:15:36:11:5b0 Ports S:f401 D:f401
2-04: 12:15:36:11:7ec
2-04: 12:15:36:11:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:15:36:11:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:15:36:11:7ec I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:36:11:7ec R-COOKIE 4965758a1c833986
2-04: 12:15:36:11:7ec exchange: ISAKMP Informational Exchange
2-04: 12:15:36:11:7ec flags: 1 ( encrypted )
2-04: 12:15:36:11:7ec next payload: HASH
2-04: 12:15:36:11:7ec message ID: 3a80be4d
2-04: 12:15:36:11:7ec invalid payload received
2-04: 12:15:36:11:7ec GetPacket failed 3613
2-04: 12:15:37:153:284 Acquire from driver: op=0000000E src=10.10.1.141.0 dst=10.10.1.231.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 1, TunnelEndpt=10.10.1.231 Inbound TunnelEndpt=10.10.1.141
2-04: 12:15:37:153:7ec Main mode in progress. Acquire queued
2-04: 12:15:37:153:7ec Queued Acquire Context e on SA 10bd58
2-04: 12:15:38:4:7ec
2-04: 12:15:38:4:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:15:38:4:7ec ISAKMP Header: (V1.0), len = 228
2-04: 12:15:38:4:7ec I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:38:4:7ec R-COOKIE 4965758a1c833986
2-04: 12:15:38:4:7ec exchange: Oakley Main Mode
2-04: 12:15:38:4:7ec flags: 0
2-04: 12:15:38:4:7ec next payload: KE
2-04: 12:15:38:4:7ec message ID: 00000000
2-04: 12:15:38:4:7ec received an unencrypted packet when crypto active
2-04: 12:15:38:4:7ec GetPacket failed 35ec
2-04: 12:15:44:23:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 4
2-04: 12:15:44:23:5b0
2-04: 12:15:44:23:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:15:44:23:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:15:44:23:5b0 I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:44:23:5b0 R-COOKIE 4965758a1c833986
2-04: 12:15:44:23:5b0 exchange: Oakley Main Mode
2-04: 12:15:44:23:5b0 flags: 1 ( encrypted )
2-04: 12:15:44:23:5b0 next payload: ID
2-04: 12:15:44:23:5b0 message ID: 00000000
2-04: 12:15:44:23:5b0 Ports S:f401 D:f401
2-04: 12:15:44:33:7ec
2-04: 12:15:44:33:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:15:44:33:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:15:44:33:7ec I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:44:33:7ec R-COOKIE 4965758a1c833986
2-04: 12:15:44:33:7ec exchange: ISAKMP Informational Exchange
2-04: 12:15:44:33:7ec flags: 1 ( encrypted )
2-04: 12:15:44:33:7ec next payload: HASH
2-04: 12:15:44:33:7ec message ID: 0085de99
2-04: 12:15:44:33:7ec invalid payload received
2-04: 12:15:44:33:7ec GetPacket failed 3613
2-04: 12:15:58:23:7ec
2-04: 12:15:58:23:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:15:58:23:7ec ISAKMP Header: (V1.0), len = 228
2-04: 12:15:58:23:7ec I-COOKIE c0ae6fb6fd7cba77
2-04: 12:15:58:23:7ec R-COOKIE 4965758a1c833986
2-04: 12:15:58:23:7ec exchange: Oakley Main Mode
2-04: 12:15:58:23:7ec flags: 0
2-04: 12:15:58:23:7ec next payload: KE
2-04: 12:15:58:23:7ec message ID: 00000000
2-04: 12:15:58:23:7ec received an unencrypted packet when crypto active
2-04: 12:15:58:23:7ec GetPacket failed 35ec
2-04: 12:16:00:46:5b0 retransmit: sa = 0010BD58 centry 00000000 , count = 5
2-04: 12:16:00:46:5b0
2-04: 12:16:00:46:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 2.500
2-04: 12:16:00:46:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:16:00:46:5b0 I-COOKIE c0ae6fb6fd7cba77
2-04: 12:16:00:46:5b0 R-COOKIE 4965758a1c833986
2-04: 12:16:00:46:5b0 exchange: Oakley Main Mode
2-04: 12:16:00:46:5b0 flags: 1 ( encrypted )
2-04: 12:16:00:46:5b0 next payload: ID
2-04: 12:16:00:46:5b0 message ID: 00000000
2-04: 12:16:00:46:5b0 Ports S:f401 D:f401
2-04: 12:16:00:46:7ec
2-04: 12:16:00:46:7ec Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:16:00:46:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:16:00:46:7ec I-COOKIE c0ae6fb6fd7cba77
2-04: 12:16:00:46:7ec R-COOKIE 4965758a1c833986
2-04: 12:16:00:46:7ec exchange: ISAKMP Informational Exchange
2-04: 12:16:00:46:7ec flags: 1 ( encrypted )
2-04: 12:16:00:46:7ec next payload: HASH
2-04: 12:16:00:46:7ec message ID: cdececfe
2-04: 12:16:00:46:7ec invalid payload received
2-04: 12:16:00:46:7ec GetPacket failed 3613
2-04: 12:16:32:92:5b0 retransmit exhausted: sa = 0010BD58 centry 00000000, count = 6
2-04: 12:16:32:92:5b0 SA Dead. sa:0010BD58 status:35ed
2-04: 12:16:32:92:5b0 Posting new acquire context e
2-04: 12:16:32:92:5b0 Internal Acquire: op=0000000E src=10.10.1.141.0 dst=10.10.1.231.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 1, TunnelEndpt=10.10.1.231 Inbound TunnelEndpt=10.10.1.141, InitiateEvent=00000000, IKE SrcPort=0 IKE DstPort=0
2-04: 12:16:32:92:5b0 isadb_set_status sa:0010BD58 centry:00000000 status 35ed
2-04: 12:16:32:92:5b0 Modo de troca de chave (Modo principal)
2-04: 12:16:32:92:5b0 Endereço IP de origem 10.10.1.141 Máscara do endereço IP de origem 255.255.255.255 Endereço IP de destino 10.10.1.231 Máscara do endereço IP de destino 255.255.255.255 Protocolo 0 Porta de origem 0 Porta de destino 0 End. local IKE 10.10.1.141 End. IKE de mesmo nível 10.10.1.231
2-04: 12:16:32:92:5b0 Identidade baseada no certificado. Entidade de mesmo nível Impressão digital SHA de mesmo nível 0000000000000000000000000000000000000000 Autoridade de certificação emitente Autoridade de certificação raiz Minha entidade C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br Minha impressão digital SHA 2d16b509f9321a54e03090781b660713fbeb65a0 Endereço IP de mesmo nível: 10.10.1.231
2-04: 12:16:32:92:5b0 Eu
2-04: 12:16:32:92:5b0 Tempo limite da negociação esgotado
2-04: 12:16:32:92:5b0 0x0 0x0
2-04: 12:16:32:92:5b0 constructing ISAKMP Header
2-04: 12:16:32:92:5b0 constructing HASH (null)
2-04: 12:16:32:92:5b0 constructing DELETE. MM 0010BD58
2-04: 12:16:32:92:5b0 constructing HASH (Notify/Delete)
2-04: 12:16:32:92:5b0
2-04: 12:16:32:92:5b0 Sending: SA = 0x0010BD58 to 10.10.1.231:Type 1.500
2-04: 12:16:32:92:5b0 ISAKMP Header: (V1.0), len = 84
2-04: 12:16:32:92:5b0 I-COOKIE c0ae6fb6fd7cba77
2-04: 12:16:32:92:5b0 R-COOKIE 4965758a1c833986
2-04: 12:16:32:92:5b0 exchange: ISAKMP Informational Exchange
2-04: 12:16:32:92:5b0 flags: 1 ( encrypted )
2-04: 12:16:32:92:5b0 next payload: HASH
2-04: 12:16:32:92:5b0 message ID: f67dcfd8
2-04: 12:16:32:92:5b0 Ports S:f401 D:f401
2-04: 12:16:32:92:238
2-04: 12:16:32:92:238 Receive: (get) SA = 0x0010bd58 from 10.10.1.231.500
2-04: 12:16:32:92:238 ISAKMP Header: (V1.0), len = 40
2-04: 12:16:32:92:238 I-COOKIE c0ae6fb6fd7cba77
2-04: 12:16:32:92:238 R-COOKIE 4965758a1c833986
2-04: 12:16:32:92:238 exchange: ISAKMP Informational Exchange
2-04: 12:16:32:92:238 flags: 0
2-04: 12:16:32:92:238 next payload: NOTIFY
2-04: 12:16:32:92:238 message ID: 006d8f67
2-04: 12:16:32:92:238 received an unencrypted packet when crypto active
2-04: 12:16:32:92:238 GetPacket failed 35ec
2-04: 12:16:32:142:7ec Filter to match: Src 10.10.1.231 Dst 10.10.1.141
2-04: 12:16:32:142:7ec MM PolicyName: 11
2-04: 12:16:32:142:7ec MMPolicy dwFlags 2 SoftSAExpireTime 28800
2-04: 12:16:32:142:7ec MMOffer[0] LifetimeSec 28800 QMLimit 1 DHGroup 2
2-04: 12:16:32:142:7ec MMOffer[0] Encrypt: Triplo DES CBC Hash: SHA
2-04: 12:16:32:142:7ec MMOffer[1] LifetimeSec 28800 QMLimit 1 DHGroup 2
2-04: 12:16:32:142:7ec MMOffer[1] Encrypt: Triplo DES CBC Hash: MD5
2-04: 12:16:32:142:7ec MMOffer[2] LifetimeSec 28800 QMLimit 1 DHGroup 1
2-04: 12:16:32:142:7ec MMOffer[2] Encrypt: DES CBC Hash: SHA
2-04: 12:16:32:142:7ec MMOffer[3] LifetimeSec 28800 QMLimit 1 DHGroup 1
2-04: 12:16:32:142:7ec MMOffer[3] Encrypt: DES CBC Hash: MD5
2-04: 12:16:32:142:7ec Auth[0]:RSA Sig C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br AuthFlags 0
2-04: 12:16:32:142:7ec QM PolicyName: Host-roadwarrior filter action dwFlags 1
2-04: 12:16:32:142:7ec QMOffer[0] LifetimeKBytes 50000 LifetimeSec 3600
2-04: 12:16:32:142:7ec QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
2-04: 12:16:32:142:7ec Algo[0] Operation: ESP Algo: Triplo DES CBC HMAC: MD5
2-04: 12:16:32:142:7ec Starting Negotiation: src = 10.10.1.141.0500, dst = 10.10.1.231.0500, proto = 00, context = 0000000E, ProxySrc = 10.10.1.141.0000, ProxyDst = 10.10.1.231.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.255
2-04: 12:16:32:142:7ec constructing ISAKMP Header
2-04: 12:16:32:142:7ec constructing SA (ISAKMP)
2-04: 12:16:32:142:7ec Constructing Vendor MS NT5 ISAKMPOAKLEY
2-04: 12:16:32:142:7ec Constructing Vendor FRAGMENTATION
2-04: 12:16:32:142:7ec Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
2-04: 12:16:32:142:7ec
2-04: 12:16:32:142:7ec Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:16:32:142:7ec ISAKMP Header: (V1.0), len = 256
2-04: 12:16:32:142:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:32:142:7ec R-COOKIE 0000000000000000
2-04: 12:16:32:142:7ec exchange: Oakley Main Mode
2-04: 12:16:32:142:7ec flags: 0
2-04: 12:16:32:142:7ec next payload: SA
2-04: 12:16:32:142:7ec message ID: 00000000
2-04: 12:16:32:142:7ec Ports S:f401 D:f401
2-04: 12:16:32:142:7ec
2-04: 12:16:32:142:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:16:32:142:7ec ISAKMP Header: (V1.0), len = 124
2-04: 12:16:32:142:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:32:142:7ec R-COOKIE 7df1bcba41b279e0
2-04: 12:16:32:142:7ec exchange: Oakley Main Mode
2-04: 12:16:32:142:7ec flags: 0
2-04: 12:16:32:142:7ec next payload: SA
2-04: 12:16:32:142:7ec message ID: 00000000
2-04: 12:16:32:142:7ec processing payload SA
2-04: 12:16:32:142:7ec Received Phase 1 Transform 1
2-04: 12:16:32:142:7ec Encryption Alg Triplo DES CBC(5)
2-04: 12:16:32:142:7ec Hash Alg SHA(2)
2-04: 12:16:32:142:7ec Oakley Group 2
2-04: 12:16:32:142:7ec Auth Method Assinatura RSA com Certificados (3)
2-04: 12:16:32:142:7ec Life type in Seconds
2-04: 12:16:32:142:7ec Life duration of 28800
2-04: 12:16:32:142:7ec Phase 1 SA accepted: transform=1
2-04: 12:16:32:142:7ec SA - Oakley proposal accepted
2-04: 12:16:32:142:7ec processing payload VENDOR ID
2-04: 12:16:32:142:7ec processing payload VENDOR ID
2-04: 12:16:32:142:7ec Received VendorId draft-ietf-ipsec-nat-t-ike-02
2-04: 12:16:32:142:7ec ClearFragList
2-04: 12:16:32:142:7ec constructing ISAKMP Header
2-04: 12:16:32:222:7ec constructing KE
2-04: 12:16:32:222:7ec constructing NONCE (ISAKMP)
2-04: 12:16:32:222:7ec Constructing NatDisc
2-04: 12:16:32:222:7ec
2-04: 12:16:32:222:7ec Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:16:32:222:7ec ISAKMP Header: (V1.0), len = 232
2-04: 12:16:32:222:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:32:222:7ec R-COOKIE 7df1bcba41b279e0
2-04: 12:16:32:222:7ec exchange: Oakley Main Mode
2-04: 12:16:32:222:7ec flags: 0
2-04: 12:16:32:222:7ec next payload: KE
2-04: 12:16:32:222:7ec message ID: 00000000
2-04: 12:16:32:222:7ec Ports S:f401 D:f401
2-04: 12:16:32:242:7ec ClearFragList
2-04: 12:16:32:242:7ec
2-04: 12:16:32:242:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:16:32:242:7ec ISAKMP Header: (V1.0), len = 228
2-04: 12:16:32:242:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:32:242:7ec R-COOKIE 7df1bcba41b279e0
2-04: 12:16:32:242:7ec exchange: Oakley Main Mode
2-04: 12:16:32:242:7ec flags: 0
2-04: 12:16:32:242:7ec next payload: KE
2-04: 12:16:32:242:7ec message ID: 00000000
2-04: 12:16:32:242:7ec processing payload KE
2-04: 12:16:32:262:7ec processing payload NONCE
2-04: 12:16:32:262:7ec processing payload NATDISC
2-04: 12:16:32:262:7ec Processing NatHash
2-04: 12:16:32:262:7ec Nat hash f866bde9f9201d5325692944fe9cdc58
2-04: 12:16:32:262:7ec 3045c00b
2-04: 12:16:32:262:7ec SA StateMask2 f
2-04: 12:16:32:262:7ec processing payload NATDISC
2-04: 12:16:32:262:7ec Processing NatHash
2-04: 12:16:32:262:7ec Nat hash 972d67606363b00c4762bbb64c2e974e
2-04: 12:16:32:262:7ec ff3d76c1
2-04: 12:16:32:262:7ec SA StateMask2 8f
2-04: 12:16:32:262:7ec ClearFragList
2-04: 12:16:32:262:7ec constructing ISAKMP Header
2-04: 12:16:32:262:7ec constructing ID
2-04: 12:16:32:262:7ec Received no valid CRPs. Using all configured
2-04: 12:16:32:262:7ec Looking for IPSec only cert
2-04: 12:16:32:262:7ec Cert Trustes. 0 100
2-04: 12:16:32:262:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
2-04: 12:16:32:262:7ec fbeb65a0
2-04: 12:16:32:262:7ec CertFindExtenstion failed with 0
2-04: 12:16:32:272:7ec Entered CRL check
2-04: 12:16:32:272:7ec Left CRL check
2-04: 12:16:32:272:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
2-04: 12:16:32:272:7ec fbeb65a0
2-04: 12:16:32:272:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br
2-04: 12:16:32:272:7ec Cert Serialnumber 02
2-04: 12:16:32:272:7ec Cert SHA Thumbprint 2d16b509f9321a54e03090781b660713
2-04: 12:16:32:272:7ec fbeb65a0
2-04: 12:16:32:272:7ec SubjectName: C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
2-04: 12:16:32:272:7ec Cert Serialnumber 00
2-04: 12:16:32:272:7ec Cert SHA Thumbprint 3b9b8df006afe6e1c52b6ae783d0776c
2-04: 12:16:32:272:7ec ece1fd71
2-04: 12:16:32:272:7ec Not storing My cert chain in SA.
2-04: 12:16:32:272:7ec MM ID Type 9
2-04: 12:16:32:272:7ec MM ID 308184310b3009060355040613026272
2-04: 12:16:32:272:7ec 3110300e060355040813077061726169
2-04: 12:16:32:272:7ec 6261311430120603550407130b6a6f61
2-04: 12:16:32:272:7ec 6f20706573736f61310e300c06035504
2-04: 12:16:32:272:7ec 0a1305736566696e3116301406035504
2-04: 12:16:32:272:7ec 03130d74657374652e636c69656e7465
2-04: 12:16:32:272:7ec 3125302306092a864886f70d01090116
2-04: 12:16:32:272:7ec 166e6f6272656761737a407961686f6f
2-04: 12:16:32:272:7ec 2e636f6d2e6272
2-04: 12:16:32:272:7ec constructing CERT
2-04: 12:16:32:272:7ec Construct SIG
2-04: 12:16:32:282:7ec Constructing Cert Request
2-04: 12:16:32:282:7ec C=br, S=paraiba, L=joao pessoa, O=sefin, CN=vpn.teste, E=nobregasz at yahoo.com.br
2-04: 12:16:32:282:7ec
2-04: 12:16:32:282:7ec Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:16:32:282:7ec ISAKMP Header: (V1.0), len = 1356
2-04: 12:16:32:282:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:32:282:7ec R-COOKIE 7df1bcba41b279e0
2-04: 12:16:32:282:7ec exchange: Oakley Main Mode
2-04: 12:16:32:282:7ec flags: 1 ( encrypted )
2-04: 12:16:32:282:7ec next payload: ID
2-04: 12:16:32:282:7ec message ID: 00000000
2-04: 12:16:32:282:7ec Ports S:f401 D:f401
2-04: 12:16:32:292:7ec
2-04: 12:16:32:292:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:16:32:292:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:16:32:292:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:32:292:7ec R-COOKIE 7df1bcba41b279e0
2-04: 12:16:32:292:7ec exchange: ISAKMP Informational Exchange
2-04: 12:16:32:292:7ec flags: 1 ( encrypted )
2-04: 12:16:32:292:7ec next payload: HASH
2-04: 12:16:32:292:7ec message ID: 8013ca7d
2-04: 12:16:32:292:7ec invalid payload received
2-04: 12:16:32:292:7ec GetPacket failed 3613
2-04: 12:16:33:94:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 1
2-04: 12:16:33:94:5b0
2-04: 12:16:33:94:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:16:33:94:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:16:33:94:5b0 I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:33:94:5b0 R-COOKIE 7df1bcba41b279e0
2-04: 12:16:33:94:5b0 exchange: Oakley Main Mode
2-04: 12:16:33:94:5b0 flags: 1 ( encrypted )
2-04: 12:16:33:94:5b0 next payload: ID
2-04: 12:16:33:94:5b0 message ID: 00000000
2-04: 12:16:33:94:5b0 Ports S:f401 D:f401
2-04: 12:16:33:94:7ec
2-04: 12:16:33:94:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:16:33:94:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:16:33:94:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:33:94:7ec R-COOKIE 7df1bcba41b279e0
2-04: 12:16:33:94:7ec exchange: ISAKMP Informational Exchange
2-04: 12:16:33:94:7ec flags: 1 ( encrypted )
2-04: 12:16:33:94:7ec next payload: HASH
2-04: 12:16:33:94:7ec message ID: 24332a56
2-04: 12:16:33:94:7ec invalid payload received
2-04: 12:16:33:94:7ec GetPacket failed 3613
2-04: 12:16:35:96:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 2
2-04: 12:16:35:96:5b0
2-04: 12:16:35:96:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:16:35:96:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:16:35:96:5b0 I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:35:96:5b0 R-COOKIE 7df1bcba41b279e0
2-04: 12:16:35:96:5b0 exchange: Oakley Main Mode
2-04: 12:16:35:96:5b0 flags: 1 ( encrypted )
2-04: 12:16:35:96:5b0 next payload: ID
2-04: 12:16:35:96:5b0 message ID: 00000000
2-04: 12:16:35:96:5b0 Ports S:f401 D:f401
2-04: 12:16:35:96:7ec
2-04: 12:16:35:96:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:16:35:96:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:16:35:96:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:35:96:7ec R-COOKIE 7df1bcba41b279e0
2-04: 12:16:35:96:7ec exchange: ISAKMP Informational Exchange
2-04: 12:16:35:96:7ec flags: 1 ( encrypted )
2-04: 12:16:35:96:7ec next payload: HASH
2-04: 12:16:35:96:7ec message ID: 49fa74bd
2-04: 12:16:35:96:7ec invalid payload received
2-04: 12:16:35:96:7ec GetPacket failed 3613
2-04: 12:16:39:102:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 3
2-04: 12:16:39:102:5b0
2-04: 12:16:39:102:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:16:39:102:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:16:39:102:5b0 I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:39:102:5b0 R-COOKIE 7df1bcba41b279e0
2-04: 12:16:39:102:5b0 exchange: Oakley Main Mode
2-04: 12:16:39:102:5b0 flags: 1 ( encrypted )
2-04: 12:16:39:102:5b0 next payload: ID
2-04: 12:16:39:102:5b0 message ID: 00000000
2-04: 12:16:39:102:5b0 Ports S:f401 D:f401
2-04: 12:16:39:102:7ec
2-04: 12:16:39:102:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:16:39:102:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:16:39:102:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:39:102:7ec R-COOKIE 7df1bcba41b279e0
2-04: 12:16:39:102:7ec exchange: ISAKMP Informational Exchange
2-04: 12:16:39:102:7ec flags: 1 ( encrypted )
2-04: 12:16:39:102:7ec next payload: HASH
2-04: 12:16:39:102:7ec message ID: 57fd9b41
2-04: 12:16:39:102:7ec invalid payload received
2-04: 12:16:39:102:7ec GetPacket failed 3613
2-04: 12:16:42:96:7ec
2-04: 12:16:42:96:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:16:42:96:7ec ISAKMP Header: (V1.0), len = 228
2-04: 12:16:42:96:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:42:96:7ec R-COOKIE 7df1bcba41b279e0
2-04: 12:16:42:96:7ec exchange: Oakley Main Mode
2-04: 12:16:42:96:7ec flags: 0
2-04: 12:16:42:96:7ec next payload: KE
2-04: 12:16:42:96:7ec message ID: 00000000
2-04: 12:16:42:96:7ec received an unencrypted packet when crypto active
2-04: 12:16:42:96:7ec GetPacket failed 35ec
2-04: 12:16:47:114:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 4
2-04: 12:16:47:114:5b0
2-04: 12:16:47:114:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:16:47:114:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:16:47:114:5b0 I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:47:114:5b0 R-COOKIE 7df1bcba41b279e0
2-04: 12:16:47:114:5b0 exchange: Oakley Main Mode
2-04: 12:16:47:114:5b0 flags: 1 ( encrypted )
2-04: 12:16:47:114:5b0 next payload: ID
2-04: 12:16:47:114:5b0 message ID: 00000000
2-04: 12:16:47:114:5b0 Ports S:f401 D:f401
2-04: 12:16:47:114:7ec
2-04: 12:16:47:114:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:16:47:114:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:16:47:114:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:16:47:114:7ec R-COOKIE 7df1bcba41b279e0
2-04: 12:16:47:114:7ec exchange: ISAKMP Informational Exchange
2-04: 12:16:47:114:7ec flags: 1 ( encrypted )
2-04: 12:16:47:114:7ec next payload: HASH
2-04: 12:16:47:114:7ec message ID: a714df86
2-04: 12:16:47:114:7ec invalid payload received
2-04: 12:16:47:114:7ec GetPacket failed 3613
2-04: 12:17:02:115:7ec
2-04: 12:17:02:115:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:17:02:115:7ec ISAKMP Header: (V1.0), len = 228
2-04: 12:17:02:115:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:17:02:115:7ec R-COOKIE 7df1bcba41b279e0
2-04: 12:17:02:115:7ec exchange: Oakley Main Mode
2-04: 12:17:02:115:7ec flags: 0
2-04: 12:17:02:115:7ec next payload: KE
2-04: 12:17:02:115:7ec message ID: 00000000
2-04: 12:17:02:115:7ec received an unencrypted packet when crypto active
2-04: 12:17:02:115:7ec GetPacket failed 35ec
2-04: 12:17:03:137:5b0 retransmit: sa = 0013F460 centry 00000000 , count = 5
2-04: 12:17:03:137:5b0
2-04: 12:17:03:137:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 2.500
2-04: 12:17:03:137:5b0 ISAKMP Header: (V1.0), len = 1356
2-04: 12:17:03:137:5b0 I-COOKIE 86245ea1e95cc5ef
2-04: 12:17:03:137:5b0 R-COOKIE 7df1bcba41b279e0
2-04: 12:17:03:137:5b0 exchange: Oakley Main Mode
2-04: 12:17:03:137:5b0 flags: 1 ( encrypted )
2-04: 12:17:03:137:5b0 next payload: ID
2-04: 12:17:03:137:5b0 message ID: 00000000
2-04: 12:17:03:137:5b0 Ports S:f401 D:f401
2-04: 12:17:03:137:7ec
2-04: 12:17:03:137:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:17:03:137:7ec ISAKMP Header: (V1.0), len = 68
2-04: 12:17:03:137:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:17:03:137:7ec R-COOKIE 7df1bcba41b279e0
2-04: 12:17:03:137:7ec exchange: ISAKMP Informational Exchange
2-04: 12:17:03:137:7ec flags: 1 ( encrypted )
2-04: 12:17:03:137:7ec next payload: HASH
2-04: 12:17:03:137:7ec message ID: 7fbd2ed3
2-04: 12:17:03:137:7ec invalid payload received
2-04: 12:17:03:137:7ec GetPacket failed 3613
2-04: 12:17:35:183:5b0 retransmit exhausted: sa = 0013F460 centry 00000000, count = 6
2-04: 12:17:35:183:5b0 SA Dead. sa:0013F460 status:35ed
2-04: 12:17:35:183:5b0 isadb_set_status sa:0013F460 centry:00000000 status 35ed
2-04: 12:17:35:183:5b0 Modo de troca de chave (Modo principal)
2-04: 12:17:35:183:5b0 Endereço IP de origem 10.10.1.141 Máscara do endereço IP de origem 255.255.255.255 Endereço IP de destino 10.10.1.231 Máscara do endereço IP de destino 255.255.255.255 Protocolo 0 Porta de origem 0 Porta de destino 0 End. local IKE 10.10.1.141 End. IKE de mesmo nível 10.10.1.231
2-04: 12:17:35:183:5b0 Identidade baseada no certificado. Entidade de mesmo nível Impressão digital SHA de mesmo nível 0000000000000000000000000000000000000000 Autoridade de certificação emitente Autoridade de certificação raiz Minha entidade C=br, S=paraiba, L=joao pessoa, O=sefin, CN=teste.cliente, E=nobregasz at yahoo.com.br Minha impressão digital SHA 2d16b509f9321a54e03090781b660713fbeb65a0 Endereço IP de mesmo nível: 10.10.1.231
2-04: 12:17:35:183:5b0 Eu
2-04: 12:17:35:183:5b0 Tempo limite da negociação esgotado
2-04: 12:17:35:183:5b0 0x0 0x0
2-04: 12:17:35:183:5b0 constructing ISAKMP Header
2-04: 12:17:35:183:5b0 constructing HASH (null)
2-04: 12:17:35:183:5b0 constructing DELETE. MM 0013F460
2-04: 12:17:35:183:5b0 constructing HASH (Notify/Delete)
2-04: 12:17:35:183:5b0
2-04: 12:17:35:183:5b0 Sending: SA = 0x0013F460 to 10.10.1.231:Type 1.500
2-04: 12:17:35:183:5b0 ISAKMP Header: (V1.0), len = 84
2-04: 12:17:35:183:5b0 I-COOKIE 86245ea1e95cc5ef
2-04: 12:17:35:183:5b0 R-COOKIE 7df1bcba41b279e0
2-04: 12:17:35:183:5b0 exchange: ISAKMP Informational Exchange
2-04: 12:17:35:183:5b0 flags: 1 ( encrypted )
2-04: 12:17:35:183:5b0 next payload: HASH
2-04: 12:17:35:183:5b0 message ID: 178f623e
2-04: 12:17:35:183:5b0 Ports S:f401 D:f401
2-04: 12:17:35:183:7ec
2-04: 12:17:35:183:7ec Receive: (get) SA = 0x0013f460 from 10.10.1.231.500
2-04: 12:17:35:183:7ec ISAKMP Header: (V1.0), len = 40
2-04: 12:17:35:183:7ec I-COOKIE 86245ea1e95cc5ef
2-04: 12:17:35:183:7ec R-COOKIE 7df1bcba41b279e0
2-04: 12:17:35:183:7ec exchange: ISAKMP Informational Exchange
2-04: 12:17:35:183:7ec flags: 0
2-04: 12:17:35:183:7ec next payload: NOTIFY
2-04: 12:17:35:183:7ec message ID: 5ddc9bb5
2-04: 12:17:35:183:7ec received an unencrypted packet when crypto active
2-04: 12:17:35:183:7ec GetPacket failed 35ec
2-04: 12:18:02:252:7ec ClearFragList
2-04: 12:21:26:806:b8 isadb_schedule_kill_oldPolicy_sas: 30f733f0-3cc2-4907-b8aa13e9f9103681 4
2-04: 12:21:26:806:b8 isadb_schedule_kill_oldPolicy_sas: ee531cf2-378f-492c-802f425506f6ff51 4
2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 31d70ce2-a3d7-473b-bb569269a9418d56 3
2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 5eae223a-9c0e-4166-9f924a18948eef9b 3
2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: d12c1e4c-5ec0-469a-91bf313c3bf24442 3
2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 985f168b-74e2-4c8a-97c77e755dd4d7c1 3
2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 70d08237-45fb-4c06-8b0fc1addcf5fa38 1
2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 8cb0bbd7-2a59-43f1-abe33455af576b4f 2
2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 330a0ad2-3e89-432a-a1138726fb999498 2
2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: 3a246cb4-b2c4-46cc-9afcedd95d2225ad 2
2-04: 12:21:26:816:b8 isadb_schedule_kill_oldPolicy_sas: cf5d5d18-3337-4670-a5a9e985d8bfbb3c 2
2-04: 12:21:26:826:7ec entered kill_old_policy_sas 4
2-04: 12:21:26:826:7ec entered kill_old_policy_sas 4
2-04: 12:21:26:826:7ec entered kill_old_policy_sas 3
2-04: 12:21:26:826:7ec entered kill_old_policy_sas 3
2-04: 12:21:26:826:7ec entered kill_old_policy_sas 3
2-04: 12:21:26:826:7ec entered kill_old_policy_sas 3
2-04: 12:21:26:826:7ec entered kill_old_policy_sas 1
2-04: 12:21:26:826:7ec entered kill_old_policy_sas 2
2-04: 12:21:26:826:7ec entered kill_old_policy_sas 2
2-04: 12:21:26:826:7ec entered kill_old_policy_sas 2
2-04: 12:21:26:826:7ec entered kill_old_policy_sas 2
------------------------------------------------------------------------
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT esp -- anywhere anywhere
LOG esp -- anywhere anywhere LOG level warning
ACCEPT ah -- anywhere anywhere
LOG ah -- anywhere anywhere LOG level warning
ACCEPT udp -- anywhere anywhere udp spt:500 dpt:500
LOG udp -- anywhere anywhere udp spt:500 dpt:500 LOG level warning
ACCEPT udp -- anywhere anywhere udp dpt:4500
LOG udp -- anywhere anywhere udp dpt:4500 LOG level warning
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
LOG ah -- anywhere anywhere LOG level warning
ACCEPT ah -- anywhere anywhere
ACCEPT esp -- anywhere anywhere
LOG esp -- anywhere anywhere LOG level warning
LOG udp -- anywhere anywhere udp spt:500 dpt:500 LOG level warning
ACCEPT udp -- anywhere anywhere udp spt:500 dpt:500
LOG udp -- anywhere anywhere udp spt:4500 LOG level warning
ACCEPT udp -- anywhere anywhere udp spt:4500
------------------------------------------------------------------------
Feb 4 12:03:16 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=68 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=48
Feb 4 12:08:05 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=152 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=132
Feb 4 12:08:05 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=256 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=236
Feb 4 12:08:05 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=76
Feb 4 12:08:13 vpn last message repeated 3 times
Feb 4 12:08:15 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=256 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=236
Feb 4 12:08:21 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=76
Feb 4 12:08:35 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=256 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=236
Feb 4 12:08:37 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=76
Feb 4 12:09:09 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=68 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=48
Feb 4 12:09:09 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=152 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=132
Feb 4 12:09:09 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=256 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=236
Feb 4 12:09:09 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=76
Feb 4 12:09:16 vpn last message repeated 3 times
Feb 4 12:09:19 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=256 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=236
Feb 4 12:09:24 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=76
Feb 4 12:09:39 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=256 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=236
Feb 4 12:09:40 vpn kernel: IN= OUT=eth0 SRC=10.10.1.231 DST=10.10.1.141 LEN=96 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=500 DPT=500 LEN=76
------------------------------------------------------------------------
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan 2.3.0 (klips)
Checking for IPsec support in kernel [OK]
Checking for RSA private key (/etc/ipsec.secrets) [FAILED]
ipsec showhostkey: no default key in "/etc/ipsec.secrets"
Checking that pluto is running [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing [OK]
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
Opportunistic Encryption DNS checks:
Looking for TXT in forward dns zone: vpn [MISSING]
vpn.sre.pb.gov.br does not exist (Authoritative answer)
Does the machine have at least one non-private address? [FAILED]
------------------------------------------------------------------------
conn roadwarrior
left=%any
right=10.10.1.231
rightca="C=br,ST=paraiba,L=joao pessoa,O=sefin,CN=vpn.teste,Email=nobregasz at yahoo.com.br"
network=auto
auto=start
pfs=yes
conn roadwarrior-net
left=%any
right=10.10.1.231
rightsubnet=192.168.0.0/255.255.255.0
rightca="C=br,ST=paraiba,L=joao pessoa,O=sefin,CN=vpn.teste,Email=nobregasz at yahoo.com.br"
network=auto
auto=start
pfs=yes
More information about the Users
mailing list