[Openswan Users] L2TP/IPsec VPN server with Windows 2000/XP
Daniel Fitzner
t-systems-fitz at web.de
Thu Feb 10 14:45:48 CET 2005
Hello guys,
I want to setup following scenario:
(XP-Client 192.168.2.2) -> (192.168.2.1 Router 192.168.1.2) -> (192.168.1.1 OPENSWAN with L2TPD 192.168.3.1) ->INTERNEL_NET
I used following document: http://www.jacco2.dds.nl/networking/freeswan-l2tp.html.
My client is an xp-client with SP2, openswan is in version 2.3.0.
If I use PSK then everything works fine, the ipsec tunnel is established and also the l2tp-connection.
But now I want to use x509 certificates. For this I used the document: http://www.natecarlson.com/linux/ipsec-x509.php.
Unfortunately this doesn't work for me, I have some strange problems.
Here are my configs:
ipsec.conf at openswan-server:
# basic configuration
config setup
# Debug-logging controls: "none" for (almost) none, "all" for lots.
klipsdebug=none
plutodebug=all
# Add connections here
conn L2TP-PSK-orgWIN2KXP
# RSA
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
# kein Perfect Forward Secrecy
pfs=no
# Gateway
left=192.168.1.1
leftcert=ipsec-server.pem
leftprotoport=17/1701
right=%any
rightcert=ipsec-client.pem
rightprotoport=17/1701
# wait for connection
auto=add
keyingtries=3
ipsec.secrets at openswan-server:
: RSA ipsec-server.key "XXXXX"
ipsec.conf at xp-client for Marcus Müller's ipsec.exe utility from http://vpn.ebootis.de
conn L2TP-PSK-orgWIN2KXP
left=%any
right=192.168.1.1
rightca="C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-ca"
network=auto
auto=start
pfs=no
In my logfile I see, that the IPSEC-Connection is established:
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[1] 192.168.2.2 #1: responding to Main Mode from unknown peer 192.168.2.2
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[1] 192.168.2.2 #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[1] 192.168.2.2 #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[1] 192.168.2.2 #1: Main mode peer ID is ID_DER_ASN1_DN: 'C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client'
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: deleting connection "L2TP-PSK-orgWIN2KXP" instance with peer 192.168.2.2 {isakmp=#0/ipsec=#0}
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: I am sending my cert
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sent MR3, ISAKMP SA established
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: responding to Quick Mode
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: route-host output: /usr/local/lib/ipsec/_updown: doroute `ip route add 192.168.2.2/32 via 192.168.2.2 dev ipsec0 ' failed (RTNETLINK answers: Network is unreachable)
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: IPsec SA established {ESP=>0xb7cba849 <0xe8a9345e}
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: cannot respond to IPsec SA request because no connection is known for 192.168.1.1[C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-server]...192.168.2.2[C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client]
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_ID_INFORMATION to 192.168.2.2:500
Feb 10 13:43:54 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xba749525 (perhaps this is a duplicated packet)
Feb 10 13:43:54 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.2.2:500
Feb 10 13:43:57 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xba749525 (perhaps this is a duplicated packet)
Feb 10 13:43:57 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.2.2:500
If I enable debugging for pluto I see some more informations after the SA is established:
Feb 10 12:34:02 freeswan pluto[4689]: | trusted_ca called with a=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-ca b=(empty)
Feb 10 12:34:02 freeswan pluto[4689]: | executing prepare-host: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='prepare-host' PLUTO_CONNECTION='L2TP-PSK-orgWIN2KXP' PLUTO_NEXT_HOP='192.168.2.2' PLUTO_INTERFACE='ipsec0' PLUTO_ME='192.168.1.1' PLUTO_MY_ID='C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-server' PLUTO_MY_CLIENT='192.168.1.1/32' PLUTO_MY_CLIENT_NET='192.168.1.1' PLUTO_MY_CLIENT_MASK='255.255.255.255' PLUTO_MY_PORT='1701' PLUTO_MY_PROTOCOL='17' PLUTO_PEER='192.168.2.2' PLUTO_PEER_ID='C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client' PLUTO_PEER_CLIENT='192.168.2.2/32' PLUTO_PEER_CLIENT_NET='192.168.2.2' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='1701' PLUTO_PEER_PROTOCOL='17' PLUTO_PEER_CA='C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-ca' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL' ipsec _updown
Feb 10 12:34:02 freeswan pluto[4689]: | trusted_ca called with a=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-ca b=(empty)
Feb 10 12:34:02 freeswan pluto[4689]: | executing route-host: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='route-host' PLUTO_CONNECTION='L2TP-PSK-orgWIN2KXP' PLUTO_NEXT_HOP='192.168.2.2' PLUTO_INTERFACE='ipsec0' PLUTO_ME='192.168.1.1' PLUTO_MY_ID='C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-server' PLUTO_MY_CLIENT='192.168.1.1/32' PLUTO_MY_CLIENT_NET='192.168.1.1' PLUTO_MY_CLIENT_MASK='255.255.255.255' PLUTO_MY_PORT='1701' PLUTO_MY_PROTOCOL='17' PLUTO_PEER='192.168.2.2' PLUTO_PEER_ID='C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client' PLUTO_PEER_CLIENT='192.168.2.2/32' PLUTO_PEER_CLIENT_NET='192.168.2.2' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='1701' PLUTO_PEER_PROTOCOL='17' PLUTO_PEER_CA='C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-ca' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL' ipsec _updown
Feb 10 12:34:03 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: route-host output: /usr/local/lib/ipsec/_updown: doroute `ip route add 192.168.2.2/32 via 192.168.2.2 dev ipsec0 ' failed (RTNETLINK answers: Network is unreachable)
Feb 10 12:34:03 freeswan pluto[4689]: | route_and_eroute: instance "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2, setting eroute_owner {spd=0x80ff674,sr=0x80ff674} to #2 (was #0) (newest_ipsec_sa=#0)
Feb 10 12:34:03 freeswan pluto[4689]: | inI2: instance L2TP-PSK-orgWIN2KXP[2], setting newest_ipsec_sa to #2 (was #0) (spd.eroute=#2)
Feb 10 12:34:03 freeswan pluto[4689]: | complete state transition with STF_OK
Feb 10 12:34:03 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Feb 10 12:34:03 freeswan pluto[4689]: | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #2
Feb 10 12:34:03 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: IPsec SA established {ESP=>0x1ffee417 <0xa2b318ef}
Feb 10 12:34:03 freeswan pluto[4689]: | modecfg pull: noquirk policy:push not-client
Feb 10 12:34:03 freeswan pluto[4689]: | phase 1 is done, looking for phase 1 to unpend
Feb 10 12:34:03 freeswan pluto[4689]: | next event EVENT_SHUNT_SCAN in 20 seconds
Feb 10 12:34:03 freeswan pluto[4689]: |
Feb 10 12:34:03 freeswan pluto[4689]: | *received 164 bytes from 192.168.2.2:500 on eth1
Feb 10 12:34:03 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32 eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:03 freeswan pluto[4689]: | 08 10 20 01 e0 77 0e 12 00 00 00 a4 79 db 45 bf
Feb 10 12:34:03 freeswan pluto[4689]: | 6a da 84 d1 31 0e 5c 40 fd 73 35 cc 2d 21 ff 6b
Feb 10 12:34:03 freeswan pluto[4689]: | e4 8b cf c0 aa ce 99 d7 09 41 d5 26 ef 6b 37 9c
Feb 10 12:34:03 freeswan pluto[4689]: | 6e 7b b7 8b e4 ab dd 2b 5d f4 d4 93 31 60 75 35
Feb 10 12:34:03 freeswan pluto[4689]: | 8d 7a 61 1b 63 13 22 30 c8 ea 0d 51 eb f5 dc 99
Feb 10 12:34:03 freeswan pluto[4689]: | 5d 6c 3d 61 7e c3 b3 e6 5f 37 cd 87 c9 59 35 d3
Feb 10 12:34:03 freeswan pluto[4689]: | 48 cd 69 e1 89 bd 1c 29 b4 9c 2e 8c d7 7d 89 98
Feb 10 12:34:03 freeswan pluto[4689]: | 78 01 e3 25 85 6b 82 f8 a5 4b 96 fa af 35 c8 89
Feb 10 12:34:03 freeswan pluto[4689]: | 19 e6 16 1f 5c 23 4f 8e dc 63 d0 f3 05 d9 ea 12
Feb 10 12:34:03 freeswan pluto[4689]: | 37 30 9d 41
Feb 10 12:34:03 freeswan pluto[4689]: | **parse ISAKMP Message:
Feb 10 12:34:03 freeswan pluto[4689]: | initiator cookie:
Feb 10 12:34:03 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:03 freeswan pluto[4689]: | responder cookie:
Feb 10 12:34:03 freeswan pluto[4689]: | eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:03 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:03 freeswan pluto[4689]: | ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:03 freeswan pluto[4689]: | exchange type: ISAKMP_XCHG_QUICK
Feb 10 12:34:03 freeswan pluto[4689]: | flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:03 freeswan pluto[4689]: | message ID: e0 77 0e 12
Feb 10 12:34:03 freeswan pluto[4689]: | length: 164
Feb 10 12:34:03 freeswan pluto[4689]: | ICOOKIE: 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:03 freeswan pluto[4689]: | RCOOKIE: eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:03 freeswan pluto[4689]: | peer: c0 a8 02 02
Feb 10 12:34:03 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:03 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid e0770e12 vs d8191da2
Feb 10 12:34:03 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid e0770e12 vs 00000000
Feb 10 12:34:03 freeswan pluto[4689]: | state object not found
Feb 10 12:34:03 freeswan pluto[4689]: | ICOOKIE: 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:03 freeswan pluto[4689]: | RCOOKIE: eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:03 freeswan pluto[4689]: | peer: c0 a8 02 02
Feb 10 12:34:03 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:03 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid 00000000 vs d8191da2
Feb 10 12:34:03 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Feb 10 12:34:03 freeswan pluto[4689]: | state object #1 found, in STATE_MAIN_R3
Feb 10 12:34:03 freeswan pluto[4689]: | last Phase 1 IV: 45 d1 28 b2 42 55 80 05
Feb 10 12:34:03 freeswan pluto[4689]: | last Phase 1 IV: 45 d1 28 b2 42 55 80 05
Feb 10 12:34:03 freeswan pluto[4689]: | computed Phase 2 IV:
Feb 10 12:34:03 freeswan pluto[4689]: | 35 54 fe 27 0d eb 86 b4 fc 92 f5 be 45 18 7d 44
Feb 10 12:34:03 freeswan pluto[4689]: | d2 60 de b7
Feb 10 12:34:03 freeswan pluto[4689]: | received encrypted packet from 192.168.2.2:500
Feb 10 12:34:03 freeswan pluto[4689]: | decrypting 136 bytes using algorithm OAKLEY_3DES_CBC
Feb 10 12:34:03 freeswan pluto[4689]: | decrypted:
Feb 10 12:34:03 freeswan pluto[4689]: | 01 00 00 18 91 3e 04 ba 9e f9 bc df 07 98 0e ee
Feb 10 12:34:03 freeswan pluto[4689]: | 11 ff 5e 1a 6a 44 8b 7a 0a 00 00 40 00 00 00 01
Feb 10 12:34:03 freeswan pluto[4689]: | 00 00 00 01 00 00 00 34 01 03 04 01 28 fb 35 e9
Feb 10 12:34:03 freeswan pluto[4689]: | 00 00 00 28 01 03 00 00 80 01 00 01 00 02 00 04
Feb 10 12:34:03 freeswan pluto[4689]: | 00 00 0e 10 80 01 00 02 00 02 00 04 00 00 c3 50
Feb 10 12:34:03 freeswan pluto[4689]: | 80 04 00 01 80 05 00 01 05 00 00 18 4d 0d 15 9b
Feb 10 12:34:03 freeswan pluto[4689]: | 5b ec 9d 6c ee ce 42 3e 7f 54 00 9b a8 1c 28 86
Feb 10 12:34:03 freeswan pluto[4689]: | 05 00 00 0c 01 00 00 00 c0 a8 02 02 00 00 00 0c
Feb 10 12:34:03 freeswan pluto[4689]: | 01 00 00 00 c0 a8 01 01
Feb 10 12:34:03 freeswan pluto[4689]: | next IV: 05 d9 ea 12 37 30 9d 41
Feb 10 12:34:03 freeswan pluto[4689]: | ***parse ISAKMP Hash Payload:
Feb 10 12:34:03 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_SA
Feb 10 12:34:03 freeswan pluto[4689]: | length: 24
Feb 10 12:34:03 freeswan pluto[4689]: | ***parse ISAKMP Security Association Payload:
Feb 10 12:34:03 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_NONCE
Feb 10 12:34:03 freeswan pluto[4689]: | length: 64
Feb 10 12:34:03 freeswan pluto[4689]: | DOI: ISAKMP_DOI_IPSEC
Feb 10 12:34:03 freeswan pluto[4689]: | ***parse ISAKMP Nonce Payload:
Feb 10 12:34:03 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_ID
Feb 10 12:34:03 freeswan pluto[4689]: | length: 24
Feb 10 12:34:03 freeswan pluto[4689]: | ***parse ISAKMP Identification Payload (IPsec DOI):
Feb 10 12:34:03 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_ID
Feb 10 12:34:03 freeswan pluto[4689]: | length: 12
Feb 10 12:34:03 freeswan pluto[4689]: | ID type: ID_IPV4_ADDR
Feb 10 12:34:03 freeswan pluto[4689]: | Protocol ID: 0
Feb 10 12:34:03 freeswan pluto[4689]: | port: 0
Feb 10 12:34:03 freeswan pluto[4689]: | ***parse ISAKMP Identification Payload (IPsec DOI):
Feb 10 12:34:03 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_NONE
Feb 10 12:34:03 freeswan pluto[4689]: | length: 12
Feb 10 12:34:03 freeswan pluto[4689]: | ID type: ID_IPV4_ADDR
Feb 10 12:34:03 freeswan pluto[4689]: | Protocol ID: 0
Feb 10 12:34:03 freeswan pluto[4689]: | port: 0
Feb 10 12:34:03 freeswan pluto[4689]: | HASH(1) computed:
Feb 10 12:34:03 freeswan pluto[4689]: | 91 3e 04 ba 9e f9 bc df 07 98 0e ee 11 ff 5e 1a
Feb 10 12:34:03 freeswan pluto[4689]: | 6a 44 8b 7a
Feb 10 12:34:03 freeswan pluto[4689]: | peer client is 192.168.2.2
Feb 10 12:34:03 freeswan pluto[4689]: | peer client protocol/port is 0/0
Feb 10 12:34:03 freeswan pluto[4689]: | our client is 192.168.1.1
Feb 10 12:34:03 freeswan pluto[4689]: | our client protocol/port is 0/0
Feb 10 12:34:03 freeswan pluto[4689]: | find_client_connection starting with L2TP-PSK-orgWIN2KXP
Feb 10 12:34:03 freeswan pluto[4689]: | looking for 192.168.1.1/32:0/0 -> 192.168.2.2/32:0/0
Feb 10 12:34:03 freeswan pluto[4689]: | concrete checking against sr#0 192.168.1.1/32 -> 192.168.2.2/32
Feb 10 12:34:03 freeswan pluto[4689]: | match_id a=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client b=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client
Feb 10 12:34:03 freeswan pluto[4689]: | match_id called with a=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client b=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client
Feb 10 12:34:03 freeswan pluto[4689]: | trusted_ca called with a=(empty) b=(empty)
Feb 10 12:34:03 freeswan pluto[4689]: | fc_try concluding with none [0]
Feb 10 12:34:03 freeswan pluto[4689]: | fc_try L2TP-PSK-orgWIN2KXP gives none
Feb 10 12:34:03 freeswan pluto[4689]: | checking hostpair 192.168.1.1/32 -> 192.168.2.2/32 is found
Feb 10 12:34:03 freeswan pluto[4689]: | match_id a=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client b=(none)
Feb 10 12:34:03 freeswan pluto[4689]: | trusted_ca called with a=(empty) b=(empty)
Feb 10 12:34:03 freeswan pluto[4689]: | fc_try concluding with none [0]
Feb 10 12:34:03 freeswan pluto[4689]: | match_id a=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client b=(none)
Feb 10 12:34:03 freeswan pluto[4689]: | trusted_ca called with a=(empty) b=(empty)
Feb 10 12:34:03 freeswan pluto[4689]: | fc_try_oppo concluding with none [0]
Feb 10 12:34:03 freeswan pluto[4689]: | concluding with d = none
Feb 10 12:34:03 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: cannot respond to IPsec SA request because no connection is known for 192.168.1.1[C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-server]...192.168.2.2[C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client]
Feb 10 12:34:03 freeswan pluto[4689]: | complete state transition with (null)
Feb 10 12:34:03 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_ID_INFORMATION to 192.168.2.2:500
Feb 10 12:34:03 freeswan pluto[4689]: | **emit ISAKMP Message:
Feb 10 12:34:03 freeswan pluto[4689]: | initiator cookie:
Feb 10 12:34:03 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:03 freeswan pluto[4689]: | responder cookie:
Feb 10 12:34:03 freeswan pluto[4689]: | eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:03 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:03 freeswan pluto[4689]: | ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:03 freeswan pluto[4689]: | exchange type: ISAKMP_XCHG_INFO
Feb 10 12:34:03 freeswan pluto[4689]: | flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:03 freeswan pluto[4689]: | message ID: 2e f4 5a 2f
Feb 10 12:34:03 freeswan pluto[4689]: | ***emit ISAKMP Hash Payload:
Feb 10 12:34:03 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_N
Feb 10 12:34:03 freeswan pluto[4689]: | emitting 20 zero bytes of HASH(1) into ISAKMP Hash Payload
Feb 10 12:34:03 freeswan pluto[4689]: | emitting length of ISAKMP Hash Payload: 24
Feb 10 12:34:03 freeswan pluto[4689]: | ***emit ISAKMP Notification Payload:
Feb 10 12:34:03 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_NONE
Feb 10 12:34:03 freeswan pluto[4689]: | DOI: ISAKMP_DOI_IPSEC
Feb 10 12:34:04 freeswan pluto[4689]: | protocol ID: 1
Feb 10 12:34:04 freeswan pluto[4689]: | SPI size: 0
Feb 10 12:34:04 freeswan pluto[4689]: | Notify Message Type: INVALID_ID_INFORMATION
Feb 10 12:34:04 freeswan pluto[4689]: | emitting 0 raw bytes of spi into ISAKMP Notification Payload
Feb 10 12:34:04 freeswan pluto[4689]: | spi
Feb 10 12:34:04 freeswan pluto[4689]: | emitting length of ISAKMP Notification Payload: 12
Feb 10 12:34:04 freeswan pluto[4689]: | HASH(1) computed:
Feb 10 12:34:04 freeswan pluto[4689]: | 27 fe d1 c8 58 af f9 37 2b 5a fe 2e dd 42 7a a8
Feb 10 12:34:04 freeswan pluto[4689]: | 05 4d d4 4e
Feb 10 12:34:04 freeswan pluto[4689]: | last Phase 1 IV: 45 d1 28 b2 42 55 80 05
Feb 10 12:34:04 freeswan pluto[4689]: | last Phase 1 IV: 45 d1 28 b2 42 55 80 05
Feb 10 12:34:04 freeswan pluto[4689]: | computed Phase 2 IV:
Feb 10 12:34:04 freeswan pluto[4689]: | e8 86 b3 0a 57 51 41 70 37 8e 7b 7b f4 7e 76 0c
Feb 10 12:34:04 freeswan pluto[4689]: | 63 60 c3 d9
Feb 10 12:34:04 freeswan pluto[4689]: | encrypting:
Feb 10 12:34:04 freeswan pluto[4689]: | 0b 00 00 18 27 fe d1 c8 58 af f9 37 2b 5a fe 2e
Feb 10 12:34:04 freeswan pluto[4689]: | dd 42 7a a8 05 4d d4 4e 00 00 00 0c 00 00 00 01
Feb 10 12:34:04 freeswan pluto[4689]: | 01 00 00 12
Feb 10 12:34:04 freeswan pluto[4689]: | emitting 4 zero bytes of encryption padding into ISAKMP Message
Feb 10 12:34:04 freeswan pluto[4689]: | encrypting using OAKLEY_3DES_CBC
Feb 10 12:34:04 freeswan pluto[4689]: | next IV: 52 2b a0 da 54 90 7c fb
Feb 10 12:34:04 freeswan pluto[4689]: | emitting length of ISAKMP Message: 68
Feb 10 12:34:04 freeswan pluto[4689]: | sending 68 bytes for notification packet through eth1 to 192.168.2.2:500:
Feb 10 12:34:04 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32 eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: | 08 10 05 01 2e f4 5a 2f 00 00 00 44 cc 87 cf 50
Feb 10 12:34:04 freeswan pluto[4689]: | 8e 50 6f 26 95 f9 c6 3e 83 19 8d 06 a6 5e 57 18
Feb 10 12:34:04 freeswan pluto[4689]: | 8d f3 bd 75 8b ff e5 f6 81 d0 cb e7 52 2b a0 da
Feb 10 12:34:04 freeswan pluto[4689]: | 54 90 7c fb
Feb 10 12:34:04 freeswan pluto[4689]: | state transition function for STATE_QUICK_R0 failed: INVALID_ID_INFORMATION
Feb 10 12:34:04 freeswan pluto[4689]: | next event EVENT_SHUNT_SCAN in 19 seconds
Feb 10 12:34:04 freeswan pluto[4689]: |
Feb 10 12:34:04 freeswan pluto[4689]: | *received 164 bytes from 192.168.2.2:500 on eth1
Feb 10 12:34:04 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32 eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: | 08 10 20 01 e0 77 0e 12 00 00 00 a4 79 db 45 bf
Feb 10 12:34:04 freeswan pluto[4689]: | 6a da 84 d1 31 0e 5c 40 fd 73 35 cc 2d 21 ff 6b
Feb 10 12:34:04 freeswan pluto[4689]: | e4 8b cf c0 aa ce 99 d7 09 41 d5 26 ef 6b 37 9c
Feb 10 12:34:04 freeswan pluto[4689]: | 6e 7b b7 8b e4 ab dd 2b 5d f4 d4 93 31 60 75 35
Feb 10 12:34:04 freeswan pluto[4689]: | 8d 7a 61 1b 63 13 22 30 c8 ea 0d 51 eb f5 dc 99
Feb 10 12:34:04 freeswan pluto[4689]: | 5d 6c 3d 61 7e c3 b3 e6 5f 37 cd 87 c9 59 35 d3
Feb 10 12:34:04 freeswan pluto[4689]: | 48 cd 69 e1 89 bd 1c 29 b4 9c 2e 8c d7 7d 89 98
Feb 10 12:34:04 freeswan pluto[4689]: | 78 01 e3 25 85 6b 82 f8 a5 4b 96 fa af 35 c8 89
Feb 10 12:34:04 freeswan pluto[4689]: | 19 e6 16 1f 5c 23 4f 8e dc 63 d0 f3 05 d9 ea 12
Feb 10 12:34:04 freeswan pluto[4689]: | 37 30 9d 41
Feb 10 12:34:04 freeswan pluto[4689]: | **parse ISAKMP Message:
Feb 10 12:34:04 freeswan pluto[4689]: | initiator cookie:
Feb 10 12:34:04 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:04 freeswan pluto[4689]: | responder cookie:
Feb 10 12:34:04 freeswan pluto[4689]: | eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:04 freeswan pluto[4689]: | ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:04 freeswan pluto[4689]: | exchange type: ISAKMP_XCHG_QUICK
Feb 10 12:34:04 freeswan pluto[4689]: | flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:04 freeswan pluto[4689]: | message ID: e0 77 0e 12
Feb 10 12:34:04 freeswan pluto[4689]: | length: 164
Feb 10 12:34:04 freeswan pluto[4689]: | ICOOKIE: 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:04 freeswan pluto[4689]: | RCOOKIE: eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: | peer: c0 a8 02 02
Feb 10 12:34:04 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:04 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid e0770e12 vs d8191da2
Feb 10 12:34:04 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid e0770e12 vs 00000000
Feb 10 12:34:04 freeswan pluto[4689]: | state object not found
Feb 10 12:34:04 freeswan pluto[4689]: | ICOOKIE: 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:04 freeswan pluto[4689]: | RCOOKIE: eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: | peer: c0 a8 02 02
Feb 10 12:34:04 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:04 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid 00000000 vs d8191da2
Feb 10 12:34:04 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Feb 10 12:34:04 freeswan pluto[4689]: | state object #1 found, in STATE_MAIN_R3
Feb 10 12:34:04 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x120e77e0 (perhaps this is a duplicated packet)
Feb 10 12:34:04 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.2.2:500
Feb 10 12:34:04 freeswan pluto[4689]: | **emit ISAKMP Message:
Feb 10 12:34:04 freeswan pluto[4689]: | initiator cookie:
Feb 10 12:34:04 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:04 freeswan pluto[4689]: | responder cookie:
Feb 10 12:34:04 freeswan pluto[4689]: | eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:04 freeswan pluto[4689]: | ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:04 freeswan pluto[4689]: | exchange type: ISAKMP_XCHG_INFO
Feb 10 12:34:04 freeswan pluto[4689]: | flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:04 freeswan pluto[4689]: | message ID: 14 a3 55 75
Feb 10 12:34:04 freeswan pluto[4689]: | ***emit ISAKMP Hash Payload:
Feb 10 12:34:04 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_N
Feb 10 12:34:04 freeswan pluto[4689]: | emitting 20 zero bytes of HASH(1) into ISAKMP Hash Payload
Feb 10 12:34:04 freeswan pluto[4689]: | emitting length of ISAKMP Hash Payload: 24
Feb 10 12:34:04 freeswan pluto[4689]: | ***emit ISAKMP Notification Payload:
Feb 10 12:34:04 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_NONE
Feb 10 12:34:04 freeswan pluto[4689]: | DOI: ISAKMP_DOI_IPSEC
Feb 10 12:34:04 freeswan pluto[4689]: | protocol ID: 1
Feb 10 12:34:04 freeswan pluto[4689]: | SPI size: 0
Feb 10 12:34:04 freeswan pluto[4689]: | Notify Message Type: INVALID_MESSAGE_ID
Feb 10 12:34:04 freeswan pluto[4689]: | emitting 0 raw bytes of spi into ISAKMP Notification Payload
Feb 10 12:34:04 freeswan pluto[4689]: | spi
Feb 10 12:34:04 freeswan pluto[4689]: | emitting length of ISAKMP Notification Payload: 12
Feb 10 12:34:04 freeswan pluto[4689]: | HASH(1) computed:
Feb 10 12:34:04 freeswan pluto[4689]: | 2d 8b 02 89 c6 ad 0a 8c 27 a0 7f 79 dc 79 e3 be
Feb 10 12:34:04 freeswan pluto[4689]: | af 67 1a 05
Feb 10 12:34:04 freeswan pluto[4689]: | last Phase 1 IV: 45 d1 28 b2 42 55 80 05
Feb 10 12:34:04 freeswan pluto[4689]: | last Phase 1 IV: 45 d1 28 b2 42 55 80 05
Feb 10 12:34:04 freeswan pluto[4689]: | computed Phase 2 IV:
Feb 10 12:34:04 freeswan pluto[4689]: | bc 2c 43 04 f6 06 92 43 8e f2 d2 39 4d c1 a7 2a
Feb 10 12:34:04 freeswan pluto[4689]: | 58 3d d9 82
Feb 10 12:34:04 freeswan pluto[4689]: | encrypting:
Feb 10 12:34:04 freeswan pluto[4689]: | 0b 00 00 18 2d 8b 02 89 c6 ad 0a 8c 27 a0 7f 79
Feb 10 12:34:04 freeswan pluto[4689]: | dc 79 e3 be af 67 1a 05 00 00 00 0c 00 00 00 01
Feb 10 12:34:04 freeswan pluto[4689]: | 01 00 00 09
Feb 10 12:34:04 freeswan pluto[4689]: | emitting 4 zero bytes of encryption padding into ISAKMP Message
Feb 10 12:34:04 freeswan pluto[4689]: | encrypting using OAKLEY_3DES_CBC
Feb 10 12:34:04 freeswan pluto[4689]: | next IV: 88 6b 77 eb ac d7 6d 1a
Feb 10 12:34:04 freeswan pluto[4689]: | emitting length of ISAKMP Message: 68
Feb 10 12:34:04 freeswan pluto[4689]: | sending 68 bytes for notification packet through eth1 to 192.168.2.2:500:
Feb 10 12:34:04 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32 eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: | 08 10 05 01 14 a3 55 75 00 00 00 44 16 a1 bd 4f
Feb 10 12:34:04 freeswan pluto[4689]: | 72 af b5 d3 ae d7 d3 63 e5 09 1d 23 52 98 75 b2
Feb 10 12:34:04 freeswan pluto[4689]: | 5f e8 ae 93 b0 0c d8 f4 9a 64 84 14 88 6b 77 eb
Feb 10 12:34:04 freeswan pluto[4689]: | ac d7 6d 1a
Feb 10 12:34:04 freeswan pluto[4689]: | next event EVENT_SHUNT_SCAN in 19 seconds
Feb 10 12:34:05 freeswan pluto[4689]: |
Feb 10 12:34:05 freeswan pluto[4689]: | *received 164 bytes from 192.168.2.2:500 on eth1
Feb 10 12:34:05 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32 eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:05 freeswan pluto[4689]: | 08 10 20 01 e0 77 0e 12 00 00 00 a4 79 db 45 bf
Feb 10 12:34:05 freeswan pluto[4689]: | 6a da 84 d1 31 0e 5c 40 fd 73 35 cc 2d 21 ff 6b
Feb 10 12:34:05 freeswan pluto[4689]: | e4 8b cf c0 aa ce 99 d7 09 41 d5 26 ef 6b 37 9c
Feb 10 12:34:05 freeswan pluto[4689]: | 6e 7b b7 8b e4 ab dd 2b 5d f4 d4 93 31 60 75 35
Feb 10 12:34:05 freeswan pluto[4689]: | 8d 7a 61 1b 63 13 22 30 c8 ea 0d 51 eb f5 dc 99
Feb 10 12:34:05 freeswan pluto[4689]: | 5d 6c 3d 61 7e c3 b3 e6 5f 37 cd 87 c9 59 35 d3
Feb 10 12:34:05 freeswan pluto[4689]: | 48 cd 69 e1 89 bd 1c 29 b4 9c 2e 8c d7 7d 89 98
Feb 10 12:34:05 freeswan pluto[4689]: | 78 01 e3 25 85 6b 82 f8 a5 4b 96 fa af 35 c8 89
Feb 10 12:34:05 freeswan pluto[4689]: | 19 e6 16 1f 5c 23 4f 8e dc 63 d0 f3 05 d9 ea 12
Feb 10 12:34:05 freeswan pluto[4689]: | 37 30 9d 41
Feb 10 12:34:05 freeswan pluto[4689]: | **parse ISAKMP Message:
Feb 10 12:34:05 freeswan pluto[4689]: | initiator cookie:
Feb 10 12:34:05 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:05 freeswan pluto[4689]: | responder cookie:
Feb 10 12:34:05 freeswan pluto[4689]: | eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:05 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:05 freeswan pluto[4689]: | ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:05 freeswan pluto[4689]: | exchange type: ISAKMP_XCHG_QUICK
Feb 10 12:34:05 freeswan pluto[4689]: | flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:05 freeswan pluto[4689]: | message ID: e0 77 0e 12
Feb 10 12:34:05 freeswan pluto[4689]: | length: 164
Feb 10 12:34:05 freeswan pluto[4689]: | ICOOKIE: 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:05 freeswan pluto[4689]: | RCOOKIE: eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:05 freeswan pluto[4689]: | peer: c0 a8 02 02
Feb 10 12:34:05 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:05 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid e0770e12 vs d8191da2
Feb 10 12:34:05 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid e0770e12 vs 00000000
Feb 10 12:34:05 freeswan pluto[4689]: | state object not found
Feb 10 12:34:05 freeswan pluto[4689]: | ICOOKIE: 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:05 freeswan pluto[4689]: | RCOOKIE: eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:05 freeswan pluto[4689]: | peer: c0 a8 02 02
Feb 10 12:34:05 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:05 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid 00000000 vs d8191da2
Feb 10 12:34:05 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Feb 10 12:34:05 freeswan pluto[4689]: | state object #1 found, in STATE_MAIN_R3
Feb 10 12:34:05 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x120e77e0 (perhaps this is a duplicated packet)
Feb 10 12:34:05 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.2.2:500
Feb 10 12:34:05 freeswan pluto[4689]: | **emit ISAKMP Message:
Feb 10 12:34:05 freeswan pluto[4689]: | initiator cookie:
Feb 10 12:34:05 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:05 freeswan pluto[4689]: | responder cookie:
Feb 10 12:34:05 freeswan pluto[4689]: | eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:05 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:05 freeswan pluto[4689]: | ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:05 freeswan pluto[4689]: | exchange type: ISAKMP_XCHG_INFO
Feb 10 12:34:05 freeswan pluto[4689]: | flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:05 freeswan pluto[4689]: | message ID: ca 82 81 2d
Feb 10 12:34:05 freeswan pluto[4689]: | ***emit ISAKMP Hash Payload:
Feb 10 12:34:05 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_N
Feb 10 12:34:05 freeswan pluto[4689]: | emitting 20 zero bytes of HASH(1) into ISAKMP Hash Payload
Feb 10 12:34:05 freeswan pluto[4689]: | emitting length of ISAKMP Hash Payload: 24
Feb 10 12:34:05 freeswan pluto[4689]: | ***emit ISAKMP Notification Payload:
Feb 10 12:34:05 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_NONE
Feb 10 12:34:05 freeswan pluto[4689]: | DOI: ISAKMP_DOI_IPSEC
Feb 10 12:34:05 freeswan pluto[4689]: | protocol ID: 1
Feb 10 12:34:05 freeswan pluto[4689]: | SPI size: 0
Feb 10 12:34:05 freeswan pluto[4689]: | Notify Message Type: INVALID_MESSAGE_ID
Feb 10 12:34:05 freeswan pluto[4689]: | emitting 0 raw bytes of spi into ISAKMP Notification Payload
Feb 10 12:34:05 freeswan pluto[4689]: | spi
Feb 10 12:34:05 freeswan pluto[4689]: | emitting length of ISAKMP Notification Payload: 12
Feb 10 12:34:05 freeswan pluto[4689]: | HASH(1) computed:
Feb 10 12:34:05 freeswan pluto[4689]: | 1b da 29 2e 38 9f 34 30 81 01 dc 3b d0 89 75 6e
Feb 10 12:34:05 freeswan pluto[4689]: | 4c 91 d6 2e
Feb 10 12:34:05 freeswan pluto[4689]: | last Phase 1 IV: 45 d1 28 b2 42 55 80 05
Feb 10 12:34:05 freeswan pluto[4689]: | last Phase 1 IV: 45 d1 28 b2 42 55 80 05
Feb 10 12:34:05 freeswan pluto[4689]: | computed Phase 2 IV:
Feb 10 12:34:05 freeswan pluto[4689]: | 1d 08 cb d9 39 0c 7d d2 5a 79 4a 53 a4 33 ca d1
Feb 10 12:34:05 freeswan pluto[4689]: | 37 ed 47 7b
Feb 10 12:34:05 freeswan pluto[4689]: | encrypting:
Feb 10 12:34:05 freeswan pluto[4689]: | 0b 00 00 18 1b da 29 2e 38 9f 34 30 81 01 dc 3b
Feb 10 12:34:05 freeswan pluto[4689]: | d0 89 75 6e 4c 91 d6 2e 00 00 00 0c 00 00 00 01
Feb 10 12:34:05 freeswan pluto[4689]: | 01 00 00 09
Feb 10 12:34:05 freeswan pluto[4689]: | emitting 4 zero bytes of encryption padding into ISAKMP Message
Feb 10 12:34:05 freeswan pluto[4689]: | encrypting using OAKLEY_3DES_CBC
Feb 10 12:34:05 freeswan pluto[4689]: | next IV: 08 3c 22 4e e8 34 27 77
Feb 10 12:34:05 freeswan pluto[4689]: | emitting length of ISAKMP Message: 68
Feb 10 12:34:05 freeswan pluto[4689]: | sending 68 bytes for notification packet through eth1 to 192.168.2.2:500:
Feb 10 12:34:05 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32 eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:05 freeswan pluto[4689]: | 08 10 05 01 ca 82 81 2d 00 00 00 44 29 3b 81 17
Feb 10 12:34:05 freeswan pluto[4689]: | a7 b6 2e e0 cc fc f6 6e d7 9b 88 5a d1 84 ad 01
Feb 10 12:34:05 freeswan pluto[4689]: | 08 d7 b5 04 54 8c 90 53 27 c6 f0 87 08 3c 22 4e
Feb 10 12:34:05 freeswan pluto[4689]: | e8 34 27 77
Feb 10 12:34:05 freeswan pluto[4689]: | next event EVENT_SHUNT_SCAN in 18 seconds
Feb 10 12:34:09 freeswan pluto[4689]: |
Feb 10 12:34:09 freeswan pluto[4689]: | *received 164 bytes from 192.168.2.2:500 on eth1
Feb 10 12:34:09 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32 eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:09 freeswan pluto[4689]: | 08 10 20 01 e0 77 0e 12 00 00 00 a4 79 db 45 bf
Feb 10 12:34:09 freeswan pluto[4689]: | 6a da 84 d1 31 0e 5c 40 fd 73 35 cc 2d 21 ff 6b
Feb 10 12:34:09 freeswan pluto[4689]: | e4 8b cf c0 aa ce 99 d7 09 41 d5 26 ef 6b 37 9c
Feb 10 12:34:09 freeswan pluto[4689]: | 6e 7b b7 8b e4 ab dd 2b 5d f4 d4 93 31 60 75 35
Feb 10 12:34:09 freeswan pluto[4689]: | 8d 7a 61 1b 63 13 22 30 c8 ea 0d 51 eb f5 dc 99
Feb 10 12:34:09 freeswan pluto[4689]: | 5d 6c 3d 61 7e c3 b3 e6 5f 37 cd 87 c9 59 35 d3
Feb 10 12:34:09 freeswan pluto[4689]: | 48 cd 69 e1 89 bd 1c 29 b4 9c 2e 8c d7 7d 89 98
Feb 10 12:34:09 freeswan pluto[4689]: | 78 01 e3 25 85 6b 82 f8 a5 4b 96 fa af 35 c8 89
Feb 10 12:34:09 freeswan pluto[4689]: | 19 e6 16 1f 5c 23 4f 8e dc 63 d0 f3 05 d9 ea 12
Feb 10 12:34:09 freeswan pluto[4689]: | 37 30 9d 41
Feb 10 12:34:09 freeswan pluto[4689]: | **parse ISAKMP Message:
Feb 10 12:34:09 freeswan pluto[4689]: | initiator cookie:
Feb 10 12:34:09 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:09 freeswan pluto[4689]: | responder cookie:
Feb 10 12:34:09 freeswan pluto[4689]: | eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:09 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:09 freeswan pluto[4689]: | ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:10 freeswan pluto[4689]: | exchange type: ISAKMP_XCHG_QUICK
Feb 10 12:34:10 freeswan pluto[4689]: | flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:10 freeswan pluto[4689]: | message ID: e0 77 0e 12
Feb 10 12:34:10 freeswan pluto[4689]: | length: 164
Feb 10 12:34:10 freeswan pluto[4689]: | ICOOKIE: 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:10 freeswan pluto[4689]: | RCOOKIE: eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:10 freeswan pluto[4689]: | peer: c0 a8 02 02
Feb 10 12:34:10 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:10 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid e0770e12 vs d8191da2
Feb 10 12:34:10 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid e0770e12 vs 00000000
Feb 10 12:34:10 freeswan pluto[4689]: | state object not found
Feb 10 12:34:10 freeswan pluto[4689]: | ICOOKIE: 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:10 freeswan pluto[4689]: | RCOOKIE: eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:10 freeswan pluto[4689]: | peer: c0 a8 02 02
Feb 10 12:34:10 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:10 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid 00000000 vs d8191da2
Feb 10 12:34:10 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Feb 10 12:34:10 freeswan pluto[4689]: | state object #1 found, in STATE_MAIN_R3
Feb 10 12:34:10 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x120e77e0 (perhaps this is a duplicated packet)
Feb 10 12:34:10 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.2.2:500
Feb 10 12:34:10 freeswan pluto[4689]: | **emit ISAKMP Message:
Feb 10 12:34:10 freeswan pluto[4689]: | initiator cookie:
Feb 10 12:34:10 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:10 freeswan pluto[4689]: | responder cookie:
Feb 10 12:34:10 freeswan pluto[4689]: | eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:10 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:10 freeswan pluto[4689]: | ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:10 freeswan pluto[4689]: | exchange type: ISAKMP_XCHG_INFO
Feb 10 12:34:10 freeswan pluto[4689]: | flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:10 freeswan pluto[4689]: | message ID: 03 1a d9 bc
Feb 10 12:34:10 freeswan pluto[4689]: | ***emit ISAKMP Hash Payload:
Feb 10 12:34:10 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_N
Feb 10 12:34:10 freeswan pluto[4689]: | emitting 20 zero bytes of HASH(1) into ISAKMP Hash Payload
Feb 10 12:34:10 freeswan pluto[4689]: | emitting length of ISAKMP Hash Payload: 24
Feb 10 12:34:10 freeswan pluto[4689]: | ***emit ISAKMP Notification Payload:
Feb 10 12:34:10 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_NONE
Feb 10 12:34:10 freeswan pluto[4689]: | DOI: ISAKMP_DOI_IPSEC
Feb 10 12:34:10 freeswan pluto[4689]: | protocol ID: 1
Feb 10 12:34:10 freeswan pluto[4689]: | SPI size: 0
Feb 10 12:34:10 freeswan pluto[4689]: | Notify Message Type: INVALID_MESSAGE_ID
Feb 10 12:34:10 freeswan pluto[4689]: | emitting 0 raw bytes of spi into ISAKMP Notification Payload
Feb 10 12:34:10 freeswan pluto[4689]: | spi
Feb 10 12:34:10 freeswan pluto[4689]: | emitting length of ISAKMP Notification Payload: 12
Feb 10 12:34:10 freeswan pluto[4689]: | HASH(1) computed:
Feb 10 12:34:10 freeswan pluto[4689]: | a9 e2 aa 27 9f c2 c7 53 ba df 2e 41 02 82 d6 39
Feb 10 12:34:10 freeswan pluto[4689]: | 5f c6 27 ea
Feb 10 12:34:10 freeswan pluto[4689]: | last Phase 1 IV: 45 d1 28 b2 42 55 80 05
Feb 10 12:34:10 freeswan pluto[4689]: | last Phase 1 IV: 45 d1 28 b2 42 55 80 05
Feb 10 12:34:10 freeswan pluto[4689]: | computed Phase 2 IV:
Feb 10 12:34:10 freeswan pluto[4689]: | 6b 3c 1f 53 81 18 d5 a0 aa 9a 96 88 d0 9d 5d 79
Feb 10 12:34:10 freeswan pluto[4689]: | 0d 78 ac 54
Feb 10 12:34:10 freeswan pluto[4689]: | encrypting:
Feb 10 12:34:10 freeswan pluto[4689]: | 0b 00 00 18 a9 e2 aa 27 9f c2 c7 53 ba df 2e 41
Feb 10 12:34:10 freeswan pluto[4689]: | 02 82 d6 39 5f c6 27 ea 00 00 00 0c 00 00 00 01
Feb 10 12:34:10 freeswan pluto[4689]: | 01 00 00 09
Feb 10 12:34:10 freeswan pluto[4689]: | emitting 4 zero bytes of encryption padding into ISAKMP Message
Feb 10 12:34:10 freeswan pluto[4689]: | encrypting using OAKLEY_3DES_CBC
Feb 10 12:34:10 freeswan pluto[4689]: | next IV: 66 60 34 63 f3 f7 57 87
Feb 10 12:34:10 freeswan pluto[4689]: | emitting length of ISAKMP Message: 68
Feb 10 12:34:10 freeswan pluto[4689]: | sending 68 bytes for notification packet through eth1 to 192.168.2.2:500:
Feb 10 12:34:10 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32 eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:10 freeswan pluto[4689]: | 08 10 05 01 03 1a d9 bc 00 00 00 44 cc f8 cc 04
Feb 10 12:34:10 freeswan pluto[4689]: | 6c 87 87 18 08 d4 49 07 b2 89 1f 43 b5 6f d4 30
Feb 10 12:34:10 freeswan pluto[4689]: | 10 d2 6b 8b e8 cc d1 bd df 09 3f 7f 66 60 34 63
Feb 10 12:34:10 freeswan pluto[4689]: | f3 f7 57 87
Feb 10 12:34:10 freeswan pluto[4689]: | next event EVENT_SHUNT_SCAN in 13 seconds
Feb 10 12:34:17 freeswan pluto[4689]: |
Feb 10 12:34:17 freeswan pluto[4689]: | *received 164 bytes from 192.168.2.2:500 on eth1
Feb 10 12:34:17 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32 eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:17 freeswan pluto[4689]: | 08 10 20 01 e0 77 0e 12 00 00 00 a4 79 db 45 bf
Feb 10 12:34:17 freeswan pluto[4689]: | 6a da 84 d1 31 0e 5c 40 fd 73 35 cc 2d 21 ff 6b
Feb 10 12:34:17 freeswan pluto[4689]: | e4 8b cf c0 aa ce 99 d7 09 41 d5 26 ef 6b 37 9c
Feb 10 12:34:17 freeswan pluto[4689]: | 6e 7b b7 8b e4 ab dd 2b 5d f4 d4 93 31 60 75 35
Feb 10 12:34:17 freeswan pluto[4689]: | 8d 7a 61 1b 63 13 22 30 c8 ea 0d 51 eb f5 dc 99
Feb 10 12:34:17 freeswan pluto[4689]: | 5d 6c 3d 61 7e c3 b3 e6 5f 37 cd 87 c9 59 35 d3
Feb 10 12:34:17 freeswan pluto[4689]: | 48 cd 69 e1 89 bd 1c 29 b4 9c 2e 8c d7 7d 89 98
Feb 10 12:34:17 freeswan pluto[4689]: | 78 01 e3 25 85 6b 82 f8 a5 4b 96 fa af 35 c8 89
Feb 10 12:34:17 freeswan pluto[4689]: | 19 e6 16 1f 5c 23 4f 8e dc 63 d0 f3 05 d9 ea 12
Feb 10 12:34:17 freeswan pluto[4689]: | 37 30 9d 41
Feb 10 12:34:17 freeswan pluto[4689]: | **parse ISAKMP Message:
Feb 10 12:34:17 freeswan pluto[4689]: | initiator cookie:
Feb 10 12:34:17 freeswan pluto[4689]: | 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:17 freeswan pluto[4689]: | responder cookie:
Feb 10 12:34:17 freeswan pluto[4689]: | eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:17 freeswan pluto[4689]: | next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:17 freeswan pluto[4689]: | ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:17 freeswan pluto[4689]: | exchange type: ISAKMP_XCHG_QUICK
Feb 10 12:34:17 freeswan pluto[4689]: | flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:17 freeswan pluto[4689]: | message ID: e0 77 0e 12
Feb 10 12:34:17 freeswan pluto[4689]: | length: 164
Feb 10 12:34:17 freeswan pluto[4689]: | ICOOKIE: 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:17 freeswan pluto[4689]: | RCOOKIE: eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:17 freeswan pluto[4689]: | peer: c0 a8 02 02
Feb 10 12:34:17 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:17 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid e0770e12 vs d8191da2
Feb 10 12:34:17 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid e0770e12 vs 00000000
Feb 10 12:34:17 freeswan pluto[4689]: | state object not found
Feb 10 12:34:17 freeswan pluto[4689]: | ICOOKIE: 15 08 68 f7 3f 64 b1 32
Feb 10 12:34:17 freeswan pluto[4689]: | RCOOKIE: eb cf c9 8e b6 f8 0f e7
Feb 10 12:34:17 freeswan pluto[4689]: | peer: c0 a8 02 02
Feb 10 12:34:17 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:17 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid 00000000 vs d8191da2
Feb 10 12:34:17 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Feb 10 12:34:18 freeswan pluto[4689]: | state object #1 found, in STATE_MAIN_R3
______________________________________________________________
Verschicken Sie romantische, coole und witzige Bilder per SMS!
Jetzt bei WEB.DE FreeMail: http://f.web.de/?mc=021193
More information about the Users
mailing list