[Openswan Users] L2TP/IPsec VPN server with Windows 2000/XP

Daniel Fitzner t-systems-fitz at web.de
Thu Feb 10 14:45:48 CET 2005


Hello guys,

I want to setup following scenario:

(XP-Client 192.168.2.2) -> (192.168.2.1 Router 192.168.1.2) -> (192.168.1.1 OPENSWAN with L2TPD 192.168.3.1) ->INTERNEL_NET

I used following document: http://www.jacco2.dds.nl/networking/freeswan-l2tp.html.

My client is an xp-client with SP2, openswan is in version 2.3.0.

If I use PSK then everything works fine, the ipsec tunnel is established and also the l2tp-connection.

But now I want to use x509 certificates. For this I used the document: http://www.natecarlson.com/linux/ipsec-x509.php.

Unfortunately this doesn't work for me, I have some strange problems.

Here are my configs:

ipsec.conf at openswan-server:

# basic configuration
config setup
	# Debug-logging controls:  "none" for (almost) none, "all" for lots.
	klipsdebug=none
	plutodebug=all
	

# Add connections here

conn L2TP-PSK-orgWIN2KXP
	# RSA
	authby=rsasig
	leftrsasigkey=%cert
	rightrsasigkey=%cert
	# kein Perfect Forward Secrecy
	pfs=no
	# Gateway
	left=192.168.1.1
	leftcert=ipsec-server.pem
	leftprotoport=17/1701
	right=%any
	rightcert=ipsec-client.pem
	rightprotoport=17/1701
	# wait for connection
	auto=add
	keyingtries=3
	
ipsec.secrets at openswan-server:

: RSA ipsec-server.key "XXXXX"

ipsec.conf at xp-client for Marcus Müller's ipsec.exe utility from http://vpn.ebootis.de

conn L2TP-PSK-orgWIN2KXP
	left=%any
	right=192.168.1.1
	rightca="C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-ca"
	network=auto
	auto=start
	pfs=no

In my logfile I see, that the IPSEC-Connection is established:

Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[1] 192.168.2.2 #1: responding to Main Mode from unknown peer 192.168.2.2
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[1] 192.168.2.2 #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[1] 192.168.2.2 #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[1] 192.168.2.2 #1: Main mode peer ID is ID_DER_ASN1_DN: 'C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client'
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: deleting connection "L2TP-PSK-orgWIN2KXP" instance with peer 192.168.2.2 {isakmp=#0/ipsec=#0}
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: I am sending my cert
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sent MR3, ISAKMP SA established
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: responding to Quick Mode
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: route-host output: /usr/local/lib/ipsec/_updown: doroute `ip route add 192.168.2.2/32 via 192.168.2.2 dev ipsec0 ' failed (RTNETLINK answers: Network is unreachable)
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: IPsec SA established {ESP=>0xb7cba849 <0xe8a9345e}
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: cannot respond to IPsec SA request because no connection is known for 192.168.1.1[C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-server]...192.168.2.2[C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client]
Feb 10 13:43:53 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_ID_INFORMATION to 192.168.2.2:500
Feb 10 13:43:54 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xba749525 (perhaps this is a duplicated packet)
Feb 10 13:43:54 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.2.2:500
Feb 10 13:43:57 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xba749525 (perhaps this is a duplicated packet)
Feb 10 13:43:57 freeswan pluto[1268]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.2.2:500


If I enable debugging for pluto I see some more informations after the SA is established:

Feb 10 12:34:02 freeswan pluto[4689]: |   trusted_ca called with a=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-ca b=(empty)
Feb 10 12:34:02 freeswan pluto[4689]: | executing prepare-host: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='prepare-host' PLUTO_CONNECTION='L2TP-PSK-orgWIN2KXP' PLUTO_NEXT_HOP='192.168.2.2' PLUTO_INTERFACE='ipsec0' PLUTO_ME='192.168.1.1' PLUTO_MY_ID='C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-server' PLUTO_MY_CLIENT='192.168.1.1/32' PLUTO_MY_CLIENT_NET='192.168.1.1' PLUTO_MY_CLIENT_MASK='255.255.255.255' PLUTO_MY_PORT='1701' PLUTO_MY_PROTOCOL='17' PLUTO_PEER='192.168.2.2' PLUTO_PEER_ID='C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client' PLUTO_PEER_CLIENT='192.168.2.2/32' PLUTO_PEER_CLIENT_NET='192.168.2.2' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='1701' PLUTO_PEER_PROTOCOL='17' PLUTO_PEER_CA='C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-ca' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL'  ipsec _updown
Feb 10 12:34:02 freeswan pluto[4689]: |   trusted_ca called with a=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-ca b=(empty)
Feb 10 12:34:02 freeswan pluto[4689]: | executing route-host: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='route-host' PLUTO_CONNECTION='L2TP-PSK-orgWIN2KXP' PLUTO_NEXT_HOP='192.168.2.2' PLUTO_INTERFACE='ipsec0' PLUTO_ME='192.168.1.1' PLUTO_MY_ID='C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-server' PLUTO_MY_CLIENT='192.168.1.1/32' PLUTO_MY_CLIENT_NET='192.168.1.1' PLUTO_MY_CLIENT_MASK='255.255.255.255' PLUTO_MY_PORT='1701' PLUTO_MY_PROTOCOL='17' PLUTO_PEER='192.168.2.2' PLUTO_PEER_ID='C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client' PLUTO_PEER_CLIENT='192.168.2.2/32' PLUTO_PEER_CLIENT_NET='192.168.2.2' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='1701' PLUTO_PEER_PROTOCOL='17' PLUTO_PEER_CA='C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-ca' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL'  ipsec _updown
Feb 10 12:34:03 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: route-host output: /usr/local/lib/ipsec/_updown: doroute `ip route add 192.168.2.2/32 via 192.168.2.2 dev ipsec0 ' failed (RTNETLINK answers: Network is unreachable)
Feb 10 12:34:03 freeswan pluto[4689]: | route_and_eroute: instance "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2, setting eroute_owner {spd=0x80ff674,sr=0x80ff674} to #2 (was #0) (newest_ipsec_sa=#0)
Feb 10 12:34:03 freeswan pluto[4689]: | inI2: instance L2TP-PSK-orgWIN2KXP[2], setting newest_ipsec_sa to #2 (was #0) (spd.eroute=#2)
Feb 10 12:34:03 freeswan pluto[4689]: | complete state transition with STF_OK
Feb 10 12:34:03 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Feb 10 12:34:03 freeswan pluto[4689]: | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #2
Feb 10 12:34:03 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #2: IPsec SA established {ESP=>0x1ffee417 <0xa2b318ef}
Feb 10 12:34:03 freeswan pluto[4689]: | modecfg pull: noquirk policy:push not-client
Feb 10 12:34:03 freeswan pluto[4689]: | phase 1 is done, looking for phase 1 to unpend
Feb 10 12:34:03 freeswan pluto[4689]: | next event EVENT_SHUNT_SCAN in 20 seconds
Feb 10 12:34:03 freeswan pluto[4689]: |  
Feb 10 12:34:03 freeswan pluto[4689]: | *received 164 bytes from 192.168.2.2:500 on eth1
Feb 10 12:34:03 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:03 freeswan pluto[4689]: |   08 10 20 01  e0 77 0e 12  00 00 00 a4  79 db 45 bf
Feb 10 12:34:03 freeswan pluto[4689]: |   6a da 84 d1  31 0e 5c 40  fd 73 35 cc  2d 21 ff 6b
Feb 10 12:34:03 freeswan pluto[4689]: |   e4 8b cf c0  aa ce 99 d7  09 41 d5 26  ef 6b 37 9c
Feb 10 12:34:03 freeswan pluto[4689]: |   6e 7b b7 8b  e4 ab dd 2b  5d f4 d4 93  31 60 75 35
Feb 10 12:34:03 freeswan pluto[4689]: |   8d 7a 61 1b  63 13 22 30  c8 ea 0d 51  eb f5 dc 99
Feb 10 12:34:03 freeswan pluto[4689]: |   5d 6c 3d 61  7e c3 b3 e6  5f 37 cd 87  c9 59 35 d3
Feb 10 12:34:03 freeswan pluto[4689]: |   48 cd 69 e1  89 bd 1c 29  b4 9c 2e 8c  d7 7d 89 98
Feb 10 12:34:03 freeswan pluto[4689]: |   78 01 e3 25  85 6b 82 f8  a5 4b 96 fa  af 35 c8 89
Feb 10 12:34:03 freeswan pluto[4689]: |   19 e6 16 1f  5c 23 4f 8e  dc 63 d0 f3  05 d9 ea 12
Feb 10 12:34:03 freeswan pluto[4689]: |   37 30 9d 41
Feb 10 12:34:03 freeswan pluto[4689]: | **parse ISAKMP Message:
Feb 10 12:34:03 freeswan pluto[4689]: |    initiator cookie:
Feb 10 12:34:03 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32
Feb 10 12:34:03 freeswan pluto[4689]: |    responder cookie:
Feb 10 12:34:03 freeswan pluto[4689]: |   eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:03 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:03 freeswan pluto[4689]: |    ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:03 freeswan pluto[4689]: |    exchange type: ISAKMP_XCHG_QUICK
Feb 10 12:34:03 freeswan pluto[4689]: |    flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:03 freeswan pluto[4689]: |    message ID:  e0 77 0e 12
Feb 10 12:34:03 freeswan pluto[4689]: |    length: 164
Feb 10 12:34:03 freeswan pluto[4689]: | ICOOKIE:  15 08 68 f7  3f 64 b1 32
Feb 10 12:34:03 freeswan pluto[4689]: | RCOOKIE:  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:03 freeswan pluto[4689]: | peer:  c0 a8 02 02
Feb 10 12:34:03 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:03 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid e0770e12 vs d8191da2
Feb 10 12:34:03 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid e0770e12 vs 00000000
Feb 10 12:34:03 freeswan pluto[4689]: | state object not found
Feb 10 12:34:03 freeswan pluto[4689]: | ICOOKIE:  15 08 68 f7  3f 64 b1 32
Feb 10 12:34:03 freeswan pluto[4689]: | RCOOKIE:  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:03 freeswan pluto[4689]: | peer:  c0 a8 02 02
Feb 10 12:34:03 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:03 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid 00000000 vs d8191da2
Feb 10 12:34:03 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Feb 10 12:34:03 freeswan pluto[4689]: | state object #1 found, in STATE_MAIN_R3
Feb 10 12:34:03 freeswan pluto[4689]: | last Phase 1 IV:  45 d1 28 b2  42 55 80 05
Feb 10 12:34:03 freeswan pluto[4689]: | last Phase 1 IV:  45 d1 28 b2  42 55 80 05
Feb 10 12:34:03 freeswan pluto[4689]: | computed Phase 2 IV:
Feb 10 12:34:03 freeswan pluto[4689]: |   35 54 fe 27  0d eb 86 b4  fc 92 f5 be  45 18 7d 44
Feb 10 12:34:03 freeswan pluto[4689]: |   d2 60 de b7
Feb 10 12:34:03 freeswan pluto[4689]: | received encrypted packet from 192.168.2.2:500
Feb 10 12:34:03 freeswan pluto[4689]: | decrypting 136 bytes using algorithm OAKLEY_3DES_CBC
Feb 10 12:34:03 freeswan pluto[4689]: | decrypted:
Feb 10 12:34:03 freeswan pluto[4689]: |   01 00 00 18  91 3e 04 ba  9e f9 bc df  07 98 0e ee
Feb 10 12:34:03 freeswan pluto[4689]: |   11 ff 5e 1a  6a 44 8b 7a  0a 00 00 40  00 00 00 01
Feb 10 12:34:03 freeswan pluto[4689]: |   00 00 00 01  00 00 00 34  01 03 04 01  28 fb 35 e9
Feb 10 12:34:03 freeswan pluto[4689]: |   00 00 00 28  01 03 00 00  80 01 00 01  00 02 00 04
Feb 10 12:34:03 freeswan pluto[4689]: |   00 00 0e 10  80 01 00 02  00 02 00 04  00 00 c3 50
Feb 10 12:34:03 freeswan pluto[4689]: |   80 04 00 01  80 05 00 01  05 00 00 18  4d 0d 15 9b
Feb 10 12:34:03 freeswan pluto[4689]: |   5b ec 9d 6c  ee ce 42 3e  7f 54 00 9b  a8 1c 28 86
Feb 10 12:34:03 freeswan pluto[4689]: |   05 00 00 0c  01 00 00 00  c0 a8 02 02  00 00 00 0c
Feb 10 12:34:03 freeswan pluto[4689]: |   01 00 00 00  c0 a8 01 01
Feb 10 12:34:03 freeswan pluto[4689]: | next IV:  05 d9 ea 12  37 30 9d 41
Feb 10 12:34:03 freeswan pluto[4689]: | ***parse ISAKMP Hash Payload:
Feb 10 12:34:03 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_SA
Feb 10 12:34:03 freeswan pluto[4689]: |    length: 24
Feb 10 12:34:03 freeswan pluto[4689]: | ***parse ISAKMP Security Association Payload:
Feb 10 12:34:03 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_NONCE
Feb 10 12:34:03 freeswan pluto[4689]: |    length: 64
Feb 10 12:34:03 freeswan pluto[4689]: |    DOI: ISAKMP_DOI_IPSEC
Feb 10 12:34:03 freeswan pluto[4689]: | ***parse ISAKMP Nonce Payload:
Feb 10 12:34:03 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_ID
Feb 10 12:34:03 freeswan pluto[4689]: |    length: 24
Feb 10 12:34:03 freeswan pluto[4689]: | ***parse ISAKMP Identification Payload (IPsec DOI):
Feb 10 12:34:03 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_ID
Feb 10 12:34:03 freeswan pluto[4689]: |    length: 12
Feb 10 12:34:03 freeswan pluto[4689]: |    ID type: ID_IPV4_ADDR
Feb 10 12:34:03 freeswan pluto[4689]: |    Protocol ID: 0
Feb 10 12:34:03 freeswan pluto[4689]: |    port: 0
Feb 10 12:34:03 freeswan pluto[4689]: | ***parse ISAKMP Identification Payload (IPsec DOI):
Feb 10 12:34:03 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_NONE
Feb 10 12:34:03 freeswan pluto[4689]: |    length: 12
Feb 10 12:34:03 freeswan pluto[4689]: |    ID type: ID_IPV4_ADDR
Feb 10 12:34:03 freeswan pluto[4689]: |    Protocol ID: 0
Feb 10 12:34:03 freeswan pluto[4689]: |    port: 0
Feb 10 12:34:03 freeswan pluto[4689]: | HASH(1) computed:
Feb 10 12:34:03 freeswan pluto[4689]: |   91 3e 04 ba  9e f9 bc df  07 98 0e ee  11 ff 5e 1a
Feb 10 12:34:03 freeswan pluto[4689]: |   6a 44 8b 7a
Feb 10 12:34:03 freeswan pluto[4689]: | peer client is 192.168.2.2
Feb 10 12:34:03 freeswan pluto[4689]: | peer client protocol/port is 0/0
Feb 10 12:34:03 freeswan pluto[4689]: | our client is 192.168.1.1
Feb 10 12:34:03 freeswan pluto[4689]: | our client protocol/port is 0/0
Feb 10 12:34:03 freeswan pluto[4689]: | find_client_connection starting with L2TP-PSK-orgWIN2KXP
Feb 10 12:34:03 freeswan pluto[4689]: |   looking for 192.168.1.1/32:0/0 -> 192.168.2.2/32:0/0
Feb 10 12:34:03 freeswan pluto[4689]: |   concrete checking against sr#0 192.168.1.1/32 -> 192.168.2.2/32
Feb 10 12:34:03 freeswan pluto[4689]: |    match_id a=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client b=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client
Feb 10 12:34:03 freeswan pluto[4689]: |   match_id called with a=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client b=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client
Feb 10 12:34:03 freeswan pluto[4689]: |   trusted_ca called with a=(empty) b=(empty)
Feb 10 12:34:03 freeswan pluto[4689]: |   fc_try concluding with none [0]
Feb 10 12:34:03 freeswan pluto[4689]: |   fc_try L2TP-PSK-orgWIN2KXP gives none
Feb 10 12:34:03 freeswan pluto[4689]: |   checking hostpair 192.168.1.1/32 -> 192.168.2.2/32 is found
Feb 10 12:34:03 freeswan pluto[4689]: |    match_id a=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client b=(none)
Feb 10 12:34:03 freeswan pluto[4689]: |   trusted_ca called with a=(empty) b=(empty)
Feb 10 12:34:03 freeswan pluto[4689]: |   fc_try concluding with none [0]
Feb 10 12:34:03 freeswan pluto[4689]: |    match_id a=C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client b=(none)
Feb 10 12:34:03 freeswan pluto[4689]: |   trusted_ca called with a=(empty) b=(empty)
Feb 10 12:34:03 freeswan pluto[4689]: |   fc_try_oppo concluding with none [0]
Feb 10 12:34:03 freeswan pluto[4689]: |   concluding with d = none
Feb 10 12:34:03 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: cannot respond to IPsec SA request because no connection is known for 192.168.1.1[C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-server]...192.168.2.2[C=DE, ST=Berlin, L=Berlin, O=T-Systems GEI, OU=BU Berlin, CN=ipsec-client]
Feb 10 12:34:03 freeswan pluto[4689]: | complete state transition with (null)
Feb 10 12:34:03 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_ID_INFORMATION to 192.168.2.2:500
Feb 10 12:34:03 freeswan pluto[4689]: | **emit ISAKMP Message:
Feb 10 12:34:03 freeswan pluto[4689]: |    initiator cookie:
Feb 10 12:34:03 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32
Feb 10 12:34:03 freeswan pluto[4689]: |    responder cookie:
Feb 10 12:34:03 freeswan pluto[4689]: |   eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:03 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:03 freeswan pluto[4689]: |    ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:03 freeswan pluto[4689]: |    exchange type: ISAKMP_XCHG_INFO
Feb 10 12:34:03 freeswan pluto[4689]: |    flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:03 freeswan pluto[4689]: |    message ID:  2e f4 5a 2f
Feb 10 12:34:03 freeswan pluto[4689]: | ***emit ISAKMP Hash Payload:
Feb 10 12:34:03 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_N
Feb 10 12:34:03 freeswan pluto[4689]: | emitting 20 zero bytes of HASH(1) into ISAKMP Hash Payload
Feb 10 12:34:03 freeswan pluto[4689]: | emitting length of ISAKMP Hash Payload: 24
Feb 10 12:34:03 freeswan pluto[4689]: | ***emit ISAKMP Notification Payload:
Feb 10 12:34:03 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_NONE
Feb 10 12:34:03 freeswan pluto[4689]: |    DOI: ISAKMP_DOI_IPSEC
Feb 10 12:34:04 freeswan pluto[4689]: |    protocol ID: 1
Feb 10 12:34:04 freeswan pluto[4689]: |    SPI size: 0
Feb 10 12:34:04 freeswan pluto[4689]: |    Notify Message Type: INVALID_ID_INFORMATION
Feb 10 12:34:04 freeswan pluto[4689]: | emitting 0 raw bytes of spi into ISAKMP Notification Payload
Feb 10 12:34:04 freeswan pluto[4689]: | spi
Feb 10 12:34:04 freeswan pluto[4689]: | emitting length of ISAKMP Notification Payload: 12
Feb 10 12:34:04 freeswan pluto[4689]: | HASH(1) computed:
Feb 10 12:34:04 freeswan pluto[4689]: |   27 fe d1 c8  58 af f9 37  2b 5a fe 2e  dd 42 7a a8
Feb 10 12:34:04 freeswan pluto[4689]: |   05 4d d4 4e
Feb 10 12:34:04 freeswan pluto[4689]: | last Phase 1 IV:  45 d1 28 b2  42 55 80 05
Feb 10 12:34:04 freeswan pluto[4689]: | last Phase 1 IV:  45 d1 28 b2  42 55 80 05
Feb 10 12:34:04 freeswan pluto[4689]: | computed Phase 2 IV:
Feb 10 12:34:04 freeswan pluto[4689]: |   e8 86 b3 0a  57 51 41 70  37 8e 7b 7b  f4 7e 76 0c
Feb 10 12:34:04 freeswan pluto[4689]: |   63 60 c3 d9
Feb 10 12:34:04 freeswan pluto[4689]: | encrypting:
Feb 10 12:34:04 freeswan pluto[4689]: |   0b 00 00 18  27 fe d1 c8  58 af f9 37  2b 5a fe 2e
Feb 10 12:34:04 freeswan pluto[4689]: |   dd 42 7a a8  05 4d d4 4e  00 00 00 0c  00 00 00 01
Feb 10 12:34:04 freeswan pluto[4689]: |   01 00 00 12
Feb 10 12:34:04 freeswan pluto[4689]: | emitting 4 zero bytes of encryption padding into ISAKMP Message
Feb 10 12:34:04 freeswan pluto[4689]: | encrypting using OAKLEY_3DES_CBC
Feb 10 12:34:04 freeswan pluto[4689]: | next IV:  52 2b a0 da  54 90 7c fb
Feb 10 12:34:04 freeswan pluto[4689]: | emitting length of ISAKMP Message: 68
Feb 10 12:34:04 freeswan pluto[4689]: | sending 68 bytes for notification packet through eth1 to 192.168.2.2:500:
Feb 10 12:34:04 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: |   08 10 05 01  2e f4 5a 2f  00 00 00 44  cc 87 cf 50
Feb 10 12:34:04 freeswan pluto[4689]: |   8e 50 6f 26  95 f9 c6 3e  83 19 8d 06  a6 5e 57 18
Feb 10 12:34:04 freeswan pluto[4689]: |   8d f3 bd 75  8b ff e5 f6  81 d0 cb e7  52 2b a0 da
Feb 10 12:34:04 freeswan pluto[4689]: |   54 90 7c fb
Feb 10 12:34:04 freeswan pluto[4689]: | state transition function for STATE_QUICK_R0 failed: INVALID_ID_INFORMATION
Feb 10 12:34:04 freeswan pluto[4689]: | next event EVENT_SHUNT_SCAN in 19 seconds
Feb 10 12:34:04 freeswan pluto[4689]: |  
Feb 10 12:34:04 freeswan pluto[4689]: | *received 164 bytes from 192.168.2.2:500 on eth1
Feb 10 12:34:04 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: |   08 10 20 01  e0 77 0e 12  00 00 00 a4  79 db 45 bf
Feb 10 12:34:04 freeswan pluto[4689]: |   6a da 84 d1  31 0e 5c 40  fd 73 35 cc  2d 21 ff 6b
Feb 10 12:34:04 freeswan pluto[4689]: |   e4 8b cf c0  aa ce 99 d7  09 41 d5 26  ef 6b 37 9c
Feb 10 12:34:04 freeswan pluto[4689]: |   6e 7b b7 8b  e4 ab dd 2b  5d f4 d4 93  31 60 75 35
Feb 10 12:34:04 freeswan pluto[4689]: |   8d 7a 61 1b  63 13 22 30  c8 ea 0d 51  eb f5 dc 99
Feb 10 12:34:04 freeswan pluto[4689]: |   5d 6c 3d 61  7e c3 b3 e6  5f 37 cd 87  c9 59 35 d3
Feb 10 12:34:04 freeswan pluto[4689]: |   48 cd 69 e1  89 bd 1c 29  b4 9c 2e 8c  d7 7d 89 98
Feb 10 12:34:04 freeswan pluto[4689]: |   78 01 e3 25  85 6b 82 f8  a5 4b 96 fa  af 35 c8 89
Feb 10 12:34:04 freeswan pluto[4689]: |   19 e6 16 1f  5c 23 4f 8e  dc 63 d0 f3  05 d9 ea 12
Feb 10 12:34:04 freeswan pluto[4689]: |   37 30 9d 41
Feb 10 12:34:04 freeswan pluto[4689]: | **parse ISAKMP Message:
Feb 10 12:34:04 freeswan pluto[4689]: |    initiator cookie:
Feb 10 12:34:04 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32
Feb 10 12:34:04 freeswan pluto[4689]: |    responder cookie:
Feb 10 12:34:04 freeswan pluto[4689]: |   eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:04 freeswan pluto[4689]: |    ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:04 freeswan pluto[4689]: |    exchange type: ISAKMP_XCHG_QUICK
Feb 10 12:34:04 freeswan pluto[4689]: |    flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:04 freeswan pluto[4689]: |    message ID:  e0 77 0e 12
Feb 10 12:34:04 freeswan pluto[4689]: |    length: 164
Feb 10 12:34:04 freeswan pluto[4689]: | ICOOKIE:  15 08 68 f7  3f 64 b1 32
Feb 10 12:34:04 freeswan pluto[4689]: | RCOOKIE:  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: | peer:  c0 a8 02 02
Feb 10 12:34:04 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:04 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid e0770e12 vs d8191da2
Feb 10 12:34:04 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid e0770e12 vs 00000000
Feb 10 12:34:04 freeswan pluto[4689]: | state object not found
Feb 10 12:34:04 freeswan pluto[4689]: | ICOOKIE:  15 08 68 f7  3f 64 b1 32
Feb 10 12:34:04 freeswan pluto[4689]: | RCOOKIE:  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: | peer:  c0 a8 02 02
Feb 10 12:34:04 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:04 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid 00000000 vs d8191da2
Feb 10 12:34:04 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Feb 10 12:34:04 freeswan pluto[4689]: | state object #1 found, in STATE_MAIN_R3
Feb 10 12:34:04 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x120e77e0 (perhaps this is a duplicated packet)
Feb 10 12:34:04 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.2.2:500
Feb 10 12:34:04 freeswan pluto[4689]: | **emit ISAKMP Message:
Feb 10 12:34:04 freeswan pluto[4689]: |    initiator cookie:
Feb 10 12:34:04 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32
Feb 10 12:34:04 freeswan pluto[4689]: |    responder cookie:
Feb 10 12:34:04 freeswan pluto[4689]: |   eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:04 freeswan pluto[4689]: |    ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:04 freeswan pluto[4689]: |    exchange type: ISAKMP_XCHG_INFO
Feb 10 12:34:04 freeswan pluto[4689]: |    flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:04 freeswan pluto[4689]: |    message ID:  14 a3 55 75
Feb 10 12:34:04 freeswan pluto[4689]: | ***emit ISAKMP Hash Payload:
Feb 10 12:34:04 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_N
Feb 10 12:34:04 freeswan pluto[4689]: | emitting 20 zero bytes of HASH(1) into ISAKMP Hash Payload
Feb 10 12:34:04 freeswan pluto[4689]: | emitting length of ISAKMP Hash Payload: 24
Feb 10 12:34:04 freeswan pluto[4689]: | ***emit ISAKMP Notification Payload:
Feb 10 12:34:04 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_NONE
Feb 10 12:34:04 freeswan pluto[4689]: |    DOI: ISAKMP_DOI_IPSEC
Feb 10 12:34:04 freeswan pluto[4689]: |    protocol ID: 1
Feb 10 12:34:04 freeswan pluto[4689]: |    SPI size: 0
Feb 10 12:34:04 freeswan pluto[4689]: |    Notify Message Type: INVALID_MESSAGE_ID
Feb 10 12:34:04 freeswan pluto[4689]: | emitting 0 raw bytes of spi into ISAKMP Notification Payload
Feb 10 12:34:04 freeswan pluto[4689]: | spi
Feb 10 12:34:04 freeswan pluto[4689]: | emitting length of ISAKMP Notification Payload: 12
Feb 10 12:34:04 freeswan pluto[4689]: | HASH(1) computed:
Feb 10 12:34:04 freeswan pluto[4689]: |   2d 8b 02 89  c6 ad 0a 8c  27 a0 7f 79  dc 79 e3 be
Feb 10 12:34:04 freeswan pluto[4689]: |   af 67 1a 05
Feb 10 12:34:04 freeswan pluto[4689]: | last Phase 1 IV:  45 d1 28 b2  42 55 80 05
Feb 10 12:34:04 freeswan pluto[4689]: | last Phase 1 IV:  45 d1 28 b2  42 55 80 05
Feb 10 12:34:04 freeswan pluto[4689]: | computed Phase 2 IV:
Feb 10 12:34:04 freeswan pluto[4689]: |   bc 2c 43 04  f6 06 92 43  8e f2 d2 39  4d c1 a7 2a
Feb 10 12:34:04 freeswan pluto[4689]: |   58 3d d9 82
Feb 10 12:34:04 freeswan pluto[4689]: | encrypting:
Feb 10 12:34:04 freeswan pluto[4689]: |   0b 00 00 18  2d 8b 02 89  c6 ad 0a 8c  27 a0 7f 79
Feb 10 12:34:04 freeswan pluto[4689]: |   dc 79 e3 be  af 67 1a 05  00 00 00 0c  00 00 00 01
Feb 10 12:34:04 freeswan pluto[4689]: |   01 00 00 09
Feb 10 12:34:04 freeswan pluto[4689]: | emitting 4 zero bytes of encryption padding into ISAKMP Message
Feb 10 12:34:04 freeswan pluto[4689]: | encrypting using OAKLEY_3DES_CBC
Feb 10 12:34:04 freeswan pluto[4689]: | next IV:  88 6b 77 eb  ac d7 6d 1a
Feb 10 12:34:04 freeswan pluto[4689]: | emitting length of ISAKMP Message: 68
Feb 10 12:34:04 freeswan pluto[4689]: | sending 68 bytes for notification packet through eth1 to 192.168.2.2:500:
Feb 10 12:34:04 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:04 freeswan pluto[4689]: |   08 10 05 01  14 a3 55 75  00 00 00 44  16 a1 bd 4f
Feb 10 12:34:04 freeswan pluto[4689]: |   72 af b5 d3  ae d7 d3 63  e5 09 1d 23  52 98 75 b2
Feb 10 12:34:04 freeswan pluto[4689]: |   5f e8 ae 93  b0 0c d8 f4  9a 64 84 14  88 6b 77 eb
Feb 10 12:34:04 freeswan pluto[4689]: |   ac d7 6d 1a
Feb 10 12:34:04 freeswan pluto[4689]: | next event EVENT_SHUNT_SCAN in 19 seconds
Feb 10 12:34:05 freeswan pluto[4689]: |  
Feb 10 12:34:05 freeswan pluto[4689]: | *received 164 bytes from 192.168.2.2:500 on eth1
Feb 10 12:34:05 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:05 freeswan pluto[4689]: |   08 10 20 01  e0 77 0e 12  00 00 00 a4  79 db 45 bf
Feb 10 12:34:05 freeswan pluto[4689]: |   6a da 84 d1  31 0e 5c 40  fd 73 35 cc  2d 21 ff 6b
Feb 10 12:34:05 freeswan pluto[4689]: |   e4 8b cf c0  aa ce 99 d7  09 41 d5 26  ef 6b 37 9c
Feb 10 12:34:05 freeswan pluto[4689]: |   6e 7b b7 8b  e4 ab dd 2b  5d f4 d4 93  31 60 75 35
Feb 10 12:34:05 freeswan pluto[4689]: |   8d 7a 61 1b  63 13 22 30  c8 ea 0d 51  eb f5 dc 99
Feb 10 12:34:05 freeswan pluto[4689]: |   5d 6c 3d 61  7e c3 b3 e6  5f 37 cd 87  c9 59 35 d3
Feb 10 12:34:05 freeswan pluto[4689]: |   48 cd 69 e1  89 bd 1c 29  b4 9c 2e 8c  d7 7d 89 98
Feb 10 12:34:05 freeswan pluto[4689]: |   78 01 e3 25  85 6b 82 f8  a5 4b 96 fa  af 35 c8 89
Feb 10 12:34:05 freeswan pluto[4689]: |   19 e6 16 1f  5c 23 4f 8e  dc 63 d0 f3  05 d9 ea 12
Feb 10 12:34:05 freeswan pluto[4689]: |   37 30 9d 41
Feb 10 12:34:05 freeswan pluto[4689]: | **parse ISAKMP Message:
Feb 10 12:34:05 freeswan pluto[4689]: |    initiator cookie:
Feb 10 12:34:05 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32
Feb 10 12:34:05 freeswan pluto[4689]: |    responder cookie:
Feb 10 12:34:05 freeswan pluto[4689]: |   eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:05 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:05 freeswan pluto[4689]: |    ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:05 freeswan pluto[4689]: |    exchange type: ISAKMP_XCHG_QUICK
Feb 10 12:34:05 freeswan pluto[4689]: |    flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:05 freeswan pluto[4689]: |    message ID:  e0 77 0e 12
Feb 10 12:34:05 freeswan pluto[4689]: |    length: 164
Feb 10 12:34:05 freeswan pluto[4689]: | ICOOKIE:  15 08 68 f7  3f 64 b1 32
Feb 10 12:34:05 freeswan pluto[4689]: | RCOOKIE:  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:05 freeswan pluto[4689]: | peer:  c0 a8 02 02
Feb 10 12:34:05 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:05 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid e0770e12 vs d8191da2
Feb 10 12:34:05 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid e0770e12 vs 00000000
Feb 10 12:34:05 freeswan pluto[4689]: | state object not found
Feb 10 12:34:05 freeswan pluto[4689]: | ICOOKIE:  15 08 68 f7  3f 64 b1 32
Feb 10 12:34:05 freeswan pluto[4689]: | RCOOKIE:  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:05 freeswan pluto[4689]: | peer:  c0 a8 02 02
Feb 10 12:34:05 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:05 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid 00000000 vs d8191da2
Feb 10 12:34:05 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Feb 10 12:34:05 freeswan pluto[4689]: | state object #1 found, in STATE_MAIN_R3
Feb 10 12:34:05 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x120e77e0 (perhaps this is a duplicated packet)
Feb 10 12:34:05 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.2.2:500
Feb 10 12:34:05 freeswan pluto[4689]: | **emit ISAKMP Message:
Feb 10 12:34:05 freeswan pluto[4689]: |    initiator cookie:
Feb 10 12:34:05 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32
Feb 10 12:34:05 freeswan pluto[4689]: |    responder cookie:
Feb 10 12:34:05 freeswan pluto[4689]: |   eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:05 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:05 freeswan pluto[4689]: |    ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:05 freeswan pluto[4689]: |    exchange type: ISAKMP_XCHG_INFO
Feb 10 12:34:05 freeswan pluto[4689]: |    flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:05 freeswan pluto[4689]: |    message ID:  ca 82 81 2d
Feb 10 12:34:05 freeswan pluto[4689]: | ***emit ISAKMP Hash Payload:
Feb 10 12:34:05 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_N
Feb 10 12:34:05 freeswan pluto[4689]: | emitting 20 zero bytes of HASH(1) into ISAKMP Hash Payload
Feb 10 12:34:05 freeswan pluto[4689]: | emitting length of ISAKMP Hash Payload: 24
Feb 10 12:34:05 freeswan pluto[4689]: | ***emit ISAKMP Notification Payload:
Feb 10 12:34:05 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_NONE
Feb 10 12:34:05 freeswan pluto[4689]: |    DOI: ISAKMP_DOI_IPSEC
Feb 10 12:34:05 freeswan pluto[4689]: |    protocol ID: 1
Feb 10 12:34:05 freeswan pluto[4689]: |    SPI size: 0
Feb 10 12:34:05 freeswan pluto[4689]: |    Notify Message Type: INVALID_MESSAGE_ID
Feb 10 12:34:05 freeswan pluto[4689]: | emitting 0 raw bytes of spi into ISAKMP Notification Payload
Feb 10 12:34:05 freeswan pluto[4689]: | spi
Feb 10 12:34:05 freeswan pluto[4689]: | emitting length of ISAKMP Notification Payload: 12
Feb 10 12:34:05 freeswan pluto[4689]: | HASH(1) computed:
Feb 10 12:34:05 freeswan pluto[4689]: |   1b da 29 2e  38 9f 34 30  81 01 dc 3b  d0 89 75 6e
Feb 10 12:34:05 freeswan pluto[4689]: |   4c 91 d6 2e
Feb 10 12:34:05 freeswan pluto[4689]: | last Phase 1 IV:  45 d1 28 b2  42 55 80 05
Feb 10 12:34:05 freeswan pluto[4689]: | last Phase 1 IV:  45 d1 28 b2  42 55 80 05
Feb 10 12:34:05 freeswan pluto[4689]: | computed Phase 2 IV:
Feb 10 12:34:05 freeswan pluto[4689]: |   1d 08 cb d9  39 0c 7d d2  5a 79 4a 53  a4 33 ca d1
Feb 10 12:34:05 freeswan pluto[4689]: |   37 ed 47 7b
Feb 10 12:34:05 freeswan pluto[4689]: | encrypting:
Feb 10 12:34:05 freeswan pluto[4689]: |   0b 00 00 18  1b da 29 2e  38 9f 34 30  81 01 dc 3b
Feb 10 12:34:05 freeswan pluto[4689]: |   d0 89 75 6e  4c 91 d6 2e  00 00 00 0c  00 00 00 01
Feb 10 12:34:05 freeswan pluto[4689]: |   01 00 00 09
Feb 10 12:34:05 freeswan pluto[4689]: | emitting 4 zero bytes of encryption padding into ISAKMP Message
Feb 10 12:34:05 freeswan pluto[4689]: | encrypting using OAKLEY_3DES_CBC
Feb 10 12:34:05 freeswan pluto[4689]: | next IV:  08 3c 22 4e  e8 34 27 77
Feb 10 12:34:05 freeswan pluto[4689]: | emitting length of ISAKMP Message: 68
Feb 10 12:34:05 freeswan pluto[4689]: | sending 68 bytes for notification packet through eth1 to 192.168.2.2:500:
Feb 10 12:34:05 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:05 freeswan pluto[4689]: |   08 10 05 01  ca 82 81 2d  00 00 00 44  29 3b 81 17
Feb 10 12:34:05 freeswan pluto[4689]: |   a7 b6 2e e0  cc fc f6 6e  d7 9b 88 5a  d1 84 ad 01
Feb 10 12:34:05 freeswan pluto[4689]: |   08 d7 b5 04  54 8c 90 53  27 c6 f0 87  08 3c 22 4e
Feb 10 12:34:05 freeswan pluto[4689]: |   e8 34 27 77
Feb 10 12:34:05 freeswan pluto[4689]: | next event EVENT_SHUNT_SCAN in 18 seconds
Feb 10 12:34:09 freeswan pluto[4689]: |  
Feb 10 12:34:09 freeswan pluto[4689]: | *received 164 bytes from 192.168.2.2:500 on eth1
Feb 10 12:34:09 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:09 freeswan pluto[4689]: |   08 10 20 01  e0 77 0e 12  00 00 00 a4  79 db 45 bf
Feb 10 12:34:09 freeswan pluto[4689]: |   6a da 84 d1  31 0e 5c 40  fd 73 35 cc  2d 21 ff 6b
Feb 10 12:34:09 freeswan pluto[4689]: |   e4 8b cf c0  aa ce 99 d7  09 41 d5 26  ef 6b 37 9c
Feb 10 12:34:09 freeswan pluto[4689]: |   6e 7b b7 8b  e4 ab dd 2b  5d f4 d4 93  31 60 75 35
Feb 10 12:34:09 freeswan pluto[4689]: |   8d 7a 61 1b  63 13 22 30  c8 ea 0d 51  eb f5 dc 99
Feb 10 12:34:09 freeswan pluto[4689]: |   5d 6c 3d 61  7e c3 b3 e6  5f 37 cd 87  c9 59 35 d3
Feb 10 12:34:09 freeswan pluto[4689]: |   48 cd 69 e1  89 bd 1c 29  b4 9c 2e 8c  d7 7d 89 98
Feb 10 12:34:09 freeswan pluto[4689]: |   78 01 e3 25  85 6b 82 f8  a5 4b 96 fa  af 35 c8 89
Feb 10 12:34:09 freeswan pluto[4689]: |   19 e6 16 1f  5c 23 4f 8e  dc 63 d0 f3  05 d9 ea 12
Feb 10 12:34:09 freeswan pluto[4689]: |   37 30 9d 41
Feb 10 12:34:09 freeswan pluto[4689]: | **parse ISAKMP Message:
Feb 10 12:34:09 freeswan pluto[4689]: |    initiator cookie:
Feb 10 12:34:09 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32
Feb 10 12:34:09 freeswan pluto[4689]: |    responder cookie:
Feb 10 12:34:09 freeswan pluto[4689]: |   eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:09 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:09 freeswan pluto[4689]: |    ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:10 freeswan pluto[4689]: |    exchange type: ISAKMP_XCHG_QUICK
Feb 10 12:34:10 freeswan pluto[4689]: |    flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:10 freeswan pluto[4689]: |    message ID:  e0 77 0e 12
Feb 10 12:34:10 freeswan pluto[4689]: |    length: 164
Feb 10 12:34:10 freeswan pluto[4689]: | ICOOKIE:  15 08 68 f7  3f 64 b1 32
Feb 10 12:34:10 freeswan pluto[4689]: | RCOOKIE:  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:10 freeswan pluto[4689]: | peer:  c0 a8 02 02
Feb 10 12:34:10 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:10 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid e0770e12 vs d8191da2
Feb 10 12:34:10 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid e0770e12 vs 00000000
Feb 10 12:34:10 freeswan pluto[4689]: | state object not found
Feb 10 12:34:10 freeswan pluto[4689]: | ICOOKIE:  15 08 68 f7  3f 64 b1 32
Feb 10 12:34:10 freeswan pluto[4689]: | RCOOKIE:  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:10 freeswan pluto[4689]: | peer:  c0 a8 02 02
Feb 10 12:34:10 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:10 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid 00000000 vs d8191da2
Feb 10 12:34:10 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Feb 10 12:34:10 freeswan pluto[4689]: | state object #1 found, in STATE_MAIN_R3
Feb 10 12:34:10 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x120e77e0 (perhaps this is a duplicated packet)
Feb 10 12:34:10 freeswan pluto[4689]: "L2TP-PSK-orgWIN2KXP"[2] 192.168.2.2 #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.2.2:500
Feb 10 12:34:10 freeswan pluto[4689]: | **emit ISAKMP Message:
Feb 10 12:34:10 freeswan pluto[4689]: |    initiator cookie:
Feb 10 12:34:10 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32
Feb 10 12:34:10 freeswan pluto[4689]: |    responder cookie:
Feb 10 12:34:10 freeswan pluto[4689]: |   eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:10 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:10 freeswan pluto[4689]: |    ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:10 freeswan pluto[4689]: |    exchange type: ISAKMP_XCHG_INFO
Feb 10 12:34:10 freeswan pluto[4689]: |    flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:10 freeswan pluto[4689]: |    message ID:  03 1a d9 bc
Feb 10 12:34:10 freeswan pluto[4689]: | ***emit ISAKMP Hash Payload:
Feb 10 12:34:10 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_N
Feb 10 12:34:10 freeswan pluto[4689]: | emitting 20 zero bytes of HASH(1) into ISAKMP Hash Payload
Feb 10 12:34:10 freeswan pluto[4689]: | emitting length of ISAKMP Hash Payload: 24
Feb 10 12:34:10 freeswan pluto[4689]: | ***emit ISAKMP Notification Payload:
Feb 10 12:34:10 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_NONE
Feb 10 12:34:10 freeswan pluto[4689]: |    DOI: ISAKMP_DOI_IPSEC
Feb 10 12:34:10 freeswan pluto[4689]: |    protocol ID: 1
Feb 10 12:34:10 freeswan pluto[4689]: |    SPI size: 0
Feb 10 12:34:10 freeswan pluto[4689]: |    Notify Message Type: INVALID_MESSAGE_ID
Feb 10 12:34:10 freeswan pluto[4689]: | emitting 0 raw bytes of spi into ISAKMP Notification Payload
Feb 10 12:34:10 freeswan pluto[4689]: | spi
Feb 10 12:34:10 freeswan pluto[4689]: | emitting length of ISAKMP Notification Payload: 12
Feb 10 12:34:10 freeswan pluto[4689]: | HASH(1) computed:
Feb 10 12:34:10 freeswan pluto[4689]: |   a9 e2 aa 27  9f c2 c7 53  ba df 2e 41  02 82 d6 39
Feb 10 12:34:10 freeswan pluto[4689]: |   5f c6 27 ea
Feb 10 12:34:10 freeswan pluto[4689]: | last Phase 1 IV:  45 d1 28 b2  42 55 80 05
Feb 10 12:34:10 freeswan pluto[4689]: | last Phase 1 IV:  45 d1 28 b2  42 55 80 05
Feb 10 12:34:10 freeswan pluto[4689]: | computed Phase 2 IV:
Feb 10 12:34:10 freeswan pluto[4689]: |   6b 3c 1f 53  81 18 d5 a0  aa 9a 96 88  d0 9d 5d 79
Feb 10 12:34:10 freeswan pluto[4689]: |   0d 78 ac 54
Feb 10 12:34:10 freeswan pluto[4689]: | encrypting:
Feb 10 12:34:10 freeswan pluto[4689]: |   0b 00 00 18  a9 e2 aa 27  9f c2 c7 53  ba df 2e 41
Feb 10 12:34:10 freeswan pluto[4689]: |   02 82 d6 39  5f c6 27 ea  00 00 00 0c  00 00 00 01
Feb 10 12:34:10 freeswan pluto[4689]: |   01 00 00 09
Feb 10 12:34:10 freeswan pluto[4689]: | emitting 4 zero bytes of encryption padding into ISAKMP Message
Feb 10 12:34:10 freeswan pluto[4689]: | encrypting using OAKLEY_3DES_CBC
Feb 10 12:34:10 freeswan pluto[4689]: | next IV:  66 60 34 63  f3 f7 57 87
Feb 10 12:34:10 freeswan pluto[4689]: | emitting length of ISAKMP Message: 68
Feb 10 12:34:10 freeswan pluto[4689]: | sending 68 bytes for notification packet through eth1 to 192.168.2.2:500:
Feb 10 12:34:10 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:10 freeswan pluto[4689]: |   08 10 05 01  03 1a d9 bc  00 00 00 44  cc f8 cc 04
Feb 10 12:34:10 freeswan pluto[4689]: |   6c 87 87 18  08 d4 49 07  b2 89 1f 43  b5 6f d4 30
Feb 10 12:34:10 freeswan pluto[4689]: |   10 d2 6b 8b  e8 cc d1 bd  df 09 3f 7f  66 60 34 63
Feb 10 12:34:10 freeswan pluto[4689]: |   f3 f7 57 87
Feb 10 12:34:10 freeswan pluto[4689]: | next event EVENT_SHUNT_SCAN in 13 seconds
Feb 10 12:34:17 freeswan pluto[4689]: |  
Feb 10 12:34:17 freeswan pluto[4689]: | *received 164 bytes from 192.168.2.2:500 on eth1
Feb 10 12:34:17 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:17 freeswan pluto[4689]: |   08 10 20 01  e0 77 0e 12  00 00 00 a4  79 db 45 bf
Feb 10 12:34:17 freeswan pluto[4689]: |   6a da 84 d1  31 0e 5c 40  fd 73 35 cc  2d 21 ff 6b
Feb 10 12:34:17 freeswan pluto[4689]: |   e4 8b cf c0  aa ce 99 d7  09 41 d5 26  ef 6b 37 9c
Feb 10 12:34:17 freeswan pluto[4689]: |   6e 7b b7 8b  e4 ab dd 2b  5d f4 d4 93  31 60 75 35
Feb 10 12:34:17 freeswan pluto[4689]: |   8d 7a 61 1b  63 13 22 30  c8 ea 0d 51  eb f5 dc 99
Feb 10 12:34:17 freeswan pluto[4689]: |   5d 6c 3d 61  7e c3 b3 e6  5f 37 cd 87  c9 59 35 d3
Feb 10 12:34:17 freeswan pluto[4689]: |   48 cd 69 e1  89 bd 1c 29  b4 9c 2e 8c  d7 7d 89 98
Feb 10 12:34:17 freeswan pluto[4689]: |   78 01 e3 25  85 6b 82 f8  a5 4b 96 fa  af 35 c8 89
Feb 10 12:34:17 freeswan pluto[4689]: |   19 e6 16 1f  5c 23 4f 8e  dc 63 d0 f3  05 d9 ea 12
Feb 10 12:34:17 freeswan pluto[4689]: |   37 30 9d 41
Feb 10 12:34:17 freeswan pluto[4689]: | **parse ISAKMP Message:
Feb 10 12:34:17 freeswan pluto[4689]: |    initiator cookie:
Feb 10 12:34:17 freeswan pluto[4689]: |   15 08 68 f7  3f 64 b1 32
Feb 10 12:34:17 freeswan pluto[4689]: |    responder cookie:
Feb 10 12:34:17 freeswan pluto[4689]: |   eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:17 freeswan pluto[4689]: |    next payload type: ISAKMP_NEXT_HASH
Feb 10 12:34:17 freeswan pluto[4689]: |    ISAKMP version: ISAKMP Version 1.0
Feb 10 12:34:17 freeswan pluto[4689]: |    exchange type: ISAKMP_XCHG_QUICK
Feb 10 12:34:17 freeswan pluto[4689]: |    flags: ISAKMP_FLAG_ENCRYPTION
Feb 10 12:34:17 freeswan pluto[4689]: |    message ID:  e0 77 0e 12
Feb 10 12:34:17 freeswan pluto[4689]: |    length: 164
Feb 10 12:34:17 freeswan pluto[4689]: | ICOOKIE:  15 08 68 f7  3f 64 b1 32
Feb 10 12:34:17 freeswan pluto[4689]: | RCOOKIE:  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:17 freeswan pluto[4689]: | peer:  c0 a8 02 02
Feb 10 12:34:17 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:17 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid e0770e12 vs d8191da2
Feb 10 12:34:17 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid e0770e12 vs 00000000
Feb 10 12:34:17 freeswan pluto[4689]: | state object not found
Feb 10 12:34:17 freeswan pluto[4689]: | ICOOKIE:  15 08 68 f7  3f 64 b1 32
Feb 10 12:34:17 freeswan pluto[4689]: | RCOOKIE:  eb cf c9 8e  b6 f8 0f e7
Feb 10 12:34:17 freeswan pluto[4689]: | peer:  c0 a8 02 02
Feb 10 12:34:17 freeswan pluto[4689]: | state hash entry 31
Feb 10 12:34:17 freeswan pluto[4689]: | peer and cookies match on #2, provided msgid 00000000 vs d8191da2
Feb 10 12:34:17 freeswan pluto[4689]: | peer and cookies match on #1, provided msgid 00000000 vs 00000000
Feb 10 12:34:18 freeswan pluto[4689]: | state object #1 found, in STATE_MAIN_R3














______________________________________________________________
Verschicken Sie romantische, coole und witzige Bilder per SMS!
Jetzt bei WEB.DE FreeMail: http://f.web.de/?mc=021193



More information about the Users mailing list