[Openswan Users] Openswan in one single direction
sila
sila at network-city.it
Mon Nov 28 17:44:28 CET 2005
I have sent this problem but having found solution I still do not ask aid
I have 2 tunnel , one tunnel is a winxp <---> linuxbox --office lan
two tunnel is a home lan linksys <---> linuxbox --office lan
The 2 connections are up and running.
The problem is simply, from lan office i can see all, ping or netbios request
or http request in the home lan or winxp client.
The home lan or wixp client can't see office lan.
the http request or the netbios request don't work.
This is my barf
Vpn
Mon Nov 28 17:26:59 CET 2005
+ _________________________ version
+ ipsec --version
Linux Openswan 2.4.5dr3 (klips)
See `ipsec --copyright' for copyright information.
+ _________________________ /proc/version
+ cat /proc/version
Linux version 2.4.31 (root at Vpn) (gcc version 3.3.6) #10 Mon Nov 28 12:24:40
CET 2005
+ _________________________ /proc/net/ipsec_eroute
+ test -r /proc/net/ipsec_eroute
+ sort -sg +3 /proc/net/ipsec_eroute
39 81.174.16.70/32:1701 -> 81.174.16.69/32:1701 =>
esp0xc2db9479 at 81.174.16.69:17
0 192.168.0.0/24 -> 192.168.1.0/24 => %trap
+ _________________________ netstat-rn
+ netstat -nr
+ head -n 100
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.245 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
81.174.16.69 0.0.0.0 255.255.255.255 UH 0 0 0
ipsec0
81.174.16.64 0.0.0.0 255.255.255.248 U 0 0 0 eth1
81.174.16.64 0.0.0.0 255.255.255.248 U 0 0 0
ipsec0
192.168.1.0 81.174.16.65 255.255.255.0 UG 0 0 0
ipsec0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 81.174.16.65 0.0.0.0 UG 0 0 0 eth1
+ _________________________ /proc/net/ipsec_spi
+ test -r /proc/net/ipsec_spi
+ cat /proc/net/ipsec_spi
esp0xc2db9479 at 81.174.16.69 ESP_3DES_HMAC_MD5: dir=out src=81.174.16.70
iv_bits=64bits iv=0x765d36272ebb6ac0 ooowin=64 seq=39 alen=128 aklen=128
eklen=192 life(c,s,h)=bytes(4416,0,0)addtime(188,0,0)usetime(185,0,0)packets
(39,0,0) idle=3 natencap=na refcount=42 ref=92
esp0xc035149b at 81.174.16.70 ESP_3DES_HMAC_MD5: dir=in src=81.174.16.69
iv_bits=64bits iv=0x3b619efdf850f9d9 ooowin=64 seq=57 bit=0x1ffffffffffffff
alen=128 aklen=128 eklen=192 life(c,s,h)=bytes(5398,0,0)addtime(188,0,0)
usetime(188,0,0)packets(57,0,0) idle=3 natencap=na refcount=60 ref=91
+ _________________________ /proc/net/ipsec_spigrp
+ test -r /proc/net/ipsec_spigrp
+ cat /proc/net/ipsec_spigrp
esp0xc2db9479 at 81.174.16.69
esp0xc035149b at 81.174.16.70
+ _________________________ /proc/net/ipsec_tncfg
+ test -r /proc/net/ipsec_tncfg
+ cat /proc/net/ipsec_tncfg
ipsec0 -> eth1 mtu=16260(1500) -> 1500
ipsec1 -> NULL mtu=0(0) -> 0
ipsec2 -> NULL mtu=0(0) -> 0
ipsec3 -> NULL mtu=0(0) -> 0
+ _________________________ /proc/net/pfkey
+ test -r /proc/net/pfkey
+ _________________________ /proc/sys/net/ipsec-star
+ test -d /proc/sys/net/ipsec
+ cd /proc/sys/net/ipsec
+ egrep '^' debug_ah debug_eroute debug_esp debug_ipcomp debug_netlink
debug_pfkey debug_radij debug_rcv debug_spi debug_tunnel debug_verbose
debug_xform icmp inbound_policy_check pfkey_lossage tos
debug_ah:0
debug_eroute:0
debug_esp:0
debug_ipcomp:0
debug_netlink:0
debug_pfkey:0
debug_radij:0
debug_rcv:0
debug_spi:0
debug_tunnel:0
debug_verbose:0
debug_xform:0
icmp:1
inbound_policy_check:1
pfkey_lossage:0
tos:1
+ _________________________ ipsec/status
+ ipsec auto --status
000 interface ipsec0/eth1 81.174.16.70
000 interface ipsec0/eth1 81.174.16.70
000 %myid = (none)
000 debug none
000
000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=64, keysizemin=192,
keysizemax=192
000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=128, keysizemin=128,
keysizemax=256
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5,
keysizemin=128, keysizemax=128
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1,
keysizemin=160, keysizemax=160
000
000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8,
keydeflen=192
000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16,
keydeflen=128
000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16
000 algorithm IKE hash: id=2, name=OAKLEY_SHA1, hashsize=20
000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024
000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536
000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048
000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072
000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096
000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144
000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192
000
000 stats db_ops.c: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans=
{0,0,0} attrs={0,0,0}
000
000 "medimatica-linksys": 192.168.0.0/24===81.174.16.70---
81.174.16.65...81.174.16.65---%any===192.168.1.0/24; prospective erouted;
eroute owner: #0
000 "medimatica-linksys": srcip=unset; dstip=unset; srcup=ipsec _updown;
dstup=ipsec _updown;
000 "medimatica-linksys": ike_life: 14400s; ipsec_life: 3600s;
rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0
000 "medimatica-linksys": policy: PSK+ENCRYPT+TUNNEL+PFS; prio: 24,24;
interface: eth1;
000 "medimatica-linksys": newest ISAKMP SA: #0; newest IPsec SA: #0;
000 "medimatica-winxp": 81.174.16.70:17/1701...%any:17/1701; unrouted; eroute
owner: #0
000 "medimatica-winxp": srcip=unset; dstip=unset; srcup=ipsec _updown;
dstup=ipsec _updown;
000 "medimatica-winxp": ike_life: 3600s; ipsec_life: 28800s; rekey_margin:
540s; rekey_fuzz: 100%; keyingtries: 0
000 "medimatica-winxp": policy: PSK+ENCRYPT+TUNNEL; prio: 32,32; interface:
eth1;
000 "medimatica-winxp": newest ISAKMP SA: #0; newest IPsec SA: #0;
000 "medimatica-winxp"[4]: 81.174.16.70:17/1701...81.174.16.69:17/1701;
erouted; eroute owner: #8
000 "medimatica-winxp"[4]: srcip=unset; dstip=unset; srcup=ipsec _updown;
dstup=ipsec _updown;
000 "medimatica-winxp"[4]: ike_life: 3600s; ipsec_life: 28800s;
rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0
000 "medimatica-winxp"[4]: policy: PSK+ENCRYPT+TUNNEL; prio: 32,32;
interface: eth1;
000 "medimatica-winxp"[4]: newest ISAKMP SA: #7; newest IPsec SA: #8;
000 "medimatica-winxp"[4]: IKE algorithm newest: 3DES_CBC_192-SHA1-MODP2048
000
000 #8: "medimatica-winxp"[4] 81.174.16.69:500 STATE_QUICK_R2 (IPsec SA
established); EVENT_SA_REPLACE in 3142s; newest IPSEC; eroute owner
000 #8: "medimatica-winxp"[4] 81.174.16.69 used 46s ago;
esp.c2db9479 at 81.174.16.69 esp.c035149b at 81.174.16.70
000 #7: "medimatica-winxp"[4] 81.174.16.69:500 STATE_MAIN_R3 (sent MR3,
ISAKMP SA established); EVENT_SA_REPLACE in 3142s; newest ISAKMP; nodpd
000
+ _________________________ ifconfig-a
+ ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:02:55:B7:FA:37
inet addr:192.168.0.101 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:951 errors:0 dropped:0 overruns:0 frame:0
TX packets:281 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:180596 (176.3 Kb) TX bytes:49238 (48.0 Kb)
Interrupt:7
eth1 Link encap:Ethernet HWaddr 00:02:55:B7:FA:38
inet addr:81.174.16.70 Bcast:81.174.16.71 Mask:255.255.255.248
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1299 errors:0 dropped:0 overruns:0 frame:0
TX packets:364 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:154843 (151.2 Kb) TX bytes:49443 (48.2 Kb)
Interrupt:5
ipsec0 Link encap:Ethernet HWaddr 00:02:55:B7:FA:38
inet addr:81.174.16.70 Mask:255.255.255.248
UP RUNNING NOARP MTU:16260 Metric:1
RX packets:360 errors:0 dropped:6 overruns:0 frame:0
TX packets:300 errors:0 dropped:118 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:37526 (36.6 Kb) TX bytes:68576 (66.9 Kb)
ipsec1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-
00-00
NOARP MTU:0 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ipsec2 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-
00-00
NOARP MTU:0 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ipsec3 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-
00-00
NOARP MTU:0 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:102 errors:0 dropped:0 overruns:0 frame:0
TX packets:102 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:39180 (38.2 Kb) TX bytes:39180 (38.2 Kb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:192.168.0.254 P-t-P:192.168.0.245 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1376 Metric:1
RX packets:31 errors:0 dropped:0 overruns:0 frame:0
TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:3778 (3.6 Kb) TX bytes:1333 (1.3 Kb)
+ _________________________ ip-addr-list
+ ip addr list
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:55:b7:fa:37 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.101/24 brd 192.168.0.255 scope global eth0
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:55:b7:fa:38 brd ff:ff:ff:ff:ff:ff
inet 81.174.16.70/29 brd 81.174.16.71 scope global eth1
4: ipsec0: <NOARP,UP> mtu 16260 qdisc pfifo_fast qlen 10
link/ether 00:02:55:b7:fa:38 brd ff:ff:ff:ff:ff:ff
inet 81.174.16.70/29 brd 81.174.16.71 scope global ipsec0
5: ipsec1: <NOARP> mtu 0 qdisc noop qlen 10
link/void
6: ipsec2: <NOARP> mtu 0 qdisc noop qlen 10
link/void
7: ipsec3: <NOARP> mtu 0 qdisc noop qlen 10
link/void
12: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1376 qdisc pfifo_fast qlen 3
link/ppp
inet 192.168.0.254 peer 192.168.0.245/32 scope global ppp0
+ _________________________ ip-route-list
+ ip route list
192.168.0.245 dev ppp0 proto kernel scope link src 192.168.0.254
81.174.16.69 dev ipsec0 scope link
81.174.16.64/29 dev eth1 proto kernel scope link src 81.174.16.70
81.174.16.64/29 dev ipsec0 proto kernel scope link src 81.174.16.70
192.168.1.0/24 via 81.174.16.65 dev ipsec0
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.101
127.0.0.0/8 dev lo scope link
default via 81.174.16.65 dev eth1 metric 1
+ _________________________ ip-rule-list
+ ip rule list
RTNETLINK answers: Invalid argument
Dump terminated
+ _________________________ ipsec_verify
+ ipsec verify --nocolour
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan 2.4.5dr3 (klips)
Checking for IPsec support in kernel [OK]
KLIPS detected, checking for NAT Traversal support [FAILED]
Checking for RSA private key (/etc/ipsec.secrets) [DISABLED]
ipsec showhostkey: no default key in "/etc/ipsec.secrets"
Checking that pluto is running [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing [OK]
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support [DISABLED]
+ _________________________ mii-tool
+ '[' -x /sbin/mii-tool ']'
+ /sbin/mii-tool -v
eth0: negotiated 100baseTx-FD, link ok
product info: vendor 00:08:18, model 22 rev 2
basic mode: autonegotiation enabled
basic status: autonegotiation complete, link ok
capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
eth1: negotiated 100baseTx-FD, link ok
product info: vendor 00:08:18, model 22 rev 2
basic mode: autonegotiation enabled
basic status: autonegotiation complete, link ok
capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
+ _________________________ ipsec/directory
+ ipsec --directory
/usr/local/lib/ipsec
+ _________________________ hostname/fqdn
+ hostname --fqdn
Vpn.medimatica.com
+ _________________________ hostname/ipaddress
+ hostname --ip-address
81.174.16.70
+ _________________________ uptime
+ uptime
17:26:59 up 32 min, 1 user, load average: 0.00, 0.01, 0.00
+ _________________________ ps
+ ps alxwf
+ egrep -i 'ppid|pluto|ipsec|klips'
F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND
0 0 1683 282 16 0 2380 1304 wait4 S+ tty1 0:00
\_ /bin/sh /usr/local/libexec/ipsec/barf
1 0 1753 1683 15 0 2380 1304 - R+ tty1 0:00
\_ /bin/sh /usr/local/libexec/ipsec/barf
1 0 1305 1 9 0 2016 1060 wait4 S tty1
0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug none --uniqueids yes --
nocrsend --strictcrlpolicy --nat_traversal yes --keep_alive --protostack
auto --force_keepalive --disable_port_floating --virtual_private --
crlcheckinterval 0 --ocspuri --nhelpers --dump --opts --stderrlog --wait
no --pre --post --log daemon.error --pid /var/run/pluto/pluto.pid
1 0 1309 1305 9 0 2016 1068 wait4 S tty1 0:00
\_ /bin/sh /usr/local/lib/ipsec/_plutorun --debug none --uniqueids yes --
nocrsend --strictcrlpolicy --nat_traversal yes --keep_alive --protostack
auto --force_keepalive --disable_port_floating --virtual_private --
crlcheckinterval 0 --ocspuri --nhelpers --dump --opts --stderrlog --wait
no --pre --post --log daemon.error --pid /var/run/pluto/pluto.pid
4 0 1316 1309 8 0 2400 1280 select S tty1 0:00 |
\_ /usr/local/libexec/ipsec/pluto --nofork --secretsfile /etc/ipsec.secrets --
ipsecdir /etc/ipsec.d --debug-none --use-auto --uniqueids --nat_traversal
1 0 1318 1316 15 10 2332 864 unix_s SN tty1 0:00 |
\_ pluto helper #
0
0 0 1322 1316 9 0 1316 264 select S tty1 0:00 |
\_ _pluto_adns
0 0 1310 1305 8 0 1988 1028 pipe_w S tty1 0:00
\_ /bin/sh /usr/local/lib/ipsec/_plutoload --wait no --post
0 0 1306 1 9 0 1376 480 pipe_w S tty1 0:00 logger -
s -p daemon.error -t ipsec__plutorun
+ _________________________ ipsec/showdefaults
+ ipsec showdefaults
routephys=eth1
routevirt=ipsec0
routeaddr=81.174.16.70
routenexthop=81.174.16.65
+ _________________________ ipsec/conf
+ ipsec _include /etc/ipsec.conf
+ ipsec _keycensor
#< /etc/ipsec.conf 1
version 2.0
config setup
interfaces=%defaultroute
forwardcontrol=yes
klipsdebug=none
plutodebug=none
nat_traversal=yes
conn medimatica-winxp
authby=secret
disablearrivalcheck=no
pfs=no
left=81.174.16.70
leftprotoport=17/1701
right=%any
rightprotoport=17/1701
compress=no
auto=start
conn medimatica-linksys
authby=secret
pfs=yes
left=81.174.16.70
leftsubnet=192.168.0.0/24
leftnexthop=%defaultroute
right=%any
rightsubnet=192.168.1.0/24
rightnexthop=%defaultroute
keyexchange=ike
ikelifetime=240m
keylife=60m
compress=no
auto=start
conn OEself
auto=ignore
conn clear
auto=ignore
conn private
auto=ignore
conn private-or-clear
auto=ignore
conn clear-or-private
auto=ignore
conn block
auto=ignore
conn packetdefault
auto=ignore
+ _________________________ ipsec/secrets
+ ipsec _include /etc/ipsec.secrets
+ ipsec _secretcensor
#< /etc/ipsec.secrets 1
81.174.16.70 %any : PSK "[sums to 42db...]"
81.174.16.70 82.55.68.162 : PSK "[sums to 42db...]"
+ _________________________ ipsec/listall
+ ipsec auto --listall
000
000 List of Public Keys:
000
+ '[' /etc/ipsec.d/policies ']'
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/block
+ base=block
+ _________________________ ipsec/policies/block
+ cat /etc/ipsec.d/policies/block
# This file defines the set of CIDRs (network/mask-length) to which
# communication should never be allowed.
#
# See /usr/local/share/doc/openswan/policygroups.html for details.
#
# $Id: block.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/clear
+ base=clear
+ _________________________ ipsec/policies/clear
+ cat /etc/ipsec.d/policies/clear
# This file defines the set of CIDRs (network/mask-length) to which
# communication should always be in the clear.
#
# See /usr/local/share/doc/openswan/policygroups.html for details.
#
# $Id: clear.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/clear-or-private
+ base=clear-or-private
+ _________________________ ipsec/policies/clear-or-private
+ cat /etc/ipsec.d/policies/clear-or-private
# This file defines the set of CIDRs (network/mask-length) to which
# we will communicate in the clear, or, if the other side initiates IPSEC,
# using encryption. This behaviour is also called "Opportunistic Responder".
#
# See /usr/local/share/doc/openswan/policygroups.html for details.
#
# $Id: clear-or-private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/private
+ base=private
+ _________________________ ipsec/policies/private
+ cat /etc/ipsec.d/policies/private
# This file defines the set of CIDRs (network/mask-length) to which
# communication should always be private (i.e. encrypted).
# See /usr/local/share/doc/openswan/policygroups.html for details.
#
# $Id: private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/private-or-clear
+ base=private-or-clear
+ _________________________ ipsec/policies/private-or-clear
+ cat /etc/ipsec.d/policies/private-or-clear
# This file defines the set of CIDRs (network/mask-length) to which
# communication should be private, if possible, but in the clear otherwise.
#
# If the target has a TXT (later IPSECKEY) record that specifies
# authentication material, we will require private (i.e. encrypted)
# communications. If no such record is found, communications will be
# in the clear.
#
# See /usr/local/share/doc/openswan/policygroups.html for details.
#
# $Id: private-or-clear.in,v 1.5 2003/02/17 02:22:15 mcr Exp $
#
0.0.0.0/0
+ _________________________ ipsec/ls-libdir
+ ls -l /usr/local/lib/ipsec
total 300
-rwxr-xr-x 1 root root 15535 Nov 28 16:33 _confread
-rwxr-xr-x 1 root root 15535 Nov 24 11:03 _confread.old
-rwxr-xr-x 1 root root 51123 Nov 28 16:33 _copyright
-rwxr-xr-x 1 root root 51123 Nov 24 11:03 _copyright.old
-rwxr-xr-x 1 root root 2379 Nov 28 16:33 _include
-rwxr-xr-x 1 root root 2379 Nov 24 11:03 _include.old
-rwxr-xr-x 1 root root 1475 Nov 28 16:33 _keycensor
-rwxr-xr-x 1 root root 1475 Nov 24 11:03 _keycensor.old
-rwxr-xr-x 1 root root 3586 Nov 28 16:33 _plutoload
-rwxr-xr-x 1 root root 3586 Nov 24 11:03 _plutoload.old
-rwxr-xr-x 1 root root 7443 Nov 28 16:33 _plutorun
-rwxr-xr-x 1 root root 7443 Nov 24 11:03 _plutorun.old
-rwxr-xr-x 1 root root 12275 Nov 28 16:33 _realsetup
-rwxr-xr-x 1 root root 12275 Nov 24 11:03 _realsetup.old
-rwxr-xr-x 1 root root 1975 Nov 28 16:33 _secretcensor
-rwxr-xr-x 1 root root 1975 Nov 24 11:03 _secretcensor.old
-rwxr-xr-x 1 root root 9958 Nov 28 16:33 _startklips
-rwxr-xr-x 1 root root 9778 Nov 24 11:03 _startklips.old
-rwxr-xr-x 1 root root 13417 Nov 28 16:33 _updown
-rwxr-xr-x 1 root root 13417 Nov 24 11:03 _updown.old
-rwxr-xr-x 1 root root 15746 Nov 28 16:33 _updown_x509
-rwxr-xr-x 1 root root 15746 Nov 24 11:03 _updown_x509.old
-rwxr-xr-x 1 root root 1942 Nov 28 16:33 ipsec_pr.template
+ _________________________ ipsec/ls-execdir
+ ls -l /usr/local/libexec/ipsec
total 10217
-rwxr-xr-x 1 root root 76656 Nov 28 16:33 _pluto_adns
-rwxr-xr-x 1 root root 76656 Nov 24 11:03 _pluto_adns.old
-rwxr-xr-x 1 root root 19157 Nov 28 16:33 auto
-rwxr-xr-x 1 root root 19157 Nov 24 11:03 auto.old
-rwxr-xr-x 1 root root 11355 Nov 28 16:33 barf
-rwxr-xr-x 1 root root 10584 Nov 24 11:03 barf.old
-rwxr-xr-x 1 root root 816 Nov 28 16:33 calcgoo
-rwxr-xr-x 1 root root 816 Nov 24 11:03 calcgoo.old
-rwxr-xr-x 1 root root 334603 Nov 28 16:33 eroute
-rwxr-xr-x 1 root root 334603 Nov 24 11:03 eroute.old
-rwxr-xr-x 1 root root 138897 Nov 28 16:33 ikeping
-rwxr-xr-x 1 root root 138897 Nov 24 11:03 ikeping.old
-rwxr-xr-x 1 root root 196060 Nov 28 16:33 klipsdebug
-rwxr-xr-x 1 root root 196060 Nov 24 11:03 klipsdebug.old
-rwxr-xr-x 1 root root 1836 Nov 28 16:33 livetest
-rwxr-xr-x 1 root root 1836 Nov 24 11:03 livetest.old
-rwxr-xr-x 1 root root 2605 Nov 28 16:33 look
-rwxr-xr-x 1 root root 2605 Nov 24 11:03 look.old
-rwxr-xr-x 1 root root 7159 Nov 28 16:33 mailkey
-rwxr-xr-x 1 root root 7159 Nov 24 11:03 mailkey.old
-rwxr-xr-x 1 root root 15996 Nov 28 16:33 manual
-rwxr-xr-x 1 root root 15996 Nov 24 11:03 manual.old
-rwxr-xr-x 1 root root 1926 Nov 28 16:33 newhostkey
-rwxr-xr-x 1 root root 1926 Nov 24 11:03 newhostkey.old
-rwxr-xr-x 1 root root 177631 Nov 28 16:33 pf_key
-rwxr-xr-x 1 root root 177631 Nov 24 11:03 pf_key.old
-rwxr-xr-x 1 root root 2854593 Nov 28 16:33 pluto
-rwxr-xr-x 1 root root 2854593 Nov 24 11:03 pluto.old
-rwxr-xr-x 1 root root 54839 Nov 28 16:33 ranbits
-rwxr-xr-x 1 root root 54839 Nov 24 11:03 ranbits.old
-rwxr-xr-x 1 root root 87737 Nov 28 16:33 rsasigkey
-rwxr-xr-x 1 root root 87737 Nov 24 11:03 rsasigkey.old
-rwxr-xr-x 1 root root 766 Nov 28 16:33 secrets
-rwxr-xr-x 1 root root 766 Nov 24 11:03 secrets.old
-rwxr-xr-x 1 root root 17660 Nov 28 16:33 send-pr
-rwxr-xr-x 1 root root 17660 Nov 24 11:03 send-pr.old
lrwxrwxrwx 1 root root 15 Nov 28 16:33 setup -> /etc/rc.d/ipsec
-rwxr-xr-x 1 root root 1054 Nov 28 16:33 showdefaults
-rwxr-xr-x 1 root root 1054 Nov 24 11:03 showdefaults.old
-rwxr-xr-x 1 root root 4748 Nov 28 16:33 showhostkey
-rwxr-xr-x 1 root root 4748 Nov 24 11:03 showhostkey.old
-rwxr-xr-x 1 root root 539801 Nov 28 16:33 spi
-rwxr-xr-x 1 root root 539801 Nov 24 11:03 spi.old
-rwxr-xr-x 1 root root 270656 Nov 28 16:33 spigrp
-rwxr-xr-x 1 root root 270656 Nov 24 11:03 spigrp.old
-rwxr-xr-x 1 root root 59131 Nov 28 16:33 tncfg
-rwxr-xr-x 1 root root 59131 Nov 24 11:03 tncfg.old
-rwxr-xr-x 1 root root 11635 Nov 28 16:33 verify
-rwxr-xr-x 1 root root 10613 Nov 24 11:03 verify.old
-rwxr-xr-x 1 root root 297481 Nov 28 16:33 whack
-rwxr-xr-x 1 root root 297481 Nov 24 11:03 whack.old
+ _________________________ ipsec/updowns
++ ls /usr/local/libexec/ipsec
++ egrep updown
+ _________________________ /proc/net/dev
+ cat /proc/net/dev
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes
packets errs drop fifo colls carrier compressed
lo: 39180 102 0 0 0 0 0 0
39180 102 0 0 0 0 0 0
eth0: 180596 951 0 0 0 0 0 7
49238 281 0 0 0 0 0 0
eth1: 154843 1299 0 0 0 0 0 7
49443 364 0 0 0 0 0 0
ipsec0: 37526 360 0 6 0 0 0 0
68576 300 0 118 0 0 0 0
ipsec1: 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
ipsec2: 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
ipsec3: 0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
ppp0: 3778 31 0 0 0 0 0 0
1333 18 0 0 0 0 0 0
+ _________________________ /proc/net/route
+ cat /proc/net/route
Iface Destination Gateway Flags RefCnt Use Metric Mask
MTU Window
IRTT
ppp0 F500A8C0 00000000 0005 0 0 0
FFFFFFFF 0 0
0
ipsec0 4510AE51 00000000 0005 0 0 0
FFFFFFFF 0 0
0
eth1 4010AE51 00000000 0001 0 0 0
F8FFFFFF 0 0
0
ipsec0 4010AE51 00000000 0001 0 0 0
F8FFFFFF 0 0
0
ipsec0 0001A8C0 4110AE51 0003 0 0 0
00FFFFFF 0 0
0
eth0 0000A8C0 00000000 0001 0 0 0
00FFFFFF 0 0
0
lo 0000007F 00000000 0001 0 0 0
000000FF 0 0
0
eth1 00000000 4110AE51 0003 0 0 1
00000000 0 0
0
+ _________________________ /proc/sys/net/ipv4/ip_forward
+ cat /proc/sys/net/ipv4/ip_forward
1
+ _________________________ /proc/sys/net/ipv4/tcp_ecn
+ cat /proc/sys/net/ipv4/tcp_ecn
0
+ _________________________ /proc/sys/net/ipv4/conf/star-rp_filter
+ cd /proc/sys/net/ipv4/conf
+ egrep '^' all/rp_filter default/rp_filter eth0/rp_filter eth1/rp_filter
ipsec0/rp_filter lo/rp_filter ppp0/rp_filter
all/rp_filter:0
default/rp_filter:0
eth0/rp_filter:0
eth1/rp_filter:0
ipsec0/rp_filter:0
lo/rp_filter:0
ppp0/rp_filter:0
+ _________________________ /proc/sys/net/ipv4/conf/star-rp_filter
+ cd /proc/sys/net/ipv4/conf
+ egrep '^' all/rp_filter default/rp_filter eth0/rp_filter eth1/rp_filter
ipsec0/rp_filter lo/rp_filter ppp0/rp_filter
all/rp_filter:0
default/rp_filter:0
eth0/rp_filter:0
eth1/rp_filter:0
ipsec0/rp_filter:0
lo/rp_filter:0
ppp0/rp_filter:0
+ _________________________ /proc/sys/net/ipv4/conf/star-star-redirects
+ cd /proc/sys/net/ipv4/conf
+ egrep '^' all/accept_redirects all/secure_redirects all/send_redirects
default/accept_redirects default/secure_redirects default/send_redirects
eth0/accept_redirects eth0/secure_redirects eth0/send_redirects
eth1/accept_redirects eth1/secure_redirects eth1/send_redirects
ipsec0/accept_redirects ipsec0/secure_redirects ipsec0/send_redirects
lo/accept_redirects lo/secure_redirects lo/send_redirects
ppp0/accept_redirects ppp0/secure_redirects ppp0/send_redirects
all/accept_redirects:0
all/secure_redirects:1
all/send_redirects:1
default/accept_redirects:1
default/secure_redirects:1
default/send_redirects:1
eth0/accept_redirects:1
eth0/secure_redirects:1
eth0/send_redirects:1
eth1/accept_redirects:1
eth1/secure_redirects:1
eth1/send_redirects:1
ipsec0/accept_redirects:1
ipsec0/secure_redirects:1
ipsec0/send_redirects:1
lo/accept_redirects:1
lo/secure_redirects:1
lo/send_redirects:1
ppp0/accept_redirects:1
ppp0/secure_redirects:1
ppp0/send_redirects:1
+ _________________________ /proc/sys/net/ipv4/tcp_window_scaling
+ cat /proc/sys/net/ipv4/tcp_window_scaling
1
+ _________________________ /proc/sys/net/ipv4/tcp_adv_win_scale
+ cat /proc/sys/net/ipv4/tcp_adv_win_scale
2
+ _________________________ uname-a
+ uname -a
Linux Vpn 2.4.31 #10 Mon Nov 28 12:24:40 CET 2005 i686 unknown unknown
GNU/Linux
+ _________________________ config-built-with
+ test -r /proc/config_built_with
+ _________________________ distro-release
+ for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-
release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
+ test -f /etc/redhat-release
+ for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-
release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
+ test -f /etc/debian-release
+ for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-
release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
+ test -f /etc/SuSE-release
+ for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-
release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
+ test -f /etc/mandrake-release
+ for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-
release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
+ test -f /etc/mandriva-release
+ for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-
release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
+ test -f /etc/gentoo-release
+ _________________________ /proc/net/ipsec_version
+ test -r /proc/net/ipsec_version
+ cat /proc/net/ipsec_version
Openswan version: 2.4.5dr3
+ _________________________ ipfwadm
+ test -r /sbin/ipfwadm
+ 'no old-style linux 1.x/2.0 ipfwadm firewall support'
/usr/local/libexec/ipsec/barf: line 305: no old-style linux 1.x/2.0 ipfwadm
firewall support: No such file or directory
+ _________________________ ipchains
+ test -r /sbin/ipchains
+ echo 'no old-style linux 2.0 ipchains firewall support'
no old-style linux 2.0 ipchains firewall support
+ _________________________ iptables
+ test -r /sbin/iptables
+ test -r /sbin/ipchains
+ _________________________ /proc/modules
+ test -f /proc/modules
+ cat /proc/modules
ppp_deflate 3288 0 (autoclean)
bsd_comp 4216 0 (autoclean)
ppp_async 6688 1 (autoclean)
ipsec 320288-358
+ _________________________ /proc/meminfo
+ cat /proc/meminfo
total: used: free: shared: buffers: cached:
Mem: 526028800 72658944 453369856 0 13561856 45711360
Swap: 1003442176 0 1003442176
MemTotal: 513700 kB
MemFree: 442744 kB
MemShared: 0 kB
Buffers: 13244 kB
Cached: 44640 kB
SwapCached: 0 kB
Active: 18996 kB
Inactive: 38920 kB
HighTotal: 0 kB
HighFree: 0 kB
LowTotal: 513700 kB
LowFree: 442744 kB
SwapTotal: 979924 kB
SwapFree: 979924 kB
+ _________________________ /proc/net/ipsec-ls
+ test -f /proc/net/ipsec_version
+ ls -
l /proc/net/ipsec_eroute /proc/net/ipsec_klipsdebug /proc/net/ipsec_spi /proc/
net/ipsec_spigrp /proc/net/ipsec_tncfg /proc/net/ipsec_version
lrwxrwxrwx 1 root root 16 Nov 28 17:26 /proc/net/ipsec_eroute ->
ipsec/eroute/all
lrwxrwxrwx 1 root root 16 Nov 28 17:26 /proc/net/ipsec_klipsdebug ->
ipsec/klipsdebug
lrwxrwxrwx 1 root root 13 Nov 28 17:26 /proc/net/ipsec_spi -> ipsec/spi/all
lrwxrwxrwx 1 root root 16 Nov 28 17:26 /proc/net/ipsec_spigrp ->
ipsec/spigrp/all
lrwxrwxrwx 1 root root 11 Nov 28 17:26 /proc/net/ipsec_tncfg -> ipsec/tncfg
lrwxrwxrwx 1 root root 13 Nov 28 17:26 /proc/net/ipsec_version ->
ipsec/version
+ _________________________ usr/src/linux/.config
+ test -f /proc/config.gz
++ uname -r
+ test -f /lib/modules/2.4.31/build/.config
+
egrep 'CONFIG_IPSEC|CONFIG_KLIPS|CONFIG_NET_KEY|CONFIG_INET|CONFIG_IP|CONFIG_H
W_RANDOM|CONFIG_CRYPTO_DEV'
++ uname -r
+ cat /lib/modules/2.4.31/build/.config
CONFIG_INET=y
# CONFIG_IP_MULTICAST is not set
# CONFIG_IP_ADVANCED_ROUTER is not set
# CONFIG_IP_PNP is not set
# CONFIG_INET_ECN is not set
CONFIG_IP_NF_CONNTRACK=y
CONFIG_IP_NF_FTP=y
# CONFIG_IP_NF_AMANDA is not set
# CONFIG_IP_NF_TFTP is not set
CONFIG_IP_NF_IRC=y
# CONFIG_IP_NF_QUEUE is not set
CONFIG_IP_NF_IPTABLES=y
CONFIG_IP_NF_MATCH_LIMIT=y
CONFIG_IP_NF_MATCH_MAC=y
CONFIG_IP_NF_MATCH_PKTTYPE=y
CONFIG_IP_NF_MATCH_MARK=y
CONFIG_IP_NF_MATCH_MULTIPORT=y
CONFIG_IP_NF_MATCH_TOS=y
CONFIG_IP_NF_MATCH_RECENT=y
CONFIG_IP_NF_MATCH_ECN=y
CONFIG_IP_NF_MATCH_DSCP=y
CONFIG_IP_NF_MATCH_AH_ESP=y
CONFIG_IP_NF_MATCH_LENGTH=y
CONFIG_IP_NF_MATCH_TTL=y
CONFIG_IP_NF_MATCH_TCPMSS=y
CONFIG_IP_NF_MATCH_HELPER=y
CONFIG_IP_NF_MATCH_STATE=y
CONFIG_IP_NF_MATCH_CONNTRACK=y
CONFIG_IP_NF_MATCH_UNCLEAN=y
CONFIG_IP_NF_MATCH_OWNER=y
CONFIG_IP_NF_FILTER=y
CONFIG_IP_NF_TARGET_REJECT=y
# CONFIG_IP_NF_TARGET_MIRROR is not set
CONFIG_IP_NF_NAT=y
CONFIG_IP_NF_NAT_NEEDED=y
CONFIG_IP_NF_TARGET_MASQUERADE=y
CONFIG_IP_NF_TARGET_REDIRECT=y
# CONFIG_IP_NF_NAT_SNMP_BASIC is not set
CONFIG_IP_NF_NAT_IRC=y
CONFIG_IP_NF_NAT_FTP=y
CONFIG_IP_NF_MANGLE=y
CONFIG_IP_NF_TARGET_TOS=y
CONFIG_IP_NF_TARGET_ECN=y
CONFIG_IP_NF_TARGET_DSCP=y
CONFIG_IP_NF_TARGET_MARK=y
CONFIG_IP_NF_TARGET_LOG=y
CONFIG_IP_NF_TARGET_ULOG=y
CONFIG_IP_NF_TARGET_TCPMSS=y
CONFIG_IP_NF_ARPTABLES=y
# CONFIG_IP_NF_ARPFILTER is not set
# CONFIG_IP_NF_ARP_MANGLE is not set
# CONFIG_IP_VS is not set
# CONFIG_IPV6 is not set
CONFIG_IP_SCTP=y
# CONFIG_IPX is not set
# CONFIG_IPSEC_NAT_TRAVERSAL is not set
# CONFIG_IPMI_HANDLER is not set
# CONFIG_IPMI_PANIC_EVENT is not set
# CONFIG_IPMI_DEVICE_INTERFACE is not set
# CONFIG_IPMI_KCS is not set
# CONFIG_IPMI_WATCHDOG is not set
CONFIG_HW_RANDOM=y
+ _________________________ etc/syslog.conf
+ cat /etc/syslog.conf
# /etc/syslog.conf
# For info about the format of this file, see "man syslog.conf"
# and /usr/doc/sysklogd/README.linux. Note the '-' prefixing some
# of these entries; this omits syncing the file after every logging.
# In the event of a crash, some log information might be lost, so
# if this is a concern to you then you might want to remove the '-'.
# Be advised this will cause a performation loss if you're using
# programs that do heavy logging.
# Uncomment this to see kernel messages on the console.
#kern.* /dev/console
# Log anything 'info' or higher, but lower than 'warn'.
# Exclude authpriv, cron, mail, and news. These are logged elsewhere.
*.info;*.!warn;\
authpriv.none;cron.none;mail.none;news.none -/var/log/messages
# Log anything 'warn' or higher.
# Exclude authpriv, cron, mail, and news. These are logged elsewhere.
*.warn;\
authpriv.none;cron.none;mail.none;news.none -/var/log/syslog
# Debugging information is logged here.
*.=debug -/var/log/debug
# Private authentication message logging:
authpriv.* -/var/log/secure
# Cron related logs:
cron.* -/var/log/cron
# Mail related logs:
mail.* -/var/log/maillog
# Emergency level messages go to all users:
*.emerg *
# This log is for news and uucp errors:
uucp,news.crit -/var/log/spooler
# Uncomment these if you'd like INN to keep logs on everything.
# You won't need this if you don't run INN (the InterNetNews daemon).
#news.=crit -/var/log/news/news.crit
#news.=err -/var/log/news/news.err
#news.notice -/var/log/news/news.notice
*.* /dev/tty3
*.* -/var/log/messages
+ _________________________ etc/syslog-ng/syslog-ng.conf
+ cat /etc/syslog-ng/syslog-ng.conf
cat: /etc/syslog-ng/syslog-ng.conf: No such file or directory
+ _________________________ etc/resolv.conf
+ cat /etc/resolv.conf
search medimatica.com
nameserver 81.174.16.66
nameserver 192.168.0.105
+ _________________________ lib/modules-ls
+ ls -ltr /lib/modules
total 1
drwxr-xr-x 4 root root 416 Nov 28 16:32 2.4.31
+ _________________________ /proc/ksyms-netif_rx
+ test -r /proc/ksyms
+ egrep netif_rx /proc/ksyms
c02f8550 netif_rx_Rf52370ac
+ _________________________ lib/modules-netif_rx
+ modulegoo kernel/net/ipv4/ipip.o netif_rx
+ set +x
2.4.31: U netif_rx_Rf52370ac
+ _________________________ kern.debug
+ test -f /var/log/kern.debug
+ _________________________ klog
+ sed -n '3352,$p' /var/log/messages
+ egrep -i 'ipsec|klips|pluto'
+ case "$1" in
+ cat
Nov 28 17:10:13 Vpn ipsec_setup: Starting Openswan IPsec 2.4.5dr3...
Nov 28 17:10:13 Vpn pluto[1316]: Starting Pluto (Openswan Version 2.4.5dr3
X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OEr\134[u at aflB_)
Nov 28 17:10:13 Vpn pluto[1316]: Setting NAT-Traversal port-4500 floating to
on
Nov 28 17:10:13 Vpn pluto[1316]: port floating activation criteria
nat_t=1/port_fload=1
Nov 28 17:10:13 Vpn pluto[1316]: including NAT-Traversal patch (Version
0.6c)
Nov 28 17:10:13 Vpn pluto[1316]: ike_alg_register_enc(): Activating
OAKLEY_AES_CBC: Ok (ret=0)
Nov 28 17:10:13 Vpn pluto[1316]: starting up 1 cryptographic helpers
Nov 28 17:10:13 Vpn pluto[1316]: started helper pid=1318 (fd:6)
Nov 28 17:10:13 Vpn pluto[1316]: Using KLIPS IPsec interface code on 2.4.31
Nov 28 17:10:13 Vpn pluto[1316]: Changing to directory '/etc/ipsec.d/cacerts'
Nov 28 17:10:13 Vpn pluto[1316]: Changing to directory '/etc/ipsec.d/aacerts'
Nov 28 17:10:13 Vpn pluto[1316]: Changing to
directory '/etc/ipsec.d/ocspcerts'
Nov 28 17:10:13 Vpn pluto[1316]: Changing to directory '/etc/ipsec.d/crls'
Nov 28 17:10:13 Vpn pluto[1316]: Warning: empty directory
Nov 28 17:10:13 Vpn pluto[1316]: added connection description "medimatica-
winxp"
Nov 28 17:10:13 Vpn pluto[1316]: added connection description "medimatica-
linksys"
Nov 28 17:10:13 Vpn pluto[1316]: listening for IKE messages
Nov 28 17:10:13 Vpn pluto[1316]: NAT-Traversal: ESPINUDP(1) not supported by
kernel for family IPv4
Nov 28 17:10:13 Vpn pluto[1316]: adding interface ipsec0/eth1 81.174.16.70:500
Nov 28 17:10:13 Vpn pluto[1316]: NAT-Traversal: ESPINUDP(2) not supported by
kernel for family IPv4
Nov 28 17:10:13 Vpn pluto[1316]: NAT-Traversal port floating turned off
Nov 28 17:10:13 Vpn pluto[1316]: NAT-Traversal is turned OFF due to lack of
KERNEL support: 0/0
Nov 28 17:10:13 Vpn pluto[1316]: adding interface ipsec0/eth1
81.174.16.70:4500
Nov 28 17:10:13 Vpn pluto[1316]: loading secrets from "/etc/ipsec.secrets"
Nov 28 17:10:13 Vpn ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1) not
supported by kernel for family IPv4
Nov 28 17:10:13 Vpn ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(2) not
supported by kernel for family IPv4
Nov 28 17:10:13 Vpn pluto[1316]: "medimatica-winxp": cannot route template
policy of PSK+ENCRYPT+TUNNEL
Nov 28 17:10:13 Vpn ipsec__plutorun: 025 "medimatica-winxp": cannot route
template policy of PSK+ENCRYPT+TUNNEL
Nov 28 17:10:13 Vpn ipsec__plutorun: 025 "medimatica-winxp": could not route
Nov 28 17:10:13 Vpn ipsec__plutorun: ...could not route conn "medimatica-
winxp"
Nov 28 17:10:13 Vpn pluto[1316]: "medimatica-winxp": cannot initiate
connection without knowing peer IP address (kind=CK_TEMPLATE)
Nov 28 17:10:13 Vpn ipsec__plutorun: 029 "medimatica-winxp": cannot initiate
connection without knowing peer IP address (kind=CK_TEMPLATE)
Nov 28 17:10:13 Vpn ipsec__plutorun: ...could not start conn "medimatica-
winxp"
Nov 28 17:10:13 Vpn pluto[1316]: "medimatica-linksys": cannot initiate
connection without knowing peer IP address (kind=CK_TEMPLATE)
Nov 28 17:10:13 Vpn ipsec__plutorun: 029 "medimatica-linksys": cannot
initiate connection without knowing peer IP address (kind=CK_TEMPLATE)
Nov 28 17:10:13 Vpn ipsec__plutorun: ...could not start conn "medimatica-
linksys"
Nov 28 17:10:22 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Nov 28 17:10:22 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [FRAGMENTATION]
Nov 28 17:10:22 Vpn pluto[1316]: packet from 81.174.16.69:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port
floating is off
Nov 28 17:10:22 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [Vid-Initial-Contact]
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
responding to Main Mode from unknown peer 81.174.16.69
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
STATE_MAIN_R1: sent MR1, expecting MI2
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
STATE_MAIN_R2: sent MR2, expecting MI3
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1: Main
mode peer ID is ID_IPV4_ADDR: '81.174.16.69'
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1: I did
not send a certificate because I do not have one.
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #2:
responding to Quick Mode {msgid:ce98e854}
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #2:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #2:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #2:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #2:
STATE_QUICK_R2: IPsec SA established {ESP=>0x7d9d345d <0xc0351498 xfrm=3DES_0-
HMAC_MD5 NATD=none DPD=none}
Nov 28 17:15:35 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
received Delete SA(0x7d9d345d) payload: deleting IPSEC State #2
Nov 28 17:15:35 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
received and ignored informational message
Nov 28 17:15:35 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
received Delete SA payload: deleting ISAKMP State #1
Nov 28 17:15:35 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69: deleting
connection "medimatica-winxp" instance with peer 81.174.16.69
{isakmp=#0/ipsec=#0}
Nov 28 17:15:35 Vpn pluto[1316]: packet from 81.174.16.69:500: received and
ignored informational message
Nov 28 17:20:11 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Nov 28 17:20:11 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [FRAGMENTATION]
Nov 28 17:20:11 Vpn pluto[1316]: packet from 81.174.16.69:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port
floating is off
Nov 28 17:20:11 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [Vid-Initial-Contact]
Nov 28 17:20:11 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
responding to Main Mode from unknown peer 81.174.16.69
Nov 28 17:20:11 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Nov 28 17:20:11 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
STATE_MAIN_R1: sent MR1, expecting MI2
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
STATE_MAIN_R2: sent MR2, expecting MI3
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3: Main
mode peer ID is ID_IPV4_ADDR: '81.174.16.69'
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3: I did
not send a certificate because I do not have one.
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #4:
responding to Quick Mode {msgid:98fb6831}
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #4:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #4:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #4:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #4:
STATE_QUICK_R2: IPsec SA established {ESP=>0x985b8665 <0xc0351499 xfrm=3DES_0-
HMAC_MD5 NATD=none DPD=none}
Nov 28 17:20:32 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
received Delete SA(0x985b8665) payload: deleting IPSEC State #4
Nov 28 17:20:32 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
received and ignored informational message
Nov 28 17:20:32 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
received Delete SA payload: deleting ISAKMP State #3
Nov 28 17:20:32 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69: deleting
connection "medimatica-winxp" instance with peer 81.174.16.69
{isakmp=#0/ipsec=#0}
Nov 28 17:20:32 Vpn pluto[1316]: packet from 81.174.16.69:500: received and
ignored informational message
Nov 28 17:21:05 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Nov 28 17:21:05 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [FRAGMENTATION]
Nov 28 17:21:05 Vpn pluto[1316]: packet from 81.174.16.69:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port
floating is off
Nov 28 17:21:05 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
responding to Main Mode from unknown peer 81.174.16.69
Nov 28 17:21:05 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Nov 28 17:21:05 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
STATE_MAIN_R1: sent MR1, expecting MI2
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
STATE_MAIN_R2: sent MR2, expecting MI3
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5: Main
mode peer ID is ID_IPV4_ADDR: '81.174.16.69'
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5: I did
not send a certificate because I do not have one.
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #6:
responding to Quick Mode {msgid:eaa89666}
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #6:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #6:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #6:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #6:
STATE_QUICK_R2: IPsec SA established {ESP=>0x9142b99d <0xc035149a xfrm=3DES_0-
HMAC_MD5 NATD=none DPD=none}
Nov 28 17:21:59 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
received Delete SA(0x9142b99d) payload: deleting IPSEC State #6
Nov 28 17:21:59 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
received and ignored informational message
Nov 28 17:21:59 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
received Delete SA payload: deleting ISAKMP State #5
Nov 28 17:21:59 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69: deleting
connection "medimatica-winxp" instance with peer 81.174.16.69
{isakmp=#0/ipsec=#0}
Nov 28 17:21:59 Vpn pluto[1316]: packet from 81.174.16.69:500: received and
ignored informational message
Nov 28 17:23:51 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Nov 28 17:23:51 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [FRAGMENTATION]
Nov 28 17:23:51 Vpn pluto[1316]: packet from 81.174.16.69:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port
floating is off
Nov 28 17:23:51 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [Vid-Initial-Contact]
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
responding to Main Mode from unknown peer 81.174.16.69
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
STATE_MAIN_R1: sent MR1, expecting MI2
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
STATE_MAIN_R2: sent MR2, expecting MI3
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7: Main
mode peer ID is ID_IPV4_ADDR: '81.174.16.69'
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7: I did
not send a certificate because I do not have one.
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #8:
responding to Quick Mode {msgid:001b036d}
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #8:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #8:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #8:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #8:
STATE_QUICK_R2: IPsec SA established {ESP=>0xc2db9479 <0xc035149b xfrm=3DES_0-
HMAC_MD5 NATD=none DPD=none}
+ _________________________ plog
+ sed -n '672,$p' /var/log/secure
+ egrep -i pluto
+ case "$1" in
+ cat
Nov 28 17:10:13 Vpn ipsec__plutorun: Starting Pluto subsystem...
Nov 28 17:10:13 Vpn pluto[1316]: Starting Pluto (Openswan Version 2.4.5dr3
X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OEr\134[u at aflB_)
Nov 28 17:10:13 Vpn pluto[1316]: Setting NAT-Traversal port-4500 floating to
on
Nov 28 17:10:13 Vpn pluto[1316]: port floating activation criteria
nat_t=1/port_fload=1
Nov 28 17:10:13 Vpn pluto[1316]: including NAT-Traversal patch (Version
0.6c)
Nov 28 17:10:13 Vpn pluto[1316]: ike_alg_register_enc(): Activating
OAKLEY_AES_CBC: Ok (ret=0)
Nov 28 17:10:13 Vpn pluto[1316]: starting up 1 cryptographic helpers
Nov 28 17:10:13 Vpn pluto[1316]: started helper pid=1318 (fd:6)
Nov 28 17:10:13 Vpn pluto[1316]: Using KLIPS IPsec interface code on 2.4.31
Nov 28 17:10:13 Vpn pluto[1316]: Changing to directory '/etc/ipsec.d/cacerts'
Nov 28 17:10:13 Vpn pluto[1316]: Changing to directory '/etc/ipsec.d/aacerts'
Nov 28 17:10:13 Vpn pluto[1316]: Changing to
directory '/etc/ipsec.d/ocspcerts'
Nov 28 17:10:13 Vpn pluto[1316]: Changing to directory '/etc/ipsec.d/crls'
Nov 28 17:10:13 Vpn pluto[1316]: Warning: empty directory
Nov 28 17:10:13 Vpn pluto[1316]: added connection description "medimatica-
winxp"
Nov 28 17:10:13 Vpn pluto[1316]: added connection description "medimatica-
linksys"
Nov 28 17:10:13 Vpn pluto[1316]: listening for IKE messages
Nov 28 17:10:13 Vpn pluto[1316]: NAT-Traversal: ESPINUDP(1) not supported by
kernel for family IPv4
Nov 28 17:10:13 Vpn pluto[1316]: adding interface ipsec0/eth1 81.174.16.70:500
Nov 28 17:10:13 Vpn pluto[1316]: NAT-Traversal: ESPINUDP(2) not supported by
kernel for family IPv4
Nov 28 17:10:13 Vpn pluto[1316]: NAT-Traversal port floating turned off
Nov 28 17:10:13 Vpn pluto[1316]: NAT-Traversal is turned OFF due to lack of
KERNEL support: 0/0
Nov 28 17:10:13 Vpn pluto[1316]: adding interface ipsec0/eth1
81.174.16.70:4500
Nov 28 17:10:13 Vpn pluto[1316]: loading secrets from "/etc/ipsec.secrets"
Nov 28 17:10:13 Vpn pluto[1316]: "medimatica-winxp": cannot route template
policy of PSK+ENCRYPT+TUNNEL
Nov 28 17:10:13 Vpn pluto[1316]: "medimatica-winxp": cannot initiate
connection without knowing peer IP address (kind=CK_TEMPLATE)
Nov 28 17:10:13 Vpn pluto[1316]: "medimatica-linksys": cannot initiate
connection without knowing peer IP address (kind=CK_TEMPLATE)
Nov 28 17:10:22 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Nov 28 17:10:22 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [FRAGMENTATION]
Nov 28 17:10:22 Vpn pluto[1316]: packet from 81.174.16.69:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port
floating is off
Nov 28 17:10:22 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [Vid-Initial-Contact]
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
responding to Main Mode from unknown peer 81.174.16.69
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
STATE_MAIN_R1: sent MR1, expecting MI2
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
STATE_MAIN_R2: sent MR2, expecting MI3
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1: Main
mode peer ID is ID_IPV4_ADDR: '81.174.16.69'
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1: I did
not send a certificate because I do not have one.
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #2:
responding to Quick Mode {msgid:ce98e854}
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #2:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #2:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #2:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Nov 28 17:10:22 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #2:
STATE_QUICK_R2: IPsec SA established {ESP=>0x7d9d345d <0xc0351498 xfrm=3DES_0-
HMAC_MD5 NATD=none DPD=none}
Nov 28 17:15:35 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
received Delete SA(0x7d9d345d) payload: deleting IPSEC State #2
Nov 28 17:15:35 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
received and ignored informational message
Nov 28 17:15:35 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69 #1:
received Delete SA payload: deleting ISAKMP State #1
Nov 28 17:15:35 Vpn pluto[1316]: "medimatica-winxp"[1] 81.174.16.69: deleting
connection "medimatica-winxp" instance with peer 81.174.16.69
{isakmp=#0/ipsec=#0}
Nov 28 17:15:35 Vpn pluto[1316]: packet from 81.174.16.69:500: received and
ignored informational message
Nov 28 17:20:11 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Nov 28 17:20:11 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [FRAGMENTATION]
Nov 28 17:20:11 Vpn pluto[1316]: packet from 81.174.16.69:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port
floating is off
Nov 28 17:20:11 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [Vid-Initial-Contact]
Nov 28 17:20:11 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
responding to Main Mode from unknown peer 81.174.16.69
Nov 28 17:20:11 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Nov 28 17:20:11 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
STATE_MAIN_R1: sent MR1, expecting MI2
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
STATE_MAIN_R2: sent MR2, expecting MI3
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3: Main
mode peer ID is ID_IPV4_ADDR: '81.174.16.69'
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3: I did
not send a certificate because I do not have one.
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #4:
responding to Quick Mode {msgid:98fb6831}
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #4:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #4:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #4:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Nov 28 17:20:12 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #4:
STATE_QUICK_R2: IPsec SA established {ESP=>0x985b8665 <0xc0351499 xfrm=3DES_0-
HMAC_MD5 NATD=none DPD=none}
Nov 28 17:20:32 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
received Delete SA(0x985b8665) payload: deleting IPSEC State #4
Nov 28 17:20:32 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
received and ignored informational message
Nov 28 17:20:32 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69 #3:
received Delete SA payload: deleting ISAKMP State #3
Nov 28 17:20:32 Vpn pluto[1316]: "medimatica-winxp"[2] 81.174.16.69: deleting
connection "medimatica-winxp" instance with peer 81.174.16.69
{isakmp=#0/ipsec=#0}
Nov 28 17:20:32 Vpn pluto[1316]: packet from 81.174.16.69:500: received and
ignored informational message
Nov 28 17:21:05 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Nov 28 17:21:05 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [FRAGMENTATION]
Nov 28 17:21:05 Vpn pluto[1316]: packet from 81.174.16.69:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port
floating is off
Nov 28 17:21:05 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
responding to Main Mode from unknown peer 81.174.16.69
Nov 28 17:21:05 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Nov 28 17:21:05 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
STATE_MAIN_R1: sent MR1, expecting MI2
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
STATE_MAIN_R2: sent MR2, expecting MI3
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5: Main
mode peer ID is ID_IPV4_ADDR: '81.174.16.69'
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5: I did
not send a certificate because I do not have one.
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #6:
responding to Quick Mode {msgid:eaa89666}
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #6:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #6:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #6:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Nov 28 17:21:06 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #6:
STATE_QUICK_R2: IPsec SA established {ESP=>0x9142b99d <0xc035149a xfrm=3DES_0-
HMAC_MD5 NATD=none DPD=none}
Nov 28 17:21:59 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
received Delete SA(0x9142b99d) payload: deleting IPSEC State #6
Nov 28 17:21:59 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
received and ignored informational message
Nov 28 17:21:59 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69 #5:
received Delete SA payload: deleting ISAKMP State #5
Nov 28 17:21:59 Vpn pluto[1316]: "medimatica-winxp"[3] 81.174.16.69: deleting
connection "medimatica-winxp" instance with peer 81.174.16.69
{isakmp=#0/ipsec=#0}
Nov 28 17:21:59 Vpn pluto[1316]: packet from 81.174.16.69:500: received and
ignored informational message
Nov 28 17:23:51 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Nov 28 17:23:51 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [FRAGMENTATION]
Nov 28 17:23:51 Vpn pluto[1316]: packet from 81.174.16.69:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port
floating is off
Nov 28 17:23:51 Vpn pluto[1316]: packet from 81.174.16.69:500: ignoring
Vendor ID payload [Vid-Initial-Contact]
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
responding to Main Mode from unknown peer 81.174.16.69
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
STATE_MAIN_R1: sent MR1, expecting MI2
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
STATE_MAIN_R2: sent MR2, expecting MI3
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7: Main
mode peer ID is ID_IPV4_ADDR: '81.174.16.69'
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7: I did
not send a certificate because I do not have one.
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #7:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #8:
responding to Quick Mode {msgid:001b036d}
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #8:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #8:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #8:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Nov 28 17:23:51 Vpn pluto[1316]: "medimatica-winxp"[4] 81.174.16.69 #8:
STATE_QUICK_R2: IPsec SA established {ESP=>0xc2db9479 <0xc035149b xfrm=3DES_0-
HMAC_MD5 NATD=none DPD=none}
+ _________________________ date
+ date
Mon Nov 28 17:26:59 CET 2005
This is a tcpdump -i ppp0 for winxp client http request at the 192.168.0.100
machins in the office lan
17:27:32.429873 IP 192.168.0.245.1174 > 192.168.0.100.http: S
1981970265:1981970265(0) win 65535 <mss 1336,nop,nop,sackOK>
17:27:32.723500 IP 192.168.0.100.http > 192.168.0.245.1174: S
523397053:523397053(0) ack 1981970266 win 8192 <mss 1474>
17:27:32.723981 IP 192.168.0.245.1174 > 192.168.0.100.http: . ack 1 win 65535
17:27:32.724347 IP 192.168.0.245.1174 > 192.168.0.100.http: P 1:400(399) ack
1 win 65535
17:27:32.728800 IP 192.168.0.100.http > 192.168.0.245.1174: . ack 400 win 8192
17:27:32.736141 IP 192.168.0.100.http > 192.168.0.245.1174: P 1:501(500) ack
400 win 8192
17:27:32.747763 IP 192.168.0.100.http > 192.168.0.245.1174: . 501:1837(1336)
ack 400 win 8192
17:27:35.512650 IP 192.168.0.100.http > 192.168.0.245.1174: . 1:1337(1336)
ack 400 win 8192
17:27:41.513225 IP 192.168.0.100.http > 192.168.0.245.1174: . 1:1337(1336)
ack 400 win 8192
17:27:53.514341 IP 192.168.0.100.http > 192.168.0.245.1174: . 1:1337(1336)
ack 400 win 8192
17:28:17.516613 IP 192.168.0.100.http > 192.168.0.245.1174: . 1:1337(1336)
ack 400 win 8192
17:29:05.521083 IP 192.168.0.100.http > 192.168.0.245.1174: . 1:1337(1336)
ack 400 win 8192
17:30:09.526953 IP 192.168.0.100.http > 192.168.0.245.1174: . 1:1337(1336)
ack 400 win 8192
17:31:13.532906 IP 192.168.0.100.http > 192.168.0.245.1174: . 1:1337(1336)
ack 400 win 8192
Please help .... Help ...
More information about the Users
mailing list