[Openswan Users] Windows rekey problem
John A. Sullivan III
jsullivan at opensourcedevel.com
Thu Oct 20 05:41:11 CEST 2005
Well, after two all-nighters, I ready to pack it in for a while but I
still haven't solved my problem. We are running an openswan 2.3.1
gateway on a xen domU (virtual machine) on kernel 2.4.30 using fedora
core 3. The client is a windows station using ipsec only via the
lsipsectool (http://sourceforge.net/projects/lsipsectool). The client
is behind a NAT gateway. The openswan gateway is directly connected to
the Internet. As a slight twist, the OSW gateway and the NAT gateway
(protecting the windows client) are on the same public network as this
is a test lab. By the way, the gateway is strictly a roadwarrior
gateway; it has one NIC and connects the roadwarriors to their offices
via other IPSec tunnels terminated by CyberGuard SG570s. Those tunnels
are perfectly stable (well, except for the one SG575 - I had to turn off
compression to make that work reliably).
We are not able to sustain the connection. It connects just fine.
However, after a while, the connection fails and it appears to be a
Phase I (ISAKMP) rekeying problem. I assume this is not the NAT-T bug
which was fixed in 2.3.1. The postings seemed to indicate a "no
connection found" error; we do not receive that kind of an error.
I did manage to catch the failure in the act on both sides so I will
include an excerpt from /var/log/secure and the windows oakley log.
I've tried several solutions but to no avail. I have turned off
compression. I've tried setting the OSW gateway to rekey=no and
rekey=yes. I've tried a ikelifetime of 8h to match the seemingly hard
coded windows value and I've tried 40m. I set leftsendcert=always.
This is supposed to be released to production any time now so I would
greatly appreciate any help.
Here is the edited ipsec.conf:
version 2
# basic configuration
config setup
# THIS SETTING MUST BE CORRECT or almost nothing will work;
# %defaultroute is okay for most simple cases.
interfaces="ipsec0=eth0"
# Debug-logging controls: "none" for (almost) none, "all" for
lots.
#klipsdebug=none
#plutodebug=all
# Use auto= parameters in conn descriptions to control startup
actions.
#plutoload=%search
#plutostart=%search
plutowait=no
# Close down old connection when new one using same ID shows up.
hidetos=no
uniqueids=yes
nat_traversal=yes
virtual_private=%v4:192.168.0.0/16,%v4:10.0.0.0/8,%
v4:172.16.0.0/12
# defaults for subsequent connection descriptions
# (these defaults will soon go away)
conn %default
keyingtries=10
disablearrivalcheck=no
authby=rsasig
left=x.x.x.187
leftnexthop=x.x.x.185
leftrsasigkey=%cert
leftcert=niagararasgwc.pem
leftid="C=US,O=Niagara,OU=VPNGateways,CN=NiagaraRASGW"
rightrsasigkey=%cert
keylife=20m
rekeymargin=5m
ikelifetime=3h
# disable opportunistic encryption
include /etc/ipsec.d/examples/no_oe.conf
conn RAS10
leftsubnet=10.0.0.0/8
also=RAS
conn RAS192
leftsubnet=192.168.0.0/16
also=RAS
conn RAS172
leftsubnet=172.16.0.0/12
also=RAS
conn RASAny
leftsubnet=0.0.0.0/0.0.0.0
also=RAS
conn RAS
right=%any
rightsubnet=vnet:%priv,%no
leftupdown=/etc/PEP/X509updown
ikelifetime=8h
rekey=yes
compress=no
leftsendcert=always
auto=add
Here is an excerpt from /var/log/secure. It shows the successful
initial negotiation, the failure and then a successful manual rekey,
i.e., I restarted the connection:
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: packet from x.x.x.186:500:
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: packet from x.x.x.186:500:
ignoring Vendor ID payload [FRAGMENTATION]
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: packet from x.x.x.186:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set
to=106
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: packet from x.x.x.186:500:
ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[1] x.x.x.186 #143:
responding to Main Mode from unknown peer x.x.x.186
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[1] x.x.x.186 #143:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[1] x.x.x.186 #143:
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is
NATed
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[1] x.x.x.186 #143:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[1] x.x.x.186 #143: Main
mode peer ID is ID_DER_ASN1_DN: 'C=US, OU=Exec, OU=Cons, OU=Eng,
O=Atlas, CN=jo
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[1] x.x.x.186 #143: no
crl from issuer "C=US, O=Atlas, OU=PKI, CN=NiagaraCA" found (strict=no)
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[2] x.x.x.186 #143:
deleting connection "RAS" instance with peer x.x.x.186
{isakmp=#0/ipsec=#0}
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[2] x.x.x.186 #143: I am
sending my cert
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[2] x.x.x.186 #143:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: | NAT-T: new mapping
x.x.x.186:500/4500)
Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[2] x.x.x.186 #143: sent
MR3, ISAKMP SA established
Oct 19 23:11:23 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #144:
responding to Quick Mode {msgid:fca45e9e}
Oct 19 23:11:23 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #144:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Oct 19 23:11:23 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #144:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Oct 19 23:11:23 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #144:
IPsec SA established {ESP=>0x45cee8ad <0xf558025a xfrm=3DES_0-HMAC_SHA1
NATD=24.7
[SUCCESSFUL INITIATION ABOVE]
Oct 19 23:15:23 NiagaraRASGW pluto[12259]: "RAS"[2] x.x.x.186 #143:
received Delete SA payload: deleting ISAKMP State #143
Oct 19 23:15:23 NiagaraRASGW pluto[12259]: "RAS"[2] x.x.x.186: deleting
connection "RAS" instance with peer x.x.x.186 {isakmp=#0/ipsec=#0}
Oct 19 23:15:23 NiagaraRASGW pluto[12259]: packet from x.x.x.186:4500:
received and ignored informational message
[I THINK IT DID NOT BREAK UNTIL HERE]
Oct 19 23:28:53 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
initiating Main Mode
Oct 19 23:28:53 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set
to=108
Oct 19 23:28:53 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 19 23:28:53 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT
detected
Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211: I
am sending my cert
Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211: I
am sending a certificate request
Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
next payload type of ISAKMP Hash Payload has an unknown value: 156
Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
malformed payload in packet
Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
sending notification PAYLOAD_MALFORMED to x.x.x.186:500
Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
failed to build notification for spisize=0
Oct 19 23:29:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
discarding duplicate packet; already STATE_MAIN_I3
Oct 19 23:29:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
next payload type of ISAKMP Hash Payload has an unknown value: 168
Oct 19 23:29:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
malformed payload in packet
Oct 19 23:29:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
sending notification PAYLOAD_MALFORMED to x.x.x.186:500
Oct 19 23:29:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
failed to build notification for spisize=0
Oct 19 23:29:24 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
next payload type of ISAKMP Hash Payload has an unknown value: 41
Oct 19 23:29:24 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
malformed payload in packet
Oct 19 23:29:24 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
sending notification PAYLOAD_MALFORMED to x.x.x.186:500
Oct 19 23:29:24 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
failed to build notification for spisize=0
Oct 19 23:29:24 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
discarding duplicate packet; already STATE_MAIN_I3
Oct 19 23:30:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
max number of retransmissions (2) reached STATE_MAIN_I3. Possible
authentication
Oct 19 23:30:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
starting keying attempt 2 of at most 10
Oct 19 23:30:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
initiating Main Mode to replace #211
Oct 19 23:30:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set
to=108
Oct 19 23:30:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 19 23:30:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT
detected
Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215: I
am sending my cert
Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215: I
am sending a certificate request
Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
next payload type of ISAKMP Hash Payload has an unknown value: 86
Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
malformed payload in packet
Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
sending notification PAYLOAD_MALFORMED to x.x.x.186:500
Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
failed to build notification for spisize=0
Oct 19 23:30:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
discarding duplicate packet; already STATE_MAIN_I3
Oct 19 23:30:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
next payload type of ISAKMP Hash Payload has an unknown value: 25
Oct 19 23:30:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
malformed payload in packet
Oct 19 23:30:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
sending notification PAYLOAD_MALFORMED to x.x.x.186:500
Oct 19 23:30:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
failed to build notification for spisize=0
Oct 19 23:30:35 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
discarding duplicate packet; already STATE_MAIN_I3
Oct 19 23:30:35 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
next payload type of ISAKMP Hash Payload has an unknown value: 190
Oct 19 23:30:35 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
malformed payload in packet
Oct 19 23:30:35 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
sending notification PAYLOAD_MALFORMED to x.x.x.186:500
Oct 19 23:30:35 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
failed to build notification for spisize=0
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
max number of retransmissions (2) reached STATE_MAIN_I3. Possible
authentication
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
starting keying attempt 3 of at most 10
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
initiating Main Mode to replace #215
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set
to=108
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT
detected
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219: I
am sending my cert
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219: I
am sending a certificate request
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
next payload type of ISAKMP Hash Payload has an unknown value: 253
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
malformed payload in packet
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
sending notification PAYLOAD_MALFORMED to x.x.x.186:500
Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
failed to build notification for spisize=0
[Or maybe it really broke here - we did catch it right away]
Oct 19 23:31:23 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #144:
IPsec SA expired (--dontrekey)
Oct 19 23:31:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
discarding duplicate packet; already STATE_MAIN_I3
Oct 19 23:31:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
next payload type of ISAKMP Hash Payload has an unknown value: 210
Oct 19 23:31:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
malformed payload in packet
Oct 19 23:31:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
sending notification PAYLOAD_MALFORMED to x.x.x.186:500
Oct 19 23:31:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
failed to build notification for spisize=0
Oct 19 23:31:45 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
next payload type of ISAKMP Hash Payload has an unknown value: 195
Oct 19 23:31:45 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
malformed payload in packet
Oct 19 23:31:45 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
sending notification PAYLOAD_MALFORMED to x.x.x.186:500
Oct 19 23:31:45 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
failed to build notification for spisize=0
[Manually restarted connection here]
Oct 19 23:31:53 NiagaraRASGW pluto[12259]: packet from x.x.x.186:4500:
Informational Exchange is for an unknown (expired?) SA
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: packet from x.x.x.186:1:
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: packet from x.x.x.186:1:
ignoring Vendor ID payload [FRAGMENTATION]
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: packet from x.x.x.186:1:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set
to=106
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: packet from x.x.x.186:1:
ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RAS"[3] x.x.x.186 #223:
responding to Main Mode from unknown peer x.x.x.186
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RAS"[3] x.x.x.186 #223:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RAS"[3] x.x.x.186 #223:
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is
NATed
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RAS"[3] x.x.x.186 #223:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RAS"[3] x.x.x.186 #223: Main
mode peer ID is ID_DER_ASN1_DN: 'C=US, OU=Exec, OU=Cons, OU=Eng,
O=Atlas, CN=jo
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RAS"[3] x.x.x.186 #223: no
crl from issuer "C=US, O=Atlas, OU=PKI, CN=NiagaraCA" found (strict=no)
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #223:
deleting connection "RAS" instance with peer x.x.x.186
{isakmp=#0/ipsec=#0}
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #223: I
am sending my cert
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #223:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: | NAT-T: new mapping
x.x.x.186:1/4500)
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #223:
sent MR3, ISAKMP SA established
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #224:
responding to Quick Mode {msgid:222f5b21}
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #224:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #224:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #224:
IPsec SA established {ESP=>0xdbcfb44c <0xf5580292 xfrm=3DES_0-HMAC_SHA1
NATD=24.7
Oct 19 23:32:13 NiagaraRASGW sshd[14166]: Accepted password for root
from 192.168.223.15 port 1040 ssh2
Oct 19 23:32:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
max number of retransmissions (2) reached STATE_MAIN_I3. Possible
authentication
Oct 19 23:32:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
starting keying attempt 4 of at most 10
Oct 19 23:32:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #228:
initiating Main Mode to replace #219
Oct 19 23:32:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #228:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set
to=108
Oct 19 23:32:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #228:
enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 19 23:32:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #228:
transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Here is the Oakley log from the windows station. It is three hours and
fifty four minutes ahead of the OSW gateway (it's a dual boot station
getting around the Windows problem with the system clock set to UTC).
There is an example of a different failure from the one above in this
log at the very end although there may be fragments of the same failure
as the /var/log/secure file. The failure appears to start at 4:38
although the problem didn't manifest itself until around 4:55 when the
IPSec SA expired and could not negotiate a new ISAKMP SA. The Windows
client is set to rekey phase II every 300 seconds.
10-20: 03:00:07:593:784 Initialization OK
10-20: 03:05:11:15:7e8 Acquire from driver: op=00000006
src=192.168.223.15.0 dst=10.1.1.36.0 proto = 0, SrcMask=255.255.255.255,
DstMask=0.0.0.0, Tunnel 1, TunnelEndpt=x.x.x.187 Inbound
TunnelEndpt=192.168.223.15
10-20: 03:05:11:15:268 Filter to match: Src x.x.x.187 Dst 192.168.223.15
10-20: 03:05:11:62:268 MM PolicyName: 1
10-20: 03:05:11:62:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
10-20: 03:05:11:62:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
10-20: 03:05:11:62:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
10-20: 03:05:11:62:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
CN=NiagaraCA AuthFlags 0
10-20: 03:05:11:62:268 QM PolicyName: x4
{849d92b4-e903-4752-8225-b487ee66c2ed} dwFlags 1
10-20: 03:05:11:62:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
10-20: 03:05:11:62:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-20: 03:05:11:62:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:05:11:62:268 Starting Negotiation: src = 192.168.223.15.0500,
dst = x.x.x.187.0500, proto = 00, context = 00000006, ProxySrc =
192.168.223.15.0000, ProxyDst = 0.0.0.0.0000 SrcMask = 255.255.255.255
DstMask = 0.0.0.0
10-20: 03:05:11:62:268 constructing ISAKMP Header
10-20: 03:05:11:62:268 constructing SA (ISAKMP)
10-20: 03:05:11:62:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
10-20: 03:05:11:78:268 Constructing Vendor FRAGMENTATION
10-20: 03:05:11:78:268 Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
10-20: 03:05:11:78:268 Constructing Vendor Vid-Initial-Contact
10-20: 03:05:11:78:268
10-20: 03:05:11:78:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
10-20: 03:05:11:78:268 ISAKMP Header: (V1.0), len = 168
10-20: 03:05:11:78:268 I-COOKIE e846ca024fa64e8b
10-20: 03:05:11:78:268 R-COOKIE 0000000000000000
10-20: 03:05:11:78:268 exchange: Oakley Main Mode
10-20: 03:05:11:78:268 flags: 0
10-20: 03:05:11:78:268 next payload: SA
10-20: 03:05:11:78:268 message ID: 00000000
10-20: 03:05:11:78:268 Ports S:f401 D:f401
10-20: 03:05:11:78:268
10-20: 03:05:11:78:268 Receive: (get) SA = 0x000e86b8 from x.x.x.187.500
10-20: 03:05:11:78:268 ISAKMP Header: (V1.0), len = 140
10-20: 03:05:11:78:268 I-COOKIE e846ca024fa64e8b
10-20: 03:05:11:78:268 R-COOKIE f58016155872010a
10-20: 03:05:11:78:268 exchange: Oakley Main Mode
10-20: 03:05:11:78:268 flags: 0
10-20: 03:05:11:78:268 next payload: SA
10-20: 03:05:11:78:268 message ID: 00000000
10-20: 03:05:11:78:268 processing payload SA
10-20: 03:05:11:78:268 Received Phase 1 Transform 1
10-20: 03:05:11:93:268 Encryption Alg Triple DES CBC(5)
10-20: 03:05:11:93:268 Hash Alg SHA(2)
10-20: 03:05:11:93:268 Oakley Group 2
10-20: 03:05:11:93:268 Auth Method RSA Signature with
Certificates(3)
10-20: 03:05:11:93:268 Life type in Seconds
10-20: 03:05:11:93:268 Life duration of 300
10-20: 03:05:11:93:268 Phase 1 SA accepted: transform=1
10-20: 03:05:11:93:268 SA - Oakley proposal accepted
10-20: 03:05:11:93:268 processing payload VENDOR ID
10-20: 03:05:11:93:268 processing payload VENDOR ID
10-20: 03:05:11:93:268 processing payload VENDOR ID
10-20: 03:05:11:93:268 Received VendorId draft-ietf-ipsec-nat-t-ike-02
10-20: 03:05:11:93:268 ClearFragList
10-20: 03:05:11:93:268 constructing ISAKMP Header
10-20: 03:05:11:125:268 constructing KE
10-20: 03:05:11:125:268 constructing NONCE (ISAKMP)
10-20: 03:05:11:125:268 Constructing NatDisc
10-20: 03:05:11:125:268
10-20: 03:05:11:125:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
10-20: 03:05:11:125:268 ISAKMP Header: (V1.0), len = 232
10-20: 03:05:11:125:268 I-COOKIE e846ca024fa64e8b
10-20: 03:05:11:125:268 R-COOKIE f58016155872010a
10-20: 03:05:11:125:268 exchange: Oakley Main Mode
10-20: 03:05:11:125:268 flags: 0
10-20: 03:05:11:125:268 next payload: KE
10-20: 03:05:11:125:268 message ID: 00000000
10-20: 03:05:11:125:268 Ports S:f401 D:f401
10-20: 03:05:11:140:268
10-20: 03:05:11:140:268 Receive: (get) SA = 0x000e86b8 from
x.x.x.187.500
10-20: 03:05:11:140:268 ISAKMP Header: (V1.0), len = 228
10-20: 03:05:11:140:268 I-COOKIE e846ca024fa64e8b
10-20: 03:05:11:140:268 R-COOKIE f58016155872010a
10-20: 03:05:11:140:268 exchange: Oakley Main Mode
10-20: 03:05:11:140:268 flags: 0
10-20: 03:05:11:140:268 next payload: KE
10-20: 03:05:11:140:268 message ID: 00000000
10-20: 03:05:11:140:268 processing payload KE
10-20: 03:05:11:156:268 processing payload NONCE
10-20: 03:05:11:156:268 processing payload NATDISC
10-20: 03:05:11:156:268 Processing NatHash
10-20: 03:05:11:156:268 Nat hash 3682cdcdd487c4717fe4116617112445
10-20: 03:05:11:156:268 955fd06e
10-20: 03:05:11:156:268 SA StateMask2 1f
10-20: 03:05:11:156:268 processing payload NATDISC
10-20: 03:05:11:156:268 Processing NatHash
10-20: 03:05:11:156:268 Nat hash d5c4823b7cf7bdfe04d9df065c4d8a9b
10-20: 03:05:11:156:268 ef8df53f
10-20: 03:05:11:156:268 SA StateMask2 9f
10-20: 03:05:11:156:268 ClearFragList
10-20: 03:05:11:156:268 Floated Ports Orig Me:f401 Peer:f401
10-20: 03:05:11:156:268 Floated Ports Me:9411 Peer:9411
10-20: 03:05:11:156:268 constructing ISAKMP Header
10-20: 03:05:11:156:268 constructing ID
10-20: 03:05:11:156:268 Received no valid CRPs. Using all configured
10-20: 03:05:11:156:268 Looking for IPSec only cert
10-20: 03:05:11:156:268 failed to get chain 80092004
10-20: 03:05:11:156:268 Looking for any cert
10-20: 03:05:11:312:268 Cert Trustes. 0 100
10-20: 03:05:11:312:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 03:05:11:312:268 6fb09c33
10-20: 03:05:11:468:268 Entered CRL check
10-20: 03:05:11:500:268 Left CRL check
10-20: 03:05:11:500:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 03:05:11:500:268 6fb09c33
10-20: 03:05:11:500:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
O=Atlas, CN=john.sullivan
10-20: 03:05:11:500:268 Cert Serialnumber 32
10-20: 03:05:11:500:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 03:05:11:500:268 6fb09c33
10-20: 03:05:11:500:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 03:05:11:500:268 Cert Serialnumber 00
10-20: 03:05:11:500:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 03:05:11:500:268 7e34f701
10-20: 03:05:11:500:268 Not storing My cert chain in SA.
10-20: 03:05:11:500:268 MM ID Type 9
10-20: 03:05:11:500:268 MM ID 3061310b300906035504061302555331
10-20: 03:05:11:500:268 0d300b060355040b130445786563310d
10-20: 03:05:11:500:268 300b060355040b1304436f6e73310c30
10-20: 03:05:11:500:268 0a060355040b1303456e67310e300c06
10-20: 03:05:11:500:268 0355040a130541746c61733116301406
10-20: 03:05:11:500:268 03550403130d6a6f686e2e73756c6c69
10-20: 03:05:11:500:268 76616e
10-20: 03:05:11:500:268 constructing CERT
10-20: 03:05:11:500:268 Construct SIG
10-20: 03:05:11:515:268 Constructing Cert Request
10-20: 03:05:11:515:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 03:05:11:515:268
10-20: 03:05:11:515:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
2.4500
10-20: 03:05:11:515:268 ISAKMP Header: (V1.0), len = 1188
10-20: 03:05:11:515:268 I-COOKIE e846ca024fa64e8b
10-20: 03:05:11:515:268 R-COOKIE f58016155872010a
10-20: 03:05:11:515:268 exchange: Oakley Main Mode
10-20: 03:05:11:515:268 flags: 1 ( encrypted )
10-20: 03:05:11:515:268 next payload: ID
10-20: 03:05:11:515:268 message ID: 00000000
10-20: 03:05:11:515:268 Ports S:9411 D:9411
10-20: 03:05:11:515:268
10-20: 03:05:11:515:268 Receive: (get) SA = 0x000e86b8 from
x.x.x.187.4500
10-20: 03:05:11:515:268 ISAKMP Header: (V1.0), len = 1036
10-20: 03:05:11:515:268 I-COOKIE e846ca024fa64e8b
10-20: 03:05:11:515:268 R-COOKIE f58016155872010a
10-20: 03:05:11:515:268 exchange: Oakley Main Mode
10-20: 03:05:11:515:268 flags: 1 ( encrypted )
10-20: 03:05:11:515:268 next payload: ID
10-20: 03:05:11:515:268 message ID: 00000000
10-20: 03:05:11:531:268 processing payload ID
10-20: 03:05:11:531:268 processing payload CERT
10-20: 03:05:11:531:268 processing payload SIG
10-20: 03:05:11:531:268 Verifying CertStore
10-20: 03:05:11:531:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 03:05:11:531:268 Cert Serialnumber 31
10-20: 03:05:11:531:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 03:05:11:531:268 810b3d66
10-20: 03:05:11:531:268 Cert Trustes. 0 100
10-20: 03:05:11:531:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 03:05:11:531:268 Cert Serialnumber 31
10-20: 03:05:11:531:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 03:05:11:531:268 810b3d66
10-20: 03:05:11:531:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 03:05:11:531:268 Cert Serialnumber 00
10-20: 03:05:11:531:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 03:05:11:531:268 7e34f701
10-20: 03:05:11:531:268 Not storing Peer's cert chain in SA.
10-20: 03:05:11:531:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 03:05:11:531:268 810b3d66
10-20: 03:05:11:531:268 Entered CRL check
10-20: 03:05:11:531:268 Left CRL check
10-20: 03:05:11:531:268 Signature validated
10-20: 03:05:11:531:268 ClearFragList
10-20: 03:05:11:531:268 MM established. SA: 000E86B8
10-20: 03:05:11:531:268 QM PolicyName: x4
{849d92b4-e903-4752-8225-b487ee66c2ed} dwFlags 1
10-20: 03:05:11:531:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
10-20: 03:05:11:531:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-20: 03:05:11:531:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:05:11:531:268 GetSpi: src = 0.0.0.0.0000, dst =
192.168.223.15.0000, proto = 00, context = 00000006, srcMask = 0.0.0.0,
destMask = 255.255.255.255, TunnelFilter 1
10-20: 03:05:11:531:268 Setting SPI 1171187885
10-20: 03:05:11:531:268 constructing ISAKMP Header
10-20: 03:05:11:531:268 constructing HASH (null)
10-20: 03:05:11:531:268 constructing SA (IPSEC)
10-20: 03:05:11:531:268 constructing QM KE
10-20: 03:05:11:562:268 constructing NONCE (IPSEC)
10-20: 03:05:11:562:268 constructing ID (proxy)
10-20: 03:05:11:562:268 constructing ID (proxy)
10-20: 03:05:11:562:268 constructing HASH (QM)
10-20: 03:05:11:562:268
10-20: 03:05:11:562:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
2.4500
10-20: 03:05:11:562:268 ISAKMP Header: (V1.0), len = 284
10-20: 03:05:11:562:268 I-COOKIE e846ca024fa64e8b
10-20: 03:05:11:562:268 R-COOKIE f58016155872010a
10-20: 03:05:11:562:268 exchange: Oakley Quick Mode
10-20: 03:05:11:562:268 flags: 1 ( encrypted )
10-20: 03:05:11:562:268 next payload: HASH
10-20: 03:05:11:562:268 message ID: 9e5ea4fc
10-20: 03:05:11:562:268 Ports S:9411 D:9411
10-20: 03:05:11:562:268
10-20: 03:05:11:562:268 Receive: (get) SA = 0x000e86b8 from
x.x.x.187.4500
10-20: 03:05:11:562:268 ISAKMP Header: (V1.0), len = 276
10-20: 03:05:11:562:268 I-COOKIE e846ca024fa64e8b
10-20: 03:05:11:562:268 R-COOKIE f58016155872010a
10-20: 03:05:11:562:268 exchange: Oakley Quick Mode
10-20: 03:05:11:562:268 flags: 1 ( encrypted )
10-20: 03:05:11:562:268 next payload: HASH
10-20: 03:05:11:562:268 message ID: 9e5ea4fc
10-20: 03:05:11:562:268 processing HASH (QM)
10-20: 03:05:11:562:268 ClearFragList
10-20: 03:05:11:562:268 processing payload NONCE
10-20: 03:05:11:562:268 processing payload KE
10-20: 03:05:11:562:268 Quick Mode KE processed; Saved KE data
10-20: 03:05:11:562:268 processing payload ID
10-20: 03:05:11:562:268 processing payload ID
10-20: 03:05:11:562:268 processing payload SA
10-20: 03:05:11:562:268 Negotiated Proxy ID: Src 192.168.223.15.0 Dst
0.0.0.0.0
10-20: 03:05:11:562:268 Dst id for subnet. Mask 0.0.0.0
10-20: 03:05:11:562:268 Checking Proposal 1: Proto= ESP(3), num trans=1
Next=0
10-20: 03:05:11:562:268 Checking Transform # 1: ID=Triple DES CBC(3)
10-20: 03:05:11:562:268 tunnel mode is 61443(61443)
10-20: 03:05:11:562:268 HMAC algorithm is SHA(2)
10-20: 03:05:11:562:268 group description for PFS is 2
10-20: 03:05:11:562:268 Phase 2 SA accepted: proposal=1 transform=1
10-20: 03:05:11:578:268 constructing ISAKMP Header
10-20: 03:05:11:578:268 constructing HASH (QM)
10-20: 03:05:11:578:268 Adding QMs: src = 192.168.223.15.0000, dst =
0.0.0.0.0000, proto = 00, context = 00000006, my tunnel =
192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 281 Direction 2
EncapType 3
10-20: 03:05:11:578:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:05:11:578:268 Algo[0] MySpi: 1171187885 PeerSpi: 4116185690
10-20: 03:05:11:578:268 Encap Ports Src 4500 Dst 4500
10-20: 03:05:11:578:268 Skipping Outbound SA add
10-20: 03:05:11:578:268 Adding QMs: src = 192.168.223.15.0000, dst =
0.0.0.0.0000, proto = 00, context = 00000006, my tunnel =
192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 281 Direction 3
EncapType 3
10-20: 03:05:11:578:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:05:11:578:268 Algo[0] MySpi: 1171187885 PeerSpi: 4116185690
10-20: 03:05:11:578:268 Encap Ports Src 4500 Dst 4500
10-20: 03:05:11:578:268 Skipping Inbound SA add
10-20: 03:05:11:578:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
0 QMCount 1
10-20: 03:05:11:578:268 isadb_set_status sa:000E86B8 centry:000EA5E8
status 0
10-20: 03:05:11:578:268
10-20: 03:05:11:578:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
4.4500
10-20: 03:05:11:578:268 ISAKMP Header: (V1.0), len = 52
10-20: 03:05:11:578:268 I-COOKIE e846ca024fa64e8b
10-20: 03:05:11:578:268 R-COOKIE f58016155872010a
10-20: 03:05:11:578:268 exchange: Oakley Quick Mode
10-20: 03:05:11:578:268 flags: 1 ( encrypted )
10-20: 03:05:11:578:268 next payload: HASH
10-20: 03:05:11:578:268 message ID: 9e5ea4fc
10-20: 03:05:11:578:268 Ports S:9411 D:9411
10-20: 03:06:11:593:268 CE Dead. sa:000E86B8 ce:000EA5E8 status:35ef
10-20: 03:07:37:625:268 Peer List Entry 0012A2C0
10-20: 03:09:11:562:268 Expire_sa SA=e86b8
10-20: 03:09:11:562:268 SA Dead. sa:000E86B8 status:35ef
10-20: 03:09:11:562:268 isadb_set_status sa:000E86B8 centry:00000000
status 35ef
10-20: 03:09:11:562:268 constructing ISAKMP Header
10-20: 03:09:11:562:268 constructing HASH (null)
10-20: 03:09:11:562:268 constructing DELETE. MM 000E86B8
10-20: 03:09:11:562:268 constructing HASH (Notify/Delete)
10-20: 03:09:11:562:268 Not setting retransmit to downlevel client. SA
000E86B8 Centry 00000000
10-20: 03:09:11:562:268
10-20: 03:09:11:562:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
1.4500
10-20: 03:09:11:562:268 ISAKMP Header: (V1.0), len = 84
10-20: 03:09:11:562:268 I-COOKIE e846ca024fa64e8b
10-20: 03:09:11:562:268 R-COOKIE f58016155872010a
10-20: 03:09:11:562:268 exchange: ISAKMP Informational Exchange
10-20: 03:09:11:562:268 flags: 1 ( encrypted )
10-20: 03:09:11:562:268 next payload: HASH
10-20: 03:09:11:562:268 message ID: af1c22ba
10-20: 03:09:11:562:268 Ports S:9411 D:9411
10-20: 03:09:11:562:268
10-20: 03:09:11:562:268 Receive: (get) SA = 0x000e86b8 from
x.x.x.187.4500
10-20: 03:09:11:562:268 ISAKMP Header: (V1.0), len = 84
10-20: 03:09:11:562:268 I-COOKIE e846ca024fa64e8b
10-20: 03:09:11:562:268 R-COOKIE f58016155872010a
10-20: 03:09:11:562:268 exchange: ISAKMP Informational Exchange
10-20: 03:09:11:562:268 flags: 1 ( encrypted )
10-20: 03:09:11:562:268 next payload: HASH
10-20: 03:09:11:562:268 message ID: 84455498
10-20: 03:09:11:562:268 processing HASH (Notify/Delete)
10-20: 03:09:11:562:268 processing payload DELETE
10-20: 03:11:22:640:268 Peer List Entry 0012A2C0
10-20: 03:15:07:640:268 Peer List Entry 0012A2C0
10-20: 03:18:52:640:268 Peer List Entry 0012A2C0
10-20: 03:22:37:640:268 Peer List Entry 0012A2C0
10-20: 03:25:42:484:784 isadb_schedule_kill_oldPolicy_sas:
a9a8c070-99f0-4682-a85621e9fefd1b97 4
10-20: 03:25:42:484:784 isadb_schedule_kill_oldPolicy_sas:
e6105637-8e19-4d90-be17424b920e0d4f 4
10-20: 03:25:42:484:784 isadb_schedule_kill_oldPolicy_sas:
7fd6ee96-828e-4453-aacb226d14e9fec2 3
10-20: 03:25:42:484:784 isadb_schedule_kill_oldPolicy_sas:
8fdeb7f5-e227-4a23-8ef94fa12358b20e 3
10-20: 03:25:42:484:784 isadb_schedule_kill_oldPolicy_sas:
51496c15-5117-47eb-8492fb402e5d7711 1
10-20: 03:25:42:484:784 isadb_schedule_kill_oldPolicy_sas:
849d92b4-e903-4752-8225b487ee66c2ed 2
10-20: 03:25:42:484:268 QM Deleted. Notify from driver: Src
192.168.223.15 Dest 0.0.0.0 InSPI 1171187885 OutSpi 4116185690 Tunnel
bbfb4b18 TunnelFilter 0
10-20: 03:25:42:484:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
0 QMCount 0
10-20: 03:25:42:484:268 constructing ISAKMP Header
10-20: 03:25:42:484:268 constructing HASH (null)
10-20: 03:25:42:484:268 Construct QM Delete Spi 1171187885
10-20: 03:25:42:484:268 constructing HASH (Notify/Delete)
10-20: 03:25:42:484:268 Not setting retransmit to downlevel client. SA
000E86B8 Centry 00000000
10-20: 03:25:42:484:268
10-20: 03:25:42:484:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
1.4500
10-20: 03:25:42:484:268 ISAKMP Header: (V1.0), len = 68
10-20: 03:25:42:484:268 I-COOKIE e846ca024fa64e8b
10-20: 03:25:42:484:268 R-COOKIE f58016155872010a
10-20: 03:25:42:484:268 exchange: ISAKMP Informational Exchange
10-20: 03:25:42:484:268 flags: 1 ( encrypted )
10-20: 03:25:42:484:268 next payload: HASH
10-20: 03:25:42:484:268 message ID: 390e89be
10-20: 03:25:42:484:268 Ports S:9411 D:9411
10-20: 03:25:42:484:268 PrivatePeerAddr 0
10-20: 03:25:42:500:3d4 entered kill_old_policy_sas 4
10-20: 03:25:42:500:3d4 entered kill_old_policy_sas 4
10-20: 03:25:42:500:3d4 entered kill_old_policy_sas 3
10-20: 03:25:42:500:3d4 entered kill_old_policy_sas 3
10-20: 03:25:42:500:3d4 entered kill_old_policy_sas 1
10-20: 03:25:42:500:3d4 entered kill_old_policy_sas 2
10-20: 03:25:43:843:7e8 Acquire from driver: op=00000007
src=192.168.223.15.0 dst=10.1.1.36.0 proto = 0, SrcMask=255.255.255.255,
DstMask=0.0.0.0, Tunnel 1, TunnelEndpt=x.x.x.187 Inbound
TunnelEndpt=192.168.223.15
10-20: 03:25:43:843:268 Filter to match: Src x.x.x.187 Dst
192.168.223.15
10-20: 03:25:43:859:268 MM PolicyName: 2
10-20: 03:25:43:859:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
10-20: 03:25:43:859:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
10-20: 03:25:43:859:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
10-20: 03:25:43:859:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
CN=NiagaraCA AuthFlags 0
10-20: 03:25:43:859:268 QM PolicyName: x4
{f53078be-bfb6-49f7-b26c-d8c6879b89aa} dwFlags 1
10-20: 03:25:43:859:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
10-20: 03:25:43:859:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-20: 03:25:43:859:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:25:43:859:268 Starting Negotiation: src = 192.168.223.15.0500,
dst = x.x.x.187.0500, proto = 00, context = 00000007, ProxySrc =
192.168.223.15.0000, ProxyDst = 0.0.0.0.0000 SrcMask = 255.255.255.255
DstMask = 0.0.0.0
10-20: 03:25:43:859:268 constructing ISAKMP Header
10-20: 03:25:43:859:268 constructing SA (ISAKMP)
10-20: 03:25:43:859:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
10-20: 03:25:43:859:268 Constructing Vendor FRAGMENTATION
10-20: 03:25:43:859:268 Constructing Vendor
draft-ietf-ipsec-nat-t-ike-02
10-20: 03:25:43:859:268 Constructing Vendor Vid-Initial-Contact
10-20: 03:25:43:859:268
10-20: 03:25:43:859:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
10-20: 03:25:43:859:268 ISAKMP Header: (V1.0), len = 168
10-20: 03:25:43:859:268 I-COOKIE 39c3ef73e9414846
10-20: 03:25:43:859:268 R-COOKIE 0000000000000000
10-20: 03:25:43:859:268 exchange: Oakley Main Mode
10-20: 03:25:43:859:268 flags: 0
10-20: 03:25:43:859:268 next payload: SA
10-20: 03:25:43:859:268 message ID: 00000000
10-20: 03:25:43:859:268 Ports S:f401 D:f401
10-20: 03:25:43:859:268
10-20: 03:25:43:859:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.500
10-20: 03:25:43:859:268 ISAKMP Header: (V1.0), len = 140
10-20: 03:25:43:859:268 I-COOKIE 39c3ef73e9414846
10-20: 03:25:43:859:268 R-COOKIE 8b4e99d8511141fc
10-20: 03:25:43:859:268 exchange: Oakley Main Mode
10-20: 03:25:43:859:268 flags: 0
10-20: 03:25:43:859:268 next payload: SA
10-20: 03:25:43:859:268 message ID: 00000000
10-20: 03:25:43:859:268 processing payload SA
10-20: 03:25:43:859:268 Received Phase 1 Transform 1
10-20: 03:25:43:859:268 Encryption Alg Triple DES CBC(5)
10-20: 03:25:43:859:268 Hash Alg SHA(2)
10-20: 03:25:43:859:268 Oakley Group 2
10-20: 03:25:43:859:268 Auth Method RSA Signature with
Certificates(3)
10-20: 03:25:43:859:268 Life type in Seconds
10-20: 03:25:43:859:268 Life duration of 300
10-20: 03:25:43:859:268 Phase 1 SA accepted: transform=1
10-20: 03:25:43:859:268 SA - Oakley proposal accepted
10-20: 03:25:43:859:268 processing payload VENDOR ID
10-20: 03:25:43:859:268 processing payload VENDOR ID
10-20: 03:25:43:859:268 processing payload VENDOR ID
10-20: 03:25:43:859:268 Received VendorId draft-ietf-ipsec-nat-t-ike-02
10-20: 03:25:43:859:268 ClearFragList
10-20: 03:25:43:859:268 constructing ISAKMP Header
10-20: 03:25:43:890:268 constructing KE
10-20: 03:25:43:890:268 constructing NONCE (ISAKMP)
10-20: 03:25:43:890:268 Constructing NatDisc
10-20: 03:25:43:890:268
10-20: 03:25:43:890:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
10-20: 03:25:43:890:268 ISAKMP Header: (V1.0), len = 232
10-20: 03:25:43:890:268 I-COOKIE 39c3ef73e9414846
10-20: 03:25:43:890:268 R-COOKIE 8b4e99d8511141fc
10-20: 03:25:43:890:268 exchange: Oakley Main Mode
10-20: 03:25:43:890:268 flags: 0
10-20: 03:25:43:890:268 next payload: KE
10-20: 03:25:43:890:268 message ID: 00000000
10-20: 03:25:43:890:268 Ports S:f401 D:f401
10-20: 03:25:43:890:268
10-20: 03:25:43:890:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.500
10-20: 03:25:43:890:268 ISAKMP Header: (V1.0), len = 228
10-20: 03:25:43:890:268 I-COOKIE 39c3ef73e9414846
10-20: 03:25:43:890:268 R-COOKIE 8b4e99d8511141fc
10-20: 03:25:43:890:268 exchange: Oakley Main Mode
10-20: 03:25:43:890:268 flags: 0
10-20: 03:25:43:890:268 next payload: KE
10-20: 03:25:43:890:268 message ID: 00000000
10-20: 03:25:43:890:268 processing payload KE
10-20: 03:25:43:906:268 processing payload NONCE
10-20: 03:25:43:906:268 processing payload NATDISC
10-20: 03:25:43:906:268 Processing NatHash
10-20: 03:25:43:906:268 Nat hash e1353c77f1bc93300d10f908b82e8e5e
10-20: 03:25:43:906:268 ebf90175
10-20: 03:25:43:906:268 SA StateMask2 1f
10-20: 03:25:43:906:268 processing payload NATDISC
10-20: 03:25:43:906:268 Processing NatHash
10-20: 03:25:43:906:268 Nat hash cd8c4354179aff78c71faa66efaa7e6e
10-20: 03:25:43:906:268 35aba422
10-20: 03:25:43:906:268 SA StateMask2 5f
10-20: 03:25:43:906:268 ClearFragList
10-20: 03:25:43:906:268 Peer behind NAT
10-20: 03:25:43:906:268 Floated Ports Orig Me:f401 Peer:f401
10-20: 03:25:43:906:268 Floated Ports Me:9411 Peer:9411
10-20: 03:25:43:906:268 constructing ISAKMP Header
10-20: 03:25:43:906:268 constructing ID
10-20: 03:25:43:906:268 Received no valid CRPs. Using all configured
10-20: 03:25:43:906:268 Looking for IPSec only cert
10-20: 03:25:43:906:268 failed to get chain 80092004
10-20: 03:25:43:906:268 Looking for any cert
10-20: 03:25:43:906:268 Cert Trustes. 0 100
10-20: 03:25:43:906:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 03:25:43:906:268 6fb09c33
10-20: 03:25:43:906:268 Entered CRL check
10-20: 03:25:43:906:268 Left CRL check
10-20: 03:25:43:906:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 03:25:43:906:268 6fb09c33
10-20: 03:25:43:906:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
O=Atlas, CN=john.sullivan
10-20: 03:25:43:906:268 Cert Serialnumber 32
10-20: 03:25:43:906:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 03:25:43:906:268 6fb09c33
10-20: 03:25:43:906:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 03:25:43:906:268 Cert Serialnumber 00
10-20: 03:25:43:906:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 03:25:43:906:268 7e34f701
10-20: 03:25:43:906:268 Not storing My cert chain in SA.
10-20: 03:25:43:906:268 MM ID Type 9
10-20: 03:25:43:906:268 MM ID 3061310b300906035504061302555331
10-20: 03:25:43:906:268 0d300b060355040b130445786563310d
10-20: 03:25:43:906:268 300b060355040b1304436f6e73310c30
10-20: 03:25:43:906:268 0a060355040b1303456e67310e300c06
10-20: 03:25:43:906:268 0355040a130541746c61733116301406
10-20: 03:25:43:906:268 03550403130d6a6f686e2e73756c6c69
10-20: 03:25:43:906:268 76616e
10-20: 03:25:43:906:268 constructing CERT
10-20: 03:25:43:906:268 Construct SIG
10-20: 03:25:43:921:268 Constructing Cert Request
10-20: 03:25:43:921:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 03:25:43:921:268
10-20: 03:25:43:921:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
2.4500
10-20: 03:25:43:921:268 ISAKMP Header: (V1.0), len = 1188
10-20: 03:25:43:921:268 I-COOKIE 39c3ef73e9414846
10-20: 03:25:43:921:268 R-COOKIE 8b4e99d8511141fc
10-20: 03:25:43:921:268 exchange: Oakley Main Mode
10-20: 03:25:43:921:268 flags: 1 ( encrypted )
10-20: 03:25:43:921:268 next payload: ID
10-20: 03:25:43:921:268 message ID: 00000000
10-20: 03:25:43:921:268 Ports S:9411 D:9411
10-20: 03:25:43:921:268
10-20: 03:25:43:921:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.4500
10-20: 03:25:43:921:268 ISAKMP Header: (V1.0), len = 1036
10-20: 03:25:43:921:268 I-COOKIE 39c3ef73e9414846
10-20: 03:25:43:921:268 R-COOKIE 8b4e99d8511141fc
10-20: 03:25:43:921:268 exchange: Oakley Main Mode
10-20: 03:25:43:921:268 flags: 1 ( encrypted )
10-20: 03:25:43:921:268 next payload: ID
10-20: 03:25:43:921:268 message ID: 00000000
10-20: 03:25:43:921:268 processing payload ID
10-20: 03:25:43:921:268 processing payload CERT
10-20: 03:25:43:921:268 processing payload SIG
10-20: 03:25:43:921:268 Verifying CertStore
10-20: 03:25:43:921:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 03:25:43:921:268 Cert Serialnumber 31
10-20: 03:25:43:921:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 03:25:43:921:268 810b3d66
10-20: 03:25:43:921:268 Cert Trustes. 0 100
10-20: 03:25:43:921:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 03:25:43:921:268 Cert Serialnumber 31
10-20: 03:25:43:921:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 03:25:43:921:268 810b3d66
10-20: 03:25:43:921:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 03:25:43:921:268 Cert Serialnumber 00
10-20: 03:25:43:921:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 03:25:43:937:268 7e34f701
10-20: 03:25:43:937:268 Not storing Peer's cert chain in SA.
10-20: 03:25:43:937:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 03:25:43:937:268 810b3d66
10-20: 03:25:43:937:268 Entered CRL check
10-20: 03:25:43:937:268 Left CRL check
10-20: 03:25:43:937:268 Signature validated
10-20: 03:25:43:937:268 ClearFragList
10-20: 03:25:43:937:268 MM established. SA: 0011DAD0
10-20: 03:25:43:937:268 QM PolicyName: x4
{f53078be-bfb6-49f7-b26c-d8c6879b89aa} dwFlags 1
10-20: 03:25:43:937:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
10-20: 03:25:43:937:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-20: 03:25:43:937:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:25:43:937:268 GetSpi: src = 0.0.0.0.0000, dst =
192.168.223.15.0000, proto = 00, context = 00000007, srcMask = 0.0.0.0,
destMask = 255.255.255.255, TunnelFilter 1
10-20: 03:25:43:937:268 Setting SPI 3687822412
10-20: 03:25:43:937:268 constructing ISAKMP Header
10-20: 03:25:43:937:268 constructing HASH (null)
10-20: 03:25:43:937:268 constructing SA (IPSEC)
10-20: 03:25:43:937:268 constructing QM KE
10-20: 03:25:43:968:268 constructing NONCE (IPSEC)
10-20: 03:25:43:968:268 constructing ID (proxy)
10-20: 03:25:43:968:268 constructing ID (proxy)
10-20: 03:25:43:968:268 constructing HASH (QM)
10-20: 03:25:43:968:268
10-20: 03:25:43:968:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
2.4500
10-20: 03:25:43:968:268 ISAKMP Header: (V1.0), len = 284
10-20: 03:25:43:968:268 I-COOKIE 39c3ef73e9414846
10-20: 03:25:43:968:268 R-COOKIE 8b4e99d8511141fc
10-20: 03:25:43:968:268 exchange: Oakley Quick Mode
10-20: 03:25:43:968:268 flags: 1 ( encrypted )
10-20: 03:25:43:968:268 next payload: HASH
10-20: 03:25:43:968:268 message ID: 215b2f22
10-20: 03:25:43:968:268 Ports S:9411 D:9411
10-20: 03:25:43:968:268
10-20: 03:25:43:968:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.4500
10-20: 03:25:43:968:268 ISAKMP Header: (V1.0), len = 276
10-20: 03:25:43:968:268 I-COOKIE 39c3ef73e9414846
10-20: 03:25:43:968:268 R-COOKIE 8b4e99d8511141fc
10-20: 03:25:43:968:268 exchange: Oakley Quick Mode
10-20: 03:25:43:968:268 flags: 1 ( encrypted )
10-20: 03:25:43:968:268 next payload: HASH
10-20: 03:25:43:968:268 message ID: 215b2f22
10-20: 03:25:43:968:268 processing HASH (QM)
10-20: 03:25:43:968:268 ClearFragList
10-20: 03:25:43:968:268 processing payload NONCE
10-20: 03:25:43:968:268 processing payload KE
10-20: 03:25:43:968:268 Quick Mode KE processed; Saved KE data
10-20: 03:25:43:968:268 processing payload ID
10-20: 03:25:43:968:268 processing payload ID
10-20: 03:25:43:968:268 processing payload SA
10-20: 03:25:43:968:268 Negotiated Proxy ID: Src 192.168.223.15.0 Dst
0.0.0.0.0
10-20: 03:25:43:968:268 Dst id for subnet. Mask 0.0.0.0
10-20: 03:25:43:968:268 Checking Proposal 1: Proto= ESP(3), num trans=1
Next=0
10-20: 03:25:43:968:268 Checking Transform # 1: ID=Triple DES CBC(3)
10-20: 03:25:43:968:268 tunnel mode is 61443(61443)
10-20: 03:25:43:968:268 HMAC algorithm is SHA(2)
10-20: 03:25:43:968:268 group description for PFS is 2
10-20: 03:25:43:968:268 Phase 2 SA accepted: proposal=1 transform=1
10-20: 03:25:43:984:268 constructing ISAKMP Header
10-20: 03:25:43:984:268 constructing HASH (QM)
10-20: 03:25:43:984:268 isadb_find_peer_entry found entry
10-20: 03:25:43:984:268 Adding QMs: src = 192.168.223.15.0000, dst =
0.0.0.0.0000, proto = 00, context = 00000007, my tunnel =
192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 2
EncapType 3
10-20: 03:25:43:984:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:25:43:984:268 Algo[0] MySpi: 3687822412 PeerSpi: 4116185746
10-20: 03:25:43:984:268 Encap Ports Src 4500 Dst 4500
10-20: 03:25:43:984:268 Skipping Outbound SA add
10-20: 03:25:43:984:268 isadb_find_peer_entry found entry
10-20: 03:25:43:984:268 Adding QMs: src = 192.168.223.15.0000, dst =
0.0.0.0.0000, proto = 00, context = 00000007, my tunnel =
192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 3
EncapType 3
10-20: 03:25:43:984:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:25:43:984:268 Algo[0] MySpi: 3687822412 PeerSpi: 4116185746
10-20: 03:25:43:984:268 Encap Ports Src 4500 Dst 4500
10-20: 03:25:43:984:268 Skipping Inbound SA add
10-20: 03:25:43:984:268 isadb_find_peer_entry found entry
10-20: 03:25:43:984:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
0 QMCount 1
10-20: 03:25:43:984:268 isadb_set_status sa:0011DAD0 centry:000E6DC8
status 0
10-20: 03:25:43:984:268
10-20: 03:25:43:984:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
4.4500
10-20: 03:25:43:984:268 ISAKMP Header: (V1.0), len = 52
10-20: 03:25:43:984:268 I-COOKIE 39c3ef73e9414846
10-20: 03:25:43:984:268 R-COOKIE 8b4e99d8511141fc
10-20: 03:25:43:984:268 exchange: Oakley Quick Mode
10-20: 03:25:43:984:268 flags: 1 ( encrypted )
10-20: 03:25:43:984:268 next payload: HASH
10-20: 03:25:43:984:268 message ID: 215b2f22
10-20: 03:25:43:984:268 Ports S:9411 D:9411
10-20: 03:26:22:656:268 Peer List Entry 0012A2C0
10-20: 03:26:22:656:268 ClearFragList
10-20: 03:26:44:0:268 CE Dead. sa:0011DAD0 ce:000E6DC8 status:35ef
10-20: 03:29:43:968:268 Expire_sa SA=11dad0
10-20: 03:29:43:968:268 SA Dead. sa:0011DAD0 status:35ef
10-20: 03:29:43:968:268 isadb_set_status sa:0011DAD0 centry:00000000
status 35ef
10-20: 03:29:43:968:268 constructing ISAKMP Header
10-20: 03:29:43:968:268 constructing HASH (null)
10-20: 03:29:43:968:268 constructing DELETE. MM 0011DAD0
10-20: 03:29:43:968:268 constructing HASH (Notify/Delete)
10-20: 03:29:43:968:268 Not setting retransmit to downlevel client. SA
0011DAD0 Centry 00000000
10-20: 03:29:43:968:268
10-20: 03:29:43:968:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
1.4500
10-20: 03:29:43:968:268 ISAKMP Header: (V1.0), len = 84
10-20: 03:29:43:968:268 I-COOKIE 39c3ef73e9414846
10-20: 03:29:43:968:268 R-COOKIE 8b4e99d8511141fc
10-20: 03:29:43:968:268 exchange: ISAKMP Informational Exchange
10-20: 03:29:43:968:268 flags: 1 ( encrypted )
10-20: 03:29:43:968:268 next payload: HASH
10-20: 03:29:43:968:268 message ID: 7b092610
10-20: 03:29:43:968:268 Ports S:9411 D:9411
10-20: 03:29:43:968:268
10-20: 03:29:43:968:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.4500
10-20: 03:29:43:968:268 ISAKMP Header: (V1.0), len = 84
10-20: 03:29:43:968:268 I-COOKIE 39c3ef73e9414846
10-20: 03:29:43:968:268 R-COOKIE 8b4e99d8511141fc
10-20: 03:29:43:968:268 exchange: ISAKMP Informational Exchange
10-20: 03:29:43:968:268 flags: 1 ( encrypted )
10-20: 03:29:43:968:268 next payload: HASH
10-20: 03:29:43:968:268 message ID: 06dd1639
10-20: 03:29:43:968:268 processing HASH (Notify/Delete)
10-20: 03:29:43:968:268 processing payload DELETE
10-20: 03:30:07:687:268 Peer List Entry 0012A2C0
10-20: 03:33:52:687:268 Peer List Entry 0012A2C0
10-20: 03:37:37:687:268 Peer List Entry 0012A2C0
10-20: 03:41:22:687:268 Peer List Entry 0012A2C0
10-20: 03:45:07:687:268 Peer List Entry 0012A2C0
10-20: 03:47:26:484:784 isadb_schedule_kill_oldPolicy_sas:
66a57ff4-a924-4a6b-a9e91960d5489021 4
10-20: 03:47:26:484:784 isadb_schedule_kill_oldPolicy_sas:
0dca029a-ca48-4b2e-a75de67d561a05f7 4
10-20: 03:47:26:484:784 isadb_schedule_kill_oldPolicy_sas:
4f8acc8a-57eb-44b1-97093c914d2ca3ef 3
10-20: 03:47:26:484:784 isadb_schedule_kill_oldPolicy_sas:
f35d4ba5-c64d-4fcc-84fbf517802716bd 3
10-20: 03:47:26:484:784 isadb_schedule_kill_oldPolicy_sas:
be99702c-d5f0-4288-ba3339631d71cda9 1
10-20: 03:47:26:484:268 QM Deleted. Notify from driver: Src
192.168.223.15 Dest 0.0.0.0 InSPI 3687822412 OutSpi 4116185746 Tunnel
bbfb4b18 TunnelFilter 0
10-20: 03:47:26:484:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
0 QMCount 0
10-20: 03:47:26:484:268 constructing ISAKMP Header
10-20: 03:47:26:484:268 constructing HASH (null)
10-20: 03:47:26:484:268 Construct QM Delete Spi 3687822412
10-20: 03:47:26:484:268 constructing HASH (Notify/Delete)
10-20: 03:47:26:484:268 Not setting retransmit to downlevel client. SA
0011DAD0 Centry 00000000
10-20: 03:47:26:484:268
10-20: 03:47:26:484:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
1.4500
10-20: 03:47:26:484:268 ISAKMP Header: (V1.0), len = 68
10-20: 03:47:26:484:268 I-COOKIE 39c3ef73e9414846
10-20: 03:47:26:484:268 R-COOKIE 8b4e99d8511141fc
10-20: 03:47:26:484:268 exchange: ISAKMP Informational Exchange
10-20: 03:47:26:484:268 flags: 1 ( encrypted )
10-20: 03:47:26:484:268 next payload: HASH
10-20: 03:47:26:484:268 message ID: b880ae29
10-20: 03:47:26:484:268 Ports S:9411 D:9411
10-20: 03:47:26:484:268 PrivatePeerAddr 0
10-20: 03:47:26:484:784 isadb_schedule_kill_oldPolicy_sas:
f53078be-bfb6-49f7-b26cd8c6879b89aa 2
10-20: 03:47:26:500:268 entered kill_old_policy_sas 4
10-20: 03:47:26:500:268 entered kill_old_policy_sas 4
10-20: 03:47:26:500:268 entered kill_old_policy_sas 3
10-20: 03:47:26:500:268 entered kill_old_policy_sas 3
10-20: 03:47:26:500:268 entered kill_old_policy_sas 1
10-20: 03:47:26:500:268 entered kill_old_policy_sas 2
10-20: 03:47:27:890:7e8 Acquire from driver: op=00000008
src=192.168.223.15.0 dst=10.1.1.36.0 proto = 0, SrcMask=255.255.255.255,
DstMask=0.0.0.0, Tunnel 1, TunnelEndpt=x.x.x.187 Inbound
TunnelEndpt=192.168.223.15
10-20: 03:47:27:890:268 Filter to match: Src x.x.x.187 Dst
192.168.223.15
10-20: 03:47:27:890:268 MM PolicyName: 3
10-20: 03:47:27:890:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
10-20: 03:47:27:890:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
10-20: 03:47:27:890:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
10-20: 03:47:27:890:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
CN=NiagaraCA AuthFlags 0
10-20: 03:47:27:890:268 QM PolicyName: x4
{ef25391b-b19e-47b4-8584-b1c0c3cf0c21} dwFlags 1
10-20: 03:47:27:890:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
10-20: 03:47:27:890:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-20: 03:47:27:890:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:47:27:890:268 Starting Negotiation: src = 192.168.223.15.0500,
dst = x.x.x.187.0500, proto = 00, context = 00000008, ProxySrc =
192.168.223.15.0000, ProxyDst = 0.0.0.0.0000 SrcMask = 255.255.255.255
DstMask = 0.0.0.0
10-20: 03:47:27:890:268 constructing ISAKMP Header
10-20: 03:47:27:890:268 constructing SA (ISAKMP)
10-20: 03:47:27:890:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
10-20: 03:47:27:890:268 Constructing Vendor FRAGMENTATION
10-20: 03:47:27:890:268 Constructing Vendor
draft-ietf-ipsec-nat-t-ike-02
10-20: 03:47:27:890:268 Constructing Vendor Vid-Initial-Contact
10-20: 03:47:27:890:268
10-20: 03:47:27:890:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
10-20: 03:47:27:890:268 ISAKMP Header: (V1.0), len = 168
10-20: 03:47:27:890:268 I-COOKIE eb8d01078627ffee
10-20: 03:47:27:890:268 R-COOKIE 0000000000000000
10-20: 03:47:27:890:268 exchange: Oakley Main Mode
10-20: 03:47:27:890:268 flags: 0
10-20: 03:47:27:890:268 next payload: SA
10-20: 03:47:27:890:268 message ID: 00000000
10-20: 03:47:27:890:268 Ports S:f401 D:f401
10-20: 03:47:27:890:268
10-20: 03:47:27:890:268 Receive: (get) SA = 0x000e86b8 from
x.x.x.187.500
10-20: 03:47:27:890:268 ISAKMP Header: (V1.0), len = 140
10-20: 03:47:27:890:268 I-COOKIE eb8d01078627ffee
10-20: 03:47:27:890:268 R-COOKIE 793c34647566e6f7
10-20: 03:47:27:890:268 exchange: Oakley Main Mode
10-20: 03:47:27:890:268 flags: 0
10-20: 03:47:27:890:268 next payload: SA
10-20: 03:47:27:890:268 message ID: 00000000
10-20: 03:47:27:890:268 processing payload SA
10-20: 03:47:27:890:268 Received Phase 1 Transform 1
10-20: 03:47:27:890:268 Encryption Alg Triple DES CBC(5)
10-20: 03:47:27:890:268 Hash Alg SHA(2)
10-20: 03:47:27:890:268 Oakley Group 2
10-20: 03:47:27:890:268 Auth Method RSA Signature with
Certificates(3)
10-20: 03:47:27:890:268 Life type in Seconds
10-20: 03:47:27:890:268 Life duration of 300
10-20: 03:47:27:890:268 Phase 1 SA accepted: transform=1
10-20: 03:47:27:890:268 SA - Oakley proposal accepted
10-20: 03:47:27:890:268 processing payload VENDOR ID
10-20: 03:47:27:890:268 processing payload VENDOR ID
10-20: 03:47:27:890:268 processing payload VENDOR ID
10-20: 03:47:27:890:268 Received VendorId draft-ietf-ipsec-nat-t-ike-02
10-20: 03:47:27:890:268 ClearFragList
10-20: 03:47:27:890:268 constructing ISAKMP Header
10-20: 03:47:27:921:268 constructing KE
10-20: 03:47:27:921:268 constructing NONCE (ISAKMP)
10-20: 03:47:27:921:268 Constructing NatDisc
10-20: 03:47:27:921:268
10-20: 03:47:27:921:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
10-20: 03:47:27:921:268 ISAKMP Header: (V1.0), len = 232
10-20: 03:47:27:921:268 I-COOKIE eb8d01078627ffee
10-20: 03:47:27:921:268 R-COOKIE 793c34647566e6f7
10-20: 03:47:27:921:268 exchange: Oakley Main Mode
10-20: 03:47:27:921:268 flags: 0
10-20: 03:47:27:921:268 next payload: KE
10-20: 03:47:27:921:268 message ID: 00000000
10-20: 03:47:27:921:268 Ports S:f401 D:f401
10-20: 03:47:27:937:268
10-20: 03:47:27:937:268 Receive: (get) SA = 0x000e86b8 from
x.x.x.187.500
10-20: 03:47:27:937:268 ISAKMP Header: (V1.0), len = 228
10-20: 03:47:27:937:268 I-COOKIE eb8d01078627ffee
10-20: 03:47:27:937:268 R-COOKIE 793c34647566e6f7
10-20: 03:47:27:937:268 exchange: Oakley Main Mode
10-20: 03:47:27:937:268 flags: 0
10-20: 03:47:27:937:268 next payload: KE
10-20: 03:47:27:937:268 message ID: 00000000
10-20: 03:47:27:937:268 processing payload KE
10-20: 03:47:27:953:268 processing payload NONCE
10-20: 03:47:27:953:268 processing payload NATDISC
10-20: 03:47:27:953:268 Processing NatHash
10-20: 03:47:27:953:268 Nat hash b56804c793429df2df197b7e4aeef26d
10-20: 03:47:27:953:268 d0790e26
10-20: 03:47:27:953:268 SA StateMask2 1f
10-20: 03:47:27:953:268 processing payload NATDISC
10-20: 03:47:27:953:268 Processing NatHash
10-20: 03:47:27:953:268 Nat hash 9204d68b9d5b0588817fdb7a1d3f1709
10-20: 03:47:27:953:268 7fdb1bcf
10-20: 03:47:27:953:268 SA StateMask2 5f
10-20: 03:47:27:953:268 ClearFragList
10-20: 03:47:27:953:268 Peer behind NAT
10-20: 03:47:27:953:268 Floated Ports Orig Me:f401 Peer:f401
10-20: 03:47:27:953:268 Floated Ports Me:9411 Peer:9411
10-20: 03:47:27:953:268 constructing ISAKMP Header
10-20: 03:47:27:953:268 constructing ID
10-20: 03:47:27:953:268 Received no valid CRPs. Using all configured
10-20: 03:47:27:953:268 Looking for IPSec only cert
10-20: 03:47:27:953:268 failed to get chain 80092004
10-20: 03:47:27:953:268 Looking for any cert
10-20: 03:47:27:953:268 Cert Trustes. 0 100
10-20: 03:47:27:953:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 03:47:27:953:268 6fb09c33
10-20: 03:47:27:953:268 Entered CRL check
10-20: 03:47:27:953:268 Left CRL check
10-20: 03:47:27:953:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 03:47:27:953:268 6fb09c33
10-20: 03:47:27:953:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
O=Atlas, CN=john.sullivan
10-20: 03:47:27:953:268 Cert Serialnumber 32
10-20: 03:47:27:953:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 03:47:27:953:268 6fb09c33
10-20: 03:47:27:953:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 03:47:27:953:268 Cert Serialnumber 00
10-20: 03:47:27:953:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 03:47:27:953:268 7e34f701
10-20: 03:47:27:953:268 Not storing My cert chain in SA.
10-20: 03:47:27:953:268 MM ID Type 9
10-20: 03:47:27:953:268 MM ID 3061310b300906035504061302555331
10-20: 03:47:27:953:268 0d300b060355040b130445786563310d
10-20: 03:47:27:953:268 300b060355040b1304436f6e73310c30
10-20: 03:47:27:953:268 0a060355040b1303456e67310e300c06
10-20: 03:47:27:953:268 0355040a130541746c61733116301406
10-20: 03:47:27:953:268 03550403130d6a6f686e2e73756c6c69
10-20: 03:47:27:953:268 76616e
10-20: 03:47:27:953:268 constructing CERT
10-20: 03:47:27:953:268 Construct SIG
10-20: 03:47:27:953:268 Constructing Cert Request
10-20: 03:47:27:953:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 03:47:27:953:268
10-20: 03:47:27:953:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
2.4500
10-20: 03:47:27:953:268 ISAKMP Header: (V1.0), len = 1188
10-20: 03:47:27:953:268 I-COOKIE eb8d01078627ffee
10-20: 03:47:27:953:268 R-COOKIE 793c34647566e6f7
10-20: 03:47:27:953:268 exchange: Oakley Main Mode
10-20: 03:47:27:953:268 flags: 1 ( encrypted )
10-20: 03:47:27:953:268 next payload: ID
10-20: 03:47:27:953:268 message ID: 00000000
10-20: 03:47:27:953:268 Ports S:9411 D:9411
10-20: 03:47:27:968:268
10-20: 03:47:27:968:268 Receive: (get) SA = 0x000e86b8 from
x.x.x.187.4500
10-20: 03:47:27:968:268 ISAKMP Header: (V1.0), len = 1036
10-20: 03:47:27:968:268 I-COOKIE eb8d01078627ffee
10-20: 03:47:27:968:268 R-COOKIE 793c34647566e6f7
10-20: 03:47:27:968:268 exchange: Oakley Main Mode
10-20: 03:47:27:968:268 flags: 1 ( encrypted )
10-20: 03:47:27:968:268 next payload: ID
10-20: 03:47:27:968:268 message ID: 00000000
10-20: 03:47:27:968:268 processing payload ID
10-20: 03:47:27:968:268 processing payload CERT
10-20: 03:47:27:968:268 processing payload SIG
10-20: 03:47:27:968:268 Verifying CertStore
10-20: 03:47:27:968:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 03:47:27:968:268 Cert Serialnumber 31
10-20: 03:47:27:968:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 03:47:27:968:268 810b3d66
10-20: 03:47:27:968:268 Cert Trustes. 0 100
10-20: 03:47:27:968:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 03:47:27:968:268 Cert Serialnumber 31
10-20: 03:47:27:968:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 03:47:27:968:268 810b3d66
10-20: 03:47:27:968:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 03:47:27:968:268 Cert Serialnumber 00
10-20: 03:47:27:968:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 03:47:27:968:268 7e34f701
10-20: 03:47:27:968:268 Not storing Peer's cert chain in SA.
10-20: 03:47:27:968:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 03:47:27:968:268 810b3d66
10-20: 03:47:27:968:268 Entered CRL check
10-20: 03:47:27:968:268 Left CRL check
10-20: 03:47:27:968:268 Signature validated
10-20: 03:47:27:968:268 ClearFragList
10-20: 03:47:27:968:268 MM established. SA: 000E86B8
10-20: 03:47:27:968:268 QM PolicyName: x4
{ef25391b-b19e-47b4-8584-b1c0c3cf0c21} dwFlags 1
10-20: 03:47:27:968:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
10-20: 03:47:27:968:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-20: 03:47:27:968:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:47:27:968:268 GetSpi: src = 0.0.0.0.0000, dst =
192.168.223.15.0000, proto = 00, context = 00000008, srcMask = 0.0.0.0,
destMask = 255.255.255.255, TunnelFilter 1
10-20: 03:47:27:968:268 Setting SPI 3421024525
10-20: 03:47:27:968:268 constructing ISAKMP Header
10-20: 03:47:27:968:268 constructing HASH (null)
10-20: 03:47:27:968:268 constructing SA (IPSEC)
10-20: 03:47:27:968:268 constructing QM KE
10-20: 03:47:28:0:268 constructing NONCE (IPSEC)
10-20: 03:47:28:0:268 constructing ID (proxy)
10-20: 03:47:28:0:268 constructing ID (proxy)
10-20: 03:47:28:0:268 constructing HASH (QM)
10-20: 03:47:28:0:268
10-20: 03:47:28:0:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.4500
10-20: 03:47:28:0:268 ISAKMP Header: (V1.0), len = 284
10-20: 03:47:28:0:268 I-COOKIE eb8d01078627ffee
10-20: 03:47:28:0:268 R-COOKIE 793c34647566e6f7
10-20: 03:47:28:0:268 exchange: Oakley Quick Mode
10-20: 03:47:28:0:268 flags: 1 ( encrypted )
10-20: 03:47:28:0:268 next payload: HASH
10-20: 03:47:28:0:268 message ID: 5001cdcc
10-20: 03:47:28:0:268 Ports S:9411 D:9411
10-20: 03:47:28:15:268
10-20: 03:47:28:15:268 Receive: (get) SA = 0x000e86b8 from
x.x.x.187.4500
10-20: 03:47:28:15:268 ISAKMP Header: (V1.0), len = 276
10-20: 03:47:28:15:268 I-COOKIE eb8d01078627ffee
10-20: 03:47:28:15:268 R-COOKIE 793c34647566e6f7
10-20: 03:47:28:15:268 exchange: Oakley Quick Mode
10-20: 03:47:28:15:268 flags: 1 ( encrypted )
10-20: 03:47:28:15:268 next payload: HASH
10-20: 03:47:28:15:268 message ID: 5001cdcc
10-20: 03:47:28:15:268 processing HASH (QM)
10-20: 03:47:28:15:268 ClearFragList
10-20: 03:47:28:15:268 processing payload NONCE
10-20: 03:47:28:15:268 processing payload KE
10-20: 03:47:28:15:268 Quick Mode KE processed; Saved KE data
10-20: 03:47:28:15:268 processing payload ID
10-20: 03:47:28:15:268 processing payload ID
10-20: 03:47:28:15:268 processing payload SA
10-20: 03:47:28:15:268 Negotiated Proxy ID: Src 192.168.223.15.0 Dst
0.0.0.0.0
10-20: 03:47:28:15:268 Dst id for subnet. Mask 0.0.0.0
10-20: 03:47:28:15:268 Checking Proposal 1: Proto= ESP(3), num trans=1
Next=0
10-20: 03:47:28:15:268 Checking Transform # 1: ID=Triple DES CBC(3)
10-20: 03:47:28:15:268 tunnel mode is 61443(61443)
10-20: 03:47:28:15:268 HMAC algorithm is SHA(2)
10-20: 03:47:28:15:268 group description for PFS is 2
10-20: 03:47:28:15:268 Phase 2 SA accepted: proposal=1 transform=1
10-20: 03:47:28:31:268 constructing ISAKMP Header
10-20: 03:47:28:31:268 constructing HASH (QM)
10-20: 03:47:28:31:268 isadb_find_peer_entry found entry
10-20: 03:47:28:31:268 Adding QMs: src = 192.168.223.15.0000, dst =
0.0.0.0.0000, proto = 00, context = 00000008, my tunnel =
192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 2
EncapType 3
10-20: 03:47:28:31:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:47:28:31:268 Algo[0] MySpi: 3421024525 PeerSpi: 4116185806
10-20: 03:47:28:31:268 Encap Ports Src 4500 Dst 4500
10-20: 03:47:28:31:268 Skipping Outbound SA add
10-20: 03:47:28:31:268 isadb_find_peer_entry found entry
10-20: 03:47:28:31:268 Adding QMs: src = 192.168.223.15.0000, dst =
0.0.0.0.0000, proto = 00, context = 00000008, my tunnel =
192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 3
EncapType 3
10-20: 03:47:28:31:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:47:28:31:268 Algo[0] MySpi: 3421024525 PeerSpi: 4116185806
10-20: 03:47:28:31:268 Encap Ports Src 4500 Dst 4500
10-20: 03:47:28:31:268 Skipping Inbound SA add
10-20: 03:47:28:31:268 isadb_find_peer_entry found entry
10-20: 03:47:28:31:268 Leaving adjust_peer_list entry 0012A2C0 MMCount 0
QMCount 1
10-20: 03:47:28:31:268 isadb_set_status sa:000E86B8 centry:000E6760
status 0
10-20: 03:47:28:31:268
10-20: 03:47:28:31:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 4.4500
10-20: 03:47:28:31:268 ISAKMP Header: (V1.0), len = 52
10-20: 03:47:28:31:268 I-COOKIE eb8d01078627ffee
10-20: 03:47:28:31:268 R-COOKIE 793c34647566e6f7
10-20: 03:47:28:31:268 exchange: Oakley Quick Mode
10-20: 03:47:28:31:268 flags: 1 ( encrypted )
10-20: 03:47:28:31:268 next payload: HASH
10-20: 03:47:28:31:268 message ID: 5001cdcc
10-20: 03:47:28:31:268 Ports S:9411 D:9411
10-20: 03:48:07:703:268 ClearFragList
10-20: 03:48:28:46:268 CE Dead. sa:000E86B8 ce:000E6760 status:35ef
10-20: 03:48:52:718:268 Peer List Entry 0012A2C0
10-20: 03:49:30:984:784 isadb_schedule_kill_oldPolicy_sas:
8cf2eea9-be77-49ba-916cfdb6fe6cad8f 4
10-20: 03:49:30:984:784 isadb_schedule_kill_oldPolicy_sas:
0873d97f-191b-49a4-bed2d303fb0b85e2 4
10-20: 03:49:30:984:784 isadb_schedule_kill_oldPolicy_sas:
2a353fe5-f08f-4ee6-8ac2e7563e61689c 3
10-20: 03:49:30:984:784 isadb_schedule_kill_oldPolicy_sas:
ceb3d732-1a1b-4dc1-8dd48ab2895bae65 3
10-20: 03:49:30:984:784 isadb_schedule_kill_oldPolicy_sas:
a66336a5-f653-4650-a26814645e0da224 1
10-20: 03:49:30:984:784 isadb_schedule_kill_oldPolicy_sas:
ef25391b-b19e-47b4-8584b1c0c3cf0c21 2
10-20: 03:49:30:984:268 QM Deleted. Notify from driver: Src
192.168.223.15 Dest 0.0.0.0 InSPI 3421024525 OutSpi 4116185806 Tunnel
bbfb4b18 TunnelFilter 0
10-20: 03:49:30:984:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
0 QMCount 0
10-20: 03:49:30:984:268 constructing ISAKMP Header
10-20: 03:49:30:984:268 constructing HASH (null)
10-20: 03:49:30:984:268 Construct QM Delete Spi 3421024525
10-20: 03:49:30:984:268 constructing HASH (Notify/Delete)
10-20: 03:49:30:984:268 Not setting retransmit to downlevel client. SA
000E86B8 Centry 00000000
10-20: 03:49:30:984:268
10-20: 03:49:30:984:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
1.4500
10-20: 03:49:30:984:268 ISAKMP Header: (V1.0), len = 68
10-20: 03:49:30:984:268 I-COOKIE eb8d01078627ffee
10-20: 03:49:30:984:268 R-COOKIE 793c34647566e6f7
10-20: 03:49:30:984:268 exchange: ISAKMP Informational Exchange
10-20: 03:49:30:984:268 flags: 1 ( encrypted )
10-20: 03:49:30:984:268 next payload: HASH
10-20: 03:49:30:984:268 message ID: 6796a77a
10-20: 03:49:30:984:268 Ports S:9411 D:9411
10-20: 03:49:30:984:268 PrivatePeerAddr 0
10-20: 03:49:31:0:268 entered kill_old_policy_sas 4
10-20: 03:49:31:0:268 SA Dead. sa:000E86B8 status:3619
10-20: 03:49:31:0:268 isadb_set_status sa:000E86B8 centry:00000000
status 3619
10-20: 03:49:31:0:be8 entered kill_old_policy_sas 4
10-20: 03:49:31:375:268 constructing ISAKMP Header
10-20: 03:49:31:375:268 constructing HASH (null)
10-20: 03:49:31:375:268 constructing DELETE. MM 000E86B8
10-20: 03:49:31:375:268 constructing HASH (Notify/Delete)
10-20: 03:49:31:375:268 Not setting retransmit to downlevel client. SA
000E86B8 Centry 00000000
10-20: 03:49:31:375:268
10-20: 03:49:31:375:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
1.4500
10-20: 03:49:31:375:268 ISAKMP Header: (V1.0), len = 84
10-20: 03:49:31:375:268 I-COOKIE eb8d01078627ffee
10-20: 03:49:31:375:268 R-COOKIE 793c34647566e6f7
10-20: 03:49:31:375:268 exchange: ISAKMP Informational Exchange
10-20: 03:49:31:375:268 flags: 1 ( encrypted )
10-20: 03:49:31:375:268 next payload: HASH
10-20: 03:49:31:375:268 message ID: 23cffb4d
10-20: 03:49:31:375:268 Ports S:9411 D:9411
10-20: 03:49:31:375:268 entered kill_old_policy_sas 3
10-20: 03:49:31:375:268 entered kill_old_policy_sas 3
10-20: 03:49:31:375:268 entered kill_old_policy_sas 1
10-20: 03:49:31:375:268 entered kill_old_policy_sas 2
10-20: 03:49:32:265:7e8 Acquire from driver: op=00000009
src=192.168.223.15.0 dst=10.1.1.36.0 proto = 0, SrcMask=255.255.255.255,
DstMask=0.0.0.0, Tunnel 1, TunnelEndpt=x.x.x.187 Inbound
TunnelEndpt=192.168.223.15
10-20: 03:49:32:265:268 Filter to match: Src x.x.x.187 Dst
192.168.223.15
10-20: 03:49:32:265:268 MM PolicyName: 4
10-20: 03:49:32:265:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
10-20: 03:49:32:265:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
10-20: 03:49:32:265:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
10-20: 03:49:32:265:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
CN=NiagaraCA AuthFlags 0
10-20: 03:49:32:265:268 QM PolicyName: x4
{ac4b757d-69c4-4127-b5ac-5a3512086a4d} dwFlags 1
10-20: 03:49:32:265:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
10-20: 03:49:32:265:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-20: 03:49:32:265:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:49:32:265:268 Starting Negotiation: src = 192.168.223.15.0500,
dst = x.x.x.187.0500, proto = 00, context = 00000009, ProxySrc =
192.168.223.15.0000, ProxyDst = 0.0.0.0.0000 SrcMask = 255.255.255.255
DstMask = 0.0.0.0
10-20: 03:49:32:265:268 constructing ISAKMP Header
10-20: 03:49:32:265:268 constructing SA (ISAKMP)
10-20: 03:49:32:265:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
10-20: 03:49:32:265:268 Constructing Vendor FRAGMENTATION
10-20: 03:49:32:265:268 Constructing Vendor
draft-ietf-ipsec-nat-t-ike-02
10-20: 03:49:32:265:268 Constructing Vendor Vid-Initial-Contact
10-20: 03:49:32:265:268
10-20: 03:49:32:265:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
10-20: 03:49:32:265:268 ISAKMP Header: (V1.0), len = 168
10-20: 03:49:32:265:268 I-COOKIE ce0b2fd0e5d07bd8
10-20: 03:49:32:265:268 R-COOKIE 0000000000000000
10-20: 03:49:32:265:268 exchange: Oakley Main Mode
10-20: 03:49:32:265:268 flags: 0
10-20: 03:49:32:265:268 next payload: SA
10-20: 03:49:32:265:268 message ID: 00000000
10-20: 03:49:32:265:268 Ports S:f401 D:f401
10-20: 03:49:32:265:268
10-20: 03:49:32:265:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.500
10-20: 03:49:32:265:268 ISAKMP Header: (V1.0), len = 140
10-20: 03:49:32:265:268 I-COOKIE ce0b2fd0e5d07bd8
10-20: 03:49:32:265:268 R-COOKIE b82afdabca16ec30
10-20: 03:49:32:265:268 exchange: Oakley Main Mode
10-20: 03:49:32:265:268 flags: 0
10-20: 03:49:32:265:268 next payload: SA
10-20: 03:49:32:265:268 message ID: 00000000
10-20: 03:49:32:265:268 processing payload SA
10-20: 03:49:32:265:268 Received Phase 1 Transform 1
10-20: 03:49:32:265:268 Encryption Alg Triple DES CBC(5)
10-20: 03:49:32:265:268 Hash Alg SHA(2)
10-20: 03:49:32:265:268 Oakley Group 2
10-20: 03:49:32:265:268 Auth Method RSA Signature with
Certificates(3)
10-20: 03:49:32:265:268 Life type in Seconds
10-20: 03:49:32:265:268 Life duration of 300
10-20: 03:49:32:265:268 Phase 1 SA accepted: transform=1
10-20: 03:49:32:265:268 SA - Oakley proposal accepted
10-20: 03:49:32:265:268 processing payload VENDOR ID
10-20: 03:49:32:265:268 processing payload VENDOR ID
10-20: 03:49:32:265:268 processing payload VENDOR ID
10-20: 03:49:32:265:268 Received VendorId draft-ietf-ipsec-nat-t-ike-02
10-20: 03:49:32:265:268 ClearFragList
10-20: 03:49:32:265:268 constructing ISAKMP Header
10-20: 03:49:32:296:268 constructing KE
10-20: 03:49:32:296:268 constructing NONCE (ISAKMP)
10-20: 03:49:32:296:268 Constructing NatDisc
10-20: 03:49:32:296:268
10-20: 03:49:32:296:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
10-20: 03:49:32:296:268 ISAKMP Header: (V1.0), len = 232
10-20: 03:49:32:296:268 I-COOKIE ce0b2fd0e5d07bd8
10-20: 03:49:32:296:268 R-COOKIE b82afdabca16ec30
10-20: 03:49:32:296:268 exchange: Oakley Main Mode
10-20: 03:49:32:296:268 flags: 0
10-20: 03:49:32:296:268 next payload: KE
10-20: 03:49:32:296:268 message ID: 00000000
10-20: 03:49:32:296:268 Ports S:f401 D:f401
10-20: 03:49:32:312:268
10-20: 03:49:32:312:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.500
10-20: 03:49:32:312:268 ISAKMP Header: (V1.0), len = 228
10-20: 03:49:32:312:268 I-COOKIE ce0b2fd0e5d07bd8
10-20: 03:49:32:312:268 R-COOKIE b82afdabca16ec30
10-20: 03:49:32:312:268 exchange: Oakley Main Mode
10-20: 03:49:32:312:268 flags: 0
10-20: 03:49:32:312:268 next payload: KE
10-20: 03:49:32:312:268 message ID: 00000000
10-20: 03:49:32:312:268 processing payload KE
10-20: 03:49:32:312:268 processing payload NONCE
10-20: 03:49:32:312:268 processing payload NATDISC
10-20: 03:49:32:312:268 Processing NatHash
10-20: 03:49:32:312:268 Nat hash b5b5256165fd9b6ba1c37097ef5d39bc
10-20: 03:49:32:312:268 9c3f094b
10-20: 03:49:32:312:268 SA StateMask2 1f
10-20: 03:49:32:312:268 processing payload NATDISC
10-20: 03:49:32:312:268 Processing NatHash
10-20: 03:49:32:312:268 Nat hash 346777a051f8cf5d2786df02fc3de2b2
10-20: 03:49:32:312:268 89cbb2c9
10-20: 03:49:32:312:268 SA StateMask2 5f
10-20: 03:49:32:312:268 ClearFragList
10-20: 03:49:32:312:268 Peer behind NAT
10-20: 03:49:32:312:268 Floated Ports Orig Me:f401 Peer:f401
10-20: 03:49:32:312:268 Floated Ports Me:9411 Peer:9411
10-20: 03:49:32:312:268 constructing ISAKMP Header
10-20: 03:49:32:312:268 constructing ID
10-20: 03:49:32:312:268 Received no valid CRPs. Using all configured
10-20: 03:49:32:312:268 Looking for IPSec only cert
10-20: 03:49:32:312:268 failed to get chain 80092004
10-20: 03:49:32:312:268 Looking for any cert
10-20: 03:49:32:312:268 Cert Trustes. 0 100
10-20: 03:49:32:312:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 03:49:32:312:268 6fb09c33
10-20: 03:49:32:328:268 Entered CRL check
10-20: 03:49:32:328:268 Left CRL check
10-20: 03:49:32:328:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 03:49:32:328:268 6fb09c33
10-20: 03:49:32:328:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
O=Atlas, CN=john.sullivan
10-20: 03:49:32:328:268 Cert Serialnumber 32
10-20: 03:49:32:328:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 03:49:32:328:268 6fb09c33
10-20: 03:49:32:328:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 03:49:32:328:268 Cert Serialnumber 00
10-20: 03:49:32:328:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 03:49:32:328:268 7e34f701
10-20: 03:49:32:328:268 Not storing My cert chain in SA.
10-20: 03:49:32:328:268 MM ID Type 9
10-20: 03:49:32:328:268 MM ID 3061310b300906035504061302555331
10-20: 03:49:32:328:268 0d300b060355040b130445786563310d
10-20: 03:49:32:328:268 300b060355040b1304436f6e73310c30
10-20: 03:49:32:328:268 0a060355040b1303456e67310e300c06
10-20: 03:49:32:328:268 0355040a130541746c61733116301406
10-20: 03:49:32:328:268 03550403130d6a6f686e2e73756c6c69
10-20: 03:49:32:328:268 76616e
10-20: 03:49:32:328:268 constructing CERT
10-20: 03:49:32:328:268 Construct SIG
10-20: 03:49:32:328:268 Constructing Cert Request
10-20: 03:49:32:328:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 03:49:32:328:268
10-20: 03:49:32:328:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
2.4500
10-20: 03:49:32:328:268 ISAKMP Header: (V1.0), len = 1188
10-20: 03:49:32:328:268 I-COOKIE ce0b2fd0e5d07bd8
10-20: 03:49:32:328:268 R-COOKIE b82afdabca16ec30
10-20: 03:49:32:328:268 exchange: Oakley Main Mode
10-20: 03:49:32:328:268 flags: 1 ( encrypted )
10-20: 03:49:32:328:268 next payload: ID
10-20: 03:49:32:328:268 message ID: 00000000
10-20: 03:49:32:328:268 Ports S:9411 D:9411
10-20: 03:49:32:343:268
10-20: 03:49:32:343:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.4500
10-20: 03:49:32:343:268 ISAKMP Header: (V1.0), len = 1036
10-20: 03:49:32:343:268 I-COOKIE ce0b2fd0e5d07bd8
10-20: 03:49:32:343:268 R-COOKIE b82afdabca16ec30
10-20: 03:49:32:343:268 exchange: Oakley Main Mode
10-20: 03:49:32:343:268 flags: 1 ( encrypted )
10-20: 03:49:32:343:268 next payload: ID
10-20: 03:49:32:343:268 message ID: 00000000
10-20: 03:49:32:343:268 processing payload ID
10-20: 03:49:32:343:268 processing payload CERT
10-20: 03:49:32:343:268 processing payload SIG
10-20: 03:49:32:343:268 Verifying CertStore
10-20: 03:49:32:343:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 03:49:32:343:268 Cert Serialnumber 31
10-20: 03:49:32:343:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 03:49:32:343:268 810b3d66
10-20: 03:49:32:343:268 Cert Trustes. 0 100
10-20: 03:49:32:343:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 03:49:32:343:268 Cert Serialnumber 31
10-20: 03:49:32:343:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 03:49:32:343:268 810b3d66
10-20: 03:49:32:343:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 03:49:32:343:268 Cert Serialnumber 00
10-20: 03:49:32:343:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 03:49:32:343:268 7e34f701
10-20: 03:49:32:343:268 Not storing Peer's cert chain in SA.
10-20: 03:49:32:343:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 03:49:32:343:268 810b3d66
10-20: 03:49:32:343:268 Entered CRL check
10-20: 03:49:32:343:268 Left CRL check
10-20: 03:49:32:343:268 Signature validated
10-20: 03:49:32:343:268 ClearFragList
10-20: 03:49:32:343:268 MM established. SA: 0011DAD0
10-20: 03:49:32:343:268 QM PolicyName: x4
{ac4b757d-69c4-4127-b5ac-5a3512086a4d} dwFlags 1
10-20: 03:49:32:343:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
10-20: 03:49:32:343:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-20: 03:49:32:343:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:49:32:343:268 GetSpi: src = 0.0.0.0.0000, dst =
192.168.223.15.0000, proto = 00, context = 00000009, srcMask = 0.0.0.0,
destMask = 255.255.255.255, TunnelFilter 1
10-20: 03:49:32:343:268 Setting SPI 2987734217
10-20: 03:49:32:343:268 constructing ISAKMP Header
10-20: 03:49:32:343:268 constructing HASH (null)
10-20: 03:49:32:343:268 constructing SA (IPSEC)
10-20: 03:49:32:343:268 constructing QM KE
10-20: 03:49:32:375:268 constructing NONCE (IPSEC)
10-20: 03:49:32:375:268 constructing ID (proxy)
10-20: 03:49:32:375:268 constructing ID (proxy)
10-20: 03:49:32:375:268 constructing HASH (QM)
10-20: 03:49:32:375:268
10-20: 03:49:32:375:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
2.4500
10-20: 03:49:32:375:268 ISAKMP Header: (V1.0), len = 284
10-20: 03:49:32:375:268 I-COOKIE ce0b2fd0e5d07bd8
10-20: 03:49:32:375:268 R-COOKIE b82afdabca16ec30
10-20: 03:49:32:375:268 exchange: Oakley Quick Mode
10-20: 03:49:32:375:268 flags: 1 ( encrypted )
10-20: 03:49:32:375:268 next payload: HASH
10-20: 03:49:32:375:268 message ID: dce08c6c
10-20: 03:49:32:375:268 Ports S:9411 D:9411
10-20: 03:49:32:390:268
10-20: 03:49:32:390:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.4500
10-20: 03:49:32:390:268 ISAKMP Header: (V1.0), len = 276
10-20: 03:49:32:390:268 I-COOKIE ce0b2fd0e5d07bd8
10-20: 03:49:32:390:268 R-COOKIE b82afdabca16ec30
10-20: 03:49:32:390:268 exchange: Oakley Quick Mode
10-20: 03:49:32:390:268 flags: 1 ( encrypted )
10-20: 03:49:32:390:268 next payload: HASH
10-20: 03:49:32:390:268 message ID: dce08c6c
10-20: 03:49:32:390:268 processing HASH (QM)
10-20: 03:49:32:390:268 ClearFragList
10-20: 03:49:32:390:268 processing payload NONCE
10-20: 03:49:32:390:268 processing payload KE
10-20: 03:49:32:390:268 Quick Mode KE processed; Saved KE data
10-20: 03:49:32:390:268 processing payload ID
10-20: 03:49:32:390:268 processing payload ID
10-20: 03:49:32:390:268 processing payload SA
10-20: 03:49:32:390:268 Negotiated Proxy ID: Src 192.168.223.15.0 Dst
0.0.0.0.0
10-20: 03:49:32:390:268 Dst id for subnet. Mask 0.0.0.0
10-20: 03:49:32:390:268 Checking Proposal 1: Proto= ESP(3), num trans=1
Next=0
10-20: 03:49:32:390:268 Checking Transform # 1: ID=Triple DES CBC(3)
10-20: 03:49:32:390:268 tunnel mode is 61443(61443)
10-20: 03:49:32:390:268 HMAC algorithm is SHA(2)
10-20: 03:49:32:390:268 group description for PFS is 2
10-20: 03:49:32:390:268 Phase 2 SA accepted: proposal=1 transform=1
10-20: 03:49:32:390:268 constructing ISAKMP Header
10-20: 03:49:32:390:268 constructing HASH (QM)
10-20: 03:49:32:390:268 isadb_find_peer_entry found entry
10-20: 03:49:32:390:268 Adding QMs: src = 192.168.223.15.0000, dst =
0.0.0.0.0000, proto = 00, context = 00000009, my tunnel =
192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 2
EncapType 3
10-20: 03:49:32:390:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:49:32:390:268 Algo[0] MySpi: 2987734217 PeerSpi: 431018819
10-20: 03:49:32:390:268 Encap Ports Src 4500 Dst 4500
10-20: 03:49:32:390:268 Skipping Outbound SA add
10-20: 03:49:32:390:268 isadb_find_peer_entry found entry
10-20: 03:49:32:390:268 Adding QMs: src = 192.168.223.15.0000, dst =
0.0.0.0.0000, proto = 00, context = 00000009, my tunnel =
192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 3
EncapType 3
10-20: 03:49:32:390:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 03:49:32:390:268 Algo[0] MySpi: 2987734217 PeerSpi: 431018819
10-20: 03:49:32:390:268 Encap Ports Src 4500 Dst 4500
10-20: 03:49:32:390:268 Skipping Inbound SA add
10-20: 03:49:32:390:268 isadb_find_peer_entry found entry
10-20: 03:49:32:390:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
0 QMCount 1
10-20: 03:49:32:390:268 isadb_set_status sa:0011DAD0 centry:000EA5E8
status 0
10-20: 03:49:32:390:268
10-20: 03:49:32:390:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
4.4500
10-20: 03:49:32:390:268 ISAKMP Header: (V1.0), len = 52
10-20: 03:49:32:390:268 I-COOKIE ce0b2fd0e5d07bd8
10-20: 03:49:32:390:268 R-COOKIE b82afdabca16ec30
10-20: 03:49:32:390:268 exchange: Oakley Quick Mode
10-20: 03:49:32:390:268 flags: 1 ( encrypted )
10-20: 03:49:32:390:268 next payload: HASH
10-20: 03:49:32:390:268 message ID: dce08c6c
10-20: 03:49:32:390:268 Ports S:9411 D:9411
10-20: 03:49:37:734:268 ClearFragList
10-20: 03:50:32:406:268 CE Dead. sa:0011DAD0 ce:000EA5E8 status:35ef
10-20: 03:52:37:750:268 Peer List Entry 0012A2C0
10-20: 03:53:32:375:268 Expire_sa SA=11dad0
10-20: 03:53:32:375:268 SA Dead. sa:0011DAD0 status:35ef
10-20: 03:53:32:375:268 isadb_set_status sa:0011DAD0 centry:00000000
status 35ef
10-20: 03:53:32:375:268 constructing ISAKMP Header
10-20: 03:53:32:375:268 constructing HASH (null)
10-20: 03:53:32:375:268 constructing DELETE. MM 0011DAD0
10-20: 03:53:32:375:268 constructing HASH (Notify/Delete)
10-20: 03:53:32:375:268 Not setting retransmit to downlevel client. SA
0011DAD0 Centry 00000000
10-20: 03:53:32:375:268
10-20: 03:53:32:375:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
1.4500
10-20: 03:53:32:375:268 ISAKMP Header: (V1.0), len = 84
10-20: 03:53:32:375:268 I-COOKIE ce0b2fd0e5d07bd8
10-20: 03:53:32:375:268 R-COOKIE b82afdabca16ec30
10-20: 03:53:32:375:268 exchange: ISAKMP Informational Exchange
10-20: 03:53:32:375:268 flags: 1 ( encrypted )
10-20: 03:53:32:375:268 next payload: HASH
10-20: 03:53:32:375:268 message ID: 86ccdaa2
10-20: 03:53:32:375:268 Ports S:9411 D:9411
10-20: 03:53:32:375:268
10-20: 03:53:32:375:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.4500
10-20: 03:53:32:375:268 ISAKMP Header: (V1.0), len = 84
10-20: 03:53:32:375:268 I-COOKIE ce0b2fd0e5d07bd8
10-20: 03:53:32:375:268 R-COOKIE b82afdabca16ec30
10-20: 03:53:32:375:268 exchange: ISAKMP Informational Exchange
10-20: 03:53:32:375:268 flags: 1 ( encrypted )
10-20: 03:53:32:375:268 next payload: HASH
10-20: 03:53:32:375:268 message ID: 51e33c0a
10-20: 03:53:32:375:268 processing HASH (Notify/Delete)
10-20: 03:53:32:375:268 processing payload DELETE
10-20: 03:56:22:781:268 Peer List Entry 0012A2C0
10-20: 04:00:07:781:268 Peer List Entry 0012A2C0
10-20: 04:03:52:781:268 Peer List Entry 0012A2C0
10-20: 04:07:37:781:268 Peer List Entry 0012A2C0
10-20: 04:11:22:781:268 Peer List Entry 0012A2C0
10-20: 04:15:07:781:268 Peer List Entry 0012A2C0
10-20: 04:18:52:781:268 Peer List Entry 0012A2C0
10-20: 04:22:37:781:268 Peer List Entry 0012A2C0
10-20: 04:24:17:984:784 isadb_schedule_kill_oldPolicy_sas:
b4bbb2f5-6dfb-4b57-a7aed6254e70595a 4
10-20: 04:24:17:984:784 isadb_schedule_kill_oldPolicy_sas:
b74c91fb-f2a0-4c81-a9b43ee1c7862918 4
10-20: 04:24:17:984:784 isadb_schedule_kill_oldPolicy_sas:
11d5cd3b-f168-4574-8c31546bc26c6e90 3
10-20: 04:24:17:984:784 isadb_schedule_kill_oldPolicy_sas:
e6fdce84-3435-4781-a1e9272324504abb 3
10-20: 04:24:17:984:784 isadb_schedule_kill_oldPolicy_sas:
9a1ad682-6afa-4fae-8f82f70c224fa2af 1
10-20: 04:24:17:984:268 QM Deleted. Notify from driver: Src
192.168.223.15 Dest 0.0.0.0 InSPI 2987734217 OutSpi 431018819 Tunnel
bbfb4b18 TunnelFilter 0
10-20: 04:24:17:984:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
0 QMCount 0
10-20: 04:24:17:984:268 constructing ISAKMP Header
10-20: 04:24:17:984:268 constructing HASH (null)
10-20: 04:24:17:984:268 Construct QM Delete Spi 2987734217
10-20: 04:24:17:984:268 constructing HASH (Notify/Delete)
10-20: 04:24:17:984:268 Not setting retransmit to downlevel client. SA
0011DAD0 Centry 00000000
10-20: 04:24:17:984:268
10-20: 04:24:17:984:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
1.4500
10-20: 04:24:17:984:268 ISAKMP Header: (V1.0), len = 68
10-20: 04:24:17:984:268 I-COOKIE ce0b2fd0e5d07bd8
10-20: 04:24:17:984:268 R-COOKIE b82afdabca16ec30
10-20: 04:24:17:984:268 exchange: ISAKMP Informational Exchange
10-20: 04:24:17:984:268 flags: 1 ( encrypted )
10-20: 04:24:17:984:268 next payload: HASH
10-20: 04:24:17:984:268 message ID: d4cb2fb5
10-20: 04:24:17:984:268 Ports S:9411 D:9411
10-20: 04:24:17:984:268 PrivatePeerAddr 0
10-20: 04:24:17:984:784 isadb_schedule_kill_oldPolicy_sas:
ac4b757d-69c4-4127-b5ac5a3512086a4d 2
10-20: 04:24:18:0:268 entered kill_old_policy_sas 4
10-20: 04:24:18:0:9a8 entered kill_old_policy_sas 4
10-20: 04:24:19:765:268 entered kill_old_policy_sas 3
10-20: 04:24:19:765:268 entered kill_old_policy_sas 3
10-20: 04:24:19:765:268 entered kill_old_policy_sas 1
10-20: 04:24:19:765:268 entered kill_old_policy_sas 2
10-20: 04:24:52:796:268 ClearFragList
10-20: 04:26:22:796:268 Peer List Entry 0012A2C0
10-20: 04:30:07:796:268 Peer List Entry 0012A2C0
10-20: 04:30:07:796:268 Release Encap state
10-20: 04:30:07:796:268 Remove PeerListEntry
10-20: 04:34:36:250:7e8 Acquire from driver: op=0000000A
src=192.168.223.15.0 dst=10.1.1.36.0 proto = 0, SrcMask=255.255.255.255,
DstMask=0.0.0.0, Tunnel 1, TunnelEndpt=x.x.x.187 Inbound
TunnelEndpt=192.168.223.15
10-20: 04:34:36:250:268 Filter to match: Src x.x.x.187 Dst
192.168.223.15
10-20: 04:34:36:250:268 MM PolicyName: 5
10-20: 04:34:36:250:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
10-20: 04:34:36:250:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
10-20: 04:34:36:250:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
10-20: 04:34:36:250:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
CN=NiagaraCA AuthFlags 0
10-20: 04:34:36:250:268 QM PolicyName: x4
{e461b6aa-60fd-4442-a2ab-673ed8751641} dwFlags 1
10-20: 04:34:36:250:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
10-20: 04:34:36:250:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-20: 04:34:36:250:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 04:34:36:250:268 Starting Negotiation: src = 192.168.223.15.0500,
dst = x.x.x.187.0500, proto = 00, context = 0000000A, ProxySrc =
192.168.223.15.0000, ProxyDst = 0.0.0.0.0000 SrcMask = 255.255.255.255
DstMask = 0.0.0.0
10-20: 04:34:36:250:268 constructing ISAKMP Header
10-20: 04:34:36:250:268 constructing SA (ISAKMP)
10-20: 04:34:36:250:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
10-20: 04:34:36:250:268 Constructing Vendor FRAGMENTATION
10-20: 04:34:36:250:268 Constructing Vendor
draft-ietf-ipsec-nat-t-ike-02
10-20: 04:34:36:250:268 Constructing Vendor Vid-Initial-Contact
10-20: 04:34:36:265:268
10-20: 04:34:36:265:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
10-20: 04:34:36:265:268 ISAKMP Header: (V1.0), len = 168
10-20: 04:34:36:265:268 I-COOKIE 989a0f9d8b2d115c
10-20: 04:34:36:265:268 R-COOKIE 0000000000000000
10-20: 04:34:36:265:268 exchange: Oakley Main Mode
10-20: 04:34:36:265:268 flags: 0
10-20: 04:34:36:265:268 next payload: SA
10-20: 04:34:36:265:268 message ID: 00000000
10-20: 04:34:36:265:268 Ports S:f401 D:f401
10-20: 04:34:36:265:268
10-20: 04:34:36:265:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.500
10-20: 04:34:36:265:268 ISAKMP Header: (V1.0), len = 140
10-20: 04:34:36:265:268 I-COOKIE 989a0f9d8b2d115c
10-20: 04:34:36:265:268 R-COOKIE 6e1470b16d168b03
10-20: 04:34:36:265:268 exchange: Oakley Main Mode
10-20: 04:34:36:265:268 flags: 0
10-20: 04:34:36:265:268 next payload: SA
10-20: 04:34:36:265:268 message ID: 00000000
10-20: 04:34:36:265:268 processing payload SA
10-20: 04:34:36:265:268 Received Phase 1 Transform 1
10-20: 04:34:36:265:268 Encryption Alg Triple DES CBC(5)
10-20: 04:34:36:265:268 Hash Alg SHA(2)
10-20: 04:34:36:265:268 Oakley Group 2
10-20: 04:34:36:265:268 Auth Method RSA Signature with
Certificates(3)
10-20: 04:34:36:265:268 Life type in Seconds
10-20: 04:34:36:265:268 Life duration of 300
10-20: 04:34:36:265:268 Phase 1 SA accepted: transform=1
10-20: 04:34:36:265:268 SA - Oakley proposal accepted
10-20: 04:34:36:265:268 processing payload VENDOR ID
10-20: 04:34:36:265:268 processing payload VENDOR ID
10-20: 04:34:36:265:268 processing payload VENDOR ID
10-20: 04:34:36:265:268 Received VendorId draft-ietf-ipsec-nat-t-ike-02
10-20: 04:34:36:265:268 ClearFragList
10-20: 04:34:36:265:268 constructing ISAKMP Header
10-20: 04:34:36:296:268 constructing KE
10-20: 04:34:36:296:268 constructing NONCE (ISAKMP)
10-20: 04:34:36:296:268 Constructing NatDisc
10-20: 04:34:36:296:268
10-20: 04:34:36:296:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
10-20: 04:34:36:296:268 ISAKMP Header: (V1.0), len = 232
10-20: 04:34:36:296:268 I-COOKIE 989a0f9d8b2d115c
10-20: 04:34:36:296:268 R-COOKIE 6e1470b16d168b03
10-20: 04:34:36:296:268 exchange: Oakley Main Mode
10-20: 04:34:36:296:268 flags: 0
10-20: 04:34:36:296:268 next payload: KE
10-20: 04:34:36:296:268 message ID: 00000000
10-20: 04:34:36:296:268 Ports S:f401 D:f401
10-20: 04:34:36:296:268
10-20: 04:34:36:296:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.500
10-20: 04:34:36:296:268 ISAKMP Header: (V1.0), len = 228
10-20: 04:34:36:296:268 I-COOKIE 989a0f9d8b2d115c
10-20: 04:34:36:296:268 R-COOKIE 6e1470b16d168b03
10-20: 04:34:36:296:268 exchange: Oakley Main Mode
10-20: 04:34:36:296:268 flags: 0
10-20: 04:34:36:296:268 next payload: KE
10-20: 04:34:36:296:268 message ID: 00000000
10-20: 04:34:36:296:268 processing payload KE
10-20: 04:34:36:312:268 processing payload NONCE
10-20: 04:34:36:312:268 processing payload NATDISC
10-20: 04:34:36:312:268 Processing NatHash
10-20: 04:34:36:312:268 Nat hash cb554098df0c2470b82b6a5e64a7724a
10-20: 04:34:36:312:268 d3ae6081
10-20: 04:34:36:312:268 SA StateMask2 1f
10-20: 04:34:36:312:268 processing payload NATDISC
10-20: 04:34:36:312:268 Processing NatHash
10-20: 04:34:36:312:268 Nat hash 00f9bd31ecb7faea7887fec3824f8eff
10-20: 04:34:36:312:268 b9a73934
10-20: 04:34:36:312:268 SA StateMask2 9f
10-20: 04:34:36:312:268 ClearFragList
10-20: 04:34:36:312:268 Floated Ports Orig Me:f401 Peer:f401
10-20: 04:34:36:312:268 Floated Ports Me:9411 Peer:9411
10-20: 04:34:36:312:268 constructing ISAKMP Header
10-20: 04:34:36:312:268 constructing ID
10-20: 04:34:36:312:268 Received no valid CRPs. Using all configured
10-20: 04:34:36:312:268 Looking for IPSec only cert
10-20: 04:34:36:312:268 failed to get chain 80092004
10-20: 04:34:36:312:268 Looking for any cert
10-20: 04:34:36:312:268 Cert Trustes. 0 100
10-20: 04:34:36:312:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 04:34:36:312:268 6fb09c33
10-20: 04:34:36:312:268 Entered CRL check
10-20: 04:34:36:312:268 Left CRL check
10-20: 04:34:36:312:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 04:34:36:312:268 6fb09c33
10-20: 04:34:36:312:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
O=Atlas, CN=john.sullivan
10-20: 04:34:36:312:268 Cert Serialnumber 32
10-20: 04:34:36:312:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 04:34:36:312:268 6fb09c33
10-20: 04:34:36:312:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 04:34:36:312:268 Cert Serialnumber 00
10-20: 04:34:36:312:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 04:34:36:312:268 7e34f701
10-20: 04:34:36:312:268 Not storing My cert chain in SA.
10-20: 04:34:36:312:268 MM ID Type 9
10-20: 04:34:36:312:268 MM ID 3061310b300906035504061302555331
10-20: 04:34:36:312:268 0d300b060355040b130445786563310d
10-20: 04:34:36:312:268 300b060355040b1304436f6e73310c30
10-20: 04:34:36:312:268 0a060355040b1303456e67310e300c06
10-20: 04:34:36:312:268 0355040a130541746c61733116301406
10-20: 04:34:36:312:268 03550403130d6a6f686e2e73756c6c69
10-20: 04:34:36:312:268 76616e
10-20: 04:34:36:312:268 constructing CERT
10-20: 04:34:36:312:268 Construct SIG
10-20: 04:34:36:328:268 Constructing Cert Request
10-20: 04:34:36:328:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 04:34:36:328:268
10-20: 04:34:36:328:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
2.4500
10-20: 04:34:36:328:268 ISAKMP Header: (V1.0), len = 1188
10-20: 04:34:36:328:268 I-COOKIE 989a0f9d8b2d115c
10-20: 04:34:36:328:268 R-COOKIE 6e1470b16d168b03
10-20: 04:34:36:328:268 exchange: Oakley Main Mode
10-20: 04:34:36:328:268 flags: 1 ( encrypted )
10-20: 04:34:36:328:268 next payload: ID
10-20: 04:34:36:328:268 message ID: 00000000
10-20: 04:34:36:328:268 Ports S:9411 D:9411
10-20: 04:34:36:328:268
10-20: 04:34:36:328:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.4500
10-20: 04:34:36:328:268 ISAKMP Header: (V1.0), len = 1036
10-20: 04:34:36:328:268 I-COOKIE 989a0f9d8b2d115c
10-20: 04:34:36:328:268 R-COOKIE 6e1470b16d168b03
10-20: 04:34:36:328:268 exchange: Oakley Main Mode
10-20: 04:34:36:328:268 flags: 1 ( encrypted )
10-20: 04:34:36:328:268 next payload: ID
10-20: 04:34:36:328:268 message ID: 00000000
10-20: 04:34:36:328:268 processing payload ID
10-20: 04:34:36:328:268 processing payload CERT
10-20: 04:34:36:328:268 processing payload SIG
10-20: 04:34:36:328:268 Verifying CertStore
10-20: 04:34:36:328:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 04:34:36:328:268 Cert Serialnumber 31
10-20: 04:34:36:328:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 04:34:36:328:268 810b3d66
10-20: 04:34:36:328:268 Cert Trustes. 0 100
10-20: 04:34:36:328:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 04:34:36:328:268 Cert Serialnumber 31
10-20: 04:34:36:328:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 04:34:36:328:268 810b3d66
10-20: 04:34:36:328:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 04:34:36:328:268 Cert Serialnumber 00
10-20: 04:34:36:328:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 04:34:36:328:268 7e34f701
10-20: 04:34:36:328:268 Not storing Peer's cert chain in SA.
10-20: 04:34:36:328:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 04:34:36:328:268 810b3d66
10-20: 04:34:36:328:268 Entered CRL check
10-20: 04:34:36:343:268 Left CRL check
10-20: 04:34:36:343:268 Signature validated
10-20: 04:34:36:343:268 ClearFragList
10-20: 04:34:36:343:268 MM established. SA: 0011DAD0
10-20: 04:34:36:343:268 QM PolicyName: x4
{e461b6aa-60fd-4442-a2ab-673ed8751641} dwFlags 1
10-20: 04:34:36:343:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
10-20: 04:34:36:343:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-20: 04:34:36:343:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 04:34:36:343:268 GetSpi: src = 0.0.0.0.0000, dst =
192.168.223.15.0000, proto = 00, context = 0000000A, srcMask = 0.0.0.0,
destMask = 255.255.255.255, TunnelFilter 1
10-20: 04:34:36:343:268 Setting SPI 1127425367
10-20: 04:34:36:343:268 constructing ISAKMP Header
10-20: 04:34:36:343:268 constructing HASH (null)
10-20: 04:34:36:343:268 constructing SA (IPSEC)
10-20: 04:34:36:343:268 constructing QM KE
10-20: 04:34:36:375:268 constructing NONCE (IPSEC)
10-20: 04:34:36:375:268 constructing ID (proxy)
10-20: 04:34:36:375:268 constructing ID (proxy)
10-20: 04:34:36:375:268 constructing HASH (QM)
10-20: 04:34:36:375:268
10-20: 04:34:36:375:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
2.4500
10-20: 04:34:36:375:268 ISAKMP Header: (V1.0), len = 284
10-20: 04:34:36:375:268 I-COOKIE 989a0f9d8b2d115c
10-20: 04:34:36:375:268 R-COOKIE 6e1470b16d168b03
10-20: 04:34:36:375:268 exchange: Oakley Quick Mode
10-20: 04:34:36:375:268 flags: 1 ( encrypted )
10-20: 04:34:36:375:268 next payload: HASH
10-20: 04:34:36:375:268 message ID: 424c5d42
10-20: 04:34:36:375:268 Ports S:9411 D:9411
10-20: 04:34:36:375:268
10-20: 04:34:36:375:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.4500
10-20: 04:34:36:375:268 ISAKMP Header: (V1.0), len = 276
10-20: 04:34:36:375:268 I-COOKIE 989a0f9d8b2d115c
10-20: 04:34:36:375:268 R-COOKIE 6e1470b16d168b03
10-20: 04:34:36:375:268 exchange: Oakley Quick Mode
10-20: 04:34:36:375:268 flags: 1 ( encrypted )
10-20: 04:34:36:375:268 next payload: HASH
10-20: 04:34:36:375:268 message ID: 424c5d42
10-20: 04:34:36:375:268 processing HASH (QM)
10-20: 04:34:36:375:268 ClearFragList
10-20: 04:34:36:375:268 processing payload NONCE
10-20: 04:34:36:375:268 processing payload KE
10-20: 04:34:36:375:268 Quick Mode KE processed; Saved KE data
10-20: 04:34:36:375:268 processing payload ID
10-20: 04:34:36:375:268 processing payload ID
10-20: 04:34:36:375:268 processing payload SA
10-20: 04:34:36:375:268 Negotiated Proxy ID: Src 192.168.223.15.0 Dst
0.0.0.0.0
10-20: 04:34:36:375:268 Dst id for subnet. Mask 0.0.0.0
10-20: 04:34:36:375:268 Checking Proposal 1: Proto= ESP(3), num trans=1
Next=0
10-20: 04:34:36:375:268 Checking Transform # 1: ID=Triple DES CBC(3)
10-20: 04:34:36:375:268 tunnel mode is 61443(61443)
10-20: 04:34:36:375:268 HMAC algorithm is SHA(2)
10-20: 04:34:36:375:268 group description for PFS is 2
10-20: 04:34:36:375:268 Phase 2 SA accepted: proposal=1 transform=1
10-20: 04:34:36:390:268 constructing ISAKMP Header
10-20: 04:34:36:390:268 constructing HASH (QM)
10-20: 04:34:36:390:268 Adding QMs: src = 192.168.223.15.0000, dst =
0.0.0.0.0000, proto = 00, context = 0000000A, my tunnel =
192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 281 Direction 2
EncapType 3
10-20: 04:34:36:390:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 04:34:36:390:268 Algo[0] MySpi: 1127425367 PeerSpi: 1768772270
10-20: 04:34:36:390:268 Encap Ports Src 4500 Dst 4500
10-20: 04:34:36:390:268 Skipping Outbound SA add
10-20: 04:34:36:390:268 Adding QMs: src = 192.168.223.15.0000, dst =
0.0.0.0.0000, proto = 00, context = 0000000A, my tunnel =
192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 281 Direction 3
EncapType 3
10-20: 04:34:36:390:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 04:34:36:390:268 Algo[0] MySpi: 1127425367 PeerSpi: 1768772270
10-20: 04:34:36:390:268 Encap Ports Src 4500 Dst 4500
10-20: 04:34:36:390:268 Skipping Inbound SA add
10-20: 04:34:36:390:268 Leaving adjust_peer_list entry 000CF870 MMCount
0 QMCount 1
10-20: 04:34:36:390:268 isadb_set_status sa:0011DAD0 centry:000E6DC8
status 0
10-20: 04:34:36:390:268
10-20: 04:34:36:390:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
4.4500
10-20: 04:34:36:390:268 ISAKMP Header: (V1.0), len = 52
10-20: 04:34:36:390:268 I-COOKIE 989a0f9d8b2d115c
10-20: 04:34:36:390:268 R-COOKIE 6e1470b16d168b03
10-20: 04:34:36:390:268 exchange: Oakley Quick Mode
10-20: 04:34:36:390:268 flags: 1 ( encrypted )
10-20: 04:34:36:390:268 next payload: HASH
10-20: 04:34:36:390:268 message ID: 424c5d42
10-20: 04:34:36:390:268 Ports S:9411 D:9411
10-20: 04:35:36:406:268 CE Dead. sa:0011DAD0 ce:000E6DC8 status:35ef
10-20: 04:37:05:765:268
10-20: 04:37:05:781:268 Receive: (get) SA = 0x00000000 from
x.x.x.187.500
10-20: 04:37:05:781:268 ISAKMP Header: (V1.0), len = 292
10-20: 04:37:05:781:268 I-COOKIE 153d4973a327f835
10-20: 04:37:05:781:268 R-COOKIE 0000000000000000
10-20: 04:37:05:781:268 exchange: Oakley Main Mode
10-20: 04:37:05:781:268 flags: 0
10-20: 04:37:05:781:268 next payload: SA
10-20: 04:37:05:781:268 message ID: 00000000
10-20: 04:37:05:781:268 Filter to match: Src x.x.x.187 Dst
192.168.223.15
10-20: 04:37:05:781:268 MM PolicyName: 5
10-20: 04:37:05:781:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
10-20: 04:37:05:781:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
10-20: 04:37:05:781:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
10-20: 04:37:05:781:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
CN=NiagaraCA AuthFlags 0
10-20: 04:37:05:781:268 Responding with new SA e86b8
10-20: 04:37:05:781:268 processing payload SA
10-20: 04:37:05:781:268 Received Phase 1 Transform 0
10-20: 04:37:05:781:268 Life type in Seconds
10-20: 04:37:05:781:268 Life duration of 28800
10-20: 04:37:05:781:268 Encryption Alg Triple DES CBC(5)
10-20: 04:37:05:781:268 Hash Alg MD5(1)
10-20: 04:37:05:781:268 Auth Method RSA Signature with
Certificates(3)
10-20: 04:37:05:781:268 Oakley Group 5
10-20: 04:37:05:781:268 Received Phase 1 Transform 1
10-20: 04:37:05:781:268 Life type in Seconds
10-20: 04:37:05:781:268 Life duration of 28800
10-20: 04:37:05:781:268 Encryption Alg Triple DES CBC(5)
10-20: 04:37:05:781:268 Hash Alg SHA(2)
10-20: 04:37:05:781:268 Auth Method RSA Signature with
Certificates(3)
10-20: 04:37:05:781:268 Oakley Group 5
10-20: 04:37:05:781:268 Received Phase 1 Transform 2
10-20: 04:37:05:781:268 Life type in Seconds
10-20: 04:37:05:781:268 Life duration of 28800
10-20: 04:37:05:781:268 Encryption Alg Triple DES CBC(5)
10-20: 04:37:05:781:268 Hash Alg SHA(2)
10-20: 04:37:05:781:268 Auth Method RSA Signature with
Certificates(3)
10-20: 04:37:05:781:268 Oakley Group 2
10-20: 04:37:05:781:268 Received Phase 1 Transform 3
10-20: 04:37:05:781:268 Life type in Seconds
10-20: 04:37:05:781:268 Life duration of 28800
10-20: 04:37:05:781:268 Encryption Alg Triple DES CBC(5)
10-20: 04:37:05:781:268 Hash Alg MD5(1)
10-20: 04:37:05:781:268 Auth Method RSA Signature with
Certificates(3)
10-20: 04:37:05:781:268 Oakley Group 2
10-20: 04:37:05:781:268 Phase 1 SA accepted: transform=3
10-20: 04:37:05:781:268 SA - Oakley proposal accepted
10-20: 04:37:05:781:268 processing payload VENDOR ID
10-20: 04:37:05:781:268 processing payload VENDOR ID
10-20: 04:37:05:781:268 processing payload VENDOR ID
10-20: 04:37:05:781:268 processing payload VENDOR ID
10-20: 04:37:05:781:268 processing payload VENDOR ID
10-20: 04:37:05:781:268 processing payload VENDOR ID
10-20: 04:37:05:781:268 ClearFragList
10-20: 04:37:05:781:268 constructing ISAKMP Header
10-20: 04:37:05:781:268 constructing SA (ISAKMP)
10-20: 04:37:05:781:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
10-20: 04:37:05:781:268 Constructing Vendor FRAGMENTATION
10-20: 04:37:05:781:268 Constructing Vendor
draft-ietf-ipsec-nat-t-ike-02
10-20: 04:37:05:781:268
10-20: 04:37:05:781:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
10-20: 04:37:05:781:268 ISAKMP Header: (V1.0), len = 148
10-20: 04:37:05:781:268 I-COOKIE 153d4973a327f835
10-20: 04:37:05:781:268 R-COOKIE bbabc5f38bdf113d
10-20: 04:37:05:781:268 exchange: Oakley Main Mode
10-20: 04:37:05:781:268 flags: 0
10-20: 04:37:05:781:268 next payload: SA
10-20: 04:37:05:781:268 message ID: 00000000
10-20: 04:37:05:781:268 Ports S:f401 D:f401
10-20: 04:37:05:781:268
10-20: 04:37:05:781:268 Receive: (get) SA = 0x000e86b8 from
x.x.x.187.500
10-20: 04:37:05:781:268 ISAKMP Header: (V1.0), len = 228
10-20: 04:37:05:781:268 I-COOKIE 153d4973a327f835
10-20: 04:37:05:781:268 R-COOKIE bbabc5f38bdf113d
10-20: 04:37:05:781:268 exchange: Oakley Main Mode
10-20: 04:37:05:781:268 flags: 0
10-20: 04:37:05:781:268 next payload: KE
10-20: 04:37:05:781:268 message ID: 00000000
10-20: 04:37:05:781:268 processing payload KE
10-20: 04:37:05:828:268 processing payload NONCE
10-20: 04:37:05:828:268 ClearFragList
10-20: 04:37:05:828:268 constructing ISAKMP Header
10-20: 04:37:05:828:268 constructing KE
10-20: 04:37:05:828:268 constructing NONCE (ISAKMP)
10-20: 04:37:05:828:268 Constructing Cert Request
10-20: 04:37:05:828:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 04:37:05:828:268
10-20: 04:37:05:828:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
10-20: 04:37:05:828:268 ISAKMP Header: (V1.0), len = 254
10-20: 04:37:05:828:268 I-COOKIE 153d4973a327f835
10-20: 04:37:05:828:268 R-COOKIE bbabc5f38bdf113d
10-20: 04:37:05:828:268 exchange: Oakley Main Mode
10-20: 04:37:05:828:268 flags: 0
10-20: 04:37:05:828:268 next payload: KE
10-20: 04:37:05:828:268 message ID: 00000000
10-20: 04:37:05:828:268 Ports S:f401 D:f401
10-20: 04:37:05:828:268
10-20: 04:37:05:828:268 Receive: (get) SA = 0x000e86b8 from
x.x.x.187.500
10-20: 04:37:05:828:268 ISAKMP Header: (V1.0), len = 1044
10-20: 04:37:05:828:268 I-COOKIE 153d4973a327f835
10-20: 04:37:05:828:268 R-COOKIE bbabc5f38bdf113d
10-20: 04:37:05:828:268 exchange: Oakley Main Mode
10-20: 04:37:05:828:268 flags: 1 ( encrypted )
10-20: 04:37:05:828:268 next payload: ID
10-20: 04:37:05:828:268 message ID: 00000000
10-20: 04:37:05:828:268 processing payload ID
10-20: 04:37:05:828:268 processing payload CERT
10-20: 04:37:05:828:268 processing payload CRP
10-20: 04:37:05:828:268 processing payload SIG
10-20: 04:37:05:828:268 Verifying CertStore
10-20: 04:37:05:828:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 04:37:05:828:268 Cert Serialnumber 31
10-20: 04:37:05:828:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 04:37:05:828:268 810b3d66
10-20: 04:37:05:828:268 Cert Trustes. 0 100
10-20: 04:37:05:828:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 04:37:05:828:268 Cert Serialnumber 31
10-20: 04:37:05:828:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 04:37:05:828:268 810b3d66
10-20: 04:37:05:828:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 04:37:05:828:268 Cert Serialnumber 00
10-20: 04:37:05:828:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 04:37:05:828:268 7e34f701
10-20: 04:37:05:828:268 Not storing Peer's cert chain in SA.
10-20: 04:37:05:828:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 04:37:05:828:268 810b3d66
10-20: 04:37:05:828:268 Entered CRL check
10-20: 04:37:05:843:268 Left CRL check
10-20: 04:37:05:843:268 Signature validated
10-20: 04:37:05:843:268 ClearFragList
10-20: 04:37:05:843:268 constructing ISAKMP Header
10-20: 04:37:05:843:268 constructing ID
10-20: 04:37:05:843:268 Received no valid CRPs. Using all configured
10-20: 04:37:05:843:268 Looking for IPSec only cert
10-20: 04:37:05:843:268 failed to get chain 80092004
10-20: 04:37:05:843:268 Looking for any cert
10-20: 04:37:05:843:268 Cert Trustes. 0 100
10-20: 04:37:05:843:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 04:37:05:843:268 6fb09c33
10-20: 04:37:05:843:268 Entered CRL check
10-20: 04:37:05:843:268 Left CRL check
10-20: 04:37:05:843:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 04:37:05:843:268 6fb09c33
10-20: 04:37:05:843:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
O=Atlas, CN=john.sullivan
10-20: 04:37:05:843:268 Cert Serialnumber 32
10-20: 04:37:05:843:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 04:37:05:843:268 6fb09c33
10-20: 04:37:05:843:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 04:37:05:843:268 Cert Serialnumber 00
10-20: 04:37:05:843:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 04:37:05:843:268 7e34f701
10-20: 04:37:05:843:268 Not storing My cert chain in SA.
10-20: 04:37:05:843:268 MM ID Type 9
10-20: 04:37:05:843:268 MM ID 3061310b300906035504061302555331
10-20: 04:37:05:843:268 0d300b060355040b130445786563310d
10-20: 04:37:05:843:268 300b060355040b1304436f6e73310c30
10-20: 04:37:05:843:268 0a060355040b1303456e67310e300c06
10-20: 04:37:05:843:268 0355040a130541746c61733116301406
10-20: 04:37:05:843:268 03550403130d6a6f686e2e73756c6c69
10-20: 04:37:05:843:268 76616e
10-20: 04:37:05:843:268 constructing CERT
10-20: 04:37:05:843:268 Construct SIG
10-20: 04:37:05:843:268 MM established. SA: 000E86B8
10-20: 04:37:05:843:268
10-20: 04:37:05:843:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
10-20: 04:37:05:843:268 ISAKMP Header: (V1.0), len = 1116
10-20: 04:37:05:843:268 I-COOKIE 153d4973a327f835
10-20: 04:37:05:843:268 R-COOKIE bbabc5f38bdf113d
10-20: 04:37:05:843:268 exchange: Oakley Main Mode
10-20: 04:37:05:843:268 flags: 1 ( encrypted )
10-20: 04:37:05:843:268 next payload: ID
10-20: 04:37:05:843:268 message ID: 00000000
10-20: 04:37:05:843:268 Ports S:f401 D:f401
10-20: 04:37:07:31:7f0 retransmit: sa = 000E86B8 centry 00000000 , count
= 1
10-20: 04:37:07:687:7f0
10-20: 04:37:07:687:7f0 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
10-20: 04:37:07:687:7f0 ISAKMP Header: (V1.0), len = 1116
10-20: 04:37:07:687:7f0 I-COOKIE 153d4973a327f835
10-20: 04:37:07:687:7f0 R-COOKIE bbabc5f38bdf113d
10-20: 04:37:07:687:7f0 exchange: Oakley Main Mode
10-20: 04:37:07:687:7f0 flags: 1 ( encrypted )
10-20: 04:37:07:687:7f0 next payload: ID
10-20: 04:37:07:687:7f0 message ID: 00000000
10-20: 04:37:07:687:7f0 Ports S:f401 D:f401
10-20: 04:37:10:31:7f0 retransmit: sa = 000E86B8 centry 00000000 , count
= 2
10-20: 04:37:10:31:7f0
10-20: 04:37:10:31:7f0 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
10-20: 04:37:10:31:7f0 ISAKMP Header: (V1.0), len = 1116
10-20: 04:37:10:31:7f0 I-COOKIE 153d4973a327f835
10-20: 04:37:10:31:7f0 R-COOKIE bbabc5f38bdf113d
10-20: 04:37:10:31:7f0 exchange: Oakley Main Mode
10-20: 04:37:10:31:7f0 flags: 1 ( encrypted )
10-20: 04:37:10:31:7f0 next payload: ID
10-20: 04:37:10:31:7f0 message ID: 00000000
10-20: 04:37:10:31:7f0 Ports S:f401 D:f401
10-20: 04:37:14:31:7f0 retransmit: sa = 000E86B8 centry 00000000 , count
= 3
10-20: 04:37:14:31:7f0
10-20: 04:37:14:31:7f0 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
10-20: 04:37:14:31:7f0 ISAKMP Header: (V1.0), len = 1116
10-20: 04:37:14:31:7f0 I-COOKIE 153d4973a327f835
10-20: 04:37:14:31:7f0 R-COOKIE bbabc5f38bdf113d
10-20: 04:37:14:31:7f0 exchange: Oakley Main Mode
10-20: 04:37:14:31:7f0 flags: 1 ( encrypted )
10-20: 04:37:14:31:7f0 next payload: ID
10-20: 04:37:14:31:7f0 message ID: 00000000
10-20: 04:37:14:31:7f0 Ports S:f401 D:f401
10-20: 04:37:22:31:7f0 retransmit: sa = 000E86B8 centry 00000000 , count
= 4
10-20: 04:37:22:31:7f0
10-20: 04:37:22:31:7f0 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
10-20: 04:37:22:31:7f0 ISAKMP Header: (V1.0), len = 1116
10-20: 04:37:22:31:7f0 I-COOKIE 153d4973a327f835
10-20: 04:37:22:31:7f0 R-COOKIE bbabc5f38bdf113d
10-20: 04:37:22:31:7f0 exchange: Oakley Main Mode
10-20: 04:37:22:31:7f0 flags: 1 ( encrypted )
10-20: 04:37:22:31:7f0 next payload: ID
10-20: 04:37:22:31:7f0 message ID: 00000000
10-20: 04:37:22:31:7f0 Ports S:f401 D:f401
10-20: 04:37:37:812:268 Peer List Entry 000CF870
10-20: 04:37:38:31:7f0 retransmit: sa = 000E86B8 centry 00000000 , count
= 5
10-20: 04:37:38:62:7f0
10-20: 04:37:38:62:7f0 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
10-20: 04:37:38:62:7f0 ISAKMP Header: (V1.0), len = 1116
10-20: 04:37:38:62:7f0 I-COOKIE 153d4973a327f835
10-20: 04:37:38:62:7f0 R-COOKIE bbabc5f38bdf113d
10-20: 04:37:38:62:7f0 exchange: Oakley Main Mode
10-20: 04:37:38:62:7f0 flags: 1 ( encrypted )
10-20: 04:37:38:62:7f0 next payload: ID
10-20: 04:37:38:62:7f0 message ID: 00000000
10-20: 04:37:38:62:7f0 Ports S:f401 D:f401
10-20: 04:38:10:31:7f0 retransmit exhausted: sa = 000E86B8 centry
00000000, count = 6
10-20: 04:38:10:31:7f0 SA Dead. sa:000E86B8 status:35ed
10-20: 04:38:10:31:7f0 isadb_set_status sa:000E86B8 centry:00000000
status 35ed
10-20: 04:38:10:31:7f0 constructing ISAKMP Header
10-20: 04:38:10:31:7f0 constructing HASH (null)
10-20: 04:38:10:31:7f0 constructing DELETE. MM 000E86B8
10-20: 04:38:10:31:7f0 constructing HASH (Notify/Delete)
10-20: 04:38:10:31:7f0 Not setting retransmit to downlevel client. SA
000E86B8 Centry 00000000
10-20: 04:38:10:31:7f0
10-20: 04:38:10:31:7f0 Sending: SA = 0x000E86B8 to x.x.x.187:Type 1.500
10-20: 04:38:10:31:7f0 ISAKMP Header: (V1.0), len = 84
10-20: 04:38:10:31:7f0 I-COOKIE 153d4973a327f835
10-20: 04:38:10:31:7f0 R-COOKIE bbabc5f38bdf113d
10-20: 04:38:10:31:7f0 exchange: ISAKMP Informational Exchange
10-20: 04:38:10:31:7f0 flags: 1 ( encrypted )
10-20: 04:38:10:31:7f0 next payload: HASH
10-20: 04:38:10:31:7f0 message ID: a771f5b5
10-20: 04:38:10:31:7f0 Ports S:f401 D:f401
10-20: 04:38:10:31:268
10-20: 04:38:10:31:268 Receive: (get) SA = 0x000e86b8 from x.x.x.187.500
10-20: 04:38:10:31:268 ISAKMP Header: (V1.0), len = 84
10-20: 04:38:10:31:268 I-COOKIE 153d4973a327f835
10-20: 04:38:10:31:268 R-COOKIE bbabc5f38bdf113d
10-20: 04:38:10:31:268 exchange: ISAKMP Informational Exchange
10-20: 04:38:10:31:268 flags: 1 ( encrypted )
10-20: 04:38:10:31:268 next payload: HASH
10-20: 04:38:10:31:268 message ID: 60f90491
10-20: 04:38:10:31:268 processing HASH (Notify/Delete)
10-20: 04:38:10:31:268 processing payload DELETE
10-20: 04:38:22:812:268 ClearFragList
10-20: 04:38:36:375:268 Expire_sa SA=11dad0
10-20: 04:38:36:375:268 SA Dead. sa:0011DAD0 status:35ef
10-20: 04:38:36:375:268 isadb_set_status sa:0011DAD0 centry:00000000
status 35ef
10-20: 04:38:36:375:268 constructing ISAKMP Header
10-20: 04:38:36:375:268 constructing HASH (null)
10-20: 04:38:36:375:268 constructing DELETE. MM 0011DAD0
10-20: 04:38:36:375:268 constructing HASH (Notify/Delete)
10-20: 04:38:36:375:268 Not setting retransmit to downlevel client. SA
0011DAD0 Centry 00000000
10-20: 04:38:36:375:268
10-20: 04:38:36:375:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
1.4500
10-20: 04:38:36:375:268 ISAKMP Header: (V1.0), len = 84
10-20: 04:38:36:375:268 I-COOKIE 989a0f9d8b2d115c
10-20: 04:38:36:375:268 R-COOKIE 6e1470b16d168b03
10-20: 04:38:36:375:268 exchange: ISAKMP Informational Exchange
10-20: 04:38:36:375:268 flags: 1 ( encrypted )
10-20: 04:38:36:375:268 next payload: HASH
10-20: 04:38:36:375:268 message ID: d6da9785
10-20: 04:38:36:375:268 Ports S:9411 D:9411
10-20: 04:38:36:375:268
10-20: 04:38:36:375:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.4500
10-20: 04:38:36:375:268 ISAKMP Header: (V1.0), len = 84
10-20: 04:38:36:375:268 I-COOKIE 989a0f9d8b2d115c
10-20: 04:38:36:375:268 R-COOKIE 6e1470b16d168b03
10-20: 04:38:36:375:268 exchange: ISAKMP Informational Exchange
10-20: 04:38:36:375:268 flags: 1 ( encrypted )
10-20: 04:38:36:375:268 next payload: HASH
10-20: 04:38:36:375:268 message ID: cc986f1e
10-20: 04:38:36:375:268 processing HASH (Notify/Delete)
10-20: 04:38:36:375:268 processing payload DELETE
10-20: 04:41:22:828:268 Peer List Entry 000CF870
10-20: 04:45:07:843:268 Peer List Entry 000CF870
10-20: 04:48:52:843:268 Peer List Entry 000CF870
10-20: 04:52:37:843:268 Peer List Entry 000CF870
10-20: 04:55:35:984:784 isadb_schedule_kill_oldPolicy_sas:
23738551-6d03-4229-93aa9ae81f7420c4 4
10-20: 04:55:35:984:784 isadb_schedule_kill_oldPolicy_sas:
f5f72e1d-b374-4435-a0cbb741502c10c4 4
10-20: 04:55:35:984:784 isadb_schedule_kill_oldPolicy_sas:
b9b73f84-d984-444f-ae02442c49997431 3
10-20: 04:55:35:984:784 isadb_schedule_kill_oldPolicy_sas:
98d3d3af-2725-4c09-960aeebd2824140d 3
10-20: 04:55:35:984:784 isadb_schedule_kill_oldPolicy_sas:
0a95bfd7-070a-4ec4-b1adb68de913c0d1 1
10-20: 04:55:35:984:268 QM Deleted. Notify from driver: Src
192.168.223.15 Dest 0.0.0.0 InSPI 1127425367 OutSpi 1768772270 Tunnel
bbfb4b18 TunnelFilter 0
10-20: 04:55:35:984:268 Leaving adjust_peer_list entry 000CF870 MMCount
0 QMCount 0
10-20: 04:55:35:984:268 constructing ISAKMP Header
10-20: 04:55:35:984:268 constructing HASH (null)
10-20: 04:55:35:984:268 Construct QM Delete Spi 1127425367
10-20: 04:55:35:984:268 constructing HASH (Notify/Delete)
10-20: 04:55:35:984:268 Not setting retransmit to downlevel client. SA
0011DAD0 Centry 00000000
10-20: 04:55:35:984:268
10-20: 04:55:35:984:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
1.4500
10-20: 04:55:35:984:268 ISAKMP Header: (V1.0), len = 68
10-20: 04:55:35:984:268 I-COOKIE 989a0f9d8b2d115c
10-20: 04:55:35:984:268 R-COOKIE 6e1470b16d168b03
10-20: 04:55:35:984:268 exchange: ISAKMP Informational Exchange
10-20: 04:55:35:984:268 flags: 1 ( encrypted )
10-20: 04:55:35:984:268 next payload: HASH
10-20: 04:55:35:984:268 message ID: db39b784
10-20: 04:55:35:984:268 Ports S:9411 D:9411
10-20: 04:55:35:984:268 PrivatePeerAddr 0
10-20: 04:55:35:984:784 isadb_schedule_kill_oldPolicy_sas:
e461b6aa-60fd-4442-a2ab673ed8751641 2
10-20: 04:55:36:0:268 entered kill_old_policy_sas 4
10-20: 04:55:36:0:268 entered kill_old_policy_sas 4
10-20: 04:55:36:0:268 entered kill_old_policy_sas 3
10-20: 04:55:36:0:268 entered kill_old_policy_sas 3
10-20: 04:55:36:0:268 entered kill_old_policy_sas 1
10-20: 04:55:36:0:268 entered kill_old_policy_sas 2
10-20: 04:55:37:859:268 ClearFragList
10-20: 04:55:38:203:7e8 Acquire from driver: op=0000000B
src=192.168.223.15.0 dst=10.1.1.36.0 proto = 0, SrcMask=255.255.255.255,
DstMask=0.0.0.0, Tunnel 1, TunnelEndpt=x.x.x.187 Inbound
TunnelEndpt=192.168.223.15
10-20: 04:55:38:203:268 Filter to match: Src x.x.x.187 Dst
192.168.223.15
10-20: 04:55:38:203:268 MM PolicyName: 6
10-20: 04:55:38:203:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
10-20: 04:55:38:203:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
10-20: 04:55:38:203:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
10-20: 04:55:38:203:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
CN=NiagaraCA AuthFlags 0
10-20: 04:55:38:203:268 QM PolicyName: x4
{5a9ed79c-e716-459f-88f3-4888eaebd6b2} dwFlags 1
10-20: 04:55:38:203:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
10-20: 04:55:38:203:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-20: 04:55:38:203:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 04:55:38:203:268 Starting Negotiation: src = 192.168.223.15.0500,
dst = x.x.x.187.0500, proto = 00, context = 0000000B, ProxySrc =
192.168.223.15.0000, ProxyDst = 0.0.0.0.0000 SrcMask = 255.255.255.255
DstMask = 0.0.0.0
10-20: 04:55:38:203:268 constructing ISAKMP Header
10-20: 04:55:38:203:268 constructing SA (ISAKMP)
10-20: 04:55:38:203:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
10-20: 04:55:38:203:268 Constructing Vendor FRAGMENTATION
10-20: 04:55:38:203:268 Constructing Vendor
draft-ietf-ipsec-nat-t-ike-02
10-20: 04:55:38:203:268 Constructing Vendor Vid-Initial-Contact
10-20: 04:55:38:203:268
10-20: 04:55:38:203:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
10-20: 04:55:38:203:268 ISAKMP Header: (V1.0), len = 168
10-20: 04:55:38:203:268 I-COOKIE 39cb29bc833401b6
10-20: 04:55:38:203:268 R-COOKIE 0000000000000000
10-20: 04:55:38:203:268 exchange: Oakley Main Mode
10-20: 04:55:38:203:268 flags: 0
10-20: 04:55:38:203:268 next payload: SA
10-20: 04:55:38:203:268 message ID: 00000000
10-20: 04:55:38:203:268 Ports S:f401 D:f401
10-20: 04:55:38:203:268
10-20: 04:55:38:203:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.500
10-20: 04:55:38:203:268 ISAKMP Header: (V1.0), len = 140
10-20: 04:55:38:203:268 I-COOKIE 39cb29bc833401b6
10-20: 04:55:38:203:268 R-COOKIE ae20b66308240023
10-20: 04:55:38:203:268 exchange: Oakley Main Mode
10-20: 04:55:38:203:268 flags: 0
10-20: 04:55:38:203:268 next payload: SA
10-20: 04:55:38:203:268 message ID: 00000000
10-20: 04:55:38:203:268 processing payload SA
10-20: 04:55:38:203:268 Received Phase 1 Transform 1
10-20: 04:55:38:203:268 Encryption Alg Triple DES CBC(5)
10-20: 04:55:38:203:268 Hash Alg SHA(2)
10-20: 04:55:38:203:268 Oakley Group 2
10-20: 04:55:38:203:268 Auth Method RSA Signature with
Certificates(3)
10-20: 04:55:38:203:268 Life type in Seconds
10-20: 04:55:38:203:268 Life duration of 300
10-20: 04:55:38:203:268 Phase 1 SA accepted: transform=1
10-20: 04:55:38:203:268 SA - Oakley proposal accepted
10-20: 04:55:38:203:268 processing payload VENDOR ID
10-20: 04:55:38:203:268 processing payload VENDOR ID
10-20: 04:55:38:203:268 processing payload VENDOR ID
10-20: 04:55:38:203:268 Received VendorId draft-ietf-ipsec-nat-t-ike-02
10-20: 04:55:38:203:268 ClearFragList
10-20: 04:55:38:203:268 constructing ISAKMP Header
10-20: 04:55:38:234:268 constructing KE
10-20: 04:55:38:234:268 constructing NONCE (ISAKMP)
10-20: 04:55:38:234:268 Constructing NatDisc
10-20: 04:55:38:234:268
10-20: 04:55:38:234:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
10-20: 04:55:38:234:268 ISAKMP Header: (V1.0), len = 232
10-20: 04:55:38:234:268 I-COOKIE 39cb29bc833401b6
10-20: 04:55:38:234:268 R-COOKIE ae20b66308240023
10-20: 04:55:38:234:268 exchange: Oakley Main Mode
10-20: 04:55:38:234:268 flags: 0
10-20: 04:55:38:234:268 next payload: KE
10-20: 04:55:38:234:268 message ID: 00000000
10-20: 04:55:38:234:268 Ports S:f401 D:f401
10-20: 04:55:38:250:268
10-20: 04:55:38:250:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.500
10-20: 04:55:38:250:268 ISAKMP Header: (V1.0), len = 228
10-20: 04:55:38:250:268 I-COOKIE 39cb29bc833401b6
10-20: 04:55:38:250:268 R-COOKIE ae20b66308240023
10-20: 04:55:38:250:268 exchange: Oakley Main Mode
10-20: 04:55:38:250:268 flags: 0
10-20: 04:55:38:250:268 next payload: KE
10-20: 04:55:38:250:268 message ID: 00000000
10-20: 04:55:38:250:268 processing payload KE
10-20: 04:55:38:250:268 processing payload NONCE
10-20: 04:55:38:250:268 processing payload NATDISC
10-20: 04:55:38:250:268 Processing NatHash
10-20: 04:55:38:250:268 Nat hash b452e0c8c4f3aa37b52fae317f9d2076
10-20: 04:55:38:250:268 be416574
10-20: 04:55:38:250:268 SA StateMask2 1f
10-20: 04:55:38:250:268 processing payload NATDISC
10-20: 04:55:38:250:268 Processing NatHash
10-20: 04:55:38:250:268 Nat hash 8ddb76dcfbc78d67953170f246899f78
10-20: 04:55:38:250:268 7f82f831
10-20: 04:55:38:250:268 SA StateMask2 5f
10-20: 04:55:38:250:268 ClearFragList
10-20: 04:55:38:250:268 Peer behind NAT
10-20: 04:55:38:250:268 Floated Ports Orig Me:f401 Peer:f401
10-20: 04:55:38:250:268 Floated Ports Me:9411 Peer:9411
10-20: 04:55:38:250:268 constructing ISAKMP Header
10-20: 04:55:38:250:268 constructing ID
10-20: 04:55:38:265:268 Received no valid CRPs. Using all configured
10-20: 04:55:38:265:268 Looking for IPSec only cert
10-20: 04:55:38:265:268 failed to get chain 80092004
10-20: 04:55:38:265:268 Looking for any cert
10-20: 04:55:38:265:268 Cert Trustes. 0 100
10-20: 04:55:38:265:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 04:55:38:265:268 6fb09c33
10-20: 04:55:38:265:268 Entered CRL check
10-20: 04:55:38:265:268 Left CRL check
10-20: 04:55:38:265:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 04:55:38:265:268 6fb09c33
10-20: 04:55:38:265:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
O=Atlas, CN=john.sullivan
10-20: 04:55:38:265:268 Cert Serialnumber 32
10-20: 04:55:38:265:268 Cert SHA Thumbprint
14d55b83f2c50204c7a1b0320403e877
10-20: 04:55:38:265:268 6fb09c33
10-20: 04:55:38:265:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 04:55:38:265:268 Cert Serialnumber 00
10-20: 04:55:38:265:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 04:55:38:265:268 7e34f701
10-20: 04:55:38:265:268 Not storing My cert chain in SA.
10-20: 04:55:38:265:268 MM ID Type 9
10-20: 04:55:38:265:268 MM ID 3061310b300906035504061302555331
10-20: 04:55:38:265:268 0d300b060355040b130445786563310d
10-20: 04:55:38:265:268 300b060355040b1304436f6e73310c30
10-20: 04:55:38:265:268 0a060355040b1303456e67310e300c06
10-20: 04:55:38:265:268 0355040a130541746c61733116301406
10-20: 04:55:38:265:268 03550403130d6a6f686e2e73756c6c69
10-20: 04:55:38:265:268 76616e
10-20: 04:55:38:265:268 constructing CERT
10-20: 04:55:38:265:268 Construct SIG
10-20: 04:55:38:265:268 Constructing Cert Request
10-20: 04:55:38:265:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 04:55:38:265:268
10-20: 04:55:38:265:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
2.4500
10-20: 04:55:38:265:268 ISAKMP Header: (V1.0), len = 1188
10-20: 04:55:38:265:268 I-COOKIE 39cb29bc833401b6
10-20: 04:55:38:265:268 R-COOKIE ae20b66308240023
10-20: 04:55:38:265:268 exchange: Oakley Main Mode
10-20: 04:55:38:265:268 flags: 1 ( encrypted )
10-20: 04:55:38:265:268 next payload: ID
10-20: 04:55:38:265:268 message ID: 00000000
10-20: 04:55:38:265:268 Ports S:9411 D:9411
10-20: 04:55:38:281:268
10-20: 04:55:38:281:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.4500
10-20: 04:55:38:281:268 ISAKMP Header: (V1.0), len = 1036
10-20: 04:55:38:281:268 I-COOKIE 39cb29bc833401b6
10-20: 04:55:38:281:268 R-COOKIE ae20b66308240023
10-20: 04:55:38:281:268 exchange: Oakley Main Mode
10-20: 04:55:38:281:268 flags: 1 ( encrypted )
10-20: 04:55:38:281:268 next payload: ID
10-20: 04:55:38:281:268 message ID: 00000000
10-20: 04:55:38:281:268 processing payload ID
10-20: 04:55:38:281:268 processing payload CERT
10-20: 04:55:38:281:268 processing payload SIG
10-20: 04:55:38:281:268 Verifying CertStore
10-20: 04:55:38:281:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 04:55:38:281:268 Cert Serialnumber 31
10-20: 04:55:38:281:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 04:55:38:281:268 810b3d66
10-20: 04:55:38:281:268 Cert Trustes. 0 100
10-20: 04:55:38:281:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
CN=NiagaraRASGW
10-20: 04:55:38:281:268 Cert Serialnumber 31
10-20: 04:55:38:281:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 04:55:38:281:268 810b3d66
10-20: 04:55:38:281:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
10-20: 04:55:38:281:268 Cert Serialnumber 00
10-20: 04:55:38:281:268 Cert SHA Thumbprint
cf0864544e576e1a7299910e43bcb892
10-20: 04:55:38:281:268 7e34f701
10-20: 04:55:38:281:268 Not storing Peer's cert chain in SA.
10-20: 04:55:38:281:268 Cert SHA Thumbprint
3db57eeadd06add8824b4cebda04e661
10-20: 04:55:38:281:268 810b3d66
10-20: 04:55:38:281:268 Entered CRL check
10-20: 04:55:38:281:268 Left CRL check
10-20: 04:55:38:281:268 Signature validated
10-20: 04:55:38:281:268 ClearFragList
10-20: 04:55:38:281:268 MM established. SA: 0011DAD0
10-20: 04:55:38:281:268 QM PolicyName: x4
{5a9ed79c-e716-459f-88f3-4888eaebd6b2} dwFlags 1
10-20: 04:55:38:281:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
10-20: 04:55:38:281:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-20: 04:55:38:281:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 04:55:38:281:268 GetSpi: src = 0.0.0.0.0000, dst =
192.168.223.15.0000, proto = 00, context = 0000000B, srcMask = 0.0.0.0,
destMask = 255.255.255.255, TunnelFilter 1
10-20: 04:55:38:281:268 Setting SPI 48541045
10-20: 04:55:38:281:268 constructing ISAKMP Header
10-20: 04:55:38:281:268 constructing HASH (null)
10-20: 04:55:38:281:268 constructing SA (IPSEC)
10-20: 04:55:38:281:268 constructing QM KE
10-20: 04:55:38:312:268 constructing NONCE (IPSEC)
10-20: 04:55:38:312:268 constructing ID (proxy)
10-20: 04:55:38:312:268 constructing ID (proxy)
10-20: 04:55:38:312:268 constructing HASH (QM)
10-20: 04:55:38:312:268
10-20: 04:55:38:312:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
2.4500
10-20: 04:55:38:312:268 ISAKMP Header: (V1.0), len = 284
10-20: 04:55:38:312:268 I-COOKIE 39cb29bc833401b6
10-20: 04:55:38:312:268 R-COOKIE ae20b66308240023
10-20: 04:55:38:312:268 exchange: Oakley Quick Mode
10-20: 04:55:38:312:268 flags: 1 ( encrypted )
10-20: 04:55:38:312:268 next payload: HASH
10-20: 04:55:38:312:268 message ID: 23135286
10-20: 04:55:38:312:268 Ports S:9411 D:9411
10-20: 04:55:38:328:268
10-20: 04:55:38:328:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.4500
10-20: 04:55:38:328:268 ISAKMP Header: (V1.0), len = 276
10-20: 04:55:38:328:268 I-COOKIE 39cb29bc833401b6
10-20: 04:55:38:328:268 R-COOKIE ae20b66308240023
10-20: 04:55:38:328:268 exchange: Oakley Quick Mode
10-20: 04:55:38:328:268 flags: 1 ( encrypted )
10-20: 04:55:38:328:268 next payload: HASH
10-20: 04:55:38:328:268 message ID: 23135286
10-20: 04:55:38:328:268 processing HASH (QM)
10-20: 04:55:38:328:268 ClearFragList
10-20: 04:55:38:328:268 processing payload NONCE
10-20: 04:55:38:328:268 processing payload KE
10-20: 04:55:38:328:268 Quick Mode KE processed; Saved KE data
10-20: 04:55:38:328:268 processing payload ID
10-20: 04:55:38:328:268 processing payload ID
10-20: 04:55:38:328:268 processing payload SA
10-20: 04:55:38:328:268 Negotiated Proxy ID: Src 192.168.223.15.0 Dst
0.0.0.0.0
10-20: 04:55:38:328:268 Dst id for subnet. Mask 0.0.0.0
10-20: 04:55:38:328:268 Checking Proposal 1: Proto= ESP(3), num trans=1
Next=0
10-20: 04:55:38:328:268 Checking Transform # 1: ID=Triple DES CBC(3)
10-20: 04:55:38:328:268 tunnel mode is 61443(61443)
10-20: 04:55:38:328:268 HMAC algorithm is SHA(2)
10-20: 04:55:38:328:268 group description for PFS is 2
10-20: 04:55:38:328:268 Phase 2 SA accepted: proposal=1 transform=1
10-20: 04:55:38:328:268 constructing ISAKMP Header
10-20: 04:55:38:328:268 constructing HASH (QM)
10-20: 04:55:38:328:268 isadb_find_peer_entry found entry
10-20: 04:55:38:328:268 Adding QMs: src = 192.168.223.15.0000, dst =
0.0.0.0.0000, proto = 00, context = 0000000B, my tunnel =
192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 2
EncapType 3
10-20: 04:55:38:328:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 04:55:38:328:268 Algo[0] MySpi: 48541045 PeerSpi: 1768772335
10-20: 04:55:38:328:268 Encap Ports Src 4500 Dst 4500
10-20: 04:55:38:328:268 Skipping Outbound SA add
10-20: 04:55:38:328:268 isadb_find_peer_entry found entry
10-20: 04:55:38:328:268 Adding QMs: src = 192.168.223.15.0000, dst =
0.0.0.0.0000, proto = 00, context = 0000000B, my tunnel =
192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 3
EncapType 3
10-20: 04:55:38:328:268 Algo[0] Operation: ESP Algo: Triple DES CBC
HMAC: SHA
10-20: 04:55:38:328:268 Algo[0] MySpi: 48541045 PeerSpi: 1768772335
10-20: 04:55:38:328:268 Encap Ports Src 4500 Dst 4500
10-20: 04:55:38:328:268 Skipping Inbound SA add
10-20: 04:55:38:328:268 isadb_find_peer_entry found entry
10-20: 04:55:38:328:268 Leaving adjust_peer_list entry 000CF870 MMCount
0 QMCount 1
10-20: 04:55:38:328:268 isadb_set_status sa:0011DAD0 centry:000E6760
status 0
10-20: 04:55:38:343:268
10-20: 04:55:38:343:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
4.4500
10-20: 04:55:38:343:268 ISAKMP Header: (V1.0), len = 52
10-20: 04:55:38:343:268 I-COOKIE 39cb29bc833401b6
10-20: 04:55:38:343:268 R-COOKIE ae20b66308240023
10-20: 04:55:38:343:268 exchange: Oakley Quick Mode
10-20: 04:55:38:343:268 flags: 1 ( encrypted )
10-20: 04:55:38:343:268 next payload: HASH
10-20: 04:55:38:343:268 message ID: 23135286
10-20: 04:55:38:343:268 Ports S:9411 D:9411
10-20: 04:56:22:859:268 Peer List Entry 000CF870
10-20: 04:56:38:359:268 CE Dead. sa:0011DAD0 ce:000E6760 status:35ef
10-20: 04:59:38:312:268 Expire_sa SA=11dad0
10-20: 04:59:38:312:268 SA Dead. sa:0011DAD0 status:35ef
10-20: 04:59:38:312:268 isadb_set_status sa:0011DAD0 centry:00000000
status 35ef
10-20: 04:59:38:312:268 constructing ISAKMP Header
10-20: 04:59:38:312:268 constructing HASH (null)
10-20: 04:59:38:312:268 constructing DELETE. MM 0011DAD0
10-20: 04:59:38:312:268 constructing HASH (Notify/Delete)
10-20: 04:59:38:312:268 Not setting retransmit to downlevel client. SA
0011DAD0 Centry 00000000
10-20: 04:59:38:312:268
10-20: 04:59:38:312:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
1.4500
10-20: 04:59:38:312:268 ISAKMP Header: (V1.0), len = 84
10-20: 04:59:38:312:268 I-COOKIE 39cb29bc833401b6
10-20: 04:59:38:312:268 R-COOKIE ae20b66308240023
10-20: 04:59:38:312:268 exchange: ISAKMP Informational Exchange
10-20: 04:59:38:312:268 flags: 1 ( encrypted )
10-20: 04:59:38:312:268 next payload: HASH
10-20: 04:59:38:312:268 message ID: 4560fdfd
10-20: 04:59:38:312:268 Ports S:9411 D:9411
10-20: 04:59:38:312:268
10-20: 04:59:38:312:268 Receive: (get) SA = 0x0011dad0 from
x.x.x.187.4500
10-20: 04:59:38:312:268 ISAKMP Header: (V1.0), len = 84
10-20: 04:59:38:312:268 I-COOKIE 39cb29bc833401b6
10-20: 04:59:38:312:268 R-COOKIE ae20b66308240023
10-20: 04:59:38:312:268 exchange: ISAKMP Informational Exchange
10-20: 04:59:38:312:268 flags: 1 ( encrypted )
10-20: 04:59:38:312:268 next payload: HASH
10-20: 04:59:38:312:268 message ID: 87995d15
10-20: 04:59:38:312:268 processing HASH (Notify/Delete)
10-20: 04:59:38:312:268 processing payload DELETE
10-20: 05:00:07:890:268 Peer List Entry 000CF870
10-20: 05:03:52:890:268 Peer List Entry 000CF870
10-20: 05:07:37:890:268 Peer List Entry 000CF870
Any help or pointers on where to look and what to try would be greatly
appreciated - John
--
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan at opensourcedevel.com
If you would like to participate in the development of an open source
enterprise class network security management system, please visit
http://iscs.sourceforge.net
More information about the Users
mailing list