[Openswan Users] Windows rekey problem
John A. Sullivan III
jsullivan at opensourcedevel.com
Thu Oct 20 16:47:26 CEST 2005
Please pardon the top post but the original e-mail is very long. We've
tried using the 2.4.2dr2 version and are experiencing the same problems.
I do not suspect that it is a throughput problem as the testing consists
of persistent 32 byte pings (default) to seven different addresses.
They all break at exactly the same time which indicates the tunnel
between the windows client and the OSW gateway is breaking rather than
any of the individual tunnels to the CyberGuards in the branch offices.
I'm not sure where to turn on this one. Has anyone experienced and
resolved similar problems? With what configuration? Thanks - John
On Thu, 2005-10-20 at 04:41 -0400, John A. Sullivan III wrote:
> Well, after two all-nighters, I ready to pack it in for a while but I
> still haven't solved my problem. We are running an openswan 2.3.1
> gateway on a xen domU (virtual machine) on kernel 2.4.30 using fedora
> core 3. The client is a windows station using ipsec only via the
> lsipsectool (http://sourceforge.net/projects/lsipsectool). The client
> is behind a NAT gateway. The openswan gateway is directly connected to
> the Internet. As a slight twist, the OSW gateway and the NAT gateway
> (protecting the windows client) are on the same public network as this
> is a test lab. By the way, the gateway is strictly a roadwarrior
> gateway; it has one NIC and connects the roadwarriors to their offices
> via other IPSec tunnels terminated by CyberGuard SG570s. Those tunnels
> are perfectly stable (well, except for the one SG575 - I had to turn off
> compression to make that work reliably).
>
> We are not able to sustain the connection. It connects just fine.
> However, after a while, the connection fails and it appears to be a
> Phase I (ISAKMP) rekeying problem. I assume this is not the NAT-T bug
> which was fixed in 2.3.1. The postings seemed to indicate a "no
> connection found" error; we do not receive that kind of an error.
>
> I did manage to catch the failure in the act on both sides so I will
> include an excerpt from /var/log/secure and the windows oakley log.
>
> I've tried several solutions but to no avail. I have turned off
> compression. I've tried setting the OSW gateway to rekey=no and
> rekey=yes. I've tried a ikelifetime of 8h to match the seemingly hard
> coded windows value and I've tried 40m. I set leftsendcert=always.
> This is supposed to be released to production any time now so I would
> greatly appreciate any help.
>
> Here is the edited ipsec.conf:
>
> version 2
>
> # basic configuration
> config setup
> # THIS SETTING MUST BE CORRECT or almost nothing will work;
> # %defaultroute is okay for most simple cases.
> interfaces="ipsec0=eth0"
> # Debug-logging controls: "none" for (almost) none, "all" for
> lots.
> #klipsdebug=none
> #plutodebug=all
> # Use auto= parameters in conn descriptions to control startup
> actions.
> #plutoload=%search
> #plutostart=%search
> plutowait=no
> # Close down old connection when new one using same ID shows up.
> hidetos=no
> uniqueids=yes
> nat_traversal=yes
> virtual_private=%v4:192.168.0.0/16,%v4:10.0.0.0/8,%
> v4:172.16.0.0/12
>
> # defaults for subsequent connection descriptions
> # (these defaults will soon go away)
> conn %default
> keyingtries=10
> disablearrivalcheck=no
> authby=rsasig
> left=x.x.x.187
> leftnexthop=x.x.x.185
> leftrsasigkey=%cert
> leftcert=niagararasgwc.pem
> leftid="C=US,O=Niagara,OU=VPNGateways,CN=NiagaraRASGW"
> rightrsasigkey=%cert
> keylife=20m
> rekeymargin=5m
> ikelifetime=3h
>
> # disable opportunistic encryption
> include /etc/ipsec.d/examples/no_oe.conf
>
> conn RAS10
> leftsubnet=10.0.0.0/8
> also=RAS
>
> conn RAS192
> leftsubnet=192.168.0.0/16
> also=RAS
>
> conn RAS172
> leftsubnet=172.16.0.0/12
> also=RAS
>
> conn RASAny
> leftsubnet=0.0.0.0/0.0.0.0
> also=RAS
>
> conn RAS
> right=%any
> rightsubnet=vnet:%priv,%no
> leftupdown=/etc/PEP/X509updown
> ikelifetime=8h
> rekey=yes
> compress=no
> leftsendcert=always
> auto=add
>
> Here is an excerpt from /var/log/secure. It shows the successful
> initial negotiation, the failure and then a successful manual rekey,
> i.e., I restarted the connection:
>
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: packet from x.x.x.186:500:
> ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: packet from x.x.x.186:500:
> ignoring Vendor ID payload [FRAGMENTATION]
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: packet from x.x.x.186:500:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set
> to=106
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: packet from x.x.x.186:500:
> ignoring Vendor ID payload [Vid-Initial-Contact]
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[1] x.x.x.186 #143:
> responding to Main Mode from unknown peer x.x.x.186
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[1] x.x.x.186 #143:
> transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[1] x.x.x.186 #143:
> NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is
> NATed
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[1] x.x.x.186 #143:
> transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[1] x.x.x.186 #143: Main
> mode peer ID is ID_DER_ASN1_DN: 'C=US, OU=Exec, OU=Cons, OU=Eng,
> O=Atlas, CN=jo
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[1] x.x.x.186 #143: no
> crl from issuer "C=US, O=Atlas, OU=PKI, CN=NiagaraCA" found (strict=no)
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[2] x.x.x.186 #143:
> deleting connection "RAS" instance with peer x.x.x.186
> {isakmp=#0/ipsec=#0}
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[2] x.x.x.186 #143: I am
> sending my cert
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[2] x.x.x.186 #143:
> transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: | NAT-T: new mapping
> x.x.x.186:500/4500)
> Oct 19 23:11:22 NiagaraRASGW pluto[12259]: "RAS"[2] x.x.x.186 #143: sent
> MR3, ISAKMP SA established
> Oct 19 23:11:23 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #144:
> responding to Quick Mode {msgid:fca45e9e}
> Oct 19 23:11:23 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #144:
> transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 19 23:11:23 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #144:
> transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 19 23:11:23 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #144:
> IPsec SA established {ESP=>0x45cee8ad <0xf558025a xfrm=3DES_0-HMAC_SHA1
> NATD=24.7
> [SUCCESSFUL INITIATION ABOVE]
>
> Oct 19 23:15:23 NiagaraRASGW pluto[12259]: "RAS"[2] x.x.x.186 #143:
> received Delete SA payload: deleting ISAKMP State #143
> Oct 19 23:15:23 NiagaraRASGW pluto[12259]: "RAS"[2] x.x.x.186: deleting
> connection "RAS" instance with peer x.x.x.186 {isakmp=#0/ipsec=#0}
> Oct 19 23:15:23 NiagaraRASGW pluto[12259]: packet from x.x.x.186:4500:
> received and ignored informational message
>
> [I THINK IT DID NOT BREAK UNTIL HERE]
> Oct 19 23:28:53 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> initiating Main Mode
> Oct 19 23:28:53 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set
> to=108
> Oct 19 23:28:53 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
> Oct 19 23:28:53 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
> Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT
> detected
> Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211: I
> am sending my cert
> Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211: I
> am sending a certificate request
> Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
> Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> next payload type of ISAKMP Hash Payload has an unknown value: 156
> Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> malformed payload in packet
> Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> sending notification PAYLOAD_MALFORMED to x.x.x.186:500
> Oct 19 23:28:54 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> failed to build notification for spisize=0
>
> Oct 19 23:29:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> discarding duplicate packet; already STATE_MAIN_I3
> Oct 19 23:29:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> next payload type of ISAKMP Hash Payload has an unknown value: 168
> Oct 19 23:29:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> malformed payload in packet
> Oct 19 23:29:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> sending notification PAYLOAD_MALFORMED to x.x.x.186:500
> Oct 19 23:29:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> failed to build notification for spisize=0
>
> Oct 19 23:29:24 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> next payload type of ISAKMP Hash Payload has an unknown value: 41
> Oct 19 23:29:24 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> malformed payload in packet
> Oct 19 23:29:24 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> sending notification PAYLOAD_MALFORMED to x.x.x.186:500
> Oct 19 23:29:24 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> failed to build notification for spisize=0
> Oct 19 23:29:24 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> discarding duplicate packet; already STATE_MAIN_I3
>
> Oct 19 23:30:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> max number of retransmissions (2) reached STATE_MAIN_I3. Possible
> authentication
> Oct 19 23:30:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #211:
> starting keying attempt 2 of at most 10
> Oct 19 23:30:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> initiating Main Mode to replace #211
> Oct 19 23:30:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set
> to=108
> Oct 19 23:30:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
> Oct 19 23:30:04 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
> Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT
> detected
> Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215: I
> am sending my cert
> Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215: I
> am sending a certificate request
> Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
> Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> next payload type of ISAKMP Hash Payload has an unknown value: 86
> Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> malformed payload in packet
> Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> sending notification PAYLOAD_MALFORMED to x.x.x.186:500
> Oct 19 23:30:05 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> failed to build notification for spisize=0
>
> Oct 19 23:30:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> discarding duplicate packet; already STATE_MAIN_I3
> Oct 19 23:30:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> next payload type of ISAKMP Hash Payload has an unknown value: 25
> Oct 19 23:30:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> malformed payload in packet
> Oct 19 23:30:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> sending notification PAYLOAD_MALFORMED to x.x.x.186:500
> Oct 19 23:30:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> failed to build notification for spisize=0
>
> Oct 19 23:30:35 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> discarding duplicate packet; already STATE_MAIN_I3
> Oct 19 23:30:35 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> next payload type of ISAKMP Hash Payload has an unknown value: 190
> Oct 19 23:30:35 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> malformed payload in packet
> Oct 19 23:30:35 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> sending notification PAYLOAD_MALFORMED to x.x.x.186:500
> Oct 19 23:30:35 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> failed to build notification for spisize=0
>
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> max number of retransmissions (2) reached STATE_MAIN_I3. Possible
> authentication
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #215:
> starting keying attempt 3 of at most 10
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> initiating Main Mode to replace #215
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set
> to=108
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT
> detected
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219: I
> am sending my cert
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219: I
> am sending a certificate request
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> next payload type of ISAKMP Hash Payload has an unknown value: 253
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> malformed payload in packet
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> sending notification PAYLOAD_MALFORMED to x.x.x.186:500
> Oct 19 23:31:15 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> failed to build notification for spisize=0
>
> [Or maybe it really broke here - we did catch it right away]
> Oct 19 23:31:23 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #144:
> IPsec SA expired (--dontrekey)
> Oct 19 23:31:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> discarding duplicate packet; already STATE_MAIN_I3
> Oct 19 23:31:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> next payload type of ISAKMP Hash Payload has an unknown value: 210
> Oct 19 23:31:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> malformed payload in packet
> Oct 19 23:31:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> sending notification PAYLOAD_MALFORMED to x.x.x.186:500
> Oct 19 23:31:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> failed to build notification for spisize=0
>
> Oct 19 23:31:45 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> next payload type of ISAKMP Hash Payload has an unknown value: 195
> Oct 19 23:31:45 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> malformed payload in packet
> Oct 19 23:31:45 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> sending notification PAYLOAD_MALFORMED to x.x.x.186:500
> Oct 19 23:31:45 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> failed to build notification for spisize=0
>
> [Manually restarted connection here]
> Oct 19 23:31:53 NiagaraRASGW pluto[12259]: packet from x.x.x.186:4500:
> Informational Exchange is for an unknown (expired?) SA
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: packet from x.x.x.186:1:
> ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: packet from x.x.x.186:1:
> ignoring Vendor ID payload [FRAGMENTATION]
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: packet from x.x.x.186:1:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set
> to=106
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: packet from x.x.x.186:1:
> ignoring Vendor ID payload [Vid-Initial-Contact]
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RAS"[3] x.x.x.186 #223:
> responding to Main Mode from unknown peer x.x.x.186
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RAS"[3] x.x.x.186 #223:
> transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RAS"[3] x.x.x.186 #223:
> NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is
> NATed
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RAS"[3] x.x.x.186 #223:
> transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RAS"[3] x.x.x.186 #223: Main
> mode peer ID is ID_DER_ASN1_DN: 'C=US, OU=Exec, OU=Cons, OU=Eng,
> O=Atlas, CN=jo
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RAS"[3] x.x.x.186 #223: no
> crl from issuer "C=US, O=Atlas, OU=PKI, CN=NiagaraCA" found (strict=no)
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #223:
> deleting connection "RAS" instance with peer x.x.x.186
> {isakmp=#0/ipsec=#0}
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #223: I
> am sending my cert
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #223:
> transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: | NAT-T: new mapping
> x.x.x.186:1/4500)
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #223:
> sent MR3, ISAKMP SA established
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #224:
> responding to Quick Mode {msgid:222f5b21}
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #224:
> transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #224:
> transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
> Oct 19 23:31:55 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #224:
> IPsec SA established {ESP=>0xdbcfb44c <0xf5580292 xfrm=3DES_0-HMAC_SHA1
> NATD=24.7
>
> Oct 19 23:32:13 NiagaraRASGW sshd[14166]: Accepted password for root
> from 192.168.223.15 port 1040 ssh2
>
> Oct 19 23:32:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> max number of retransmissions (2) reached STATE_MAIN_I3. Possible
> authentication
> Oct 19 23:32:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #219:
> starting keying attempt 4 of at most 10
> Oct 19 23:32:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #228:
> initiating Main Mode to replace #219
> Oct 19 23:32:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #228:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set
> to=108
> Oct 19 23:32:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #228:
> enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
> Oct 19 23:32:25 NiagaraRASGW pluto[12259]: "RASAny"[1] x.x.x.186 #228:
> transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
>
> Here is the Oakley log from the windows station. It is three hours and
> fifty four minutes ahead of the OSW gateway (it's a dual boot station
> getting around the Windows problem with the system clock set to UTC).
> There is an example of a different failure from the one above in this
> log at the very end although there may be fragments of the same failure
> as the /var/log/secure file. The failure appears to start at 4:38
> although the problem didn't manifest itself until around 4:55 when the
> IPSec SA expired and could not negotiate a new ISAKMP SA. The Windows
> client is set to rekey phase II every 300 seconds.
>
> 10-20: 03:00:07:593:784 Initialization OK
> 10-20: 03:05:11:15:7e8 Acquire from driver: op=00000006
> src=192.168.223.15.0 dst=10.1.1.36.0 proto = 0, SrcMask=255.255.255.255,
> DstMask=0.0.0.0, Tunnel 1, TunnelEndpt=x.x.x.187 Inbound
> TunnelEndpt=192.168.223.15
> 10-20: 03:05:11:15:268 Filter to match: Src x.x.x.187 Dst 192.168.223.15
> 10-20: 03:05:11:62:268 MM PolicyName: 1
> 10-20: 03:05:11:62:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
> 10-20: 03:05:11:62:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
> 10-20: 03:05:11:62:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
> 10-20: 03:05:11:62:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
> CN=NiagaraCA AuthFlags 0
> 10-20: 03:05:11:62:268 QM PolicyName: x4
> {849d92b4-e903-4752-8225-b487ee66c2ed} dwFlags 1
> 10-20: 03:05:11:62:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
> 10-20: 03:05:11:62:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
> 10-20: 03:05:11:62:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:05:11:62:268 Starting Negotiation: src = 192.168.223.15.0500,
> dst = x.x.x.187.0500, proto = 00, context = 00000006, ProxySrc =
> 192.168.223.15.0000, ProxyDst = 0.0.0.0.0000 SrcMask = 255.255.255.255
> DstMask = 0.0.0.0
> 10-20: 03:05:11:62:268 constructing ISAKMP Header
> 10-20: 03:05:11:62:268 constructing SA (ISAKMP)
> 10-20: 03:05:11:62:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
> 10-20: 03:05:11:78:268 Constructing Vendor FRAGMENTATION
> 10-20: 03:05:11:78:268 Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
> 10-20: 03:05:11:78:268 Constructing Vendor Vid-Initial-Contact
> 10-20: 03:05:11:78:268
> 10-20: 03:05:11:78:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
> 10-20: 03:05:11:78:268 ISAKMP Header: (V1.0), len = 168
> 10-20: 03:05:11:78:268 I-COOKIE e846ca024fa64e8b
> 10-20: 03:05:11:78:268 R-COOKIE 0000000000000000
> 10-20: 03:05:11:78:268 exchange: Oakley Main Mode
> 10-20: 03:05:11:78:268 flags: 0
> 10-20: 03:05:11:78:268 next payload: SA
> 10-20: 03:05:11:78:268 message ID: 00000000
> 10-20: 03:05:11:78:268 Ports S:f401 D:f401
> 10-20: 03:05:11:78:268
> 10-20: 03:05:11:78:268 Receive: (get) SA = 0x000e86b8 from x.x.x.187.500
> 10-20: 03:05:11:78:268 ISAKMP Header: (V1.0), len = 140
> 10-20: 03:05:11:78:268 I-COOKIE e846ca024fa64e8b
> 10-20: 03:05:11:78:268 R-COOKIE f58016155872010a
> 10-20: 03:05:11:78:268 exchange: Oakley Main Mode
> 10-20: 03:05:11:78:268 flags: 0
> 10-20: 03:05:11:78:268 next payload: SA
> 10-20: 03:05:11:78:268 message ID: 00000000
> 10-20: 03:05:11:78:268 processing payload SA
> 10-20: 03:05:11:78:268 Received Phase 1 Transform 1
> 10-20: 03:05:11:93:268 Encryption Alg Triple DES CBC(5)
> 10-20: 03:05:11:93:268 Hash Alg SHA(2)
> 10-20: 03:05:11:93:268 Oakley Group 2
> 10-20: 03:05:11:93:268 Auth Method RSA Signature with
> Certificates(3)
> 10-20: 03:05:11:93:268 Life type in Seconds
> 10-20: 03:05:11:93:268 Life duration of 300
> 10-20: 03:05:11:93:268 Phase 1 SA accepted: transform=1
> 10-20: 03:05:11:93:268 SA - Oakley proposal accepted
> 10-20: 03:05:11:93:268 processing payload VENDOR ID
> 10-20: 03:05:11:93:268 processing payload VENDOR ID
> 10-20: 03:05:11:93:268 processing payload VENDOR ID
> 10-20: 03:05:11:93:268 Received VendorId draft-ietf-ipsec-nat-t-ike-02
> 10-20: 03:05:11:93:268 ClearFragList
> 10-20: 03:05:11:93:268 constructing ISAKMP Header
> 10-20: 03:05:11:125:268 constructing KE
> 10-20: 03:05:11:125:268 constructing NONCE (ISAKMP)
> 10-20: 03:05:11:125:268 Constructing NatDisc
> 10-20: 03:05:11:125:268
> 10-20: 03:05:11:125:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
> 10-20: 03:05:11:125:268 ISAKMP Header: (V1.0), len = 232
> 10-20: 03:05:11:125:268 I-COOKIE e846ca024fa64e8b
> 10-20: 03:05:11:125:268 R-COOKIE f58016155872010a
> 10-20: 03:05:11:125:268 exchange: Oakley Main Mode
> 10-20: 03:05:11:125:268 flags: 0
> 10-20: 03:05:11:125:268 next payload: KE
> 10-20: 03:05:11:125:268 message ID: 00000000
> 10-20: 03:05:11:125:268 Ports S:f401 D:f401
> 10-20: 03:05:11:140:268
> 10-20: 03:05:11:140:268 Receive: (get) SA = 0x000e86b8 from
> x.x.x.187.500
> 10-20: 03:05:11:140:268 ISAKMP Header: (V1.0), len = 228
> 10-20: 03:05:11:140:268 I-COOKIE e846ca024fa64e8b
> 10-20: 03:05:11:140:268 R-COOKIE f58016155872010a
> 10-20: 03:05:11:140:268 exchange: Oakley Main Mode
> 10-20: 03:05:11:140:268 flags: 0
> 10-20: 03:05:11:140:268 next payload: KE
> 10-20: 03:05:11:140:268 message ID: 00000000
> 10-20: 03:05:11:140:268 processing payload KE
> 10-20: 03:05:11:156:268 processing payload NONCE
> 10-20: 03:05:11:156:268 processing payload NATDISC
> 10-20: 03:05:11:156:268 Processing NatHash
> 10-20: 03:05:11:156:268 Nat hash 3682cdcdd487c4717fe4116617112445
> 10-20: 03:05:11:156:268 955fd06e
> 10-20: 03:05:11:156:268 SA StateMask2 1f
> 10-20: 03:05:11:156:268 processing payload NATDISC
> 10-20: 03:05:11:156:268 Processing NatHash
> 10-20: 03:05:11:156:268 Nat hash d5c4823b7cf7bdfe04d9df065c4d8a9b
> 10-20: 03:05:11:156:268 ef8df53f
> 10-20: 03:05:11:156:268 SA StateMask2 9f
> 10-20: 03:05:11:156:268 ClearFragList
> 10-20: 03:05:11:156:268 Floated Ports Orig Me:f401 Peer:f401
> 10-20: 03:05:11:156:268 Floated Ports Me:9411 Peer:9411
> 10-20: 03:05:11:156:268 constructing ISAKMP Header
> 10-20: 03:05:11:156:268 constructing ID
> 10-20: 03:05:11:156:268 Received no valid CRPs. Using all configured
> 10-20: 03:05:11:156:268 Looking for IPSec only cert
> 10-20: 03:05:11:156:268 failed to get chain 80092004
> 10-20: 03:05:11:156:268 Looking for any cert
> 10-20: 03:05:11:312:268 Cert Trustes. 0 100
> 10-20: 03:05:11:312:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 03:05:11:312:268 6fb09c33
> 10-20: 03:05:11:468:268 Entered CRL check
> 10-20: 03:05:11:500:268 Left CRL check
> 10-20: 03:05:11:500:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 03:05:11:500:268 6fb09c33
> 10-20: 03:05:11:500:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
> O=Atlas, CN=john.sullivan
> 10-20: 03:05:11:500:268 Cert Serialnumber 32
> 10-20: 03:05:11:500:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 03:05:11:500:268 6fb09c33
> 10-20: 03:05:11:500:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 03:05:11:500:268 Cert Serialnumber 00
> 10-20: 03:05:11:500:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 03:05:11:500:268 7e34f701
> 10-20: 03:05:11:500:268 Not storing My cert chain in SA.
> 10-20: 03:05:11:500:268 MM ID Type 9
> 10-20: 03:05:11:500:268 MM ID 3061310b300906035504061302555331
> 10-20: 03:05:11:500:268 0d300b060355040b130445786563310d
> 10-20: 03:05:11:500:268 300b060355040b1304436f6e73310c30
> 10-20: 03:05:11:500:268 0a060355040b1303456e67310e300c06
> 10-20: 03:05:11:500:268 0355040a130541746c61733116301406
> 10-20: 03:05:11:500:268 03550403130d6a6f686e2e73756c6c69
> 10-20: 03:05:11:500:268 76616e
> 10-20: 03:05:11:500:268 constructing CERT
> 10-20: 03:05:11:500:268 Construct SIG
> 10-20: 03:05:11:515:268 Constructing Cert Request
> 10-20: 03:05:11:515:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 03:05:11:515:268
> 10-20: 03:05:11:515:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
> 2.4500
> 10-20: 03:05:11:515:268 ISAKMP Header: (V1.0), len = 1188
> 10-20: 03:05:11:515:268 I-COOKIE e846ca024fa64e8b
> 10-20: 03:05:11:515:268 R-COOKIE f58016155872010a
> 10-20: 03:05:11:515:268 exchange: Oakley Main Mode
> 10-20: 03:05:11:515:268 flags: 1 ( encrypted )
> 10-20: 03:05:11:515:268 next payload: ID
> 10-20: 03:05:11:515:268 message ID: 00000000
> 10-20: 03:05:11:515:268 Ports S:9411 D:9411
> 10-20: 03:05:11:515:268
> 10-20: 03:05:11:515:268 Receive: (get) SA = 0x000e86b8 from
> x.x.x.187.4500
> 10-20: 03:05:11:515:268 ISAKMP Header: (V1.0), len = 1036
> 10-20: 03:05:11:515:268 I-COOKIE e846ca024fa64e8b
> 10-20: 03:05:11:515:268 R-COOKIE f58016155872010a
> 10-20: 03:05:11:515:268 exchange: Oakley Main Mode
> 10-20: 03:05:11:515:268 flags: 1 ( encrypted )
> 10-20: 03:05:11:515:268 next payload: ID
> 10-20: 03:05:11:515:268 message ID: 00000000
> 10-20: 03:05:11:531:268 processing payload ID
> 10-20: 03:05:11:531:268 processing payload CERT
> 10-20: 03:05:11:531:268 processing payload SIG
> 10-20: 03:05:11:531:268 Verifying CertStore
> 10-20: 03:05:11:531:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 03:05:11:531:268 Cert Serialnumber 31
> 10-20: 03:05:11:531:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 03:05:11:531:268 810b3d66
> 10-20: 03:05:11:531:268 Cert Trustes. 0 100
> 10-20: 03:05:11:531:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 03:05:11:531:268 Cert Serialnumber 31
> 10-20: 03:05:11:531:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 03:05:11:531:268 810b3d66
> 10-20: 03:05:11:531:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 03:05:11:531:268 Cert Serialnumber 00
> 10-20: 03:05:11:531:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 03:05:11:531:268 7e34f701
> 10-20: 03:05:11:531:268 Not storing Peer's cert chain in SA.
> 10-20: 03:05:11:531:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 03:05:11:531:268 810b3d66
> 10-20: 03:05:11:531:268 Entered CRL check
> 10-20: 03:05:11:531:268 Left CRL check
> 10-20: 03:05:11:531:268 Signature validated
> 10-20: 03:05:11:531:268 ClearFragList
> 10-20: 03:05:11:531:268 MM established. SA: 000E86B8
> 10-20: 03:05:11:531:268 QM PolicyName: x4
> {849d92b4-e903-4752-8225-b487ee66c2ed} dwFlags 1
> 10-20: 03:05:11:531:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
> 10-20: 03:05:11:531:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
> 10-20: 03:05:11:531:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:05:11:531:268 GetSpi: src = 0.0.0.0.0000, dst =
> 192.168.223.15.0000, proto = 00, context = 00000006, srcMask = 0.0.0.0,
> destMask = 255.255.255.255, TunnelFilter 1
> 10-20: 03:05:11:531:268 Setting SPI 1171187885
> 10-20: 03:05:11:531:268 constructing ISAKMP Header
> 10-20: 03:05:11:531:268 constructing HASH (null)
> 10-20: 03:05:11:531:268 constructing SA (IPSEC)
> 10-20: 03:05:11:531:268 constructing QM KE
> 10-20: 03:05:11:562:268 constructing NONCE (IPSEC)
> 10-20: 03:05:11:562:268 constructing ID (proxy)
> 10-20: 03:05:11:562:268 constructing ID (proxy)
> 10-20: 03:05:11:562:268 constructing HASH (QM)
> 10-20: 03:05:11:562:268
> 10-20: 03:05:11:562:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
> 2.4500
> 10-20: 03:05:11:562:268 ISAKMP Header: (V1.0), len = 284
> 10-20: 03:05:11:562:268 I-COOKIE e846ca024fa64e8b
> 10-20: 03:05:11:562:268 R-COOKIE f58016155872010a
> 10-20: 03:05:11:562:268 exchange: Oakley Quick Mode
> 10-20: 03:05:11:562:268 flags: 1 ( encrypted )
> 10-20: 03:05:11:562:268 next payload: HASH
> 10-20: 03:05:11:562:268 message ID: 9e5ea4fc
> 10-20: 03:05:11:562:268 Ports S:9411 D:9411
> 10-20: 03:05:11:562:268
> 10-20: 03:05:11:562:268 Receive: (get) SA = 0x000e86b8 from
> x.x.x.187.4500
> 10-20: 03:05:11:562:268 ISAKMP Header: (V1.0), len = 276
> 10-20: 03:05:11:562:268 I-COOKIE e846ca024fa64e8b
> 10-20: 03:05:11:562:268 R-COOKIE f58016155872010a
> 10-20: 03:05:11:562:268 exchange: Oakley Quick Mode
> 10-20: 03:05:11:562:268 flags: 1 ( encrypted )
> 10-20: 03:05:11:562:268 next payload: HASH
> 10-20: 03:05:11:562:268 message ID: 9e5ea4fc
> 10-20: 03:05:11:562:268 processing HASH (QM)
> 10-20: 03:05:11:562:268 ClearFragList
> 10-20: 03:05:11:562:268 processing payload NONCE
> 10-20: 03:05:11:562:268 processing payload KE
> 10-20: 03:05:11:562:268 Quick Mode KE processed; Saved KE data
> 10-20: 03:05:11:562:268 processing payload ID
> 10-20: 03:05:11:562:268 processing payload ID
> 10-20: 03:05:11:562:268 processing payload SA
> 10-20: 03:05:11:562:268 Negotiated Proxy ID: Src 192.168.223.15.0 Dst
> 0.0.0.0.0
> 10-20: 03:05:11:562:268 Dst id for subnet. Mask 0.0.0.0
> 10-20: 03:05:11:562:268 Checking Proposal 1: Proto= ESP(3), num trans=1
> Next=0
> 10-20: 03:05:11:562:268 Checking Transform # 1: ID=Triple DES CBC(3)
> 10-20: 03:05:11:562:268 tunnel mode is 61443(61443)
> 10-20: 03:05:11:562:268 HMAC algorithm is SHA(2)
> 10-20: 03:05:11:562:268 group description for PFS is 2
> 10-20: 03:05:11:562:268 Phase 2 SA accepted: proposal=1 transform=1
> 10-20: 03:05:11:578:268 constructing ISAKMP Header
> 10-20: 03:05:11:578:268 constructing HASH (QM)
> 10-20: 03:05:11:578:268 Adding QMs: src = 192.168.223.15.0000, dst =
> 0.0.0.0.0000, proto = 00, context = 00000006, my tunnel =
> 192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
> 0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 281 Direction 2
> EncapType 3
> 10-20: 03:05:11:578:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:05:11:578:268 Algo[0] MySpi: 1171187885 PeerSpi: 4116185690
> 10-20: 03:05:11:578:268 Encap Ports Src 4500 Dst 4500
> 10-20: 03:05:11:578:268 Skipping Outbound SA add
> 10-20: 03:05:11:578:268 Adding QMs: src = 192.168.223.15.0000, dst =
> 0.0.0.0.0000, proto = 00, context = 00000006, my tunnel =
> 192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
> 0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 281 Direction 3
> EncapType 3
> 10-20: 03:05:11:578:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:05:11:578:268 Algo[0] MySpi: 1171187885 PeerSpi: 4116185690
> 10-20: 03:05:11:578:268 Encap Ports Src 4500 Dst 4500
> 10-20: 03:05:11:578:268 Skipping Inbound SA add
> 10-20: 03:05:11:578:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
> 0 QMCount 1
> 10-20: 03:05:11:578:268 isadb_set_status sa:000E86B8 centry:000EA5E8
> status 0
> 10-20: 03:05:11:578:268
> 10-20: 03:05:11:578:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
> 4.4500
> 10-20: 03:05:11:578:268 ISAKMP Header: (V1.0), len = 52
> 10-20: 03:05:11:578:268 I-COOKIE e846ca024fa64e8b
> 10-20: 03:05:11:578:268 R-COOKIE f58016155872010a
> 10-20: 03:05:11:578:268 exchange: Oakley Quick Mode
> 10-20: 03:05:11:578:268 flags: 1 ( encrypted )
> 10-20: 03:05:11:578:268 next payload: HASH
> 10-20: 03:05:11:578:268 message ID: 9e5ea4fc
> 10-20: 03:05:11:578:268 Ports S:9411 D:9411
> 10-20: 03:06:11:593:268 CE Dead. sa:000E86B8 ce:000EA5E8 status:35ef
> 10-20: 03:07:37:625:268 Peer List Entry 0012A2C0
> 10-20: 03:09:11:562:268 Expire_sa SA=e86b8
> 10-20: 03:09:11:562:268 SA Dead. sa:000E86B8 status:35ef
> 10-20: 03:09:11:562:268 isadb_set_status sa:000E86B8 centry:00000000
> status 35ef
> 10-20: 03:09:11:562:268 constructing ISAKMP Header
> 10-20: 03:09:11:562:268 constructing HASH (null)
> 10-20: 03:09:11:562:268 constructing DELETE. MM 000E86B8
> 10-20: 03:09:11:562:268 constructing HASH (Notify/Delete)
> 10-20: 03:09:11:562:268 Not setting retransmit to downlevel client. SA
> 000E86B8 Centry 00000000
> 10-20: 03:09:11:562:268
> 10-20: 03:09:11:562:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
> 1.4500
> 10-20: 03:09:11:562:268 ISAKMP Header: (V1.0), len = 84
> 10-20: 03:09:11:562:268 I-COOKIE e846ca024fa64e8b
> 10-20: 03:09:11:562:268 R-COOKIE f58016155872010a
> 10-20: 03:09:11:562:268 exchange: ISAKMP Informational Exchange
> 10-20: 03:09:11:562:268 flags: 1 ( encrypted )
> 10-20: 03:09:11:562:268 next payload: HASH
> 10-20: 03:09:11:562:268 message ID: af1c22ba
> 10-20: 03:09:11:562:268 Ports S:9411 D:9411
> 10-20: 03:09:11:562:268
> 10-20: 03:09:11:562:268 Receive: (get) SA = 0x000e86b8 from
> x.x.x.187.4500
> 10-20: 03:09:11:562:268 ISAKMP Header: (V1.0), len = 84
> 10-20: 03:09:11:562:268 I-COOKIE e846ca024fa64e8b
> 10-20: 03:09:11:562:268 R-COOKIE f58016155872010a
> 10-20: 03:09:11:562:268 exchange: ISAKMP Informational Exchange
> 10-20: 03:09:11:562:268 flags: 1 ( encrypted )
> 10-20: 03:09:11:562:268 next payload: HASH
> 10-20: 03:09:11:562:268 message ID: 84455498
> 10-20: 03:09:11:562:268 processing HASH (Notify/Delete)
> 10-20: 03:09:11:562:268 processing payload DELETE
> 10-20: 03:11:22:640:268 Peer List Entry 0012A2C0
> 10-20: 03:15:07:640:268 Peer List Entry 0012A2C0
> 10-20: 03:18:52:640:268 Peer List Entry 0012A2C0
> 10-20: 03:22:37:640:268 Peer List Entry 0012A2C0
> 10-20: 03:25:42:484:784 isadb_schedule_kill_oldPolicy_sas:
> a9a8c070-99f0-4682-a85621e9fefd1b97 4
> 10-20: 03:25:42:484:784 isadb_schedule_kill_oldPolicy_sas:
> e6105637-8e19-4d90-be17424b920e0d4f 4
> 10-20: 03:25:42:484:784 isadb_schedule_kill_oldPolicy_sas:
> 7fd6ee96-828e-4453-aacb226d14e9fec2 3
> 10-20: 03:25:42:484:784 isadb_schedule_kill_oldPolicy_sas:
> 8fdeb7f5-e227-4a23-8ef94fa12358b20e 3
> 10-20: 03:25:42:484:784 isadb_schedule_kill_oldPolicy_sas:
> 51496c15-5117-47eb-8492fb402e5d7711 1
> 10-20: 03:25:42:484:784 isadb_schedule_kill_oldPolicy_sas:
> 849d92b4-e903-4752-8225b487ee66c2ed 2
> 10-20: 03:25:42:484:268 QM Deleted. Notify from driver: Src
> 192.168.223.15 Dest 0.0.0.0 InSPI 1171187885 OutSpi 4116185690 Tunnel
> bbfb4b18 TunnelFilter 0
> 10-20: 03:25:42:484:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
> 0 QMCount 0
> 10-20: 03:25:42:484:268 constructing ISAKMP Header
> 10-20: 03:25:42:484:268 constructing HASH (null)
> 10-20: 03:25:42:484:268 Construct QM Delete Spi 1171187885
> 10-20: 03:25:42:484:268 constructing HASH (Notify/Delete)
> 10-20: 03:25:42:484:268 Not setting retransmit to downlevel client. SA
> 000E86B8 Centry 00000000
> 10-20: 03:25:42:484:268
> 10-20: 03:25:42:484:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
> 1.4500
> 10-20: 03:25:42:484:268 ISAKMP Header: (V1.0), len = 68
> 10-20: 03:25:42:484:268 I-COOKIE e846ca024fa64e8b
> 10-20: 03:25:42:484:268 R-COOKIE f58016155872010a
> 10-20: 03:25:42:484:268 exchange: ISAKMP Informational Exchange
> 10-20: 03:25:42:484:268 flags: 1 ( encrypted )
> 10-20: 03:25:42:484:268 next payload: HASH
> 10-20: 03:25:42:484:268 message ID: 390e89be
> 10-20: 03:25:42:484:268 Ports S:9411 D:9411
> 10-20: 03:25:42:484:268 PrivatePeerAddr 0
> 10-20: 03:25:42:500:3d4 entered kill_old_policy_sas 4
> 10-20: 03:25:42:500:3d4 entered kill_old_policy_sas 4
> 10-20: 03:25:42:500:3d4 entered kill_old_policy_sas 3
> 10-20: 03:25:42:500:3d4 entered kill_old_policy_sas 3
> 10-20: 03:25:42:500:3d4 entered kill_old_policy_sas 1
> 10-20: 03:25:42:500:3d4 entered kill_old_policy_sas 2
> 10-20: 03:25:43:843:7e8 Acquire from driver: op=00000007
> src=192.168.223.15.0 dst=10.1.1.36.0 proto = 0, SrcMask=255.255.255.255,
> DstMask=0.0.0.0, Tunnel 1, TunnelEndpt=x.x.x.187 Inbound
> TunnelEndpt=192.168.223.15
> 10-20: 03:25:43:843:268 Filter to match: Src x.x.x.187 Dst
> 192.168.223.15
> 10-20: 03:25:43:859:268 MM PolicyName: 2
> 10-20: 03:25:43:859:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
> 10-20: 03:25:43:859:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
> 10-20: 03:25:43:859:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
> 10-20: 03:25:43:859:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
> CN=NiagaraCA AuthFlags 0
> 10-20: 03:25:43:859:268 QM PolicyName: x4
> {f53078be-bfb6-49f7-b26c-d8c6879b89aa} dwFlags 1
> 10-20: 03:25:43:859:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
> 10-20: 03:25:43:859:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
> 10-20: 03:25:43:859:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:25:43:859:268 Starting Negotiation: src = 192.168.223.15.0500,
> dst = x.x.x.187.0500, proto = 00, context = 00000007, ProxySrc =
> 192.168.223.15.0000, ProxyDst = 0.0.0.0.0000 SrcMask = 255.255.255.255
> DstMask = 0.0.0.0
> 10-20: 03:25:43:859:268 constructing ISAKMP Header
> 10-20: 03:25:43:859:268 constructing SA (ISAKMP)
> 10-20: 03:25:43:859:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
> 10-20: 03:25:43:859:268 Constructing Vendor FRAGMENTATION
> 10-20: 03:25:43:859:268 Constructing Vendor
> draft-ietf-ipsec-nat-t-ike-02
> 10-20: 03:25:43:859:268 Constructing Vendor Vid-Initial-Contact
> 10-20: 03:25:43:859:268
> 10-20: 03:25:43:859:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
> 10-20: 03:25:43:859:268 ISAKMP Header: (V1.0), len = 168
> 10-20: 03:25:43:859:268 I-COOKIE 39c3ef73e9414846
> 10-20: 03:25:43:859:268 R-COOKIE 0000000000000000
> 10-20: 03:25:43:859:268 exchange: Oakley Main Mode
> 10-20: 03:25:43:859:268 flags: 0
> 10-20: 03:25:43:859:268 next payload: SA
> 10-20: 03:25:43:859:268 message ID: 00000000
> 10-20: 03:25:43:859:268 Ports S:f401 D:f401
> 10-20: 03:25:43:859:268
> 10-20: 03:25:43:859:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.500
> 10-20: 03:25:43:859:268 ISAKMP Header: (V1.0), len = 140
> 10-20: 03:25:43:859:268 I-COOKIE 39c3ef73e9414846
> 10-20: 03:25:43:859:268 R-COOKIE 8b4e99d8511141fc
> 10-20: 03:25:43:859:268 exchange: Oakley Main Mode
> 10-20: 03:25:43:859:268 flags: 0
> 10-20: 03:25:43:859:268 next payload: SA
> 10-20: 03:25:43:859:268 message ID: 00000000
> 10-20: 03:25:43:859:268 processing payload SA
> 10-20: 03:25:43:859:268 Received Phase 1 Transform 1
> 10-20: 03:25:43:859:268 Encryption Alg Triple DES CBC(5)
> 10-20: 03:25:43:859:268 Hash Alg SHA(2)
> 10-20: 03:25:43:859:268 Oakley Group 2
> 10-20: 03:25:43:859:268 Auth Method RSA Signature with
> Certificates(3)
> 10-20: 03:25:43:859:268 Life type in Seconds
> 10-20: 03:25:43:859:268 Life duration of 300
> 10-20: 03:25:43:859:268 Phase 1 SA accepted: transform=1
> 10-20: 03:25:43:859:268 SA - Oakley proposal accepted
> 10-20: 03:25:43:859:268 processing payload VENDOR ID
> 10-20: 03:25:43:859:268 processing payload VENDOR ID
> 10-20: 03:25:43:859:268 processing payload VENDOR ID
> 10-20: 03:25:43:859:268 Received VendorId draft-ietf-ipsec-nat-t-ike-02
> 10-20: 03:25:43:859:268 ClearFragList
> 10-20: 03:25:43:859:268 constructing ISAKMP Header
> 10-20: 03:25:43:890:268 constructing KE
> 10-20: 03:25:43:890:268 constructing NONCE (ISAKMP)
> 10-20: 03:25:43:890:268 Constructing NatDisc
> 10-20: 03:25:43:890:268
> 10-20: 03:25:43:890:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
> 10-20: 03:25:43:890:268 ISAKMP Header: (V1.0), len = 232
> 10-20: 03:25:43:890:268 I-COOKIE 39c3ef73e9414846
> 10-20: 03:25:43:890:268 R-COOKIE 8b4e99d8511141fc
> 10-20: 03:25:43:890:268 exchange: Oakley Main Mode
> 10-20: 03:25:43:890:268 flags: 0
> 10-20: 03:25:43:890:268 next payload: KE
> 10-20: 03:25:43:890:268 message ID: 00000000
> 10-20: 03:25:43:890:268 Ports S:f401 D:f401
> 10-20: 03:25:43:890:268
> 10-20: 03:25:43:890:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.500
> 10-20: 03:25:43:890:268 ISAKMP Header: (V1.0), len = 228
> 10-20: 03:25:43:890:268 I-COOKIE 39c3ef73e9414846
> 10-20: 03:25:43:890:268 R-COOKIE 8b4e99d8511141fc
> 10-20: 03:25:43:890:268 exchange: Oakley Main Mode
> 10-20: 03:25:43:890:268 flags: 0
> 10-20: 03:25:43:890:268 next payload: KE
> 10-20: 03:25:43:890:268 message ID: 00000000
> 10-20: 03:25:43:890:268 processing payload KE
> 10-20: 03:25:43:906:268 processing payload NONCE
> 10-20: 03:25:43:906:268 processing payload NATDISC
> 10-20: 03:25:43:906:268 Processing NatHash
> 10-20: 03:25:43:906:268 Nat hash e1353c77f1bc93300d10f908b82e8e5e
> 10-20: 03:25:43:906:268 ebf90175
> 10-20: 03:25:43:906:268 SA StateMask2 1f
> 10-20: 03:25:43:906:268 processing payload NATDISC
> 10-20: 03:25:43:906:268 Processing NatHash
> 10-20: 03:25:43:906:268 Nat hash cd8c4354179aff78c71faa66efaa7e6e
> 10-20: 03:25:43:906:268 35aba422
> 10-20: 03:25:43:906:268 SA StateMask2 5f
> 10-20: 03:25:43:906:268 ClearFragList
> 10-20: 03:25:43:906:268 Peer behind NAT
> 10-20: 03:25:43:906:268 Floated Ports Orig Me:f401 Peer:f401
> 10-20: 03:25:43:906:268 Floated Ports Me:9411 Peer:9411
> 10-20: 03:25:43:906:268 constructing ISAKMP Header
> 10-20: 03:25:43:906:268 constructing ID
> 10-20: 03:25:43:906:268 Received no valid CRPs. Using all configured
> 10-20: 03:25:43:906:268 Looking for IPSec only cert
> 10-20: 03:25:43:906:268 failed to get chain 80092004
> 10-20: 03:25:43:906:268 Looking for any cert
> 10-20: 03:25:43:906:268 Cert Trustes. 0 100
> 10-20: 03:25:43:906:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 03:25:43:906:268 6fb09c33
> 10-20: 03:25:43:906:268 Entered CRL check
> 10-20: 03:25:43:906:268 Left CRL check
> 10-20: 03:25:43:906:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 03:25:43:906:268 6fb09c33
> 10-20: 03:25:43:906:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
> O=Atlas, CN=john.sullivan
> 10-20: 03:25:43:906:268 Cert Serialnumber 32
> 10-20: 03:25:43:906:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 03:25:43:906:268 6fb09c33
> 10-20: 03:25:43:906:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 03:25:43:906:268 Cert Serialnumber 00
> 10-20: 03:25:43:906:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 03:25:43:906:268 7e34f701
> 10-20: 03:25:43:906:268 Not storing My cert chain in SA.
> 10-20: 03:25:43:906:268 MM ID Type 9
> 10-20: 03:25:43:906:268 MM ID 3061310b300906035504061302555331
> 10-20: 03:25:43:906:268 0d300b060355040b130445786563310d
> 10-20: 03:25:43:906:268 300b060355040b1304436f6e73310c30
> 10-20: 03:25:43:906:268 0a060355040b1303456e67310e300c06
> 10-20: 03:25:43:906:268 0355040a130541746c61733116301406
> 10-20: 03:25:43:906:268 03550403130d6a6f686e2e73756c6c69
> 10-20: 03:25:43:906:268 76616e
> 10-20: 03:25:43:906:268 constructing CERT
> 10-20: 03:25:43:906:268 Construct SIG
> 10-20: 03:25:43:921:268 Constructing Cert Request
> 10-20: 03:25:43:921:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 03:25:43:921:268
> 10-20: 03:25:43:921:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 2.4500
> 10-20: 03:25:43:921:268 ISAKMP Header: (V1.0), len = 1188
> 10-20: 03:25:43:921:268 I-COOKIE 39c3ef73e9414846
> 10-20: 03:25:43:921:268 R-COOKIE 8b4e99d8511141fc
> 10-20: 03:25:43:921:268 exchange: Oakley Main Mode
> 10-20: 03:25:43:921:268 flags: 1 ( encrypted )
> 10-20: 03:25:43:921:268 next payload: ID
> 10-20: 03:25:43:921:268 message ID: 00000000
> 10-20: 03:25:43:921:268 Ports S:9411 D:9411
> 10-20: 03:25:43:921:268
> 10-20: 03:25:43:921:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.4500
> 10-20: 03:25:43:921:268 ISAKMP Header: (V1.0), len = 1036
> 10-20: 03:25:43:921:268 I-COOKIE 39c3ef73e9414846
> 10-20: 03:25:43:921:268 R-COOKIE 8b4e99d8511141fc
> 10-20: 03:25:43:921:268 exchange: Oakley Main Mode
> 10-20: 03:25:43:921:268 flags: 1 ( encrypted )
> 10-20: 03:25:43:921:268 next payload: ID
> 10-20: 03:25:43:921:268 message ID: 00000000
> 10-20: 03:25:43:921:268 processing payload ID
> 10-20: 03:25:43:921:268 processing payload CERT
> 10-20: 03:25:43:921:268 processing payload SIG
> 10-20: 03:25:43:921:268 Verifying CertStore
> 10-20: 03:25:43:921:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 03:25:43:921:268 Cert Serialnumber 31
> 10-20: 03:25:43:921:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 03:25:43:921:268 810b3d66
> 10-20: 03:25:43:921:268 Cert Trustes. 0 100
> 10-20: 03:25:43:921:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 03:25:43:921:268 Cert Serialnumber 31
> 10-20: 03:25:43:921:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 03:25:43:921:268 810b3d66
> 10-20: 03:25:43:921:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 03:25:43:921:268 Cert Serialnumber 00
> 10-20: 03:25:43:921:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 03:25:43:937:268 7e34f701
> 10-20: 03:25:43:937:268 Not storing Peer's cert chain in SA.
> 10-20: 03:25:43:937:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 03:25:43:937:268 810b3d66
> 10-20: 03:25:43:937:268 Entered CRL check
> 10-20: 03:25:43:937:268 Left CRL check
> 10-20: 03:25:43:937:268 Signature validated
> 10-20: 03:25:43:937:268 ClearFragList
> 10-20: 03:25:43:937:268 MM established. SA: 0011DAD0
> 10-20: 03:25:43:937:268 QM PolicyName: x4
> {f53078be-bfb6-49f7-b26c-d8c6879b89aa} dwFlags 1
> 10-20: 03:25:43:937:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
> 10-20: 03:25:43:937:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
> 10-20: 03:25:43:937:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:25:43:937:268 GetSpi: src = 0.0.0.0.0000, dst =
> 192.168.223.15.0000, proto = 00, context = 00000007, srcMask = 0.0.0.0,
> destMask = 255.255.255.255, TunnelFilter 1
> 10-20: 03:25:43:937:268 Setting SPI 3687822412
> 10-20: 03:25:43:937:268 constructing ISAKMP Header
> 10-20: 03:25:43:937:268 constructing HASH (null)
> 10-20: 03:25:43:937:268 constructing SA (IPSEC)
> 10-20: 03:25:43:937:268 constructing QM KE
> 10-20: 03:25:43:968:268 constructing NONCE (IPSEC)
> 10-20: 03:25:43:968:268 constructing ID (proxy)
> 10-20: 03:25:43:968:268 constructing ID (proxy)
> 10-20: 03:25:43:968:268 constructing HASH (QM)
> 10-20: 03:25:43:968:268
> 10-20: 03:25:43:968:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 2.4500
> 10-20: 03:25:43:968:268 ISAKMP Header: (V1.0), len = 284
> 10-20: 03:25:43:968:268 I-COOKIE 39c3ef73e9414846
> 10-20: 03:25:43:968:268 R-COOKIE 8b4e99d8511141fc
> 10-20: 03:25:43:968:268 exchange: Oakley Quick Mode
> 10-20: 03:25:43:968:268 flags: 1 ( encrypted )
> 10-20: 03:25:43:968:268 next payload: HASH
> 10-20: 03:25:43:968:268 message ID: 215b2f22
> 10-20: 03:25:43:968:268 Ports S:9411 D:9411
> 10-20: 03:25:43:968:268
> 10-20: 03:25:43:968:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.4500
> 10-20: 03:25:43:968:268 ISAKMP Header: (V1.0), len = 276
> 10-20: 03:25:43:968:268 I-COOKIE 39c3ef73e9414846
> 10-20: 03:25:43:968:268 R-COOKIE 8b4e99d8511141fc
> 10-20: 03:25:43:968:268 exchange: Oakley Quick Mode
> 10-20: 03:25:43:968:268 flags: 1 ( encrypted )
> 10-20: 03:25:43:968:268 next payload: HASH
> 10-20: 03:25:43:968:268 message ID: 215b2f22
> 10-20: 03:25:43:968:268 processing HASH (QM)
> 10-20: 03:25:43:968:268 ClearFragList
> 10-20: 03:25:43:968:268 processing payload NONCE
> 10-20: 03:25:43:968:268 processing payload KE
> 10-20: 03:25:43:968:268 Quick Mode KE processed; Saved KE data
> 10-20: 03:25:43:968:268 processing payload ID
> 10-20: 03:25:43:968:268 processing payload ID
> 10-20: 03:25:43:968:268 processing payload SA
> 10-20: 03:25:43:968:268 Negotiated Proxy ID: Src 192.168.223.15.0 Dst
> 0.0.0.0.0
> 10-20: 03:25:43:968:268 Dst id for subnet. Mask 0.0.0.0
> 10-20: 03:25:43:968:268 Checking Proposal 1: Proto= ESP(3), num trans=1
> Next=0
> 10-20: 03:25:43:968:268 Checking Transform # 1: ID=Triple DES CBC(3)
> 10-20: 03:25:43:968:268 tunnel mode is 61443(61443)
> 10-20: 03:25:43:968:268 HMAC algorithm is SHA(2)
> 10-20: 03:25:43:968:268 group description for PFS is 2
> 10-20: 03:25:43:968:268 Phase 2 SA accepted: proposal=1 transform=1
> 10-20: 03:25:43:984:268 constructing ISAKMP Header
> 10-20: 03:25:43:984:268 constructing HASH (QM)
> 10-20: 03:25:43:984:268 isadb_find_peer_entry found entry
> 10-20: 03:25:43:984:268 Adding QMs: src = 192.168.223.15.0000, dst =
> 0.0.0.0.0000, proto = 00, context = 00000007, my tunnel =
> 192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
> 0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 2
> EncapType 3
> 10-20: 03:25:43:984:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:25:43:984:268 Algo[0] MySpi: 3687822412 PeerSpi: 4116185746
> 10-20: 03:25:43:984:268 Encap Ports Src 4500 Dst 4500
> 10-20: 03:25:43:984:268 Skipping Outbound SA add
> 10-20: 03:25:43:984:268 isadb_find_peer_entry found entry
> 10-20: 03:25:43:984:268 Adding QMs: src = 192.168.223.15.0000, dst =
> 0.0.0.0.0000, proto = 00, context = 00000007, my tunnel =
> 192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
> 0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 3
> EncapType 3
> 10-20: 03:25:43:984:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:25:43:984:268 Algo[0] MySpi: 3687822412 PeerSpi: 4116185746
> 10-20: 03:25:43:984:268 Encap Ports Src 4500 Dst 4500
> 10-20: 03:25:43:984:268 Skipping Inbound SA add
> 10-20: 03:25:43:984:268 isadb_find_peer_entry found entry
> 10-20: 03:25:43:984:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
> 0 QMCount 1
> 10-20: 03:25:43:984:268 isadb_set_status sa:0011DAD0 centry:000E6DC8
> status 0
> 10-20: 03:25:43:984:268
> 10-20: 03:25:43:984:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 4.4500
> 10-20: 03:25:43:984:268 ISAKMP Header: (V1.0), len = 52
> 10-20: 03:25:43:984:268 I-COOKIE 39c3ef73e9414846
> 10-20: 03:25:43:984:268 R-COOKIE 8b4e99d8511141fc
> 10-20: 03:25:43:984:268 exchange: Oakley Quick Mode
> 10-20: 03:25:43:984:268 flags: 1 ( encrypted )
> 10-20: 03:25:43:984:268 next payload: HASH
> 10-20: 03:25:43:984:268 message ID: 215b2f22
> 10-20: 03:25:43:984:268 Ports S:9411 D:9411
> 10-20: 03:26:22:656:268 Peer List Entry 0012A2C0
> 10-20: 03:26:22:656:268 ClearFragList
> 10-20: 03:26:44:0:268 CE Dead. sa:0011DAD0 ce:000E6DC8 status:35ef
> 10-20: 03:29:43:968:268 Expire_sa SA=11dad0
> 10-20: 03:29:43:968:268 SA Dead. sa:0011DAD0 status:35ef
> 10-20: 03:29:43:968:268 isadb_set_status sa:0011DAD0 centry:00000000
> status 35ef
> 10-20: 03:29:43:968:268 constructing ISAKMP Header
> 10-20: 03:29:43:968:268 constructing HASH (null)
> 10-20: 03:29:43:968:268 constructing DELETE. MM 0011DAD0
> 10-20: 03:29:43:968:268 constructing HASH (Notify/Delete)
> 10-20: 03:29:43:968:268 Not setting retransmit to downlevel client. SA
> 0011DAD0 Centry 00000000
> 10-20: 03:29:43:968:268
> 10-20: 03:29:43:968:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 1.4500
> 10-20: 03:29:43:968:268 ISAKMP Header: (V1.0), len = 84
> 10-20: 03:29:43:968:268 I-COOKIE 39c3ef73e9414846
> 10-20: 03:29:43:968:268 R-COOKIE 8b4e99d8511141fc
> 10-20: 03:29:43:968:268 exchange: ISAKMP Informational Exchange
> 10-20: 03:29:43:968:268 flags: 1 ( encrypted )
> 10-20: 03:29:43:968:268 next payload: HASH
> 10-20: 03:29:43:968:268 message ID: 7b092610
> 10-20: 03:29:43:968:268 Ports S:9411 D:9411
> 10-20: 03:29:43:968:268
> 10-20: 03:29:43:968:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.4500
> 10-20: 03:29:43:968:268 ISAKMP Header: (V1.0), len = 84
> 10-20: 03:29:43:968:268 I-COOKIE 39c3ef73e9414846
> 10-20: 03:29:43:968:268 R-COOKIE 8b4e99d8511141fc
> 10-20: 03:29:43:968:268 exchange: ISAKMP Informational Exchange
> 10-20: 03:29:43:968:268 flags: 1 ( encrypted )
> 10-20: 03:29:43:968:268 next payload: HASH
> 10-20: 03:29:43:968:268 message ID: 06dd1639
> 10-20: 03:29:43:968:268 processing HASH (Notify/Delete)
> 10-20: 03:29:43:968:268 processing payload DELETE
> 10-20: 03:30:07:687:268 Peer List Entry 0012A2C0
> 10-20: 03:33:52:687:268 Peer List Entry 0012A2C0
> 10-20: 03:37:37:687:268 Peer List Entry 0012A2C0
> 10-20: 03:41:22:687:268 Peer List Entry 0012A2C0
> 10-20: 03:45:07:687:268 Peer List Entry 0012A2C0
> 10-20: 03:47:26:484:784 isadb_schedule_kill_oldPolicy_sas:
> 66a57ff4-a924-4a6b-a9e91960d5489021 4
> 10-20: 03:47:26:484:784 isadb_schedule_kill_oldPolicy_sas:
> 0dca029a-ca48-4b2e-a75de67d561a05f7 4
> 10-20: 03:47:26:484:784 isadb_schedule_kill_oldPolicy_sas:
> 4f8acc8a-57eb-44b1-97093c914d2ca3ef 3
> 10-20: 03:47:26:484:784 isadb_schedule_kill_oldPolicy_sas:
> f35d4ba5-c64d-4fcc-84fbf517802716bd 3
> 10-20: 03:47:26:484:784 isadb_schedule_kill_oldPolicy_sas:
> be99702c-d5f0-4288-ba3339631d71cda9 1
> 10-20: 03:47:26:484:268 QM Deleted. Notify from driver: Src
> 192.168.223.15 Dest 0.0.0.0 InSPI 3687822412 OutSpi 4116185746 Tunnel
> bbfb4b18 TunnelFilter 0
> 10-20: 03:47:26:484:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
> 0 QMCount 0
> 10-20: 03:47:26:484:268 constructing ISAKMP Header
> 10-20: 03:47:26:484:268 constructing HASH (null)
> 10-20: 03:47:26:484:268 Construct QM Delete Spi 3687822412
> 10-20: 03:47:26:484:268 constructing HASH (Notify/Delete)
> 10-20: 03:47:26:484:268 Not setting retransmit to downlevel client. SA
> 0011DAD0 Centry 00000000
> 10-20: 03:47:26:484:268
> 10-20: 03:47:26:484:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 1.4500
> 10-20: 03:47:26:484:268 ISAKMP Header: (V1.0), len = 68
> 10-20: 03:47:26:484:268 I-COOKIE 39c3ef73e9414846
> 10-20: 03:47:26:484:268 R-COOKIE 8b4e99d8511141fc
> 10-20: 03:47:26:484:268 exchange: ISAKMP Informational Exchange
> 10-20: 03:47:26:484:268 flags: 1 ( encrypted )
> 10-20: 03:47:26:484:268 next payload: HASH
> 10-20: 03:47:26:484:268 message ID: b880ae29
> 10-20: 03:47:26:484:268 Ports S:9411 D:9411
> 10-20: 03:47:26:484:268 PrivatePeerAddr 0
> 10-20: 03:47:26:484:784 isadb_schedule_kill_oldPolicy_sas:
> f53078be-bfb6-49f7-b26cd8c6879b89aa 2
> 10-20: 03:47:26:500:268 entered kill_old_policy_sas 4
> 10-20: 03:47:26:500:268 entered kill_old_policy_sas 4
> 10-20: 03:47:26:500:268 entered kill_old_policy_sas 3
> 10-20: 03:47:26:500:268 entered kill_old_policy_sas 3
> 10-20: 03:47:26:500:268 entered kill_old_policy_sas 1
> 10-20: 03:47:26:500:268 entered kill_old_policy_sas 2
> 10-20: 03:47:27:890:7e8 Acquire from driver: op=00000008
> src=192.168.223.15.0 dst=10.1.1.36.0 proto = 0, SrcMask=255.255.255.255,
> DstMask=0.0.0.0, Tunnel 1, TunnelEndpt=x.x.x.187 Inbound
> TunnelEndpt=192.168.223.15
> 10-20: 03:47:27:890:268 Filter to match: Src x.x.x.187 Dst
> 192.168.223.15
> 10-20: 03:47:27:890:268 MM PolicyName: 3
> 10-20: 03:47:27:890:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
> 10-20: 03:47:27:890:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
> 10-20: 03:47:27:890:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
> 10-20: 03:47:27:890:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
> CN=NiagaraCA AuthFlags 0
> 10-20: 03:47:27:890:268 QM PolicyName: x4
> {ef25391b-b19e-47b4-8584-b1c0c3cf0c21} dwFlags 1
> 10-20: 03:47:27:890:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
> 10-20: 03:47:27:890:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
> 10-20: 03:47:27:890:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:47:27:890:268 Starting Negotiation: src = 192.168.223.15.0500,
> dst = x.x.x.187.0500, proto = 00, context = 00000008, ProxySrc =
> 192.168.223.15.0000, ProxyDst = 0.0.0.0.0000 SrcMask = 255.255.255.255
> DstMask = 0.0.0.0
> 10-20: 03:47:27:890:268 constructing ISAKMP Header
> 10-20: 03:47:27:890:268 constructing SA (ISAKMP)
> 10-20: 03:47:27:890:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
> 10-20: 03:47:27:890:268 Constructing Vendor FRAGMENTATION
> 10-20: 03:47:27:890:268 Constructing Vendor
> draft-ietf-ipsec-nat-t-ike-02
> 10-20: 03:47:27:890:268 Constructing Vendor Vid-Initial-Contact
> 10-20: 03:47:27:890:268
> 10-20: 03:47:27:890:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
> 10-20: 03:47:27:890:268 ISAKMP Header: (V1.0), len = 168
> 10-20: 03:47:27:890:268 I-COOKIE eb8d01078627ffee
> 10-20: 03:47:27:890:268 R-COOKIE 0000000000000000
> 10-20: 03:47:27:890:268 exchange: Oakley Main Mode
> 10-20: 03:47:27:890:268 flags: 0
> 10-20: 03:47:27:890:268 next payload: SA
> 10-20: 03:47:27:890:268 message ID: 00000000
> 10-20: 03:47:27:890:268 Ports S:f401 D:f401
> 10-20: 03:47:27:890:268
> 10-20: 03:47:27:890:268 Receive: (get) SA = 0x000e86b8 from
> x.x.x.187.500
> 10-20: 03:47:27:890:268 ISAKMP Header: (V1.0), len = 140
> 10-20: 03:47:27:890:268 I-COOKIE eb8d01078627ffee
> 10-20: 03:47:27:890:268 R-COOKIE 793c34647566e6f7
> 10-20: 03:47:27:890:268 exchange: Oakley Main Mode
> 10-20: 03:47:27:890:268 flags: 0
> 10-20: 03:47:27:890:268 next payload: SA
> 10-20: 03:47:27:890:268 message ID: 00000000
> 10-20: 03:47:27:890:268 processing payload SA
> 10-20: 03:47:27:890:268 Received Phase 1 Transform 1
> 10-20: 03:47:27:890:268 Encryption Alg Triple DES CBC(5)
> 10-20: 03:47:27:890:268 Hash Alg SHA(2)
> 10-20: 03:47:27:890:268 Oakley Group 2
> 10-20: 03:47:27:890:268 Auth Method RSA Signature with
> Certificates(3)
> 10-20: 03:47:27:890:268 Life type in Seconds
> 10-20: 03:47:27:890:268 Life duration of 300
> 10-20: 03:47:27:890:268 Phase 1 SA accepted: transform=1
> 10-20: 03:47:27:890:268 SA - Oakley proposal accepted
> 10-20: 03:47:27:890:268 processing payload VENDOR ID
> 10-20: 03:47:27:890:268 processing payload VENDOR ID
> 10-20: 03:47:27:890:268 processing payload VENDOR ID
> 10-20: 03:47:27:890:268 Received VendorId draft-ietf-ipsec-nat-t-ike-02
> 10-20: 03:47:27:890:268 ClearFragList
> 10-20: 03:47:27:890:268 constructing ISAKMP Header
> 10-20: 03:47:27:921:268 constructing KE
> 10-20: 03:47:27:921:268 constructing NONCE (ISAKMP)
> 10-20: 03:47:27:921:268 Constructing NatDisc
> 10-20: 03:47:27:921:268
> 10-20: 03:47:27:921:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
> 10-20: 03:47:27:921:268 ISAKMP Header: (V1.0), len = 232
> 10-20: 03:47:27:921:268 I-COOKIE eb8d01078627ffee
> 10-20: 03:47:27:921:268 R-COOKIE 793c34647566e6f7
> 10-20: 03:47:27:921:268 exchange: Oakley Main Mode
> 10-20: 03:47:27:921:268 flags: 0
> 10-20: 03:47:27:921:268 next payload: KE
> 10-20: 03:47:27:921:268 message ID: 00000000
> 10-20: 03:47:27:921:268 Ports S:f401 D:f401
> 10-20: 03:47:27:937:268
> 10-20: 03:47:27:937:268 Receive: (get) SA = 0x000e86b8 from
> x.x.x.187.500
> 10-20: 03:47:27:937:268 ISAKMP Header: (V1.0), len = 228
> 10-20: 03:47:27:937:268 I-COOKIE eb8d01078627ffee
> 10-20: 03:47:27:937:268 R-COOKIE 793c34647566e6f7
> 10-20: 03:47:27:937:268 exchange: Oakley Main Mode
> 10-20: 03:47:27:937:268 flags: 0
> 10-20: 03:47:27:937:268 next payload: KE
> 10-20: 03:47:27:937:268 message ID: 00000000
> 10-20: 03:47:27:937:268 processing payload KE
> 10-20: 03:47:27:953:268 processing payload NONCE
> 10-20: 03:47:27:953:268 processing payload NATDISC
> 10-20: 03:47:27:953:268 Processing NatHash
> 10-20: 03:47:27:953:268 Nat hash b56804c793429df2df197b7e4aeef26d
> 10-20: 03:47:27:953:268 d0790e26
> 10-20: 03:47:27:953:268 SA StateMask2 1f
> 10-20: 03:47:27:953:268 processing payload NATDISC
> 10-20: 03:47:27:953:268 Processing NatHash
> 10-20: 03:47:27:953:268 Nat hash 9204d68b9d5b0588817fdb7a1d3f1709
> 10-20: 03:47:27:953:268 7fdb1bcf
> 10-20: 03:47:27:953:268 SA StateMask2 5f
> 10-20: 03:47:27:953:268 ClearFragList
> 10-20: 03:47:27:953:268 Peer behind NAT
> 10-20: 03:47:27:953:268 Floated Ports Orig Me:f401 Peer:f401
> 10-20: 03:47:27:953:268 Floated Ports Me:9411 Peer:9411
> 10-20: 03:47:27:953:268 constructing ISAKMP Header
> 10-20: 03:47:27:953:268 constructing ID
> 10-20: 03:47:27:953:268 Received no valid CRPs. Using all configured
> 10-20: 03:47:27:953:268 Looking for IPSec only cert
> 10-20: 03:47:27:953:268 failed to get chain 80092004
> 10-20: 03:47:27:953:268 Looking for any cert
> 10-20: 03:47:27:953:268 Cert Trustes. 0 100
> 10-20: 03:47:27:953:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 03:47:27:953:268 6fb09c33
> 10-20: 03:47:27:953:268 Entered CRL check
> 10-20: 03:47:27:953:268 Left CRL check
> 10-20: 03:47:27:953:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 03:47:27:953:268 6fb09c33
> 10-20: 03:47:27:953:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
> O=Atlas, CN=john.sullivan
> 10-20: 03:47:27:953:268 Cert Serialnumber 32
> 10-20: 03:47:27:953:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 03:47:27:953:268 6fb09c33
> 10-20: 03:47:27:953:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 03:47:27:953:268 Cert Serialnumber 00
> 10-20: 03:47:27:953:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 03:47:27:953:268 7e34f701
> 10-20: 03:47:27:953:268 Not storing My cert chain in SA.
> 10-20: 03:47:27:953:268 MM ID Type 9
> 10-20: 03:47:27:953:268 MM ID 3061310b300906035504061302555331
> 10-20: 03:47:27:953:268 0d300b060355040b130445786563310d
> 10-20: 03:47:27:953:268 300b060355040b1304436f6e73310c30
> 10-20: 03:47:27:953:268 0a060355040b1303456e67310e300c06
> 10-20: 03:47:27:953:268 0355040a130541746c61733116301406
> 10-20: 03:47:27:953:268 03550403130d6a6f686e2e73756c6c69
> 10-20: 03:47:27:953:268 76616e
> 10-20: 03:47:27:953:268 constructing CERT
> 10-20: 03:47:27:953:268 Construct SIG
> 10-20: 03:47:27:953:268 Constructing Cert Request
> 10-20: 03:47:27:953:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 03:47:27:953:268
> 10-20: 03:47:27:953:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
> 2.4500
> 10-20: 03:47:27:953:268 ISAKMP Header: (V1.0), len = 1188
> 10-20: 03:47:27:953:268 I-COOKIE eb8d01078627ffee
> 10-20: 03:47:27:953:268 R-COOKIE 793c34647566e6f7
> 10-20: 03:47:27:953:268 exchange: Oakley Main Mode
> 10-20: 03:47:27:953:268 flags: 1 ( encrypted )
> 10-20: 03:47:27:953:268 next payload: ID
> 10-20: 03:47:27:953:268 message ID: 00000000
> 10-20: 03:47:27:953:268 Ports S:9411 D:9411
> 10-20: 03:47:27:968:268
> 10-20: 03:47:27:968:268 Receive: (get) SA = 0x000e86b8 from
> x.x.x.187.4500
> 10-20: 03:47:27:968:268 ISAKMP Header: (V1.0), len = 1036
> 10-20: 03:47:27:968:268 I-COOKIE eb8d01078627ffee
> 10-20: 03:47:27:968:268 R-COOKIE 793c34647566e6f7
> 10-20: 03:47:27:968:268 exchange: Oakley Main Mode
> 10-20: 03:47:27:968:268 flags: 1 ( encrypted )
> 10-20: 03:47:27:968:268 next payload: ID
> 10-20: 03:47:27:968:268 message ID: 00000000
> 10-20: 03:47:27:968:268 processing payload ID
> 10-20: 03:47:27:968:268 processing payload CERT
> 10-20: 03:47:27:968:268 processing payload SIG
> 10-20: 03:47:27:968:268 Verifying CertStore
> 10-20: 03:47:27:968:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 03:47:27:968:268 Cert Serialnumber 31
> 10-20: 03:47:27:968:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 03:47:27:968:268 810b3d66
> 10-20: 03:47:27:968:268 Cert Trustes. 0 100
> 10-20: 03:47:27:968:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 03:47:27:968:268 Cert Serialnumber 31
> 10-20: 03:47:27:968:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 03:47:27:968:268 810b3d66
> 10-20: 03:47:27:968:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 03:47:27:968:268 Cert Serialnumber 00
> 10-20: 03:47:27:968:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 03:47:27:968:268 7e34f701
> 10-20: 03:47:27:968:268 Not storing Peer's cert chain in SA.
> 10-20: 03:47:27:968:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 03:47:27:968:268 810b3d66
> 10-20: 03:47:27:968:268 Entered CRL check
> 10-20: 03:47:27:968:268 Left CRL check
> 10-20: 03:47:27:968:268 Signature validated
> 10-20: 03:47:27:968:268 ClearFragList
> 10-20: 03:47:27:968:268 MM established. SA: 000E86B8
> 10-20: 03:47:27:968:268 QM PolicyName: x4
> {ef25391b-b19e-47b4-8584-b1c0c3cf0c21} dwFlags 1
> 10-20: 03:47:27:968:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
> 10-20: 03:47:27:968:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
> 10-20: 03:47:27:968:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:47:27:968:268 GetSpi: src = 0.0.0.0.0000, dst =
> 192.168.223.15.0000, proto = 00, context = 00000008, srcMask = 0.0.0.0,
> destMask = 255.255.255.255, TunnelFilter 1
> 10-20: 03:47:27:968:268 Setting SPI 3421024525
> 10-20: 03:47:27:968:268 constructing ISAKMP Header
> 10-20: 03:47:27:968:268 constructing HASH (null)
> 10-20: 03:47:27:968:268 constructing SA (IPSEC)
> 10-20: 03:47:27:968:268 constructing QM KE
> 10-20: 03:47:28:0:268 constructing NONCE (IPSEC)
> 10-20: 03:47:28:0:268 constructing ID (proxy)
> 10-20: 03:47:28:0:268 constructing ID (proxy)
> 10-20: 03:47:28:0:268 constructing HASH (QM)
> 10-20: 03:47:28:0:268
> 10-20: 03:47:28:0:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.4500
> 10-20: 03:47:28:0:268 ISAKMP Header: (V1.0), len = 284
> 10-20: 03:47:28:0:268 I-COOKIE eb8d01078627ffee
> 10-20: 03:47:28:0:268 R-COOKIE 793c34647566e6f7
> 10-20: 03:47:28:0:268 exchange: Oakley Quick Mode
> 10-20: 03:47:28:0:268 flags: 1 ( encrypted )
> 10-20: 03:47:28:0:268 next payload: HASH
> 10-20: 03:47:28:0:268 message ID: 5001cdcc
> 10-20: 03:47:28:0:268 Ports S:9411 D:9411
> 10-20: 03:47:28:15:268
> 10-20: 03:47:28:15:268 Receive: (get) SA = 0x000e86b8 from
> x.x.x.187.4500
> 10-20: 03:47:28:15:268 ISAKMP Header: (V1.0), len = 276
> 10-20: 03:47:28:15:268 I-COOKIE eb8d01078627ffee
> 10-20: 03:47:28:15:268 R-COOKIE 793c34647566e6f7
> 10-20: 03:47:28:15:268 exchange: Oakley Quick Mode
> 10-20: 03:47:28:15:268 flags: 1 ( encrypted )
> 10-20: 03:47:28:15:268 next payload: HASH
> 10-20: 03:47:28:15:268 message ID: 5001cdcc
> 10-20: 03:47:28:15:268 processing HASH (QM)
> 10-20: 03:47:28:15:268 ClearFragList
> 10-20: 03:47:28:15:268 processing payload NONCE
> 10-20: 03:47:28:15:268 processing payload KE
> 10-20: 03:47:28:15:268 Quick Mode KE processed; Saved KE data
> 10-20: 03:47:28:15:268 processing payload ID
> 10-20: 03:47:28:15:268 processing payload ID
> 10-20: 03:47:28:15:268 processing payload SA
> 10-20: 03:47:28:15:268 Negotiated Proxy ID: Src 192.168.223.15.0 Dst
> 0.0.0.0.0
> 10-20: 03:47:28:15:268 Dst id for subnet. Mask 0.0.0.0
> 10-20: 03:47:28:15:268 Checking Proposal 1: Proto= ESP(3), num trans=1
> Next=0
> 10-20: 03:47:28:15:268 Checking Transform # 1: ID=Triple DES CBC(3)
> 10-20: 03:47:28:15:268 tunnel mode is 61443(61443)
> 10-20: 03:47:28:15:268 HMAC algorithm is SHA(2)
> 10-20: 03:47:28:15:268 group description for PFS is 2
> 10-20: 03:47:28:15:268 Phase 2 SA accepted: proposal=1 transform=1
> 10-20: 03:47:28:31:268 constructing ISAKMP Header
> 10-20: 03:47:28:31:268 constructing HASH (QM)
> 10-20: 03:47:28:31:268 isadb_find_peer_entry found entry
> 10-20: 03:47:28:31:268 Adding QMs: src = 192.168.223.15.0000, dst =
> 0.0.0.0.0000, proto = 00, context = 00000008, my tunnel =
> 192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
> 0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 2
> EncapType 3
> 10-20: 03:47:28:31:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:47:28:31:268 Algo[0] MySpi: 3421024525 PeerSpi: 4116185806
> 10-20: 03:47:28:31:268 Encap Ports Src 4500 Dst 4500
> 10-20: 03:47:28:31:268 Skipping Outbound SA add
> 10-20: 03:47:28:31:268 isadb_find_peer_entry found entry
> 10-20: 03:47:28:31:268 Adding QMs: src = 192.168.223.15.0000, dst =
> 0.0.0.0.0000, proto = 00, context = 00000008, my tunnel =
> 192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
> 0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 3
> EncapType 3
> 10-20: 03:47:28:31:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:47:28:31:268 Algo[0] MySpi: 3421024525 PeerSpi: 4116185806
> 10-20: 03:47:28:31:268 Encap Ports Src 4500 Dst 4500
> 10-20: 03:47:28:31:268 Skipping Inbound SA add
> 10-20: 03:47:28:31:268 isadb_find_peer_entry found entry
> 10-20: 03:47:28:31:268 Leaving adjust_peer_list entry 0012A2C0 MMCount 0
> QMCount 1
> 10-20: 03:47:28:31:268 isadb_set_status sa:000E86B8 centry:000E6760
> status 0
> 10-20: 03:47:28:31:268
> 10-20: 03:47:28:31:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 4.4500
> 10-20: 03:47:28:31:268 ISAKMP Header: (V1.0), len = 52
> 10-20: 03:47:28:31:268 I-COOKIE eb8d01078627ffee
> 10-20: 03:47:28:31:268 R-COOKIE 793c34647566e6f7
> 10-20: 03:47:28:31:268 exchange: Oakley Quick Mode
> 10-20: 03:47:28:31:268 flags: 1 ( encrypted )
> 10-20: 03:47:28:31:268 next payload: HASH
> 10-20: 03:47:28:31:268 message ID: 5001cdcc
> 10-20: 03:47:28:31:268 Ports S:9411 D:9411
> 10-20: 03:48:07:703:268 ClearFragList
> 10-20: 03:48:28:46:268 CE Dead. sa:000E86B8 ce:000E6760 status:35ef
> 10-20: 03:48:52:718:268 Peer List Entry 0012A2C0
> 10-20: 03:49:30:984:784 isadb_schedule_kill_oldPolicy_sas:
> 8cf2eea9-be77-49ba-916cfdb6fe6cad8f 4
> 10-20: 03:49:30:984:784 isadb_schedule_kill_oldPolicy_sas:
> 0873d97f-191b-49a4-bed2d303fb0b85e2 4
> 10-20: 03:49:30:984:784 isadb_schedule_kill_oldPolicy_sas:
> 2a353fe5-f08f-4ee6-8ac2e7563e61689c 3
> 10-20: 03:49:30:984:784 isadb_schedule_kill_oldPolicy_sas:
> ceb3d732-1a1b-4dc1-8dd48ab2895bae65 3
> 10-20: 03:49:30:984:784 isadb_schedule_kill_oldPolicy_sas:
> a66336a5-f653-4650-a26814645e0da224 1
> 10-20: 03:49:30:984:784 isadb_schedule_kill_oldPolicy_sas:
> ef25391b-b19e-47b4-8584b1c0c3cf0c21 2
> 10-20: 03:49:30:984:268 QM Deleted. Notify from driver: Src
> 192.168.223.15 Dest 0.0.0.0 InSPI 3421024525 OutSpi 4116185806 Tunnel
> bbfb4b18 TunnelFilter 0
> 10-20: 03:49:30:984:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
> 0 QMCount 0
> 10-20: 03:49:30:984:268 constructing ISAKMP Header
> 10-20: 03:49:30:984:268 constructing HASH (null)
> 10-20: 03:49:30:984:268 Construct QM Delete Spi 3421024525
> 10-20: 03:49:30:984:268 constructing HASH (Notify/Delete)
> 10-20: 03:49:30:984:268 Not setting retransmit to downlevel client. SA
> 000E86B8 Centry 00000000
> 10-20: 03:49:30:984:268
> 10-20: 03:49:30:984:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
> 1.4500
> 10-20: 03:49:30:984:268 ISAKMP Header: (V1.0), len = 68
> 10-20: 03:49:30:984:268 I-COOKIE eb8d01078627ffee
> 10-20: 03:49:30:984:268 R-COOKIE 793c34647566e6f7
> 10-20: 03:49:30:984:268 exchange: ISAKMP Informational Exchange
> 10-20: 03:49:30:984:268 flags: 1 ( encrypted )
> 10-20: 03:49:30:984:268 next payload: HASH
> 10-20: 03:49:30:984:268 message ID: 6796a77a
> 10-20: 03:49:30:984:268 Ports S:9411 D:9411
> 10-20: 03:49:30:984:268 PrivatePeerAddr 0
> 10-20: 03:49:31:0:268 entered kill_old_policy_sas 4
> 10-20: 03:49:31:0:268 SA Dead. sa:000E86B8 status:3619
> 10-20: 03:49:31:0:268 isadb_set_status sa:000E86B8 centry:00000000
> status 3619
> 10-20: 03:49:31:0:be8 entered kill_old_policy_sas 4
> 10-20: 03:49:31:375:268 constructing ISAKMP Header
> 10-20: 03:49:31:375:268 constructing HASH (null)
> 10-20: 03:49:31:375:268 constructing DELETE. MM 000E86B8
> 10-20: 03:49:31:375:268 constructing HASH (Notify/Delete)
> 10-20: 03:49:31:375:268 Not setting retransmit to downlevel client. SA
> 000E86B8 Centry 00000000
> 10-20: 03:49:31:375:268
> 10-20: 03:49:31:375:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type
> 1.4500
> 10-20: 03:49:31:375:268 ISAKMP Header: (V1.0), len = 84
> 10-20: 03:49:31:375:268 I-COOKIE eb8d01078627ffee
> 10-20: 03:49:31:375:268 R-COOKIE 793c34647566e6f7
> 10-20: 03:49:31:375:268 exchange: ISAKMP Informational Exchange
> 10-20: 03:49:31:375:268 flags: 1 ( encrypted )
> 10-20: 03:49:31:375:268 next payload: HASH
> 10-20: 03:49:31:375:268 message ID: 23cffb4d
> 10-20: 03:49:31:375:268 Ports S:9411 D:9411
> 10-20: 03:49:31:375:268 entered kill_old_policy_sas 3
> 10-20: 03:49:31:375:268 entered kill_old_policy_sas 3
> 10-20: 03:49:31:375:268 entered kill_old_policy_sas 1
> 10-20: 03:49:31:375:268 entered kill_old_policy_sas 2
> 10-20: 03:49:32:265:7e8 Acquire from driver: op=00000009
> src=192.168.223.15.0 dst=10.1.1.36.0 proto = 0, SrcMask=255.255.255.255,
> DstMask=0.0.0.0, Tunnel 1, TunnelEndpt=x.x.x.187 Inbound
> TunnelEndpt=192.168.223.15
> 10-20: 03:49:32:265:268 Filter to match: Src x.x.x.187 Dst
> 192.168.223.15
> 10-20: 03:49:32:265:268 MM PolicyName: 4
> 10-20: 03:49:32:265:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
> 10-20: 03:49:32:265:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
> 10-20: 03:49:32:265:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
> 10-20: 03:49:32:265:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
> CN=NiagaraCA AuthFlags 0
> 10-20: 03:49:32:265:268 QM PolicyName: x4
> {ac4b757d-69c4-4127-b5ac-5a3512086a4d} dwFlags 1
> 10-20: 03:49:32:265:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
> 10-20: 03:49:32:265:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
> 10-20: 03:49:32:265:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:49:32:265:268 Starting Negotiation: src = 192.168.223.15.0500,
> dst = x.x.x.187.0500, proto = 00, context = 00000009, ProxySrc =
> 192.168.223.15.0000, ProxyDst = 0.0.0.0.0000 SrcMask = 255.255.255.255
> DstMask = 0.0.0.0
> 10-20: 03:49:32:265:268 constructing ISAKMP Header
> 10-20: 03:49:32:265:268 constructing SA (ISAKMP)
> 10-20: 03:49:32:265:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
> 10-20: 03:49:32:265:268 Constructing Vendor FRAGMENTATION
> 10-20: 03:49:32:265:268 Constructing Vendor
> draft-ietf-ipsec-nat-t-ike-02
> 10-20: 03:49:32:265:268 Constructing Vendor Vid-Initial-Contact
> 10-20: 03:49:32:265:268
> 10-20: 03:49:32:265:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
> 10-20: 03:49:32:265:268 ISAKMP Header: (V1.0), len = 168
> 10-20: 03:49:32:265:268 I-COOKIE ce0b2fd0e5d07bd8
> 10-20: 03:49:32:265:268 R-COOKIE 0000000000000000
> 10-20: 03:49:32:265:268 exchange: Oakley Main Mode
> 10-20: 03:49:32:265:268 flags: 0
> 10-20: 03:49:32:265:268 next payload: SA
> 10-20: 03:49:32:265:268 message ID: 00000000
> 10-20: 03:49:32:265:268 Ports S:f401 D:f401
> 10-20: 03:49:32:265:268
> 10-20: 03:49:32:265:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.500
> 10-20: 03:49:32:265:268 ISAKMP Header: (V1.0), len = 140
> 10-20: 03:49:32:265:268 I-COOKIE ce0b2fd0e5d07bd8
> 10-20: 03:49:32:265:268 R-COOKIE b82afdabca16ec30
> 10-20: 03:49:32:265:268 exchange: Oakley Main Mode
> 10-20: 03:49:32:265:268 flags: 0
> 10-20: 03:49:32:265:268 next payload: SA
> 10-20: 03:49:32:265:268 message ID: 00000000
> 10-20: 03:49:32:265:268 processing payload SA
> 10-20: 03:49:32:265:268 Received Phase 1 Transform 1
> 10-20: 03:49:32:265:268 Encryption Alg Triple DES CBC(5)
> 10-20: 03:49:32:265:268 Hash Alg SHA(2)
> 10-20: 03:49:32:265:268 Oakley Group 2
> 10-20: 03:49:32:265:268 Auth Method RSA Signature with
> Certificates(3)
> 10-20: 03:49:32:265:268 Life type in Seconds
> 10-20: 03:49:32:265:268 Life duration of 300
> 10-20: 03:49:32:265:268 Phase 1 SA accepted: transform=1
> 10-20: 03:49:32:265:268 SA - Oakley proposal accepted
> 10-20: 03:49:32:265:268 processing payload VENDOR ID
> 10-20: 03:49:32:265:268 processing payload VENDOR ID
> 10-20: 03:49:32:265:268 processing payload VENDOR ID
> 10-20: 03:49:32:265:268 Received VendorId draft-ietf-ipsec-nat-t-ike-02
> 10-20: 03:49:32:265:268 ClearFragList
> 10-20: 03:49:32:265:268 constructing ISAKMP Header
> 10-20: 03:49:32:296:268 constructing KE
> 10-20: 03:49:32:296:268 constructing NONCE (ISAKMP)
> 10-20: 03:49:32:296:268 Constructing NatDisc
> 10-20: 03:49:32:296:268
> 10-20: 03:49:32:296:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
> 10-20: 03:49:32:296:268 ISAKMP Header: (V1.0), len = 232
> 10-20: 03:49:32:296:268 I-COOKIE ce0b2fd0e5d07bd8
> 10-20: 03:49:32:296:268 R-COOKIE b82afdabca16ec30
> 10-20: 03:49:32:296:268 exchange: Oakley Main Mode
> 10-20: 03:49:32:296:268 flags: 0
> 10-20: 03:49:32:296:268 next payload: KE
> 10-20: 03:49:32:296:268 message ID: 00000000
> 10-20: 03:49:32:296:268 Ports S:f401 D:f401
> 10-20: 03:49:32:312:268
> 10-20: 03:49:32:312:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.500
> 10-20: 03:49:32:312:268 ISAKMP Header: (V1.0), len = 228
> 10-20: 03:49:32:312:268 I-COOKIE ce0b2fd0e5d07bd8
> 10-20: 03:49:32:312:268 R-COOKIE b82afdabca16ec30
> 10-20: 03:49:32:312:268 exchange: Oakley Main Mode
> 10-20: 03:49:32:312:268 flags: 0
> 10-20: 03:49:32:312:268 next payload: KE
> 10-20: 03:49:32:312:268 message ID: 00000000
> 10-20: 03:49:32:312:268 processing payload KE
> 10-20: 03:49:32:312:268 processing payload NONCE
> 10-20: 03:49:32:312:268 processing payload NATDISC
> 10-20: 03:49:32:312:268 Processing NatHash
> 10-20: 03:49:32:312:268 Nat hash b5b5256165fd9b6ba1c37097ef5d39bc
> 10-20: 03:49:32:312:268 9c3f094b
> 10-20: 03:49:32:312:268 SA StateMask2 1f
> 10-20: 03:49:32:312:268 processing payload NATDISC
> 10-20: 03:49:32:312:268 Processing NatHash
> 10-20: 03:49:32:312:268 Nat hash 346777a051f8cf5d2786df02fc3de2b2
> 10-20: 03:49:32:312:268 89cbb2c9
> 10-20: 03:49:32:312:268 SA StateMask2 5f
> 10-20: 03:49:32:312:268 ClearFragList
> 10-20: 03:49:32:312:268 Peer behind NAT
> 10-20: 03:49:32:312:268 Floated Ports Orig Me:f401 Peer:f401
> 10-20: 03:49:32:312:268 Floated Ports Me:9411 Peer:9411
> 10-20: 03:49:32:312:268 constructing ISAKMP Header
> 10-20: 03:49:32:312:268 constructing ID
> 10-20: 03:49:32:312:268 Received no valid CRPs. Using all configured
> 10-20: 03:49:32:312:268 Looking for IPSec only cert
> 10-20: 03:49:32:312:268 failed to get chain 80092004
> 10-20: 03:49:32:312:268 Looking for any cert
> 10-20: 03:49:32:312:268 Cert Trustes. 0 100
> 10-20: 03:49:32:312:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 03:49:32:312:268 6fb09c33
> 10-20: 03:49:32:328:268 Entered CRL check
> 10-20: 03:49:32:328:268 Left CRL check
> 10-20: 03:49:32:328:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 03:49:32:328:268 6fb09c33
> 10-20: 03:49:32:328:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
> O=Atlas, CN=john.sullivan
> 10-20: 03:49:32:328:268 Cert Serialnumber 32
> 10-20: 03:49:32:328:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 03:49:32:328:268 6fb09c33
> 10-20: 03:49:32:328:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 03:49:32:328:268 Cert Serialnumber 00
> 10-20: 03:49:32:328:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 03:49:32:328:268 7e34f701
> 10-20: 03:49:32:328:268 Not storing My cert chain in SA.
> 10-20: 03:49:32:328:268 MM ID Type 9
> 10-20: 03:49:32:328:268 MM ID 3061310b300906035504061302555331
> 10-20: 03:49:32:328:268 0d300b060355040b130445786563310d
> 10-20: 03:49:32:328:268 300b060355040b1304436f6e73310c30
> 10-20: 03:49:32:328:268 0a060355040b1303456e67310e300c06
> 10-20: 03:49:32:328:268 0355040a130541746c61733116301406
> 10-20: 03:49:32:328:268 03550403130d6a6f686e2e73756c6c69
> 10-20: 03:49:32:328:268 76616e
> 10-20: 03:49:32:328:268 constructing CERT
> 10-20: 03:49:32:328:268 Construct SIG
> 10-20: 03:49:32:328:268 Constructing Cert Request
> 10-20: 03:49:32:328:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 03:49:32:328:268
> 10-20: 03:49:32:328:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 2.4500
> 10-20: 03:49:32:328:268 ISAKMP Header: (V1.0), len = 1188
> 10-20: 03:49:32:328:268 I-COOKIE ce0b2fd0e5d07bd8
> 10-20: 03:49:32:328:268 R-COOKIE b82afdabca16ec30
> 10-20: 03:49:32:328:268 exchange: Oakley Main Mode
> 10-20: 03:49:32:328:268 flags: 1 ( encrypted )
> 10-20: 03:49:32:328:268 next payload: ID
> 10-20: 03:49:32:328:268 message ID: 00000000
> 10-20: 03:49:32:328:268 Ports S:9411 D:9411
> 10-20: 03:49:32:343:268
> 10-20: 03:49:32:343:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.4500
> 10-20: 03:49:32:343:268 ISAKMP Header: (V1.0), len = 1036
> 10-20: 03:49:32:343:268 I-COOKIE ce0b2fd0e5d07bd8
> 10-20: 03:49:32:343:268 R-COOKIE b82afdabca16ec30
> 10-20: 03:49:32:343:268 exchange: Oakley Main Mode
> 10-20: 03:49:32:343:268 flags: 1 ( encrypted )
> 10-20: 03:49:32:343:268 next payload: ID
> 10-20: 03:49:32:343:268 message ID: 00000000
> 10-20: 03:49:32:343:268 processing payload ID
> 10-20: 03:49:32:343:268 processing payload CERT
> 10-20: 03:49:32:343:268 processing payload SIG
> 10-20: 03:49:32:343:268 Verifying CertStore
> 10-20: 03:49:32:343:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 03:49:32:343:268 Cert Serialnumber 31
> 10-20: 03:49:32:343:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 03:49:32:343:268 810b3d66
> 10-20: 03:49:32:343:268 Cert Trustes. 0 100
> 10-20: 03:49:32:343:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 03:49:32:343:268 Cert Serialnumber 31
> 10-20: 03:49:32:343:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 03:49:32:343:268 810b3d66
> 10-20: 03:49:32:343:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 03:49:32:343:268 Cert Serialnumber 00
> 10-20: 03:49:32:343:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 03:49:32:343:268 7e34f701
> 10-20: 03:49:32:343:268 Not storing Peer's cert chain in SA.
> 10-20: 03:49:32:343:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 03:49:32:343:268 810b3d66
> 10-20: 03:49:32:343:268 Entered CRL check
> 10-20: 03:49:32:343:268 Left CRL check
> 10-20: 03:49:32:343:268 Signature validated
> 10-20: 03:49:32:343:268 ClearFragList
> 10-20: 03:49:32:343:268 MM established. SA: 0011DAD0
> 10-20: 03:49:32:343:268 QM PolicyName: x4
> {ac4b757d-69c4-4127-b5ac-5a3512086a4d} dwFlags 1
> 10-20: 03:49:32:343:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
> 10-20: 03:49:32:343:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
> 10-20: 03:49:32:343:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:49:32:343:268 GetSpi: src = 0.0.0.0.0000, dst =
> 192.168.223.15.0000, proto = 00, context = 00000009, srcMask = 0.0.0.0,
> destMask = 255.255.255.255, TunnelFilter 1
> 10-20: 03:49:32:343:268 Setting SPI 2987734217
> 10-20: 03:49:32:343:268 constructing ISAKMP Header
> 10-20: 03:49:32:343:268 constructing HASH (null)
> 10-20: 03:49:32:343:268 constructing SA (IPSEC)
> 10-20: 03:49:32:343:268 constructing QM KE
> 10-20: 03:49:32:375:268 constructing NONCE (IPSEC)
> 10-20: 03:49:32:375:268 constructing ID (proxy)
> 10-20: 03:49:32:375:268 constructing ID (proxy)
> 10-20: 03:49:32:375:268 constructing HASH (QM)
> 10-20: 03:49:32:375:268
> 10-20: 03:49:32:375:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 2.4500
> 10-20: 03:49:32:375:268 ISAKMP Header: (V1.0), len = 284
> 10-20: 03:49:32:375:268 I-COOKIE ce0b2fd0e5d07bd8
> 10-20: 03:49:32:375:268 R-COOKIE b82afdabca16ec30
> 10-20: 03:49:32:375:268 exchange: Oakley Quick Mode
> 10-20: 03:49:32:375:268 flags: 1 ( encrypted )
> 10-20: 03:49:32:375:268 next payload: HASH
> 10-20: 03:49:32:375:268 message ID: dce08c6c
> 10-20: 03:49:32:375:268 Ports S:9411 D:9411
> 10-20: 03:49:32:390:268
> 10-20: 03:49:32:390:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.4500
> 10-20: 03:49:32:390:268 ISAKMP Header: (V1.0), len = 276
> 10-20: 03:49:32:390:268 I-COOKIE ce0b2fd0e5d07bd8
> 10-20: 03:49:32:390:268 R-COOKIE b82afdabca16ec30
> 10-20: 03:49:32:390:268 exchange: Oakley Quick Mode
> 10-20: 03:49:32:390:268 flags: 1 ( encrypted )
> 10-20: 03:49:32:390:268 next payload: HASH
> 10-20: 03:49:32:390:268 message ID: dce08c6c
> 10-20: 03:49:32:390:268 processing HASH (QM)
> 10-20: 03:49:32:390:268 ClearFragList
> 10-20: 03:49:32:390:268 processing payload NONCE
> 10-20: 03:49:32:390:268 processing payload KE
> 10-20: 03:49:32:390:268 Quick Mode KE processed; Saved KE data
> 10-20: 03:49:32:390:268 processing payload ID
> 10-20: 03:49:32:390:268 processing payload ID
> 10-20: 03:49:32:390:268 processing payload SA
> 10-20: 03:49:32:390:268 Negotiated Proxy ID: Src 192.168.223.15.0 Dst
> 0.0.0.0.0
> 10-20: 03:49:32:390:268 Dst id for subnet. Mask 0.0.0.0
> 10-20: 03:49:32:390:268 Checking Proposal 1: Proto= ESP(3), num trans=1
> Next=0
> 10-20: 03:49:32:390:268 Checking Transform # 1: ID=Triple DES CBC(3)
> 10-20: 03:49:32:390:268 tunnel mode is 61443(61443)
> 10-20: 03:49:32:390:268 HMAC algorithm is SHA(2)
> 10-20: 03:49:32:390:268 group description for PFS is 2
> 10-20: 03:49:32:390:268 Phase 2 SA accepted: proposal=1 transform=1
> 10-20: 03:49:32:390:268 constructing ISAKMP Header
> 10-20: 03:49:32:390:268 constructing HASH (QM)
> 10-20: 03:49:32:390:268 isadb_find_peer_entry found entry
> 10-20: 03:49:32:390:268 Adding QMs: src = 192.168.223.15.0000, dst =
> 0.0.0.0.0000, proto = 00, context = 00000009, my tunnel =
> 192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
> 0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 2
> EncapType 3
> 10-20: 03:49:32:390:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:49:32:390:268 Algo[0] MySpi: 2987734217 PeerSpi: 431018819
> 10-20: 03:49:32:390:268 Encap Ports Src 4500 Dst 4500
> 10-20: 03:49:32:390:268 Skipping Outbound SA add
> 10-20: 03:49:32:390:268 isadb_find_peer_entry found entry
> 10-20: 03:49:32:390:268 Adding QMs: src = 192.168.223.15.0000, dst =
> 0.0.0.0.0000, proto = 00, context = 00000009, my tunnel =
> 192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
> 0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 3
> EncapType 3
> 10-20: 03:49:32:390:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 03:49:32:390:268 Algo[0] MySpi: 2987734217 PeerSpi: 431018819
> 10-20: 03:49:32:390:268 Encap Ports Src 4500 Dst 4500
> 10-20: 03:49:32:390:268 Skipping Inbound SA add
> 10-20: 03:49:32:390:268 isadb_find_peer_entry found entry
> 10-20: 03:49:32:390:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
> 0 QMCount 1
> 10-20: 03:49:32:390:268 isadb_set_status sa:0011DAD0 centry:000EA5E8
> status 0
> 10-20: 03:49:32:390:268
> 10-20: 03:49:32:390:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 4.4500
> 10-20: 03:49:32:390:268 ISAKMP Header: (V1.0), len = 52
> 10-20: 03:49:32:390:268 I-COOKIE ce0b2fd0e5d07bd8
> 10-20: 03:49:32:390:268 R-COOKIE b82afdabca16ec30
> 10-20: 03:49:32:390:268 exchange: Oakley Quick Mode
> 10-20: 03:49:32:390:268 flags: 1 ( encrypted )
> 10-20: 03:49:32:390:268 next payload: HASH
> 10-20: 03:49:32:390:268 message ID: dce08c6c
> 10-20: 03:49:32:390:268 Ports S:9411 D:9411
> 10-20: 03:49:37:734:268 ClearFragList
> 10-20: 03:50:32:406:268 CE Dead. sa:0011DAD0 ce:000EA5E8 status:35ef
> 10-20: 03:52:37:750:268 Peer List Entry 0012A2C0
> 10-20: 03:53:32:375:268 Expire_sa SA=11dad0
> 10-20: 03:53:32:375:268 SA Dead. sa:0011DAD0 status:35ef
> 10-20: 03:53:32:375:268 isadb_set_status sa:0011DAD0 centry:00000000
> status 35ef
> 10-20: 03:53:32:375:268 constructing ISAKMP Header
> 10-20: 03:53:32:375:268 constructing HASH (null)
> 10-20: 03:53:32:375:268 constructing DELETE. MM 0011DAD0
> 10-20: 03:53:32:375:268 constructing HASH (Notify/Delete)
> 10-20: 03:53:32:375:268 Not setting retransmit to downlevel client. SA
> 0011DAD0 Centry 00000000
> 10-20: 03:53:32:375:268
> 10-20: 03:53:32:375:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 1.4500
> 10-20: 03:53:32:375:268 ISAKMP Header: (V1.0), len = 84
> 10-20: 03:53:32:375:268 I-COOKIE ce0b2fd0e5d07bd8
> 10-20: 03:53:32:375:268 R-COOKIE b82afdabca16ec30
> 10-20: 03:53:32:375:268 exchange: ISAKMP Informational Exchange
> 10-20: 03:53:32:375:268 flags: 1 ( encrypted )
> 10-20: 03:53:32:375:268 next payload: HASH
> 10-20: 03:53:32:375:268 message ID: 86ccdaa2
> 10-20: 03:53:32:375:268 Ports S:9411 D:9411
> 10-20: 03:53:32:375:268
> 10-20: 03:53:32:375:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.4500
> 10-20: 03:53:32:375:268 ISAKMP Header: (V1.0), len = 84
> 10-20: 03:53:32:375:268 I-COOKIE ce0b2fd0e5d07bd8
> 10-20: 03:53:32:375:268 R-COOKIE b82afdabca16ec30
> 10-20: 03:53:32:375:268 exchange: ISAKMP Informational Exchange
> 10-20: 03:53:32:375:268 flags: 1 ( encrypted )
> 10-20: 03:53:32:375:268 next payload: HASH
> 10-20: 03:53:32:375:268 message ID: 51e33c0a
> 10-20: 03:53:32:375:268 processing HASH (Notify/Delete)
> 10-20: 03:53:32:375:268 processing payload DELETE
> 10-20: 03:56:22:781:268 Peer List Entry 0012A2C0
> 10-20: 04:00:07:781:268 Peer List Entry 0012A2C0
> 10-20: 04:03:52:781:268 Peer List Entry 0012A2C0
> 10-20: 04:07:37:781:268 Peer List Entry 0012A2C0
> 10-20: 04:11:22:781:268 Peer List Entry 0012A2C0
> 10-20: 04:15:07:781:268 Peer List Entry 0012A2C0
> 10-20: 04:18:52:781:268 Peer List Entry 0012A2C0
> 10-20: 04:22:37:781:268 Peer List Entry 0012A2C0
> 10-20: 04:24:17:984:784 isadb_schedule_kill_oldPolicy_sas:
> b4bbb2f5-6dfb-4b57-a7aed6254e70595a 4
> 10-20: 04:24:17:984:784 isadb_schedule_kill_oldPolicy_sas:
> b74c91fb-f2a0-4c81-a9b43ee1c7862918 4
> 10-20: 04:24:17:984:784 isadb_schedule_kill_oldPolicy_sas:
> 11d5cd3b-f168-4574-8c31546bc26c6e90 3
> 10-20: 04:24:17:984:784 isadb_schedule_kill_oldPolicy_sas:
> e6fdce84-3435-4781-a1e9272324504abb 3
> 10-20: 04:24:17:984:784 isadb_schedule_kill_oldPolicy_sas:
> 9a1ad682-6afa-4fae-8f82f70c224fa2af 1
> 10-20: 04:24:17:984:268 QM Deleted. Notify from driver: Src
> 192.168.223.15 Dest 0.0.0.0 InSPI 2987734217 OutSpi 431018819 Tunnel
> bbfb4b18 TunnelFilter 0
> 10-20: 04:24:17:984:268 Leaving adjust_peer_list entry 0012A2C0 MMCount
> 0 QMCount 0
> 10-20: 04:24:17:984:268 constructing ISAKMP Header
> 10-20: 04:24:17:984:268 constructing HASH (null)
> 10-20: 04:24:17:984:268 Construct QM Delete Spi 2987734217
> 10-20: 04:24:17:984:268 constructing HASH (Notify/Delete)
> 10-20: 04:24:17:984:268 Not setting retransmit to downlevel client. SA
> 0011DAD0 Centry 00000000
> 10-20: 04:24:17:984:268
> 10-20: 04:24:17:984:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 1.4500
> 10-20: 04:24:17:984:268 ISAKMP Header: (V1.0), len = 68
> 10-20: 04:24:17:984:268 I-COOKIE ce0b2fd0e5d07bd8
> 10-20: 04:24:17:984:268 R-COOKIE b82afdabca16ec30
> 10-20: 04:24:17:984:268 exchange: ISAKMP Informational Exchange
> 10-20: 04:24:17:984:268 flags: 1 ( encrypted )
> 10-20: 04:24:17:984:268 next payload: HASH
> 10-20: 04:24:17:984:268 message ID: d4cb2fb5
> 10-20: 04:24:17:984:268 Ports S:9411 D:9411
> 10-20: 04:24:17:984:268 PrivatePeerAddr 0
> 10-20: 04:24:17:984:784 isadb_schedule_kill_oldPolicy_sas:
> ac4b757d-69c4-4127-b5ac5a3512086a4d 2
> 10-20: 04:24:18:0:268 entered kill_old_policy_sas 4
> 10-20: 04:24:18:0:9a8 entered kill_old_policy_sas 4
> 10-20: 04:24:19:765:268 entered kill_old_policy_sas 3
> 10-20: 04:24:19:765:268 entered kill_old_policy_sas 3
> 10-20: 04:24:19:765:268 entered kill_old_policy_sas 1
> 10-20: 04:24:19:765:268 entered kill_old_policy_sas 2
> 10-20: 04:24:52:796:268 ClearFragList
> 10-20: 04:26:22:796:268 Peer List Entry 0012A2C0
> 10-20: 04:30:07:796:268 Peer List Entry 0012A2C0
> 10-20: 04:30:07:796:268 Release Encap state
> 10-20: 04:30:07:796:268 Remove PeerListEntry
> 10-20: 04:34:36:250:7e8 Acquire from driver: op=0000000A
> src=192.168.223.15.0 dst=10.1.1.36.0 proto = 0, SrcMask=255.255.255.255,
> DstMask=0.0.0.0, Tunnel 1, TunnelEndpt=x.x.x.187 Inbound
> TunnelEndpt=192.168.223.15
> 10-20: 04:34:36:250:268 Filter to match: Src x.x.x.187 Dst
> 192.168.223.15
> 10-20: 04:34:36:250:268 MM PolicyName: 5
> 10-20: 04:34:36:250:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
> 10-20: 04:34:36:250:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
> 10-20: 04:34:36:250:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
> 10-20: 04:34:36:250:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
> CN=NiagaraCA AuthFlags 0
> 10-20: 04:34:36:250:268 QM PolicyName: x4
> {e461b6aa-60fd-4442-a2ab-673ed8751641} dwFlags 1
> 10-20: 04:34:36:250:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
> 10-20: 04:34:36:250:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
> 10-20: 04:34:36:250:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 04:34:36:250:268 Starting Negotiation: src = 192.168.223.15.0500,
> dst = x.x.x.187.0500, proto = 00, context = 0000000A, ProxySrc =
> 192.168.223.15.0000, ProxyDst = 0.0.0.0.0000 SrcMask = 255.255.255.255
> DstMask = 0.0.0.0
> 10-20: 04:34:36:250:268 constructing ISAKMP Header
> 10-20: 04:34:36:250:268 constructing SA (ISAKMP)
> 10-20: 04:34:36:250:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
> 10-20: 04:34:36:250:268 Constructing Vendor FRAGMENTATION
> 10-20: 04:34:36:250:268 Constructing Vendor
> draft-ietf-ipsec-nat-t-ike-02
> 10-20: 04:34:36:250:268 Constructing Vendor Vid-Initial-Contact
> 10-20: 04:34:36:265:268
> 10-20: 04:34:36:265:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
> 10-20: 04:34:36:265:268 ISAKMP Header: (V1.0), len = 168
> 10-20: 04:34:36:265:268 I-COOKIE 989a0f9d8b2d115c
> 10-20: 04:34:36:265:268 R-COOKIE 0000000000000000
> 10-20: 04:34:36:265:268 exchange: Oakley Main Mode
> 10-20: 04:34:36:265:268 flags: 0
> 10-20: 04:34:36:265:268 next payload: SA
> 10-20: 04:34:36:265:268 message ID: 00000000
> 10-20: 04:34:36:265:268 Ports S:f401 D:f401
> 10-20: 04:34:36:265:268
> 10-20: 04:34:36:265:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.500
> 10-20: 04:34:36:265:268 ISAKMP Header: (V1.0), len = 140
> 10-20: 04:34:36:265:268 I-COOKIE 989a0f9d8b2d115c
> 10-20: 04:34:36:265:268 R-COOKIE 6e1470b16d168b03
> 10-20: 04:34:36:265:268 exchange: Oakley Main Mode
> 10-20: 04:34:36:265:268 flags: 0
> 10-20: 04:34:36:265:268 next payload: SA
> 10-20: 04:34:36:265:268 message ID: 00000000
> 10-20: 04:34:36:265:268 processing payload SA
> 10-20: 04:34:36:265:268 Received Phase 1 Transform 1
> 10-20: 04:34:36:265:268 Encryption Alg Triple DES CBC(5)
> 10-20: 04:34:36:265:268 Hash Alg SHA(2)
> 10-20: 04:34:36:265:268 Oakley Group 2
> 10-20: 04:34:36:265:268 Auth Method RSA Signature with
> Certificates(3)
> 10-20: 04:34:36:265:268 Life type in Seconds
> 10-20: 04:34:36:265:268 Life duration of 300
> 10-20: 04:34:36:265:268 Phase 1 SA accepted: transform=1
> 10-20: 04:34:36:265:268 SA - Oakley proposal accepted
> 10-20: 04:34:36:265:268 processing payload VENDOR ID
> 10-20: 04:34:36:265:268 processing payload VENDOR ID
> 10-20: 04:34:36:265:268 processing payload VENDOR ID
> 10-20: 04:34:36:265:268 Received VendorId draft-ietf-ipsec-nat-t-ike-02
> 10-20: 04:34:36:265:268 ClearFragList
> 10-20: 04:34:36:265:268 constructing ISAKMP Header
> 10-20: 04:34:36:296:268 constructing KE
> 10-20: 04:34:36:296:268 constructing NONCE (ISAKMP)
> 10-20: 04:34:36:296:268 Constructing NatDisc
> 10-20: 04:34:36:296:268
> 10-20: 04:34:36:296:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
> 10-20: 04:34:36:296:268 ISAKMP Header: (V1.0), len = 232
> 10-20: 04:34:36:296:268 I-COOKIE 989a0f9d8b2d115c
> 10-20: 04:34:36:296:268 R-COOKIE 6e1470b16d168b03
> 10-20: 04:34:36:296:268 exchange: Oakley Main Mode
> 10-20: 04:34:36:296:268 flags: 0
> 10-20: 04:34:36:296:268 next payload: KE
> 10-20: 04:34:36:296:268 message ID: 00000000
> 10-20: 04:34:36:296:268 Ports S:f401 D:f401
> 10-20: 04:34:36:296:268
> 10-20: 04:34:36:296:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.500
> 10-20: 04:34:36:296:268 ISAKMP Header: (V1.0), len = 228
> 10-20: 04:34:36:296:268 I-COOKIE 989a0f9d8b2d115c
> 10-20: 04:34:36:296:268 R-COOKIE 6e1470b16d168b03
> 10-20: 04:34:36:296:268 exchange: Oakley Main Mode
> 10-20: 04:34:36:296:268 flags: 0
> 10-20: 04:34:36:296:268 next payload: KE
> 10-20: 04:34:36:296:268 message ID: 00000000
> 10-20: 04:34:36:296:268 processing payload KE
> 10-20: 04:34:36:312:268 processing payload NONCE
> 10-20: 04:34:36:312:268 processing payload NATDISC
> 10-20: 04:34:36:312:268 Processing NatHash
> 10-20: 04:34:36:312:268 Nat hash cb554098df0c2470b82b6a5e64a7724a
> 10-20: 04:34:36:312:268 d3ae6081
> 10-20: 04:34:36:312:268 SA StateMask2 1f
> 10-20: 04:34:36:312:268 processing payload NATDISC
> 10-20: 04:34:36:312:268 Processing NatHash
> 10-20: 04:34:36:312:268 Nat hash 00f9bd31ecb7faea7887fec3824f8eff
> 10-20: 04:34:36:312:268 b9a73934
> 10-20: 04:34:36:312:268 SA StateMask2 9f
> 10-20: 04:34:36:312:268 ClearFragList
> 10-20: 04:34:36:312:268 Floated Ports Orig Me:f401 Peer:f401
> 10-20: 04:34:36:312:268 Floated Ports Me:9411 Peer:9411
> 10-20: 04:34:36:312:268 constructing ISAKMP Header
> 10-20: 04:34:36:312:268 constructing ID
> 10-20: 04:34:36:312:268 Received no valid CRPs. Using all configured
> 10-20: 04:34:36:312:268 Looking for IPSec only cert
> 10-20: 04:34:36:312:268 failed to get chain 80092004
> 10-20: 04:34:36:312:268 Looking for any cert
> 10-20: 04:34:36:312:268 Cert Trustes. 0 100
> 10-20: 04:34:36:312:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 04:34:36:312:268 6fb09c33
> 10-20: 04:34:36:312:268 Entered CRL check
> 10-20: 04:34:36:312:268 Left CRL check
> 10-20: 04:34:36:312:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 04:34:36:312:268 6fb09c33
> 10-20: 04:34:36:312:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
> O=Atlas, CN=john.sullivan
> 10-20: 04:34:36:312:268 Cert Serialnumber 32
> 10-20: 04:34:36:312:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 04:34:36:312:268 6fb09c33
> 10-20: 04:34:36:312:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 04:34:36:312:268 Cert Serialnumber 00
> 10-20: 04:34:36:312:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 04:34:36:312:268 7e34f701
> 10-20: 04:34:36:312:268 Not storing My cert chain in SA.
> 10-20: 04:34:36:312:268 MM ID Type 9
> 10-20: 04:34:36:312:268 MM ID 3061310b300906035504061302555331
> 10-20: 04:34:36:312:268 0d300b060355040b130445786563310d
> 10-20: 04:34:36:312:268 300b060355040b1304436f6e73310c30
> 10-20: 04:34:36:312:268 0a060355040b1303456e67310e300c06
> 10-20: 04:34:36:312:268 0355040a130541746c61733116301406
> 10-20: 04:34:36:312:268 03550403130d6a6f686e2e73756c6c69
> 10-20: 04:34:36:312:268 76616e
> 10-20: 04:34:36:312:268 constructing CERT
> 10-20: 04:34:36:312:268 Construct SIG
> 10-20: 04:34:36:328:268 Constructing Cert Request
> 10-20: 04:34:36:328:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 04:34:36:328:268
> 10-20: 04:34:36:328:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 2.4500
> 10-20: 04:34:36:328:268 ISAKMP Header: (V1.0), len = 1188
> 10-20: 04:34:36:328:268 I-COOKIE 989a0f9d8b2d115c
> 10-20: 04:34:36:328:268 R-COOKIE 6e1470b16d168b03
> 10-20: 04:34:36:328:268 exchange: Oakley Main Mode
> 10-20: 04:34:36:328:268 flags: 1 ( encrypted )
> 10-20: 04:34:36:328:268 next payload: ID
> 10-20: 04:34:36:328:268 message ID: 00000000
> 10-20: 04:34:36:328:268 Ports S:9411 D:9411
> 10-20: 04:34:36:328:268
> 10-20: 04:34:36:328:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.4500
> 10-20: 04:34:36:328:268 ISAKMP Header: (V1.0), len = 1036
> 10-20: 04:34:36:328:268 I-COOKIE 989a0f9d8b2d115c
> 10-20: 04:34:36:328:268 R-COOKIE 6e1470b16d168b03
> 10-20: 04:34:36:328:268 exchange: Oakley Main Mode
> 10-20: 04:34:36:328:268 flags: 1 ( encrypted )
> 10-20: 04:34:36:328:268 next payload: ID
> 10-20: 04:34:36:328:268 message ID: 00000000
> 10-20: 04:34:36:328:268 processing payload ID
> 10-20: 04:34:36:328:268 processing payload CERT
> 10-20: 04:34:36:328:268 processing payload SIG
> 10-20: 04:34:36:328:268 Verifying CertStore
> 10-20: 04:34:36:328:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 04:34:36:328:268 Cert Serialnumber 31
> 10-20: 04:34:36:328:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 04:34:36:328:268 810b3d66
> 10-20: 04:34:36:328:268 Cert Trustes. 0 100
> 10-20: 04:34:36:328:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 04:34:36:328:268 Cert Serialnumber 31
> 10-20: 04:34:36:328:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 04:34:36:328:268 810b3d66
> 10-20: 04:34:36:328:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 04:34:36:328:268 Cert Serialnumber 00
> 10-20: 04:34:36:328:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 04:34:36:328:268 7e34f701
> 10-20: 04:34:36:328:268 Not storing Peer's cert chain in SA.
> 10-20: 04:34:36:328:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 04:34:36:328:268 810b3d66
> 10-20: 04:34:36:328:268 Entered CRL check
> 10-20: 04:34:36:343:268 Left CRL check
> 10-20: 04:34:36:343:268 Signature validated
> 10-20: 04:34:36:343:268 ClearFragList
> 10-20: 04:34:36:343:268 MM established. SA: 0011DAD0
> 10-20: 04:34:36:343:268 QM PolicyName: x4
> {e461b6aa-60fd-4442-a2ab-673ed8751641} dwFlags 1
> 10-20: 04:34:36:343:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
> 10-20: 04:34:36:343:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
> 10-20: 04:34:36:343:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 04:34:36:343:268 GetSpi: src = 0.0.0.0.0000, dst =
> 192.168.223.15.0000, proto = 00, context = 0000000A, srcMask = 0.0.0.0,
> destMask = 255.255.255.255, TunnelFilter 1
> 10-20: 04:34:36:343:268 Setting SPI 1127425367
> 10-20: 04:34:36:343:268 constructing ISAKMP Header
> 10-20: 04:34:36:343:268 constructing HASH (null)
> 10-20: 04:34:36:343:268 constructing SA (IPSEC)
> 10-20: 04:34:36:343:268 constructing QM KE
> 10-20: 04:34:36:375:268 constructing NONCE (IPSEC)
> 10-20: 04:34:36:375:268 constructing ID (proxy)
> 10-20: 04:34:36:375:268 constructing ID (proxy)
> 10-20: 04:34:36:375:268 constructing HASH (QM)
> 10-20: 04:34:36:375:268
> 10-20: 04:34:36:375:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 2.4500
> 10-20: 04:34:36:375:268 ISAKMP Header: (V1.0), len = 284
> 10-20: 04:34:36:375:268 I-COOKIE 989a0f9d8b2d115c
> 10-20: 04:34:36:375:268 R-COOKIE 6e1470b16d168b03
> 10-20: 04:34:36:375:268 exchange: Oakley Quick Mode
> 10-20: 04:34:36:375:268 flags: 1 ( encrypted )
> 10-20: 04:34:36:375:268 next payload: HASH
> 10-20: 04:34:36:375:268 message ID: 424c5d42
> 10-20: 04:34:36:375:268 Ports S:9411 D:9411
> 10-20: 04:34:36:375:268
> 10-20: 04:34:36:375:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.4500
> 10-20: 04:34:36:375:268 ISAKMP Header: (V1.0), len = 276
> 10-20: 04:34:36:375:268 I-COOKIE 989a0f9d8b2d115c
> 10-20: 04:34:36:375:268 R-COOKIE 6e1470b16d168b03
> 10-20: 04:34:36:375:268 exchange: Oakley Quick Mode
> 10-20: 04:34:36:375:268 flags: 1 ( encrypted )
> 10-20: 04:34:36:375:268 next payload: HASH
> 10-20: 04:34:36:375:268 message ID: 424c5d42
> 10-20: 04:34:36:375:268 processing HASH (QM)
> 10-20: 04:34:36:375:268 ClearFragList
> 10-20: 04:34:36:375:268 processing payload NONCE
> 10-20: 04:34:36:375:268 processing payload KE
> 10-20: 04:34:36:375:268 Quick Mode KE processed; Saved KE data
> 10-20: 04:34:36:375:268 processing payload ID
> 10-20: 04:34:36:375:268 processing payload ID
> 10-20: 04:34:36:375:268 processing payload SA
> 10-20: 04:34:36:375:268 Negotiated Proxy ID: Src 192.168.223.15.0 Dst
> 0.0.0.0.0
> 10-20: 04:34:36:375:268 Dst id for subnet. Mask 0.0.0.0
> 10-20: 04:34:36:375:268 Checking Proposal 1: Proto= ESP(3), num trans=1
> Next=0
> 10-20: 04:34:36:375:268 Checking Transform # 1: ID=Triple DES CBC(3)
> 10-20: 04:34:36:375:268 tunnel mode is 61443(61443)
> 10-20: 04:34:36:375:268 HMAC algorithm is SHA(2)
> 10-20: 04:34:36:375:268 group description for PFS is 2
> 10-20: 04:34:36:375:268 Phase 2 SA accepted: proposal=1 transform=1
> 10-20: 04:34:36:390:268 constructing ISAKMP Header
> 10-20: 04:34:36:390:268 constructing HASH (QM)
> 10-20: 04:34:36:390:268 Adding QMs: src = 192.168.223.15.0000, dst =
> 0.0.0.0.0000, proto = 00, context = 0000000A, my tunnel =
> 192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
> 0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 281 Direction 2
> EncapType 3
> 10-20: 04:34:36:390:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 04:34:36:390:268 Algo[0] MySpi: 1127425367 PeerSpi: 1768772270
> 10-20: 04:34:36:390:268 Encap Ports Src 4500 Dst 4500
> 10-20: 04:34:36:390:268 Skipping Outbound SA add
> 10-20: 04:34:36:390:268 Adding QMs: src = 192.168.223.15.0000, dst =
> 0.0.0.0.0000, proto = 00, context = 0000000A, my tunnel =
> 192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
> 0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 281 Direction 3
> EncapType 3
> 10-20: 04:34:36:390:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 04:34:36:390:268 Algo[0] MySpi: 1127425367 PeerSpi: 1768772270
> 10-20: 04:34:36:390:268 Encap Ports Src 4500 Dst 4500
> 10-20: 04:34:36:390:268 Skipping Inbound SA add
> 10-20: 04:34:36:390:268 Leaving adjust_peer_list entry 000CF870 MMCount
> 0 QMCount 1
> 10-20: 04:34:36:390:268 isadb_set_status sa:0011DAD0 centry:000E6DC8
> status 0
> 10-20: 04:34:36:390:268
> 10-20: 04:34:36:390:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 4.4500
> 10-20: 04:34:36:390:268 ISAKMP Header: (V1.0), len = 52
> 10-20: 04:34:36:390:268 I-COOKIE 989a0f9d8b2d115c
> 10-20: 04:34:36:390:268 R-COOKIE 6e1470b16d168b03
> 10-20: 04:34:36:390:268 exchange: Oakley Quick Mode
> 10-20: 04:34:36:390:268 flags: 1 ( encrypted )
> 10-20: 04:34:36:390:268 next payload: HASH
> 10-20: 04:34:36:390:268 message ID: 424c5d42
> 10-20: 04:34:36:390:268 Ports S:9411 D:9411
> 10-20: 04:35:36:406:268 CE Dead. sa:0011DAD0 ce:000E6DC8 status:35ef
> 10-20: 04:37:05:765:268
> 10-20: 04:37:05:781:268 Receive: (get) SA = 0x00000000 from
> x.x.x.187.500
> 10-20: 04:37:05:781:268 ISAKMP Header: (V1.0), len = 292
> 10-20: 04:37:05:781:268 I-COOKIE 153d4973a327f835
> 10-20: 04:37:05:781:268 R-COOKIE 0000000000000000
> 10-20: 04:37:05:781:268 exchange: Oakley Main Mode
> 10-20: 04:37:05:781:268 flags: 0
> 10-20: 04:37:05:781:268 next payload: SA
> 10-20: 04:37:05:781:268 message ID: 00000000
> 10-20: 04:37:05:781:268 Filter to match: Src x.x.x.187 Dst
> 192.168.223.15
> 10-20: 04:37:05:781:268 MM PolicyName: 5
> 10-20: 04:37:05:781:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
> 10-20: 04:37:05:781:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
> 10-20: 04:37:05:781:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
> 10-20: 04:37:05:781:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
> CN=NiagaraCA AuthFlags 0
> 10-20: 04:37:05:781:268 Responding with new SA e86b8
> 10-20: 04:37:05:781:268 processing payload SA
> 10-20: 04:37:05:781:268 Received Phase 1 Transform 0
> 10-20: 04:37:05:781:268 Life type in Seconds
> 10-20: 04:37:05:781:268 Life duration of 28800
> 10-20: 04:37:05:781:268 Encryption Alg Triple DES CBC(5)
> 10-20: 04:37:05:781:268 Hash Alg MD5(1)
> 10-20: 04:37:05:781:268 Auth Method RSA Signature with
> Certificates(3)
> 10-20: 04:37:05:781:268 Oakley Group 5
> 10-20: 04:37:05:781:268 Received Phase 1 Transform 1
> 10-20: 04:37:05:781:268 Life type in Seconds
> 10-20: 04:37:05:781:268 Life duration of 28800
> 10-20: 04:37:05:781:268 Encryption Alg Triple DES CBC(5)
> 10-20: 04:37:05:781:268 Hash Alg SHA(2)
> 10-20: 04:37:05:781:268 Auth Method RSA Signature with
> Certificates(3)
> 10-20: 04:37:05:781:268 Oakley Group 5
> 10-20: 04:37:05:781:268 Received Phase 1 Transform 2
> 10-20: 04:37:05:781:268 Life type in Seconds
> 10-20: 04:37:05:781:268 Life duration of 28800
> 10-20: 04:37:05:781:268 Encryption Alg Triple DES CBC(5)
> 10-20: 04:37:05:781:268 Hash Alg SHA(2)
> 10-20: 04:37:05:781:268 Auth Method RSA Signature with
> Certificates(3)
> 10-20: 04:37:05:781:268 Oakley Group 2
> 10-20: 04:37:05:781:268 Received Phase 1 Transform 3
> 10-20: 04:37:05:781:268 Life type in Seconds
> 10-20: 04:37:05:781:268 Life duration of 28800
> 10-20: 04:37:05:781:268 Encryption Alg Triple DES CBC(5)
> 10-20: 04:37:05:781:268 Hash Alg MD5(1)
> 10-20: 04:37:05:781:268 Auth Method RSA Signature with
> Certificates(3)
> 10-20: 04:37:05:781:268 Oakley Group 2
> 10-20: 04:37:05:781:268 Phase 1 SA accepted: transform=3
> 10-20: 04:37:05:781:268 SA - Oakley proposal accepted
> 10-20: 04:37:05:781:268 processing payload VENDOR ID
> 10-20: 04:37:05:781:268 processing payload VENDOR ID
> 10-20: 04:37:05:781:268 processing payload VENDOR ID
> 10-20: 04:37:05:781:268 processing payload VENDOR ID
> 10-20: 04:37:05:781:268 processing payload VENDOR ID
> 10-20: 04:37:05:781:268 processing payload VENDOR ID
> 10-20: 04:37:05:781:268 ClearFragList
> 10-20: 04:37:05:781:268 constructing ISAKMP Header
> 10-20: 04:37:05:781:268 constructing SA (ISAKMP)
> 10-20: 04:37:05:781:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
> 10-20: 04:37:05:781:268 Constructing Vendor FRAGMENTATION
> 10-20: 04:37:05:781:268 Constructing Vendor
> draft-ietf-ipsec-nat-t-ike-02
> 10-20: 04:37:05:781:268
> 10-20: 04:37:05:781:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
> 10-20: 04:37:05:781:268 ISAKMP Header: (V1.0), len = 148
> 10-20: 04:37:05:781:268 I-COOKIE 153d4973a327f835
> 10-20: 04:37:05:781:268 R-COOKIE bbabc5f38bdf113d
> 10-20: 04:37:05:781:268 exchange: Oakley Main Mode
> 10-20: 04:37:05:781:268 flags: 0
> 10-20: 04:37:05:781:268 next payload: SA
> 10-20: 04:37:05:781:268 message ID: 00000000
> 10-20: 04:37:05:781:268 Ports S:f401 D:f401
> 10-20: 04:37:05:781:268
> 10-20: 04:37:05:781:268 Receive: (get) SA = 0x000e86b8 from
> x.x.x.187.500
> 10-20: 04:37:05:781:268 ISAKMP Header: (V1.0), len = 228
> 10-20: 04:37:05:781:268 I-COOKIE 153d4973a327f835
> 10-20: 04:37:05:781:268 R-COOKIE bbabc5f38bdf113d
> 10-20: 04:37:05:781:268 exchange: Oakley Main Mode
> 10-20: 04:37:05:781:268 flags: 0
> 10-20: 04:37:05:781:268 next payload: KE
> 10-20: 04:37:05:781:268 message ID: 00000000
> 10-20: 04:37:05:781:268 processing payload KE
> 10-20: 04:37:05:828:268 processing payload NONCE
> 10-20: 04:37:05:828:268 ClearFragList
> 10-20: 04:37:05:828:268 constructing ISAKMP Header
> 10-20: 04:37:05:828:268 constructing KE
> 10-20: 04:37:05:828:268 constructing NONCE (ISAKMP)
> 10-20: 04:37:05:828:268 Constructing Cert Request
> 10-20: 04:37:05:828:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 04:37:05:828:268
> 10-20: 04:37:05:828:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
> 10-20: 04:37:05:828:268 ISAKMP Header: (V1.0), len = 254
> 10-20: 04:37:05:828:268 I-COOKIE 153d4973a327f835
> 10-20: 04:37:05:828:268 R-COOKIE bbabc5f38bdf113d
> 10-20: 04:37:05:828:268 exchange: Oakley Main Mode
> 10-20: 04:37:05:828:268 flags: 0
> 10-20: 04:37:05:828:268 next payload: KE
> 10-20: 04:37:05:828:268 message ID: 00000000
> 10-20: 04:37:05:828:268 Ports S:f401 D:f401
> 10-20: 04:37:05:828:268
> 10-20: 04:37:05:828:268 Receive: (get) SA = 0x000e86b8 from
> x.x.x.187.500
> 10-20: 04:37:05:828:268 ISAKMP Header: (V1.0), len = 1044
> 10-20: 04:37:05:828:268 I-COOKIE 153d4973a327f835
> 10-20: 04:37:05:828:268 R-COOKIE bbabc5f38bdf113d
> 10-20: 04:37:05:828:268 exchange: Oakley Main Mode
> 10-20: 04:37:05:828:268 flags: 1 ( encrypted )
> 10-20: 04:37:05:828:268 next payload: ID
> 10-20: 04:37:05:828:268 message ID: 00000000
> 10-20: 04:37:05:828:268 processing payload ID
> 10-20: 04:37:05:828:268 processing payload CERT
> 10-20: 04:37:05:828:268 processing payload CRP
> 10-20: 04:37:05:828:268 processing payload SIG
> 10-20: 04:37:05:828:268 Verifying CertStore
> 10-20: 04:37:05:828:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 04:37:05:828:268 Cert Serialnumber 31
> 10-20: 04:37:05:828:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 04:37:05:828:268 810b3d66
> 10-20: 04:37:05:828:268 Cert Trustes. 0 100
> 10-20: 04:37:05:828:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 04:37:05:828:268 Cert Serialnumber 31
> 10-20: 04:37:05:828:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 04:37:05:828:268 810b3d66
> 10-20: 04:37:05:828:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 04:37:05:828:268 Cert Serialnumber 00
> 10-20: 04:37:05:828:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 04:37:05:828:268 7e34f701
> 10-20: 04:37:05:828:268 Not storing Peer's cert chain in SA.
> 10-20: 04:37:05:828:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 04:37:05:828:268 810b3d66
> 10-20: 04:37:05:828:268 Entered CRL check
> 10-20: 04:37:05:843:268 Left CRL check
> 10-20: 04:37:05:843:268 Signature validated
> 10-20: 04:37:05:843:268 ClearFragList
> 10-20: 04:37:05:843:268 constructing ISAKMP Header
> 10-20: 04:37:05:843:268 constructing ID
> 10-20: 04:37:05:843:268 Received no valid CRPs. Using all configured
> 10-20: 04:37:05:843:268 Looking for IPSec only cert
> 10-20: 04:37:05:843:268 failed to get chain 80092004
> 10-20: 04:37:05:843:268 Looking for any cert
> 10-20: 04:37:05:843:268 Cert Trustes. 0 100
> 10-20: 04:37:05:843:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 04:37:05:843:268 6fb09c33
> 10-20: 04:37:05:843:268 Entered CRL check
> 10-20: 04:37:05:843:268 Left CRL check
> 10-20: 04:37:05:843:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 04:37:05:843:268 6fb09c33
> 10-20: 04:37:05:843:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
> O=Atlas, CN=john.sullivan
> 10-20: 04:37:05:843:268 Cert Serialnumber 32
> 10-20: 04:37:05:843:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 04:37:05:843:268 6fb09c33
> 10-20: 04:37:05:843:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 04:37:05:843:268 Cert Serialnumber 00
> 10-20: 04:37:05:843:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 04:37:05:843:268 7e34f701
> 10-20: 04:37:05:843:268 Not storing My cert chain in SA.
> 10-20: 04:37:05:843:268 MM ID Type 9
> 10-20: 04:37:05:843:268 MM ID 3061310b300906035504061302555331
> 10-20: 04:37:05:843:268 0d300b060355040b130445786563310d
> 10-20: 04:37:05:843:268 300b060355040b1304436f6e73310c30
> 10-20: 04:37:05:843:268 0a060355040b1303456e67310e300c06
> 10-20: 04:37:05:843:268 0355040a130541746c61733116301406
> 10-20: 04:37:05:843:268 03550403130d6a6f686e2e73756c6c69
> 10-20: 04:37:05:843:268 76616e
> 10-20: 04:37:05:843:268 constructing CERT
> 10-20: 04:37:05:843:268 Construct SIG
> 10-20: 04:37:05:843:268 MM established. SA: 000E86B8
> 10-20: 04:37:05:843:268
> 10-20: 04:37:05:843:268 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
> 10-20: 04:37:05:843:268 ISAKMP Header: (V1.0), len = 1116
> 10-20: 04:37:05:843:268 I-COOKIE 153d4973a327f835
> 10-20: 04:37:05:843:268 R-COOKIE bbabc5f38bdf113d
> 10-20: 04:37:05:843:268 exchange: Oakley Main Mode
> 10-20: 04:37:05:843:268 flags: 1 ( encrypted )
> 10-20: 04:37:05:843:268 next payload: ID
> 10-20: 04:37:05:843:268 message ID: 00000000
> 10-20: 04:37:05:843:268 Ports S:f401 D:f401
> 10-20: 04:37:07:31:7f0 retransmit: sa = 000E86B8 centry 00000000 , count
> = 1
> 10-20: 04:37:07:687:7f0
> 10-20: 04:37:07:687:7f0 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
> 10-20: 04:37:07:687:7f0 ISAKMP Header: (V1.0), len = 1116
> 10-20: 04:37:07:687:7f0 I-COOKIE 153d4973a327f835
> 10-20: 04:37:07:687:7f0 R-COOKIE bbabc5f38bdf113d
> 10-20: 04:37:07:687:7f0 exchange: Oakley Main Mode
> 10-20: 04:37:07:687:7f0 flags: 1 ( encrypted )
> 10-20: 04:37:07:687:7f0 next payload: ID
> 10-20: 04:37:07:687:7f0 message ID: 00000000
> 10-20: 04:37:07:687:7f0 Ports S:f401 D:f401
> 10-20: 04:37:10:31:7f0 retransmit: sa = 000E86B8 centry 00000000 , count
> = 2
> 10-20: 04:37:10:31:7f0
> 10-20: 04:37:10:31:7f0 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
> 10-20: 04:37:10:31:7f0 ISAKMP Header: (V1.0), len = 1116
> 10-20: 04:37:10:31:7f0 I-COOKIE 153d4973a327f835
> 10-20: 04:37:10:31:7f0 R-COOKIE bbabc5f38bdf113d
> 10-20: 04:37:10:31:7f0 exchange: Oakley Main Mode
> 10-20: 04:37:10:31:7f0 flags: 1 ( encrypted )
> 10-20: 04:37:10:31:7f0 next payload: ID
> 10-20: 04:37:10:31:7f0 message ID: 00000000
> 10-20: 04:37:10:31:7f0 Ports S:f401 D:f401
> 10-20: 04:37:14:31:7f0 retransmit: sa = 000E86B8 centry 00000000 , count
> = 3
> 10-20: 04:37:14:31:7f0
> 10-20: 04:37:14:31:7f0 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
> 10-20: 04:37:14:31:7f0 ISAKMP Header: (V1.0), len = 1116
> 10-20: 04:37:14:31:7f0 I-COOKIE 153d4973a327f835
> 10-20: 04:37:14:31:7f0 R-COOKIE bbabc5f38bdf113d
> 10-20: 04:37:14:31:7f0 exchange: Oakley Main Mode
> 10-20: 04:37:14:31:7f0 flags: 1 ( encrypted )
> 10-20: 04:37:14:31:7f0 next payload: ID
> 10-20: 04:37:14:31:7f0 message ID: 00000000
> 10-20: 04:37:14:31:7f0 Ports S:f401 D:f401
> 10-20: 04:37:22:31:7f0 retransmit: sa = 000E86B8 centry 00000000 , count
> = 4
> 10-20: 04:37:22:31:7f0
> 10-20: 04:37:22:31:7f0 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
> 10-20: 04:37:22:31:7f0 ISAKMP Header: (V1.0), len = 1116
> 10-20: 04:37:22:31:7f0 I-COOKIE 153d4973a327f835
> 10-20: 04:37:22:31:7f0 R-COOKIE bbabc5f38bdf113d
> 10-20: 04:37:22:31:7f0 exchange: Oakley Main Mode
> 10-20: 04:37:22:31:7f0 flags: 1 ( encrypted )
> 10-20: 04:37:22:31:7f0 next payload: ID
> 10-20: 04:37:22:31:7f0 message ID: 00000000
> 10-20: 04:37:22:31:7f0 Ports S:f401 D:f401
> 10-20: 04:37:37:812:268 Peer List Entry 000CF870
> 10-20: 04:37:38:31:7f0 retransmit: sa = 000E86B8 centry 00000000 , count
> = 5
> 10-20: 04:37:38:62:7f0
> 10-20: 04:37:38:62:7f0 Sending: SA = 0x000E86B8 to x.x.x.187:Type 2.500
> 10-20: 04:37:38:62:7f0 ISAKMP Header: (V1.0), len = 1116
> 10-20: 04:37:38:62:7f0 I-COOKIE 153d4973a327f835
> 10-20: 04:37:38:62:7f0 R-COOKIE bbabc5f38bdf113d
> 10-20: 04:37:38:62:7f0 exchange: Oakley Main Mode
> 10-20: 04:37:38:62:7f0 flags: 1 ( encrypted )
> 10-20: 04:37:38:62:7f0 next payload: ID
> 10-20: 04:37:38:62:7f0 message ID: 00000000
> 10-20: 04:37:38:62:7f0 Ports S:f401 D:f401
> 10-20: 04:38:10:31:7f0 retransmit exhausted: sa = 000E86B8 centry
> 00000000, count = 6
> 10-20: 04:38:10:31:7f0 SA Dead. sa:000E86B8 status:35ed
> 10-20: 04:38:10:31:7f0 isadb_set_status sa:000E86B8 centry:00000000
> status 35ed
> 10-20: 04:38:10:31:7f0 constructing ISAKMP Header
> 10-20: 04:38:10:31:7f0 constructing HASH (null)
> 10-20: 04:38:10:31:7f0 constructing DELETE. MM 000E86B8
> 10-20: 04:38:10:31:7f0 constructing HASH (Notify/Delete)
> 10-20: 04:38:10:31:7f0 Not setting retransmit to downlevel client. SA
> 000E86B8 Centry 00000000
> 10-20: 04:38:10:31:7f0
> 10-20: 04:38:10:31:7f0 Sending: SA = 0x000E86B8 to x.x.x.187:Type 1.500
> 10-20: 04:38:10:31:7f0 ISAKMP Header: (V1.0), len = 84
> 10-20: 04:38:10:31:7f0 I-COOKIE 153d4973a327f835
> 10-20: 04:38:10:31:7f0 R-COOKIE bbabc5f38bdf113d
> 10-20: 04:38:10:31:7f0 exchange: ISAKMP Informational Exchange
> 10-20: 04:38:10:31:7f0 flags: 1 ( encrypted )
> 10-20: 04:38:10:31:7f0 next payload: HASH
> 10-20: 04:38:10:31:7f0 message ID: a771f5b5
> 10-20: 04:38:10:31:7f0 Ports S:f401 D:f401
> 10-20: 04:38:10:31:268
> 10-20: 04:38:10:31:268 Receive: (get) SA = 0x000e86b8 from x.x.x.187.500
> 10-20: 04:38:10:31:268 ISAKMP Header: (V1.0), len = 84
> 10-20: 04:38:10:31:268 I-COOKIE 153d4973a327f835
> 10-20: 04:38:10:31:268 R-COOKIE bbabc5f38bdf113d
> 10-20: 04:38:10:31:268 exchange: ISAKMP Informational Exchange
> 10-20: 04:38:10:31:268 flags: 1 ( encrypted )
> 10-20: 04:38:10:31:268 next payload: HASH
> 10-20: 04:38:10:31:268 message ID: 60f90491
> 10-20: 04:38:10:31:268 processing HASH (Notify/Delete)
> 10-20: 04:38:10:31:268 processing payload DELETE
> 10-20: 04:38:22:812:268 ClearFragList
> 10-20: 04:38:36:375:268 Expire_sa SA=11dad0
> 10-20: 04:38:36:375:268 SA Dead. sa:0011DAD0 status:35ef
> 10-20: 04:38:36:375:268 isadb_set_status sa:0011DAD0 centry:00000000
> status 35ef
> 10-20: 04:38:36:375:268 constructing ISAKMP Header
> 10-20: 04:38:36:375:268 constructing HASH (null)
> 10-20: 04:38:36:375:268 constructing DELETE. MM 0011DAD0
> 10-20: 04:38:36:375:268 constructing HASH (Notify/Delete)
> 10-20: 04:38:36:375:268 Not setting retransmit to downlevel client. SA
> 0011DAD0 Centry 00000000
> 10-20: 04:38:36:375:268
> 10-20: 04:38:36:375:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 1.4500
> 10-20: 04:38:36:375:268 ISAKMP Header: (V1.0), len = 84
> 10-20: 04:38:36:375:268 I-COOKIE 989a0f9d8b2d115c
> 10-20: 04:38:36:375:268 R-COOKIE 6e1470b16d168b03
> 10-20: 04:38:36:375:268 exchange: ISAKMP Informational Exchange
> 10-20: 04:38:36:375:268 flags: 1 ( encrypted )
> 10-20: 04:38:36:375:268 next payload: HASH
> 10-20: 04:38:36:375:268 message ID: d6da9785
> 10-20: 04:38:36:375:268 Ports S:9411 D:9411
> 10-20: 04:38:36:375:268
> 10-20: 04:38:36:375:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.4500
> 10-20: 04:38:36:375:268 ISAKMP Header: (V1.0), len = 84
> 10-20: 04:38:36:375:268 I-COOKIE 989a0f9d8b2d115c
> 10-20: 04:38:36:375:268 R-COOKIE 6e1470b16d168b03
> 10-20: 04:38:36:375:268 exchange: ISAKMP Informational Exchange
> 10-20: 04:38:36:375:268 flags: 1 ( encrypted )
> 10-20: 04:38:36:375:268 next payload: HASH
> 10-20: 04:38:36:375:268 message ID: cc986f1e
> 10-20: 04:38:36:375:268 processing HASH (Notify/Delete)
> 10-20: 04:38:36:375:268 processing payload DELETE
> 10-20: 04:41:22:828:268 Peer List Entry 000CF870
> 10-20: 04:45:07:843:268 Peer List Entry 000CF870
> 10-20: 04:48:52:843:268 Peer List Entry 000CF870
> 10-20: 04:52:37:843:268 Peer List Entry 000CF870
> 10-20: 04:55:35:984:784 isadb_schedule_kill_oldPolicy_sas:
> 23738551-6d03-4229-93aa9ae81f7420c4 4
> 10-20: 04:55:35:984:784 isadb_schedule_kill_oldPolicy_sas:
> f5f72e1d-b374-4435-a0cbb741502c10c4 4
> 10-20: 04:55:35:984:784 isadb_schedule_kill_oldPolicy_sas:
> b9b73f84-d984-444f-ae02442c49997431 3
> 10-20: 04:55:35:984:784 isadb_schedule_kill_oldPolicy_sas:
> 98d3d3af-2725-4c09-960aeebd2824140d 3
> 10-20: 04:55:35:984:784 isadb_schedule_kill_oldPolicy_sas:
> 0a95bfd7-070a-4ec4-b1adb68de913c0d1 1
> 10-20: 04:55:35:984:268 QM Deleted. Notify from driver: Src
> 192.168.223.15 Dest 0.0.0.0 InSPI 1127425367 OutSpi 1768772270 Tunnel
> bbfb4b18 TunnelFilter 0
> 10-20: 04:55:35:984:268 Leaving adjust_peer_list entry 000CF870 MMCount
> 0 QMCount 0
> 10-20: 04:55:35:984:268 constructing ISAKMP Header
> 10-20: 04:55:35:984:268 constructing HASH (null)
> 10-20: 04:55:35:984:268 Construct QM Delete Spi 1127425367
> 10-20: 04:55:35:984:268 constructing HASH (Notify/Delete)
> 10-20: 04:55:35:984:268 Not setting retransmit to downlevel client. SA
> 0011DAD0 Centry 00000000
> 10-20: 04:55:35:984:268
> 10-20: 04:55:35:984:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 1.4500
> 10-20: 04:55:35:984:268 ISAKMP Header: (V1.0), len = 68
> 10-20: 04:55:35:984:268 I-COOKIE 989a0f9d8b2d115c
> 10-20: 04:55:35:984:268 R-COOKIE 6e1470b16d168b03
> 10-20: 04:55:35:984:268 exchange: ISAKMP Informational Exchange
> 10-20: 04:55:35:984:268 flags: 1 ( encrypted )
> 10-20: 04:55:35:984:268 next payload: HASH
> 10-20: 04:55:35:984:268 message ID: db39b784
> 10-20: 04:55:35:984:268 Ports S:9411 D:9411
> 10-20: 04:55:35:984:268 PrivatePeerAddr 0
> 10-20: 04:55:35:984:784 isadb_schedule_kill_oldPolicy_sas:
> e461b6aa-60fd-4442-a2ab673ed8751641 2
> 10-20: 04:55:36:0:268 entered kill_old_policy_sas 4
> 10-20: 04:55:36:0:268 entered kill_old_policy_sas 4
> 10-20: 04:55:36:0:268 entered kill_old_policy_sas 3
> 10-20: 04:55:36:0:268 entered kill_old_policy_sas 3
> 10-20: 04:55:36:0:268 entered kill_old_policy_sas 1
> 10-20: 04:55:36:0:268 entered kill_old_policy_sas 2
> 10-20: 04:55:37:859:268 ClearFragList
> 10-20: 04:55:38:203:7e8 Acquire from driver: op=0000000B
> src=192.168.223.15.0 dst=10.1.1.36.0 proto = 0, SrcMask=255.255.255.255,
> DstMask=0.0.0.0, Tunnel 1, TunnelEndpt=x.x.x.187 Inbound
> TunnelEndpt=192.168.223.15
> 10-20: 04:55:38:203:268 Filter to match: Src x.x.x.187 Dst
> 192.168.223.15
> 10-20: 04:55:38:203:268 MM PolicyName: 6
> 10-20: 04:55:38:203:268 MMPolicy dwFlags 2 SoftSAExpireTime 300
> 10-20: 04:55:38:203:268 MMOffer[0] LifetimeSec 300 QMLimit 0 DHGroup 2
> 10-20: 04:55:38:203:268 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
> 10-20: 04:55:38:203:268 Auth[0]:RSA Sig C=US, O=Atlas, OU=PKI,
> CN=NiagaraCA AuthFlags 0
> 10-20: 04:55:38:203:268 QM PolicyName: x4
> {5a9ed79c-e716-459f-88f3-4888eaebd6b2} dwFlags 1
> 10-20: 04:55:38:203:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
> 10-20: 04:55:38:203:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
> 10-20: 04:55:38:203:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 04:55:38:203:268 Starting Negotiation: src = 192.168.223.15.0500,
> dst = x.x.x.187.0500, proto = 00, context = 0000000B, ProxySrc =
> 192.168.223.15.0000, ProxyDst = 0.0.0.0.0000 SrcMask = 255.255.255.255
> DstMask = 0.0.0.0
> 10-20: 04:55:38:203:268 constructing ISAKMP Header
> 10-20: 04:55:38:203:268 constructing SA (ISAKMP)
> 10-20: 04:55:38:203:268 Constructing Vendor MS NT5 ISAKMPOAKLEY
> 10-20: 04:55:38:203:268 Constructing Vendor FRAGMENTATION
> 10-20: 04:55:38:203:268 Constructing Vendor
> draft-ietf-ipsec-nat-t-ike-02
> 10-20: 04:55:38:203:268 Constructing Vendor Vid-Initial-Contact
> 10-20: 04:55:38:203:268
> 10-20: 04:55:38:203:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
> 10-20: 04:55:38:203:268 ISAKMP Header: (V1.0), len = 168
> 10-20: 04:55:38:203:268 I-COOKIE 39cb29bc833401b6
> 10-20: 04:55:38:203:268 R-COOKIE 0000000000000000
> 10-20: 04:55:38:203:268 exchange: Oakley Main Mode
> 10-20: 04:55:38:203:268 flags: 0
> 10-20: 04:55:38:203:268 next payload: SA
> 10-20: 04:55:38:203:268 message ID: 00000000
> 10-20: 04:55:38:203:268 Ports S:f401 D:f401
> 10-20: 04:55:38:203:268
> 10-20: 04:55:38:203:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.500
> 10-20: 04:55:38:203:268 ISAKMP Header: (V1.0), len = 140
> 10-20: 04:55:38:203:268 I-COOKIE 39cb29bc833401b6
> 10-20: 04:55:38:203:268 R-COOKIE ae20b66308240023
> 10-20: 04:55:38:203:268 exchange: Oakley Main Mode
> 10-20: 04:55:38:203:268 flags: 0
> 10-20: 04:55:38:203:268 next payload: SA
> 10-20: 04:55:38:203:268 message ID: 00000000
> 10-20: 04:55:38:203:268 processing payload SA
> 10-20: 04:55:38:203:268 Received Phase 1 Transform 1
> 10-20: 04:55:38:203:268 Encryption Alg Triple DES CBC(5)
> 10-20: 04:55:38:203:268 Hash Alg SHA(2)
> 10-20: 04:55:38:203:268 Oakley Group 2
> 10-20: 04:55:38:203:268 Auth Method RSA Signature with
> Certificates(3)
> 10-20: 04:55:38:203:268 Life type in Seconds
> 10-20: 04:55:38:203:268 Life duration of 300
> 10-20: 04:55:38:203:268 Phase 1 SA accepted: transform=1
> 10-20: 04:55:38:203:268 SA - Oakley proposal accepted
> 10-20: 04:55:38:203:268 processing payload VENDOR ID
> 10-20: 04:55:38:203:268 processing payload VENDOR ID
> 10-20: 04:55:38:203:268 processing payload VENDOR ID
> 10-20: 04:55:38:203:268 Received VendorId draft-ietf-ipsec-nat-t-ike-02
> 10-20: 04:55:38:203:268 ClearFragList
> 10-20: 04:55:38:203:268 constructing ISAKMP Header
> 10-20: 04:55:38:234:268 constructing KE
> 10-20: 04:55:38:234:268 constructing NONCE (ISAKMP)
> 10-20: 04:55:38:234:268 Constructing NatDisc
> 10-20: 04:55:38:234:268
> 10-20: 04:55:38:234:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type 2.500
> 10-20: 04:55:38:234:268 ISAKMP Header: (V1.0), len = 232
> 10-20: 04:55:38:234:268 I-COOKIE 39cb29bc833401b6
> 10-20: 04:55:38:234:268 R-COOKIE ae20b66308240023
> 10-20: 04:55:38:234:268 exchange: Oakley Main Mode
> 10-20: 04:55:38:234:268 flags: 0
> 10-20: 04:55:38:234:268 next payload: KE
> 10-20: 04:55:38:234:268 message ID: 00000000
> 10-20: 04:55:38:234:268 Ports S:f401 D:f401
> 10-20: 04:55:38:250:268
> 10-20: 04:55:38:250:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.500
> 10-20: 04:55:38:250:268 ISAKMP Header: (V1.0), len = 228
> 10-20: 04:55:38:250:268 I-COOKIE 39cb29bc833401b6
> 10-20: 04:55:38:250:268 R-COOKIE ae20b66308240023
> 10-20: 04:55:38:250:268 exchange: Oakley Main Mode
> 10-20: 04:55:38:250:268 flags: 0
> 10-20: 04:55:38:250:268 next payload: KE
> 10-20: 04:55:38:250:268 message ID: 00000000
> 10-20: 04:55:38:250:268 processing payload KE
> 10-20: 04:55:38:250:268 processing payload NONCE
> 10-20: 04:55:38:250:268 processing payload NATDISC
> 10-20: 04:55:38:250:268 Processing NatHash
> 10-20: 04:55:38:250:268 Nat hash b452e0c8c4f3aa37b52fae317f9d2076
> 10-20: 04:55:38:250:268 be416574
> 10-20: 04:55:38:250:268 SA StateMask2 1f
> 10-20: 04:55:38:250:268 processing payload NATDISC
> 10-20: 04:55:38:250:268 Processing NatHash
> 10-20: 04:55:38:250:268 Nat hash 8ddb76dcfbc78d67953170f246899f78
> 10-20: 04:55:38:250:268 7f82f831
> 10-20: 04:55:38:250:268 SA StateMask2 5f
> 10-20: 04:55:38:250:268 ClearFragList
> 10-20: 04:55:38:250:268 Peer behind NAT
> 10-20: 04:55:38:250:268 Floated Ports Orig Me:f401 Peer:f401
> 10-20: 04:55:38:250:268 Floated Ports Me:9411 Peer:9411
> 10-20: 04:55:38:250:268 constructing ISAKMP Header
> 10-20: 04:55:38:250:268 constructing ID
> 10-20: 04:55:38:265:268 Received no valid CRPs. Using all configured
> 10-20: 04:55:38:265:268 Looking for IPSec only cert
> 10-20: 04:55:38:265:268 failed to get chain 80092004
> 10-20: 04:55:38:265:268 Looking for any cert
> 10-20: 04:55:38:265:268 Cert Trustes. 0 100
> 10-20: 04:55:38:265:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 04:55:38:265:268 6fb09c33
> 10-20: 04:55:38:265:268 Entered CRL check
> 10-20: 04:55:38:265:268 Left CRL check
> 10-20: 04:55:38:265:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 04:55:38:265:268 6fb09c33
> 10-20: 04:55:38:265:268 SubjectName: C=US, OU=Exec, OU=Cons, OU=Eng,
> O=Atlas, CN=john.sullivan
> 10-20: 04:55:38:265:268 Cert Serialnumber 32
> 10-20: 04:55:38:265:268 Cert SHA Thumbprint
> 14d55b83f2c50204c7a1b0320403e877
> 10-20: 04:55:38:265:268 6fb09c33
> 10-20: 04:55:38:265:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 04:55:38:265:268 Cert Serialnumber 00
> 10-20: 04:55:38:265:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 04:55:38:265:268 7e34f701
> 10-20: 04:55:38:265:268 Not storing My cert chain in SA.
> 10-20: 04:55:38:265:268 MM ID Type 9
> 10-20: 04:55:38:265:268 MM ID 3061310b300906035504061302555331
> 10-20: 04:55:38:265:268 0d300b060355040b130445786563310d
> 10-20: 04:55:38:265:268 300b060355040b1304436f6e73310c30
> 10-20: 04:55:38:265:268 0a060355040b1303456e67310e300c06
> 10-20: 04:55:38:265:268 0355040a130541746c61733116301406
> 10-20: 04:55:38:265:268 03550403130d6a6f686e2e73756c6c69
> 10-20: 04:55:38:265:268 76616e
> 10-20: 04:55:38:265:268 constructing CERT
> 10-20: 04:55:38:265:268 Construct SIG
> 10-20: 04:55:38:265:268 Constructing Cert Request
> 10-20: 04:55:38:265:268 C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 04:55:38:265:268
> 10-20: 04:55:38:265:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 2.4500
> 10-20: 04:55:38:265:268 ISAKMP Header: (V1.0), len = 1188
> 10-20: 04:55:38:265:268 I-COOKIE 39cb29bc833401b6
> 10-20: 04:55:38:265:268 R-COOKIE ae20b66308240023
> 10-20: 04:55:38:265:268 exchange: Oakley Main Mode
> 10-20: 04:55:38:265:268 flags: 1 ( encrypted )
> 10-20: 04:55:38:265:268 next payload: ID
> 10-20: 04:55:38:265:268 message ID: 00000000
> 10-20: 04:55:38:265:268 Ports S:9411 D:9411
> 10-20: 04:55:38:281:268
> 10-20: 04:55:38:281:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.4500
> 10-20: 04:55:38:281:268 ISAKMP Header: (V1.0), len = 1036
> 10-20: 04:55:38:281:268 I-COOKIE 39cb29bc833401b6
> 10-20: 04:55:38:281:268 R-COOKIE ae20b66308240023
> 10-20: 04:55:38:281:268 exchange: Oakley Main Mode
> 10-20: 04:55:38:281:268 flags: 1 ( encrypted )
> 10-20: 04:55:38:281:268 next payload: ID
> 10-20: 04:55:38:281:268 message ID: 00000000
> 10-20: 04:55:38:281:268 processing payload ID
> 10-20: 04:55:38:281:268 processing payload CERT
> 10-20: 04:55:38:281:268 processing payload SIG
> 10-20: 04:55:38:281:268 Verifying CertStore
> 10-20: 04:55:38:281:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 04:55:38:281:268 Cert Serialnumber 31
> 10-20: 04:55:38:281:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 04:55:38:281:268 810b3d66
> 10-20: 04:55:38:281:268 Cert Trustes. 0 100
> 10-20: 04:55:38:281:268 SubjectName: C=US, O=Niagara, OU=VPNGateways,
> CN=NiagaraRASGW
> 10-20: 04:55:38:281:268 Cert Serialnumber 31
> 10-20: 04:55:38:281:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 04:55:38:281:268 810b3d66
> 10-20: 04:55:38:281:268 SubjectName: C=US, O=Atlas, OU=PKI, CN=NiagaraCA
> 10-20: 04:55:38:281:268 Cert Serialnumber 00
> 10-20: 04:55:38:281:268 Cert SHA Thumbprint
> cf0864544e576e1a7299910e43bcb892
> 10-20: 04:55:38:281:268 7e34f701
> 10-20: 04:55:38:281:268 Not storing Peer's cert chain in SA.
> 10-20: 04:55:38:281:268 Cert SHA Thumbprint
> 3db57eeadd06add8824b4cebda04e661
> 10-20: 04:55:38:281:268 810b3d66
> 10-20: 04:55:38:281:268 Entered CRL check
> 10-20: 04:55:38:281:268 Left CRL check
> 10-20: 04:55:38:281:268 Signature validated
> 10-20: 04:55:38:281:268 ClearFragList
> 10-20: 04:55:38:281:268 MM established. SA: 0011DAD0
> 10-20: 04:55:38:281:268 QM PolicyName: x4
> {5a9ed79c-e716-459f-88f3-4888eaebd6b2} dwFlags 1
> 10-20: 04:55:38:281:268 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
> 10-20: 04:55:38:281:268 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
> 10-20: 04:55:38:281:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 04:55:38:281:268 GetSpi: src = 0.0.0.0.0000, dst =
> 192.168.223.15.0000, proto = 00, context = 0000000B, srcMask = 0.0.0.0,
> destMask = 255.255.255.255, TunnelFilter 1
> 10-20: 04:55:38:281:268 Setting SPI 48541045
> 10-20: 04:55:38:281:268 constructing ISAKMP Header
> 10-20: 04:55:38:281:268 constructing HASH (null)
> 10-20: 04:55:38:281:268 constructing SA (IPSEC)
> 10-20: 04:55:38:281:268 constructing QM KE
> 10-20: 04:55:38:312:268 constructing NONCE (IPSEC)
> 10-20: 04:55:38:312:268 constructing ID (proxy)
> 10-20: 04:55:38:312:268 constructing ID (proxy)
> 10-20: 04:55:38:312:268 constructing HASH (QM)
> 10-20: 04:55:38:312:268
> 10-20: 04:55:38:312:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 2.4500
> 10-20: 04:55:38:312:268 ISAKMP Header: (V1.0), len = 284
> 10-20: 04:55:38:312:268 I-COOKIE 39cb29bc833401b6
> 10-20: 04:55:38:312:268 R-COOKIE ae20b66308240023
> 10-20: 04:55:38:312:268 exchange: Oakley Quick Mode
> 10-20: 04:55:38:312:268 flags: 1 ( encrypted )
> 10-20: 04:55:38:312:268 next payload: HASH
> 10-20: 04:55:38:312:268 message ID: 23135286
> 10-20: 04:55:38:312:268 Ports S:9411 D:9411
> 10-20: 04:55:38:328:268
> 10-20: 04:55:38:328:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.4500
> 10-20: 04:55:38:328:268 ISAKMP Header: (V1.0), len = 276
> 10-20: 04:55:38:328:268 I-COOKIE 39cb29bc833401b6
> 10-20: 04:55:38:328:268 R-COOKIE ae20b66308240023
> 10-20: 04:55:38:328:268 exchange: Oakley Quick Mode
> 10-20: 04:55:38:328:268 flags: 1 ( encrypted )
> 10-20: 04:55:38:328:268 next payload: HASH
> 10-20: 04:55:38:328:268 message ID: 23135286
> 10-20: 04:55:38:328:268 processing HASH (QM)
> 10-20: 04:55:38:328:268 ClearFragList
> 10-20: 04:55:38:328:268 processing payload NONCE
> 10-20: 04:55:38:328:268 processing payload KE
> 10-20: 04:55:38:328:268 Quick Mode KE processed; Saved KE data
> 10-20: 04:55:38:328:268 processing payload ID
> 10-20: 04:55:38:328:268 processing payload ID
> 10-20: 04:55:38:328:268 processing payload SA
> 10-20: 04:55:38:328:268 Negotiated Proxy ID: Src 192.168.223.15.0 Dst
> 0.0.0.0.0
> 10-20: 04:55:38:328:268 Dst id for subnet. Mask 0.0.0.0
> 10-20: 04:55:38:328:268 Checking Proposal 1: Proto= ESP(3), num trans=1
> Next=0
> 10-20: 04:55:38:328:268 Checking Transform # 1: ID=Triple DES CBC(3)
> 10-20: 04:55:38:328:268 tunnel mode is 61443(61443)
> 10-20: 04:55:38:328:268 HMAC algorithm is SHA(2)
> 10-20: 04:55:38:328:268 group description for PFS is 2
> 10-20: 04:55:38:328:268 Phase 2 SA accepted: proposal=1 transform=1
> 10-20: 04:55:38:328:268 constructing ISAKMP Header
> 10-20: 04:55:38:328:268 constructing HASH (QM)
> 10-20: 04:55:38:328:268 isadb_find_peer_entry found entry
> 10-20: 04:55:38:328:268 Adding QMs: src = 192.168.223.15.0000, dst =
> 0.0.0.0.0000, proto = 00, context = 0000000B, my tunnel =
> 192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
> 0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 2
> EncapType 3
> 10-20: 04:55:38:328:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 04:55:38:328:268 Algo[0] MySpi: 48541045 PeerSpi: 1768772335
> 10-20: 04:55:38:328:268 Encap Ports Src 4500 Dst 4500
> 10-20: 04:55:38:328:268 Skipping Outbound SA add
> 10-20: 04:55:38:328:268 isadb_find_peer_entry found entry
> 10-20: 04:55:38:328:268 Adding QMs: src = 192.168.223.15.0000, dst =
> 0.0.0.0.0000, proto = 00, context = 0000000B, my tunnel =
> 192.168.223.15, peer tunnel = x.x.x.187, SrcMask = 0.0.0.0, DestMask =
> 0.0.0.0 Lifetime = 3600 LifetimeKBytes 100000 dwFlags 381 Direction 3
> EncapType 3
> 10-20: 04:55:38:328:268 Algo[0] Operation: ESP Algo: Triple DES CBC
> HMAC: SHA
> 10-20: 04:55:38:328:268 Algo[0] MySpi: 48541045 PeerSpi: 1768772335
> 10-20: 04:55:38:328:268 Encap Ports Src 4500 Dst 4500
> 10-20: 04:55:38:328:268 Skipping Inbound SA add
> 10-20: 04:55:38:328:268 isadb_find_peer_entry found entry
> 10-20: 04:55:38:328:268 Leaving adjust_peer_list entry 000CF870 MMCount
> 0 QMCount 1
> 10-20: 04:55:38:328:268 isadb_set_status sa:0011DAD0 centry:000E6760
> status 0
> 10-20: 04:55:38:343:268
> 10-20: 04:55:38:343:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 4.4500
> 10-20: 04:55:38:343:268 ISAKMP Header: (V1.0), len = 52
> 10-20: 04:55:38:343:268 I-COOKIE 39cb29bc833401b6
> 10-20: 04:55:38:343:268 R-COOKIE ae20b66308240023
> 10-20: 04:55:38:343:268 exchange: Oakley Quick Mode
> 10-20: 04:55:38:343:268 flags: 1 ( encrypted )
> 10-20: 04:55:38:343:268 next payload: HASH
> 10-20: 04:55:38:343:268 message ID: 23135286
> 10-20: 04:55:38:343:268 Ports S:9411 D:9411
> 10-20: 04:56:22:859:268 Peer List Entry 000CF870
> 10-20: 04:56:38:359:268 CE Dead. sa:0011DAD0 ce:000E6760 status:35ef
> 10-20: 04:59:38:312:268 Expire_sa SA=11dad0
> 10-20: 04:59:38:312:268 SA Dead. sa:0011DAD0 status:35ef
> 10-20: 04:59:38:312:268 isadb_set_status sa:0011DAD0 centry:00000000
> status 35ef
> 10-20: 04:59:38:312:268 constructing ISAKMP Header
> 10-20: 04:59:38:312:268 constructing HASH (null)
> 10-20: 04:59:38:312:268 constructing DELETE. MM 0011DAD0
> 10-20: 04:59:38:312:268 constructing HASH (Notify/Delete)
> 10-20: 04:59:38:312:268 Not setting retransmit to downlevel client. SA
> 0011DAD0 Centry 00000000
> 10-20: 04:59:38:312:268
> 10-20: 04:59:38:312:268 Sending: SA = 0x0011DAD0 to x.x.x.187:Type
> 1.4500
> 10-20: 04:59:38:312:268 ISAKMP Header: (V1.0), len = 84
> 10-20: 04:59:38:312:268 I-COOKIE 39cb29bc833401b6
> 10-20: 04:59:38:312:268 R-COOKIE ae20b66308240023
> 10-20: 04:59:38:312:268 exchange: ISAKMP Informational Exchange
> 10-20: 04:59:38:312:268 flags: 1 ( encrypted )
> 10-20: 04:59:38:312:268 next payload: HASH
> 10-20: 04:59:38:312:268 message ID: 4560fdfd
> 10-20: 04:59:38:312:268 Ports S:9411 D:9411
> 10-20: 04:59:38:312:268
> 10-20: 04:59:38:312:268 Receive: (get) SA = 0x0011dad0 from
> x.x.x.187.4500
> 10-20: 04:59:38:312:268 ISAKMP Header: (V1.0), len = 84
> 10-20: 04:59:38:312:268 I-COOKIE 39cb29bc833401b6
> 10-20: 04:59:38:312:268 R-COOKIE ae20b66308240023
> 10-20: 04:59:38:312:268 exchange: ISAKMP Informational Exchange
> 10-20: 04:59:38:312:268 flags: 1 ( encrypted )
> 10-20: 04:59:38:312:268 next payload: HASH
> 10-20: 04:59:38:312:268 message ID: 87995d15
> 10-20: 04:59:38:312:268 processing HASH (Notify/Delete)
> 10-20: 04:59:38:312:268 processing payload DELETE
> 10-20: 05:00:07:890:268 Peer List Entry 000CF870
> 10-20: 05:03:52:890:268 Peer List Entry 000CF870
> 10-20: 05:07:37:890:268 Peer List Entry 000CF870
>
> Any help or pointers on where to look and what to try would be greatly
> appreciated - John
--
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan at opensourcedevel.com
Financially sustainable open source development
http://www.opensourcedevel.com
More information about the Users
mailing list