[Openswan Users] A new problem
Jeremy Mann
jmann at txhmg.com
Tue Jun 27 09:24:17 CEST 2006
Skipped content of type multipart/alternative-------------- next part --------------
vpn
Tue Jun 27 13:24:23 CDT 2006
+ _________________________ version
+ ipsec --version
Linux Openswan U2.4.4/K2.6.15-18-386 (netkey)
See `ipsec --copyright' for copyright information.
+ _________________________ /proc/version
+ cat /proc/version
Linux version 2.6.15-18-386 (buildd at rothera) (gcc version 4.0.3 20060304 (prerelease) (Ubuntu 4.0.2-10ubuntu1)) #1 PREEMPT Thu Mar 9 14:41:49 UTC 2006
+ _________________________ /proc/net/ipsec_eroute
+ test -r /proc/net/ipsec_eroute
+ _________________________ netstat-rn
+ netstat -nr
+ head -n 100
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.33.34.9 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
10.9.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun1
10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.192.0 0.0.0.0 255.255.255.224 U 0 0 0 br0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
172.16.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ath0
192.168.12.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
10.9.0.0 10.9.0.2 255.255.255.0 UG 0 0 0 tun1
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0
+ _________________________ /proc/net/ipsec_spi
+ test -r /proc/net/ipsec_spi
+ _________________________ /proc/net/ipsec_spigrp
+ test -r /proc/net/ipsec_spigrp
+ _________________________ /proc/net/ipsec_tncfg
+ test -r /proc/net/ipsec_tncfg
+ _________________________ /proc/net/pfkey
+ test -r /proc/net/pfkey
+ cat /proc/net/pfkey
sk RefCnt Rmem Wmem User Inode
+ _________________________ setkey-D
+ setkey -D
216.158.212.116 192.168.192.2
esp mode=tunnel spi=3299677695(0xc4ad15ff) reqid=16389(0x00004005)
E: aes-cbc 10380e54 bfe26cc8 342a3889 7056354e
A: hmac-sha1 c685aa2f b8efa0d4 816ecbec 57188b25 23fa3854
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 10:46:32 2006 current: Jun 27 13:24:24 2006
diff: 9472(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=3 pid=6832 refcnt=0
216.158.212.116 192.168.192.2
esp mode=tunnel spi=973567669(0x3a0776b5) reqid=16393(0x00004009)
E: aes-cbc 2c297ba2 88d12917 ea762eea 46447a9e
A: hmac-sha1 415b49d6 e993bd0b dbfca021 b9c47f71 3417ffb9
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 10:39:04 2006 current: Jun 27 13:24:24 2006
diff: 9920(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=2 pid=6832 refcnt=0
192.168.192.2 216.158.212.116
esp mode=tunnel spi=437401867(0x1a12390b) reqid=16389(0x00004005)
E: aes-cbc 017358ff fabe19c9 312274ca efc1f94e
A: hmac-sha1 a260dfd6 b3d5015b c310d190 4fe84400 357ac5d2
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 10:46:32 2006 current: Jun 27 13:24:24 2006
diff: 9472(s) hard: 0(s) soft: 0(s)
last: Jun 27 10:47:05 2006 hard: 0(s) soft: 0(s)
current: 230184(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 1413 hard: 0 soft: 0
sadb_seq=1 pid=6832 refcnt=0
192.168.192.2 216.158.212.116
esp mode=tunnel spi=3994479142(0xee16ea26) reqid=16393(0x00004009)
E: aes-cbc 57b9477d abf6edb2 f925037f 922ccfb9
A: hmac-sha1 d4ccb5a4 5ddd2bfe dfcec533 cffb443c f02eda5e
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 10:39:04 2006 current: Jun 27 13:24:24 2006
diff: 9920(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=0 pid=6832 refcnt=0
+ _________________________ setkey-D-P
+ setkey -D -P
192.168.12.0/24[any] 192.168.192.0/27[any] any
in prio high + 1073739576 ipsec
esp/tunnel/216.158.212.116-192.168.192.2/unique#16393
created: Jun 27 02:56:29 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=152 seq=20 pid=6833
refcnt=1
192.168.1.0/24[any] 192.168.192.0/27[any] any
in prio high + 1073739576 ipsec
esp/tunnel/216.158.212.116-192.168.192.2/unique#16389
created: Jun 27 03:02:32 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=168 seq=19 pid=6833
refcnt=1
192.168.192.0/27[any] 192.168.10.0/24[any] any
out prio high + 1073739576 ipsec
esp/transport//require
created: Jun 27 02:56:28 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=113 seq=18 pid=6833
refcnt=1
192.168.192.0/27[any] 192.168.1.0/24[any] any
out prio high + 1073739576 ipsec
esp/tunnel/192.168.192.2-216.158.212.116/unique#16389
created: Jun 27 10:46:32 2006 lastused: Jun 27 13:24:02 2006
lifetime: 0(s) validtime: 0(s)
spid=121 seq=17 pid=6833
refcnt=3
192.168.192.0/27[any] 192.168.12.0/24[any] any
out prio high + 1073739576 ipsec
esp/tunnel/192.168.192.2-216.158.212.116/unique#16393
created: Jun 27 10:39:04 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=129 seq=16 pid=6833
refcnt=1
192.168.12.0/24[any] 192.168.192.0/27[any] any
fwd prio high + 1073739576 ipsec
esp/tunnel/216.158.212.116-192.168.192.2/unique#16393
created: Jun 27 02:56:29 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=162 seq=15 pid=6833
refcnt=1
192.168.1.0/24[any] 192.168.192.0/27[any] any
fwd prio high + 1073739576 ipsec
esp/tunnel/216.158.212.116-192.168.192.2/unique#16389
created: Jun 27 03:02:32 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=178 seq=14 pid=6833
refcnt=1
(per-socket policy)
in none
created: Jun 27 02:56:28 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=99 seq=13 pid=6833
refcnt=1
(per-socket policy)
in none
created: Jun 27 02:56:28 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=83 seq=12 pid=6833
refcnt=1
(per-socket policy)
in none
created: Jun 27 02:56:28 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=67 seq=11 pid=6833
refcnt=1
(per-socket policy)
in none
created: Jun 27 02:56:28 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=51 seq=10 pid=6833
refcnt=1
(per-socket policy)
in none
created: Jun 27 02:56:28 2006 lastused: Jun 27 13:06:07 2006
lifetime: 0(s) validtime: 0(s)
spid=35 seq=9 pid=6833
refcnt=1
(per-socket policy)
in none
created: Jun 27 02:56:28 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=19 seq=8 pid=6833
refcnt=1
(per-socket policy)
in none
created: Jun 27 02:56:28 2006 lastused: Jun 27 03:52:30 2006
lifetime: 0(s) validtime: 0(s)
spid=3 seq=7 pid=6833
refcnt=1
(per-socket policy)
out none
created: Jun 27 02:56:28 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=108 seq=6 pid=6833
refcnt=1
(per-socket policy)
out none
created: Jun 27 02:56:28 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=92 seq=5 pid=6833
refcnt=1
(per-socket policy)
out none
created: Jun 27 02:56:28 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=76 seq=4 pid=6833
refcnt=1
(per-socket policy)
out none
created: Jun 27 02:56:28 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=60 seq=3 pid=6833
refcnt=1
(per-socket policy)
out none
created: Jun 27 02:56:28 2006 lastused: Jun 27 13:06:07 2006
lifetime: 0(s) validtime: 0(s)
spid=44 seq=2 pid=6833
refcnt=1
(per-socket policy)
out none
created: Jun 27 02:56:28 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=28 seq=1 pid=6833
refcnt=1
(per-socket policy)
out none
created: Jun 27 02:56:28 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=12 seq=0 pid=6833
refcnt=1
+ _________________________ /proc/sys/net/ipsec-star
+ test -d /proc/sys/net/ipsec
+ _________________________ ipsec/status
+ ipsec auto --status
000 interface lo/lo ::1
000 interface lo/lo 127.0.0.1
000 interface ath0/ath0 172.16.0.1
000 interface tun0/tun0 10.8.0.1
000 interface br0/br0 192.168.192.2
000 interface tun1/tun1 10.9.0.1
000 interface ppp0/ppp0 71.244.57.29
000 %myid = (none)
000 debug none
000
000 algorithm ESP encrypt: id=2, name=ESP_DES, ivlen=8, keysizemin=64, keysizemax=64
000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=8, keysizemin=192, keysizemax=192
000 algorithm ESP encrypt: id=7, name=ESP_BLOWFISH, ivlen=8, keysizemin=40, keysizemax=448
000 algorithm ESP encrypt: id=11, name=ESP_NULL, ivlen=0, keysizemin=0, keysizemax=0
000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=252, name=ESP_SERPENT, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=253, name=ESP_TWOFISH, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160
000 algorithm ESP auth attr: id=5, name=AUTH_ALGORITHM_HMAC_SHA2_256, keysizemin=256, keysizemax=256
000 algorithm ESP auth attr: id=251, name=(null), keysizemin=0, keysizemax=0
000
000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192
000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128
000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16
000 algorithm IKE hash: id=2, name=OAKLEY_SHA1, hashsize=20
000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024
000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536
000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048
000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072
000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096
000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144
000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192
000
000 stats db_ops.c: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0}
000
000 "bedford": 192.168.192.0/27===192.168.192.2[@home]...216.158.212.116[@work]===192.168.10.0/24; prospective erouted; eroute owner: #0
000 "bedford": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "bedford": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
000 "bedford": policy: PSK+ENCRYPT+TUNNEL+UP; prio: 27,24; interface: br0;
000 "bedford": newest ISAKMP SA: #21; newest IPsec SA: #0;
000 "bedford": IKE algorithm newest: 3DES_CBC_192-MD5-MODP1536
000 "corporate": 192.168.192.0/27===192.168.192.2[@home]...216.158.212.116[@work]===192.168.1.0/24; erouted; eroute owner: #18
000 "corporate": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "corporate": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
000 "corporate": policy: PSK+ENCRYPT+TUNNEL+UP; prio: 27,24; interface: br0;
000 "corporate": newest ISAKMP SA: #0; newest IPsec SA: #18;
000 "nurscare": 192.168.192.0/27===192.168.192.2[@home]...216.158.212.116[@work]===192.168.12.0/24; erouted; eroute owner: #17
000 "nurscare": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "nurscare": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
000 "nurscare": policy: PSK+ENCRYPT+TUNNEL+UP; prio: 27,24; interface: br0;
000 "nurscare": newest ISAKMP SA: #0; newest IPsec SA: #17;
000
000 #21: "bedford":500 STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 541s; newest ISAKMP; lastdpd=-1s(seq in:0 out:0)
000 #18: "corporate":500 STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 18661s; newest IPSEC; eroute owner
000 #18: "corporate" esp.1a12390b at 216.158.212.116 esp.c4ad15ff at 192.168.192.2 tun.0 at 216.158.212.116 tun.0 at 192.168.192.2
000 #17: "nurscare":500 STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 18093s; newest IPSEC; eroute owner
000 #17: "nurscare" esp.ee16ea26 at 216.158.212.116 esp.3a0776b5 at 192.168.192.2 tun.0 at 216.158.212.116 tun.0 at 192.168.192.2
000
+ _________________________ ifconfig-a
+ ifconfig -a
ath0 Link encap:Ethernet HWaddr 00:0F:B5:34:57:4D
inet addr:172.16.0.1 Bcast:172.16.0.255 Mask:255.255.255.0
inet6 addr: fe80::20f:b5ff:fe34:574d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:43728 errors:0 dropped:0 overruns:0 frame:0
TX packets:133833 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:9211377 (8.7 MiB) TX bytes:71310133 (68.0 MiB)
br0 Link encap:Ethernet HWaddr 00:10:B5:10:0C:44
inet addr:192.168.192.2 Bcast:192.168.192.31 Mask:255.255.255.224
inet6 addr: fe80::210:b5ff:fe10:c44/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:169286 errors:0 dropped:0 overruns:0 frame:0
TX packets:96420 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:35880357 (34.2 MiB) TX bytes:89679700 (85.5 MiB)
eth0 Link encap:Ethernet HWaddr 00:40:63:DB:4C:6E
inet6 addr: fe80::240:63ff:fedb:4c6e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:92615 errors:0 dropped:0 overruns:0 frame:0
TX packets:95482 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:89324148 (85.1 MiB) TX bytes:21452260 (20.4 MiB)
Interrupt:5 Base address:0xdc00
eth1 Link encap:Ethernet HWaddr 00:10:B5:10:0C:44
inet6 addr: fe80::210:b5ff:fe10:c44/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:143412 errors:0 dropped:0 overruns:0 frame:0
TX packets:52630 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:32933234 (31.4 MiB) TX bytes:39952316 (38.1 MiB)
Interrupt:12 Base address:0xe000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:973 errors:0 dropped:0 overruns:0 frame:0
TX packets:973 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:237243 (231.6 KiB) TX bytes:237243 (231.6 KiB)
ppp0 Link encap:Point-to-Point Protocol
inet addr:71.244.57.29 P-t-P:10.33.34.9 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:91308 errors:0 dropped:0 overruns:0 frame:0
TX packets:94161 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:87235957 (83.1 MiB) TX bytes:19339565 (18.4 MiB)
sit0 Link encap:IPv6-in-IPv4
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
tap0 Link encap:Ethernet HWaddr 4E:E1:C8:8E:23:68
inet6 addr: fe80::4ce1:c8ff:fe8e:2368/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:33267 errors:0 dropped:0 overruns:0 frame:0
TX packets:128101 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:5731670 (5.4 MiB) TX bytes:68646442 (65.4 MiB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
tun1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.9.0.1 P-t-P:10.9.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
wifi0 Link encap:UNSPEC HWaddr 00-0F-B5-34-57-4D-61-74-00-00-00-00-00-00-00-00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:43913 errors:0 dropped:0 overruns:0 frame:39085
TX packets:133925 errors:21 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:199
RX bytes:10217478 (9.7 MiB) TX bytes:74261200 (70.8 MiB)
Interrupt:5 Memory:cfa00000-cfa10000
+ _________________________ ip-addr-list
+ ip addr list
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: wifi0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 199
link/ieee802.11 00:0f:b5:34:57:4d brd ff:ff:ff:ff:ff:ff
3: ath0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
link/ether 00:0f:b5:34:57:4d brd ff:ff:ff:ff:ff:ff
inet 172.16.0.1/24 brd 172.16.0.255 scope global ath0
inet6 fe80::20f:b5ff:fe34:574d/64 scope link
valid_lft forever preferred_lft forever
4: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:40:63:db:4c:6e brd ff:ff:ff:ff:ff:ff
inet6 fe80::240:63ff:fedb:4c6e/64 scope link
valid_lft forever preferred_lft forever
5: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:10:b5:10:0c:44 brd ff:ff:ff:ff:ff:ff
inet6 fe80::210:b5ff:fe10:c44/64 scope link
valid_lft forever preferred_lft forever
6: tun0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/[65534]
inet 10.8.0.1 peer 10.8.0.2/32 scope global tun0
7: tap0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 4e:e1:c8:8e:23:68 brd ff:ff:ff:ff:ff:ff
inet6 fe80::4ce1:c8ff:fe8e:2368/64 scope link
valid_lft forever preferred_lft forever
8: br0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
link/ether 00:10:b5:10:0c:44 brd ff:ff:ff:ff:ff:ff
inet 192.168.192.2/27 brd 192.168.192.31 scope global br0
inet6 fe80::210:b5ff:fe10:c44/64 scope link
valid_lft forever preferred_lft forever
9: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
10: tun1: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/[65534]
inet 10.9.0.1 peer 10.9.0.2/32 scope global tun1
13: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1492 qdisc pfifo_fast qlen 3
link/ppp
inet 71.244.57.29 peer 10.33.34.9/32 scope global ppp0
+ _________________________ ip-route-list
+ ip route list
10.33.34.9 dev ppp0 proto kernel scope link src 71.244.57.29
10.9.0.2 dev tun1 proto kernel scope link src 10.9.0.1
10.8.0.2 dev tun0 proto kernel scope link src 10.8.0.1
192.168.192.0/27 dev br0 proto kernel scope link src 192.168.192.2
192.168.1.0/24 dev br0 scope link
10.8.0.0/24 via 10.8.0.2 dev tun0
172.16.0.0/24 dev ath0 proto kernel scope link src 172.16.0.1
192.168.12.0/24 dev br0 scope link
192.168.10.0/24 dev br0 scope link
10.9.0.0/24 via 10.9.0.2 dev tun1
default dev ppp0 scope link
+ _________________________ ip-rule-list
+ ip rule list
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
+ _________________________ ipsec_verify
+ ipsec verify --nocolour
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.4.4/K2.6.15-18-386 (netkey)
Checking for IPsec support in kernel [OK]
Checking for RSA private key (/etc/ipsec.secrets) [OK]
Checking that pluto is running [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
Checking for 'setkey' command for NETKEY IPsec stack support [OK]
Opportunistic Encryption Support [DISABLED]
+ _________________________ mii-tool
+ '[' -x /sbin/mii-tool ']'
+ /sbin/mii-tool -v
eth0: negotiated 100baseTx-FD, link ok
product info: vendor 00:40:63, model 50 rev 8
basic mode: autonegotiation enabled
basic status: autonegotiation complete, link ok
capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
eth1: negotiated 100baseTx-FD, link ok
product info: vendor 00:00:00, model 0 rev 0
basic mode: autonegotiation enabled
basic status: autonegotiation complete, link ok
capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
+ _________________________ ipsec/directory
+ ipsec --directory
/usr/lib/ipsec
+ _________________________ hostname/fqdn
+ hostname --fqdn
vpn.localdomain
+ _________________________ hostname/ipaddress
+ hostname --ip-address
192.168.192.2
+ _________________________ uptime
+ uptime
13:24:25 up 10:42, 1 user, load average: 0.16, 0.03, 0.01
+ _________________________ ps
+ ps alxwf
+ egrep -i 'ppid|pluto|ipsec|klips'
F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND
0 0 6794 6785 17 0 2796 1396 wait S+ pts/0 0:00 \_ /bin/sh /usr/lib/ipsec/barf
0 0 6888 6794 17 0 1624 496 pipe_w S+ pts/0 0:00 \_ grep -E -i ppid|pluto|ipsec|klips
1 0 5409 1 25 0 2420 456 wait S ? 0:00 /bin/bash /usr/lib/ipsec/_plutorun --debug --uniqueids yes --nocrsend --strictcrlpolicy --nat_traversal --keep_alive --protostack auto --force_keepalive --disable_port_floating --virtual_private --crlcheckinterval 0 --ocspuri --nhelpers --dump --opts --stderrlog --wait no --pre --post --log daemon.error --pid /var/run/pluto/pluto.pid
1 0 5410 5409 25 0 2420 616 wait S ? 0:00 \_ /bin/bash /usr/lib/ipsec/_plutorun --debug --uniqueids yes --nocrsend --strictcrlpolicy --nat_traversal --keep_alive --protostack auto --force_keepalive --disable_port_floating --virtual_private --crlcheckinterval 0 --ocspuri --nhelpers --dump --opts --stderrlog --wait no --pre --post --log daemon.error --pid /var/run/pluto/pluto.pid
4 0 5420 5410 16 0 6800 2352 - S ? 0:00 | \_ /usr/lib/ipsec/pluto --nofork --secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec.d --use-auto --uniqueids
1 0 5430 5420 26 10 6744 844 - SN ? 0:00 | \_ pluto helper # 0 -nofork
0 0 5455 5420 18 0 1488 272 - S ? 0:00 | \_ _pluto_adns
0 0 5411 5409 16 0 2388 1112 pipe_w S ? 0:00 \_ /bin/sh /usr/lib/ipsec/_plutoload --wait no --post
0 0 5412 1 25 0 1548 496 pipe_w S ? 0:00 logger -s -p daemon.error -t ipsec__plutorun
+ _________________________ ipsec/showdefaults
+ ipsec showdefaults
routephys=ppp0
routevirt=ipsec0
routeaddr=71.244.57.29
+ _________________________ ipsec/conf
+ ipsec _include /etc/ipsec.conf
+ ipsec _keycensor
#< /etc/ipsec.conf 1
# /etc/ipsec.conf - Openswan IPsec configuration file
# RCSID $Id: ipsec.conf.in,v 1.15.2.1 2005/07/26 12:28:39 ken Exp $
# This file: /usr/share/doc/openswan/ipsec.conf-sample
#
# Manual: ipsec.conf.5
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
# plutodebug / klipsdebug = "all", "none" or a combation from below:
# "raw crypt parsing emitting control klips pfkey natt x509 private"
# eg:
# plutodebug="control parsing"
#
# Only enable klipsdebug=all if you are a developer
#
# NAT-TRAVERSAL support, see README.NAT-Traversal
# nat_traversal=yes
# virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%4:172.16.0.0/12
# Add connections here
# sample VPN connection
# conn sample
# # Left security gateway, subnet behind it, nexthop toward right.
# left=10.0.0.1
# leftsubnet=172.16.0.0/24
# leftnexthop=10.22.33.44
# # Right security gateway, subnet behind it, nexthop toward left.
# right=10.12.12.1
# rightsubnet=192.168.0.0/24
# rightnexthop=10.101.102.103
# # To authorize this connection, but not actually start it,
# # at startup, uncomment this.
# #auto=start
# left=%defaultroute
#Disable Opportunistic Encryption
#< /etc/ipsec.d/examples/no_oe.conf 1
# 'include' this file to disable Opportunistic Encryption.
# See /usr/share/doc/openswan/policygroups.html for details.
#
# RCSID $Id: no_oe.conf.in,v 1.2 2004/10/03 19:33:10 paul Exp $
conn block
auto=ignore
conn private
auto=ignore
conn private-or-clear
auto=ignore
conn clear-or-private
auto=ignore
conn clear
auto=ignore
conn packetdefault
auto=ignore
#> /etc/ipsec.conf 42
conn nurscare
right=216.158.212.116
rightsubnet=192.168.12.0/24
also=common-work
conn corporate
right=216.158.212.116
rightsubnet=192.168.1.0/24
also=common-work
conn bedford
right=216.158.212.116
rightsubnet=192.168.10.0/24
also=common-work
conn common-work
authby=secret
auto=start
leftid=@home
leftsubnet=192.168.192.0/27
left=192.168.192.2
pfs=no
rightid=@work
keyingtries=3
+ _________________________ ipsec/secrets
+ ipsec _include /etc/ipsec.secrets
+ ipsec _secretcensor
#< /etc/ipsec.secrets 1
: RSA {
: RSA {
# RSA 2192 bits localhost.localdomain Thu Feb 9 00:55:53 2006
# for signatures only, UNSAFE FOR ENCRYPTION
#pubkey=[keyid AQOrpmaNh]
Modulus: [...]
PublicExponent: [...]
# everything after this point is secret
PrivateExponent: [...]
Prime1: [...]
Prime2: [...]
Exponent1: [...]
Exponent2: [...]
Coefficient: [...]
}
# do not change the indenting of that "[sums to 7d9d...]"
@home @work : PSK "[sums to 3a72...]"
@home 216.158.212.116 : PSK "[sums to 3a72...]"
+ _________________________ ipsec/listall
+ ipsec auto --listall
000
000 List of Public Keys:
000
+ '[' /etc/ipsec.d/policies ']'
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/block
+ base=block
+ _________________________ ipsec/policies/block
+ cat /etc/ipsec.d/policies/block
# This file defines the set of CIDRs (network/mask-length) to which
# communication should never be allowed.
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: block.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/clear
+ base=clear
+ _________________________ ipsec/policies/clear
+ cat /etc/ipsec.d/policies/clear
# This file defines the set of CIDRs (network/mask-length) to which
# communication should always be in the clear.
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: clear.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/clear-or-private
+ base=clear-or-private
+ _________________________ ipsec/policies/clear-or-private
+ cat /etc/ipsec.d/policies/clear-or-private
# This file defines the set of CIDRs (network/mask-length) to which
# we will communicate in the clear, or, if the other side initiates IPSEC,
# using encryption. This behaviour is also called "Opportunistic Responder".
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: clear-or-private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/private
+ base=private
+ _________________________ ipsec/policies/private
+ cat /etc/ipsec.d/policies/private
# This file defines the set of CIDRs (network/mask-length) to which
# communication should always be private (i.e. encrypted).
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/private-or-clear
+ base=private-or-clear
+ _________________________ ipsec/policies/private-or-clear
+ cat /etc/ipsec.d/policies/private-or-clear
# This file defines the set of CIDRs (network/mask-length) to which
# communication should be private, if possible, but in the clear otherwise.
#
# If the target has a TXT (later IPSECKEY) record that specifies
# authentication material, we will require private (i.e. encrypted)
# communications. If no such record is found, communications will be
# in the clear.
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: private-or-clear.in,v 1.5 2003/02/17 02:22:15 mcr Exp $
#
0.0.0.0/0
+ _________________________ ipsec/ls-libdir
+ ls -l /usr/lib/ipsec
total 1364
-rwxr-xr-x 1 root root 15535 May 23 12:07 _confread
-rwxr-xr-x 1 root root 4300 May 23 12:08 _copyright
-rwxr-xr-x 1 root root 2379 May 23 12:07 _include
-rwxr-xr-x 1 root root 1475 May 23 12:07 _keycensor
-rwxr-xr-x 1 root root 7756 May 23 12:08 _pluto_adns
-rwxr-xr-x 1 root root 3586 May 23 12:07 _plutoload
-rwxr-xr-x 1 root root 7429 May 23 12:07 _plutorun
-rwxr-xr-x 1 root root 12275 May 23 12:07 _realsetup
-rwxr-xr-x 1 root root 1975 May 23 12:07 _secretcensor
-rwxr-xr-x 1 root root 9772 May 23 12:07 _startklips
-rwxr-xr-x 1 root root 13417 May 23 12:07 _updown
-rwxr-xr-x 1 root root 15746 May 23 12:07 _updown_x509
-rwxr-xr-x 1 root root 19081 May 23 12:07 auto
-rwxr-xr-x 1 root root 10560 May 23 12:07 barf
-rwxr-xr-x 1 root root 816 May 23 12:07 calcgoo
-rwxr-xr-x 1 root root 76964 May 23 12:08 eroute
-rwxr-xr-x 1 root root 16556 May 23 12:08 ikeping
-rwxr-xr-x 1 root root 1942 May 23 12:07 ipsec_pr.template
-rwxr-xr-x 1 root root 60992 May 23 12:08 klipsdebug
-rwxr-xr-x 1 root root 1836 May 23 12:07 livetest
-rwxr-xr-x 1 root root 2605 May 23 12:07 look
-rwxr-xr-x 1 root root 7147 May 23 12:07 mailkey
-rwxr-xr-x 1 root root 15996 May 23 12:07 manual
-rwxr-xr-x 1 root root 1926 May 23 12:07 newhostkey
-rwxr-xr-x 1 root root 52160 May 23 12:08 pf_key
-rwxr-xr-x 1 root root 644728 May 23 12:08 pluto
-rwxr-xr-x 1 root root 6172 May 23 12:08 ranbits
-rwxr-xr-x 1 root root 18588 May 23 12:08 rsasigkey
-rwxr-xr-x 1 root root 766 May 23 12:07 secrets
-rwxr-xr-x 1 root root 17624 May 23 12:07 send-pr
lrwxrwxrwx 1 root root 17 Jun 2 03:40 setup -> /etc/init.d/ipsec
-rwxr-xr-x 1 root root 1054 May 23 12:07 showdefaults
-rwxr-xr-x 1 root root 4748 May 23 12:07 showhostkey
-rwxr-xr-x 1 root root 114608 May 23 12:08 spi
-rwxr-xr-x 1 root root 65408 May 23 12:08 spigrp
-rwxr-xr-x 1 root root 9796 May 23 12:08 tncfg
-rwxr-xr-x 1 root root 10601 May 23 12:07 verify
-rwxr-xr-x 1 root root 47092 May 23 12:08 whack
+ _________________________ ipsec/ls-execdir
+ ls -l /usr/lib/ipsec
total 1364
-rwxr-xr-x 1 root root 15535 May 23 12:07 _confread
-rwxr-xr-x 1 root root 4300 May 23 12:08 _copyright
-rwxr-xr-x 1 root root 2379 May 23 12:07 _include
-rwxr-xr-x 1 root root 1475 May 23 12:07 _keycensor
-rwxr-xr-x 1 root root 7756 May 23 12:08 _pluto_adns
-rwxr-xr-x 1 root root 3586 May 23 12:07 _plutoload
-rwxr-xr-x 1 root root 7429 May 23 12:07 _plutorun
-rwxr-xr-x 1 root root 12275 May 23 12:07 _realsetup
-rwxr-xr-x 1 root root 1975 May 23 12:07 _secretcensor
-rwxr-xr-x 1 root root 9772 May 23 12:07 _startklips
-rwxr-xr-x 1 root root 13417 May 23 12:07 _updown
-rwxr-xr-x 1 root root 15746 May 23 12:07 _updown_x509
-rwxr-xr-x 1 root root 19081 May 23 12:07 auto
-rwxr-xr-x 1 root root 10560 May 23 12:07 barf
-rwxr-xr-x 1 root root 816 May 23 12:07 calcgoo
-rwxr-xr-x 1 root root 76964 May 23 12:08 eroute
-rwxr-xr-x 1 root root 16556 May 23 12:08 ikeping
-rwxr-xr-x 1 root root 1942 May 23 12:07 ipsec_pr.template
-rwxr-xr-x 1 root root 60992 May 23 12:08 klipsdebug
-rwxr-xr-x 1 root root 1836 May 23 12:07 livetest
-rwxr-xr-x 1 root root 2605 May 23 12:07 look
-rwxr-xr-x 1 root root 7147 May 23 12:07 mailkey
-rwxr-xr-x 1 root root 15996 May 23 12:07 manual
-rwxr-xr-x 1 root root 1926 May 23 12:07 newhostkey
-rwxr-xr-x 1 root root 52160 May 23 12:08 pf_key
-rwxr-xr-x 1 root root 644728 May 23 12:08 pluto
-rwxr-xr-x 1 root root 6172 May 23 12:08 ranbits
-rwxr-xr-x 1 root root 18588 May 23 12:08 rsasigkey
-rwxr-xr-x 1 root root 766 May 23 12:07 secrets
-rwxr-xr-x 1 root root 17624 May 23 12:07 send-pr
lrwxrwxrwx 1 root root 17 Jun 2 03:40 setup -> /etc/init.d/ipsec
-rwxr-xr-x 1 root root 1054 May 23 12:07 showdefaults
-rwxr-xr-x 1 root root 4748 May 23 12:07 showhostkey
-rwxr-xr-x 1 root root 114608 May 23 12:08 spi
-rwxr-xr-x 1 root root 65408 May 23 12:08 spigrp
-rwxr-xr-x 1 root root 9796 May 23 12:08 tncfg
-rwxr-xr-x 1 root root 10601 May 23 12:07 verify
-rwxr-xr-x 1 root root 47092 May 23 12:08 whack
+ _________________________ ipsec/updowns
++ ls /usr/lib/ipsec
++ egrep updown
+ for f in '`ls ${IPSEC_EXECDIR-/usr/libexec/ipsec} | egrep updown`'
+ cat /usr/lib/ipsec/_updown
#! /bin/sh
# iproute2 version, default updown script
#
# Copyright (C) 2003-2004 Nigel Metheringham
# Copyright (C) 2002-2004 Michael Richardson <mcr at xelerance.com>
# Copyright (C) 2003-2005 Tuomo Soini <tis at foobar.fi>
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
# RCSID $Id: _updown.in,v 1.21.2.8 2005/08/28 02:45:26 paul Exp $
# CAUTION: Installing a new version of FreeS/WAN will install a new
# copy of this script, wiping out any custom changes you make. If
# you need changes, make a copy of this under another name, and customize
# that, and use the (left/right)updown parameters in ipsec.conf to make
# FreeS/WAN use yours instead of this default one.
LC_ALL=C export LC_ALL
# things that this script gets (from ipsec_pluto(8) man page)
#
#
# PLUTO_VERSION
# indicates what version of this interface is being
# used. This document describes version 1.1. This
# is upwardly compatible with version 1.0.
#
# PLUTO_VERB
# specifies the name of the operation to be performed
# (prepare-host, prepare-client, up-host, up-client,
# down-host, or down-client). If the address family
# for security gateway to security gateway communica
# tions is IPv6, then a suffix of -v6 is added to the
# verb.
#
# PLUTO_CONNECTION
# is the name of the connection for which we are
# routing.
#
# PLUTO_CONN_POLICY
# the policy of the connection, as in:
# RSASIG+ENCRYPT+TUNNEL+PFS+DONTREKEY+OPPORTUNISTIC+failureDROP+lKOD+rKOD
#
# PLUTO_NEXT_HOP
# is the next hop to which packets bound for the peer
# must be sent.
#
# PLUTO_INTERFACE
# is the name of the ipsec interface to be used.
#
# PLUTO_ME
# is the IP address of our host.
#
# PLUTO_MY_CLIENT
# is the IP address / count of our client subnet. If
# the client is just the host, this will be the
# host's own IP address / max (where max is 32 for
# IPv4 and 128 for IPv6).
#
# PLUTO_MY_CLIENT_NET
# is the IP address of our client net. If the client
# is just the host, this will be the host's own IP
# address.
#
# PLUTO_MY_CLIENT_MASK
# is the mask for our client net. If the client is
# just the host, this will be 255.255.255.255.
#
# PLUTO_MY_SOURCEIP
# if non-empty, then the source address for the route will be
# set to this IP address.
#
# PLUTO_MY_PROTOCOL
# is the protocol for this connection. Useful for
# firewalling.
#
# PLUTO_MY_PORT
# is the port. Useful for firewalling.
#
# PLUTO_PEER
# is the IP address of our peer.
#
# PLUTO_PEER_CLIENT
# is the IP address / count of the peer's client sub
# net. If the client is just the peer, this will be
# the peer's own IP address / max (where max is 32
# for IPv4 and 128 for IPv6).
#
# PLUTO_PEER_CLIENT_NET
# is the IP address of the peer's client net. If the
# client is just the peer, this will be the peer's
# own IP address.
#
# PLUTO_PEER_CLIENT_MASK
# is the mask for the peer's client net. If the
# client is just the peer, this will be
# 255.255.255.255.
#
# PLUTO_PEER_PROTOCOL
# is the protocol set for remote end with port
# selector.
#
# PLUTO_PEER_PORT
# is the peer's port. Useful for firewalling.
#
# PLUTO_CONNECTION_TYPE
#
# Import default _updown configs from the /etc/sysconfig/pluto_updown file
#
# Two variables can be set in this file:
#
# DEFAULTSOURCE
# is the default value for PLUTO_MY_SOURCEIP
#
# IPROUTETABLE
# is the default value for IPROUTETABLE
#
# IPROUTEARGS
# is the extra argument list for ip route command
#
# IPRULEARGS
# is the extra argument list for ip rule command
#
if [ -f /etc/sysconfig/pluto_updown ]
then
. /etc/sysconfig/pluto_updown
fi
# check interface version
case "$PLUTO_VERSION" in
1.[0]) # Older Pluto?!? Play it safe, script may be using new features.
echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2
echo "$0: called by obsolete Pluto?" >&2
exit 2
;;
1.*) ;;
*) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2
exit 2
;;
esac
# check parameter(s)
case "$1:$*" in
':') # no parameters
;;
ipfwadm:ipfwadm) # due to (left/right)firewall; for default script only
;;
custom:*) # custom parameters (see above CAUTION comment)
;;
*) echo "$0: unknown parameters \`$*'" >&2
exit 2
;;
esac
# utility functions for route manipulation
# Meddling with this stuff should not be necessary and requires great care.
uproute() {
doroute add
ip route flush cache
}
downroute() {
doroute delete
ip route flush cache
}
uprule() {
# policy based advanced routing
if [ -n "$IPROUTETABLE" ]
then
dorule delete
dorule add
fi
# virtual sourceip support
if [ -n "$PLUTO_MY_SOURCEIP" ]
then
if addsource
then
changesource
fi
fi
ip route flush cache
}
downrule() {
if [ -n "$IPROUTETABLE" ]
then
dorule delete
ip route flush cache
fi
}
addsource() {
st=0
# check if given sourceip is local and add as alias if not
if ! ip -o route get ${PLUTO_MY_SOURCEIP%/*} | grep -q ^local
then
it="ip addr add ${PLUTO_MY_SOURCEIP%/*}/32 dev ${PLUTO_INTERFACE%:*}"
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: File exists'*)
# should not happen, but ... ignore if the
# address was already assigned on interface
oops=""
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: addsource \`$it' failed ($oops)" >&2
fi
fi
return $st
}
changesource() {
st=0
parms="$PLUTO_PEER_CLIENT dev ${PLUTO_INTERFACE%:*}"
parms="$parms src ${PLUTO_MY_SOURCEIP%/*} $IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms="$parms table $IPROUTETABLE"
fi
it="ip route change $parms"
case "$PLUTO_PEER_CLIENT" in
"0.0.0.0/0")
# opportunistic encryption work around
it=
;;
esac
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: changesource \`$it' failed ($oops)" >&2
fi
return $st
}
dorule() {
st=0
it2=
iprule="from $PLUTO_MY_CLIENT"
iprule2="to $PLUTO_PEER_CLIENT table $IPROUTETABLE $IPRULEARGS"
case "$PLUTO_PEER_CLIENT" in
"0.0.0.0/0")
# opportunistic encryption work around
st=0
;;
*)
if [ -z "$PLUTO_MY_SOURCEIP" ]
then
if [ "$PLUTO_ME" = "${PLUTO_MY_CLIENT%/*}" ]
then
it="ip rule $1 iif lo $iprule2"
else
it="ip rule $1 $iprule $iprule2"
fi
else
if [ "${PLUTO_MY_SOURCEIP%/*}" = "${PLUTO_MY_CLIENT%/*}" ]
then
it="ip rule $1 iif lo $iprule2"
else
it="ip rule $1 $iprule $iprule2"
it2="ip rule $1 iif lo $iprule2"
fi
fi
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: No such process'*)
# This is what ip rule gives
# for "could not find such a rule"
oops=
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: dorule \`$it' failed ($oops)" >&2
fi
if test "$st" = "0" -a -n "$it2"
then
oops="`eval $it2 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: No such process'*)
# This is what ip rule gives
# for "could not find such a rule"
oops=
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: dorule \`$it2' failed ($oops)" >&2
fi
fi
;;
esac
return $st
}
doroute() {
st=0
parms="$PLUTO_PEER_CLIENT"
parms2=
if [ -n "$PLUTO_NEXT_HOP" ] && [ "$PLUTO_NEXT_HOP" != "$PLUTO_PEER" ]
then
parms2="via $PLUTO_NEXT_HOP"
fi
parms2="$parms2 dev ${PLUTO_INTERFACE%:*}"
parms3="$IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms3="$parms3 table $IPROUTETABLE"
fi
if [ -z "$PLUTO_MY_SOURCEIP" ] && [ -n "$DEFAULTSOURCE" ]
then
PLUTO_MY_SOURCEIP="${DEFAULTSOURCE%/*}"
fi
if test "$1" = "add" -a -n "$PLUTO_MY_SOURCEIP"
then
addsource
parms3="$parms3 src ${PLUTO_MY_SOURCEIP%/*}"
fi
case "$PLUTO_PEER_CLIENT" in
"0.0.0.0/0")
# opportunistic encryption work around
# need to provide route that eclipses default, without
# replacing it.
it="ip route $1 0.0.0.0/1 $parms2 $parms3 &&
ip route $1 128.0.0.0/1 $parms2 $parms3"
;;
*) it="ip route $1 $parms $parms2 $parms3"
;;
esac
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: doroute \`$it' failed ($oops)" >&2
fi
return $st
}
# the big choice
case "$PLUTO_VERB:$1" in
prepare-host:*|prepare-client:*)
# delete possibly-existing route (preliminary to adding a route)
case "$PLUTO_PEER_CLIENT" in
"0.0.0.0/0")
# need to provide route that eclipses default, without
# replacing it.
parms1="0.0.0.0/1"
parms2="128.0.0.0/1"
it="ip route delete $parms1 $IPROUTEARGS 2>&1 ; ip route delete $parms2 $IPROUTEARGS 2>&1"
oops="`ip route delete $parms1 $IPROUTEARGS 2>&1 ; ip route delete $parms2 $IPROUTEARGS 2>&1`"
;;
*)
parms="$PLUTO_PEER_CLIENT $IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms="$parms table $IPROUTETABLE"
fi
it="ip route delete $parms 2>&1"
oops="`ip route delete $parms 2>&1`"
;;
esac
status="$?"
if test " $oops" = " " -a " $status" != " 0"
then
oops="silent error, exit status $status"
fi
case "$oops" in
*'RTNETLINK answers: No such process'*)
# This is what route (currently -- not documented!) gives
# for "could not find such a route".
oops=
status=0
;;
esac
if test " $oops" != " " -o " $status" != " 0"
then
echo "$0: \`$it' failed ($oops)" >&2
fi
exit $status
;;
route-host:*|route-client:*)
# connection to me or my client subnet being routed
uproute
;;
unroute-host:*|unroute-client:*)
# connection to me or my client subnet being unrouted
downroute
;;
up-host:*)
# connection to me coming up
uprule
# If you are doing a custom version, firewall commands go here.
;;
down-host:*)
# connection to me going down
downrule
# If you are doing a custom version, firewall commands go here.
;;
up-client:)
# connection to my client subnet coming up
uprule
# If you are doing a custom version, firewall commands go here.
;;
down-client:)
# connection to my client subnet going down
downrule
# If you are doing a custom version, firewall commands go here.
;;
up-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, coming up
uprule
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
down-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, going down
downrule
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
#
# IPv6
#
prepare-host-v6:*|prepare-client-v6:*)
;;
route-host-v6:*|route-client-v6:*)
# connection to me or my client subnet being routed
#uproute_v6
;;
unroute-host-v6:*|unroute-client-v6:*)
# connection to me or my client subnet being unrouted
#downroute_v6
;;
up-host-v6:*)
# connection to me coming up
# If you are doing a custom version, firewall commands go here.
;;
down-host-v6:*)
# connection to me going down
# If you are doing a custom version, firewall commands go here.
;;
up-client-v6:)
# connection to my client subnet coming up
# If you are doing a custom version, firewall commands go here.
;;
down-client-v6:)
# connection to my client subnet going down
# If you are doing a custom version, firewall commands go here.
;;
*) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2
exit 1
;;
esac
+ for f in '`ls ${IPSEC_EXECDIR-/usr/libexec/ipsec} | egrep updown`'
+ cat /usr/lib/ipsec/_updown_x509
#! /bin/sh
#
# customized updown script
#
# logging of VPN connections
#
# tag put in front of each log entry:
TAG=vpn
#
# syslog facility and priority used:
FAC_PRIO=local0.notice
#
# to create a special vpn logging file, put the following line into
# the syslog configuration file /etc/syslog.conf:
#
# local0.notice -/var/log/vpn
#
# are there port numbers?
if [ "$PLUTO_MY_PORT" != 0 ]
then
S_MY_PORT="--sport $PLUTO_MY_PORT"
D_MY_PORT="--dport $PLUTO_MY_PORT"
fi
if [ "$PLUTO_PEER_PORT" != 0 ]
then
S_PEER_PORT="--sport $PLUTO_PEER_PORT"
D_PEER_PORT="--dport $PLUTO_PEER_PORT"
fi
# CAUTION: Installing a new version of Openswan will install a new
# copy of this script, wiping out any custom changes you make. If
# you need changes, make a copy of this under another name, and customize
# that, and use the (left/right)updown parameters in ipsec.conf to make
# Openswan use yours instead of this default one.
LC_ALL=C export LC_ALL
# things that this script gets (from ipsec_pluto(8) man page)
#
#
# PLUTO_VERSION
# indicates what version of this interface is being
# used. This document describes version 1.1. This
# is upwardly compatible with version 1.0.
#
# PLUTO_VERB
# specifies the name of the operation to be performed
# (prepare-host, prepare-client, up-host, up-client,
# down-host, or down-client). If the address family
# for security gateway to security gateway communica
# tions is IPv6, then a suffix of -v6 is added to the
# verb.
#
# PLUTO_CONNECTION
# is the name of the connection for which we are
# routing.
#
# PLUTO_CONN_POLICY
# the policy of the connection, as in:
# RSASIG+ENCRYPT+TUNNEL+PFS+DONTREKEY+OPPORTUNISTIC+failureDROP+lKOD+rKOD
#
# PLUTO_NEXT_HOP
# is the next hop to which packets bound for the peer
# must be sent.
#
# PLUTO_INTERFACE
# is the name of the ipsec interface to be used.
#
# PLUTO_ME
# is the IP address of our host.
#
# PLUTO_MY_CLIENT
# is the IP address / count of our client subnet. If
# the client is just the host, this will be the
# host's own IP address / max (where max is 32 for
# IPv4 and 128 for IPv6).
#
# PLUTO_MY_CLIENT_NET
# is the IP address of our client net. If the client
# is just the host, this will be the host's own IP
# address.
#
# PLUTO_MY_CLIENT_MASK
# is the mask for our client net. If the client is
# just the host, this will be 255.255.255.255.
#
# PLUTO_MY_SOURCEIP
# if non-empty, then the source address for the route will be
# set to this IP address.
#
# PLUTO_MY_PROTOCOL
# is the protocol for this connection. Useful for
# firewalling.
#
# PLUTO_MY_PORT
# is the port. Useful for firewalling.
#
# PLUTO_PEER
# is the IP address of our peer.
#
# PLUTO_PEER_CLIENT
# is the IP address / count of the peer's client sub
# net. If the client is just the peer, this will be
# the peer's own IP address / max (where max is 32
# for IPv4 and 128 for IPv6).
#
# PLUTO_PEER_CLIENT_NET
# is the IP address of the peer's client net. If the
# client is just the peer, this will be the peer's
# own IP address.
#
# PLUTO_PEER_CLIENT_MASK
# is the mask for the peer's client net. If the
# client is just the peer, this will be
# 255.255.255.255.
#
# PLUTO_PEER_PROTOCOL
# is the protocol set for remote end with port
# selector.
#
# PLUTO_PEER_PORT
# is the peer's port. Useful for firewalling.
#
# PLUTO_CONNECTION_TYPE
#
# Import default _updown configs from the /etc/sysconfig/pluto_updown file
#
# Two variables can be set in this file:
#
# DEFAULTSOURCE
# is the default value for PLUTO_MY_SOURCEIP
#
# IPROUTETABLE
# is the default value for IPROUTETABLE
#
# IPROUTEARGS
# is the extra argument list for ip route command
#
# IPRULEARGS
# is the extra argument list for ip rule command
#
if [ -f /etc/sysconfig/pluto_updown ]
then
. /etc/sysconfig/pluto_updown
fi
# check interface version
case "$PLUTO_VERSION" in
1.[0]) # Older Pluto?!? Play it safe, script may be using new features.
echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2
echo "$0: called by obsolete Pluto?" >&2
exit 2
;;
1.*) ;;
*) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2
exit 2
;;
esac
# check parameter(s)
case "$1:$*" in
':') # no parameters
;;
ipfwadm:ipfwadm) # due to (left/right)firewall; for default script only
;;
custom:*) # custom parameters (see above CAUTION comment)
;;
*) echo "$0: unknown parameters \`$*'" >&2
exit 2
;;
esac
# utility functions for route manipulation
# Meddling with this stuff should not be necessary and requires great care.
uproute() {
doroute add
ip route flush cache
}
downroute() {
doroute delete
ip route flush cache
}
uprule() {
# policy based advanced routing
if [ -n "$IPROUTETABLE" ]
then
dorule delete
dorule add
fi
# virtual sourceip support
if [ -n "$PLUTO_MY_SOURCEIP" ]
then
addsource
changesource
fi
ip route flush cache
}
downrule() {
if [ -n "$IPROUTETABLE" ]
then
dorule delete
ip route flush cache
fi
}
addsource() {
st=0
if ! ip -o route get ${PLUTO_MY_SOURCEIP%/*} | grep -q ^local
then
it="ip addr add ${PLUTO_MY_SOURCEIP%/*}/32 dev ${PLUTO_INTERFACE%:*}"
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: addsource \`$it' failed ($oops)" >&2
fi
fi
return $st
}
changesource() {
st=0
parms="$PLUTO_PEER_CLIENT"
parms2="dev ${PLUTO_INTERFACE%:*}"
parms3="src ${PLUTO_MY_SOURCEIP%/*} $IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms3="$parms3 table '$IPROUTETABLE'"
fi
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# opportunistic encryption work around
it=
;;
esac
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: changesource \`$it' failed ($oops)" >&2
fi
return $st
}
dorule() {
st=0
it2=
iprule="from $PLUTO_MY_CLIENT"
iprule2="to $PLUTO_PEER_CLIENT table $IPROUTETABLE $IPRULEARGS"
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# opportunistic encryption work around
st=0
;;
*)
if [ -z "$PLUTO_MY_SOURCEIP" ]
then
if [ "$PLUTO_ME" = "${PLUTO_MY_CLIENT%/*}" ]
then
it="ip rule $1 iif lo $iprule2"
else
it="ip rule $1 $iprule $iprule2"
fi
else
if [ "${PLUTO_MY_SOURCEIP%/*}" = "${PLUTO_MY_CLIENT%/*}" ]
then
it="ip rule $1 iif lo $iprule2"
else
it="ip rule $1 $iprule $iprule2"
it2="ip rule $1 iif lo $iprule2"
fi
fi
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: No such process'*)
# This is what ip rule gives
# for "could not find such a rule"
oops=
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: dorule \`$it' failed ($oops)" >&2
fi
if test "$st" = "0" -a -n "$it2"
then
oops="`eval $it2 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: No such process'*)
# This is what ip rule gives
# for "could not find such a rule"
oops=
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: dorule \`$it2' failed ($oops)" >&2
fi
fi
;;
esac
return $st
}
doroute() {
st=0
parms="$PLUTO_PEER_CLIENT"
parms2=
if [ -n "$PLUTO_NEXT_HOP" ] && [ "$PLUTO_NEXT_HOP" != "$PLUTO_PEER" ]
then
parms2="via $PLUTO_NEXT_HOP"
fi
parms2="$parms2 dev ${PLUTO_INTERFACE%:*}"
parms3="$IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms3="$parms3 table $IPROUTETABLE"
fi
if [ -z "$PLUTO_MY_SOURCEIP" ] && [ -n "$DEFAULTSOURCE" ]
then
PLUTO_MY_SOURCEIP="${DEFAULTSOURCE%/*}"
fi
if test "$1" = "add" -a -n "$PLUTO_MY_SOURCEIP"
then
addsource
parms3="$parms3 src ${PLUTO_MY_SOURCEIP%/*}"
fi
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# opportunistic encryption work around
# need to provide route that eclipses default, without
# replacing it.
it="ip route $1 0.0.0.0/1 $parms2 $parms3 &&
ip route $1 128.0.0.0/1 $parms2 $parms3"
;;
*) it="ip route $1 $parms $parms2 $parms3"
;;
esac
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: doroute \`$it' failed ($oops)" >&2
fi
return $st
}
# the big choice
case "$PLUTO_VERB:$1" in
prepare-host:*|prepare-client:*)
# delete possibly-existing route (preliminary to adding a route)
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# need to provide route that eclipses default, without
# replacing it.
parms1="0.0.0.0/1"
parms2="128.0.0.0/1"
it="ip route delete $parms1 $IPROUTEARGS 2>&1 ; ip route delete $parms2 $IPROUTEARGS 2>&1"
oops="`ip route delete $parms1 $IPROUTEARGS 2>&1 ; ip route delete $parms2 $IPROUTEARGS 2>&1`"
;;
*)
parms="$PLUTO_PEER_CLIENT $IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms="$parms table $IPROUTETABLE"
fi
it="ip route delete $parms 2>&1"
oops="`ip route delete $parms 2>&1`"
;;
esac
status="$?"
if test " $oops" = " " -a " $status" != " 0"
then
oops="silent error, exit status $status"
fi
case "$oops" in
*'RTNETLINK answers: No such process'*)
# This is what route (currently -- not documented!) gives
# for "could not find such a route".
oops=
status=0
;;
esac
if test " $oops" != " " -o " $status" != " 0"
then
echo "$0: \`$it' failed ($oops)" >&2
fi
exit $status
;;
route-host:*|route-client:*)
# connection to me or my client subnet being routed
uproute
;;
unroute-host:*|unroute-client:*)
# connection to me or my client subnet being unrouted
downroute
;;
up-host:*)
# connection to me coming up
uprule
# If you are doing a custom version, firewall commands go here.
iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
-d $PLUTO_ME $D_MY_PORT -j ACCEPT
iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_ME $S_MY_PORT \
-d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
#
if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO \
"+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME"
else
logger -t $TAG -p $FAC_PRIO \
"+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME"
fi
;;
down-host:*)
# connection to me going down
downrule
# If you are doing a custom version, firewall commands go here.
iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
-d $PLUTO_ME $D_MY_PORT -j ACCEPT
iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_ME $S_MY_PORT \
-d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
#
if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO -- \
"- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME"
else
logger -t $TAG -p $FAC_PRIO -- \
"- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME"
fi
;;
up-client:)
# connection to my client subnet coming up
uprule
# If you are doing a custom version, firewall commands go here.
iptables -I FORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \
-d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
iptables -I FORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
-d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT -j ACCEPT
#
if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO \
"+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
else
logger -t $TAG -p $FAC_PRIO \
"+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
fi
;;
down-client:)
# connection to my client subnet going down
downrule
# If you are doing a custom version, firewall commands go here.
iptables -D FORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \
-d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
iptables -D FORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
-d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT -j ACCEPT
#
if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO -- \
"- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
else
logger -t $TAG -p $FAC_PRIO -- \
"- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
fi
;;
up-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, coming up
uprule
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
down-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, going down
downrule
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
#
# IPv6
#
prepare-host-v6:*|prepare-client-v6:*)
;;
route-host-v6:*|route-client-v6:*)
# connection to me or my client subnet being routed
#uproute_v6
;;
unroute-host-v6:*|unroute-client-v6:*)
# connection to me or my client subnet being unrouted
#downroute_v6
;;
up-host-v6:*)
# connection to me coming up
# If you are doing a custom version, firewall commands go here.
;;
down-host-v6:*)
# connection to me going down
# If you are doing a custom version, firewall commands go here.
;;
up-client-v6:)
# connection to my client subnet coming up
# If you are doing a custom version, firewall commands go here.
;;
down-client-v6:)
# connection to my client subnet going down
# If you are doing a custom version, firewall commands go here.
;;
*) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2
exit 1
;;
esac
+ _________________________ /proc/net/dev
+ cat /proc/net/dev
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
lo: 237243 973 0 0 0 0 0 0 237243 973 0 0 0 0 0 0
wifi0:10217478 43913 0 0 0 39085 0 0 74263160 133933 21 0 0 0 0 0
ath0: 9211377 43728 0 0 0 0 0 0 71311917 133841 0 0 0 0 0 0
eth0:89324148 92615 0 0 0 0 0 0 21452260 95482 0 0 0 0 0 0
eth1:32935470 143418 0 0 0 0 0 0 39952436 52632 0 0 0 0 0 0
tun0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
tap0: 5731670 33267 0 0 0 0 0 0 68648745 128109 0 0 0 0 0 0
br0:35882472 169291 0 0 0 0 0 0 89679784 96422 0 0 0 0 0 0
sit0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
tun1: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ppp0:87235957 91308 0 0 0 0 0 0 19339565 94161 0 0 0 0 0 0
+ _________________________ /proc/net/route
+ cat /proc/net/route
Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT
ppp0 0922210A 00000000 0005 0 0 0 FFFFFFFF 0 0 0
tun1 0200090A 00000000 0005 0 0 0 FFFFFFFF 0 0 0
tun0 0200080A 00000000 0005 0 0 0 FFFFFFFF 0 0 0
br0 00C0A8C0 00000000 0001 0 0 0 E0FFFFFF 0 0 0
br0 0001A8C0 00000000 0001 0 0 0 00FFFFFF 0 0 0
tun0 0000080A 0200080A 0003 0 0 0 00FFFFFF 0 0 0
ath0 000010AC 00000000 0001 0 0 0 00FFFFFF 0 0 0
br0 000CA8C0 00000000 0001 0 0 0 00FFFFFF 0 0 0
br0 000AA8C0 00000000 0001 0 0 0 00FFFFFF 0 0 0
tun1 0000090A 0200090A 0003 0 0 0 00FFFFFF 0 0 0
ppp0 00000000 00000000 0001 0 0 0 00000000 0 0 0
+ _________________________ /proc/sys/net/ipv4/ip_forward
+ cat /proc/sys/net/ipv4/ip_forward
1
+ _________________________ /proc/sys/net/ipv4/conf/star-rp_filter
+ cd /proc/sys/net/ipv4/conf
+ egrep '^' all/rp_filter ath0/rp_filter br0/rp_filter default/rp_filter eth0/rp_filter eth1/rp_filter lo/rp_filter ppp0/rp_filter tap0/rp_filter tun0/rp_filter tun1/rp_filter
all/rp_filter:0
ath0/rp_filter:0
br0/rp_filter:0
default/rp_filter:0
eth0/rp_filter:0
eth1/rp_filter:0
lo/rp_filter:0
ppp0/rp_filter:0
tap0/rp_filter:0
tun0/rp_filter:0
tun1/rp_filter:0
+ _________________________ uname-a
+ uname -a
Linux vpn 2.6.15-18-386 #1 PREEMPT Thu Mar 9 14:41:49 UTC 2006 i686 GNU/Linux
+ _________________________ config-built-with
+ test -r /proc/config_built_with
+ _________________________ redhat-release
+ test -r /etc/redhat-release
+ test -r /etc/fedora-release
+ _________________________ /proc/net/ipsec_version
+ test -r /proc/net/ipsec_version
+ test -r /proc/net/pfkey
++ uname -r
+ echo 'NETKEY (2.6.15-18-386) support detected '
NETKEY (2.6.15-18-386) support detected
+ _________________________ ipfwadm
+ test -r /sbin/ipfwadm
+ ipfwadm -F -l -n -e
Generic IP Firewall Chains not in this kernel
+ _________________________
+ ipfwadm -I -l -n -e
Generic IP Firewall Chains not in this kernel
+ _________________________
+ ipfwadm -O -l -n -e
Generic IP Firewall Chains not in this kernel
+ _________________________
+ ipfwadm -M -l -n -e
Generic IP Firewall Chains not in this kernel
+ _________________________ ipchains
+ test -r /sbin/ipchains
+ ipchains -L -v -n
ipchains: Incompatible with this kernel
+ _________________________
+ ipchains -M -L -v -n
ipchains: cannot open file `/proc/net/ip_masquerade'
+ _________________________ iptables
+ test -r /sbin/iptables
+ iptables -L -v -n
Chain INPUT (policy ACCEPT 63494 packets, 25M bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 190K packets, 119M bytes)
pkts bytes target prot opt in out source destination
1347 86208 TCPMSS tcp -- * ppp0 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 tcpmss match 1400:1536 TCPMSS clamp to PMTU
Chain OUTPUT (policy ACCEPT 149K packets, 73M bytes)
pkts bytes target prot opt in out source destination
+ _________________________ iptables-nat
+ iptables -t nat -L -v -n
Chain PREROUTING (policy ACCEPT 35075 packets, 4492K bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 1872 packets, 96589 bytes)
pkts bytes target prot opt in out source destination
1 125 ACCEPT all -- * ppp0 0.0.0.0/0 192.168.0.0/16
29931 3662K MASQUERADE all -- * ppp0 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 2873 packets, 340K bytes)
pkts bytes target prot opt in out source destination
+ _________________________ iptables-mangle
+ iptables -t mangle -L -v -n
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
+ _________________________ /proc/modules
+ test -f /proc/modules
+ cat /proc/modules
iptable_mangle 2944 0 - Live 0xcfcfe000
ipt_MASQUERADE 3456 1 - Live 0xcfd94000
iptable_nat 7812 1 - Live 0xcfd87000
ip_nat 19628 2 ipt_MASQUERADE,iptable_nat, Live 0xcfd8e000
ip_conntrack 51500 3 ipt_MASQUERADE,iptable_nat,ip_nat, Live 0xcfd97000
nfnetlink 6552 2 ip_nat,ip_conntrack, Live 0xcfd33000
ipt_TCPMSS 4608 1 - Live 0xcfd36000
ipt_tcpmss 2432 1 - Live 0xcfd2c000
iptable_filter 3072 1 - Live 0xcfcf6000
ip_tables 22400 6 iptable_mangle,ipt_MASQUERADE,iptable_nat,ipt_TCPMSS,ipt_tcpmss,iptable_filter, Live 0xcfd80000
pppoe 14400 2 - Live 0xcfd2e000
pppox 3720 1 pppoe, Live 0xcfcf4000
via 39168 1 - Live 0xcfd0a000
drm 72852 2 via, Live 0xcfd15000
xfrm_user 18692 2 - Live 0xcfcf8000
xfrm4_tunnel 3972 0 - Live 0xcfc1f000
ipcomp 8072 0 - Live 0xcfcc2000
esp4 8320 4 - Live 0xcfcbe000
ah4 6528 0 - Live 0xcfcbb000
ipv6 265600 18 - Live 0xcfd3e000
af_packet 22920 12 - Live 0xcfcdb000
ppp_generic 30100 6 pppoe,pppox, Live 0xcfcd2000
slhc 7424 1 ppp_generic, Live 0xcfca8000
bridge 52116 0 - Live 0xcfce3000
tun 11904 3 - Live 0xcfbfb000
deflate 4096 0 - Live 0xcfc1d000
zlib_deflate 24344 1 deflate, Live 0xcfcb4000
twofish 48640 0 - Live 0xcfcc5000
serpent 20224 0 - Live 0xcfc07000
aes 30144 4 - Live 0xcfcab000
blowfish 8320 0 - Live 0xcfc03000
des 17664 0 - Live 0xcfc9e000
sha256 10752 0 - Live 0xcfbff000
sha1 2816 4 - Live 0xcfa2f000
crypto_null 2432 0 - Live 0xcf9f8000
af_key 34960 0 - Live 0xcfbe1000
dm_mod 58936 0 - Live 0xcfc0d000
sr_mod 16932 0 - Live 0xcfbf5000
sbp2 24196 0 - Live 0xcfbbc000
scsi_mod 138984 2 sr_mod,sbp2, Live 0xcfc21000
ide_cd 33028 0 - Live 0xcfbeb000
cdrom 38560 2 sr_mod,ide_cd, Live 0xcfbcb000
psmouse 36100 0 - Live 0xcfbd7000
serio_raw 7300 0 - Live 0xcfb13000
8139cp 22528 0 - Live 0xcfbc4000
8139too 26880 0 - Live 0xcfb35000
via_rhine 23940 0 - Live 0xcfb3e000
mii 5888 3 8139cp,8139too,via_rhine, Live 0xcfb32000
snd_via82xx 28696 0 - Live 0xcfae2000
gameport 15496 1 snd_via82xx, Live 0xcfb2d000
snd_ac97_codec 92448 1 snd_via82xx, Live 0xcfafb000
snd_ac97_bus 2304 1 snd_ac97_codec, Live 0xcf988000
snd_pcm 89736 2 snd_via82xx,snd_ac97_codec, Live 0xcfb16000
snd_timer 25220 1 snd_pcm, Live 0xcfaf3000
snd_page_alloc 10632 2 snd_via82xx,snd_pcm, Live 0xcfada000
snd_mpu401_uart 7680 1 snd_via82xx, Live 0xcf996000
snd_rawmidi 25504 1 snd_mpu401_uart, Live 0xcfaeb000
snd_seq_device 8716 1 snd_rawmidi, Live 0xcfade000
snd 55268 7 snd_via82xx,snd_ac97_codec,snd_pcm,snd_timer,snd_mpu401_uart,snd_rawmidi,snd_seq_device, Live 0xcfa20000
soundcore 10208 1 snd, Live 0xcfa15000
wlan_scan_ap 6016 1 - Live 0xcf9f5000
i2c_viapro 8980 0 - Live 0xcfa11000
i2c_core 21904 1 i2c_viapro, Live 0xcfa19000
ath_pci 94628 0 - Live 0xcfac1000
ath_rate_sample 12800 1 ath_pci, Live 0xcf9fa000
wlan 196060 4 wlan_scan_ap,ath_pci,ath_rate_sample, Live 0xcfa90000
ath_hal 189008 3 ath_pci,ath_rate_sample, Live 0xcfa60000
via_ircc 26900 0 - Live 0xcf9e0000
irda 186940 1 via_ircc, Live 0xcfa31000
crc_ccitt 2304 1 irda, Live 0xcf986000
via_agp 9856 1 - Live 0xcf982000
agpgart 34888 2 drm,via_agp, Live 0xcf9c4000
shpchp 45632 0 - Live 0xcf9e8000
pci_hotplug 29236 1 shpchp, Live 0xcf9cf000
yenta_socket 27916 1 - Live 0xcf9bc000
rsrc_nonstatic 13440 1 yenta_socket, Live 0xcf973000
pcmcia_core 42640 2 yenta_socket,rsrc_nonstatic, Live 0xcf98a000
evdev 9856 0 - Live 0xcf978000
ext3 135688 1 - Live 0xcf999000
jbd 58772 1 ext3, Live 0xcf8fe000
ide_generic 1536 0 - Live 0xcf85f000
ohci1394 35124 0 - Live 0xcf8d7000
ieee1394 299832 2 sbp2,ohci1394, Live 0xcf926000
ehci_hcd 32008 0 - Live 0xcf896000
uhci_hcd 33680 0 - Live 0xcf88c000
usbcore 129668 3 ehci_hcd,uhci_hcd, Live 0xcf8a8000
ide_disk 17664 3 - Live 0xcf86b000
via82cxxx 9988 0 [permanent], Live 0xcf87d000
generic 5124 0 - Live 0xcf868000
thermal 13576 0 - Live 0xcf878000
processor 23360 1 thermal, Live 0xcf871000
fan 4868 0 - Live 0xcf865000
capability 5000 0 - Live 0xcf862000
commoncap 7296 1 capability, Live 0xcf831000
vga16fb 13448 1 - Live 0xcf840000
vgastate 10368 1 vga16fb, Live 0xcf828000
fbcon 42784 71 - Live 0xcf834000
tileblit 2816 1 fbcon, Live 0xcf802000
font 8320 1 fbcon, Live 0xcf824000
bitblit 6272 1 fbcon, Live 0xcf81d000
softcursor 2304 1 bitblit, Live 0xcf804000
+ _________________________ /proc/meminfo
+ cat /proc/meminfo
MemTotal: 240188 kB
MemFree: 4432 kB
Buffers: 74200 kB
Cached: 41336 kB
SwapCached: 1652 kB
Active: 115764 kB
Inactive: 72888 kB
HighTotal: 0 kB
HighFree: 0 kB
LowTotal: 240188 kB
LowFree: 4432 kB
SwapTotal: 722884 kB
SwapFree: 704620 kB
Dirty: 3696 kB
Writeback: 0 kB
Mapped: 86340 kB
Slab: 40152 kB
CommitLimit: 842976 kB
Committed_AS: 120204 kB
PageTables: 908 kB
VmallocTotal: 786424 kB
VmallocUsed: 5700 kB
VmallocChunk: 780644 kB
+ _________________________ /proc/net/ipsec-ls
+ test -f /proc/net/ipsec_version
+ _________________________ usr/src/linux/.config
+ test -f /proc/config.gz
++ uname -r
+ test -f /lib/modules/2.6.15-18-386/build/.config
++ uname -r
+ cat /lib/modules/2.6.15-18-386/build/.config
+ egrep 'CONFIG_IPSEC|CONFIG_KLIPS|CONFIG_NET_KEY|CONFIG_INET|CONFIG_IP'
CONFIG_NET_KEY=m
CONFIG_INET=y
CONFIG_IP_MULTICAST=y
CONFIG_IP_ADVANCED_ROUTER=y
# CONFIG_IP_FIB_TRIE is not set
CONFIG_IP_FIB_HASH=y
CONFIG_IP_MULTIPLE_TABLES=y
CONFIG_IP_ROUTE_FWMARK=y
CONFIG_IP_ROUTE_MULTIPATH=y
CONFIG_IP_ROUTE_MULTIPATH_CACHED=y
CONFIG_IP_ROUTE_MULTIPATH_RR=m
CONFIG_IP_ROUTE_MULTIPATH_RANDOM=m
CONFIG_IP_ROUTE_MULTIPATH_WRANDOM=m
CONFIG_IP_ROUTE_MULTIPATH_DRR=m
CONFIG_IP_ROUTE_VERBOSE=y
# CONFIG_IP_PNP is not set
CONFIG_IP_MROUTE=y
CONFIG_IP_PIMSM_V1=y
CONFIG_IP_PIMSM_V2=y
CONFIG_INET_AH=m
CONFIG_INET_ESP=m
CONFIG_INET_IPCOMP=m
CONFIG_INET_TUNNEL=m
CONFIG_INET_DIAG=y
CONFIG_INET_TCP_DIAG=y
CONFIG_IP_VS=m
# CONFIG_IP_VS_DEBUG is not set
CONFIG_IP_VS_TAB_BITS=12
CONFIG_IP_VS_PROTO_TCP=y
CONFIG_IP_VS_PROTO_UDP=y
CONFIG_IP_VS_PROTO_ESP=y
CONFIG_IP_VS_PROTO_AH=y
CONFIG_IP_VS_RR=m
CONFIG_IP_VS_WRR=m
CONFIG_IP_VS_LC=m
CONFIG_IP_VS_WLC=m
CONFIG_IP_VS_LBLC=m
CONFIG_IP_VS_LBLCR=m
CONFIG_IP_VS_DH=m
CONFIG_IP_VS_SH=m
CONFIG_IP_VS_SED=m
CONFIG_IP_VS_NQ=m
CONFIG_IP_VS_FTP=m
CONFIG_IPV6=m
CONFIG_IPV6_PRIVACY=y
CONFIG_INET6_AH=m
CONFIG_INET6_ESP=m
CONFIG_INET6_IPCOMP=m
CONFIG_INET6_TUNNEL=m
CONFIG_IPV6_TUNNEL=m
CONFIG_IP_NF_CONNTRACK=m
CONFIG_IP_NF_CT_ACCT=y
CONFIG_IP_NF_CONNTRACK_MARK=y
# CONFIG_IP_NF_CONNTRACK_EVENTS is not set
CONFIG_IP_NF_CONNTRACK_NETLINK=m
CONFIG_IP_NF_CT_PROTO_SCTP=m
CONFIG_IP_NF_FTP=m
CONFIG_IP_NF_IRC=m
CONFIG_IP_NF_NETBIOS_NS=m
CONFIG_IP_NF_TFTP=m
CONFIG_IP_NF_AMANDA=m
CONFIG_IP_NF_PPTP=m
CONFIG_IP_NF_QUEUE=m
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_LIMIT=m
CONFIG_IP_NF_MATCH_IPRANGE=m
CONFIG_IP_NF_MATCH_MAC=m
CONFIG_IP_NF_MATCH_PKTTYPE=m
CONFIG_IP_NF_MATCH_MARK=m
CONFIG_IP_NF_MATCH_MULTIPORT=m
CONFIG_IP_NF_MATCH_TOS=m
CONFIG_IP_NF_MATCH_RECENT=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_DSCP=m
CONFIG_IP_NF_MATCH_AH_ESP=m
CONFIG_IP_NF_MATCH_LENGTH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_TCPMSS=m
CONFIG_IP_NF_MATCH_HELPER=m
CONFIG_IP_NF_MATCH_STATE=m
CONFIG_IP_NF_MATCH_CONNTRACK=m
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_MATCH_PHYSDEV=m
CONFIG_IP_NF_MATCH_ADDRTYPE=m
CONFIG_IP_NF_MATCH_REALM=m
CONFIG_IP_NF_MATCH_SCTP=m
CONFIG_IP_NF_MATCH_DCCP=m
CONFIG_IP_NF_MATCH_COMMENT=m
CONFIG_IP_NF_MATCH_CONNMARK=m
CONFIG_IP_NF_MATCH_CONNBYTES=m
CONFIG_IP_NF_MATCH_HASHLIMIT=m
CONFIG_IP_NF_MATCH_STRING=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_LOG=m
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_TARGET_TCPMSS=m
CONFIG_IP_NF_TARGET_NFQUEUE=m
CONFIG_IP_NF_NAT=m
CONFIG_IP_NF_NAT_NEEDED=y
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_IP_NF_TARGET_REDIRECT=m
CONFIG_IP_NF_TARGET_NETMAP=m
CONFIG_IP_NF_TARGET_SAME=m
CONFIG_IP_NF_NAT_SNMP_BASIC=m
CONFIG_IP_NF_NAT_IRC=m
CONFIG_IP_NF_NAT_FTP=m
CONFIG_IP_NF_NAT_TFTP=m
CONFIG_IP_NF_NAT_AMANDA=m
CONFIG_IP_NF_NAT_PPTP=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_DSCP=m
CONFIG_IP_NF_TARGET_MARK=m
CONFIG_IP_NF_TARGET_CLASSIFY=m
CONFIG_IP_NF_TARGET_TTL=m
CONFIG_IP_NF_TARGET_CONNMARK=m
CONFIG_IP_NF_TARGET_CLUSTERIP=m
CONFIG_IP_NF_RAW=m
CONFIG_IP_NF_TARGET_NOTRACK=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m
CONFIG_IP6_NF_QUEUE=m
CONFIG_IP6_NF_IPTABLES=m
CONFIG_IP6_NF_MATCH_LIMIT=m
CONFIG_IP6_NF_MATCH_MAC=m
CONFIG_IP6_NF_MATCH_RT=m
CONFIG_IP6_NF_MATCH_OPTS=m
CONFIG_IP6_NF_MATCH_FRAG=m
CONFIG_IP6_NF_MATCH_HL=m
CONFIG_IP6_NF_MATCH_MULTIPORT=m
CONFIG_IP6_NF_MATCH_OWNER=m
CONFIG_IP6_NF_MATCH_MARK=m
CONFIG_IP6_NF_MATCH_IPV6HEADER=m
CONFIG_IP6_NF_MATCH_AHESP=m
CONFIG_IP6_NF_MATCH_LENGTH=m
CONFIG_IP6_NF_MATCH_EUI64=m
CONFIG_IP6_NF_MATCH_PHYSDEV=m
CONFIG_IP6_NF_FILTER=m
CONFIG_IP6_NF_TARGET_LOG=m
CONFIG_IP6_NF_TARGET_REJECT=m
CONFIG_IP6_NF_TARGET_NFQUEUE=m
CONFIG_IP6_NF_MANGLE=m
CONFIG_IP6_NF_TARGET_MARK=m
CONFIG_IP6_NF_TARGET_HL=m
CONFIG_IP6_NF_RAW=m
CONFIG_IP_DCCP=m
CONFIG_INET_DCCP_DIAG=m
CONFIG_IP_DCCP_CCID3=m
CONFIG_IP_DCCP_TFRC_LIB=m
# CONFIG_IP_DCCP_DEBUG is not set
# CONFIG_IP_DCCP_UNLOAD_HACK is not set
CONFIG_IP_SCTP=m
CONFIG_IPX=m
# CONFIG_IPX_INTERN is not set
CONFIG_IPDDP=m
CONFIG_IPDDP_ENCAP=y
CONFIG_IPDDP_DECAP=y
CONFIG_IPW2100=m
CONFIG_IPW2100_MONITOR=y
CONFIG_IPW2100_FS_AMILO_M7400=m
# CONFIG_IPW2100_DEBUG is not set
CONFIG_IPW2200=m
CONFIG_IPW2200_MONITOR=y
# CONFIG_IPW2200_DEBUG is not set
CONFIG_IPPP_FILTER=y
CONFIG_IPMI_HANDLER=m
# CONFIG_IPMI_PANIC_EVENT is not set
CONFIG_IPMI_DEVICE_INTERFACE=m
CONFIG_IPMI_SI=m
CONFIG_IPMI_WATCHDOG=m
CONFIG_IPMI_POWEROFF=m
+ _________________________ etc/syslog.conf
+ cat /etc/syslog.conf
# /etc/syslog.conf Configuration file for syslogd.
#
# For more information see syslog.conf(5)
# manpage.
#
# First some standard logfiles. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
uucp.* /var/log/uucp.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
# Logging for INN news system
#
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
#
# Some `catch-all' logfiles.
#
*.=debug;\
auth,authpriv.none;\
news.none;mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg *
#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
# news.=crit;news.=err;news.=notice;\
# *.=debug;*.=info;\
# *.=notice;*.=warn /dev/tty8
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
# you must invoke `xconsole' with the `-file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
# busy site..
#
daemon.*;mail.*;\
news.crit;news.err;news.notice;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
+ _________________________ etc/resolv.conf
+ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search
nameserver 192.168.192.1
+ _________________________ lib/modules-ls
+ ls -ltr /lib/modules
total 12
drwxr-xr-x 5 root root 4096 Mar 14 18:42 2.4.27-2-386
drwxr-xr-x 6 root root 4096 May 9 14:48 2.6.12-10-386
drwxr-xr-x 7 root root 4096 Jun 2 03:45 2.6.15-18-386
+ _________________________ /proc/ksyms-netif_rx
+ test -r /proc/ksyms
+ test -r /proc/kallsyms
+ egrep netif_rx /proc/kallsyms
c027e010 T netif_rx
c027e200 T netif_rx_ni
c027e010 U netif_rx [ipv6]
c027e010 U netif_rx [ppp_generic]
c027e200 U netif_rx_ni [tun]
c027e010 U netif_rx [via_rhine]
c027e010 U netif_rx [wlan]
c027e010 U netif_rx [via_ircc]
c027e010 U netif_rx [irda]
+ _________________________ lib/modules-netif_rx
+ modulegoo kernel/net/ipv4/ipip.o netif_rx
+ set +x
2.4.27-2-386:
2.6.12-10-386:
2.6.15-18-386:
+ _________________________ kern.debug
+ test -f /var/log/kern.debug
+ _________________________ klog
+ sed -n '7984,$p' /var/log/syslog.0
+ egrep -i 'ipsec|klips|pluto'
+ case "$1" in
+ cat
Jun 27 02:56:25 vpn ipsec_setup: Starting Openswan IPsec U2.4.4/K2.6.15-18-386...
Jun 27 02:56:28 vpn ipsec__plutorun: ipsec_auto: fatal error in "common-work": connection has no "right" parameter specified
Jun 27 02:56:28 vpn ipsec__plutorun: 003 "/etc/ipsec.secrets" line 2: premature end of RSA key
Jun 27 02:56:28 vpn ipsec__plutorun: 021 no connection named "common-work"
Jun 27 02:56:28 vpn ipsec__plutorun: ...could not route conn "common-work"
Jun 27 02:56:29 vpn ipsec__plutorun: 104 "bedford" #1: STATE_MAIN_I1: initiate
Jun 27 02:56:29 vpn ipsec__plutorun: ...could not start conn "bedford"
Jun 27 02:56:29 vpn ipsec__plutorun: 021 no connection named "common-work"
Jun 27 02:56:29 vpn ipsec__plutorun: ...could not start conn "common-work"
+ _________________________ plog
+ sed -n '2377,$p' /var/log/auth.log
+ egrep -i pluto
+ case "$1" in
+ cat
Jun 27 02:56:25 vpn ipsec__plutorun: Starting Pluto subsystem...
Jun 27 02:56:25 vpn pluto[5420]: Starting Pluto (Openswan Version 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OEz}FFFfgr_e)
Jun 27 02:56:26 vpn pluto[5420]: Setting NAT-Traversal port-4500 floating to off
Jun 27 02:56:26 vpn pluto[5420]: port floating activation criteria nat_t=0/port_fload=1
Jun 27 02:56:26 vpn pluto[5420]: including NAT-Traversal patch (Version 0.6c) [disabled]
Jun 27 02:56:26 vpn pluto[5420]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Jun 27 02:56:26 vpn pluto[5420]: starting up 1 cryptographic helpers
Jun 27 02:56:27 vpn pluto[5420]: started helper pid=5430 (fd:6)
Jun 27 02:56:27 vpn pluto[5420]: Using Linux 2.6 IPsec interface code on 2.6.15-18-386
Jun 27 02:56:27 vpn pluto[5420]: Changing to directory '/etc/ipsec.d/cacerts'
Jun 27 02:56:27 vpn pluto[5420]: Changing to directory '/etc/ipsec.d/aacerts'
Jun 27 02:56:27 vpn pluto[5420]: Changing to directory '/etc/ipsec.d/ocspcerts'
Jun 27 02:56:27 vpn pluto[5420]: Changing to directory '/etc/ipsec.d/crls'
Jun 27 02:56:27 vpn pluto[5420]: Warning: empty directory
Jun 27 02:56:27 vpn pluto[5420]: added connection description "bedford"
Jun 27 02:56:27 vpn pluto[5420]: added connection description "corporate"
Jun 27 02:56:27 vpn pluto[5420]: added connection description "nurscare"
Jun 27 02:56:28 vpn pluto[5420]: listening for IKE messages
Jun 27 02:56:28 vpn pluto[5420]: adding interface ppp0/ppp0 71.244.57.29:500
Jun 27 02:56:28 vpn pluto[5420]: adding interface tun1/tun1 10.9.0.1:500
Jun 27 02:56:28 vpn pluto[5420]: adding interface br0/br0 192.168.192.2:500
Jun 27 02:56:28 vpn pluto[5420]: adding interface tun0/tun0 10.8.0.1:500
Jun 27 02:56:28 vpn pluto[5420]: adding interface ath0/ath0 172.16.0.1:500
Jun 27 02:56:28 vpn pluto[5420]: adding interface lo/lo 127.0.0.1:500
Jun 27 02:56:28 vpn pluto[5420]: adding interface lo/lo ::1:500
Jun 27 02:56:28 vpn pluto[5420]: loading secrets from "/etc/ipsec.secrets"
Jun 27 02:56:28 vpn pluto[5420]: "/etc/ipsec.secrets" line 2: premature end of RSA key
Jun 27 02:56:29 vpn pluto[5420]: "bedford" #1: initiating Main Mode
Jun 27 02:56:29 vpn pluto[5420]: "bedford" #1: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 02:56:29 vpn pluto[5420]: "bedford" #1: received Vendor ID payload [Dead Peer Detection]
Jun 27 02:56:29 vpn pluto[5420]: "bedford" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 02:56:29 vpn pluto[5420]: "bedford" #1: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 02:56:29 vpn pluto[5420]: "bedford" #1: I did not send a certificate because I do not have one.
Jun 27 02:56:29 vpn pluto[5420]: "bedford" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 02:56:29 vpn pluto[5420]: "bedford" #1: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 02:56:29 vpn pluto[5420]: "bedford" #1: Main mode peer ID is ID_FQDN: '@work'
Jun 27 02:56:29 vpn pluto[5420]: "bedford" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 02:56:29 vpn pluto[5420]: "bedford" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 02:56:29 vpn pluto[5420]: "nurscare" #2: initiating Quick Mode PSK+ENCRYPT+TUNNEL+UP {using isakmp#1}
Jun 27 02:56:29 vpn pluto[5420]: "corporate" #3: initiating Quick Mode PSK+ENCRYPT+TUNNEL+UP {using isakmp#1}
Jun 27 02:56:29 vpn pluto[5420]: "bedford" #4: initiating Quick Mode PSK+ENCRYPT+TUNNEL+UP {using isakmp#1}
Jun 27 02:56:29 vpn pluto[5420]: "bedford" #4: can not start crypto helper: failed to find any available worker
Jun 27 02:56:29 vpn pluto[5420]: "corporate" #3: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 27 02:56:29 vpn pluto[5420]: "corporate" #3: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0xd7851506 <0x6bd29b4a xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 27 02:56:29 vpn pluto[5420]: "nurscare" #2: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 27 02:56:29 vpn pluto[5420]: "nurscare" #2: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0xa5d9a121 <0xcbf7be6e xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 27 02:56:33 vpn pluto[5420]: "corporate" #5: initiating Quick Mode PSK+ENCRYPT+TUNNEL+UP {using isakmp#1}
Jun 27 02:56:33 vpn pluto[5420]: "corporate" #5: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 27 02:56:33 vpn pluto[5420]: "corporate" #5: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0xc930e702 <0x3dba62dd xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 27 03:02:28 vpn pluto[5420]: "corporate": terminating SAs using this connection
Jun 27 03:02:28 vpn pluto[5420]: "corporate" #5: deleting state (STATE_QUICK_I2)
Jun 27 03:02:28 vpn pluto[5420]: "corporate" #3: deleting state (STATE_QUICK_I2)
Jun 27 03:02:28 vpn pluto[5420]: "bedford" #1: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc930e702) not found (maybe expired)
Jun 27 03:02:28 vpn pluto[5420]: "bedford" #1: received and ignored informational message
Jun 27 03:02:28 vpn pluto[5420]: "bedford" #1: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xd7851506) not found (maybe expired)
Jun 27 03:02:28 vpn pluto[5420]: "bedford" #1: received and ignored informational message
Jun 27 03:02:32 vpn pluto[5420]: "corporate" #6: initiating Quick Mode PSK+ENCRYPT+TUNNEL+UP {using isakmp#1}
Jun 27 03:02:32 vpn pluto[5420]: "corporate" #6: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 27 03:02:32 vpn pluto[5420]: "corporate" #6: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x964a8f26 <0xc8438b51 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 27 03:39:01 vpn pluto[5420]: "bedford" #7: initiating Main Mode to replace #1
Jun 27 03:39:01 vpn pluto[5420]: "bedford" #7: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 03:39:01 vpn pluto[5420]: "bedford" #7: received Vendor ID payload [Dead Peer Detection]
Jun 27 03:39:01 vpn pluto[5420]: "bedford" #7: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 03:39:01 vpn pluto[5420]: "bedford" #7: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 03:39:01 vpn pluto[5420]: "bedford" #7: I did not send a certificate because I do not have one.
Jun 27 03:39:01 vpn pluto[5420]: "bedford" #7: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 03:39:01 vpn pluto[5420]: "bedford" #7: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 03:39:01 vpn pluto[5420]: "bedford" #7: Main mode peer ID is ID_FQDN: '@work'
Jun 27 03:39:01 vpn pluto[5420]: "bedford" #7: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 03:39:01 vpn pluto[5420]: "bedford" #7: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 03:52:00 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 03:52:00 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 03:52:00 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [RFC 3947] meth=109, but port floating is off
Jun 27 03:52:00 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
Jun 27 03:52:00 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
Jun 27 03:52:00 vpn pluto[5420]: packet from 216.158.212.116:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 03:52:00 vpn pluto[5420]: packet from 216.158.212.116:500: initial Main Mode message received on 71.244.57.29:500 but no connection has been authorized
Jun 27 03:52:10 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 03:52:10 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 03:52:10 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [RFC 3947] meth=109, but port floating is off
Jun 27 03:52:10 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
Jun 27 03:52:10 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
Jun 27 03:52:10 vpn pluto[5420]: packet from 216.158.212.116:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 03:52:10 vpn pluto[5420]: packet from 216.158.212.116:500: initial Main Mode message received on 71.244.57.29:500 but no connection has been authorized
Jun 27 03:52:30 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 03:52:30 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 03:52:30 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [RFC 3947] meth=109, but port floating is off
Jun 27 03:52:30 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but port floating is off
Jun 27 03:52:30 vpn pluto[5420]: packet from 216.158.212.116:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but port floating is off
Jun 27 03:52:30 vpn pluto[5420]: packet from 216.158.212.116:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 03:52:30 vpn pluto[5420]: packet from 216.158.212.116:500: initial Main Mode message received on 71.244.57.29:500 but no connection has been authorized
Jun 27 03:56:29 vpn pluto[5420]: packet from 216.158.212.116:500: Informational Exchange is for an unknown (expired?) SA
Jun 27 04:25:10 vpn pluto[5420]: "bedford" #8: initiating Main Mode to replace #7
Jun 27 04:25:10 vpn pluto[5420]: "bedford" #8: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 04:25:10 vpn pluto[5420]: "bedford" #8: received Vendor ID payload [Dead Peer Detection]
Jun 27 04:25:10 vpn pluto[5420]: "bedford" #8: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 04:25:10 vpn pluto[5420]: "bedford" #8: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 04:25:10 vpn pluto[5420]: "bedford" #8: I did not send a certificate because I do not have one.
Jun 27 04:25:10 vpn pluto[5420]: "bedford" #8: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 04:25:10 vpn pluto[5420]: "bedford" #8: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 04:25:10 vpn pluto[5420]: "bedford" #8: Main mode peer ID is ID_FQDN: '@work'
Jun 27 04:25:10 vpn pluto[5420]: "bedford" #8: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 04:25:10 vpn pluto[5420]: "bedford" #8: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 04:39:01 vpn pluto[5420]: packet from 216.158.212.116:500: Informational Exchange is for an unknown (expired?) SA
Jun 27 05:12:56 vpn pluto[5420]: "bedford" #9: initiating Main Mode to replace #8
Jun 27 05:12:56 vpn pluto[5420]: "bedford" #9: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 05:12:56 vpn pluto[5420]: "bedford" #9: received Vendor ID payload [Dead Peer Detection]
Jun 27 05:12:56 vpn pluto[5420]: "bedford" #9: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 05:12:56 vpn pluto[5420]: "bedford" #9: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 05:12:56 vpn pluto[5420]: "bedford" #9: I did not send a certificate because I do not have one.
Jun 27 05:12:56 vpn pluto[5420]: "bedford" #9: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 05:12:56 vpn pluto[5420]: "bedford" #9: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 05:12:56 vpn pluto[5420]: "bedford" #9: Main mode peer ID is ID_FQDN: '@work'
Jun 27 05:12:56 vpn pluto[5420]: "bedford" #9: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 05:12:56 vpn pluto[5420]: "bedford" #9: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 05:25:10 vpn pluto[5420]: packet from 216.158.212.116:500: Informational Exchange is for an unknown (expired?) SA
Jun 27 05:59:47 vpn pluto[5420]: "bedford" #10: initiating Main Mode to replace #9
Jun 27 05:59:47 vpn pluto[5420]: "bedford" #10: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 05:59:47 vpn pluto[5420]: "bedford" #10: received Vendor ID payload [Dead Peer Detection]
Jun 27 05:59:47 vpn pluto[5420]: "bedford" #10: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 05:59:47 vpn pluto[5420]: "bedford" #10: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 05:59:47 vpn pluto[5420]: "bedford" #10: I did not send a certificate because I do not have one.
Jun 27 05:59:47 vpn pluto[5420]: "bedford" #10: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 05:59:47 vpn pluto[5420]: "bedford" #10: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 05:59:47 vpn pluto[5420]: "bedford" #10: Main mode peer ID is ID_FQDN: '@work'
Jun 27 05:59:47 vpn pluto[5420]: "bedford" #10: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 05:59:47 vpn pluto[5420]: "bedford" #10: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 06:12:56 vpn pluto[5420]: packet from 216.158.212.116:500: Informational Exchange is for an unknown (expired?) SA
Jun 27 06:43:05 vpn pluto[5420]: "bedford" #11: initiating Main Mode to replace #10
Jun 27 06:43:05 vpn pluto[5420]: "bedford" #11: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 06:43:05 vpn pluto[5420]: "bedford" #11: received Vendor ID payload [Dead Peer Detection]
Jun 27 06:43:05 vpn pluto[5420]: "bedford" #11: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 06:43:05 vpn pluto[5420]: "bedford" #11: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 06:43:05 vpn pluto[5420]: "bedford" #11: I did not send a certificate because I do not have one.
Jun 27 06:43:05 vpn pluto[5420]: "bedford" #11: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 06:43:05 vpn pluto[5420]: "bedford" #11: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 06:43:05 vpn pluto[5420]: "bedford" #11: Main mode peer ID is ID_FQDN: '@work'
Jun 27 06:43:05 vpn pluto[5420]: "bedford" #11: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 06:43:05 vpn pluto[5420]: "bedford" #11: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 06:59:47 vpn pluto[5420]: packet from 216.158.212.116:500: Informational Exchange is for an unknown (expired?) SA
Jun 27 07:30:03 vpn pluto[5420]: "bedford" #12: initiating Main Mode to replace #11
Jun 27 07:30:03 vpn pluto[5420]: "bedford" #12: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 07:30:03 vpn pluto[5420]: "bedford" #12: received Vendor ID payload [Dead Peer Detection]
Jun 27 07:30:03 vpn pluto[5420]: "bedford" #12: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 07:30:03 vpn pluto[5420]: "bedford" #12: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 07:30:03 vpn pluto[5420]: "bedford" #12: I did not send a certificate because I do not have one.
Jun 27 07:30:03 vpn pluto[5420]: "bedford" #12: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 07:30:03 vpn pluto[5420]: "bedford" #12: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 07:30:03 vpn pluto[5420]: "bedford" #12: Main mode peer ID is ID_FQDN: '@work'
Jun 27 07:30:03 vpn pluto[5420]: "bedford" #12: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 07:30:03 vpn pluto[5420]: "bedford" #12: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 07:43:05 vpn pluto[5420]: packet from 216.158.212.116:500: Informational Exchange is for an unknown (expired?) SA
Jun 27 08:20:14 vpn pluto[5420]: "bedford" #13: initiating Main Mode to replace #12
Jun 27 08:20:14 vpn pluto[5420]: "bedford" #13: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 08:20:14 vpn pluto[5420]: "bedford" #13: received Vendor ID payload [Dead Peer Detection]
Jun 27 08:20:14 vpn pluto[5420]: "bedford" #13: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 08:20:14 vpn pluto[5420]: "bedford" #13: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 08:20:14 vpn pluto[5420]: "bedford" #13: I did not send a certificate because I do not have one.
Jun 27 08:20:14 vpn pluto[5420]: "bedford" #13: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 08:20:14 vpn pluto[5420]: "bedford" #13: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 08:20:14 vpn pluto[5420]: "bedford" #13: Main mode peer ID is ID_FQDN: '@work'
Jun 27 08:20:14 vpn pluto[5420]: "bedford" #13: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 08:20:14 vpn pluto[5420]: "bedford" #13: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 08:30:03 vpn pluto[5420]: packet from 216.158.212.116:500: Informational Exchange is for an unknown (expired?) SA
Jun 27 09:06:01 vpn pluto[5420]: "bedford" #14: initiating Main Mode to replace #13
Jun 27 09:06:01 vpn pluto[5420]: "bedford" #14: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 09:06:01 vpn pluto[5420]: "bedford" #14: received Vendor ID payload [Dead Peer Detection]
Jun 27 09:06:01 vpn pluto[5420]: "bedford" #14: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 09:06:01 vpn pluto[5420]: "bedford" #14: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 09:06:01 vpn pluto[5420]: "bedford" #14: I did not send a certificate because I do not have one.
Jun 27 09:06:01 vpn pluto[5420]: "bedford" #14: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 09:06:01 vpn pluto[5420]: "bedford" #14: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 09:06:01 vpn pluto[5420]: "bedford" #14: Main mode peer ID is ID_FQDN: '@work'
Jun 27 09:06:01 vpn pluto[5420]: "bedford" #14: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 09:06:01 vpn pluto[5420]: "bedford" #14: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 09:20:14 vpn pluto[5420]: packet from 216.158.212.116:500: Informational Exchange is for an unknown (expired?) SA
Jun 27 09:50:47 vpn pluto[5420]: "bedford" #15: initiating Main Mode to replace #14
Jun 27 09:50:47 vpn pluto[5420]: "bedford" #15: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 09:50:47 vpn pluto[5420]: "bedford" #15: received Vendor ID payload [Dead Peer Detection]
Jun 27 09:50:47 vpn pluto[5420]: "bedford" #15: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 09:50:47 vpn pluto[5420]: "bedford" #15: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 09:50:47 vpn pluto[5420]: "bedford" #15: I did not send a certificate because I do not have one.
Jun 27 09:50:47 vpn pluto[5420]: "bedford" #15: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 09:50:47 vpn pluto[5420]: "bedford" #15: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 09:50:47 vpn pluto[5420]: "bedford" #15: Main mode peer ID is ID_FQDN: '@work'
Jun 27 09:50:47 vpn pluto[5420]: "bedford" #15: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 09:50:47 vpn pluto[5420]: "bedford" #15: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 10:06:01 vpn pluto[5420]: packet from 216.158.212.116:500: Informational Exchange is for an unknown (expired?) SA
Jun 27 10:36:06 vpn pluto[5420]: "bedford" #16: initiating Main Mode to replace #15
Jun 27 10:36:07 vpn pluto[5420]: "bedford" #16: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 10:36:07 vpn pluto[5420]: "bedford" #16: received Vendor ID payload [Dead Peer Detection]
Jun 27 10:36:07 vpn pluto[5420]: "bedford" #16: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 10:36:07 vpn pluto[5420]: "bedford" #16: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 10:36:07 vpn pluto[5420]: "bedford" #16: I did not send a certificate because I do not have one.
Jun 27 10:36:07 vpn pluto[5420]: "bedford" #16: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 10:36:07 vpn pluto[5420]: "bedford" #16: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 10:36:07 vpn pluto[5420]: "bedford" #16: Main mode peer ID is ID_FQDN: '@work'
Jun 27 10:36:07 vpn pluto[5420]: "bedford" #16: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 10:36:07 vpn pluto[5420]: "bedford" #16: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 10:38:54 vpn pluto[5420]: "nurscare" #17: initiating Quick Mode PSK+ENCRYPT+TUNNEL+UP to replace #2 {using isakmp#16}
Jun 27 10:39:04 vpn pluto[5420]: "nurscare" #17: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 27 10:39:04 vpn pluto[5420]: "nurscare" #17: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0xee16ea26 <0x3a0776b5 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 27 10:39:14 vpn pluto[5420]: "nurscare" #17: retransmitting in response to duplicate packet; already STATE_QUICK_I2
Jun 27 10:39:34 vpn pluto[5420]: "nurscare" #17: retransmitting in response to duplicate packet; already STATE_QUICK_I2
Jun 27 10:46:22 vpn pluto[5420]: "corporate" #18: initiating Quick Mode PSK+ENCRYPT+TUNNEL+UP to replace #6 {using isakmp#16}
Jun 27 10:46:32 vpn pluto[5420]: "corporate" #18: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 27 10:46:32 vpn pluto[5420]: "corporate" #18: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x1a12390b <0xc4ad15ff xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 27 10:46:42 vpn pluto[5420]: "corporate" #18: retransmitting in response to duplicate packet; already STATE_QUICK_I2
Jun 27 10:50:47 vpn pluto[5420]: packet from 216.158.212.116:500: Informational Exchange is for an unknown (expired?) SA
Jun 27 10:56:29 vpn pluto[5420]: "bedford" #16: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xa5d9a121) not found (maybe expired)
Jun 27 10:56:29 vpn pluto[5420]: "bedford" #16: received and ignored informational message
Jun 27 11:02:32 vpn pluto[5420]: "bedford" #16: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x964a8f26) not found (maybe expired)
Jun 27 11:02:32 vpn pluto[5420]: "bedford" #16: received and ignored informational message
Jun 27 11:23:25 vpn pluto[5420]: "bedford" #19: initiating Main Mode to replace #16
Jun 27 11:23:25 vpn pluto[5420]: "bedford" #19: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 11:23:25 vpn pluto[5420]: "bedford" #19: received Vendor ID payload [Dead Peer Detection]
Jun 27 11:23:25 vpn pluto[5420]: "bedford" #19: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 11:23:25 vpn pluto[5420]: "bedford" #19: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 11:23:25 vpn pluto[5420]: "bedford" #19: I did not send a certificate because I do not have one.
Jun 27 11:23:25 vpn pluto[5420]: "bedford" #19: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 11:23:25 vpn pluto[5420]: "bedford" #19: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 11:23:25 vpn pluto[5420]: "bedford" #19: Main mode peer ID is ID_FQDN: '@work'
Jun 27 11:23:25 vpn pluto[5420]: "bedford" #19: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 11:23:25 vpn pluto[5420]: "bedford" #19: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 11:36:07 vpn pluto[5420]: packet from 216.158.212.116:500: Informational Exchange is for an unknown (expired?) SA
Jun 27 12:06:07 vpn pluto[5420]: "bedford" #20: initiating Main Mode to replace #19
Jun 27 12:06:07 vpn pluto[5420]: "bedford" #20: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 12:06:07 vpn pluto[5420]: "bedford" #20: received Vendor ID payload [Dead Peer Detection]
Jun 27 12:06:07 vpn pluto[5420]: "bedford" #20: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 12:06:07 vpn pluto[5420]: "bedford" #20: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 12:06:07 vpn pluto[5420]: "bedford" #20: I did not send a certificate because I do not have one.
Jun 27 12:06:07 vpn pluto[5420]: "bedford" #20: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 12:06:07 vpn pluto[5420]: "bedford" #20: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 12:06:07 vpn pluto[5420]: "bedford" #20: Main mode peer ID is ID_FQDN: '@work'
Jun 27 12:06:07 vpn pluto[5420]: "bedford" #20: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 12:06:07 vpn pluto[5420]: "bedford" #20: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 12:23:25 vpn pluto[5420]: packet from 216.158.212.116:500: Informational Exchange is for an unknown (expired?) SA
Jun 27 12:49:59 vpn pluto[5420]: "bedford" #21: initiating Main Mode to replace #20
Jun 27 12:49:59 vpn pluto[5420]: "bedford" #21: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 12:49:59 vpn pluto[5420]: "bedford" #21: received Vendor ID payload [Dead Peer Detection]
Jun 27 12:49:59 vpn pluto[5420]: "bedford" #21: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 12:49:59 vpn pluto[5420]: "bedford" #21: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 12:49:59 vpn pluto[5420]: "bedford" #21: I did not send a certificate because I do not have one.
Jun 27 12:49:59 vpn pluto[5420]: "bedford" #21: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 12:49:59 vpn pluto[5420]: "bedford" #21: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 12:49:59 vpn pluto[5420]: "bedford" #21: Main mode peer ID is ID_FQDN: '@work'
Jun 27 12:49:59 vpn pluto[5420]: "bedford" #21: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 12:49:59 vpn pluto[5420]: "bedford" #21: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 13:06:07 vpn pluto[5420]: packet from 216.158.212.116:500: Informational Exchange is for an unknown (expired?) SA
+ _________________________ date
+ date
Tue Jun 27 13:24:26 CDT 2006
-------------- next part --------------
XSERVE2
Tue Jun 27 08:14:58 CDT 2006
+ _________________________ version
+ ipsec --version
Linux Openswan U2.4.4/K2.6.12-9-686-smp (netkey)
See `ipsec --copyright' for copyright information.
+ _________________________ /proc/version
+ cat /proc/version
Linux version 2.6.12-9-686-smp (buildd at rothera) (gcc version 3.4.5 20050809 (prerelease) (Ubuntu 3.4.4-6ubuntu8)) #1 SMP Mon Oct 10 13:36:57 BST 2005
+ _________________________ /proc/net/ipsec_eroute
+ test -r /proc/net/ipsec_eroute
+ _________________________ netstat-rn
+ netstat -nr
+ head -n 100
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.10.0.34 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
216.158.212.112 0.0.0.0 255.255.255.248 U 0 0 0 eth1
216.158.212.168 0.0.0.0 255.255.255.248 U 0 0 0 eth1
10.10.0.32 10.10.0.34 255.255.255.224 UG 0 0 0 tun0
192.168.160.0 192.168.1.104 255.255.255.224 UG 0 0 0 eth0
10.10.0.0 192.168.1.104 255.255.255.224 UG 0 0 0 eth0
192.168.160.64 216.158.212.169 255.255.255.224 UG 0 0 0 eth1
10.10.0.64 216.158.212.169 255.255.255.224 UG 0 0 0 eth1
192.168.192.0 216.158.212.113 255.255.255.224 UG 0 0 0 eth1
192.168.192.32 192.168.1.104 255.255.255.224 UG 0 0 0 eth0
192.168.192.64 192.168.1.104 255.255.255.224 UG 0 0 0 eth0
192.168.192.96 192.168.1.104 255.255.255.224 UG 0 0 0 eth0
192.168.192.128 192.168.1.104 255.255.255.224 UG 0 0 0 eth0
192.168.192.160 192.168.1.104 255.255.255.224 UG 0 0 0 eth0
192.168.192.192 192.168.1.104 255.255.255.224 UG 0 0 0 eth0
192.168.192.224 192.168.1.104 255.255.255.224 UG 0 0 0 eth0
192.168.7.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth0
192.168.6.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth0
192.168.5.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth0
192.168.4.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth0
192.168.3.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth0
192.168.2.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.170.0 192.168.1.104 255.255.255.0 UG 0 0 0 eth0
192.168.12.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth0
192.168.11.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth0
192.168.191.0 192.168.1.104 255.255.255.0 UG 0 0 0 eth0
192.168.10.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth0
192.168.9.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth0
192.168.8.0 192.168.1.1 255.255.255.0 UG 0 0 0 eth0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
+ _________________________ /proc/net/ipsec_spi
+ test -r /proc/net/ipsec_spi
+ _________________________ /proc/net/ipsec_spigrp
+ test -r /proc/net/ipsec_spigrp
+ _________________________ /proc/net/ipsec_tncfg
+ test -r /proc/net/ipsec_tncfg
+ _________________________ /proc/net/pfkey
+ test -r /proc/net/pfkey
+ cat /proc/net/pfkey
sk RefCnt Rmem Wmem User Inode
+ _________________________ setkey-D
+ setkey -D
65.91.22.234 216.158.212.174
esp mode=tunnel spi=13238775(0x00ca01f7) reqid=16433(0x00004031)
E: 3des-cbc 5a58f204 d3f3a02e 4de46afb 8a1b1ddb 36dacfa4 1e6ac89b
A: hmac-md5 4827e778 bbd050bc be6c227d 588a4d84
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:12:45 2006 current: Jun 27 08:14:58 2006
diff: 7333(s) hard: 0(s) soft: 0(s)
last: Jun 27 06:12:59 2006 hard: 0(s) soft: 0(s)
current: 330848(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 1631 hard: 0 soft: 0
sadb_seq=19 pid=27520 refcnt=0
65.91.22.234 216.158.212.174
esp mode=tunnel spi=3189706338(0xbe1f0e62) reqid=16385(0x00004001)
E: 3des-cbc 867cc4aa 6d01316e 4f63e662 7e904566 dc87b72c 68ffc362
A: hmac-md5 d41adefe 66b6dd65 69a95fc9 49d7fdce
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:11:59 2006 current: Jun 27 08:14:58 2006
diff: 7379(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=18 pid=27520 refcnt=0
65.91.22.234 216.158.212.174
esp mode=tunnel spi=3786939428(0xe1b81c24) reqid=16393(0x00004009)
E: 3des-cbc c344ec9b a5b906c8 2cef8788 4caf70a2 1f967015 ecaa45f6
A: hmac-md5 15f29255 591e9332 ba1bfd21 6b0d4652
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:11:59 2006 current: Jun 27 08:14:58 2006
diff: 7379(s) hard: 0(s) soft: 0(s)
last: Jun 27 06:14:18 2006 hard: 0(s) soft: 0(s)
current: 4178(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 18 hard: 0 soft: 0
sadb_seq=17 pid=27520 refcnt=0
65.91.22.234 216.158.212.174
esp mode=tunnel spi=1320779519(0x4eb97eff) reqid=16413(0x0000401d)
E: 3des-cbc 549fa5fe 09d217ad 1979e5a3 b87fcd25 b247bae4 5fedb6cb
A: hmac-md5 1ed8ef85 70a9ad7f 3eabcaa2 e8babc5e
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:11:59 2006 current: Jun 27 08:14:58 2006
diff: 7379(s) hard: 0(s) soft: 0(s)
last: Jun 27 06:14:18 2006 hard: 0(s) soft: 0(s)
current: 4178(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 18 hard: 0 soft: 0
sadb_seq=16 pid=27520 refcnt=0
65.91.22.234 216.158.212.174
esp mode=tunnel spi=3033006127(0xb4c8002f) reqid=16425(0x00004029)
E: 3des-cbc 8905b37f 3dab0073 2bc1f978 627151d7 2183e1d2 c7a757aa
A: hmac-md5 ba8b48ef 72eaff8e b71daaf2 c2ece2e8
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:07:45 2006 current: Jun 27 08:14:58 2006
diff: 7633(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=15 pid=27520 refcnt=0
65.91.22.234 216.158.212.174
esp mode=tunnel spi=1217041695(0x488a951f) reqid=16397(0x0000400d)
E: 3des-cbc b24a0820 fdd4f22f c24852af 0c9ae631 f5101f15 1bbddf68
A: hmac-md5 2aecc6f0 f70446a0 4aa9578d 7967d642
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:03:35 2006 current: Jun 27 08:14:58 2006
diff: 7883(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=14 pid=27520 refcnt=0
65.91.22.234 216.158.212.174
esp mode=tunnel spi=2677631759(0x9f996b0f) reqid=16401(0x00004011)
E: 3des-cbc e83b54b0 e789b027 c790297b b46d2707 e2bfcaad 9a234459
A: hmac-md5 9d94986b 6f71bde3 85451060 da948554
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:03:35 2006 current: Jun 27 08:14:58 2006
diff: 7883(s) hard: 0(s) soft: 0(s)
last: Jun 27 06:11:52 2006 hard: 0(s) soft: 0(s)
current: 4414(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 19 hard: 0 soft: 0
sadb_seq=13 pid=27520 refcnt=0
65.91.22.234 216.158.212.174
esp mode=tunnel spi=2682478968(0x9fe36178) reqid=16409(0x00004019)
E: 3des-cbc 05e9f8f7 ab1fe29f 75421dd8 9cdd05cd 5f0c9874 9dc26599
A: hmac-md5 5c3fa8f6 d094bb42 ca75e82c 66f05e3d
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:03:35 2006 current: Jun 27 08:14:58 2006
diff: 7883(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=12 pid=27520 refcnt=0
71.244.57.29 216.158.212.116
esp mode=tunnel spi=437401867(0x1a12390b) reqid=16465(0x00004051)
E: aes-cbc 017358ff fabe19c9 312274ca efc1f94e
A: hmac-sha1 a260dfd6 b3d5015b c310d190 4fe84400 357ac5d2
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 05:37:19 2006 current: Jun 27 08:14:58 2006
diff: 9459(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=11 pid=27520 refcnt=0
71.244.57.29 216.158.212.116
esp mode=tunnel spi=3994479142(0xee16ea26) reqid=16457(0x00004049)
E: aes-cbc 57b9477d abf6edb2 f925037f 922ccfb9
A: hmac-sha1 d4ccb5a4 5ddd2bfe dfcec533 cffb443c f02eda5e
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 05:29:51 2006 current: Jun 27 08:14:58 2006
diff: 9907(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=10 pid=27520 refcnt=0
216.158.212.116 71.244.57.29
esp mode=tunnel spi=3299677695(0xc4ad15ff) reqid=16465(0x00004051)
E: aes-cbc 10380e54 bfe26cc8 342a3889 7056354e
A: hmac-sha1 c685aa2f b8efa0d4 816ecbec 57188b25 23fa3854
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 05:37:29 2006 current: Jun 27 08:14:58 2006
diff: 9449(s) hard: 0(s) soft: 0(s)
last: Jun 27 05:39:42 2006 hard: 0(s) soft: 0(s)
current: 28672(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 96 hard: 0 soft: 0
sadb_seq=9 pid=27520 refcnt=0
216.158.212.116 71.244.57.29
esp mode=tunnel spi=973567669(0x3a0776b5) reqid=16457(0x00004049)
E: aes-cbc 2c297ba2 88d12917 ea762eea 46447a9e
A: hmac-sha1 415b49d6 e993bd0b dbfca021 b9c47f71 3417ffb9
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 05:30:21 2006 current: Jun 27 08:14:58 2006
diff: 9877(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=8 pid=27520 refcnt=0
216.158.212.174 65.91.22.234
esp mode=tunnel spi=3663542616(0xda5d3958) reqid=16433(0x00004031)
E: 3des-cbc 173ff098 96c929dc c6bf4ff5 c73f125d 34455c5b 8a67c7ba
A: hmac-md5 9f663770 5645a2ee 47972cb9 7122a800
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:12:45 2006 current: Jun 27 08:14:58 2006
diff: 7333(s) hard: 0(s) soft: 0(s)
last: Jun 27 06:12:59 2006 hard: 0(s) soft: 0(s)
current: 261488(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 1217 hard: 0 soft: 0
sadb_seq=7 pid=27520 refcnt=0
216.158.212.174 65.91.22.234
esp mode=tunnel spi=1162115473(0x45447991) reqid=16385(0x00004001)
E: 3des-cbc 71a5330d cea5a65e af2294c7 f06c402e 6f5596dc 835be2c2
A: hmac-md5 300a57d2 2b2f74f4 716eed38 811dc4f5
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:12:00 2006 current: Jun 27 08:14:58 2006
diff: 7378(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=6 pid=27520 refcnt=0
216.158.212.174 65.91.22.234
esp mode=tunnel spi=1382182260(0x52626d74) reqid=16393(0x00004009)
E: 3des-cbc a7da7a3a 02676efb 019d1944 7aa98ba1 21966e92 cbe13ecd
A: hmac-md5 62671aa5 4fa8e301 75cd021d bdbc82bd
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:11:59 2006 current: Jun 27 08:14:58 2006
diff: 7379(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=5 pid=27520 refcnt=0
216.158.212.174 65.91.22.234
esp mode=tunnel spi=1683758090(0x645c1c0a) reqid=16413(0x0000401d)
E: 3des-cbc 5bab6f18 e065975e 5b185569 4ed4fed2 c5c1f11b b76f0b4b
A: hmac-md5 48b78374 a371c74d 22dc7e4c 2beee744
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:11:59 2006 current: Jun 27 08:14:58 2006
diff: 7379(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=4 pid=27520 refcnt=0
216.158.212.174 65.91.22.234
esp mode=tunnel spi=1063138368(0x3f5e3440) reqid=16425(0x00004029)
E: 3des-cbc 173ba48f 3f945c47 ca4a0fa2 0b00a649 fa46908b 4075fa29
A: hmac-md5 762ad799 58b03d35 3288ccd9 70a59b34
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:07:45 2006 current: Jun 27 08:14:58 2006
diff: 7633(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=3 pid=27520 refcnt=0
216.158.212.174 65.91.22.234
esp mode=tunnel spi=1551445299(0x5c792d33) reqid=16397(0x0000400d)
E: 3des-cbc 9a32a2bd 73f50332 fb8cf5a1 05f8597d 8b113f77 65934f76
A: hmac-md5 7711c483 921369fc 32e203fd f825d1ce
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:03:35 2006 current: Jun 27 08:14:58 2006
diff: 7883(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=2 pid=27520 refcnt=0
216.158.212.174 65.91.22.234
esp mode=tunnel spi=791987609(0x2f34c599) reqid=16401(0x00004011)
E: 3des-cbc 135e781b 5249f73a bb3447fb 6620b135 20e576e9 b1dd6c4c
A: hmac-md5 3b813feb 10d3a996 124766b4 ed51d589
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:03:35 2006 current: Jun 27 08:14:58 2006
diff: 7883(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=1 pid=27520 refcnt=0
216.158.212.174 65.91.22.234
esp mode=tunnel spi=262157880(0x0fa03638) reqid=16409(0x00004019)
E: 3des-cbc e03fa582 6ed6cde5 b0bb731e 117ceed1 70ccc14f c70af3a6
A: hmac-md5 1ce7a007 8411d778 f640d0c8 a4eda4e1
seq=0x00000000 replay=32 flags=0x00000000 state=mature
created: Jun 27 06:03:35 2006 current: Jun 27 08:14:58 2006
diff: 7883(s) hard: 0(s) soft: 0(s)
last: hard: 0(s) soft: 0(s)
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 0 hard: 0 soft: 0
sadb_seq=0 pid=27520 refcnt=0
+ _________________________ setkey-D-P
+ setkey -D -P
192.168.160.64/27[any] 192.168.1.0/24[any] any
in prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16433
created: Jun 26 14:29:05 2006 lastused: Jun 27 08:13:18 2006
lifetime: 0(s) validtime: 0(s)
spid=2464 seq=67 pid=27521
refcnt=8
10.10.0.64/27[any] 192.168.1.0/24[any] any
in prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16425
created: Jun 26 14:29:28 2006 lastused: Jun 26 16:53:49 2006
lifetime: 0(s) validtime: 0(s)
spid=2488 seq=66 pid=27521
refcnt=1
192.168.192.0/27[any] 192.168.12.0/24[any] any
in prio high + 1073739483 ipsec
esp/tunnel/71.244.57.29-216.158.212.116/unique#16457
created: Jun 26 21:47:22 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2560 seq=65 pid=27521
refcnt=1
192.168.192.0/27[any] 192.168.1.0/24[any] any
in prio high + 1073739483 ipsec
esp/tunnel/71.244.57.29-216.158.212.116/unique#16465
created: Jun 26 21:53:25 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2608 seq=64 pid=27521
refcnt=1
10.10.0.64/27[any] 10.8.0.0/24[any] any
in prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16409
created: Jun 26 22:08:04 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2632 seq=63 pid=27521
refcnt=1
10.10.0.64/27[any] 192.168.12.0/24[any] any
in prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16397
created: Jun 26 22:08:05 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2728 seq=62 pid=27521
refcnt=1
192.168.160.64/27[any] 192.168.12.0/24[any] any
in prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16401
created: Jun 26 22:08:05 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2752 seq=61 pid=27521
refcnt=1
192.168.160.64/27[any] 10.8.0.0/24[any] any
in prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16413
created: Jun 27 06:11:59 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2776 seq=60 pid=27521
refcnt=1
192.168.160.64/27[any] 192.168.10.0/24[any] any
in prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16393
created: Jun 27 06:11:59 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2792 seq=59 pid=27521
refcnt=1
10.10.0.64/27[any] 192.168.10.0/24[any] any
in prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16385
created: Jun 27 06:11:59 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2808 seq=58 pid=27521
refcnt=1
192.168.1.0/24[any] 192.168.160.64/27[any] any
out prio high + 1073739483 ipsec
esp/tunnel/216.158.212.174-65.91.22.234/unique#16433
created: Jun 27 06:12:45 2006 lastused: Jun 27 08:14:47 2006
lifetime: 0(s) validtime: 0(s)
spid=2481 seq=57 pid=27521
refcnt=29
192.168.1.0/24[any] 10.10.0.64/27[any] any
out prio high + 1073739483 ipsec
esp/tunnel/216.158.212.174-65.91.22.234/unique#16425
created: Jun 27 06:07:45 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2505 seq=56 pid=27521
refcnt=1
192.168.12.0/24[any] 192.168.192.0/27[any] any
out prio high + 1073739483 ipsec
esp/tunnel/216.158.212.116-71.244.57.29/unique#16457
created: Jun 27 05:30:21 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2601 seq=55 pid=27521
refcnt=1
192.168.1.0/24[any] 192.168.192.0/27[any] any
out prio high + 1073739483 ipsec
esp/tunnel/216.158.212.116-71.244.57.29/unique#16465
created: Jun 27 05:37:29 2006 lastused: Jun 27 08:14:22 2006
lifetime: 0(s) validtime: 0(s)
spid=2625 seq=54 pid=27521
refcnt=5
10.8.0.0/24[any] 10.10.0.64/27[any] any
out prio high + 1073739483 ipsec
esp/tunnel/216.158.212.174-65.91.22.234/unique#16409
created: Jun 27 06:03:35 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2649 seq=53 pid=27521
refcnt=1
10.8.0.0/24[any] 192.168.160.64/27[any] any
out prio high + 1073739483 ipsec
esp/tunnel/216.158.212.174-65.91.22.234/unique#16413
created: Jun 27 06:11:59 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2673 seq=52 pid=27521
refcnt=1
192.168.10.0/24[any] 10.10.0.64/27[any] any
out prio high + 1073739483 ipsec
esp/tunnel/216.158.212.174-65.91.22.234/unique#16385
created: Jun 27 06:12:00 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2697 seq=51 pid=27521
refcnt=1
192.168.10.0/24[any] 192.168.160.64/27[any] any
out prio high + 1073739483 ipsec
esp/tunnel/216.158.212.174-65.91.22.234/unique#16393
created: Jun 27 06:11:59 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2721 seq=50 pid=27521
refcnt=1
192.168.12.0/24[any] 10.10.0.64/27[any] any
out prio high + 1073739483 ipsec
esp/tunnel/216.158.212.174-65.91.22.234/unique#16397
created: Jun 27 06:03:35 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2745 seq=49 pid=27521
refcnt=1
192.168.12.0/24[any] 192.168.160.64/27[any] any
out prio high + 1073739483 ipsec
esp/tunnel/216.158.212.174-65.91.22.234/unique#16401
created: Jun 27 06:03:35 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2769 seq=48 pid=27521
refcnt=1
192.168.160.64/27[any] 192.168.1.0/24[any] any
fwd prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16433
created: Jun 26 14:29:05 2006 lastused: Jun 27 08:14:47 2006
lifetime: 0(s) validtime: 0(s)
spid=2474 seq=47 pid=27521
refcnt=23
10.10.0.64/27[any] 192.168.1.0/24[any] any
fwd prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16425
created: Jun 26 14:29:28 2006 lastused: Jun 26 16:53:49 2006
lifetime: 0(s) validtime: 0(s)
spid=2498 seq=46 pid=27521
refcnt=1
192.168.192.0/27[any] 192.168.12.0/24[any] any
fwd prio high + 1073739483 ipsec
esp/tunnel/71.244.57.29-216.158.212.116/unique#16457
created: Jun 26 21:47:22 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2570 seq=45 pid=27521
refcnt=1
192.168.192.0/27[any] 192.168.1.0/24[any] any
fwd prio high + 1073739483 ipsec
esp/tunnel/71.244.57.29-216.158.212.116/unique#16465
created: Jun 26 21:53:25 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2618 seq=44 pid=27521
refcnt=1
10.10.0.64/27[any] 10.8.0.0/24[any] any
fwd prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16409
created: Jun 26 22:08:04 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2642 seq=43 pid=27521
refcnt=1
10.10.0.64/27[any] 192.168.12.0/24[any] any
fwd prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16397
created: Jun 26 22:08:05 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2738 seq=42 pid=27521
refcnt=1
192.168.160.64/27[any] 192.168.12.0/24[any] any
fwd prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16401
created: Jun 26 22:08:05 2006 lastused: Jun 27 08:11:50 2006
lifetime: 0(s) validtime: 0(s)
spid=2762 seq=41 pid=27521
refcnt=3
192.168.160.64/27[any] 10.8.0.0/24[any] any
fwd prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16413
created: Jun 27 06:11:59 2006 lastused: Jun 27 08:11:50 2006
lifetime: 0(s) validtime: 0(s)
spid=2786 seq=40 pid=27521
refcnt=2
192.168.160.64/27[any] 192.168.10.0/24[any] any
fwd prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16393
created: Jun 27 06:11:59 2006 lastused: Jun 27 08:11:50 2006
lifetime: 0(s) validtime: 0(s)
spid=2802 seq=39 pid=27521
refcnt=3
10.10.0.64/27[any] 192.168.10.0/24[any] any
fwd prio high + 1073739483 ipsec
esp/tunnel/65.91.22.234-216.158.212.174/unique#16385
created: Jun 27 06:11:59 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2818 seq=38 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2403 seq=37 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2387 seq=36 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2371 seq=35 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2355 seq=34 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2339 seq=33 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2323 seq=32 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2307 seq=31 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2291 seq=30 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2275 seq=29 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2259 seq=28 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2243 seq=27 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2227 seq=26 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2211 seq=25 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2195 seq=24 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused: Jun 27 07:56:52 2006
lifetime: 0(s) validtime: 0(s)
spid=2179 seq=23 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2163 seq=22 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused: Jun 27 07:52:08 2006
lifetime: 0(s) validtime: 0(s)
spid=2147 seq=21 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2131 seq=20 pid=27521
refcnt=1
(per-socket policy)
in none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2115 seq=19 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2412 seq=18 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2396 seq=17 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2380 seq=16 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2364 seq=15 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2348 seq=14 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2332 seq=13 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2316 seq=12 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2300 seq=11 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2284 seq=10 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2268 seq=9 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2252 seq=8 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2236 seq=7 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2220 seq=6 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2204 seq=5 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused: Jun 27 07:56:52 2006
lifetime: 0(s) validtime: 0(s)
spid=2188 seq=4 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2172 seq=3 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused: Jun 27 07:52:08 2006
lifetime: 0(s) validtime: 0(s)
spid=2156 seq=2 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2140 seq=1 pid=27521
refcnt=1
(per-socket policy)
out none
created: Jun 26 14:27:14 2006 lastused:
lifetime: 0(s) validtime: 0(s)
spid=2124 seq=0 pid=27521
refcnt=1
+ _________________________ /proc/sys/net/ipsec-star
+ test -d /proc/sys/net/ipsec
+ _________________________ ipsec/status
+ ipsec auto --status
000 interface lo/lo ::1
000 interface lo/lo 127.0.0.1
000 interface lo/lo 127.0.0.1
000 interface eth0/eth0 192.168.1.41
000 interface eth0/eth0 192.168.1.41
000 interface eth0/eth0 192.168.1.54
000 interface eth0/eth0 192.168.1.54
000 interface eth0/eth0 192.168.1.103
000 interface eth0/eth0 192.168.1.103
000 interface eth0/eth0 192.168.1.160
000 interface eth0/eth0 192.168.1.160
000 interface eth1/eth1 216.158.212.171
000 interface eth1/eth1 216.158.212.171
000 interface eth1/eth1 216.158.212.116
000 interface eth1/eth1 216.158.212.116
000 interface eth1/eth1 216.158.212.174
000 interface eth1/eth1 216.158.212.174
000 interface tun0/tun0 10.10.0.33
000 interface tun0/tun0 10.10.0.33
000 %myid = (none)
000 debug none
000
000 algorithm ESP encrypt: id=2, name=ESP_DES, ivlen=8, keysizemin=64, keysizemax=64
000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=8, keysizemin=192, keysizemax=192
000 algorithm ESP encrypt: id=7, name=ESP_BLOWFISH, ivlen=8, keysizemin=40, keysizemax=448
000 algorithm ESP encrypt: id=11, name=ESP_NULL, ivlen=0, keysizemin=0, keysizemax=0
000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=252, name=ESP_SERPENT, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=253, name=ESP_TWOFISH, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160
000 algorithm ESP auth attr: id=5, name=AUTH_ALGORITHM_HMAC_SHA2_256, keysizemin=256, keysizemax=256
000 algorithm ESP auth attr: id=251, name=(null), keysizemin=0, keysizemax=0
000
000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192
000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128
000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16
000 algorithm IKE hash: id=2, name=OAKLEY_SHA1, hashsize=20
000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024
000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536
000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048
000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072
000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096
000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144
000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192
000
000 stats db_ops.c: {curr_cnt, total_cnt, maxsz} :context={0,11,36} trans={0,11,336} attrs={0,11,224}
000
000 "bedford-home": 192.168.10.0/24===216.158.212.116[@work]---216.158.212.113...%any[@home]===192.168.192.0/27; unrouted; eroute owner: #0
000 "bedford-home": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "bedford-home": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "bedford-home": policy: PSK+ENCRYPT+COMPRESS+TUNNEL; prio: 24,27; interface: eth1;
000 "bedford-home": newest ISAKMP SA: #0; newest IPsec SA: #0;
000 "corporate-home": 192.168.1.0/24===216.158.212.116[@work]---216.158.212.113...%any[@home]===192.168.192.0/27; unrouted; eroute owner: #0
000 "corporate-home": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "corporate-home": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "corporate-home": policy: PSK+ENCRYPT+COMPRESS+TUNNEL; prio: 24,27; interface: eth1;
000 "corporate-home": newest ISAKMP SA: #0; newest IPsec SA: #0;
000 "corporate-home"[4]: 192.168.1.0/24===216.158.212.116[@work]---216.158.212.113...71.244.57.29[@home]===192.168.192.0/27; erouted; eroute owner: #152
000 "corporate-home"[4]: srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "corporate-home"[4]: ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "corporate-home"[4]: policy: PSK+ENCRYPT+COMPRESS+TUNNEL; prio: 24,27; interface: eth1;
000 "corporate-home"[4]: newest ISAKMP SA: #169; newest IPsec SA: #152;
000 "corporate-home"[4]: IKE algorithm newest: 3DES_CBC_192-MD5-MODP1536
000 "nurscare-home": 192.168.12.0/24===216.158.212.116[@work]---216.158.212.113...%any[@home]===192.168.192.0/27; unrouted; eroute owner: #0
000 "nurscare-home": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "nurscare-home": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "nurscare-home": policy: PSK+ENCRYPT+COMPRESS+TUNNEL; prio: 24,27; interface: eth1;
000 "nurscare-home": newest ISAKMP SA: #0; newest IPsec SA: #0;
000 "nurscare-home"[3]: 192.168.12.0/24===216.158.212.116[@work]---216.158.212.113...71.244.57.29[@home]===192.168.192.0/27; erouted; eroute owner: #151
000 "nurscare-home"[3]: srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "nurscare-home"[3]: ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "nurscare-home"[3]: policy: PSK+ENCRYPT+COMPRESS+TUNNEL; prio: 24,27; interface: eth1;
000 "nurscare-home"[3]: newest ISAKMP SA: #0; newest IPsec SA: #151;
000 "roadwarrior": 192.168.1.41[C=US, ST=Texas, L=Grapevine, O=Texas Health Management Group, CN=Jeremy Mann, E=jmann at txhmg.com]---192.168.1.1...192.168.1.30; unrouted; eroute owner: #0
000 "roadwarrior": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "roadwarrior": CAs: 'C=US, ST=Texas, L=Grapevine, O=Texas Health Management Group'...'%any'
000 "roadwarrior": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "roadwarrior": policy: RSASIG+ENCRYPT+COMPRESS+TUNNEL; prio: 32,32; interface: eth0;
000 "roadwarrior": newest ISAKMP SA: #0; newest IPsec SA: #0;
000 "waxahachie-common": 216.158.212.174[@corp]---216.158.212.169...65.91.22.234; unrouted; eroute owner: #0
000 "waxahachie-common": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "waxahachie-common": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "waxahachie-common": policy: PSK+ENCRYPT+COMPRESS+TUNNEL; prio: 32,32; interface: eth1;
000 "waxahachie-common": newest ISAKMP SA: #0; newest IPsec SA: #0;
000 "waxahachie-common": IKE algorithms wanted: 5_000-2-5, 5_000-2-2, flags=-strict
000 "waxahachie-common": IKE algorithms found: 5_192-2_160-5, 5_192-2_160-2,
000 "waxahachie-common": ESP algorithms wanted: 3_000-1, flags=-strict
000 "waxahachie-common": ESP algorithms loaded: 3_000-1, flags=-strict
000 "waxahachie-lan-bedford": 192.168.10.0/24===216.158.212.174[@corp]---216.158.212.169...65.91.22.234===192.168.160.64/27; erouted; eroute owner: #162
000 "waxahachie-lan-bedford": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "waxahachie-lan-bedford": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "waxahachie-lan-bedford": policy: PSK+ENCRYPT+COMPRESS+TUNNEL; prio: 24,27; interface: eth1;
000 "waxahachie-lan-bedford": newest ISAKMP SA: #0; newest IPsec SA: #162;
000 "waxahachie-lan-bedford": IKE algorithms wanted: 5_000-2-5, 5_000-2-2, flags=-strict
000 "waxahachie-lan-bedford": IKE algorithms found: 5_192-2_160-5, 5_192-2_160-2,
000 "waxahachie-lan-bedford": ESP algorithms wanted: 3_000-1, flags=-strict
000 "waxahachie-lan-bedford": ESP algorithms loaded: 3_000-1, flags=-strict
000 "waxahachie-lan-bedford": ESP algorithm newest: 3DES_0-HMAC_MD5; pfsgroup=<N/A>
000 "waxahachie-lan-corp": 192.168.1.0/24===216.158.212.174[@corp]---216.158.212.169...65.91.22.234===192.168.160.64/27; erouted; eroute owner: #164
000 "waxahachie-lan-corp": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "waxahachie-lan-corp": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "waxahachie-lan-corp": policy: PSK+ENCRYPT+COMPRESS+TUNNEL+UP; prio: 24,27; interface: eth1;
000 "waxahachie-lan-corp": newest ISAKMP SA: #4; newest IPsec SA: #164;
000 "waxahachie-lan-corp": IKE algorithms wanted: 5_000-2-5, 5_000-2-2, flags=-strict
000 "waxahachie-lan-corp": IKE algorithms found: 5_192-2_160-5, 5_192-2_160-2,
000 "waxahachie-lan-corp": IKE algorithm newest: 3DES_CBC_192-SHA1-MODP1536
000 "waxahachie-lan-corp": ESP algorithms wanted: 3_000-1, flags=-strict
000 "waxahachie-lan-corp": ESP algorithms loaded: 3_000-1, flags=-strict
000 "waxahachie-lan-corp": ESP algorithm newest: 3DES_0-HMAC_MD5; pfsgroup=<N/A>
000 "waxahachie-lan-nurscare": 192.168.12.0/24===216.158.212.174[@corp]---216.158.212.169...65.91.22.234===192.168.160.64/27; erouted; eroute owner: #155
000 "waxahachie-lan-nurscare": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "waxahachie-lan-nurscare": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "waxahachie-lan-nurscare": policy: PSK+ENCRYPT+COMPRESS+TUNNEL; prio: 24,27; interface: eth1;
000 "waxahachie-lan-nurscare": newest ISAKMP SA: #0; newest IPsec SA: #155;
000 "waxahachie-lan-nurscare": IKE algorithms wanted: 5_000-2-5, 5_000-2-2, flags=-strict
000 "waxahachie-lan-nurscare": IKE algorithms found: 5_192-2_160-5, 5_192-2_160-2,
000 "waxahachie-lan-nurscare": ESP algorithms wanted: 3_000-1, flags=-strict
000 "waxahachie-lan-nurscare": ESP algorithms loaded: 3_000-1, flags=-strict
000 "waxahachie-lan-nurscare": ESP algorithm newest: 3DES_0-HMAC_MD5; pfsgroup=<N/A>
000 "waxahachie-lan-ovpn": 10.8.0.0/24===216.158.212.174[@corp]---216.158.212.169...65.91.22.234===192.168.160.64/27; erouted; eroute owner: #161
000 "waxahachie-lan-ovpn": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "waxahachie-lan-ovpn": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "waxahachie-lan-ovpn": policy: PSK+ENCRYPT+COMPRESS+TUNNEL; prio: 24,27; interface: eth1;
000 "waxahachie-lan-ovpn": newest ISAKMP SA: #0; newest IPsec SA: #161;
000 "waxahachie-lan-ovpn": IKE algorithms wanted: 5_000-2-5, 5_000-2-2, flags=-strict
000 "waxahachie-lan-ovpn": IKE algorithms found: 5_192-2_160-5, 5_192-2_160-2,
000 "waxahachie-lan-ovpn": ESP algorithms wanted: 3_000-1, flags=-strict
000 "waxahachie-lan-ovpn": ESP algorithms loaded: 3_000-1, flags=-strict
000 "waxahachie-lan-ovpn": ESP algorithm newest: 3DES_0-HMAC_MD5; pfsgroup=<N/A>
000 "waxahachie-wireless-bedford": 192.168.10.0/24===216.158.212.174[@corp]---216.158.212.169...65.91.22.234===10.10.0.64/27; erouted; eroute owner: #163
000 "waxahachie-wireless-bedford": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "waxahachie-wireless-bedford": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "waxahachie-wireless-bedford": policy: PSK+ENCRYPT+COMPRESS+TUNNEL; prio: 24,27; interface: eth1;
000 "waxahachie-wireless-bedford": newest ISAKMP SA: #168; newest IPsec SA: #163;
000 "waxahachie-wireless-bedford": IKE algorithms wanted: 5_000-2-5, 5_000-2-2, flags=-strict
000 "waxahachie-wireless-bedford": IKE algorithms found: 5_192-2_160-5, 5_192-2_160-2,
000 "waxahachie-wireless-bedford": IKE algorithm newest: 3DES_CBC_192-SHA1-MODP1536
000 "waxahachie-wireless-bedford": ESP algorithms wanted: 3_000-1, flags=-strict
000 "waxahachie-wireless-bedford": ESP algorithms loaded: 3_000-1, flags=-strict
000 "waxahachie-wireless-bedford": ESP algorithm newest: 3DES_0-HMAC_MD5; pfsgroup=<N/A>
000 "waxahachie-wireless-corp": 192.168.1.0/24===216.158.212.174[@corp]---216.158.212.169...65.91.22.234===10.10.0.64/27; erouted; eroute owner: #160
000 "waxahachie-wireless-corp": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "waxahachie-wireless-corp": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "waxahachie-wireless-corp": policy: PSK+ENCRYPT+COMPRESS+TUNNEL+UP; prio: 24,27; interface: eth1;
000 "waxahachie-wireless-corp": newest ISAKMP SA: #0; newest IPsec SA: #160;
000 "waxahachie-wireless-corp": IKE algorithms wanted: 5_000-2-5, 5_000-2-2, flags=-strict
000 "waxahachie-wireless-corp": IKE algorithms found: 5_192-2_160-5, 5_192-2_160-2,
000 "waxahachie-wireless-corp": ESP algorithms wanted: 3_000-1, flags=-strict
000 "waxahachie-wireless-corp": ESP algorithms loaded: 3_000-1, flags=-strict
000 "waxahachie-wireless-corp": ESP algorithm newest: 3DES_0-HMAC_MD5; pfsgroup=<N/A>
000 "waxahachie-wireless-nurscare": 192.168.12.0/24===216.158.212.174[@corp]---216.158.212.169...65.91.22.234===10.10.0.64/27; erouted; eroute owner: #156
000 "waxahachie-wireless-nurscare": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "waxahachie-wireless-nurscare": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "waxahachie-wireless-nurscare": policy: PSK+ENCRYPT+COMPRESS+TUNNEL; prio: 24,27; interface: eth1;
000 "waxahachie-wireless-nurscare": newest ISAKMP SA: #0; newest IPsec SA: #156;
000 "waxahachie-wireless-nurscare": IKE algorithms wanted: 5_000-2-5, 5_000-2-2, flags=-strict
000 "waxahachie-wireless-nurscare": IKE algorithms found: 5_192-2_160-5, 5_192-2_160-2,
000 "waxahachie-wireless-nurscare": ESP algorithms wanted: 3_000-1, flags=-strict
000 "waxahachie-wireless-nurscare": ESP algorithms loaded: 3_000-1, flags=-strict
000 "waxahachie-wireless-nurscare": ESP algorithm newest: 3DES_0-HMAC_MD5; pfsgroup=<N/A>
000 "waxahachie-wireless-ovpn": 10.8.0.0/24===216.158.212.174[@corp]---216.158.212.169...65.91.22.234===10.10.0.64/27; erouted; eroute owner: #154
000 "waxahachie-wireless-ovpn": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "waxahachie-wireless-ovpn": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1
000 "waxahachie-wireless-ovpn": policy: PSK+ENCRYPT+COMPRESS+TUNNEL; prio: 24,27; interface: eth1;
000 "waxahachie-wireless-ovpn": newest ISAKMP SA: #0; newest IPsec SA: #154;
000 "waxahachie-wireless-ovpn": IKE algorithms wanted: 5_000-2-5, 5_000-2-2, flags=-strict
000 "waxahachie-wireless-ovpn": IKE algorithms found: 5_192-2_160-5, 5_192-2_160-2,
000 "waxahachie-wireless-ovpn": ESP algorithms wanted: 3_000-1, flags=-strict
000 "waxahachie-wireless-ovpn": ESP algorithms loaded: 3_000-1, flags=-strict
000 "waxahachie-wireless-ovpn": ESP algorithm newest: 3DES_0-HMAC_MD5; pfsgroup=<N/A>
000
000 #152: "corporate-home"[4] 71.244.57.29:500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 19081s; newest IPSEC; eroute owner
000 #152: "corporate-home"[4] 71.244.57.29 esp.c4ad15ff at 71.244.57.29 esp.1a12390b at 216.158.212.116 tun.0 at 71.244.57.29 tun.0 at 216.158.212.116
000 #169: "corporate-home"[4] 71.244.57.29:500 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 1276s; newest ISAKMP; lastdpd=-1s(seq in:0 out:0)
000 #151: "nurscare-home"[3] 71.244.57.29:500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 18653s; newest IPSEC; eroute owner
000 #151: "nurscare-home"[3] 71.244.57.29 esp.3a0776b5 at 71.244.57.29 esp.ee16ea26 at 216.158.212.116 tun.0 at 71.244.57.29 tun.0 at 216.158.212.116
000 #162: "waxahachie-lan-bedford":500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 21151s; newest IPSEC; eroute owner
000 #162: "waxahachie-lan-bedford" esp.52626d74 at 65.91.22.234 esp.e1b81c24 at 216.158.212.174 tun.0 at 65.91.22.234 tun.0 at 216.158.212.174
000 #4: "waxahachie-lan-corp":500 STATE_MAIN_I4 (ISAKMP SA established); none in -1s; newest ISAKMP; nodpd
000 #164: "waxahachie-lan-corp":500 STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 20777s; newest IPSEC; eroute owner
000 #164: "waxahachie-lan-corp" esp.da5d3958 at 65.91.22.234 esp.ca01f7 at 216.158.212.174 tun.0 at 65.91.22.234 tun.0 at 216.158.212.174
000 #155: "waxahachie-lan-nurscare":500 STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 19905s; newest IPSEC; eroute owner
000 #155: "waxahachie-lan-nurscare" esp.2f34c599 at 65.91.22.234 esp.9f996b0f at 216.158.212.174 tun.0 at 65.91.22.234 tun.0 at 216.158.212.174
000 #161: "waxahachie-lan-ovpn":500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 21151s; newest IPSEC; eroute owner
000 #161: "waxahachie-lan-ovpn" esp.645c1c0a at 65.91.22.234 esp.4eb97eff at 216.158.212.174 tun.0 at 65.91.22.234 tun.0 at 216.158.212.174
000 #168: "waxahachie-wireless-bedford":500 STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 850s; newest ISAKMP; nodpd
000 #163: "waxahachie-wireless-bedford":500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 21152s; newest IPSEC; eroute owner
000 #163: "waxahachie-wireless-bedford" esp.45447991 at 65.91.22.234 esp.be1f0e62 at 216.158.212.174 tun.0 at 65.91.22.234 tun.0 at 216.158.212.174
000 #160: "waxahachie-wireless-corp":500 STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 20604s; newest IPSEC; eroute owner
000 #160: "waxahachie-wireless-corp" esp.3f5e3440 at 65.91.22.234 esp.b4c8002f at 216.158.212.174 tun.0 at 65.91.22.234 tun.0 at 216.158.212.174
000 #156: "waxahachie-wireless-nurscare":500 STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 19978s; newest IPSEC; eroute owner
000 #156: "waxahachie-wireless-nurscare" esp.5c792d33 at 65.91.22.234 esp.488a951f at 216.158.212.174 tun.0 at 65.91.22.234 tun.0 at 216.158.212.174
000 #154: "waxahachie-wireless-ovpn":500 STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 19934s; newest IPSEC; eroute owner
000 #154: "waxahachie-wireless-ovpn" esp.fa03638 at 65.91.22.234 esp.9fe36178 at 216.158.212.174 tun.0 at 65.91.22.234 tun.0 at 216.158.212.174
000
+ _________________________ ifconfig-a
+ ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:02:55:C7:19:59
inet addr:192.168.1.41 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::202:55ff:fec7:1959/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:14407665 errors:0 dropped:3534 overruns:0 frame:571757400
TX packets:20714870 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3522793581 (3.2 GiB) TX bytes:2642384421 (2.4 GiB)
eth1 Link encap:Ethernet HWaddr 00:02:55:C7:19:5A
inet addr:216.158.212.171 Bcast:216.158.212.175 Mask:255.255.255.248
inet6 addr: fe80::202:55ff:fec7:195a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10810861 errors:0 dropped:3188 overruns:0 frame:610123060
TX packets:84455 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3840675646 (3.5 GiB) TX bytes:5911531 (5.6 MiB)
eth2 Link encap:Ethernet HWaddr 00:02:B3:9D:B9:EB
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
eth3 Link encap:Ethernet HWaddr 00:02:B3:9D:B9:EC
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:4484711 errors:0 dropped:0 overruns:0 frame:0
TX packets:4484711 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1139513771 (1.0 GiB) TX bytes:1139513771 (1.0 GiB)
sit0 Link encap:IPv6-in-IPv4
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.10.0.33 P-t-P:10.10.0.34 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:147725 errors:0 dropped:0 overruns:0 frame:0
TX packets:180516 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:12516214 (11.9 MiB) TX bytes:173855034 (165.8 MiB)
+ _________________________ ip-addr-list
+ ip addr list
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:55:c7:19:59 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.41/24 brd 192.168.1.255 scope global eth0
inet 192.168.1.54/24 scope global secondary eth0
inet 192.168.1.103/24 scope global secondary eth0
inet 192.168.1.160/24 scope global secondary eth0
inet6 fe80::202:55ff:fec7:1959/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:55:c7:19:5a brd ff:ff:ff:ff:ff:ff
inet 216.158.212.171/29 brd 216.158.212.175 scope global eth1
inet 216.158.212.116/29 scope global eth1
inet 216.158.212.174/29 scope global secondary eth1
inet6 fe80::202:55ff:fec7:195a/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
link/ether 00:02:b3:9d:b9:eb brd ff:ff:ff:ff:ff:ff
5: eth3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
link/ether 00:02:b3:9d:b9:ec brd ff:ff:ff:ff:ff:ff
6: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
8: tun0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/[65534]
inet 10.10.0.33 peer 10.10.0.34/32 scope global tun0
+ _________________________ ip-route-list
+ ip route list
10.10.0.34 dev tun0 proto kernel scope link src 10.10.0.33
216.158.212.112/29 dev eth1 proto kernel scope link src 216.158.212.116
216.158.212.168/29 dev eth1 proto kernel scope link src 216.158.212.171
10.10.0.32/27 via 10.10.0.34 dev tun0
192.168.160.0/27 via 192.168.1.104 dev eth0
10.10.0.0/27 via 192.168.1.104 dev eth0
192.168.160.64/27 via 216.158.212.169 dev eth1
10.10.0.64/27 via 216.158.212.169 dev eth1
192.168.192.0/27 via 216.158.212.113 dev eth1
192.168.192.32/27 via 192.168.1.104 dev eth0
192.168.192.64/27 via 192.168.1.104 dev eth0
192.168.192.96/27 via 192.168.1.104 dev eth0
192.168.192.128/27 via 192.168.1.104 dev eth0
192.168.192.160/27 via 192.168.1.104 dev eth0
192.168.192.192/27 via 192.168.1.104 dev eth0
192.168.192.224/27 via 192.168.1.104 dev eth0
192.168.7.0/24 via 192.168.1.1 dev eth0
192.168.6.0/24 via 192.168.1.1 dev eth0
192.168.5.0/24 via 192.168.1.1 dev eth0
192.168.4.0/24 via 192.168.1.1 dev eth0
192.168.3.0/24 via 192.168.1.1 dev eth0
192.168.2.0/24 via 192.168.1.1 dev eth0
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.41
192.168.170.0/24 via 192.168.1.104 dev eth0
192.168.12.0/24 via 192.168.1.1 dev eth0
192.168.11.0/24 via 192.168.1.1 dev eth0
192.168.191.0/24 via 192.168.1.104 dev eth0
192.168.10.0/24 via 192.168.1.1 dev eth0
192.168.9.0/24 via 192.168.1.1 dev eth0
192.168.8.0/24 via 192.168.1.1 dev eth0
default via 192.168.1.1 dev eth0
+ _________________________ ip-rule-list
+ ip rule list
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
+ _________________________ ipsec_verify
+ ipsec verify --nocolour
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.4.4/K2.6.12-9-686-smp (netkey)
Checking for IPsec support in kernel [OK]
Checking for RSA private key (/etc/ipsec.secrets) [OK]
Checking that pluto is running [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing [OK]
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
Checking for 'setkey' command for NETKEY IPsec stack support [OK]
Opportunistic Encryption Support [DISABLED]
+ _________________________ mii-tool
+ '[' -x /sbin/mii-tool ']'
+ /sbin/mii-tool -v
eth0: negotiated 100baseTx-FD, link ok
product info: Intel 82555 rev 4
basic mode: autonegotiation enabled
basic status: autonegotiation complete, link ok
capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
eth1: negotiated 100baseTx-FD, link ok
product info: Intel 82555 rev 4
basic mode: autonegotiation enabled
basic status: autonegotiation complete, link ok
capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
eth2: no link
product info: Intel 82555 rev 4
basic mode: autonegotiation enabled
basic status: no link
capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
eth3: no link
product info: Intel 82555 rev 4
basic mode: autonegotiation enabled
basic status: no link
capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
+ _________________________ ipsec/directory
+ ipsec --directory
/usr/lib/ipsec
+ _________________________ hostname/fqdn
+ hostname --fqdn
localhost.localdomain
+ _________________________ hostname/ipaddress
+ hostname --ip-address
127.0.0.1
+ _________________________ uptime
+ uptime
08:14:59 up 7 days, 20:44, 1 user, load average: 0.44, 0.15, 0.08
+ _________________________ ps
+ ps alxwf
+ egrep -i 'ppid|pluto|ipsec|klips'
F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND
0 0 27479 26755 19 0 2808 1428 wait S+ pts/0 0:00 \_ /bin/sh /usr/lib/ipsec/barf
0 0 27572 27479 23 0 1628 496 pipe_w S+ pts/0 0:00 \_ grep -E -i ppid|pluto|ipsec|klips
1 0 27155 1 21 0 2420 1164 wait S ? 0:00 /bin/bash /usr/lib/ipsec/_plutorun --debug --uniqueids yes --nocrsend --strictcrlpolicy --nat_traversal yes --keep_alive --protostack auto --force_keepalive --disable_port_floating --virtual_private %v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.1.0/24 --crlcheckinterval 0 --ocspuri --nhelpers --dump --opts --stderrlog --wait no --pre --post --log daemon.error --pid /var/run/pluto/pluto.pid
1 0 27156 27155 21 0 2420 1176 wait S ? 0:00 \_ /bin/bash /usr/lib/ipsec/_plutorun --debug --uniqueids yes --nocrsend --strictcrlpolicy --nat_traversal yes --keep_alive --protostack auto --force_keepalive --disable_port_floating --virtual_private %v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.1.0/24 --crlcheckinterval 0 --ocspuri --nhelpers --dump --opts --stderrlog --wait no --pre --post --log daemon.error --pid /var/run/pluto/pluto.pid
4 0 27158 27156 15 0 7304 2924 - S ? 0:01 | \_ /usr/lib/ipsec/pluto --nofork --secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec.d --use-auto --uniqueids --nat_traversal --virtual_private %v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.1.0/24
1 0 27165 27158 27 10 6744 1888 - SN ? 0:01 | \_ pluto helper # 0 -nofork
0 0 27229 27158 19 0 1488 276 - S ? 0:00 | \_ _pluto_adns
0 0 27159 27155 15 0 2400 1132 pipe_w S ? 0:00 \_ /bin/sh /usr/lib/ipsec/_plutoload --wait no --post
0 0 27157 1 15 0 1548 496 pipe_w S ? 0:00 logger -s -p daemon.error -t ipsec__plutorun
+ _________________________ ipsec/showdefaults
+ ipsec showdefaults
# no default route
# no default route
+ _________________________ ipsec/conf
+ ipsec _include /etc/ipsec.conf
+ ipsec _keycensor
#< /etc/ipsec.conf 1
# /etc/ipsec.conf - Openswan IPsec configuration file
# RCSID $Id: ipsec.conf.in,v 1.15.2.1 2005/07/26 12:28:39 ken Exp $
# This file: /usr/share/doc/openswan/ipsec.conf-sample
#
# Manual: ipsec.conf.5
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
interfaces="ipsec0=eth0 ipsec1=eth1"
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.1.0/24
conn %default
keyingtries=1
compress=yes
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
conn roadwarrior
left=192.168.1.41
leftnexthop=192.168.1.1
leftcert=192.168.1.30.pem
right=192.168.1.30
auto=add
pfs=no
conn waxahachie-lan-ovpn
leftsubnet=10.8.0.0/24
rightsubnet=192.168.160.64/27
also=waxahachie-common
conn waxahachie-wireless-ovpn
leftsubnet=10.8.0.0/24
rightsubnet=10.10.0.64/27
also=waxahachie-common
conn waxahachie-wireless-corp
leftsubnet=192.168.1.0/24
rightsubnet=10.10.0.64/27
also=waxahachie-common
conn waxahachie-wireless-bedford
leftsubnet=192.168.10.0/24
rightsubnet=10.10.0.64/27
also=waxahachie-common
conn waxahachie-lan-corp
leftsubnet=192.168.1.0/24
rightsubnet=192.168.160.64/27
also=waxahachie-common
conn waxahachie-lan-bedford
leftsubnet=192.168.10.0/24
rightsubnet=192.168.160.64/27
also=waxahachie-common
conn waxahachie-wireless-nurscare
leftsubnet=192.168.12.0/24
rightsubnet=10.10.0.64/27
also=waxahachie-common
conn waxahachie-lan-nurscare
leftsubnet=192.168.12.0/24
rightsubnet=192.168.160.64/27
also=waxahachie-common
conn waxahachie-common
left=216.158.212.174
leftnexthop=216.158.212.169
leftid=@corp
right=65.91.22.234
rightid=65.91.22.234
pfs=no
auto=add
auth=esp
esp=3des-md5
ike=3des-sha1
authby=secret
conn nurscare-home
right=216.158.212.116
rightsubnet=192.168.12.0/24
rightnexthop=216.158.212.113
also=home
conn bedford-home
right=216.158.212.116
rightsubnet=192.168.10.0/24
rightnexthop=216.158.212.113
also=home
conn corporate-home
right=216.158.212.116
rightsubnet=192.168.1.0/24
rightnexthop=216.158.212.113
also=home
conn home
left=%any
leftsubnet=192.168.192.0/27
leftid=@home
rightid=@work
pfs=no
authby=secret
forceencaps=yes
auto=add
#conn sonicwall
# left=216.158.212.174
# leftnexthop=216.158.212.169
# leftsubnet=192.168.1.0/24
# leftid=@home
# right=65.91.22.234
# rightsubnet=10.10.0.64/27
# rightid=65.91.22.234
# pfs=no
# auto=add
# auth=esp
# esp=3des-md5
# ike=3des-sha1
# authby=secret
#conn waxahachie2
# left=216.158.212.174
# leftnexthop=216.158.212.169
# leftsubnet=192.168.10.0/24
# leftid=@home
# right=65.91.22.234
# rightsubnet=10.10.0.64/27
# rightid=65.91.22.234
# pfs=no
# auto=add
# auth=esp
# esp=3des-md5
# ike=3des-sha1
# authby=secret
# plutodebug / klipsdebug = "all", "none" or a combation from below:
# "raw crypt parsing emitting control klips pfkey natt x509 private"
# eg:
# plutodebug="control parsing"
#
# Only enable klipsdebug=all if you are a developer
#
# NAT-TRAVERSAL support, see README.NAT-Traversal
# nat_traversal=yes
# virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%4:172.16.0.0/12
# Add connections here
# sample VPN connection
# conn sample
# # Left security gateway, subnet behind it, nexthop toward right.
# left=10.0.0.1
# leftsubnet=172.16.0.0/24
# leftnexthop=10.22.33.44
# # Right security gateway, subnet behind it, nexthop toward left.
# right=10.12.12.1
# rightsubnet=192.168.0.0/24
# rightnexthop=10.101.102.103
# # To authorize this connection, but not actually start it,
# # at startup, uncomment this.
# #auto=start
#Disable Opportunistic Encryption
#< /etc/ipsec.d/examples/no_oe.conf 1
# 'include' this file to disable Opportunistic Encryption.
# See /usr/share/doc/openswan/policygroups.html for details.
#
# RCSID $Id: no_oe.conf.in,v 1.2 2004/10/03 19:33:10 paul Exp $
conn block
auto=ignore
conn private
auto=ignore
conn private-or-clear
auto=ignore
conn clear-or-private
auto=ignore
conn clear
auto=ignore
conn packetdefault
auto=ignore
#> /etc/ipsec.conf 174
+ _________________________ ipsec/secrets
+ ipsec _include /etc/ipsec.secrets
+ ipsec _secretcensor
#< /etc/ipsec.secrets 1
: RSA {
# RSA 2192 bits xserve2.private.integracarehh.com Tue Mar 28 12:38:34 2006
# for signatures only, UNSAFE FOR ENCRYPTION
#pubkey=[keyid AQO/aqim9]
Modulus: [...]
PublicExponent: [...]
# everything after this point is secret
PrivateExponent: [...]
Prime1: [...]
Prime2: [...]
Exponent1: [...]
Exponent2: [...]
Coefficient: [...]
}
# do not change the indenting of that "[sums to 7d9d...]"
@corp 65.91.22.234 : PSK "[sums to 3a72...]"
@work @home : PSK "[sums to 3a72...]"
@home 216.158.212.116 : PSK "[sums to 3a72...]"
216.158.212.116 : PSK "[sums to 3a72...]"
@home @work : PSK "[sums to 3a72...]"
@work %any : PSK "[sums to 3a72...]"
+ _________________________ ipsec/listall
+ ipsec auto --listall
000
000 List of Public Keys:
000
000 Jun 26 14:27:14 2006, 1024 RSA Key AwEAAc6Uh, until Mar 12 11:51:34 2016 ok
000 ID_DER_ASN1_DN 'C=US, ST=Texas, L=Grapevine, O=Texas Health Management Group, CN=Jeremy Mann, E=jmann at txhmg.com'
000 Issuer 'C=US, ST=Texas, L=Grapevine, O=Texas Health Management Group'
000
000 List of X.509 End Certificates:
000
000 Jun 26 14:27:14 2006, count: 1
000 subject: 'C=US, ST=Texas, L=Grapevine, O=Texas Health Management Group, CN=Jeremy Mann, E=jmann at txhmg.com'
000 issuer: 'C=US, ST=Texas, L=Grapevine, O=Texas Health Management Group'
000 serial: 03
000 pubkey: 1024 RSA Key AwEAAc6Uh
000 validity: not before Mar 15 11:51:34 2006 ok
000 not after Mar 12 11:51:34 2016 ok
000 subjkey: 19:3d:c2:1f:e4:10:af:41:ce:de:ce:36:97:13:f3:61:01:35:55:a7
000 authkey: f7:d0:29:74:2e:a5:ac:43:f7:0d:c0:8c:aa:e5:a0:1d:67:d1:5a:48
000 aserial: 00:e5:74:35:63:bf:b7:a0:7b
000
000 List of X.509 CA Certificates:
000
000 Jun 26 14:27:13 2006, count: 1
000 subject: 'C=US, ST=Texas, L=Grapevine, O=Texas Health Management Group'
000 issuer: 'C=US, ST=Texas, L=Grapevine, O=Texas Health Management Group'
000 serial: 00:e5:74:35:63:bf:b7:a0:7b
000 pubkey: 1024 RSA Key AwEAAdCwg
000 validity: not before Nov 14 10:21:01 2005 ok
000 not after Nov 13 10:21:01 2015 ok
000 subjkey: f7:d0:29:74:2e:a5:ac:43:f7:0d:c0:8c:aa:e5:a0:1d:67:d1:5a:48
000 authkey: f7:d0:29:74:2e:a5:ac:43:f7:0d:c0:8c:aa:e5:a0:1d:67:d1:5a:48
000 aserial: 00:e5:74:35:63:bf:b7:a0:7b
000
000 List of X.509 CRLs:
000
000 Jun 26 14:27:13 2006, revoked certs: 0
000 issuer: 'C=US, ST=Texas, L=Grapevine, O=Texas Health Management Group'
000 updates: this Nov 14 10:21:17 2005
000 next Dec 14 10:21:17 2005 warning (expired)
+ '[' /etc/ipsec.d/policies ']'
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/block
+ base=block
+ _________________________ ipsec/policies/block
+ cat /etc/ipsec.d/policies/block
# This file defines the set of CIDRs (network/mask-length) to which
# communication should never be allowed.
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: block.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/clear
+ base=clear
+ _________________________ ipsec/policies/clear
+ cat /etc/ipsec.d/policies/clear
# This file defines the set of CIDRs (network/mask-length) to which
# communication should always be in the clear.
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: clear.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/clear-or-private
+ base=clear-or-private
+ _________________________ ipsec/policies/clear-or-private
+ cat /etc/ipsec.d/policies/clear-or-private
# This file defines the set of CIDRs (network/mask-length) to which
# we will communicate in the clear, or, if the other side initiates IPSEC,
# using encryption. This behaviour is also called "Opportunistic Responder".
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: clear-or-private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/private
+ base=private
+ _________________________ ipsec/policies/private
+ cat /etc/ipsec.d/policies/private
# This file defines the set of CIDRs (network/mask-length) to which
# communication should always be private (i.e. encrypted).
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/private-or-clear
+ base=private-or-clear
+ _________________________ ipsec/policies/private-or-clear
+ cat /etc/ipsec.d/policies/private-or-clear
# This file defines the set of CIDRs (network/mask-length) to which
# communication should be private, if possible, but in the clear otherwise.
#
# If the target has a TXT (later IPSECKEY) record that specifies
# authentication material, we will require private (i.e. encrypted)
# communications. If no such record is found, communications will be
# in the clear.
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: private-or-clear.in,v 1.5 2003/02/17 02:22:15 mcr Exp $
#
0.0.0.0/0
+ _________________________ ipsec/ls-libdir
+ ls -l /usr/lib/ipsec
total 1364
-rwxr-xr-x 1 root root 15535 May 23 12:07 _confread
-rwxr-xr-x 1 root root 4300 May 23 12:08 _copyright
-rwxr-xr-x 1 root root 2379 May 23 12:07 _include
-rwxr-xr-x 1 root root 1475 May 23 12:07 _keycensor
-rwxr-xr-x 1 root root 7756 May 23 12:08 _pluto_adns
-rwxr-xr-x 1 root root 3586 May 23 12:07 _plutoload
-rwxr-xr-x 1 root root 7429 May 23 12:07 _plutorun
-rwxr-xr-x 1 root root 12275 May 23 12:07 _realsetup
-rwxr-xr-x 1 root root 1975 May 23 12:07 _secretcensor
-rwxr-xr-x 1 root root 9772 May 23 12:07 _startklips
-rwxr-xr-x 1 root root 13417 May 23 12:07 _updown
-rwxr-xr-x 1 root root 15746 May 23 12:07 _updown_x509
-rwxr-xr-x 1 root root 19081 May 23 12:07 auto
-rwxr-xr-x 1 root root 10560 May 23 12:07 barf
-rwxr-xr-x 1 root root 816 May 23 12:07 calcgoo
-rwxr-xr-x 1 root root 76964 May 23 12:08 eroute
-rwxr-xr-x 1 root root 16556 May 23 12:08 ikeping
-rwxr-xr-x 1 root root 1942 May 23 12:07 ipsec_pr.template
-rwxr-xr-x 1 root root 60992 May 23 12:08 klipsdebug
-rwxr-xr-x 1 root root 1836 May 23 12:07 livetest
-rwxr-xr-x 1 root root 2605 May 23 12:07 look
-rwxr-xr-x 1 root root 7147 May 23 12:07 mailkey
-rwxr-xr-x 1 root root 15996 May 23 12:07 manual
-rwxr-xr-x 1 root root 1926 May 23 12:07 newhostkey
-rwxr-xr-x 1 root root 52160 May 23 12:08 pf_key
-rwxr-xr-x 1 root root 644728 May 23 12:08 pluto
-rwxr-xr-x 1 root root 6172 May 23 12:08 ranbits
-rwxr-xr-x 1 root root 18588 May 23 12:08 rsasigkey
-rwxr-xr-x 1 root root 766 May 23 12:07 secrets
-rwxr-xr-x 1 root root 17624 May 23 12:07 send-pr
lrwxrwxrwx 1 root root 17 Jun 1 15:52 setup -> /etc/init.d/ipsec
-rwxr-xr-x 1 root root 1054 May 23 12:07 showdefaults
-rwxr-xr-x 1 root root 4748 May 23 12:07 showhostkey
-rwxr-xr-x 1 root root 114608 May 23 12:08 spi
-rwxr-xr-x 1 root root 65408 May 23 12:08 spigrp
-rwxr-xr-x 1 root root 9796 May 23 12:08 tncfg
-rwxr-xr-x 1 root root 10601 May 23 12:07 verify
-rwxr-xr-x 1 root root 47092 May 23 12:08 whack
+ _________________________ ipsec/ls-execdir
+ ls -l /usr/lib/ipsec
total 1364
-rwxr-xr-x 1 root root 15535 May 23 12:07 _confread
-rwxr-xr-x 1 root root 4300 May 23 12:08 _copyright
-rwxr-xr-x 1 root root 2379 May 23 12:07 _include
-rwxr-xr-x 1 root root 1475 May 23 12:07 _keycensor
-rwxr-xr-x 1 root root 7756 May 23 12:08 _pluto_adns
-rwxr-xr-x 1 root root 3586 May 23 12:07 _plutoload
-rwxr-xr-x 1 root root 7429 May 23 12:07 _plutorun
-rwxr-xr-x 1 root root 12275 May 23 12:07 _realsetup
-rwxr-xr-x 1 root root 1975 May 23 12:07 _secretcensor
-rwxr-xr-x 1 root root 9772 May 23 12:07 _startklips
-rwxr-xr-x 1 root root 13417 May 23 12:07 _updown
-rwxr-xr-x 1 root root 15746 May 23 12:07 _updown_x509
-rwxr-xr-x 1 root root 19081 May 23 12:07 auto
-rwxr-xr-x 1 root root 10560 May 23 12:07 barf
-rwxr-xr-x 1 root root 816 May 23 12:07 calcgoo
-rwxr-xr-x 1 root root 76964 May 23 12:08 eroute
-rwxr-xr-x 1 root root 16556 May 23 12:08 ikeping
-rwxr-xr-x 1 root root 1942 May 23 12:07 ipsec_pr.template
-rwxr-xr-x 1 root root 60992 May 23 12:08 klipsdebug
-rwxr-xr-x 1 root root 1836 May 23 12:07 livetest
-rwxr-xr-x 1 root root 2605 May 23 12:07 look
-rwxr-xr-x 1 root root 7147 May 23 12:07 mailkey
-rwxr-xr-x 1 root root 15996 May 23 12:07 manual
-rwxr-xr-x 1 root root 1926 May 23 12:07 newhostkey
-rwxr-xr-x 1 root root 52160 May 23 12:08 pf_key
-rwxr-xr-x 1 root root 644728 May 23 12:08 pluto
-rwxr-xr-x 1 root root 6172 May 23 12:08 ranbits
-rwxr-xr-x 1 root root 18588 May 23 12:08 rsasigkey
-rwxr-xr-x 1 root root 766 May 23 12:07 secrets
-rwxr-xr-x 1 root root 17624 May 23 12:07 send-pr
lrwxrwxrwx 1 root root 17 Jun 1 15:52 setup -> /etc/init.d/ipsec
-rwxr-xr-x 1 root root 1054 May 23 12:07 showdefaults
-rwxr-xr-x 1 root root 4748 May 23 12:07 showhostkey
-rwxr-xr-x 1 root root 114608 May 23 12:08 spi
-rwxr-xr-x 1 root root 65408 May 23 12:08 spigrp
-rwxr-xr-x 1 root root 9796 May 23 12:08 tncfg
-rwxr-xr-x 1 root root 10601 May 23 12:07 verify
-rwxr-xr-x 1 root root 47092 May 23 12:08 whack
+ _________________________ ipsec/updowns
++ ls /usr/lib/ipsec
++ egrep updown
+ for f in '`ls ${IPSEC_EXECDIR-/usr/libexec/ipsec} | egrep updown`'
+ cat /usr/lib/ipsec/_updown
#! /bin/sh
# iproute2 version, default updown script
#
# Copyright (C) 2003-2004 Nigel Metheringham
# Copyright (C) 2002-2004 Michael Richardson <mcr at xelerance.com>
# Copyright (C) 2003-2005 Tuomo Soini <tis at foobar.fi>
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
# RCSID $Id: _updown.in,v 1.21.2.8 2005/08/28 02:45:26 paul Exp $
# CAUTION: Installing a new version of FreeS/WAN will install a new
# copy of this script, wiping out any custom changes you make. If
# you need changes, make a copy of this under another name, and customize
# that, and use the (left/right)updown parameters in ipsec.conf to make
# FreeS/WAN use yours instead of this default one.
LC_ALL=C export LC_ALL
# things that this script gets (from ipsec_pluto(8) man page)
#
#
# PLUTO_VERSION
# indicates what version of this interface is being
# used. This document describes version 1.1. This
# is upwardly compatible with version 1.0.
#
# PLUTO_VERB
# specifies the name of the operation to be performed
# (prepare-host, prepare-client, up-host, up-client,
# down-host, or down-client). If the address family
# for security gateway to security gateway communica
# tions is IPv6, then a suffix of -v6 is added to the
# verb.
#
# PLUTO_CONNECTION
# is the name of the connection for which we are
# routing.
#
# PLUTO_CONN_POLICY
# the policy of the connection, as in:
# RSASIG+ENCRYPT+TUNNEL+PFS+DONTREKEY+OPPORTUNISTIC+failureDROP+lKOD+rKOD
#
# PLUTO_NEXT_HOP
# is the next hop to which packets bound for the peer
# must be sent.
#
# PLUTO_INTERFACE
# is the name of the ipsec interface to be used.
#
# PLUTO_ME
# is the IP address of our host.
#
# PLUTO_MY_CLIENT
# is the IP address / count of our client subnet. If
# the client is just the host, this will be the
# host's own IP address / max (where max is 32 for
# IPv4 and 128 for IPv6).
#
# PLUTO_MY_CLIENT_NET
# is the IP address of our client net. If the client
# is just the host, this will be the host's own IP
# address.
#
# PLUTO_MY_CLIENT_MASK
# is the mask for our client net. If the client is
# just the host, this will be 255.255.255.255.
#
# PLUTO_MY_SOURCEIP
# if non-empty, then the source address for the route will be
# set to this IP address.
#
# PLUTO_MY_PROTOCOL
# is the protocol for this connection. Useful for
# firewalling.
#
# PLUTO_MY_PORT
# is the port. Useful for firewalling.
#
# PLUTO_PEER
# is the IP address of our peer.
#
# PLUTO_PEER_CLIENT
# is the IP address / count of the peer's client sub
# net. If the client is just the peer, this will be
# the peer's own IP address / max (where max is 32
# for IPv4 and 128 for IPv6).
#
# PLUTO_PEER_CLIENT_NET
# is the IP address of the peer's client net. If the
# client is just the peer, this will be the peer's
# own IP address.
#
# PLUTO_PEER_CLIENT_MASK
# is the mask for the peer's client net. If the
# client is just the peer, this will be
# 255.255.255.255.
#
# PLUTO_PEER_PROTOCOL
# is the protocol set for remote end with port
# selector.
#
# PLUTO_PEER_PORT
# is the peer's port. Useful for firewalling.
#
# PLUTO_CONNECTION_TYPE
#
# Import default _updown configs from the /etc/sysconfig/pluto_updown file
#
# Two variables can be set in this file:
#
# DEFAULTSOURCE
# is the default value for PLUTO_MY_SOURCEIP
#
# IPROUTETABLE
# is the default value for IPROUTETABLE
#
# IPROUTEARGS
# is the extra argument list for ip route command
#
# IPRULEARGS
# is the extra argument list for ip rule command
#
if [ -f /etc/sysconfig/pluto_updown ]
then
. /etc/sysconfig/pluto_updown
fi
# check interface version
case "$PLUTO_VERSION" in
1.[0]) # Older Pluto?!? Play it safe, script may be using new features.
echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2
echo "$0: called by obsolete Pluto?" >&2
exit 2
;;
1.*) ;;
*) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2
exit 2
;;
esac
# check parameter(s)
case "$1:$*" in
':') # no parameters
;;
ipfwadm:ipfwadm) # due to (left/right)firewall; for default script only
;;
custom:*) # custom parameters (see above CAUTION comment)
;;
*) echo "$0: unknown parameters \`$*'" >&2
exit 2
;;
esac
# utility functions for route manipulation
# Meddling with this stuff should not be necessary and requires great care.
uproute() {
doroute add
ip route flush cache
}
downroute() {
doroute delete
ip route flush cache
}
uprule() {
# policy based advanced routing
if [ -n "$IPROUTETABLE" ]
then
dorule delete
dorule add
fi
# virtual sourceip support
if [ -n "$PLUTO_MY_SOURCEIP" ]
then
if addsource
then
changesource
fi
fi
ip route flush cache
}
downrule() {
if [ -n "$IPROUTETABLE" ]
then
dorule delete
ip route flush cache
fi
}
addsource() {
st=0
# check if given sourceip is local and add as alias if not
if ! ip -o route get ${PLUTO_MY_SOURCEIP%/*} | grep -q ^local
then
it="ip addr add ${PLUTO_MY_SOURCEIP%/*}/32 dev ${PLUTO_INTERFACE%:*}"
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: File exists'*)
# should not happen, but ... ignore if the
# address was already assigned on interface
oops=""
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: addsource \`$it' failed ($oops)" >&2
fi
fi
return $st
}
changesource() {
st=0
parms="$PLUTO_PEER_CLIENT dev ${PLUTO_INTERFACE%:*}"
parms="$parms src ${PLUTO_MY_SOURCEIP%/*} $IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms="$parms table $IPROUTETABLE"
fi
it="ip route change $parms"
case "$PLUTO_PEER_CLIENT" in
"0.0.0.0/0")
# opportunistic encryption work around
it=
;;
esac
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: changesource \`$it' failed ($oops)" >&2
fi
return $st
}
dorule() {
st=0
it2=
iprule="from $PLUTO_MY_CLIENT"
iprule2="to $PLUTO_PEER_CLIENT table $IPROUTETABLE $IPRULEARGS"
case "$PLUTO_PEER_CLIENT" in
"0.0.0.0/0")
# opportunistic encryption work around
st=0
;;
*)
if [ -z "$PLUTO_MY_SOURCEIP" ]
then
if [ "$PLUTO_ME" = "${PLUTO_MY_CLIENT%/*}" ]
then
it="ip rule $1 iif lo $iprule2"
else
it="ip rule $1 $iprule $iprule2"
fi
else
if [ "${PLUTO_MY_SOURCEIP%/*}" = "${PLUTO_MY_CLIENT%/*}" ]
then
it="ip rule $1 iif lo $iprule2"
else
it="ip rule $1 $iprule $iprule2"
it2="ip rule $1 iif lo $iprule2"
fi
fi
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: No such process'*)
# This is what ip rule gives
# for "could not find such a rule"
oops=
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: dorule \`$it' failed ($oops)" >&2
fi
if test "$st" = "0" -a -n "$it2"
then
oops="`eval $it2 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: No such process'*)
# This is what ip rule gives
# for "could not find such a rule"
oops=
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: dorule \`$it2' failed ($oops)" >&2
fi
fi
;;
esac
return $st
}
doroute() {
st=0
parms="$PLUTO_PEER_CLIENT"
parms2=
if [ -n "$PLUTO_NEXT_HOP" ] && [ "$PLUTO_NEXT_HOP" != "$PLUTO_PEER" ]
then
parms2="via $PLUTO_NEXT_HOP"
fi
parms2="$parms2 dev ${PLUTO_INTERFACE%:*}"
parms3="$IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms3="$parms3 table $IPROUTETABLE"
fi
if [ -z "$PLUTO_MY_SOURCEIP" ] && [ -n "$DEFAULTSOURCE" ]
then
PLUTO_MY_SOURCEIP="${DEFAULTSOURCE%/*}"
fi
if test "$1" = "add" -a -n "$PLUTO_MY_SOURCEIP"
then
addsource
parms3="$parms3 src ${PLUTO_MY_SOURCEIP%/*}"
fi
case "$PLUTO_PEER_CLIENT" in
"0.0.0.0/0")
# opportunistic encryption work around
# need to provide route that eclipses default, without
# replacing it.
it="ip route $1 0.0.0.0/1 $parms2 $parms3 &&
ip route $1 128.0.0.0/1 $parms2 $parms3"
;;
*) it="ip route $1 $parms $parms2 $parms3"
;;
esac
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: doroute \`$it' failed ($oops)" >&2
fi
return $st
}
# the big choice
case "$PLUTO_VERB:$1" in
prepare-host:*|prepare-client:*)
# delete possibly-existing route (preliminary to adding a route)
case "$PLUTO_PEER_CLIENT" in
"0.0.0.0/0")
# need to provide route that eclipses default, without
# replacing it.
parms1="0.0.0.0/1"
parms2="128.0.0.0/1"
it="ip route delete $parms1 $IPROUTEARGS 2>&1 ; ip route delete $parms2 $IPROUTEARGS 2>&1"
oops="`ip route delete $parms1 $IPROUTEARGS 2>&1 ; ip route delete $parms2 $IPROUTEARGS 2>&1`"
;;
*)
parms="$PLUTO_PEER_CLIENT $IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms="$parms table $IPROUTETABLE"
fi
it="ip route delete $parms 2>&1"
oops="`ip route delete $parms 2>&1`"
;;
esac
status="$?"
if test " $oops" = " " -a " $status" != " 0"
then
oops="silent error, exit status $status"
fi
case "$oops" in
*'RTNETLINK answers: No such process'*)
# This is what route (currently -- not documented!) gives
# for "could not find such a route".
oops=
status=0
;;
esac
if test " $oops" != " " -o " $status" != " 0"
then
echo "$0: \`$it' failed ($oops)" >&2
fi
exit $status
;;
route-host:*|route-client:*)
# connection to me or my client subnet being routed
uproute
;;
unroute-host:*|unroute-client:*)
# connection to me or my client subnet being unrouted
downroute
;;
up-host:*)
# connection to me coming up
uprule
# If you are doing a custom version, firewall commands go here.
;;
down-host:*)
# connection to me going down
downrule
# If you are doing a custom version, firewall commands go here.
;;
up-client:)
# connection to my client subnet coming up
uprule
# If you are doing a custom version, firewall commands go here.
;;
down-client:)
# connection to my client subnet going down
downrule
# If you are doing a custom version, firewall commands go here.
;;
up-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, coming up
uprule
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
down-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, going down
downrule
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
#
# IPv6
#
prepare-host-v6:*|prepare-client-v6:*)
;;
route-host-v6:*|route-client-v6:*)
# connection to me or my client subnet being routed
#uproute_v6
;;
unroute-host-v6:*|unroute-client-v6:*)
# connection to me or my client subnet being unrouted
#downroute_v6
;;
up-host-v6:*)
# connection to me coming up
# If you are doing a custom version, firewall commands go here.
;;
down-host-v6:*)
# connection to me going down
# If you are doing a custom version, firewall commands go here.
;;
up-client-v6:)
# connection to my client subnet coming up
# If you are doing a custom version, firewall commands go here.
;;
down-client-v6:)
# connection to my client subnet going down
# If you are doing a custom version, firewall commands go here.
;;
*) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2
exit 1
;;
esac
+ for f in '`ls ${IPSEC_EXECDIR-/usr/libexec/ipsec} | egrep updown`'
+ cat /usr/lib/ipsec/_updown_x509
#! /bin/sh
#
# customized updown script
#
# logging of VPN connections
#
# tag put in front of each log entry:
TAG=vpn
#
# syslog facility and priority used:
FAC_PRIO=local0.notice
#
# to create a special vpn logging file, put the following line into
# the syslog configuration file /etc/syslog.conf:
#
# local0.notice -/var/log/vpn
#
# are there port numbers?
if [ "$PLUTO_MY_PORT" != 0 ]
then
S_MY_PORT="--sport $PLUTO_MY_PORT"
D_MY_PORT="--dport $PLUTO_MY_PORT"
fi
if [ "$PLUTO_PEER_PORT" != 0 ]
then
S_PEER_PORT="--sport $PLUTO_PEER_PORT"
D_PEER_PORT="--dport $PLUTO_PEER_PORT"
fi
# CAUTION: Installing a new version of Openswan will install a new
# copy of this script, wiping out any custom changes you make. If
# you need changes, make a copy of this under another name, and customize
# that, and use the (left/right)updown parameters in ipsec.conf to make
# Openswan use yours instead of this default one.
LC_ALL=C export LC_ALL
# things that this script gets (from ipsec_pluto(8) man page)
#
#
# PLUTO_VERSION
# indicates what version of this interface is being
# used. This document describes version 1.1. This
# is upwardly compatible with version 1.0.
#
# PLUTO_VERB
# specifies the name of the operation to be performed
# (prepare-host, prepare-client, up-host, up-client,
# down-host, or down-client). If the address family
# for security gateway to security gateway communica
# tions is IPv6, then a suffix of -v6 is added to the
# verb.
#
# PLUTO_CONNECTION
# is the name of the connection for which we are
# routing.
#
# PLUTO_CONN_POLICY
# the policy of the connection, as in:
# RSASIG+ENCRYPT+TUNNEL+PFS+DONTREKEY+OPPORTUNISTIC+failureDROP+lKOD+rKOD
#
# PLUTO_NEXT_HOP
# is the next hop to which packets bound for the peer
# must be sent.
#
# PLUTO_INTERFACE
# is the name of the ipsec interface to be used.
#
# PLUTO_ME
# is the IP address of our host.
#
# PLUTO_MY_CLIENT
# is the IP address / count of our client subnet. If
# the client is just the host, this will be the
# host's own IP address / max (where max is 32 for
# IPv4 and 128 for IPv6).
#
# PLUTO_MY_CLIENT_NET
# is the IP address of our client net. If the client
# is just the host, this will be the host's own IP
# address.
#
# PLUTO_MY_CLIENT_MASK
# is the mask for our client net. If the client is
# just the host, this will be 255.255.255.255.
#
# PLUTO_MY_SOURCEIP
# if non-empty, then the source address for the route will be
# set to this IP address.
#
# PLUTO_MY_PROTOCOL
# is the protocol for this connection. Useful for
# firewalling.
#
# PLUTO_MY_PORT
# is the port. Useful for firewalling.
#
# PLUTO_PEER
# is the IP address of our peer.
#
# PLUTO_PEER_CLIENT
# is the IP address / count of the peer's client sub
# net. If the client is just the peer, this will be
# the peer's own IP address / max (where max is 32
# for IPv4 and 128 for IPv6).
#
# PLUTO_PEER_CLIENT_NET
# is the IP address of the peer's client net. If the
# client is just the peer, this will be the peer's
# own IP address.
#
# PLUTO_PEER_CLIENT_MASK
# is the mask for the peer's client net. If the
# client is just the peer, this will be
# 255.255.255.255.
#
# PLUTO_PEER_PROTOCOL
# is the protocol set for remote end with port
# selector.
#
# PLUTO_PEER_PORT
# is the peer's port. Useful for firewalling.
#
# PLUTO_CONNECTION_TYPE
#
# Import default _updown configs from the /etc/sysconfig/pluto_updown file
#
# Two variables can be set in this file:
#
# DEFAULTSOURCE
# is the default value for PLUTO_MY_SOURCEIP
#
# IPROUTETABLE
# is the default value for IPROUTETABLE
#
# IPROUTEARGS
# is the extra argument list for ip route command
#
# IPRULEARGS
# is the extra argument list for ip rule command
#
if [ -f /etc/sysconfig/pluto_updown ]
then
. /etc/sysconfig/pluto_updown
fi
# check interface version
case "$PLUTO_VERSION" in
1.[0]) # Older Pluto?!? Play it safe, script may be using new features.
echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2
echo "$0: called by obsolete Pluto?" >&2
exit 2
;;
1.*) ;;
*) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2
exit 2
;;
esac
# check parameter(s)
case "$1:$*" in
':') # no parameters
;;
ipfwadm:ipfwadm) # due to (left/right)firewall; for default script only
;;
custom:*) # custom parameters (see above CAUTION comment)
;;
*) echo "$0: unknown parameters \`$*'" >&2
exit 2
;;
esac
# utility functions for route manipulation
# Meddling with this stuff should not be necessary and requires great care.
uproute() {
doroute add
ip route flush cache
}
downroute() {
doroute delete
ip route flush cache
}
uprule() {
# policy based advanced routing
if [ -n "$IPROUTETABLE" ]
then
dorule delete
dorule add
fi
# virtual sourceip support
if [ -n "$PLUTO_MY_SOURCEIP" ]
then
addsource
changesource
fi
ip route flush cache
}
downrule() {
if [ -n "$IPROUTETABLE" ]
then
dorule delete
ip route flush cache
fi
}
addsource() {
st=0
if ! ip -o route get ${PLUTO_MY_SOURCEIP%/*} | grep -q ^local
then
it="ip addr add ${PLUTO_MY_SOURCEIP%/*}/32 dev ${PLUTO_INTERFACE%:*}"
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: addsource \`$it' failed ($oops)" >&2
fi
fi
return $st
}
changesource() {
st=0
parms="$PLUTO_PEER_CLIENT"
parms2="dev ${PLUTO_INTERFACE%:*}"
parms3="src ${PLUTO_MY_SOURCEIP%/*} $IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms3="$parms3 table '$IPROUTETABLE'"
fi
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# opportunistic encryption work around
it=
;;
esac
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: changesource \`$it' failed ($oops)" >&2
fi
return $st
}
dorule() {
st=0
it2=
iprule="from $PLUTO_MY_CLIENT"
iprule2="to $PLUTO_PEER_CLIENT table $IPROUTETABLE $IPRULEARGS"
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# opportunistic encryption work around
st=0
;;
*)
if [ -z "$PLUTO_MY_SOURCEIP" ]
then
if [ "$PLUTO_ME" = "${PLUTO_MY_CLIENT%/*}" ]
then
it="ip rule $1 iif lo $iprule2"
else
it="ip rule $1 $iprule $iprule2"
fi
else
if [ "${PLUTO_MY_SOURCEIP%/*}" = "${PLUTO_MY_CLIENT%/*}" ]
then
it="ip rule $1 iif lo $iprule2"
else
it="ip rule $1 $iprule $iprule2"
it2="ip rule $1 iif lo $iprule2"
fi
fi
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: No such process'*)
# This is what ip rule gives
# for "could not find such a rule"
oops=
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: dorule \`$it' failed ($oops)" >&2
fi
if test "$st" = "0" -a -n "$it2"
then
oops="`eval $it2 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: No such process'*)
# This is what ip rule gives
# for "could not find such a rule"
oops=
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: dorule \`$it2' failed ($oops)" >&2
fi
fi
;;
esac
return $st
}
doroute() {
st=0
parms="$PLUTO_PEER_CLIENT"
parms2=
if [ -n "$PLUTO_NEXT_HOP" ] && [ "$PLUTO_NEXT_HOP" != "$PLUTO_PEER" ]
then
parms2="via $PLUTO_NEXT_HOP"
fi
parms2="$parms2 dev ${PLUTO_INTERFACE%:*}"
parms3="$IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms3="$parms3 table $IPROUTETABLE"
fi
if [ -z "$PLUTO_MY_SOURCEIP" ] && [ -n "$DEFAULTSOURCE" ]
then
PLUTO_MY_SOURCEIP="${DEFAULTSOURCE%/*}"
fi
if test "$1" = "add" -a -n "$PLUTO_MY_SOURCEIP"
then
addsource
parms3="$parms3 src ${PLUTO_MY_SOURCEIP%/*}"
fi
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# opportunistic encryption work around
# need to provide route that eclipses default, without
# replacing it.
it="ip route $1 0.0.0.0/1 $parms2 $parms3 &&
ip route $1 128.0.0.0/1 $parms2 $parms3"
;;
*) it="ip route $1 $parms $parms2 $parms3"
;;
esac
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: doroute \`$it' failed ($oops)" >&2
fi
return $st
}
# the big choice
case "$PLUTO_VERB:$1" in
prepare-host:*|prepare-client:*)
# delete possibly-existing route (preliminary to adding a route)
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# need to provide route that eclipses default, without
# replacing it.
parms1="0.0.0.0/1"
parms2="128.0.0.0/1"
it="ip route delete $parms1 $IPROUTEARGS 2>&1 ; ip route delete $parms2 $IPROUTEARGS 2>&1"
oops="`ip route delete $parms1 $IPROUTEARGS 2>&1 ; ip route delete $parms2 $IPROUTEARGS 2>&1`"
;;
*)
parms="$PLUTO_PEER_CLIENT $IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms="$parms table $IPROUTETABLE"
fi
it="ip route delete $parms 2>&1"
oops="`ip route delete $parms 2>&1`"
;;
esac
status="$?"
if test " $oops" = " " -a " $status" != " 0"
then
oops="silent error, exit status $status"
fi
case "$oops" in
*'RTNETLINK answers: No such process'*)
# This is what route (currently -- not documented!) gives
# for "could not find such a route".
oops=
status=0
;;
esac
if test " $oops" != " " -o " $status" != " 0"
then
echo "$0: \`$it' failed ($oops)" >&2
fi
exit $status
;;
route-host:*|route-client:*)
# connection to me or my client subnet being routed
uproute
;;
unroute-host:*|unroute-client:*)
# connection to me or my client subnet being unrouted
downroute
;;
up-host:*)
# connection to me coming up
uprule
# If you are doing a custom version, firewall commands go here.
iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
-d $PLUTO_ME $D_MY_PORT -j ACCEPT
iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_ME $S_MY_PORT \
-d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
#
if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO \
"+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME"
else
logger -t $TAG -p $FAC_PRIO \
"+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME"
fi
;;
down-host:*)
# connection to me going down
downrule
# If you are doing a custom version, firewall commands go here.
iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
-d $PLUTO_ME $D_MY_PORT -j ACCEPT
iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_ME $S_MY_PORT \
-d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
#
if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO -- \
"- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME"
else
logger -t $TAG -p $FAC_PRIO -- \
"- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME"
fi
;;
up-client:)
# connection to my client subnet coming up
uprule
# If you are doing a custom version, firewall commands go here.
iptables -I FORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \
-d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
iptables -I FORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
-d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT -j ACCEPT
#
if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO \
"+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
else
logger -t $TAG -p $FAC_PRIO \
"+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
fi
;;
down-client:)
# connection to my client subnet going down
downrule
# If you are doing a custom version, firewall commands go here.
iptables -D FORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \
-d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
iptables -D FORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
-d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT -j ACCEPT
#
if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO -- \
"- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
else
logger -t $TAG -p $FAC_PRIO -- \
"- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
fi
;;
up-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, coming up
uprule
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
down-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, going down
downrule
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
#
# IPv6
#
prepare-host-v6:*|prepare-client-v6:*)
;;
route-host-v6:*|route-client-v6:*)
# connection to me or my client subnet being routed
#uproute_v6
;;
unroute-host-v6:*|unroute-client-v6:*)
# connection to me or my client subnet being unrouted
#downroute_v6
;;
up-host-v6:*)
# connection to me coming up
# If you are doing a custom version, firewall commands go here.
;;
down-host-v6:*)
# connection to me going down
# If you are doing a custom version, firewall commands go here.
;;
up-client-v6:)
# connection to my client subnet coming up
# If you are doing a custom version, firewall commands go here.
;;
down-client-v6:)
# connection to my client subnet going down
# If you are doing a custom version, firewall commands go here.
;;
*) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2
exit 1
;;
esac
+ _________________________ /proc/net/dev
+ cat /proc/net/dev
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
lo:1139513771 4484711 0 0 0 0 0 0 1139513771 4484711 0 0 0 0 0 0
eth0:3522797385 14407708 0 3534 0 571757400 0 0 2642387955 20714912 0 0 0 0 0 0
eth1:3840676374 10810866 0 3188 0 610123060 0 0 5911531 84455 0 0 0 0 0 0
eth2: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
eth3: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
sit0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
tun0:12516214 147725 0 0 0 0 0 0 173855034 180516 0 0 0 0 0 0
+ _________________________ /proc/net/route
+ cat /proc/net/route
Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT
tun0 22000A0A 00000000 0005 0 0 0 FFFFFFFF 0 0 0
eth1 70D49ED8 00000000 0001 0 0 0 F8FFFFFF 0 0 0
eth1 A8D49ED8 00000000 0001 0 0 0 F8FFFFFF 0 0 0
tun0 20000A0A 22000A0A 0003 0 0 0 E0FFFFFF 0 0 0
eth0 00A0A8C0 6801A8C0 0003 0 0 0 E0FFFFFF 0 0 0
eth0 00000A0A 6801A8C0 0003 0 0 0 E0FFFFFF 0 0 0
eth1 40A0A8C0 A9D49ED8 0003 0 0 0 E0FFFFFF 0 0 0
eth1 40000A0A A9D49ED8 0003 0 0 0 E0FFFFFF 0 0 0
eth1 00C0A8C0 71D49ED8 0003 0 0 0 E0FFFFFF 0 0 0
eth0 20C0A8C0 6801A8C0 0003 0 0 0 E0FFFFFF 0 0 0
eth0 40C0A8C0 6801A8C0 0003 0 0 0 E0FFFFFF 0 0 0
eth0 60C0A8C0 6801A8C0 0003 0 0 0 E0FFFFFF 0 0 0
eth0 80C0A8C0 6801A8C0 0003 0 0 0 E0FFFFFF 0 0 0
eth0 A0C0A8C0 6801A8C0 0003 0 0 0 E0FFFFFF 0 0 0
eth0 C0C0A8C0 6801A8C0 0003 0 0 0 E0FFFFFF 0 0 0
eth0 E0C0A8C0 6801A8C0 0003 0 0 0 E0FFFFFF 0 0 0
eth0 0007A8C0 0101A8C0 0003 0 0 0 00FFFFFF 0 0 0
eth0 0006A8C0 0101A8C0 0003 0 0 0 00FFFFFF 0 0 0
eth0 0005A8C0 0101A8C0 0003 0 0 0 00FFFFFF 0 0 0
eth0 0004A8C0 0101A8C0 0003 0 0 0 00FFFFFF 0 0 0
eth0 0003A8C0 0101A8C0 0003 0 0 0 00FFFFFF 0 0 0
eth0 0002A8C0 0101A8C0 0003 0 0 0 00FFFFFF 0 0 0
eth0 0001A8C0 00000000 0001 0 0 0 00FFFFFF 0 0 0
eth0 00AAA8C0 6801A8C0 0003 0 0 0 00FFFFFF 0 0 0
eth0 000CA8C0 0101A8C0 0003 0 0 0 00FFFFFF 0 0 0
eth0 000BA8C0 0101A8C0 0003 0 0 0 00FFFFFF 0 0 0
eth0 00BFA8C0 6801A8C0 0003 0 0 0 00FFFFFF 0 0 0
eth0 000AA8C0 0101A8C0 0003 0 0 0 00FFFFFF 0 0 0
eth0 0009A8C0 0101A8C0 0003 0 0 0 00FFFFFF 0 0 0
eth0 0008A8C0 0101A8C0 0003 0 0 0 00FFFFFF 0 0 0
eth0 00000000 0101A8C0 0003 0 0 0 00000000 0 0 0
+ _________________________ /proc/sys/net/ipv4/ip_forward
+ cat /proc/sys/net/ipv4/ip_forward
1
+ _________________________ /proc/sys/net/ipv4/conf/star-rp_filter
+ cd /proc/sys/net/ipv4/conf
+ egrep '^' all/rp_filter default/rp_filter eth0/rp_filter eth1/rp_filter lo/rp_filter tun0/rp_filter
all/rp_filter:0
default/rp_filter:0
eth0/rp_filter:0
eth1/rp_filter:0
lo/rp_filter:0
tun0/rp_filter:0
+ _________________________ uname-a
+ uname -a
Linux XSERVE2 2.6.12-9-686-smp #1 SMP Mon Oct 10 13:36:57 BST 2005 i686 GNU/Linux
+ _________________________ config-built-with
+ test -r /proc/config_built_with
+ _________________________ redhat-release
+ test -r /etc/redhat-release
+ test -r /etc/fedora-release
+ _________________________ /proc/net/ipsec_version
+ test -r /proc/net/ipsec_version
+ test -r /proc/net/pfkey
++ uname -r
+ echo 'NETKEY (2.6.12-9-686-smp) support detected '
NETKEY (2.6.12-9-686-smp) support detected
+ _________________________ ipfwadm
+ test -r /sbin/ipfwadm
+ 'no old-style linux 1.x/2.0 ipfwadm firewall support'
/usr/lib/ipsec/barf: line 297: no old-style linux 1.x/2.0 ipfwadm firewall support: No such file or directory
+ _________________________ ipchains
+ test -r /sbin/ipchains
+ echo 'no old-style linux 2.0 ipchains firewall support'
no old-style linux 2.0 ipchains firewall support
+ _________________________ iptables
+ test -r /sbin/iptables
+ iptables -L -v -n
Chain INPUT (policy ACCEPT 1973 packets, 1065K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 1736 packets, 97932 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 2717 packets, 1919K bytes)
pkts bytes target prot opt in out source destination
+ _________________________ iptables-nat
+ iptables -t nat -L -v -n
Chain PREROUTING (policy ACCEPT 85 packets, 8012 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 99 packets, 8912 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 65 packets, 5754 bytes)
pkts bytes target prot opt in out source destination
+ _________________________ iptables-mangle
+ iptables -t mangle -L -v -n
Chain PREROUTING (policy ACCEPT 3697 packets, 1163K bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 1960 packets, 1065K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 1735 packets, 97861 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 2701 packets, 1917K bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 4437 packets, 2015K bytes)
pkts bytes target prot opt in out source destination
+ _________________________ /proc/modules
+ test -f /proc/modules
+ cat /proc/modules
iptable_mangle 2944 0 - Live 0xf8b1f000
iptable_nat 23604 0 - Live 0xf8b33000
ip_conntrack 44296 1 iptable_nat, Live 0xf8b42000
iptable_filter 3040 0 - Live 0xf8af3000
ip_tables 21472 3 iptable_mangle,iptable_nat,iptable_filter, Live 0xf8b2c000
xfrm_user 16324 0 - Live 0xf8ae3000
xfrm4_tunnel 3940 0 - Live 0xf8962000
af_key 34320 0 - Live 0xf8aa5000
af_packet 23656 2 - Live 0xf8b25000
ppdev 10020 0 - Live 0xf8b19000
tun 11936 1 - Live 0xf8b15000
ipv6 263968 104 - Live 0xf8b5d000
video 16004 0 - Live 0xf8afc000
tc1100_wmi 6916 0 - Live 0xf8b0d000
sony_acpi 5548 0 - Live 0xf8aed000
pcc_acpi 11360 0 - Live 0xf8b09000
hotkey 9508 0 - Live 0xf8b05000
dev_acpi 11396 0 - Live 0xf8b01000
i2c_acpi_ec 5696 0 - Live 0xf8af0000
i2c_core 21760 1 i2c_acpi_ec, Live 0xf8af5000
button 6704 0 - Live 0xf8ae0000
battery 9572 0 - Live 0xf8996000
container 4608 0 - Live 0xf8add000
ac 4932 0 - Live 0xf8acb000
rtc 13672 0 - Live 0xf8ae8000
ipcomp 8936 0 - Live 0xf8ad9000
esp4 8320 20 - Live 0xf8ac7000
ah4 6592 0 - Live 0xf8a94000
deflate 4224 0 - Live 0xf8a91000
zlib_deflate 22808 1 deflate, Live 0xf8ac0000
twofish 37696 0 - Live 0xf8ace000
serpent 17408 0 - Live 0xf8aba000
aes_i586 39072 4 - Live 0xf8aaf000
blowfish 8192 0 - Live 0xf899a000
des 11776 16 - Live 0xf8a8d000
sha256 9408 0 - Live 0xf8a89000
sha1 2784 4 - Live 0xf891e000
crypto_null 2400 0 - Live 0xf8920000
md 47536 0 - Live 0xf8a98000
psmouse 30628 0 - Live 0xf8978000
mousedev 12132 0 - Live 0xf8974000
parport_pc 36356 0 - Live 0xf898c000
lp 12548 0 - Live 0xf892e000
parport 37384 3 ppdev,parport_pc,lp, Live 0xf8981000
ext3 138824 2 - Live 0xf899d000
jbd 59768 1 ext3, Live 0xf8952000
mbcache 10116 1 ext3, Live 0xf8923000
dm_mod 59232 4 - Live 0xf8964000
thermal 13320 0 - Live 0xf8912000
processor 23816 1 thermal, Live 0xf8927000
fan 4708 0 - Live 0xf890f000
ohci_hcd 21988 0 - Live 0xf8917000
usbcore 121180 2 ohci_hcd, Live 0xf8933000
e100 37376 0 - Live 0xf88d4000
mii 5920 1 e100, Live 0xf88a6000
sd_mod 19680 4 - Live 0xf88aa000
ide_cd 42148 0 - Live 0xf88bb000
cdrom 40096 1 ide_cd, Live 0xf88b0000
ide_generic 1600 0 - Live 0xf883b000
aic7xxx 190548 2 - Live 0xf88df000
scsi_transport_spi 19872 1 aic7xxx, Live 0xf889d000
scsi_mod 137896 3 sd_mod,aic7xxx,scsi_transport_spi, Live 0xf8856000
serverworks 9640 1 - Live 0xf8837000
ide_core 140628 3 ide_cd,ide_generic,serverworks, Live 0xf8879000
unix 29392 703 - Live 0xf884d000
fbcon 38880 0 - Live 0xf8842000
tileblit 2592 1 fbcon, Live 0xf8829000
font 8448 1 fbcon, Live 0xf8833000
bitblit 5856 1 fbcon, Live 0xf8826000
vesafb 8216 0 - Live 0xf882b000
cfbcopyarea 4832 1 vesafb, Live 0xf8823000
cfbimgblt 3168 1 vesafb, Live 0xf8821000
cfbfillrect 4096 1 vesafb, Live 0xf881f000
softcursor 2496 1 vesafb, Live 0xf881d000
capability 4936 0 - Live 0xf8805000
commoncap 7040 1 capability, Live 0xf881a000
+ _________________________ /proc/meminfo
+ cat /proc/meminfo
MemTotal: 1036064 kB
MemFree: 33152 kB
Buffers: 204652 kB
Cached: 222096 kB
SwapCached: 20 kB
Active: 730924 kB
Inactive: 143492 kB
HighTotal: 130992 kB
HighFree: 780 kB
LowTotal: 905072 kB
LowFree: 32372 kB
SwapTotal: 1638392 kB
SwapFree: 1638208 kB
Dirty: 2348 kB
Writeback: 0 kB
Mapped: 477476 kB
Slab: 116432 kB
CommitLimit: 2156424 kB
Committed_AS: 987436 kB
PageTables: 3156 kB
VmallocTotal: 114680 kB
VmallocUsed: 3628 kB
VmallocChunk: 110904 kB
+ _________________________ /proc/net/ipsec-ls
+ test -f /proc/net/ipsec_version
+ _________________________ usr/src/linux/.config
+ test -f /proc/config.gz
++ uname -r
+ test -f /lib/modules/2.6.12-9-686-smp/build/.config
++ uname -r
+ egrep 'CONFIG_IPSEC|CONFIG_KLIPS|CONFIG_NET_KEY|CONFIG_INET|CONFIG_IP'
+ cat /lib/modules/2.6.12-9-686-smp/build/.config
CONFIG_NET_KEY=m
CONFIG_INET=y
CONFIG_IP_MULTICAST=y
CONFIG_IP_ADVANCED_ROUTER=y
CONFIG_IP_MULTIPLE_TABLES=y
CONFIG_IP_ROUTE_FWMARK=y
CONFIG_IP_ROUTE_MULTIPATH=y
CONFIG_IP_ROUTE_MULTIPATH_CACHED=y
CONFIG_IP_ROUTE_MULTIPATH_RR=m
CONFIG_IP_ROUTE_MULTIPATH_RANDOM=m
CONFIG_IP_ROUTE_MULTIPATH_WRANDOM=m
CONFIG_IP_ROUTE_MULTIPATH_DRR=m
CONFIG_IP_ROUTE_VERBOSE=y
# CONFIG_IP_PNP is not set
CONFIG_IP_MROUTE=y
CONFIG_IP_PIMSM_V1=y
CONFIG_IP_PIMSM_V2=y
CONFIG_INET_AH=m
CONFIG_INET_ESP=m
CONFIG_INET_IPCOMP=m
CONFIG_INET_TUNNEL=m
CONFIG_IP_TCPDIAG=m
CONFIG_IP_TCPDIAG_IPV6=y
CONFIG_IP_VS=m
# CONFIG_IP_VS_DEBUG is not set
CONFIG_IP_VS_TAB_BITS=12
CONFIG_IP_VS_PROTO_TCP=y
CONFIG_IP_VS_PROTO_UDP=y
CONFIG_IP_VS_PROTO_ESP=y
CONFIG_IP_VS_PROTO_AH=y
CONFIG_IP_VS_RR=m
CONFIG_IP_VS_WRR=m
CONFIG_IP_VS_LC=m
CONFIG_IP_VS_WLC=m
CONFIG_IP_VS_LBLC=m
CONFIG_IP_VS_LBLCR=m
CONFIG_IP_VS_DH=m
CONFIG_IP_VS_SH=m
CONFIG_IP_VS_SED=m
CONFIG_IP_VS_NQ=m
CONFIG_IP_VS_FTP=m
CONFIG_IPV6=m
CONFIG_IPV6_PRIVACY=y
CONFIG_INET6_AH=m
CONFIG_INET6_ESP=m
CONFIG_INET6_IPCOMP=m
CONFIG_INET6_TUNNEL=m
CONFIG_IPV6_TUNNEL=m
CONFIG_IP_NF_CONNTRACK=m
CONFIG_IP_NF_CT_ACCT=y
CONFIG_IP_NF_CONNTRACK_MARK=y
CONFIG_IP_NF_CT_PROTO_SCTP=m
CONFIG_IP_NF_FTP=m
CONFIG_IP_NF_IRC=m
CONFIG_IP_NF_TFTP=m
CONFIG_IP_NF_AMANDA=m
CONFIG_IP_NF_QUEUE=m
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_LIMIT=m
CONFIG_IP_NF_MATCH_IPRANGE=m
CONFIG_IP_NF_MATCH_MAC=m
CONFIG_IP_NF_MATCH_PKTTYPE=m
CONFIG_IP_NF_MATCH_MARK=m
CONFIG_IP_NF_MATCH_MULTIPORT=m
CONFIG_IP_NF_MATCH_TOS=m
CONFIG_IP_NF_MATCH_RECENT=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_DSCP=m
CONFIG_IP_NF_MATCH_AH_ESP=m
CONFIG_IP_NF_MATCH_LENGTH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_TCPMSS=m
CONFIG_IP_NF_MATCH_HELPER=m
CONFIG_IP_NF_MATCH_STATE=m
CONFIG_IP_NF_MATCH_CONNTRACK=m
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_MATCH_PHYSDEV=m
CONFIG_IP_NF_MATCH_ADDRTYPE=m
CONFIG_IP_NF_MATCH_REALM=m
CONFIG_IP_NF_MATCH_SCTP=m
CONFIG_IP_NF_MATCH_COMMENT=m
CONFIG_IP_NF_MATCH_CONNMARK=m
CONFIG_IP_NF_MATCH_HASHLIMIT=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_LOG=m
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_TARGET_TCPMSS=m
CONFIG_IP_NF_NAT=m
CONFIG_IP_NF_NAT_NEEDED=y
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_IP_NF_TARGET_REDIRECT=m
CONFIG_IP_NF_TARGET_NETMAP=m
CONFIG_IP_NF_TARGET_SAME=m
CONFIG_IP_NF_NAT_SNMP_BASIC=m
CONFIG_IP_NF_NAT_IRC=m
CONFIG_IP_NF_NAT_FTP=m
CONFIG_IP_NF_NAT_TFTP=m
CONFIG_IP_NF_NAT_AMANDA=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_DSCP=m
CONFIG_IP_NF_TARGET_MARK=m
CONFIG_IP_NF_TARGET_CLASSIFY=m
CONFIG_IP_NF_TARGET_CONNMARK=m
CONFIG_IP_NF_TARGET_CLUSTERIP=m
CONFIG_IP_NF_RAW=m
CONFIG_IP_NF_TARGET_NOTRACK=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m
CONFIG_IP6_NF_QUEUE=m
CONFIG_IP6_NF_IPTABLES=m
CONFIG_IP6_NF_MATCH_LIMIT=m
CONFIG_IP6_NF_MATCH_MAC=m
CONFIG_IP6_NF_MATCH_RT=m
CONFIG_IP6_NF_MATCH_OPTS=m
CONFIG_IP6_NF_MATCH_FRAG=m
CONFIG_IP6_NF_MATCH_HL=m
CONFIG_IP6_NF_MATCH_MULTIPORT=m
CONFIG_IP6_NF_MATCH_OWNER=m
CONFIG_IP6_NF_MATCH_MARK=m
CONFIG_IP6_NF_MATCH_IPV6HEADER=m
CONFIG_IP6_NF_MATCH_AHESP=m
CONFIG_IP6_NF_MATCH_LENGTH=m
CONFIG_IP6_NF_MATCH_EUI64=m
CONFIG_IP6_NF_MATCH_PHYSDEV=m
CONFIG_IP6_NF_FILTER=m
CONFIG_IP6_NF_TARGET_LOG=m
CONFIG_IP6_NF_MANGLE=m
CONFIG_IP6_NF_TARGET_MARK=m
CONFIG_IP6_NF_RAW=m
CONFIG_IP_SCTP=m
CONFIG_IPX=m
# CONFIG_IPX_INTERN is not set
CONFIG_IPDDP=m
CONFIG_IPDDP_ENCAP=y
CONFIG_IPDDP_DECAP=y
CONFIG_IPW2100=m
# CONFIG_IPW2100_DEBUG is not set
CONFIG_IPW2100_MONITOR=y
CONFIG_IPW2100_FS_AMILO_M7400=m
CONFIG_IPW2200=m
CONFIG_IPW2200_MONITOR=y
CONFIG_IPW2200_QOS=y
# CONFIG_IPW2200_DEBUG is not set
CONFIG_IPPP_FILTER=y
CONFIG_IPMI_HANDLER=m
# CONFIG_IPMI_PANIC_EVENT is not set
CONFIG_IPMI_DEVICE_INTERFACE=m
CONFIG_IPMI_SI=m
CONFIG_IPMI_WATCHDOG=m
CONFIG_IPMI_POWEROFF=m
+ _________________________ etc/syslog.conf
+ cat /etc/syslog.conf
# /etc/syslog.conf Configuration file for syslogd.
#
# For more information see syslog.conf(5)
# manpage.
#
# First some standard logfiles. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
uucp.* -/var/log/uucp.log
local7.* -/var/log/cisco
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
# Logging for INN news system
#
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
#
# Some `catch-all' logfiles.
#
*.=debug;\
auth,authpriv.none;\
news.none;mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg *
#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
# news.=crit;news.=err;news.=notice;\
# *.=debug;*.=info;\
# *.=notice;*.=warn /dev/tty8
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
# you must invoke `xconsole' with the `-file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
# busy site..
#
daemon.*;mail.*;\
news.crit;news.err;news.notice;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
+ _________________________ etc/resolv.conf
+ cat /etc/resolv.conf
search integracarehh.com
nameserver 192.168.1.102
nameserver 192.168.1.103
+ _________________________ lib/modules-ls
+ ls -ltr /lib/modules
total 8
drwxr-xr-x 3 root root 4096 Dec 28 13:24 2.6.12-2-686-smp
drwxr-xr-x 4 root root 4096 Jun 18 16:36 2.6.12-9-686-smp
+ _________________________ /proc/ksyms-netif_rx
+ test -r /proc/ksyms
+ test -r /proc/kallsyms
+ egrep netif_rx /proc/kallsyms
c0248fd2 T netif_rx
c0249221 T netif_rx_ni
c0249221 U netif_rx_ni [tun]
c0248fd2 U netif_rx [ipv6]
+ _________________________ lib/modules-netif_rx
+ modulegoo kernel/net/ipv4/ipip.o netif_rx
+ set +x
2.6.12-2-686-smp:
2.6.12-9-686-smp:
+ _________________________ kern.debug
+ test -f /var/log/kern.debug
+ _________________________ klog
+ sed -n '33487,$p' /var/log/syslog.0
+ egrep -i 'ipsec|klips|pluto'
+ case "$1" in
+ cat
Jun 26 14:27:13 localhost ipsec_setup: Starting Openswan IPsec 2.4.4...
Jun 26 14:27:13 localhost ipsec_setup: insmod /lib/modules/2.6.12-9-686-smp/kernel/net/key/af_key.ko
Jun 26 14:27:13 localhost ipsec_setup: insmod /lib/modules/2.6.12-9-686-smp/kernel/net/ipv4/xfrm4_tunnel.ko
Jun 26 14:27:13 localhost ipsec_setup: insmod /lib/modules/2.6.12-9-686-smp/kernel/net/xfrm/xfrm_user.ko
Jun 26 14:27:13 localhost ipsec__plutorun: ipsec_auto: fatal error in "home": connection has no "right" parameter specified
+ _________________________ plog
+ sed -n '4844,$p' /var/log/auth.log
+ egrep -i pluto
+ case "$1" in
+ cat
Jun 26 14:27:13 localhost ipsec__plutorun: Starting Pluto subsystem...
Jun 26 14:27:13 localhost pluto[27158]: Starting Pluto (Openswan Version 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OEz}FFFfgr_e)
Jun 26 14:27:13 localhost pluto[27158]: Setting NAT-Traversal port-4500 floating to on
Jun 26 14:27:13 localhost pluto[27158]: port floating activation criteria nat_t=1/port_fload=1
Jun 26 14:27:13 localhost pluto[27158]: including NAT-Traversal patch (Version 0.6c)
Jun 26 14:27:13 localhost pluto[27158]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Jun 26 14:27:13 localhost pluto[27158]: starting up 1 cryptographic helpers
Jun 26 14:27:13 localhost pluto[27158]: started helper pid=27165 (fd:6)
Jun 26 14:27:13 localhost pluto[27158]: Using Linux 2.6 IPsec interface code on 2.6.12-9-686-smp
Jun 26 14:27:13 localhost pluto[27158]: Changing to directory '/etc/ipsec.d/cacerts'
Jun 26 14:27:13 localhost pluto[27158]: loaded CA cert file 'cacert.pem' (1078 bytes)
Jun 26 14:27:13 localhost pluto[27158]: Changing to directory '/etc/ipsec.d/aacerts'
Jun 26 14:27:13 localhost pluto[27158]: Changing to directory '/etc/ipsec.d/ocspcerts'
Jun 26 14:27:13 localhost pluto[27158]: Changing to directory '/etc/ipsec.d/crls'
Jun 26 14:27:13 localhost pluto[27158]: loaded crl file 'crl.pem' (443 bytes)
Jun 26 14:27:13 localhost pluto[27158]: added connection description "waxahachie-wireless-bedford"
Jun 26 14:27:13 localhost pluto[27158]: added connection description "waxahachie-common"
Jun 26 14:27:13 localhost pluto[27158]: added connection description "waxahachie-lan-bedford"
Jun 26 14:27:13 localhost pluto[27158]: added connection description "waxahachie-wireless-nurscare"
Jun 26 14:27:13 localhost pluto[27158]: added connection description "waxahachie-lan-nurscare"
Jun 26 14:27:14 localhost pluto[27158]: loaded host cert file '/etc/ipsec.d/certs/192.168.1.30.pem' (3467 bytes)
Jun 26 14:27:14 localhost pluto[27158]: added connection description "roadwarrior"
Jun 26 14:27:14 localhost pluto[27158]: added connection description "waxahachie-wireless-ovpn"
Jun 26 14:27:14 localhost pluto[27158]: added connection description "waxahachie-lan-ovpn"
Jun 26 14:27:14 localhost pluto[27158]: added connection description "nurscare-home"
Jun 26 14:27:14 localhost pluto[27158]: added connection description "corporate-home"
Jun 26 14:27:14 localhost pluto[27158]: added connection description "waxahachie-wireless-corp"
Jun 26 14:27:14 localhost pluto[27158]: added connection description "bedford-home"
Jun 26 14:27:14 localhost pluto[27158]: added connection description "waxahachie-lan-corp"
Jun 26 14:27:14 localhost pluto[27158]: listening for IKE messages
Jun 26 14:27:14 localhost pluto[27158]: adding interface tun0/tun0 10.10.0.33:500
Jun 26 14:27:14 localhost pluto[27158]: adding interface tun0/tun0 10.10.0.33:4500
Jun 26 14:27:14 localhost pluto[27158]: adding interface eth1/eth1 216.158.212.174:500
Jun 26 14:27:14 localhost pluto[27158]: adding interface eth1/eth1 216.158.212.174:4500
Jun 26 14:27:14 localhost pluto[27158]: adding interface eth1/eth1 216.158.212.116:500
Jun 26 14:27:14 localhost pluto[27158]: adding interface eth1/eth1 216.158.212.116:4500
Jun 26 14:27:14 localhost pluto[27158]: adding interface eth1/eth1 216.158.212.171:500
Jun 26 14:27:14 localhost pluto[27158]: adding interface eth1/eth1 216.158.212.171:4500
Jun 26 14:27:14 localhost pluto[27158]: adding interface eth0/eth0 192.168.1.160:500
Jun 26 14:27:14 localhost pluto[27158]: adding interface eth0/eth0 192.168.1.160:4500
Jun 26 14:27:14 localhost pluto[27158]: adding interface eth0/eth0 192.168.1.103:500
Jun 26 14:27:14 localhost pluto[27158]: adding interface eth0/eth0 192.168.1.103:4500
Jun 26 14:27:14 localhost pluto[27158]: adding interface eth0/eth0 192.168.1.54:500
Jun 26 14:27:14 localhost pluto[27158]: adding interface eth0/eth0 192.168.1.54:4500
Jun 26 14:27:15 localhost pluto[27158]: adding interface eth0/eth0 192.168.1.41:500
Jun 26 14:27:15 localhost pluto[27158]: adding interface eth0/eth0 192.168.1.41:4500
Jun 26 14:27:15 localhost pluto[27158]: adding interface lo/lo 127.0.0.1:500
Jun 26 14:27:15 localhost pluto[27158]: adding interface lo/lo 127.0.0.1:4500
Jun 26 14:27:15 localhost pluto[27158]: adding interface lo/lo ::1:500
Jun 26 14:27:15 localhost pluto[27158]: loading secrets from "/etc/ipsec.secrets"
Jun 26 14:27:20 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 14:27:20 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Dead Peer Detection]
Jun 26 14:27:20 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: responding to Main Mode from unknown peer 71.252.128.244
Jun 26 14:27:20 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:27:20 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:27:20 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:27:20 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:27:20 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: Main mode peer ID is ID_FQDN: '@home'
Jun 26 14:27:20 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: I did not send a certificate because I do not have one.
Jun 26 14:27:20 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:27:20 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 14:27:21 localhost pluto[27158]: "bedford-home"[1] 71.252.128.244 #2: responding to Quick Mode {msgid:2e3a293a}
Jun 26 14:27:21 localhost pluto[27158]: "bedford-home"[1] 71.252.128.244 #2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 14:27:21 localhost pluto[27158]: "bedford-home"[1] 71.252.128.244 #2: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 14:27:21 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #3: responding to Quick Mode {msgid:454a6561}
Jun 26 14:27:21 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #3: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 14:27:21 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #3: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 14:27:21 localhost pluto[27158]: "bedford-home"[1] 71.252.128.244 #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 14:27:21 localhost pluto[27158]: "bedford-home"[1] 71.252.128.244 #2: STATE_QUICK_R2: IPsec SA established {ESP/NAT=>0x9160403f <0x60ed2e06 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 26 14:27:21 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #3: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 14:27:21 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #3: STATE_QUICK_R2: IPsec SA established {ESP/NAT=>0x3d6d8aa5 <0x522c4e30 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 26 14:27:30 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x98f04465) not found (maybe expired)
Jun 26 14:27:30 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: received and ignored informational message
Jun 26 14:27:30 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x90a9a35a) not found (maybe expired)
Jun 26 14:27:30 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: received and ignored informational message
Jun 26 14:29:04 localhost pluto[27158]: "waxahachie-lan-corp" #4: initiating Main Mode
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: received Vendor ID payload [XAUTH]
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: I did not send a certificate because I do not have one.
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #4: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #5: initiating Quick Mode PSK+ENCRYPT+COMPRESS+TUNNEL+UP {using isakmp#4}
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #5: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 26 14:29:05 localhost pluto[27158]: "waxahachie-lan-corp" #5: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0xeec636ee <0x3f272b03 xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 26 14:29:28 localhost pluto[27158]: "waxahachie-wireless-corp" #6: initiating Quick Mode PSK+ENCRYPT+COMPRESS+TUNNEL+UP {using isakmp#4}
Jun 26 14:29:29 localhost pluto[27158]: "waxahachie-wireless-corp" #6: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 26 14:29:29 localhost pluto[27158]: "waxahachie-wireless-corp" #6: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x685245bb <0x5ba55864 xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 26 14:30:03 localhost pluto[27158]: "waxahachie-lan-corp" #4: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:30:03 localhost pluto[27158]: "waxahachie-lan-corp" #4: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:30:05 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:30:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: responding to Main Mode
Jun 26 14:30:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:30:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:30:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:30:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:30:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: received Vendor ID payload [XAUTH]
Jun 26 14:30:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:30:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:30:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:30:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:30:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: I did not send a certificate because I do not have one.
Jun 26 14:30:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:30:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:30:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:30:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #7: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:30:06 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:30:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: responding to Main Mode
Jun 26 14:30:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:30:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:30:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:30:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:30:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: received Vendor ID payload [XAUTH]
Jun 26 14:30:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:30:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:30:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:30:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:30:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: I did not send a certificate because I do not have one.
Jun 26 14:30:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:30:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:30:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:30:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #8: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:30:08 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:30:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: responding to Main Mode
Jun 26 14:30:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:30:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:30:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:30:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:30:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: received Vendor ID payload [XAUTH]
Jun 26 14:30:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:30:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:30:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: I did not send a certificate because I do not have one.
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-wireless-corp" #10: responding to Quick Mode {msgid:3d199dda}
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-wireless-corp" #10: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-wireless-corp" #10: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-wireless-corp" #10: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-wireless-corp" #10: STATE_QUICK_R2: IPsec SA established {ESP=>0xd979c98a <0xb362597e xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-lan-corp" #11: responding to Quick Mode {msgid:ded18d73}
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-lan-corp" #11: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-lan-corp" #11: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-lan-corp" #11: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 14:30:09 localhost pluto[27158]: "waxahachie-lan-corp" #11: STATE_QUICK_R2: IPsec SA established {ESP=>0x6a4a151d <0x0fbd3205 xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 26 14:32:11 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:32:11 localhost pluto[27158]: "waxahachie-wireless-bedford" #9: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:41:12 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:41:12 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: responding to Main Mode
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: received Vendor ID payload [XAUTH]
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: I did not send a certificate because I do not have one.
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: cannot respond to IPsec SA request because no connection is known for 192.168.12.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:41:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #12: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:41:15 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:41:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: responding to Main Mode
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: received Vendor ID payload [XAUTH]
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: I did not send a certificate because I do not have one.
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: cannot respond to IPsec SA request because no connection is known for 192.168.12.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:41:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #13: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:41:21 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:41:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: responding to Main Mode
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: received Vendor ID payload [XAUTH]
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: I did not send a certificate because I do not have one.
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: cannot respond to IPsec SA request because no connection is known for 192.168.12.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #14: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:42:23 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:42:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: responding to Main Mode
Jun 26 14:42:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:42:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:42:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:42:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:42:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: received Vendor ID payload [XAUTH]
Jun 26 14:42:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:42:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:42:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:42:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:42:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: I did not send a certificate because I do not have one.
Jun 26 14:42:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:42:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:42:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:42:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #15: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:42:25 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:42:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: responding to Main Mode
Jun 26 14:42:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:42:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:42:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:42:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:42:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: received Vendor ID payload [XAUTH]
Jun 26 14:42:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:42:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:42:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:42:26 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:42:26 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: I did not send a certificate because I do not have one.
Jun 26 14:42:26 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:42:26 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #16: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:42:27 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: responding to Main Mode
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: received Vendor ID payload [XAUTH]
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: I did not send a certificate because I do not have one.
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:42:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #17: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:42:31 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: responding to Main Mode
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: received Vendor ID payload [XAUTH]
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: I did not send a certificate because I do not have one.
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:42:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #18: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:42:32 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:42:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: responding to Main Mode
Jun 26 14:42:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:42:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:42:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:42:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:42:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: received Vendor ID payload [XAUTH]
Jun 26 14:42:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:42:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:42:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:42:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:42:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: I did not send a certificate because I do not have one.
Jun 26 14:42:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:42:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:42:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:42:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #19: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:42:34 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:42:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: responding to Main Mode
Jun 26 14:42:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:42:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:42:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:42:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:42:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: received Vendor ID payload [XAUTH]
Jun 26 14:42:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:42:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:42:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:42:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:42:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: I did not send a certificate because I do not have one.
Jun 26 14:42:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:42:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:42:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:42:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #20: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:44:16 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:44:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: responding to Main Mode
Jun 26 14:44:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:44:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:44:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:44:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:44:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: received Vendor ID payload [XAUTH]
Jun 26 14:44:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:44:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:44:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:44:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:44:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: I did not send a certificate because I do not have one.
Jun 26 14:44:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:44:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:44:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:44:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #21: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:51:23 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:51:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: responding to Main Mode
Jun 26 14:51:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:51:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:51:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:51:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:51:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: received Vendor ID payload [XAUTH]
Jun 26 14:51:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:51:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:51:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:51:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:51:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: I did not send a certificate because I do not have one.
Jun 26 14:51:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:51:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:51:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:51:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #22: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:54:38 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:54:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: responding to Main Mode
Jun 26 14:54:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:54:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:54:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:54:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:54:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: received Vendor ID payload [XAUTH]
Jun 26 14:54:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:54:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:54:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:54:39 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:54:39 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: I did not send a certificate because I do not have one.
Jun 26 14:54:39 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:54:39 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:54:39 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:54:39 localhost pluto[27158]: "waxahachie-wireless-bedford" #23: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:54:39 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:54:39 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: responding to Main Mode
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: received Vendor ID payload [XAUTH]
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: I did not send a certificate because I do not have one.
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:54:40 localhost pluto[27158]: "waxahachie-wireless-bedford" #24: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:54:41 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:54:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: responding to Main Mode
Jun 26 14:54:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:54:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:54:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:54:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:54:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: received Vendor ID payload [XAUTH]
Jun 26 14:54:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:54:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:54:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:54:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:54:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: I did not send a certificate because I do not have one.
Jun 26 14:54:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:54:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:54:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:54:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #25: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:54:45 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:54:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: responding to Main Mode
Jun 26 14:54:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:54:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:54:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:54:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:54:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: received Vendor ID payload [XAUTH]
Jun 26 14:54:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:54:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:54:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:54:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:54:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: I did not send a certificate because I do not have one.
Jun 26 14:54:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:54:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:54:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:54:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #26: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:54:46 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:54:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: responding to Main Mode
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: received Vendor ID payload [XAUTH]
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: I did not send a certificate because I do not have one.
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:54:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #27: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:54:48 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:54:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: responding to Main Mode
Jun 26 14:54:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:54:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:54:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:54:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:54:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: received Vendor ID payload [XAUTH]
Jun 26 14:54:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:54:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:54:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:54:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:54:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: I did not send a certificate because I do not have one.
Jun 26 14:54:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:54:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:54:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:54:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #28: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 14:56:20 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 14:56:20 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: responding to Main Mode
Jun 26 14:56:20 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 14:56:20 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 14:56:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 14:56:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 14:56:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: received Vendor ID payload [XAUTH]
Jun 26 14:56:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 14:56:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 14:56:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 14:56:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 14:56:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: I did not send a certificate because I do not have one.
Jun 26 14:56:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 14:56:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 14:56:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 14:56:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #29: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:06:52 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:06:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: responding to Main Mode
Jun 26 15:06:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:06:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:06:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:06:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:06:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: received Vendor ID payload [XAUTH]
Jun 26 15:06:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:06:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:06:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:06:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:06:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: I did not send a certificate because I do not have one.
Jun 26 15:06:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:06:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:06:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:06:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #30: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:06:53 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:06:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: responding to Main Mode
Jun 26 15:06:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:06:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:06:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:06:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:06:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: received Vendor ID payload [XAUTH]
Jun 26 15:06:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:06:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:06:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:06:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:06:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: I did not send a certificate because I do not have one.
Jun 26 15:06:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:06:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:06:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:06:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #31: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:06:55 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:06:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: responding to Main Mode
Jun 26 15:06:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:06:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:06:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:06:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:06:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: received Vendor ID payload [XAUTH]
Jun 26 15:06:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:06:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:06:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:06:56 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: next payload type of ISAKMP Identification Payload has an unknown value: 253
Jun 26 15:06:56 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet
Jun 26 15:06:56 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: sending notification PAYLOAD_MALFORMED to 65.91.22.234:500
Jun 26 15:07:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: next payload type of ISAKMP Identification Payload has an unknown value: 253
Jun 26 15:07:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet
Jun 26 15:07:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: sending notification PAYLOAD_MALFORMED to 65.91.22.234:500
Jun 26 15:07:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: next payload type of ISAKMP Identification Payload has an unknown value: 253
Jun 26 15:07:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet
Jun 26 15:07:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: sending notification PAYLOAD_MALFORMED to 65.91.22.234:500
Jun 26 15:07:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: next payload type of ISAKMP Identification Payload has an unknown value: 253
Jun 26 15:07:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet
Jun 26 15:07:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: sending notification PAYLOAD_MALFORMED to 65.91.22.234:500
Jun 26 15:08:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #32: max number of retransmissions (2) reached STATE_MAIN_R2
Jun 26 15:08:23 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:08:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: responding to Main Mode
Jun 26 15:08:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:08:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:08:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:08:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:08:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: received Vendor ID payload [XAUTH]
Jun 26 15:08:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:08:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:08:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:08:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:08:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: I did not send a certificate because I do not have one.
Jun 26 15:08:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:08:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:08:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:08:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #33: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:08:27 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: responding to Main Mode
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: received Vendor ID payload [XAUTH]
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: I did not send a certificate because I do not have one.
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:08:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #34: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:14:24 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 15:14:24 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Dead Peer Detection]
Jun 26 15:14:24 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #35: responding to Main Mode from unknown peer 71.252.128.244
Jun 26 15:14:24 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #35: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:14:24 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #35: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:14:24 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #35: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:14:24 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #35: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:14:25 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #35: Main mode peer ID is ID_FQDN: '@home'
Jun 26 15:14:25 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #35: I did not send a certificate because I do not have one.
Jun 26 15:14:25 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #35: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:14:25 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #35: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 15:19:06 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:19:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: responding to Main Mode
Jun 26 15:19:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:19:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:19:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:19:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:19:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: received Vendor ID payload [XAUTH]
Jun 26 15:19:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:19:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:19:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:19:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:19:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: I did not send a certificate because I do not have one.
Jun 26 15:19:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:19:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:19:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:19:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #36: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:19:07 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:19:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: responding to Main Mode
Jun 26 15:19:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:19:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:19:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:19:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:19:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: received Vendor ID payload [XAUTH]
Jun 26 15:19:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:19:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:19:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:19:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:19:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: I did not send a certificate because I do not have one.
Jun 26 15:19:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:19:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:19:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:19:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #37: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:19:09 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:19:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: responding to Main Mode
Jun 26 15:19:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:19:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:19:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:19:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:19:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: received Vendor ID payload [XAUTH]
Jun 26 15:19:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:19:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:19:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:19:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:19:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: I did not send a certificate because I do not have one.
Jun 26 15:19:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:19:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:19:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:19:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #38: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:19:13 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:19:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: responding to Main Mode
Jun 26 15:19:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:19:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:19:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:19:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:19:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: received Vendor ID payload [XAUTH]
Jun 26 15:19:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:19:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:19:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:19:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:19:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: I did not send a certificate because I do not have one.
Jun 26 15:19:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:19:14 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:19:14 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:19:14 localhost pluto[27158]: "waxahachie-wireless-bedford" #39: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:19:14 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:19:14 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: responding to Main Mode
Jun 26 15:19:14 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:19:14 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: received Vendor ID payload [XAUTH]
Jun 26 15:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: I did not send a certificate because I do not have one.
Jun 26 15:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #40: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:19:16 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: responding to Main Mode
Jun 26 15:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: received Vendor ID payload [XAUTH]
Jun 26 15:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: next payload type of ISAKMP Identification Payload has an unknown value: 48
Jun 26 15:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet
Jun 26 15:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: sending notification PAYLOAD_MALFORMED to 65.91.22.234:500
Jun 26 15:19:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: next payload type of ISAKMP Identification Payload has an unknown value: 48
Jun 26 15:19:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet
Jun 26 15:19:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: sending notification PAYLOAD_MALFORMED to 65.91.22.234:500
Jun 26 15:19:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: next payload type of ISAKMP Identification Payload has an unknown value: 48
Jun 26 15:19:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet
Jun 26 15:19:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: sending notification PAYLOAD_MALFORMED to 65.91.22.234:500
Jun 26 15:19:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: next payload type of ISAKMP Identification Payload has an unknown value: 48
Jun 26 15:19:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet
Jun 26 15:19:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: sending notification PAYLOAD_MALFORMED to 65.91.22.234:500
Jun 26 15:20:26 localhost pluto[27158]: "waxahachie-wireless-bedford" #41: max number of retransmissions (2) reached STATE_MAIN_R2
Jun 26 15:22:50 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #42: initiating Main Mode to replace #1
Jun 26 15:22:50 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #42: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 15:22:50 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #42: received Vendor ID payload [Dead Peer Detection]
Jun 26 15:22:50 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #42: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 15:22:50 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #42: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 15:22:50 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #42: I did not send a certificate because I do not have one.
Jun 26 15:22:50 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #42: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 15:22:50 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #42: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 15:22:51 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #42: Main mode peer ID is ID_FQDN: '@home'
Jun 26 15:22:51 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #42: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 15:22:51 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #42: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 15:25:30 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:25:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: responding to Main Mode
Jun 26 15:25:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:25:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:25:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:25:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:25:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: received Vendor ID payload [XAUTH]
Jun 26 15:25:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:25:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:25:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:25:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:25:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: I did not send a certificate because I do not have one.
Jun 26 15:25:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:25:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:25:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:25:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #43: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:27:19 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #1: received Delete SA payload: deleting ISAKMP State #1
Jun 26 15:27:20 localhost pluto[27158]: packet from 71.252.128.244:500: received and ignored informational message
Jun 26 15:30:07 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:30:07 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:30:07 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:30:07 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:30:09 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:30:09 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:31:20 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:31:20 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: responding to Main Mode
Jun 26 15:31:20 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:31:20 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:31:20 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:31:20 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:31:20 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: received Vendor ID payload [XAUTH]
Jun 26 15:31:20 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:31:20 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:31:20 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:31:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:31:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: I did not send a certificate because I do not have one.
Jun 26 15:31:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:31:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:31:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:31:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #44: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:31:21 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:31:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: responding to Main Mode
Jun 26 15:31:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:31:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:31:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:31:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:31:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: received Vendor ID payload [XAUTH]
Jun 26 15:31:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:31:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:31:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:31:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:31:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: I did not send a certificate because I do not have one.
Jun 26 15:31:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:31:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:31:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:31:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #45: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:31:23 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:31:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: responding to Main Mode
Jun 26 15:31:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:31:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:31:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:31:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:31:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: received Vendor ID payload [XAUTH]
Jun 26 15:31:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:31:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:31:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:31:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:31:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: I did not send a certificate because I do not have one.
Jun 26 15:31:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:31:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:31:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:31:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #46: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:31:27 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: responding to Main Mode
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: received Vendor ID payload [XAUTH]
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: I did not send a certificate because I do not have one.
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:31:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:31:28 localhost pluto[27158]: "waxahachie-wireless-bedford" #47: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:31:28 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:31:28 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: responding to Main Mode
Jun 26 15:31:28 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:31:28 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:31:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:31:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:31:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: received Vendor ID payload [XAUTH]
Jun 26 15:31:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:31:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:31:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:31:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:31:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: I did not send a certificate because I do not have one.
Jun 26 15:31:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:31:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:31:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:31:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #48: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:31:30 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:31:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: responding to Main Mode
Jun 26 15:31:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:31:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:31:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:31:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:31:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: received Vendor ID payload [XAUTH]
Jun 26 15:31:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:31:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:31:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:31:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:31:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: I did not send a certificate because I do not have one.
Jun 26 15:31:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:31:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:31:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:31:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #49: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:32:32 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:32:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: responding to Main Mode
Jun 26 15:32:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:32:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:32:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:32:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:32:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: received Vendor ID payload [XAUTH]
Jun 26 15:32:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:32:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:32:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:32:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:32:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: I did not send a certificate because I do not have one.
Jun 26 15:32:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:32:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:32:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:32:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #50: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:34:04 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: responding to Main Mode
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: received Vendor ID payload [XAUTH]
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: I did not send a certificate because I do not have one.
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:34:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #51: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:38:21 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:38:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: responding to Main Mode
Jun 26 15:38:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:38:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:38:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:38:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:38:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: received Vendor ID payload [XAUTH]
Jun 26 15:38:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:38:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:38:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:38:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:38:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: I did not send a certificate because I do not have one.
Jun 26 15:38:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:38:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:38:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:38:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #52: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:40:29 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:40:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: responding to Main Mode
Jun 26 15:40:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:40:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:40:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:40:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:40:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: received Vendor ID payload [XAUTH]
Jun 26 15:40:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:40:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:40:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:40:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:40:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: I did not send a certificate because I do not have one.
Jun 26 15:40:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:40:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:40:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:40:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #53: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:41:13 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:41:13 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:41:16 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:41:16 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:41:23 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:41:23 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:41:33 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:41:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: responding to Main Mode
Jun 26 15:41:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:41:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:41:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:41:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:41:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: received Vendor ID payload [XAUTH]
Jun 26 15:41:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:41:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:41:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:41:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:41:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: I did not send a certificate because I do not have one.
Jun 26 15:41:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:41:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:41:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:41:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #54: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:42:05 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:42:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: responding to Main Mode
Jun 26 15:42:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:42:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:42:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:42:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:42:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: received Vendor ID payload [XAUTH]
Jun 26 15:42:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:42:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:42:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:42:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:42:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: I did not send a certificate because I do not have one.
Jun 26 15:42:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:42:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:42:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:42:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #55: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:42:25 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:42:25 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:42:26 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:42:26 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:42:27 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:42:27 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:42:31 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:42:31 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:42:34 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:42:34 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:42:34 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:42:34 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:43:34 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:43:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: responding to Main Mode
Jun 26 15:43:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:43:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:43:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:43:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:43:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: received Vendor ID payload [XAUTH]
Jun 26 15:43:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:43:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:43:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:43:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:43:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: I did not send a certificate because I do not have one.
Jun 26 15:43:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:43:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:43:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:43:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #56: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:43:35 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:43:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: responding to Main Mode
Jun 26 15:43:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:43:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:43:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:43:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:43:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: received Vendor ID payload [XAUTH]
Jun 26 15:43:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:43:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:43:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:43:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:43:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: I did not send a certificate because I do not have one.
Jun 26 15:43:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:43:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:43:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:43:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #57: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:43:37 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:43:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: responding to Main Mode
Jun 26 15:43:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:43:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:43:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:43:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:43:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: received Vendor ID payload [XAUTH]
Jun 26 15:43:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:43:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:43:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:43:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:43:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: I did not send a certificate because I do not have one.
Jun 26 15:43:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:43:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:43:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:43:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #58: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:43:41 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:43:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: responding to Main Mode
Jun 26 15:43:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:43:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:43:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:43:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:43:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: received Vendor ID payload [XAUTH]
Jun 26 15:43:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:43:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:43:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:43:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:43:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: I did not send a certificate because I do not have one.
Jun 26 15:43:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:43:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:43:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:43:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #59: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:43:42 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:43:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: responding to Main Mode
Jun 26 15:43:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:43:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:43:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:43:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:43:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: received Vendor ID payload [XAUTH]
Jun 26 15:43:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:43:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:43:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:43:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:43:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: I did not send a certificate because I do not have one.
Jun 26 15:43:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:43:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:43:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:43:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #60: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:43:44 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: responding to Main Mode
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: received Vendor ID payload [XAUTH]
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: I did not send a certificate because I do not have one.
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:43:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #61: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:44:17 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:44:17 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:44:37 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:44:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: responding to Main Mode
Jun 26 15:44:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:44:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:44:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:44:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:44:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: received Vendor ID payload [XAUTH]
Jun 26 15:44:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:44:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:44:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:44:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:44:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: I did not send a certificate because I do not have one.
Jun 26 15:44:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:44:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:44:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:44:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #62: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:51:23 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:51:23 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:54:39 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:54:40 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:54:40 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:54:40 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:54:43 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:54:43 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:54:46 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:54:46 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:54:47 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:54:47 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:54:49 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:54:49 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:55:48 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:55:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: responding to Main Mode
Jun 26 15:55:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:55:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:55:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:55:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:55:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: received Vendor ID payload [XAUTH]
Jun 26 15:55:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:55:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:55:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:55:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:55:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: I did not send a certificate because I do not have one.
Jun 26 15:55:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:55:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:55:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:55:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #63: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:55:49 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:55:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: responding to Main Mode
Jun 26 15:55:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:55:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:55:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:55:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:55:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: received Vendor ID payload [XAUTH]
Jun 26 15:55:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:55:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:55:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:55:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:55:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: I did not send a certificate because I do not have one.
Jun 26 15:55:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:55:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:55:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:55:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #64: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:55:51 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:55:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: responding to Main Mode
Jun 26 15:55:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:55:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:55:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:55:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:55:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: received Vendor ID payload [XAUTH]
Jun 26 15:55:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:55:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:55:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:55:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:55:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: I did not send a certificate because I do not have one.
Jun 26 15:55:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:55:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:55:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:55:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #65: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:55:55 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: responding to Main Mode
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: received Vendor ID payload [XAUTH]
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: I did not send a certificate because I do not have one.
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:55:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #66: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:55:56 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:55:56 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: responding to Main Mode
Jun 26 15:55:56 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:55:56 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:55:56 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:55:56 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:55:56 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: received Vendor ID payload [XAUTH]
Jun 26 15:55:56 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:55:56 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:55:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:55:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:55:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: I did not send a certificate because I do not have one.
Jun 26 15:55:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:55:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:55:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:55:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #67: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:55:58 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: responding to Main Mode
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: received Vendor ID payload [XAUTH]
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: I did not send a certificate because I do not have one.
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:55:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #68: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:56:21 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 15:56:21 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 15:56:41 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 15:56:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: responding to Main Mode
Jun 26 15:56:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:56:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:56:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 15:56:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 15:56:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: received Vendor ID payload [XAUTH]
Jun 26 15:56:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 15:56:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:56:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:56:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 15:56:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: I did not send a certificate because I do not have one.
Jun 26 15:56:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:56:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 15:56:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 15:56:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #69: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 15:58:05 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 15:58:05 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Dead Peer Detection]
Jun 26 15:58:05 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #70: responding to Main Mode from unknown peer 71.252.128.244
Jun 26 15:58:05 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #70: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 15:58:05 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #70: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 15:58:05 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #70: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 15:58:05 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #70: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 15:58:06 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #70: Main mode peer ID is ID_FQDN: '@home'
Jun 26 15:58:06 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #70: I did not send a certificate because I do not have one.
Jun 26 15:58:06 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #70: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 15:58:06 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #70: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 16:06:52 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #71: initiating Main Mode to replace #42
Jun 26 16:06:52 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #71: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 16:06:52 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #71: received Vendor ID payload [Dead Peer Detection]
Jun 26 16:06:52 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #71: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 16:06:52 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #71: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 16:06:52 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #71: I did not send a certificate because I do not have one.
Jun 26 16:06:52 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #71: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 16:06:52 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #71: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 16:06:52 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #71: Main mode peer ID is ID_FQDN: '@home'
Jun 26 16:06:52 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #71: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 16:06:52 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #71: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 16:06:53 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:06:53 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:06:55 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:06:55 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:08:02 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:08:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: responding to Main Mode
Jun 26 16:08:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:08:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:08:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:08:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:08:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: received Vendor ID payload [XAUTH]
Jun 26 16:08:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:08:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:08:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:08:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:08:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: I did not send a certificate because I do not have one.
Jun 26 16:08:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:08:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:08:03 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:08:03 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:08:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xe6edc07d (perhaps this is a duplicated packet)
Jun 26 16:08:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #72: sending encrypted notification INVALID_MESSAGE_ID to 65.91.22.234:500
Jun 26 16:08:09 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:08:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: responding to Main Mode
Jun 26 16:08:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:08:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:08:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:08:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:08:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: received Vendor ID payload [XAUTH]
Jun 26 16:08:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:08:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:08:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:08:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:08:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: I did not send a certificate because I do not have one.
Jun 26 16:08:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:08:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:08:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:08:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #73: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:08:12 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:08:12 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: responding to Main Mode
Jun 26 16:08:12 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:08:12 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:08:12 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:08:12 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:08:12 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: received Vendor ID payload [XAUTH]
Jun 26 16:08:12 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:08:12 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:08:12 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:08:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:08:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: I did not send a certificate because I do not have one.
Jun 26 16:08:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:08:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:08:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:08:13 localhost pluto[27158]: "waxahachie-wireless-bedford" #74: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:08:24 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:08:24 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:08:27 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:08:27 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:08:45 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:08:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: responding to Main Mode
Jun 26 16:08:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:08:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:08:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:08:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:08:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: received Vendor ID payload [XAUTH]
Jun 26 16:08:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:08:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:08:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:08:46 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:08:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: I did not send a certificate because I do not have one.
Jun 26 16:08:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:08:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:08:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:08:47 localhost pluto[27158]: "waxahachie-wireless-bedford" #75: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:14:24 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #35: received Delete SA payload: deleting ISAKMP State #35
Jun 26 16:14:24 localhost pluto[27158]: packet from 71.252.128.244:500: received and ignored informational message
Jun 26 16:18:55 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:18:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #76: responding to Main Mode
Jun 26 16:18:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #76: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:18:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #76: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:19:02 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:19:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: responding to Main Mode
Jun 26 16:19:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:19:02 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:19:03 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:19:03 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:19:03 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: received Vendor ID payload [XAUTH]
Jun 26 16:19:03 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:19:03 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:19:03 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:19:03 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:19:03 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: I did not send a certificate because I do not have one.
Jun 26 16:19:03 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:19:03 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:19:04 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: cannot respond to IPsec SA request because no connection is known for 192.168.12.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:19:04 localhost pluto[27158]: "waxahachie-wireless-bedford" #77: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:19:07 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:19:07 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:19:08 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:19:08 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:19:10 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:19:10 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:19:15 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:19:15 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:20:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #76: max number of retransmissions (2) reached STATE_MAIN_R1
Jun 26 16:20:24 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:20:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: responding to Main Mode
Jun 26 16:20:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:20:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:20:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:20:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:20:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: received Vendor ID payload [XAUTH]
Jun 26 16:20:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:20:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:20:24 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:20:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:20:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: I did not send a certificate because I do not have one.
Jun 26 16:20:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:20:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:20:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:20:25 localhost pluto[27158]: "waxahachie-wireless-bedford" #78: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:20:27 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:20:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: responding to Main Mode
Jun 26 16:20:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:20:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:20:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:20:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:20:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: received Vendor ID payload [XAUTH]
Jun 26 16:20:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:20:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:20:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:20:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:20:27 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: I did not send a certificate because I do not have one.
Jun 26 16:20:28 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:20:28 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:20:28 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:20:28 localhost pluto[27158]: "waxahachie-wireless-bedford" #79: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:20:31 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:20:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: responding to Main Mode
Jun 26 16:20:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:20:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:20:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:20:31 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:20:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: received Vendor ID payload [XAUTH]
Jun 26 16:20:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:20:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:20:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:20:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:20:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: I did not send a certificate because I do not have one.
Jun 26 16:20:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:20:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:20:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:20:32 localhost pluto[27158]: "waxahachie-wireless-bedford" #80: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:20:34 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:20:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: responding to Main Mode
Jun 26 16:20:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:20:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:20:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:20:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:20:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: received Vendor ID payload [XAUTH]
Jun 26 16:20:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:20:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:20:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:20:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:20:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: I did not send a certificate because I do not have one.
Jun 26 16:20:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:20:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:20:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:20:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #81: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:20:53 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:20:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: responding to Main Mode
Jun 26 16:20:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:20:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:20:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:20:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:20:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: received Vendor ID payload [XAUTH]
Jun 26 16:20:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:20:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:20:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:20:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:20:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: I did not send a certificate because I do not have one.
Jun 26 16:20:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:20:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:20:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:20:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #82: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:22:50 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #42: received Delete SA payload: deleting ISAKMP State #42
Jun 26 16:22:50 localhost pluto[27158]: packet from 71.252.128.244:500: received and ignored informational message
Jun 26 16:25:31 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:25:32 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:31:22 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:31:22 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:31:22 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:31:22 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:31:24 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:31:24 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:31:27 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:31:27 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:31:29 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:31:29 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:31:30 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:31:30 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:32:34 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:32:34 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:32:41 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:32:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: responding to Main Mode
Jun 26 16:32:41 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:32:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:32:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:32:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:32:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: received Vendor ID payload [XAUTH]
Jun 26 16:32:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:32:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:32:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:32:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:32:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: I did not send a certificate because I do not have one.
Jun 26 16:32:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:32:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:32:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:32:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #83: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:32:44 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:32:44 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: responding to Main Mode
Jun 26 16:32:44 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:32:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:32:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:32:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:32:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: received Vendor ID payload [XAUTH]
Jun 26 16:32:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:32:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:32:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:32:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:32:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: I did not send a certificate because I do not have one.
Jun 26 16:32:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:32:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:32:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:32:45 localhost pluto[27158]: "waxahachie-wireless-bedford" #84: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:32:48 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:32:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: responding to Main Mode
Jun 26 16:32:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:32:48 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:32:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:32:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:32:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: received Vendor ID payload [XAUTH]
Jun 26 16:32:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:32:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:32:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:32:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:32:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: I did not send a certificate because I do not have one.
Jun 26 16:32:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:32:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:32:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:32:49 localhost pluto[27158]: "waxahachie-wireless-bedford" #85: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:32:50 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:32:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: responding to Main Mode
Jun 26 16:32:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:32:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:32:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:32:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:32:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: received Vendor ID payload [XAUTH]
Jun 26 16:32:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:32:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:32:50 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:32:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:32:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: I did not send a certificate because I do not have one.
Jun 26 16:32:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:32:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:32:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:32:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #86: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:32:51 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:32:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: responding to Main Mode
Jun 26 16:32:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:32:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:32:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:32:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:32:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: received Vendor ID payload [XAUTH]
Jun 26 16:32:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:32:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:32:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:32:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:32:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: I did not send a certificate because I do not have one.
Jun 26 16:32:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:32:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:32:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:32:53 localhost pluto[27158]: "waxahachie-wireless-bedford" #87: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:34:05 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:34:05 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:38:22 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:38:22 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:40:30 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:40:30 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:41:21 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:41:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: responding to Main Mode
Jun 26 16:41:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:41:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: received Vendor ID payload [XAUTH]
Jun 26 16:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: I did not send a certificate because I do not have one.
Jun 26 16:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #88: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:41:34 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:41:34 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:42:06 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:42:06 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:43:35 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:43:35 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:43:36 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:43:36 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:43:38 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:43:38 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:43:41 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:43:42 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:43:44 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:43:44 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:43:45 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:43:45 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:44:38 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:44:38 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:44:57 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:44:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: responding to Main Mode
Jun 26 16:44:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:44:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:44:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:44:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:44:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: received Vendor ID payload [XAUTH]
Jun 26 16:44:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:44:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:44:57 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:44:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:44:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: I did not send a certificate because I do not have one.
Jun 26 16:44:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:44:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:44:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:44:58 localhost pluto[27158]: "waxahachie-wireless-bedford" #89: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:44:59 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:44:59 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: responding to Main Mode
Jun 26 16:44:59 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:44:59 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:44:59 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:44:59 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:44:59 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: received Vendor ID payload [XAUTH]
Jun 26 16:44:59 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:44:59 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:44:59 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:44:59 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:44:59 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: I did not send a certificate because I do not have one.
Jun 26 16:45:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:45:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:45:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:45:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #90: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:45:00 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:45:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: responding to Main Mode
Jun 26 16:45:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:45:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:45:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:45:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:45:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: received Vendor ID payload [XAUTH]
Jun 26 16:45:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:45:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:45:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:45:01 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:45:01 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: I did not send a certificate because I do not have one.
Jun 26 16:45:01 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:45:01 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:45:01 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:45:01 localhost pluto[27158]: "waxahachie-wireless-bedford" #91: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:45:04 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:45:04 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: responding to Main Mode
Jun 26 16:45:04 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:45:04 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: received Vendor ID payload [XAUTH]
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: I did not send a certificate because I do not have one.
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #92: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:45:05 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: responding to Main Mode
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:45:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:45:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:45:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:45:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: received Vendor ID payload [XAUTH]
Jun 26 16:45:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:45:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:45:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:45:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:45:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: I did not send a certificate because I do not have one.
Jun 26 16:45:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:45:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:45:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:45:06 localhost pluto[27158]: "waxahachie-wireless-bedford" #93: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:45:07 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:45:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: responding to Main Mode
Jun 26 16:45:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:45:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:45:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:45:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:45:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: received Vendor ID payload [XAUTH]
Jun 26 16:45:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:45:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:45:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:45:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:45:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: I did not send a certificate because I do not have one.
Jun 26 16:45:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:45:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:45:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:45:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #94: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:45:51 localhost pluto[27158]: packet from 65.91.22.234:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 16:45:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: responding to Main Mode
Jun 26 16:45:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:45:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:45:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 16:45:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 16:45:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: received Vendor ID payload [XAUTH]
Jun 26 16:45:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 16:45:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:45:51 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:45:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 16:45:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: I did not send a certificate because I do not have one.
Jun 26 16:45:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:45:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 16:45:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: cannot respond to IPsec SA request because no connection is known for 192.168.1.0/24===216.158.212.174[@corp]...65.91.22.234===1.1.1.1/32
Jun 26 16:45:52 localhost pluto[27158]: "waxahachie-wireless-bedford" #95: sending encrypted notification INVALID_ID_INFORMATION to 65.91.22.234:500
Jun 26 16:46:25 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 16:46:25 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Dead Peer Detection]
Jun 26 16:46:25 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #96: responding to Main Mode from unknown peer 71.252.128.244
Jun 26 16:46:25 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #96: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 16:46:25 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #96: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 16:46:25 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #96: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 16:46:25 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #96: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 16:46:25 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #96: Main mode peer ID is ID_FQDN: '@home'
Jun 26 16:46:25 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #96: I did not send a certificate because I do not have one.
Jun 26 16:46:25 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #96: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 16:46:25 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #96: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 16:48:53 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #97: initiating Main Mode to replace #71
Jun 26 16:48:54 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #97: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 16:48:54 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #97: received Vendor ID payload [Dead Peer Detection]
Jun 26 16:48:54 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #97: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 16:48:54 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #97: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 16:48:54 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #97: I did not send a certificate because I do not have one.
Jun 26 16:48:54 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #97: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 16:48:54 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #97: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 16:48:54 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #97: Main mode peer ID is ID_FQDN: '@home'
Jun 26 16:48:54 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #97: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 16:48:54 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #97: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 16:55:48 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:55:48 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:55:50 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:55:50 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:55:51 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:55:51 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:55:55 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:55:55 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:55:57 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:55:57 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:55:58 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:55:59 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:56:43 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 16:56:43 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 16:58:05 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #70: received Delete SA payload: deleting ISAKMP State #70
Jun 26 16:58:05 localhost pluto[27158]: packet from 71.252.128.244:500: received and ignored informational message
Jun 26 17:06:52 localhost pluto[27158]: packet from 71.252.128.244:500: Informational Exchange is for an unknown (expired?) SA
Jun 26 17:08:02 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:08:02 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:08:10 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:08:10 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:08:13 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:08:13 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:08:46 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:08:46 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:19:03 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:19:03 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:20:25 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:20:25 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:20:27 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:20:27 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:20:32 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:20:32 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:20:35 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:20:36 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:20:55 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:20:55 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:31:51 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 17:31:51 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Dead Peer Detection]
Jun 26 17:31:51 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #98: responding to Main Mode from unknown peer 71.252.128.244
Jun 26 17:31:51 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #98: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 17:31:51 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #98: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 17:31:51 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #98: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 17:31:51 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #98: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 17:31:51 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #98: Main mode peer ID is ID_FQDN: '@home'
Jun 26 17:31:51 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #98: I did not send a certificate because I do not have one.
Jun 26 17:31:51 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #98: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 17:31:51 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #98: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 17:31:59 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #99: initiating Main Mode to replace #97
Jun 26 17:31:59 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #99: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 17:31:59 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #99: received Vendor ID payload [Dead Peer Detection]
Jun 26 17:31:59 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #99: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 17:31:59 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #99: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 17:31:59 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #99: I did not send a certificate because I do not have one.
Jun 26 17:31:59 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #99: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 17:31:59 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #99: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 17:31:59 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #99: Main mode peer ID is ID_FQDN: '@home'
Jun 26 17:31:59 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #99: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 17:31:59 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #99: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 17:32:43 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:32:43 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:32:46 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:32:46 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:32:49 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:32:49 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:32:51 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:32:51 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:32:52 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:32:52 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: initiating Main Mode to replace #95
Jun 26 17:41:22 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:41:22 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 17:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 26 17:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 17:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 17:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 17:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 17:41:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: received Vendor ID payload [XAUTH]
Jun 26 17:41:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: I did not send a certificate because I do not have one.
Jun 26 17:41:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 17:41:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 17:41:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 17:41:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 17:41:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 17:41:23 localhost pluto[27158]: "waxahachie-wireless-bedford" #100: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 17:44:59 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:44:59 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:44:59 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:44:59 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:45:01 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:45:01 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:45:05 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:45:05 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:45:06 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:45:06 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:45:08 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:45:08 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:45:52 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 17:45:52 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 17:46:25 localhost pluto[27158]: packet from 71.252.128.244:500: Informational Exchange is for an unknown (expired?) SA
Jun 26 17:48:53 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #97: received Delete SA payload: deleting ISAKMP State #97
Jun 26 17:48:53 localhost pluto[27158]: packet from 71.252.128.244:500: received and ignored informational message
Jun 26 18:21:26 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #101: initiating Main Mode to replace #99
Jun 26 18:21:26 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #101: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 18:21:26 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #101: received Vendor ID payload [Dead Peer Detection]
Jun 26 18:21:26 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #101: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 18:21:26 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #101: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 18:21:26 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #101: I did not send a certificate because I do not have one.
Jun 26 18:21:26 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #101: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 18:21:26 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #101: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 18:21:26 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #101: Main mode peer ID is ID_FQDN: '@home'
Jun 26 18:21:26 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #101: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 18:21:26 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #101: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 18:21:43 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 18:21:43 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Dead Peer Detection]
Jun 26 18:21:43 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #102: responding to Main Mode from unknown peer 71.252.128.244
Jun 26 18:21:43 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #102: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 18:21:43 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #102: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 18:21:43 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #102: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 18:21:43 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #102: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 18:21:43 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #102: Main mode peer ID is ID_FQDN: '@home'
Jun 26 18:21:43 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #102: I did not send a certificate because I do not have one.
Jun 26 18:21:44 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #102: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 18:21:44 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #102: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 18:31:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: initiating Main Mode to replace #100
Jun 26 18:31:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 18:31:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 26 18:31:42 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 18:31:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 18:31:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 18:31:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 18:31:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: received Vendor ID payload [XAUTH]
Jun 26 18:31:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: I did not send a certificate because I do not have one.
Jun 26 18:31:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 18:31:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 18:31:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 18:31:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 18:31:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 18:31:43 localhost pluto[27158]: "waxahachie-wireless-bedford" #103: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 18:31:50 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #98: received Delete SA payload: deleting ISAKMP State #98
Jun 26 18:31:50 localhost pluto[27158]: packet from 71.252.128.244:500: received and ignored informational message
Jun 26 18:31:58 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #99: received Delete SA payload: deleting ISAKMP State #99
Jun 26 18:31:59 localhost pluto[27158]: packet from 71.252.128.244:500: received and ignored informational message
Jun 26 18:41:23 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 18:41:24 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 19:09:31 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 19:09:31 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Dead Peer Detection]
Jun 26 19:09:31 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #104: responding to Main Mode from unknown peer 71.252.128.244
Jun 26 19:09:31 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #104: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 19:09:31 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #104: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 19:09:31 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #104: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 19:09:31 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #104: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 19:09:31 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #104: Main mode peer ID is ID_FQDN: '@home'
Jun 26 19:09:31 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #104: I did not send a certificate because I do not have one.
Jun 26 19:09:31 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #104: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 19:09:31 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #104: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 19:11:55 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #105: initiating Main Mode to replace #101
Jun 26 19:11:55 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #105: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 19:11:55 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #105: received Vendor ID payload [Dead Peer Detection]
Jun 26 19:11:55 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #105: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 19:11:55 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #105: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 19:11:56 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #105: I did not send a certificate because I do not have one.
Jun 26 19:11:56 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #105: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 19:11:56 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #105: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 19:11:56 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #105: Main mode peer ID is ID_FQDN: '@home'
Jun 26 19:11:56 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #105: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 19:11:56 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #105: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: initiating Main Mode to replace #103
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: received Vendor ID payload [XAUTH]
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: I did not send a certificate because I do not have one.
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 19:20:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #106: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 19:21:25 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #101: received Delete SA payload: deleting ISAKMP State #101
Jun 26 19:21:25 localhost pluto[27158]: packet from 71.252.128.244:500: received and ignored informational message
Jun 26 19:21:43 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #102: received Delete SA payload: deleting ISAKMP State #102
Jun 26 19:21:43 localhost pluto[27158]: packet from 71.252.128.244:500: received and ignored informational message
Jun 26 19:31:44 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 19:31:44 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 19:54:11 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 19:54:11 localhost pluto[27158]: packet from 71.252.128.244:500: received Vendor ID payload [Dead Peer Detection]
Jun 26 19:54:11 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #107: responding to Main Mode from unknown peer 71.252.128.244
Jun 26 19:54:11 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #107: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 19:54:11 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #107: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 19:54:11 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #107: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 19:54:11 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #107: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 19:54:11 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #107: Main mode peer ID is ID_FQDN: '@home'
Jun 26 19:54:11 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #107: I did not send a certificate because I do not have one.
Jun 26 19:54:11 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #107: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 19:54:11 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #107: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 19:58:32 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #108: initiating Main Mode to replace #105
Jun 26 19:58:32 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #108: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 19:58:32 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #108: received Vendor ID payload [Dead Peer Detection]
Jun 26 19:58:32 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #108: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 19:58:32 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #108: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 19:58:33 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #108: I did not send a certificate because I do not have one.
Jun 26 19:58:33 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #108: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 19:58:33 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #108: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 19:58:33 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #108: Main mode peer ID is ID_FQDN: '@home'
Jun 26 19:58:33 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #108: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 19:58:33 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #108: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 20:05:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: initiating Main Mode to replace #106
Jun 26 20:05:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 20:05:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 26 20:05:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 20:05:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 20:05:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 20:05:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 20:05:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: received Vendor ID payload [XAUTH]
Jun 26 20:05:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: I did not send a certificate because I do not have one.
Jun 26 20:05:01 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 20:05:01 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 20:05:01 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 20:05:01 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 20:05:01 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 20:05:01 localhost pluto[27158]: "waxahachie-wireless-bedford" #109: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 20:09:30 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #104: received Delete SA payload: deleting ISAKMP State #104
Jun 26 20:09:31 localhost pluto[27158]: packet from 71.252.128.244:500: received and ignored informational message
Jun 26 20:11:55 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #105: received Delete SA payload: deleting ISAKMP State #105
Jun 26 20:11:55 localhost pluto[27158]: packet from 71.252.128.244:500: received and ignored informational message
Jun 26 20:20:18 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 20:20:18 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 20:48:57 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #110: initiating Main Mode to replace #108
Jun 26 20:49:41 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #111: initiating Main Mode to replace #107
Jun 26 20:50:07 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #110: max number of retransmissions (2) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jun 26 20:50:51 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #111: max number of retransmissions (2) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jun 26 20:54:11 localhost pluto[27158]: "corporate-home"[1] 71.252.128.244 #107: ISAKMP SA expired (LATEST!)
Jun 26 20:54:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: initiating Main Mode to replace #109
Jun 26 20:54:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 20:54:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 26 20:54:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 20:54:17 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 20:54:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 20:54:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 20:54:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: received Vendor ID payload [XAUTH]
Jun 26 20:54:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: I did not send a certificate because I do not have one.
Jun 26 20:54:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 20:54:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 20:54:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 20:54:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 20:54:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 20:54:18 localhost pluto[27158]: "waxahachie-wireless-bedford" #112: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 20:58:33 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244 #108: ISAKMP SA expired (LATEST!)
Jun 26 20:58:33 localhost pluto[27158]: "nurscare-home"[1] 71.252.128.244: deleting connection "nurscare-home" instance with peer 71.252.128.244 {isakmp=#0/ipsec=#0}
Jun 26 21:05:00 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 21:05:00 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 21:15:13 localhost pluto[27158]: packet from 71.252.151.52:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 21:15:13 localhost pluto[27158]: packet from 71.252.151.52:500: received Vendor ID payload [Dead Peer Detection]
Jun 26 21:15:13 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: responding to Main Mode from unknown peer 71.252.151.52
Jun 26 21:15:13 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 21:15:13 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 21:15:13 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 21:15:13 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 21:15:13 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: Main mode peer ID is ID_FQDN: '@home'
Jun 26 21:15:13 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: I did not send a certificate because I do not have one.
Jun 26 21:15:13 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: deleting connection "corporate-home" instance with peer 71.252.128.244 {isakmp=#0/ipsec=#3}
Jun 26 21:15:13 localhost pluto[27158]: "corporate-home" #3: deleting state (STATE_QUICK_R2)
Jun 26 21:15:13 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: deleting connection "bedford-home" instance with peer 71.252.128.244 {isakmp=#0/ipsec=#2}
Jun 26 21:15:13 localhost pluto[27158]: "bedford-home" #2: deleting state (STATE_QUICK_R2)
Jun 26 21:15:13 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 21:15:13 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 21:15:13 localhost pluto[27158]: "corporate-home"[2] 71.252.151.52 #114: responding to Quick Mode {msgid:435fdc08}
Jun 26 21:15:13 localhost pluto[27158]: "corporate-home"[2] 71.252.151.52 #114: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 21:15:13 localhost pluto[27158]: "corporate-home"[2] 71.252.151.52 #114: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 21:15:13 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #115: responding to Quick Mode {msgid:cfdf9d8c}
Jun 26 21:15:14 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #115: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 21:15:14 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #115: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 21:15:14 localhost pluto[27158]: "corporate-home"[2] 71.252.151.52 #114: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 21:15:14 localhost pluto[27158]: "corporate-home"[2] 71.252.151.52 #114: STATE_QUICK_R2: IPsec SA established {ESP/NAT=>0xbeba4ce2 <0xbead10cb xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 26 21:15:14 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #115: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 21:15:14 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #115: STATE_QUICK_R2: IPsec SA established {ESP/NAT=>0xc87ab69b <0x1823e7d4 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 26 21:19:10 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: received Delete SA(0xc87ab69b) payload: deleting IPSEC State #115
Jun 26 21:19:10 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: received and ignored informational message
Jun 26 21:19:10 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: received Delete SA(0xbeba4ce2) payload: deleting IPSEC State #114
Jun 26 21:19:10 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: deleting connection "corporate-home" instance with peer 71.252.151.52 {isakmp=#0/ipsec=#0}
Jun 26 21:19:10 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: received and ignored informational message
Jun 26 21:19:10 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52 #113: received Delete SA payload: deleting ISAKMP State #113
Jun 26 21:19:10 localhost pluto[27158]: "nurscare-home"[2] 71.252.151.52: deleting connection "nurscare-home" instance with peer 71.252.151.52 {isakmp=#0/ipsec=#0}
Jun 26 21:19:10 localhost pluto[27158]: packet from 71.252.151.52:500: received and ignored informational message
Jun 26 21:19:10 localhost pluto[27158]: ERROR: asynchronous network error report on eth1 (sport=500) for message to 71.252.151.52 port 500, complainant 71.252.151.52: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
Jun 26 21:44:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: initiating Main Mode to replace #112
Jun 26 21:44:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 21:44:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 26 21:44:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 21:44:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 21:44:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 21:44:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 21:44:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: received Vendor ID payload [XAUTH]
Jun 26 21:44:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: I did not send a certificate because I do not have one.
Jun 26 21:44:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 21:44:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 21:44:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 21:44:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 21:44:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 21:44:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #116: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 21:47:22 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 21:47:22 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: responding to Main Mode from unknown peer 71.244.57.29
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: Main mode peer ID is ID_FQDN: '@home'
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: I did not send a certificate because I do not have one.
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #118: responding to Quick Mode {msgid:a772facb}
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #118: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #118: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 21:47:22 localhost pluto[27158]: "corporate-home"[3] 71.244.57.29 #119: responding to Quick Mode {msgid:41565c4b}
Jun 26 21:47:22 localhost pluto[27158]: "corporate-home"[3] 71.244.57.29 #119: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 21:47:22 localhost pluto[27158]: "corporate-home"[3] 71.244.57.29 #119: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 21:47:22 localhost pluto[27158]: "corporate-home"[3] 71.244.57.29 #119: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 21:47:22 localhost pluto[27158]: "corporate-home"[3] 71.244.57.29 #119: STATE_QUICK_R2: IPsec SA established {ESP/NAT=>0x6bd29b4a <0xd7851506 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #118: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 21:47:22 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #118: STATE_QUICK_R2: IPsec SA established {ESP/NAT=>0xcbf7be6e <0xa5d9a121 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 26 21:47:26 localhost pluto[27158]: "corporate-home"[3] 71.244.57.29 #120: responding to Quick Mode {msgid:47d2dcc3}
Jun 26 21:47:26 localhost pluto[27158]: "corporate-home"[3] 71.244.57.29 #120: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 21:47:26 localhost pluto[27158]: "corporate-home"[3] 71.244.57.29 #120: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 21:47:26 localhost pluto[27158]: "corporate-home"[3] 71.244.57.29 #120: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 21:47:26 localhost pluto[27158]: "corporate-home"[3] 71.244.57.29 #120: STATE_QUICK_R2: IPsec SA established {ESP/NAT=>0x3dba62dd <0xc930e702 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 26 21:53:21 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: received Delete SA(0x3dba62dd) payload: deleting IPSEC State #120
Jun 26 21:53:21 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: received and ignored informational message
Jun 26 21:53:21 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: received Delete SA(0x6bd29b4a) payload: deleting IPSEC State #119
Jun 26 21:53:21 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: deleting connection "corporate-home" instance with peer 71.244.57.29 {isakmp=#0/ipsec=#0}
Jun 26 21:53:21 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: received and ignored informational message
Jun 26 21:53:25 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #121: responding to Quick Mode {msgid:95dba9dd}
Jun 26 21:53:25 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #121: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 21:53:25 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #121: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 21:53:25 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #121: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 21:53:25 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #121: STATE_QUICK_R2: IPsec SA established {ESP/NAT=>0xc8438b51 <0x964a8f26 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 26 21:54:18 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 21:54:18 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 22:08:04 localhost pluto[27158]: "waxahachie-wireless-ovpn" #122: responding to Quick Mode {msgid:6720b7db}
Jun 26 22:08:04 localhost pluto[27158]: "waxahachie-wireless-ovpn" #122: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 22:08:04 localhost pluto[27158]: "waxahachie-wireless-ovpn" #122: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 22:08:04 localhost pluto[27158]: "waxahachie-wireless-ovpn" #122: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 22:08:04 localhost pluto[27158]: "waxahachie-wireless-ovpn" #122: STATE_QUICK_R2: IPsec SA established {ESP=>0x69f593af <0xf274288e xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-ovpn" #123: responding to Quick Mode {msgid:c48d43c6}
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-ovpn" #123: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-ovpn" #123: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-ovpn" #123: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-ovpn" #123: STATE_QUICK_R2: IPsec SA established {ESP=>0x7c14ca39 <0x882e2686 xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #124: responding to Quick Mode {msgid:3c52b6cc}
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #124: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #124: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #124: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #124: STATE_QUICK_R2: IPsec SA established {ESP=>0xe254b65f <0xecd6afbf xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-bedford" #125: responding to Quick Mode {msgid:68e8a8e1}
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-bedford" #125: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-bedford" #125: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-bedford" #125: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-bedford" #125: STATE_QUICK_R2: IPsec SA established {ESP=>0xd3c2f621 <0xa8ef6c24 xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-wireless-nurscare" #126: responding to Quick Mode {msgid:ea06645c}
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-wireless-nurscare" #126: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-wireless-nurscare" #126: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-wireless-nurscare" #126: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-wireless-nurscare" #126: STATE_QUICK_R2: IPsec SA established {ESP=>0x6825dcf6 <0x989ef544 xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-nurscare" #127: responding to Quick Mode {msgid:559ae4de}
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-nurscare" #127: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-nurscare" #127: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-nurscare" #127: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 26 22:08:05 localhost pluto[27158]: "waxahachie-lan-nurscare" #127: STATE_QUICK_R2: IPsec SA established {ESP=>0xc7bbeaa1 <0xe00d62cb xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 26 22:25:39 localhost pluto[27158]: "waxahachie-lan-corp" #128: initiating Quick Mode PSK+ENCRYPT+COMPRESS+TUNNEL+UP to replace #11 {using isakmp#116}
Jun 26 22:25:39 localhost pluto[27158]: "waxahachie-wireless-corp" #129: initiating Quick Mode PSK+ENCRYPT+COMPRESS+TUNNEL+UP to replace #10 {using isakmp#116}
Jun 26 22:25:39 localhost pluto[27158]: "waxahachie-lan-corp" #128: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 26 22:25:39 localhost pluto[27158]: "waxahachie-lan-corp" #128: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x254055e9 <0xd39cdf7a xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 26 22:25:39 localhost pluto[27158]: "waxahachie-wireless-corp" #129: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 26 22:25:39 localhost pluto[27158]: "waxahachie-wireless-corp" #129: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0xdf2ef21b <0xef9651e6 xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 26 22:26:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: initiating Main Mode to replace #116
Jun 26 22:26:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 22:26:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 26 22:26:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 22:26:21 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 22:26:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 22:26:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 22:26:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: received Vendor ID payload [XAUTH]
Jun 26 22:26:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: I did not send a certificate because I do not have one.
Jun 26 22:26:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 22:26:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 22:26:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 22:26:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 22:26:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 22:26:22 localhost pluto[27158]: "waxahachie-wireless-bedford" #130: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 22:29:53 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 22:29:53 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 26 22:29:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #131: responding to Main Mode from unknown peer 71.244.57.29
Jun 26 22:29:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #131: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 22:29:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #131: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 22:29:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #131: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 22:29:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #131: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 22:29:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #131: Main mode peer ID is ID_FQDN: '@home'
Jun 26 22:29:54 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #131: I did not send a certificate because I do not have one.
Jun 26 22:29:54 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #131: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 22:29:54 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #131: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 22:42:52 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #132: initiating Main Mode to replace #117
Jun 26 22:44:02 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #132: max number of retransmissions (2) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Jun 26 22:44:09 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 22:44:09 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 22:47:21 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #117: received Delete SA payload: deleting ISAKMP State #117
Jun 26 22:47:21 localhost pluto[27158]: packet from 71.244.57.29:500: received and ignored informational message
Jun 26 23:13:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: initiating Main Mode to replace #130
Jun 26 23:13:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 26 23:13:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 26 23:13:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 26 23:13:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 26 23:13:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 26 23:13:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 26 23:13:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: received Vendor ID payload [XAUTH]
Jun 26 23:13:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: I did not send a certificate because I do not have one.
Jun 26 23:13:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 26 23:13:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 26 23:13:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 26 23:13:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 26 23:13:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 26 23:13:09 localhost pluto[27158]: "waxahachie-wireless-bedford" #133: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 26 23:16:02 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 26 23:16:02 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 26 23:16:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #134: responding to Main Mode from unknown peer 71.244.57.29
Jun 26 23:16:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #134: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 26 23:16:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #134: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 26 23:16:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #134: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 26 23:16:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #134: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 26 23:16:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #134: Main mode peer ID is ID_FQDN: '@home'
Jun 26 23:16:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #134: I did not send a certificate because I do not have one.
Jun 26 23:16:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #134: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 26 23:16:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #134: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 26 23:26:22 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 26 23:26:22 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 26 23:29:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #131: received Delete SA payload: deleting ISAKMP State #131
Jun 26 23:29:53 localhost pluto[27158]: packet from 71.244.57.29:500: received and ignored informational message
Jun 27 00:01:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: initiating Main Mode to replace #133
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: received Vendor ID payload [XAUTH]
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: I did not send a certificate because I do not have one.
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 00:01:38 localhost pluto[27158]: "waxahachie-wireless-bedford" #135: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 27 00:03:47 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 00:03:47 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 00:03:47 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #136: responding to Main Mode from unknown peer 71.244.57.29
Jun 27 00:03:47 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #136: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 27 00:03:47 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #136: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 27 00:03:47 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #136: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 27 00:03:47 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #136: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 27 00:03:47 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #136: Main mode peer ID is ID_FQDN: '@home'
Jun 27 00:03:47 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #136: I did not send a certificate because I do not have one.
Jun 27 00:03:47 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #136: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 27 00:03:47 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #136: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 00:13:09 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 27 00:13:09 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 27 00:16:01 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #134: received Delete SA payload: deleting ISAKMP State #134
Jun 27 00:16:01 localhost pluto[27158]: packet from 71.244.57.29:500: received and ignored informational message
Jun 27 00:47:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: initiating Main Mode to replace #135
Jun 27 00:47:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 00:47:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 27 00:47:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 00:47:36 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 00:47:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 27 00:47:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 27 00:47:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: received Vendor ID payload [XAUTH]
Jun 27 00:47:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: I did not send a certificate because I do not have one.
Jun 27 00:47:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 27 00:47:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 00:47:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 00:47:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 27 00:47:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 00:47:37 localhost pluto[27158]: "waxahachie-wireless-bedford" #137: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 27 00:50:37 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 00:50:37 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 00:50:37 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #138: responding to Main Mode from unknown peer 71.244.57.29
Jun 27 00:50:38 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #138: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 27 00:50:38 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #138: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 27 00:50:38 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #138: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 27 00:50:38 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #138: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 27 00:50:38 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #138: Main mode peer ID is ID_FQDN: '@home'
Jun 27 00:50:38 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #138: I did not send a certificate because I do not have one.
Jun 27 00:50:38 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #138: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 27 00:50:38 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #138: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 01:01:38 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 27 01:01:38 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 27 01:03:46 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #136: received Delete SA payload: deleting ISAKMP State #136
Jun 27 01:03:46 localhost pluto[27158]: packet from 71.244.57.29:500: received and ignored informational message
Jun 27 01:33:55 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 01:33:55 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 01:33:55 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #139: responding to Main Mode from unknown peer 71.244.57.29
Jun 27 01:33:55 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #139: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 27 01:33:55 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #139: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 27 01:33:55 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #139: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 27 01:33:55 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #139: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 27 01:33:55 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #139: Main mode peer ID is ID_FQDN: '@home'
Jun 27 01:33:55 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #139: I did not send a certificate because I do not have one.
Jun 27 01:33:55 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #139: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 27 01:33:55 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #139: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 01:36:04 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: initiating Main Mode to replace #137
Jun 27 01:36:04 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 01:36:04 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 27 01:36:04 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 01:36:04 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 01:36:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 27 01:36:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 27 01:36:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: received Vendor ID payload [XAUTH]
Jun 27 01:36:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: I did not send a certificate because I do not have one.
Jun 27 01:36:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 27 01:36:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 01:36:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 01:36:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 27 01:36:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 01:36:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #140: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 27 01:47:37 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 27 01:47:37 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 27 01:50:37 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #138: received Delete SA payload: deleting ISAKMP State #138
Jun 27 01:50:37 localhost pluto[27158]: packet from 71.244.57.29:500: received and ignored informational message
Jun 27 02:20:52 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 02:20:52 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 02:20:52 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #141: responding to Main Mode from unknown peer 71.244.57.29
Jun 27 02:20:52 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #141: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 27 02:20:52 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #141: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 27 02:20:52 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #141: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 27 02:20:52 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #141: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 27 02:20:52 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #141: Main mode peer ID is ID_FQDN: '@home'
Jun 27 02:20:52 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #141: I did not send a certificate because I do not have one.
Jun 27 02:20:52 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #141: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 27 02:20:52 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #141: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 02:24:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: initiating Main Mode to replace #140
Jun 27 02:24:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 02:24:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 27 02:24:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 02:24:54 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 02:24:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 27 02:24:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 27 02:24:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: received Vendor ID payload [XAUTH]
Jun 27 02:24:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: I did not send a certificate because I do not have one.
Jun 27 02:24:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 27 02:24:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 02:24:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 02:24:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 27 02:24:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 02:24:55 localhost pluto[27158]: "waxahachie-wireless-bedford" #142: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 27 02:33:54 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #139: received Delete SA payload: deleting ISAKMP State #139
Jun 27 02:33:54 localhost pluto[27158]: packet from 71.244.57.29:500: received and ignored informational message
Jun 27 02:36:05 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 27 02:36:05 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 27 03:11:02 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 03:11:02 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 03:11:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #143: responding to Main Mode from unknown peer 71.244.57.29
Jun 27 03:11:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #143: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 27 03:11:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #143: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 27 03:11:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #143: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 27 03:11:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #143: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 27 03:11:03 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #143: Main mode peer ID is ID_FQDN: '@home'
Jun 27 03:11:03 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #143: I did not send a certificate because I do not have one.
Jun 27 03:11:03 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #143: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 27 03:11:03 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #143: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: initiating Main Mode to replace #142
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: received Vendor ID payload [XAUTH]
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: I did not send a certificate because I do not have one.
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 03:11:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #144: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 27 03:20:51 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #141: received Delete SA payload: deleting ISAKMP State #141
Jun 27 03:20:51 localhost pluto[27158]: packet from 71.244.57.29:500: received and ignored informational message
Jun 27 03:24:55 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 27 03:24:55 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 27 03:53:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: initiating Main Mode to replace #144
Jun 27 03:53:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 03:53:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 27 03:53:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 03:53:10 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 03:53:11 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 27 03:53:11 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 27 03:53:11 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: received Vendor ID payload [XAUTH]
Jun 27 03:53:11 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: I did not send a certificate because I do not have one.
Jun 27 03:53:11 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 27 03:53:11 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 03:53:11 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 03:53:11 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 27 03:53:11 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 03:53:11 localhost pluto[27158]: "waxahachie-wireless-bedford" #145: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 27 03:56:49 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 03:56:49 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 03:56:49 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #146: responding to Main Mode from unknown peer 71.244.57.29
Jun 27 03:56:49 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #146: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 27 03:56:49 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #146: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 27 03:56:49 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #146: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 27 03:56:49 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #146: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 27 03:56:49 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #146: Main mode peer ID is ID_FQDN: '@home'
Jun 27 03:56:49 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #146: I did not send a certificate because I do not have one.
Jun 27 03:56:49 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #146: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 27 03:56:49 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #146: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 04:11:02 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #143: received Delete SA payload: deleting ISAKMP State #143
Jun 27 04:11:02 localhost pluto[27158]: packet from 71.244.57.29:500: received and ignored informational message
Jun 27 04:11:05 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 27 04:11:05 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 27 04:36:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: initiating Main Mode to replace #145
Jun 27 04:36:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 04:36:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 27 04:36:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 04:36:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 04:36:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 27 04:36:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 27 04:36:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: received Vendor ID payload [XAUTH]
Jun 27 04:36:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: I did not send a certificate because I do not have one.
Jun 27 04:36:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 27 04:36:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 04:36:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 04:36:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 27 04:36:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 04:36:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #147: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 27 04:41:34 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 04:41:34 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 04:41:34 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #148: responding to Main Mode from unknown peer 71.244.57.29
Jun 27 04:41:34 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #148: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 27 04:41:34 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #148: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 27 04:41:34 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #148: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 27 04:41:34 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #148: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 27 04:41:34 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #148: Main mode peer ID is ID_FQDN: '@home'
Jun 27 04:41:34 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #148: I did not send a certificate because I do not have one.
Jun 27 04:41:34 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #148: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 27 04:41:34 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #148: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 04:53:11 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 27 04:53:11 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 27 04:56:48 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #146: received Delete SA payload: deleting ISAKMP State #146
Jun 27 04:56:48 localhost pluto[27158]: packet from 71.244.57.29:500: received and ignored informational message
Jun 27 05:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: initiating Main Mode to replace #147
Jun 27 05:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 05:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 27 05:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 05:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 05:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 27 05:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 27 05:19:15 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: received Vendor ID payload [XAUTH]
Jun 27 05:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: I did not send a certificate because I do not have one.
Jun 27 05:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 27 05:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 05:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 05:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 27 05:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 05:19:16 localhost pluto[27158]: "waxahachie-wireless-bedford" #149: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 27 05:26:53 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 05:26:53 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 05:26:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: responding to Main Mode from unknown peer 71.244.57.29
Jun 27 05:26:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 27 05:26:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 27 05:26:54 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 27 05:26:54 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 27 05:26:54 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: Main mode peer ID is ID_FQDN: '@home'
Jun 27 05:26:54 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: I did not send a certificate because I do not have one.
Jun 27 05:26:54 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 27 05:26:54 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 05:29:51 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #151: responding to Quick Mode {msgid:b8bde551}
Jun 27 05:29:51 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #151: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 27 05:29:51 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #151: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 27 05:30:21 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #151: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 27 05:30:21 localhost pluto[27158]: "nurscare-home"[3] 71.244.57.29 #151: STATE_QUICK_R2: IPsec SA established {ESP/NAT=>0x3a0776b5 <0xee16ea26 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 27 05:36:34 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 27 05:36:34 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 27 05:37:19 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #152: responding to Quick Mode {msgid:ed4bec2b}
Jun 27 05:37:19 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #152: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 27 05:37:19 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #152: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 27 05:37:29 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #152: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 27 05:37:29 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #152: STATE_QUICK_R2: IPsec SA established {ESP/NAT=>0xc4ad15ff <0x1a12390b xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Jun 27 05:41:34 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #148: received Delete SA payload: deleting ISAKMP State #148
Jun 27 05:41:34 localhost pluto[27158]: packet from 71.244.57.29:500: received and ignored informational message
Jun 27 05:47:16 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: received Delete SA(0xcbf7be6e) payload: deleting IPSEC State #118
Jun 27 05:47:16 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: received and ignored informational message
Jun 27 05:53:19 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: received Delete SA(0xc8438b51) payload: deleting IPSEC State #121
Jun 27 05:53:19 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: received and ignored informational message
Jun 27 06:01:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: initiating Main Mode to replace #149
Jun 27 06:01:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 06:01:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 27 06:01:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 06:01:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 06:01:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 27 06:01:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 27 06:01:33 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: received Vendor ID payload [XAUTH]
Jun 27 06:01:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: I did not send a certificate because I do not have one.
Jun 27 06:01:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 27 06:01:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 06:01:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 06:01:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 27 06:01:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 06:01:34 localhost pluto[27158]: "waxahachie-wireless-bedford" #153: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 27 06:03:34 localhost pluto[27158]: "waxahachie-wireless-ovpn" #154: initiating Quick Mode PSK+ENCRYPT+COMPRESS+TUNNEL to replace #122 {using isakmp#153}
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-wireless-ovpn" #154: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-wireless-ovpn" #154: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x0fa03638 <0x9fe36178 xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-lan-nurscare" #155: initiating Quick Mode PSK+ENCRYPT+COMPRESS+TUNNEL to replace #127 {using isakmp#153}
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-wireless-nurscare" #156: initiating Quick Mode PSK+ENCRYPT+COMPRESS+TUNNEL to replace #126 {using isakmp#153}
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-lan-bedford" #157: initiating Quick Mode PSK+ENCRYPT+COMPRESS+TUNNEL to replace #125 {using isakmp#153}
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-lan-bedford" #157: can not start crypto helper: failed to find any available worker
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #158: initiating Quick Mode PSK+ENCRYPT+COMPRESS+TUNNEL to replace #124 {using isakmp#153}
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-wireless-bedford" #158: can not start crypto helper: failed to find any available worker
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-lan-ovpn" #159: initiating Quick Mode PSK+ENCRYPT+COMPRESS+TUNNEL to replace #123 {using isakmp#153}
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-lan-ovpn" #159: can not start crypto helper: failed to find any available worker
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-lan-nurscare" #155: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-lan-nurscare" #155: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x2f34c599 <0x9f996b0f xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-wireless-nurscare" #156: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 27 06:03:35 localhost pluto[27158]: "waxahachie-wireless-nurscare" #156: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x5c792d33 <0x488a951f xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 27 06:07:45 localhost pluto[27158]: "waxahachie-wireless-corp" #160: initiating Quick Mode PSK+ENCRYPT+COMPRESS+TUNNEL+UP to replace #129 {using isakmp#153}
Jun 27 06:07:45 localhost pluto[27158]: "waxahachie-wireless-corp" #160: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 27 06:07:45 localhost pluto[27158]: "waxahachie-wireless-corp" #160: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x3f5e3440 <0xb4c8002f xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 27 06:08:05 localhost pluto[27158]: "waxahachie-lan-ovpn" #123: IPsec SA expired (LATEST!)
Jun 27 06:08:05 localhost pluto[27158]: "waxahachie-wireless-bedford" #124: IPsec SA expired (LATEST!)
Jun 27 06:08:05 localhost pluto[27158]: "waxahachie-lan-bedford" #125: IPsec SA expired (LATEST!)
Jun 27 06:11:59 localhost pluto[27158]: "waxahachie-lan-ovpn" #161: responding to Quick Mode {msgid:801f2757}
Jun 27 06:11:59 localhost pluto[27158]: "waxahachie-lan-ovpn" #161: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 27 06:11:59 localhost pluto[27158]: "waxahachie-lan-ovpn" #161: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 27 06:11:59 localhost pluto[27158]: "waxahachie-lan-ovpn" #161: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 27 06:11:59 localhost pluto[27158]: "waxahachie-lan-ovpn" #161: STATE_QUICK_R2: IPsec SA established {ESP=>0x645c1c0a <0x4eb97eff xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 27 06:11:59 localhost pluto[27158]: "waxahachie-lan-bedford" #162: responding to Quick Mode {msgid:ac4c35e5}
Jun 27 06:11:59 localhost pluto[27158]: "waxahachie-lan-bedford" #162: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 27 06:11:59 localhost pluto[27158]: "waxahachie-lan-bedford" #162: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 27 06:11:59 localhost pluto[27158]: "waxahachie-lan-bedford" #162: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 27 06:11:59 localhost pluto[27158]: "waxahachie-lan-bedford" #162: STATE_QUICK_R2: IPsec SA established {ESP=>0x52626d74 <0xe1b81c24 xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 27 06:12:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #163: responding to Quick Mode {msgid:781c5d7e}
Jun 27 06:12:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #163: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 27 06:12:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #163: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 27 06:12:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #163: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 27 06:12:00 localhost pluto[27158]: "waxahachie-wireless-bedford" #163: STATE_QUICK_R2: IPsec SA established {ESP=>0x45447991 <0xbe1f0e62 xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 27 06:12:45 localhost pluto[27158]: "waxahachie-lan-corp" #164: initiating Quick Mode PSK+ENCRYPT+COMPRESS+TUNNEL+UP to replace #128 {using isakmp#153}
Jun 27 06:12:45 localhost pluto[27158]: "waxahachie-lan-corp" #164: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun 27 06:12:45 localhost pluto[27158]: "waxahachie-lan-corp" #164: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0xda5d3958 <0x00ca01f7 xfrm=3DES_0-HMAC_MD5 NATD=65.91.22.234:500 DPD=none}
Jun 27 06:14:11 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 06:14:11 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 06:14:11 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #165: responding to Main Mode from unknown peer 71.244.57.29
Jun 27 06:14:11 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #165: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 27 06:14:12 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #165: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 27 06:14:12 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #165: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 27 06:14:12 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #165: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 27 06:14:12 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #165: Main mode peer ID is ID_FQDN: '@home'
Jun 27 06:14:12 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #165: I did not send a certificate because I do not have one.
Jun 27 06:14:12 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #165: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 27 06:14:12 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #165: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 06:19:15 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 27 06:19:15 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 27 06:26:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #150: received Delete SA payload: deleting ISAKMP State #150
Jun 27 06:26:53 localhost pluto[27158]: packet from 71.244.57.29:500: received and ignored informational message
Jun 27 06:52:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: initiating Main Mode to replace #153
Jun 27 06:52:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 06:52:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 27 06:52:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 06:52:07 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 06:52:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 27 06:52:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 27 06:52:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: received Vendor ID payload [XAUTH]
Jun 27 06:52:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: I did not send a certificate because I do not have one.
Jun 27 06:52:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 27 06:52:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 06:52:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 06:52:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 27 06:52:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 06:52:08 localhost pluto[27158]: "waxahachie-wireless-bedford" #166: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 27 06:56:53 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 06:56:53 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 06:56:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #167: responding to Main Mode from unknown peer 71.244.57.29
Jun 27 06:56:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #167: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 27 06:56:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #167: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 27 06:56:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #167: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 27 06:56:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #167: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 27 06:56:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #167: Main mode peer ID is ID_FQDN: '@home'
Jun 27 06:56:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #167: I did not send a certificate because I do not have one.
Jun 27 06:56:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #167: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 27 06:56:53 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #167: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 07:01:33 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 27 07:01:33 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 27 07:14:11 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #165: received Delete SA payload: deleting ISAKMP State #165
Jun 27 07:14:11 localhost pluto[27158]: packet from 71.244.57.29:500: received and ignored informational message
Jun 27 07:38:29 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: initiating Main Mode to replace #166
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: STATE_MAIN_I2: sent MI2, expecting MR2
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: ignoring unknown Vendor ID payload [da8e937880010000]
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: ignoring unknown Vendor ID payload [404bf439522ca3f6]
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: received Vendor ID payload [XAUTH]
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: I did not send a certificate because I do not have one.
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: STATE_MAIN_I3: sent MI3, expecting MR3
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: Main mode peer ID is ID_IPV4_ADDR: '65.91.22.234'
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun 27 07:38:30 localhost pluto[27158]: "waxahachie-wireless-bedford" #168: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}
Jun 27 07:40:44 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Openswan (this version) 2.4.4 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun 27 07:40:44 localhost pluto[27158]: packet from 71.244.57.29:500: received Vendor ID payload [Dead Peer Detection]
Jun 27 07:40:44 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #169: responding to Main Mode from unknown peer 71.244.57.29
Jun 27 07:40:44 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #169: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 27 07:40:44 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #169: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 27 07:40:44 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #169: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 27 07:40:44 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #169: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 27 07:40:44 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #169: Main mode peer ID is ID_FQDN: '@home'
Jun 27 07:40:44 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #169: I did not send a certificate because I do not have one.
Jun 27 07:40:44 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #169: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 27 07:40:44 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #169: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Jun 27 07:52:08 localhost pluto[27158]: packet from 65.91.22.234:500: ignoring informational payload, type INVALID_COOKIE
Jun 27 07:52:08 localhost pluto[27158]: packet from 65.91.22.234:500: received and ignored informational message
Jun 27 07:56:52 localhost pluto[27158]: "corporate-home"[4] 71.244.57.29 #167: received Delete SA payload: deleting ISAKMP State #167
Jun 27 07:56:52 localhost pluto[27158]: packet from 71.244.57.29:500: received and ignored informational message
+ _________________________ date
+ date
Tue Jun 27 08:14:59 CDT 2006
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jmann.vcf
Type: text/x-vcard
Size: 352 bytes
Desc: jmann.vcf
Url : http://lists.openswan.org/pipermail/users/attachments/20060627/9631806b/jmann-0001.vcf
More information about the Users
mailing list