[Openswan Users] Windows Xp client to openswan
Can Akalin
canakalin77 at gmail.com
Fri Mar 17 14:45:06 CET 2006
Hello everyone,
After Paul's warning, I realized that I didn't open the UDP 4500 port on my
router gateway between 2 private networks. So I opened the port. Some
improvements happened but I wasn't able make the connection yet.
It seems Windows client and Linux box (openswan) are talking to each other.
But there wasn't a successful connection yet.
Below are the all the log files.
192.168.1.72 is the IP address of the Windows client and 10.10.10.10 is the
IP address of the linux machine that openswan resides. 192.168.1.55 is the
IP address of the router gateway.
Could you please tell me what am I still missing?
Thank you for your time and effort
Can Akalin
>>>>>>>>>>>WINDOWS EVENT VIEWER LOG<<<<<<<<<<<<<<<<<<<
IPSec Services: PAStore Engine applied local registry storage IPSec
policy "x4 {10f4a3fc-9fcb-40f3-82e1-2c9f0b798028}" on the machine.
++++++++++++++++++++++++++++++++++++++
IKE security association established.
Mode:
Key Exchange Mode (Main Mode)
Peer Identity:
Certificate based Identity.
Peer Subject C=CA, S=Ontario, L=Toronto, O=Internet Widgits Pty Ltd, OU=SRN,
CN=deneme1, E=deneme1 at springboardnetworks.com
Peer SHA Thumbprint 173111919eb4dc726dc3cf2f1d6e1d9489f9e522
Peer Issuing Certificate Authority C=CA, S=Ontario, L=Toronto, O=Springboard
Retail Networks Inc., CN=OzgUN, E=ozgun at springboardnetworks.com
Root Certificate Authority C=CA, S=Ontario, L=Toronto, O=Springboard Retail
Networks Inc., CN=OzgUN, E=ozgun at springboardnetworks.com
My Subject C=CA, S=Ontario, O=Springboard Retail Networks Inc., CN=laptop,
E=laptop at springboardnetworks.com
My SHA Thumbprint 9f120fd256be49e28c1df547aef9a1256ebef09e
Peer IP Address: 192.168.1.55
Filter:
Source IP Address 192.168.1.72
Source IP Address Mask 255.255.255.255
Destination IP Address 192.168.1.55
Destination IP Address Mask 255.255.255.255
Protocol 0
Source Port 0
Destination Port 0
IKE Local Addr 192.168.1.72
IKE Peer Addr 192.168.1.55
Parameters:
ESP Algorithm Triple DES CBC
HMAC Algorithm SHA
Lifetime (sec) 3500
++++++++++++++++++++++++++++++++++++++++++++++++
IKE security association established.
Mode:
Data Protection Mode (Quick Mode)
Peer Identity:
Certificate based Identity.
Peer Subject C=CA, S=Ontario, L=Toronto, O=Internet Widgits Pty Ltd, OU=SRN,
CN=deneme1, E=deneme1 at springboardnetworks.com
Peer SHA Thumbprint 173111919eb4dc726dc3cf2f1d6e1d9489f9e522
Peer Issuing Certificate Authority C=CA, S=Ontario, L=Toronto, O=Springboard
Retail Networks Inc., CN=OzgUN, E=ozgun at springboardnetworks.com
Root Certificate Authority C=CA, S=Ontario, L=Toronto, O=Springboard Retail
Networks Inc., CN=OzgUN, E=ozgun at springboardnetworks.com
My Subject C=CA, S=Ontario, O=Springboard Retail Networks Inc., CN=laptop,
E=laptop at springboardnetworks.com
My SHA Thumbprint 9f120fd256be49e28c1df547aef9a1256ebef09e
Peer IP Address: 192.168.1.55
Filter:
Source IP Address 192.168.1.72
Source IP Address Mask 255.255.255.255
Destination IP Address 10.10.10.0
Destination IP Address Mask 255.255.255.0
Protocol 0
Source Port 0
Destination Port 0
IKE Local Addr 192.168.1.72
IKE Peer Addr 192.168.1.55
Parameters:
ESP Algorithm Triple DES CBC
HMAC Algorithm MD5
AH Algorithm None
Encapsulation 61443
InboundSpi 2102453735 (0x7d50e5e7)
OutBoundSpi 2638595035 (0x9d45c3db)
Lifetime (sec) 3600
Lifetime (kb) 100000
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
>>>>>>>>>>>>>>>>>>OAKLEY.log<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<
3-17: 14:20:23:328:b0c Acquire from driver: op=0000000B src=192.168.1.72.0dst=
10.10.10.10.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.0,
Tunnel 1, TunnelEndpt=192.168.1.55 Inbound TunnelEndpt=192.168.1.72
3-17: 14:20:23:390:4a8 Filter to match: Src 192.168.1.55 Dst 192.168.1.72
3-17: 14:20:23:421:4a8 MM PolicyName: 6
3-17: 14:20:23:421:4a8 MMPolicy dwFlags 2 SoftSAExpireTime 3500
3-17: 14:20:23:421:4a8 MMOffer[0] LifetimeSec 3500 QMLimit 0 DHGroup 2
3-17: 14:20:23:453:4a8 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
3-17: 14:20:23:453:4a8 Auth[0]:RSA Sig C=CA, S=Ontario, L=Toronto,
O=Springboard Retail Networks Inc., CN=OzgUN, E=
ozgun at springboardnetworks.com AuthFlags 0
3-17: 14:20:23:453:4a8 QM PolicyName: x4
{cd96cf89-44ae-4f08-800c-0cebebc2d5af} dwFlags 1
3-17: 14:20:23:453:4a8 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
3-17: 14:20:23:453:4a8 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
3-17: 14:20:23:453:4a8 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
MD5
3-17: 14:20:23:453:4a8 Starting Negotiation: src = 192.168.1.72.0500, dst =
192.168.1.55.0500, proto = 00, context = 0000000B, ProxySrc =
192.168.1.72.0000, ProxyDst = 10.10.10.0.0000 SrcMask =
255.255.255.255DstMask =
255.255.255.0
3-17: 14:20:23:453:4a8 constructing ISAKMP Header
3-17: 14:20:23:453:4a8 constructing SA (ISAKMP)
3-17: 14:20:23:453:4a8 Constructing Vendor MS NT5 ISAKMPOAKLEY
3-17: 14:20:23:484:4a8 Constructing Vendor FRAGMENTATION
3-17: 14:20:23:484:4a8 Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
3-17: 14:20:23:484:4a8 Constructing Vendor Vid-Initial-Contact
3-17: 14:20:23:500:4a8
3-17: 14:20:23:500:4a8 Sending: SA = 0x00103838 to 192.168.1.55:Type 2.500
3-17: 14:20:23:500:4a8 ISAKMP Header: (V1.0), len = 168
3-17: 14:20:23:500:4a8 I-COOKIE 8bbfa6c4be7fd312
3-17: 14:20:23:500:4a8 R-COOKIE 0000000000000000
3-17: 14:20:23:500:4a8 exchange: Oakley Main Mode
3-17: 14:20:23:500:4a8 flags: 0
3-17: 14:20:23:500:4a8 next payload: SA
3-17: 14:20:23:500:4a8 message ID: 00000000
3-17: 14:20:23:500:4a8 Ports S:f401 D:f401
3-17: 14:20:23:500:4a8
3-17: 14:20:23:500:4a8 Receive: (get) SA = 0x00103838 from 192.168.1.55.500
3-17: 14:20:23:500:4a8 ISAKMP Header: (V1.0), len = 140
3-17: 14:20:23:500:4a8 I-COOKIE 8bbfa6c4be7fd312
3-17: 14:20:23:500:4a8 R-COOKIE 7c08bb26f9ce9c0a
3-17: 14:20:23:500:4a8 exchange: Oakley Main Mode
3-17: 14:20:23:500:4a8 flags: 0
3-17: 14:20:23:500:4a8 next payload: SA
3-17: 14:20:23:500:4a8 message ID: 00000000
3-17: 14:20:23:500:4a8 processing payload SA
3-17: 14:20:23:500:4a8 Received Phase 1 Transform 1
3-17: 14:20:23:500:4a8 Encryption Alg Triple DES CBC(5)
3-17: 14:20:23:500:4a8 Hash Alg SHA(2)
3-17: 14:20:23:500:4a8 Oakley Group 2
3-17: 14:20:23:500:4a8 Auth Method RSA Signature with Certificates(3)
3-17: 14:20:23:500:4a8 Life type in Seconds
3-17: 14:20:23:500:4a8 Life duration of 3500
3-17: 14:20:23:500:4a8 Phase 1 SA accepted: transform=1
3-17: 14:20:23:500:4a8 SA - Oakley proposal accepted
3-17: 14:20:23:500:4a8 processing payload VENDOR ID
3-17: 14:20:23:500:4a8 processing payload VENDOR ID
3-17: 14:20:23:500:4a8 processing payload VENDOR ID
3-17: 14:20:23:500:4a8 Received VendorId draft-ietf-ipsec-nat-t-ike-02
3-17: 14:20:23:500:4a8 ClearFragList
3-17: 14:20:23:500:4a8 constructing ISAKMP Header
3-17: 14:20:23:515:4a8 constructing KE
3-17: 14:20:23:515:4a8 constructing NONCE (ISAKMP)
3-17: 14:20:23:515:4a8 Constructing NatDisc
3-17: 14:20:23:515:4a8
3-17: 14:20:23:515:4a8 Sending: SA = 0x00103838 to 192.168.1.55:Type 2.500
3-17: 14:20:23:515:4a8 ISAKMP Header: (V1.0), len = 232
3-17: 14:20:23:515:4a8 I-COOKIE 8bbfa6c4be7fd312
3-17: 14:20:23:515:4a8 R-COOKIE 7c08bb26f9ce9c0a
3-17: 14:20:23:515:4a8 exchange: Oakley Main Mode
3-17: 14:20:23:515:4a8 flags: 0
3-17: 14:20:23:515:4a8 next payload: KE
3-17: 14:20:23:515:4a8 message ID: 00000000
3-17: 14:20:23:515:4a8 Ports S:f401 D:f401
3-17: 14:20:23:531:4a8
3-17: 14:20:23:531:4a8 Receive: (get) SA = 0x00103838 from 192.168.1.55.500
3-17: 14:20:23:531:4a8 ISAKMP Header: (V1.0), len = 228
3-17: 14:20:23:531:4a8 I-COOKIE 8bbfa6c4be7fd312
3-17: 14:20:23:531:4a8 R-COOKIE 7c08bb26f9ce9c0a
3-17: 14:20:23:531:4a8 exchange: Oakley Main Mode
3-17: 14:20:23:531:4a8 flags: 0
3-17: 14:20:23:531:4a8 next payload: KE
3-17: 14:20:23:531:4a8 message ID: 00000000
3-17: 14:20:23:531:4a8 processing payload KE
3-17: 14:20:23:531:4a8 processing payload NONCE
3-17: 14:20:23:531:4a8 processing payload NATDISC
3-17: 14:20:23:531:4a8 Processing NatHash
3-17: 14:20:23:531:4a8 Nat hash 80d5864b7fb35e2055878f564c90f8bb
3-17: 14:20:23:531:4a8 c140a0f1
3-17: 14:20:23:531:4a8 SA StateMask2 f
3-17: 14:20:23:531:4a8 processing payload NATDISC
3-17: 14:20:23:531:4a8 Processing NatHash
3-17: 14:20:23:531:4a8 Nat hash 670611149ee5b9e39ed3e32415335321
3-17: 14:20:23:531:4a8 505d20b3
3-17: 14:20:23:531:4a8 SA StateMask2 4f
3-17: 14:20:23:531:4a8 ClearFragList
3-17: 14:20:23:531:4a8 Peer behind NAT
3-17: 14:20:23:531:4a8 Floated Ports Orig Me:f401 Peer:f401
3-17: 14:20:23:531:4a8 Floated Ports Me:9411 Peer:9411
3-17: 14:20:23:531:4a8 constructing ISAKMP Header
3-17: 14:20:23:531:4a8 constructing ID
3-17: 14:20:23:531:4a8 Received no valid CRPs. Using all configured
3-17: 14:20:23:531:4a8 Looking for IPSec only cert
3-17: 14:20:23:562:4a8 Cert Trustes. 0 100
3-17: 14:20:23:562:4a8 Cert SHA Thumbprint 9f120fd256be49e28c1df547aef9a125
3-17: 14:20:23:562:4a8 6ebef09e
3-17: 14:20:23:562:4a8 CertFindExtenstion failed with 0
3-17: 14:20:23:640:4a8 Entered CRL check
3-17: 14:20:23:671:4a8 Left CRL check
3-17: 14:20:23:671:4a8 Cert SHA Thumbprint 9f120fd256be49e28c1df547aef9a125
3-17: 14:20:23:671:4a8 6ebef09e
3-17: 14:20:23:671:4a8 SubjectName: C=CA, S=Ontario, O=Springboard Retail
Networks Inc., CN=laptop, E=laptop at springboardnetworks.com
3-17: 14:20:23:671:4a8 Cert Serialnumber 02
3-17: 14:20:23:671:4a8 Cert SHA Thumbprint 9f120fd256be49e28c1df547aef9a125
3-17: 14:20:23:671:4a8 6ebef09e
3-17: 14:20:23:671:4a8 SubjectName: C=CA, S=Ontario, L=Toronto,
O=Springboard Retail Networks Inc., CN=OzgUN, E=
ozgun at springboardnetworks.com
3-17: 14:20:23:671:4a8 Cert Serialnumber 7ce887a3f0e91dc800
3-17: 14:20:23:671:4a8 Cert SHA Thumbprint f248c0125dda62bb3fa6c304e1784f8f
3-17: 14:20:23:671:4a8 0225315f
3-17: 14:20:23:671:4a8 Not storing My cert chain in SA.
3-17: 14:20:23:671:4a8 MM ID Type 9
3-17: 14:20:23:671:4a8 MM ID 30818a310b3009060355040613024341
3-17: 14:20:23:671:4a8 3110300e060355040813074f6e746172
3-17: 14:20:23:671:4a8 696f31293027060355040a1320537072
3-17: 14:20:23:671:4a8 696e67626f6172642052657461696c20
3-17: 14:20:23:671:4a8 4e6574776f726b7320496e632e310f30
3-17: 14:20:23:671:4a8 0d060355040313066c6170746f70312d
3-17: 14:20:23:671:4a8 302b06092a864886f70d010901161e6c
3-17: 14:20:23:671:4a8 6170746f7040737072696e67626f6172
3-17: 14:20:23:671:4a8 646e6574776f726b732e636f6d
3-17: 14:20:23:671:4a8 constructing CERT
3-17: 14:20:23:671:4a8 Construct SIG
3-17: 14:20:23:687:4a8 Constructing Cert Request
3-17: 14:20:23:687:4a8 C=CA, S=Ontario, L=Toronto, O=Springboard Retail
Networks Inc., CN=OzgUN, E=ozgun at springboardnetworks.com
3-17: 14:20:23:687:4a8
3-17: 14:20:23:687:4a8 Sending: SA = 0x00103838 to 192.168.1.55:Type 2.4500
3-17: 14:20:23:687:4a8 ISAKMP Header: (V1.0), len = 1452
3-17: 14:20:23:687:4a8 I-COOKIE 8bbfa6c4be7fd312
3-17: 14:20:23:687:4a8 R-COOKIE 7c08bb26f9ce9c0a
3-17: 14:20:23:687:4a8 exchange: Oakley Main Mode
3-17: 14:20:23:687:4a8 flags: 1 ( encrypted )
3-17: 14:20:23:687:4a8 next payload: ID
3-17: 14:20:23:687:4a8 message ID: 00000000
3-17: 14:20:23:687:4a8 Ports S:9411 D:9411
3-17: 14:20:23:703:4a8
3-17: 14:20:23:703:4a8 Receive: (get) SA = 0x00103838 from
192.168.1.55.4500
3-17: 14:20:23:703:4a8 ISAKMP Header: (V1.0), len = 1348
3-17: 14:20:23:703:4a8 I-COOKIE 8bbfa6c4be7fd312
3-17: 14:20:23:703:4a8 R-COOKIE 7c08bb26f9ce9c0a
3-17: 14:20:23:703:4a8 exchange: Oakley Main Mode
3-17: 14:20:23:703:4a8 flags: 1 ( encrypted )
3-17: 14:20:23:703:4a8 next payload: ID
3-17: 14:20:23:703:4a8 message ID: 00000000
3-17: 14:20:23:703:4a8 processing payload ID
3-17: 14:20:23:703:4a8 processing payload CERT
3-17: 14:20:23:703:4a8 processing payload SIG
3-17: 14:20:23:703:4a8 Verifying CertStore
3-17: 14:20:23:703:4a8 SubjectName: C=CA, S=Ontario, L=Toronto, O=Internet
Widgits Pty Ltd, OU=SRN, CN=deneme1, E=deneme1 at springboardnetworks.com
3-17: 14:20:23:703:4a8 Cert Serialnumber 01
3-17: 14:20:23:703:4a8 Cert SHA Thumbprint 173111919eb4dc726dc3cf2f1d6e1d94
3-17: 14:20:23:703:4a8 89f9e522
3-17: 14:20:23:703:4a8 Cert Trustes. 0 100
3-17: 14:20:23:703:4a8 SubjectName: C=CA, S=Ontario, L=Toronto, O=Internet
Widgits Pty Ltd, OU=SRN, CN=deneme1, E=deneme1 at springboardnetworks.com
3-17: 14:20:23:703:4a8 Cert Serialnumber 01
3-17: 14:20:23:703:4a8 Cert SHA Thumbprint 173111919eb4dc726dc3cf2f1d6e1d94
3-17: 14:20:23:703:4a8 89f9e522
3-17: 14:20:23:703:4a8 SubjectName: C=CA, S=Ontario, L=Toronto,
O=Springboard Retail Networks Inc., CN=OzgUN, E=
ozgun at springboardnetworks.com
3-17: 14:20:23:703:4a8 Cert Serialnumber 7ce887a3f0e91dc800
3-17: 14:20:23:703:4a8 Cert SHA Thumbprint f248c0125dda62bb3fa6c304e1784f8f
3-17: 14:20:23:703:4a8 0225315f
3-17: 14:20:23:703:4a8 Not storing Peer's cert chain in SA.
3-17: 14:20:23:703:4a8 Cert SHA Thumbprint 173111919eb4dc726dc3cf2f1d6e1d94
3-17: 14:20:23:703:4a8 89f9e522
3-17: 14:20:23:703:4a8 Entered CRL check
3-17: 14:20:23:703:4a8 Left CRL check
3-17: 14:20:23:703:4a8 CertFindExtenstion failed with 0
3-17: 14:20:23:703:4a8 Signature validated
3-17: 14:20:23:703:4a8 ClearFragList
3-17: 14:20:23:703:4a8 MM established. SA: 00103838
3-17: 14:20:23:703:4a8 QM PolicyName: x4
{cd96cf89-44ae-4f08-800c-0cebebc2d5af} dwFlags 1
3-17: 14:20:23:703:4a8 QMOffer[0] LifetimeKBytes 0 LifetimeSec 0
3-17: 14:20:23:703:4a8 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
3-17: 14:20:23:703:4a8 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
MD5
3-17: 14:20:23:703:4a8 GetSpi: src = 10.10.10.0.0000, dst =
192.168.1.72.0000, proto = 00, context = 0000000B, srcMask = 255.255.255.0,
destMask = 255.255.255.255, TunnelFilter 1
3-17: 14:20:23:703:4a8 Setting SPI 2102453735
3-17: 14:20:23:703:4a8 constructing ISAKMP Header
3-17: 14:20:23:703:4a8 constructing HASH (null)
3-17: 14:20:23:703:4a8 constructing SA (IPSEC)
3-17: 14:20:23:703:4a8 constructing QM KE
3-17: 14:20:23:718:4a8 constructing NONCE (IPSEC)
3-17: 14:20:23:718:4a8 constructing ID (proxy)
3-17: 14:20:23:718:4a8 constructing ID (proxy)
3-17: 14:20:23:718:4a8 constructing HASH (QM)
3-17: 14:20:23:718:4a8
3-17: 14:20:23:718:4a8 Sending: SA = 0x00103838 to 192.168.1.55:Type 2.4500
3-17: 14:20:23:718:4a8 ISAKMP Header: (V1.0), len = 284
3-17: 14:20:23:718:4a8 I-COOKIE 8bbfa6c4be7fd312
3-17: 14:20:23:718:4a8 R-COOKIE 7c08bb26f9ce9c0a
3-17: 14:20:23:718:4a8 exchange: Oakley Quick Mode
3-17: 14:20:23:718:4a8 flags: 1 ( encrypted )
3-17: 14:20:23:718:4a8 next payload: HASH
3-17: 14:20:23:718:4a8 message ID: f49d5836
3-17: 14:20:23:718:4a8 Ports S:9411 D:9411
3-17: 14:20:23:734:4a8
3-17: 14:20:23:734:4a8 Receive: (get) SA = 0x00103838 from
192.168.1.55.4500
3-17: 14:20:23:734:4a8 ISAKMP Header: (V1.0), len = 276
3-17: 14:20:23:734:4a8 I-COOKIE 8bbfa6c4be7fd312
3-17: 14:20:23:734:4a8 R-COOKIE 7c08bb26f9ce9c0a
3-17: 14:20:23:734:4a8 exchange: Oakley Quick Mode
3-17: 14:20:23:734:4a8 flags: 1 ( encrypted )
3-17: 14:20:23:734:4a8 next payload: HASH
3-17: 14:20:23:734:4a8 message ID: f49d5836
3-17: 14:20:23:734:4a8 processing HASH (QM)
3-17: 14:20:23:734:4a8 ClearFragList
3-17: 14:20:23:734:4a8 processing payload NONCE
3-17: 14:20:23:734:4a8 processing payload KE
3-17: 14:20:23:734:4a8 Quick Mode KE processed; Saved KE data
3-17: 14:20:23:734:4a8 processing payload ID
3-17: 14:20:23:734:4a8 processing payload ID
3-17: 14:20:23:734:4a8 processing payload SA
3-17: 14:20:23:734:4a8 Negotiated Proxy ID: Src 192.168.1.72.0 Dst
10.10.10.0.0
3-17: 14:20:23:734:4a8 Dst id for subnet. Mask 255.255.255.0
3-17: 14:20:23:734:4a8 Checking Proposal 1: Proto= ESP(3), num trans=1
Next=0
3-17: 14:20:23:734:4a8 Checking Transform # 1: ID=Triple DES CBC(3)
3-17: 14:20:23:734:4a8 tunnel mode is 61443(61443)
3-17: 14:20:23:734:4a8 HMAC algorithm is MD5(1)
3-17: 14:20:23:734:4a8 group description for PFS is 2
3-17: 14:20:23:734:4a8 Phase 2 SA accepted: proposal=1 transform=1
3-17: 14:20:23:734:4a8 constructing ISAKMP Header
3-17: 14:20:23:734:4a8 constructing HASH (QM)
3-17: 14:20:23:734:4a8 Adding QMs: src = 192.168.1.72.0000, dst =
10.10.10.0.0000, proto = 00, context = 0000000B, my tunnel = 192.168.1.72,
peer tunnel = 192.168.1.55, SrcMask = 0.0.0.0, DestMask =
255.255.255.0Lifetime = 3600 LifetimeKBytes 100000 dwFlags 301
Direction 2 EncapType 3
3-17: 14:20:23:734:4a8 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
MD5
3-17: 14:20:23:734:4a8 Algo[0] MySpi: 2102453735 PeerSpi: 2638595035
3-17: 14:20:23:734:4a8 Encap Ports Src 4500 Dst 4500
3-17: 14:20:23:734:4a8 Skipping Outbound SA add
3-17: 14:20:23:734:4a8 Adding QMs: src = 192.168.1.72.0000, dst =
10.10.10.0.0000, proto = 00, context = 0000000B, my tunnel = 192.168.1.72,
peer tunnel = 192.168.1.55, SrcMask = 0.0.0.0, DestMask =
255.255.255.0Lifetime = 3600 LifetimeKBytes 100000 dwFlags 301
Direction 3 EncapType 3
3-17: 14:20:23:734:4a8 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
MD5
3-17: 14:20:23:734:4a8 Algo[0] MySpi: 2102453735 PeerSpi: 2638595035
3-17: 14:20:23:734:4a8 Encap Ports Src 4500 Dst 4500
3-17: 14:20:23:734:4a8 Skipping Inbound SA add
3-17: 14:20:23:734:4a8 Leaving adjust_peer_list entry 001155B0 MMCount 0
QMCount 1
3-17: 14:20:23:734:4a8 isadb_set_status sa:00103838 centry:0014F288 status
0
3-17: 14:20:23:734:4a8
3-17: 14:20:23:734:4a8 Sending: SA = 0x00103838 to 192.168.1.55:Type 4.4500
3-17: 14:20:23:734:4a8 ISAKMP Header: (V1.0), len = 52
3-17: 14:20:23:734:4a8 I-COOKIE 8bbfa6c4be7fd312
3-17: 14:20:23:734:4a8 R-COOKIE 7c08bb26f9ce9c0a
3-17: 14:20:23:734:4a8 exchange: Oakley Quick Mode
3-17: 14:20:23:734:4a8 flags: 1 ( encrypted )
3-17: 14:20:23:734:4a8 next payload: HASH
3-17: 14:20:23:734:4a8 message ID: f49d5836
3-17: 14:20:23:734:4a8 Ports S:9411 D:9411
3-17: 14:21:23:750:4a8 CE Dead. sa:00103838 ce:0014F288 status:35ef
3-17: 14:22:38:281:f24 isadb_schedule_kill_oldPolicy_sas:
0121e593-e8f5-4db1-ba9b55526764191c 4
3-17: 14:22:38:281:f24 isadb_schedule_kill_oldPolicy_sas:
208d7e19-9d5d-4b8b-a73285c873693365 4
3-17: 14:22:38:281:f24 isadb_schedule_kill_oldPolicy_sas:
365837f5-dc4a-4661-8636baf081e0a618 3
3-17: 14:22:38:281:f24 isadb_schedule_kill_oldPolicy_sas:
a548d5ae-fe95-4a03-8eccf4790622dbfb 3
3-17: 14:22:38:281:f24 isadb_schedule_kill_oldPolicy_sas:
923f95f6-3afd-4d8a-bb3c51d559420224 1
3-17: 14:22:38:281:f24 isadb_schedule_kill_oldPolicy_sas:
cd96cf89-44ae-4f08-800c0cebebc2d5af 2
3-17: 14:22:38:281:4a8 QM Deleted. Notify from driver: Src 192.168.1.72Dest
10.10.10.0 InSPI 2102453735 OutSpi 2638595035 Tunnel 3701a8c0 TunnelFilter
0
3-17: 14:22:38:281:4a8 Leaving adjust_peer_list entry 001155B0 MMCount 0
QMCount 0
3-17: 14:22:38:281:4a8 constructing ISAKMP Header
3-17: 14:22:38:281:4a8 constructing HASH (null)
3-17: 14:22:38:281:4a8 Construct QM Delete Spi 2102453735
3-17: 14:22:38:281:4a8 constructing HASH (Notify/Delete)
3-17: 14:22:38:281:4a8 Not setting retransmit to downlevel client. SA
00103838 Centry 00000000
3-17: 14:22:38:281:4a8
3-17: 14:22:38:281:4a8 Sending: SA = 0x00103838 to 192.168.1.55:Type 1.4500
3-17: 14:22:38:281:4a8 ISAKMP Header: (V1.0), len = 68
3-17: 14:22:38:281:4a8 I-COOKIE 8bbfa6c4be7fd312
3-17: 14:22:38:281:4a8 R-COOKIE 7c08bb26f9ce9c0a
3-17: 14:22:38:281:4a8 exchange: ISAKMP Informational Exchange
3-17: 14:22:38:281:4a8 flags: 1 ( encrypted )
3-17: 14:22:38:281:4a8 next payload: HASH
3-17: 14:22:38:281:4a8 message ID: f903aeb4
3-17: 14:22:38:281:4a8 Ports S:9411 D:9411
3-17: 14:22:38:281:4a8 PrivatePeerAddr 0
3-17: 14:22:38:296:4a8 entered kill_old_policy_sas 4
3-17: 14:22:38:296:4a8 SA Dead. sa:00103838 status:3619
3-17: 14:22:38:296:4a8 isadb_set_status sa:00103838 centry:00000000 status
3619
3-17: 14:22:38:296:4a8 constructing ISAKMP Header
3-17: 14:22:38:296:4a8 constructing HASH (null)
3-17: 14:22:38:296:4a8 constructing DELETE. MM 00103838
3-17: 14:22:38:296:4a8 constructing HASH (Notify/Delete)
3-17: 14:22:38:296:4a8 Not setting retransmit to downlevel client. SA
00103838 Centry 00000000
3-17: 14:22:38:296:4a8
3-17: 14:22:38:296:4a8 Sending: SA = 0x00103838 to 192.168.1.55:Type 1.4500
3-17: 14:22:38:296:4a8 ISAKMP Header: (V1.0), len = 84
3-17: 14:22:38:296:4a8 I-COOKIE 8bbfa6c4be7fd312
3-17: 14:22:38:296:4a8 R-COOKIE 7c08bb26f9ce9c0a
3-17: 14:22:38:296:4a8 exchange: ISAKMP Informational Exchange
3-17: 14:22:38:296:4a8 flags: 1 ( encrypted )
3-17: 14:22:38:296:4a8 next payload: HASH
3-17: 14:22:38:296:4a8 message ID: 44bbc197
3-17: 14:22:38:296:4a8 Ports S:9411 D:9411
3-17: 14:22:38:312:4a8 entered kill_old_policy_sas 4
3-17: 14:22:38:312:4a8
3-17: 14:22:38:312:4a8 Receive: (get) SA = 0x00103838 from
192.168.1.55.4500
3-17: 14:22:38:312:4a8 ISAKMP Header: (V1.0), len = 68
3-17: 14:22:38:312:4a8 I-COOKIE 8bbfa6c4be7fd312
3-17: 14:22:38:312:4a8 R-COOKIE 7c08bb26f9ce9c0a
3-17: 14:22:38:312:4a8 exchange: ISAKMP Informational Exchange
3-17: 14:22:38:312:4a8 flags: 1 ( encrypted )
3-17: 14:22:38:312:4a8 next payload: HASH
3-17: 14:22:38:312:4a8 message ID: c4b84ae3
3-17: 14:22:38:312:4a8 processing HASH (Notify/Delete)
3-17: 14:22:38:312:4a8 processing payload DELETE
3-17: 14:22:38:312:4a8 Asked to delete phase2 SPI we don't own: 2638595035
proto=3
3-17: 14:22:38:312:4a8 entered kill_old_policy_sas 3
3-17: 14:22:38:312:4a8 entered kill_old_policy_sas 3
3-17: 14:22:38:312:4a8 entered kill_old_policy_sas 1
3-17: 14:22:38:312:4a8 entered kill_old_policy_sas 2
3-17: 14:22:38:328:b58
3-17: 14:22:38:328:b58 Receive: (get) SA = 0x00103838 from
192.168.1.55.4500
3-17: 14:22:38:328:b58 ISAKMP Header: (V1.0), len = 84
3-17: 14:22:38:328:b58 I-COOKIE 8bbfa6c4be7fd312
3-17: 14:22:38:328:b58 R-COOKIE 7c08bb26f9ce9c0a
3-17: 14:22:38:328:b58 exchange: ISAKMP Informational Exchange
3-17: 14:22:38:328:b58 flags: 1 ( encrypted )
3-17: 14:22:38:328:b58 next payload: HASH
3-17: 14:22:38:328:b58 message ID: 98a407de
3-17: 14:22:38:328:b58 processing HASH (Notify/Delete)
3-17: 14:22:38:328:b58 processing payload DELETE
3-17: 14:22:40:578:4a8 ClearFragList
3-17: 14:23:25:578:4a8 Peer List Entry 001155B0
>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<
>>>>>>>>>>>>>>>>>>lsipsectool LOG<<<<<<<<<<<<<<<<<<<<<<<<
>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<
14:20:20: Starting Tunnel
14:20:20: IKE Encryption: 3des
IKE Integrity: md5
Remote Gateway Address: 192.168.1.55
Remote Monitor Address: 10.10.10.10
Remote Network: 10.10.10.0/255.255.255.0
Local Address: 192.168.1.72
Local Network: 192.168.1.72/255.255.255.255
14:20:20: WinSock Version High : 514 Version : 2
14:20:20: Init checkconnThread::Entry()
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 0 ECHO REQUEST TO 10.10.10.10 [ FAILED #0 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 1 ECHO REQUEST TO 10.10.10.10 [ FAILED #1 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 2 ECHO REQUEST TO 10.10.10.10 [ FAILED #2 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 3 ECHO REQUEST TO 10.10.10.10 [ FAILED #3 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 4 ECHO REQUEST TO 10.10.10.10 [ FAILED #4 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 5 ECHO REQUEST TO 10.10.10.10 [ FAILED #5 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 6 ECHO REQUEST TO 10.10.10.10 [ FAILED #6 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 7 ECHO REQUEST TO 10.10.10.10 [ FAILED #7 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 8 ECHO REQUEST TO 10.10.10.10 [ FAILED #8 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 9 ECHO REQUEST TO 10.10.10.10 [ FAILED #9 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 10 ECHO REQUEST TO 10.10.10.10 [ FAILED #10 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 11 ECHO REQUEST TO 10.10.10.10 [ FAILED #11 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 12 ECHO REQUEST TO 10.10.10.10 [ FAILED #12 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 13 ECHO REQUEST TO 10.10.10.10 [ FAILED #13 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 14 ECHO REQUEST TO 10.10.10.10 [ FAILED #14 ] [ This is a
nonrecoverable error ]
14:20:23: Comparing 192.168.1.55 = 192.168.1.55
14:20:23: 15 Consecutive Unsuccessfull ECHO REQUEST [ Waiting 5 Secs ]...
14:20:30: 15 ECHO REQUEST TO 10.10.10.10 [ FAILED #0 ] [ Unknow Error Code
11010 ]
14:20:30: Comparing 192.168.1.55 = 192.168.1.55
14:20:33: 16 ECHO REQUEST TO 10.10.10.10 [ FAILED #1 ] [ Unknow Error Code
11010 ]
14:20:33: Comparing 192.168.1.55 = 192.168.1.55
14:20:35: 17 ECHO REQUEST TO 10.10.10.10 [ FAILED #2 ] [ Unknow Error Code
11010 ]
14:20:35: Comparing 192.168.1.55 = 192.168.1.55
14:20:38: 18 ECHO REQUEST TO 10.10.10.10 [ FAILED #3 ] [ Unknow Error Code
11010 ]
14:20:38: Comparing 192.168.1.55 = 192.168.1.55
14:20:40: 19 ECHO REQUEST TO 10.10.10.10 [ FAILED #4 ] [ Unknow Error Code
11010 ]
14:20:40: Comparing 192.168.1.55 = 192.168.1.55
14:20:43: 20 ECHO REQUEST TO 10.10.10.10 [ FAILED #5 ] [ Unknow Error Code
11010 ]
14:20:43: Comparing 192.168.1.55 = 192.168.1.55
14:20:45: 21 ECHO REQUEST TO 10.10.10.10 [ FAILED #6 ] [ Unknow Error Code
11010 ]
14:20:45: Comparing 192.168.1.55 = 192.168.1.55
14:20:48: 22 ECHO REQUEST TO 10.10.10.10 [ FAILED #7 ] [ Unknow Error Code
11010 ]
14:20:48: Comparing 192.168.1.55 = 192.168.1.55
14:20:50: 23 ECHO REQUEST TO 10.10.10.10 [ FAILED #8 ] [ Unknow Error Code
11010 ]
14:20:50: Comparing 192.168.1.55 = 192.168.1.55
14:20:53: 24 ECHO REQUEST TO 10.10.10.10 [ FAILED #9 ] [ Unknow Error Code
11010 ]
14:20:53: Comparing 192.168.1.55 = 192.168.1.55
14:20:55: 25 ECHO REQUEST TO 10.10.10.10 [ FAILED #10 ] [ Unknow Error Code
11010 ]
14:20:55: Comparing 192.168.1.55 = 192.168.1.55
14:20:58: 26 ECHO REQUEST TO 10.10.10.10 [ FAILED #11 ] [ Unknow Error Code
11010 ]
14:20:58: Comparing 192.168.1.55 = 192.168.1.55
14:21:00: 27 ECHO REQUEST TO 10.10.10.10 [ FAILED #12 ] [ Unknow Error Code
11010 ]
14:21:00: Comparing 192.168.1.55 = 192.168.1.55
14:21:03: 28 ECHO REQUEST TO 10.10.10.10 [ FAILED #13 ] [ Unknow Error Code
11010 ]
14:21:03: Comparing 192.168.1.55 = 192.168.1.55
14:21:05: 29 ECHO REQUEST TO 10.10.10.10 [ FAILED #14 ] [ Unknow Error Code
11010 ]
14:21:05: Comparing 192.168.1.55 = 192.168.1.55
14:21:05: 30 Consecutive Unsuccessfull ECHO REQUEST [ Waiting 5 Secs ]...
14:21:13: 30 ECHO REQUEST TO 10.10.10.10 [ FAILED #0 ] [ Unknow Error Code
11010 ]
14:21:13: Comparing 192.168.1.55 = 192.168.1.55
14:21:15: 31 ECHO REQUEST TO 10.10.10.10 [ FAILED #1 ] [ Unknow Error Code
11010 ]
14:21:15: Comparing 192.168.1.55 = 192.168.1.55
14:21:18: 32 ECHO REQUEST TO 10.10.10.10 [ FAILED #2 ] [ Unknow Error Code
11010 ]
14:21:18: Comparing 192.168.1.55 = 192.168.1.55
14:21:20: 33 ECHO REQUEST TO 10.10.10.10 [ FAILED #3 ] [ Unknow Error Code
11010 ]
14:21:20: Comparing 192.168.1.55 = 192.168.1.55
14:21:23: 34 ECHO REQUEST TO 10.10.10.10 [ FAILED #4 ] [ Unknow Error Code
11010 ]
14:21:23: Comparing 192.168.1.55 = 192.168.1.55
14:21:25: 35 ECHO REQUEST TO 10.10.10.10 [ FAILED #5 ] [ Unknow Error Code
11010 ]
14:21:25: Comparing 192.168.1.55 = 192.168.1.55
14:21:28: 36 ECHO REQUEST TO 10.10.10.10 [ FAILED #6 ] [ Unknow Error Code
11010 ]
14:21:28: Comparing 192.168.1.55 = 192.168.1.55
14:21:30: 37 ECHO REQUEST TO 10.10.10.10 [ FAILED #7 ] [ Unknow Error Code
11010 ]
14:21:30: Comparing 192.168.1.55 = 192.168.1.55
14:21:33: 38 ECHO REQUEST TO 10.10.10.10 [ FAILED #8 ] [ Unknow Error Code
11010 ]
14:21:33: Comparing 192.168.1.55 = 192.168.1.55
14:21:35: 39 ECHO REQUEST TO 10.10.10.10 [ FAILED #9 ] [ Unknow Error Code
11010 ]
14:21:35: Comparing 192.168.1.55 = 192.168.1.55
14:21:38: 40 ECHO REQUEST TO 10.10.10.10 [ FAILED #10 ] [ Unknow Error Code
11010 ]
14:21:38: Comparing 192.168.1.55 = 192.168.1.55
14:21:40: 41 ECHO REQUEST TO 10.10.10.10 [ FAILED #11 ] [ Unknow Error Code
11010 ]
14:21:40: Comparing 192.168.1.55 = 192.168.1.55
14:21:43: 42 ECHO REQUEST TO 10.10.10.10 [ FAILED #12 ] [ Unknow Error Code
11010 ]
14:21:43: Comparing 192.168.1.55 = 192.168.1.55
14:21:45: 43 ECHO REQUEST TO 10.10.10.10 [ FAILED #13 ] [ Unknow Error Code
11010 ]
14:21:45: Comparing 192.168.1.55 = 192.168.1.55
14:21:48: 44 ECHO REQUEST TO 10.10.10.10 [ FAILED #14 ] [ Unknow Error Code
11010 ]
14:21:48: Comparing 192.168.1.55 = 192.168.1.55
14:21:48: 45 Consecutive Unsuccessfull ECHO REQUEST [ Waiting 5 Secs ]...
14:21:55: 45 ECHO REQUEST TO 10.10.10.10 [ FAILED #0 ] [ Unknow Error Code
11010 ]
14:21:55: Comparing 192.168.1.55 = 192.168.1.55
14:21:58: 46 ECHO REQUEST TO 10.10.10.10 [ FAILED #1 ] [ Unknow Error Code
11010 ]
14:21:58: Comparing 192.168.1.55 = 192.168.1.55
14:22:00: 47 ECHO REQUEST TO 10.10.10.10 [ FAILED #2 ] [ Unknow Error Code
11010 ]
14:22:00: Comparing 192.168.1.55 = 192.168.1.55
14:22:03: 48 ECHO REQUEST TO 10.10.10.10 [ FAILED #3 ] [ Unknow Error Code
11010 ]
14:22:03: Comparing 192.168.1.55 = 192.168.1.55
14:22:05: 49 ECHO REQUEST TO 10.10.10.10 [ FAILED #4 ] [ Unknow Error Code
11010 ]
14:22:05: Comparing 192.168.1.55 = 192.168.1.55
14:22:08: 50 ECHO REQUEST TO 10.10.10.10 [ FAILED #5 ] [ Unknow Error Code
11010 ]
14:22:08: Comparing 192.168.1.55 = 192.168.1.55
14:22:10: 51 ECHO REQUEST TO 10.10.10.10 [ FAILED #6 ] [ Unknow Error Code
11010 ]
14:22:10: Comparing 192.168.1.55 = 192.168.1.55
14:22:13: 52 ECHO REQUEST TO 10.10.10.10 [ FAILED #7 ] [ Unknow Error Code
11010 ]
14:22:13: Comparing 192.168.1.55 = 192.168.1.55
14:22:15: 53 ECHO REQUEST TO 10.10.10.10 [ FAILED #8 ] [ Unknow Error Code
11010 ]
14:22:15: Comparing 192.168.1.55 = 192.168.1.55
14:22:18: 54 ECHO REQUEST TO 10.10.10.10 [ FAILED #9 ] [ Unknow Error Code
11010 ]
14:22:18: Comparing 192.168.1.55 = 192.168.1.55
14:22:20: 55 ECHO REQUEST TO 10.10.10.10 [ FAILED #10 ] [ Unknow Error Code
11010 ]
14:22:20: Comparing 192.168.1.55 = 192.168.1.55
14:22:23: 56 ECHO REQUEST TO 10.10.10.10 [ FAILED #11 ] [ Unknow Error Code
11010 ]
14:22:23: Comparing 192.168.1.55 = 192.168.1.55
14:22:25: 57 ECHO REQUEST TO 10.10.10.10 [ FAILED #12 ] [ Unknow Error Code
11010 ]
14:22:25: Comparing 192.168.1.55 = 192.168.1.55
14:22:28: 58 ECHO REQUEST TO 10.10.10.10 [ FAILED #13 ] [ Unknow Error Code
11010 ]
14:22:28: Comparing 192.168.1.55 = 192.168.1.55
14:22:30: 59 ECHO REQUEST TO 10.10.10.10 [ FAILED #14 ] [ Unknow Error Code
11010 ]
14:22:30: Comparing 192.168.1.55 = 192.168.1.55
14:22:30: 60 Consecutive Unsuccessfull ECHO REQUEST [ Waiting 5 Secs ]...
14:22:34: Stoping Tunnel
14:22:38: 60 ECHO REQUEST TO 10.10.10.10 [ FAILED #0 ] [ Unknow Error Code
11010 ]
14:22:38: Exit pingThread::OnExit()
14:22:38: Dactivating policy {10f4a3fc-9fcb-40f3-82e1-2c9f0b798028}
>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
>>>>>>>>>>>>>>>>Linux Box LOG /var/log/messages <<<<<<<<<<<<<<<<<
>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Mar 17 14:20:44 linuxserver pluto[6001]: packet from 192.168.1.72:500:
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Mar 17 14:20:44 linuxserver pluto[6001]: packet from 192.168.1.72:500:
ignoring Vendor ID payload [FRAGMENTATION]
Mar 17 14:20:44 linuxserver pluto[6001]: packet from 192.168.1.72:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set
to=106
Mar 17 14:20:44 linuxserver pluto[6001]: packet from 192.168.1.72:500:
ignoring Vendor ID payload [Vid-Initial-Contact]
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[3] 192.168.1.72 #3:
responding to Main Mode from unknown peer 192.168.1.72
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[3] 192.168.1.72 #3:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[3] 192.168.1.72 #3:
STATE_MAIN_R1: sent MR1, expecting MI2
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[3] 192.168.1.72 #3:
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: i am NATed
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[3] 192.168.1.72 #3:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[3] 192.168.1.72 #3:
STATE_MAIN_R2: sent MR2, expecting MI3
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[3] 192.168.1.72 #3:
Main mode peer ID is ID_DER_ASN1_DN: 'C=CA, ST=Ontario, O=Springboard Retail
Networks Inc., CN=laptop, E=laptop at springboardnetworks.com'
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[4] 192.168.1.72 #3:
deleting connection "roadwarrior" instance with peer
192.168.1.72{isakmp=#0/ipsec=#0}
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[4] 192.168.1.72 #3: I
am sending my cert
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[4] 192.168.1.72 #3:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Mar 17 14:20:44 linuxserver pluto[6001]: | NAT-T: new mapping
192.168.1.72:500/4500)
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior"[4] 192.168.1.72 #3:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior-net"[2]
192.168.1.72#4: responding to Quick Mode {msgid:36589df4}
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior-net"[2]
192.168.1.72#4: transition from state STATE_QUICK_R0 to state
STATE_QUICK_R1
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior-net"[2]
192.168.1.72#4: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed,
expecting QI2
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior-net"[2]
192.168.1.72#4: transition from state STATE_QUICK_R1 to state
STATE_QUICK_R2
Mar 17 14:20:44 linuxserver pluto[6001]: "roadwarrior-net"[2]
192.168.1.72#4: STATE_QUICK_R2: IPsec SA established {ESP=>0x7d50e5e7
<0x9d45c3db
xfrm=3DES_0-HMAC_MD5 NATD=192.168.1.72:4500 DPD=none}
Mar 17 14:22:59 linuxserver pluto[6001]: "roadwarrior"[4] 192.168.1.72 #3:
received Delete SA(0x7d50e5e7) payload: deleting IPSEC State #4
Mar 17 14:22:59 linuxserver pluto[6001]: "roadwarrior"[4] 192.168.1.72 #3:
deleting connection "roadwarrior-net" instance with peer
192.168.1.72{isakmp=#0/ipsec=#0}
Mar 17 14:22:59 linuxserver pluto[6001]: "roadwarrior"[4] 192.168.1.72 #3:
received and ignored informational message
Mar 17 14:22:59 linuxserver pluto[6001]: "roadwarrior"[4] 192.168.1.72 #3:
received Delete SA payload: deleting ISAKMP State #3
Mar 17 14:22:59 linuxserver pluto[6001]: "roadwarrior"[4] 192.168.1.72:
deleting connection "roadwarrior" instance with peer
192.168.1.72{isakmp=#0/ipsec=#0}
Mar 17 14:22:59 linuxserver pluto[6001]: packet from 192.168.1.72:4500:
received and ignored informational message
>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060317/085fdb5a/attachment-0001.htm
More information about the Users
mailing list