[Openswan Users] Vista and Openswan L2TP IPSEC vpn connection problem
Oguz Yilmaz
oguzyilmazlist at gmail.com
Sat Dec 22 07:35:51 EST 2007
Hello
I am trying to establish a L2TP vpn connection between a Linux host and
Windows Vista Business.
First of all I have tried with PSK. Then I have tried with certificates.
Below, I have attached some logs about it. (PSK logs are at the end, also)
Mainly I have followed guidelines from
http://www.jacco2.dds.nl/networking/vista-openswan.html.
Vista gives the following error in both PSK and certificate configurations:
Error: 789 "The L2TP connection attempt failed because the security layer
encountered a processing error during initial negotiations with the remote
computer"
Openswan logs says "no connection is known".
Server is not behind any nat, directly connected to the internet.
OS configuaration is 2.6.9-42. Also 2.4.21-40 has the same result and the
symptoms.
Openswan version is 2.4.7.
My configuration with certificates is also attached below.
At this point I need help from the list.
Regards,
Oguz Yilmaz
Labris Teknoloji
*************
ipsec.conf:
version 2.0
config setup
interfaces=""
klipsdebug=none
plutodebug=none
nat_traversal=yes
uniqueids=yes
conn b-labris.l2tp-zcert
authby=rsasig
pfs=no
auth=esp
esp=3des-md5-96
left=EXTERNALIP
leftprotoport=17/1701
leftrsasigkey=%cert
leftcert=vpn-sertifikasi.pem
leftnexthop=EXTERNALIPDEFGW
right=%any
rightsubnet=vhost:%no,%priv
rightprotoport=17/1701
rightrsasigkey=%cert
auto=add
keyingtries=3
rekey=no
rightid=%any
*************
ipsec.secrets:
EXTERNALIP %any : RSA vpn-anahtari.key "labris"
: RSA vpn-anahtari.key "labris"
*************
l2tpd.conf:
[global]
listen-addr = EXTERNALIP
[lns default]
ip range = 172.19.32.250-172.19.32.254
local ip = 172.19.32.1
require chap = yes
refuse pap = yes
require authentication = yes
name = vpngateway
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd
length bit = yes
***************
Windows Logs:
Server address/Phone Number = EXTERNALIP
Device = WAN Miniport (L2TP)
Port = VPN0-1
MediaType = VPN.
Dial-in User = labris4
VpnStrategy = L2TP
DataEncryption = Requested
PrerequisiteEntry =
CompartmentsEnabled = No
AutoLogon = No
UseRasCredentials = Yes
CustomAuthKey =
AuthRestriction Mask = 0x00000220
RasIpv4DefaultGateway = Yes
Ipv4AddressAssignment = By Server
Ipv4DNSServerAssignment = By Server
RasIpv6DefaultGateway = Yes
Ipv6DNSServerAssignment = By Server
IpDnsFlags =
IpNBTEnabled = Yes
UseFlags = Private Connection
IpSecFlags = No Pre-shared key
ConnectOnWinlogon = No.
LOG:
VPN IP address has changed to EXTERNALIP for privacy purposes.
Dec 22 13:45:03 localhost pluto[9179]: Using NETKEY IPsec interface code on
2.6.9-42.EL.LBR1
Dec 22 13:45:03 localhost pluto[9179]: Changing to directory
'/etc/ipsec.d/cacerts'
Dec 22 13:45:03 localhost pluto[9179]: loaded CA cert file 'cacert.pem'
(1001 bytes)
Dec 22 13:45:03 localhost pluto[9179]: loaded host cert file
'/etc/ipsec.d/certs/vpn-sertifikasi.pem' (3237 bytes)
Dec 22 13:45:03 localhost pluto[9179]: added connection description "
b-labris.l2tp-zcert"
Dec 22 13:45:03 localhost pluto[9179]: loading secrets from
"/etc/ipsec.secrets"
Dec 22 13:45:03 localhost pluto[9179]: loaded private key file
'/etc/ipsec.d/private/vpn-anahtari.key' (1606 bytes)
Dec 22 13:45:03 localhost pluto[9179]: loaded private key file
'/etc/ipsec.d/private/vpn-anahtari.key' (1606 bytes)
...
Dec 22 13:45:12 localhost pluto[9179]: packet from 88.254.240.233:500:
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000005]
Dec 22 13:45:12 localhost pluto[9179]: packet from 88.254.240.233:500:
received Vendor ID payload [RFC 3947] method set to=110
Dec 22 13:45:12 localhost pluto[9179]: packet from 88.254.240.233:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but
already using method 110
Dec 22 13:45:12 localhost pluto[9179]: packet from 88.254.240.233:500:
ignoring Vendor ID payload [FRAGMENTATION]
Dec 22 13:45:12 localhost pluto[9179]: packet from 88.254.240.233:500:
ignoring unknown Vendor ID payload [fb1de3cdf341b7ea16b7e5be0855f120]
Dec 22 13:45:12 localhost pluto[9179]: packet from 88.254.240.233:500:
ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 22 13:45:12 localhost pluto[9179]: packet from 88.254.240.233:500:
ignoring unknown Vendor ID payload [e3a5966a76379fe707228231e5ce8652]
Dec 22 13:45:12 localhost pluto[9179]: "b-labris.l2tp-zcert"[1]
88.254.240.233 #6: responding to Main Mode from unknown peer 88.254.240.233
Dec 22 13:45:12 localhost pluto[9179]: "b-labris.l2tp-zcert"[1]
88.254.240.233 #6: Diffie-Hellamn group 20 is not a supported modp group.
Attribute OAKLEY_GROUP_DESCRIPTION
Dec 22 13:45:12 localhost pluto[9179]: "b-labris.l2tp-zcert"[1]
88.254.240.233 #6: Diffie-Hellamn group 19 is not a supported modp group.
Attribute OAKLEY_GROUP_DESCRIPTION
Dec 22 13:45:12 localhost pluto[9179]: "b-labris.l2tp-zcert"[1]
88.254.240.233 #6: transition from state STATE_MAIN_R0 to state
STATE_MAIN_R1
Dec 22 13:45:12 localhost pluto[9179]: "b-labris.l2tp-zcert"[1]
88.254.240.233 #6: STATE_MAIN_R1: sent MR1, expecting MI2
Dec 22 13:45:12 localhost pluto[9179]: "b-labris.l2tp-zcert"[1]
88.254.240.233 #6: NAT-Traversal: Result using RFC 3947 (NAT-Traversal):
peer is NATed
Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[1]
88.254.240.233 #6: transition from state STATE_MAIN_R1 to state
STATE_MAIN_R2
Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[1]
88.254.240.233 #6: STATE_MAIN_R2: sent MR2, expecting MI3
Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[1]
88.254.240.233 #6: Main mode peer ID is ID_DER_ASN1_DN: 'C=TR, ST=AN,
L=Ankara, O=Labris SG User Company, CN=vpngateway'
Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[1]
88.254.240.233 #6: no crl from issuer "C=TR, ST=AN, L=Ankara, O=Labris SG
User Company" found (strict=no)
Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[1]
88.254.240.233 #6: switched from "b-labris.l2tp-zcert" to "
b-labris.l2tp-zcert"
Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #6: deleting connection "b-labris.l2tp-zcert" instance with
peer 88.254.240.233 {isakmp=#0/ipsec=#0}
Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #6: I am sending my cert
Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #6: transition from state STATE_MAIN_R2 to state
STATE_MAIN_R3
Dec 22 13:45:13 localhost pluto[9179]: | NAT-T: new mapping
88.254.240.233:500/4500)
Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #6: STATE_MAIN_R3: sent MR3, ISAKMP SA established
{auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_sha
group=modp2048}
Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #6: cannot respond to IPsec SA request because no connection
is known for EXTERNALIP[C=TR, ST=AN, L=Ankara, O=Labris SG User Company,
CN=vpngateway]:17/1701...88.254.240.233[C=TR, ST=AN, L=Ankara, O=Labris SG
User Company, CN=vpngateway]:17/1701===192.168.2.3/32
Dec 22 13:45:13 localhost pluto[9179]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #6: sending encrypted notification INVALID_ID_INFORMATION to
88.254.240.233:4500
Dec 22 13:45:14 localhost pluto[9179]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #6: Quick Mode I1 message is unacceptable because it uses a
previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 22 13:45:14 localhost pluto[9179]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #6: sending encrypted notification INVALID_MESSAGE_ID to
88.254.240.233:4500
Dec 22 13:45:16 localhost pluto[9179]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #6: Quick Mode I1 message is unacceptable because it uses a
previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 22 13:45:16 localhost pluto[9179]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #6: sending encrypted notification INVALID_MESSAGE_ID to
88.254.240.233:4500
Also detailed debug is below:
*debug=all LOG
...
Dec 22 13:44:14 localhost pluto[8271]: | subject: 'C=TR, ST=AN, L=Ankara,
O=Labris SG User Company, CN=vpngateway'
Dec 22 13:44:14 localhost pluto[8271]: | issuer: 'C=TR, ST=AN, L=Ankara,
O=Labris SG User Company'
Dec 22 13:44:14 localhost pluto[8271]: | authkey:
05:65:14:87:f8:ac:10:9f:5b:15:fb:d0:95:fc:c4:6e:a3:e4:00:e3
Dec 22 13:44:14 localhost pluto[8271]: | not before : Dec 22 09:26:25 UTC
2007
Dec 22 13:44:14 localhost pluto[8271]: | current time: Dec 22 11:44:14 UTC
2007
Dec 22 13:44:14 localhost pluto[8271]: | not after : Nov 21 09:26:25 UTC
2009
Dec 22 13:44:14 localhost pluto[8271]: | certificate for "C=TR, ST=AN,
L=Ankara, O=Labris SG User Company, CN=vpngateway" is valid
Dec 22 13:44:14 localhost pluto[8271]: | issuer cacert "C=TR, ST=AN,
L=Ankara, O=Labris SG User Company" found
Dec 22 13:44:14 localhost pluto[8271]: | signature algorithm:
'md5WithRSAEncryption'
Dec 22 13:44:14 localhost pluto[8271]: | digest: f9 fe cf 26 1f c1 cc
ce b5 29 11 b4 90 d2 81 57
Dec 22 13:44:14 localhost pluto[8271]: | decrypted signature:
Dec 22 13:44:14 localhost pluto[8271]: | 00 00 01 ff ff ff ff ff ff ff
ff ff ff ff ff ff
Dec 22 13:44:14 localhost pluto[8271]: | ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff
Dec 22 13:44:14 localhost last message repeated 3 times
Dec 22 13:44:14 localhost pluto[8271]: | ff ff ff ff ff ff ff ff ff ff
ff ff ff ff 00 30
Dec 22 13:44:14 localhost pluto[8271]: | 20 30 0c 06 08 2a 86 48 86 f7
0d 02 05 05 00 04
Dec 22 13:44:14 localhost pluto[8271]: | 10 f9 fe cf 26 1f c1 cc ce b5
29 11 b4 90 d2 81
Dec 22 13:44:14 localhost pluto[8271]: | 57
Dec 22 13:44:14 localhost pluto[8271]: | valid certificate signature (C=TR,
ST=AN, L=Ankara, O=Labris SG User Company -> C=TR, ST=AN, L=Ankara, O=Labris
SG User Company, CN=vpngateway)
Dec 22 13:44:14 localhost pluto[8271]: "b-labris.l2tp-zcert"[1]
88.254.240.233 #7: no crl from issuer "C=TR, ST=AN, L=Ankara, O=Labris SG
User Company" found (strict=no)
Dec 22 13:44:14 localhost pluto[8271]: | subject: 'C=TR, ST=AN, L=Ankara,
O=Labris SG User Company'
Dec 22 13:44:14 localhost pluto[8271]: | issuer: 'C=TR, ST=AN, L=Ankara,
O=Labris SG User Company'
Dec 22 13:44:14 localhost pluto[8271]: | authkey:
05:65:14:87:f8:ac:10:9f:5b:15:fb:d0:95:fc:c4:6e:a3:e4:00:e3
Dec 22 13:44:14 localhost pluto[8271]: | not before : Dec 22 09:14:05 UTC
2007
Dec 22 13:44:14 localhost pluto[8271]: | current time: Dec 22 11:44:14 UTC
2007
Dec 22 13:44:14 localhost pluto[8271]: | not after : Dec 21 09:14:05 UTC
2008
Dec 22 13:44:14 localhost pluto[8271]: | certificate for "C=TR, ST=AN,
L=Ankara, O=Labris SG User Company" is valid
Dec 22 13:44:14 localhost pluto[8271]: | issuer cacert "C=TR, ST=AN,
L=Ankara, O=Labris SG User Company" found
Dec 22 13:44:14 localhost pluto[8271]: | signature algorithm:
'md5WithRSAEncryption'
Dec 22 13:44:14 localhost pluto[8271]: | digest: 79 60 a9 ae ab 6b 74
b6 df ea f3 fa 15 bf 40 e8
Dec 22 13:44:14 localhost pluto[8271]: | decrypted signature:
Dec 22 13:44:14 localhost pluto[8271]: | 00 00 01 ff ff ff ff ff ff ff
ff ff ff ff ff ff
Dec 22 13:44:14 localhost pluto[8271]: | ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff
Dec 22 13:44:14 localhost last message repeated 3 times
Dec 22 13:44:14 localhost pluto[8271]: | ff ff ff ff ff ff ff ff ff ff
ff ff ff ff 00 30
Dec 22 13:44:14 localhost pluto[8271]: | 20 30 0c 06 08 2a 86 48 86 f7
0d 02 05 05 00 04
Dec 22 13:44:14 localhost pluto[8271]: | 10 79 60 a9 ae ab 6b 74 b6 df
ea f3 fa 15 bf 40
Dec 22 13:44:14 localhost pluto[8271]: | e8
Dec 22 13:44:14 localhost pluto[8271]: | valid certificate signature (C=TR,
ST=AN, L=Ankara, O=Labris SG User Company -> C=TR, ST=AN, L=Ankara, O=Labris
SG User Company)
Dec 22 13:44:14 localhost pluto[8271]: | reached self-signed root ca
Dec 22 13:44:14 localhost pluto[8271]: | Public key validated
Dec 22 13:44:14 localhost pluto[8271]: | unreference key: 0x9df0938 C=TR,
ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway cnt 1--
Dec 22 13:44:14 localhost pluto[8271]: | CR 30 4c 31 0b 30 09 06 03 55 04
06 13 02 54 52 31
Dec 22 13:44:14 localhost pluto[8271]: | 0b 30 09 06 03 55 04 08 13 02
41 4e 31 0f 30 0d
Dec 22 13:44:14 localhost pluto[8271]: | 06 03 55 04 07 13 06 41 6e 6b
61 72 61 31 1f 30
Dec 22 13:44:14 localhost pluto[8271]: | 1d 06 03 55 04 0a 13 16 4c 61
62 72 69 73 20 53
Dec 22 13:44:14 localhost pluto[8271]: | 47 20 55 73 65 72 20 43 6f 6d
70 61 6e 79
Dec 22 13:44:14 localhost pluto[8271]: | requested CA: 'C=TR, ST=AN,
L=Ankara, O=Labris SG User Company'
Dec 22 13:44:14 localhost pluto[8271]: | refine_connection: starting with
b-labris.l2tp-zcert
Dec 22 13:44:14 localhost pluto[8271]: | match_id a=C=TR, ST=AN,
L=Ankara, O=Labris SG User Company, CN=vpngateway
Dec 22 13:44:14 localhost pluto[8271]: | b=88.254.240.233
Dec 22 13:44:14 localhost pluto[8271]: | results fail
Dec 22 13:44:14 localhost pluto[8271]: | trusted_ca called with a=C=TR,
ST=AN, L=Ankara, O=Labris SG User Company b=(empty)
Dec 22 13:44:14 localhost pluto[8271]: | trusted_ca called with a=C=TR,
ST=AN, L=Ankara, O=Labris SG User Company b=C=TR, ST=AN, L=Ankara, O=Labris
SG User Company
Dec 22 13:44:14 localhost pluto[8271]: | refine_connection: checking
b-labris.l2tp-zcert against b-labris.l2tp-zcert, best=(none) with
match=0(id=0/ca=1/reqca=1)
Dec 22 13:44:14 localhost pluto[8271]: | find_host_pair: comparing to
EXTERNALIP:500 88.254.240.233:500
Dec 22 13:44:14 localhost pluto[8271]: | find_host_pair: comparing to
EXTERNALIP:500 0.0.0.0:500
Dec 22 13:44:14 localhost pluto[8271]: | find_host_pair_conn
(refine_host_connection): EXTERNALIP:500 %any:500 -> hp:b-labris.l2tp-zcert
Dec 22 13:44:14 localhost pluto[8271]: | match_id a=C=TR, ST=AN,
L=Ankara, O=Labris SG User Company, CN=vpngateway
Dec 22 13:44:14 localhost pluto[8271]: | b=(none)
Dec 22 13:44:14 localhost pluto[8271]: | results matched
Dec 22 13:44:14 localhost pluto[8271]: | trusted_ca called with a=C=TR,
ST=AN, L=Ankara, O=Labris SG User Company b=(empty)
Dec 22 13:44:14 localhost pluto[8271]: | trusted_ca called with a=C=TR,
ST=AN, L=Ankara, O=Labris SG User Company b=C=TR, ST=AN, L=Ankara, O=Labris
SG User Company
Dec 22 13:44:14 localhost pluto[8271]: | refine_connection: checking
b-labris.l2tp-zcert against b-labris.l2tp-zcert, best=(none) with
match=1(id=1/ca=1/reqca=1)
Dec 22 13:44:14 localhost pluto[8271]: | refine_connection: checked
b-labris.l2tp-zcert against b-labris.l2tp-zcert, now for see if best
Dec 22 13:44:14 localhost pluto[8271]: | started looking for secret for
C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway->(none) of
kind PPK_RSA
Dec 22 13:44:14 localhost pluto[8271]: | searching for certificate
PPK_RSA:AwEAAcds8 vs PPK_RSA:AwEAAcds8
Dec 22 13:44:14 localhost pluto[8271]: | refine_connection: picking new best
b-labris.l2tp-zcert (wild=15, peer_pathlen=7/our=0)
Dec 22 13:44:14 localhost pluto[8271]: | offered CA: 'C=TR, ST=AN, L=Ankara,
O=Labris SG User Company'
Dec 22 13:44:14 localhost pluto[8271]: "b-labris.l2tp-zcert"[1]
88.254.240.233 #7: switched from "b-labris.l2tp-zcert" to "
b-labris.l2tp-zcert"
Dec 22 13:44:14 localhost pluto[8271]: | match_id a=C=TR, ST=AN,
L=Ankara, O=Labris SG User Company, CN=vpngateway
Dec 22 13:44:14 localhost pluto[8271]: | b=(none)
Dec 22 13:44:14 localhost pluto[8271]: | results matched
Dec 22 13:44:14 localhost pluto[8271]: | alg_info_addref()
alg_info->ref_cnt=5
Dec 22 13:44:14 localhost pluto[8271]: | alg_info_addref()
alg_info->ref_cnt=6
Dec 22 13:44:14 localhost pluto[8271]: | find_host_pair: comparing to
EXTERNALIP:500 0.0.0.0:500
Dec 22 13:44:14 localhost pluto[8271]: | find_host_pair: comparing to
EXTERNALIP:500 88.254.240.233:500
Dec 22 13:44:14 localhost pluto[8271]: | connect_to_host_pair:
EXTERNALIP:500 88.254.240.233:500 -> hp:b-labris.l2tp-zcert
Dec 22 13:44:14 localhost pluto[8271]: | instantiated "b-labris.l2tp-zcert"
for 88.254.240.233
Dec 22 13:44:14 localhost pluto[8271]: | processing connection
b-labris.l2tp-zcert[2] 88.254.240.233
Dec 22 13:44:14 localhost pluto[8271]: | hashing 168 bytes of SA
Dec 22 13:44:14 localhost pluto[8271]: | required CA is '%any'
Dec 22 13:44:14 localhost pluto[8271]: | trusted_ca called with a=C=TR,
ST=AN, L=Ankara, O=Labris SG User Company b=(empty)
Dec 22 13:44:14 localhost pluto[8271]: | key issuer CA is 'C=TR, ST=AN,
L=Ankara, O=Labris SG User Company'
Dec 22 13:44:14 localhost pluto[8271]: | an RSA Sig check passed with
*AwEAAcds8 [preloaded key]
Dec 22 13:44:14 localhost pluto[8271]: | authentication succeeded
Dec 22 13:44:14 localhost pluto[8271]: | thinking about whether to send my
certificate:
Dec 22 13:44:14 localhost pluto[8271]: | I have RSA key: OAKLEY_RSA_SIG
cert.type: CERT_X509_SIGNATURE
Dec 22 13:44:14 localhost pluto[8271]: | sendcert: CERT_ALWAYSSEND and I
did not get a certificate request
Dec 22 13:44:14 localhost pluto[8271]: | so send cert.
Dec 22 13:44:14 localhost pluto[8271]: | **emit ISAKMP Message:
Dec 22 13:44:14 localhost pluto[8271]: | initiator cookie:
Dec 22 13:44:14 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63
Dec 22 13:44:14 localhost pluto[8271]: | responder cookie:
Dec 22 13:44:14 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c
Dec 22 13:44:14 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_ID
Dec 22 13:44:14 localhost pluto[8271]: | ISAKMP version: ISAKMP Version
1.0
Dec 22 13:44:14 localhost pluto[8271]: | exchange type:
ISAKMP_XCHG_IDPROT
Dec 22 13:44:14 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION
Dec 22 13:44:14 localhost pluto[8271]: | message ID: 00 00 00 00
Dec 22 13:44:14 localhost pluto[8271]: | ***emit ISAKMP Identification
Payload (IPsec DOI):
Dec 22 13:44:14 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_CERT
Dec 22 13:44:14 localhost pluto[8271]: | ID type: ID_DER_ASN1_DN
Dec 22 13:44:14 localhost pluto[8271]: | Protocol ID: 0
Dec 22 13:44:14 localhost pluto[8271]: | port: 0
Dec 22 13:44:14 localhost pluto[8271]: | emitting 99 raw bytes of my
identity into ISAKMP Identification Payload (IPsec DOI)
Dec 22 13:44:14 localhost pluto[8271]: | my identity 30 61 31 0b 30 09 06
03 55 04 06 13 02 54 52 31
Dec 22 13:44:14 localhost pluto[8271]: | 0b 30 09 06 03 55 04 08 13 02
41 4e 31 0f 30 0d
Dec 22 13:44:14 localhost pluto[8271]: | 06 03 55 04 07 13 06 41 6e 6b
61 72 61 31 1f 30
Dec 22 13:44:14 localhost pluto[8271]: | 1d 06 03 55 04 0a 13 16 4c 61
62 72 69 73 20 53
Dec 22 13:44:14 localhost pluto[8271]: | 47 20 55 73 65 72 20 43 6f 6d
70 61 6e 79 31 13
Dec 22 13:44:14 localhost pluto[8271]: | 30 11 06 03 55 04 03 13 0a 76
70 6e 67 61 74 65
Dec 22 13:44:14 localhost pluto[8271]: | 77 61 79
Dec 22 13:44:14 localhost pluto[8271]: | emitting length of ISAKMP
Identification Payload (IPsec DOI): 107
Dec 22 13:44:14 localhost pluto[8271]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #7: I am sending my cert
Dec 22 13:44:14 localhost pluto[8271]: | ***emit ISAKMP Certificate Payload:
Dec 22 13:44:14 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_SIG
Dec 22 13:44:14 localhost pluto[8271]: | cert encoding:
CERT_X509_SIGNATURE
Dec 22 13:44:14 localhost pluto[8271]: | emitting 761 raw bytes of CERT into
ISAKMP Certificate Payload
Dec 22 13:44:14 localhost pluto[8271]: | CERT 30 82 02 f5 30 82 02 5e a0
03 02 01 02 02 01 01
Dec 22 13:44:14 localhost pluto[8271]: | 30 0d 06 09 2a 86 48 86 f7 0d
01 01 04 05 00 30
Dec 22 13:44:14 localhost pluto[8271]: | 4c 31 0b 30 09 06 03 55 04 06
13 02 54 52 31 0b
Dec 22 13:44:14 localhost pluto[8271]: | 30 09 06 03 55 04 08 13 02 41
4e 31 0f 30 0d 06
Dec 22 13:44:14 localhost pluto[8271]: | 03 55 04 07 13 06 41 6e 6b 61
72 61 31 1f 30 1d
Dec 22 13:44:14 localhost pluto[8271]: | 06 03 55 04 0a 13 16 4c 61 62
72 69 73 20 53 47
Dec 22 13:44:14 localhost pluto[8271]: | 20 55 73 65 72 20 43 6f 6d 70
61 6e 79 30 1e 17
Dec 22 13:44:14 localhost pluto[8271]: | 0d 30 37 31 32 32 32 30 39 32
36 32 35 5a 17 0d
Dec 22 13:44:14 localhost pluto[8271]: | 30 39 31 31 32 31 30 39 32 36
32 35 5a 30 61 31
Dec 22 13:44:14 localhost pluto[8271]: | 0b 30 09 06 03 55 04 06 13 02
54 52 31 0b 30 09
Dec 22 13:44:14 localhost pluto[8271]: | 06 03 55 04 08 13 02 41 4e 31
0f 30 0d 06 03 55
Dec 22 13:44:14 localhost pluto[8271]: | 04 07 13 06 41 6e 6b 61 72 61
31 1f 30 1d 06 03
Dec 22 13:44:14 localhost pluto[8271]: | 55 04 0a 13 16 4c 61 62 72 69
73 20 53 47 20 55
Dec 22 13:44:14 localhost pluto[8271]: | 73 65 72 20 43 6f 6d 70 61 6e
79 31 13 30 11 06
Dec 22 13:44:14 localhost pluto[8271]: | 03 55 04 03 13 0a 76 70 6e 67
61 74 65 77 61 79
Dec 22 13:44:14 localhost pluto[8271]: | 30 81 9f 30 0d 06 09 2a 86 48
86 f7 0d 01 01 01
Dec 22 13:44:14 localhost pluto[8271]: | 05 00 03 81 8d 00 30 81 89 02
81 81 00 c7 6c f2
Dec 22 13:44:14 localhost pluto[8271]: | f6 69 6f c1 3c a9 84 88 23 34
2a 95 19 7c c4 e1
Dec 22 13:44:14 localhost pluto[8271]: | 41 60 e1 da 13 fb 62 71 81 c6
37 de 98 e3 9b 88
Dec 22 13:44:14 localhost pluto[8271]: | 28 5f 6f df 22 2d 40 00 49 2b
7a 57 7b e9 1b 9f
Dec 22 13:44:14 localhost pluto[8271]: | ac 66 09 ad 0c a6 67 a3 b5 b9
33 24 70 8e d1 67
Dec 22 13:44:14 localhost pluto[8271]: | 6b 60 51 65 49 ef b3 e1 3f ed
ab f3 35 77 cd 4b
Dec 22 13:44:14 localhost pluto[8271]: | 53 e1 62 ae 0d a8 d9 9a 99 cb
33 60 d8 a1 a2 0f
Dec 22 13:44:14 localhost pluto[8271]: | 07 9a 02 01 5f 0e b7 dc ce 3a
27 ef fa 3a 98 d4
Dec 22 13:44:14 localhost pluto[8271]: | ab 5c 55 17 f3 59 c7 5f 30 b7
ea e5 83 02 03 01
Dec 22 13:44:14 localhost pluto[8271]: | 00 01 a3 81 d1 30 81 ce 30 09
06 03 55 1d 13 04
Dec 22 13:44:14 localhost pluto[8271]: | 02 30 00 30 2c 06 09 60 86 48
01 86 f8 42 01 0d
Dec 22 13:44:14 localhost pluto[8271]: | 04 1f 16 1d 4f 70 65 6e 53 53
4c 20 47 65 6e 65
Dec 22 13:44:14 localhost pluto[8271]: | 72 61 74 65 64 20 43 65 72 74
69 66 69 63 61 74
Dec 22 13:44:14 localhost pluto[8271]: | 65 30 1d 06 03 55 1d 0e 04 16
04 14 1b f8 cd 1d
Dec 22 13:44:14 localhost pluto[8271]: | 97 c8 c4 0b da 9b bc 5d 66 eb
dc 8f 65 5b f1 0f
Dec 22 13:44:14 localhost pluto[8271]: | 30 74 06 03 55 1d 23 04 6d 30
6b 80 14 05 65 14
Dec 22 13:44:14 localhost pluto[8271]: | 87 f8 ac 10 9f 5b 15 fb d0 95
fc c4 6e a3 e4 00
Dec 22 13:44:14 localhost pluto[8271]: | e3 a1 50 a4 4e 30 4c 31 0b 30
09 06 03 55 04 06
Dec 22 13:44:14 localhost pluto[8271]: | 13 02 54 52 31 0b 30 09 06 03
55 04 08 13 02 41
Dec 22 13:44:14 localhost pluto[8271]: | 4e 31 0f 30 0d 06 03 55 04 07
13 06 41 6e 6b 61
Dec 22 13:44:14 localhost pluto[8271]: | 72 61 31 1f 30 1d 06 03 55 04
0a 13 16 4c 61 62
Dec 22 13:44:14 localhost pluto[8271]: | 72 69 73 20 53 47 20 55 73 65
72 20 43 6f 6d 70
Dec 22 13:44:14 localhost pluto[8271]: | 61 6e 79 82 01 00 30 0d 06 09
2a 86 48 86 f7 0d
Dec 22 13:44:14 localhost pluto[8271]: | 01 01 04 05 00 03 81 81 00 42
85 82 d5 1e 56 91
Dec 22 13:44:14 localhost pluto[8271]: | 22 5d d0 3c ae 90 75 35 31 72
a1 87 1a 7f e4 33
Dec 22 13:44:14 localhost pluto[8271]: | 0e a0 c0 6d 0a c5 ac 18 b5 8c
b2 5b 55 ac 6a 72
Dec 22 13:44:14 localhost pluto[8271]: | 67 ec 9d 47 29 a0 0f f4 1d a9
04 3b a0 33 16 68
Dec 22 13:44:14 localhost pluto[8271]: | ab 61 a7 9c 3c 2a 3f e6 31 2d
6d 0a 99 d5 23 e7
Dec 22 13:44:14 localhost pluto[8271]: | 67 4f 2e e3 d4 e7 11 bc df f9
38 89 89 33 d1 9d
Dec 22 13:44:14 localhost pluto[8271]: | 9e ee 07 a2 71 00 13 55 62 ad
c1 06 6a 1d 2f 9f
Dec 22 13:44:14 localhost pluto[8271]: | 45 54 ca 04 a9 5f 04 e8 ab 4e
50 18 44 08 e1 dd
Dec 22 13:44:14 localhost pluto[8271]: | 4c 11 d0 44 8f 49 be 80 8d
Dec 22 13:44:14 localhost pluto[8271]: | emitting length of ISAKMP
Certificate Payload: 766
Dec 22 13:44:14 localhost pluto[8271]: | hashing 168 bytes of SA
Dec 22 13:44:14 localhost pluto[8271]: | started looking for secret for
C=TR, ST=AN, L=Ankara, O=Labris SG User Company, CN=vpngateway->C=TR, ST=AN,
L=Ankara, O=Labris SG User Company, CN=vpngateway of kind PPK_RSA
Dec 22 13:44:14 localhost pluto[8271]: | searching for certificate
PPK_RSA:AwEAAcds8 vs PPK_RSA:AwEAAcds8
Dec 22 13:44:14 localhost pluto[8271]: | signing hash with RSA Key
*AwEAAcds8
Dec 22 13:44:14 localhost pluto[8271]: | ***emit ISAKMP Signature Payload:
Dec 22 13:44:14 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_NONE
Dec 22 13:44:14 localhost pluto[8271]: | emitting 128 raw bytes of SIG_R
into ISAKMP Signature Payload
Dec 22 13:44:14 localhost pluto[8271]: | SIG_R 5e 6e ab ae b7 60 3c 46 c1
34 77 8d 43 ad 4a db
Dec 22 13:44:14 localhost pluto[8271]: | 28 f8 74 ce 6d 83 aa 0c b0 ac
2c 33 8c d4 fd 7d
Dec 22 13:44:14 localhost pluto[8271]: | 50 f6 c3 8e 1d 73 52 0f 5f c5
9b 52 6f e0 b8 ec
Dec 22 13:44:14 localhost pluto[8271]: | 3d 6f 9c 54 de b7 fb c9 ac 36
5f b7 0f d9 1a 1e
Dec 22 13:44:14 localhost pluto[8271]: | 58 26 3e 24 59 49 d8 a5 30 f0
5e 03 44 2f e5 12
Dec 22 13:44:14 localhost pluto[8271]: | 62 42 0e 8f 9e 6a 6b 83 2a 2f
a7 c2 ee 79 14 06
Dec 22 13:44:14 localhost pluto[8271]: | 5f eb d6 03 2d ce e2 44 78 50
74 b3 b3 e7 6c 38
Dec 22 13:44:14 localhost pluto[8271]: | fb aa ca 22 06 da 5d 0c 4e 3a
65 77 19 30 17 df
Dec 22 13:44:14 localhost pluto[8271]: | emitting length of ISAKMP Signature
Payload: 132
Dec 22 13:44:14 localhost pluto[8271]: | encrypting:
Dec 22 13:44:14 localhost pluto[8271]: | 06 00 00 6b 09 00 00 00 30 61
31 0b 30 09 06 03
Dec 22 13:44:14 localhost pluto[8271]: | 55 04 06 13 02 54 52 31 0b 30
09 06 03 55 04 08
Dec 22 13:44:14 localhost pluto[8271]: | 13 02 41 4e 31 0f 30 0d 06 03
55 04 07 13 06 41
Dec 22 13:44:14 localhost pluto[8271]: | 6e 6b 61 72 61 31 1f 30 1d 06
03 55 04 0a 13 16
Dec 22 13:44:14 localhost pluto[8271]: | 4c 61 62 72 69 73 20 53 47 20
55 73 65 72 20 43
Dec 22 13:44:14 localhost pluto[8271]: | 6f 6d 70 61 6e 79 31 13 30 11
06 03 55 04 03 13
Dec 22 13:44:14 localhost pluto[8271]: | 0a 76 70 6e 67 61 74 65 77 61
79 09 00 02 fe 04
Dec 22 13:44:14 localhost pluto[8271]: | 30 82 02 f5 30 82 02 5e a0 03
02 01 02 02 01 01
Dec 22 13:44:14 localhost pluto[8271]: | 30 0d 06 09 2a 86 48 86 f7 0d
01 01 04 05 00 30
Dec 22 13:44:14 localhost pluto[8271]: | 4c 31 0b 30 09 06 03 55 04 06
13 02 54 52 31 0b
Dec 22 13:44:14 localhost pluto[8271]: | 30 09 06 03 55 04 08 13 02 41
4e 31 0f 30 0d 06
Dec 22 13:44:14 localhost pluto[8271]: | 03 55 04 07 13 06 41 6e 6b 61
72 61 31 1f 30 1d
Dec 22 13:44:14 localhost pluto[8271]: | 06 03 55 04 0a 13 16 4c 61 62
72 69 73 20 53 47
Dec 22 13:44:14 localhost pluto[8271]: | 20 55 73 65 72 20 43 6f 6d 70
61 6e 79 30 1e 17
Dec 22 13:44:14 localhost pluto[8271]: | 0d 30 37 31 32 32 32 30 39 32
36 32 35 5a 17 0d
Dec 22 13:44:14 localhost pluto[8271]: | 30 39 31 31 32 31 30 39 32 36
32 35 5a 30 61 31
Dec 22 13:44:14 localhost pluto[8271]: | 0b 30 09 06 03 55 04 06 13 02
54 52 31 0b 30 09
Dec 22 13:44:14 localhost pluto[8271]: | 06 03 55 04 08 13 02 41 4e 31
0f 30 0d 06 03 55
Dec 22 13:44:14 localhost pluto[8271]: | 04 07 13 06 41 6e 6b 61 72 61
31 1f 30 1d 06 03
Dec 22 13:44:14 localhost pluto[8271]: | 55 04 0a 13 16 4c 61 62 72 69
73 20 53 47 20 55
Dec 22 13:44:14 localhost pluto[8271]: | 73 65 72 20 43 6f 6d 70 61 6e
79 31 13 30 11 06
Dec 22 13:44:14 localhost pluto[8271]: | 03 55 04 03 13 0a 76 70 6e 67
61 74 65 77 61 79
Dec 22 13:44:14 localhost pluto[8271]: | 30 81 9f 30 0d 06 09 2a 86 48
86 f7 0d 01 01 01
Dec 22 13:44:14 localhost pluto[8271]: | 05 00 03 81 8d 00 30 81 89 02
81 81 00 c7 6c f2
Dec 22 13:44:14 localhost pluto[8271]: | f6 69 6f c1 3c a9 84 88 23 34
2a 95 19 7c c4 e1
Dec 22 13:44:14 localhost pluto[8271]: | 41 60 e1 da 13 fb 62 71 81 c6
37 de 98 e3 9b 88
Dec 22 13:44:14 localhost pluto[8271]: | 28 5f 6f df 22 2d 40 00 49 2b
7a 57 7b e9 1b 9f
Dec 22 13:44:14 localhost pluto[8271]: | ac 66 09 ad 0c a6 67 a3 b5 b9
33 24 70 8e d1 67
Dec 22 13:44:14 localhost pluto[8271]: | 6b 60 51 65 49 ef b3 e1 3f ed
ab f3 35 77 cd 4b
Dec 22 13:44:14 localhost pluto[8271]: | 53 e1 62 ae 0d a8 d9 9a 99 cb
33 60 d8 a1 a2 0f
Dec 22 13:44:14 localhost pluto[8271]: | 07 9a 02 01 5f 0e b7 dc ce 3a
27 ef fa 3a 98 d4
Dec 22 13:44:14 localhost pluto[8271]: | ab 5c 55 17 f3 59 c7 5f 30 b7
ea e5 83 02 03 01
Dec 22 13:44:14 localhost pluto[8271]: | 00 01 a3 81 d1 30 81 ce 30 09
06 03 55 1d 13 04
Dec 22 13:44:14 localhost pluto[8271]: | 02 30 00 30 2c 06 09 60 86 48
01 86 f8 42 01 0d
Dec 22 13:44:14 localhost pluto[8271]: | 04 1f 16 1d 4f 70 65 6e 53 53
4c 20 47 65 6e 65
Dec 22 13:44:14 localhost pluto[8271]: | 72 61 74 65 64 20 43 65 72 74
69 66 69 63 61 74
Dec 22 13:44:14 localhost pluto[8271]: | 65 30 1d 06 03 55 1d 0e 04 16
04 14 1b f8 cd 1d
Dec 22 13:44:14 localhost pluto[8271]: | 97 c8 c4 0b da 9b bc 5d 66 eb
dc 8f 65 5b f1 0f
Dec 22 13:44:14 localhost pluto[8271]: | 30 74 06 03 55 1d 23 04 6d 30
6b 80 14 05 65 14
Dec 22 13:44:14 localhost pluto[8271]: | 87 f8 ac 10 9f 5b 15 fb d0 95
fc c4 6e a3 e4 00
Dec 22 13:44:14 localhost pluto[8271]: | e3 a1 50 a4 4e 30 4c 31 0b 30
09 06 03 55 04 06
Dec 22 13:44:14 localhost pluto[8271]: | 13 02 54 52 31 0b 30 09 06 03
55 04 08 13 02 41
Dec 22 13:44:14 localhost pluto[8271]: | 4e 31 0f 30 0d 06 03 55 04 07
13 06 41 6e 6b 61
Dec 22 13:44:14 localhost pluto[8271]: | 72 61 31 1f 30 1d 06 03 55 04
0a 13 16 4c 61 62
Dec 22 13:44:14 localhost pluto[8271]: | 72 69 73 20 53 47 20 55 73 65
72 20 43 6f 6d 70
Dec 22 13:44:14 localhost pluto[8271]: | 61 6e 79 82 01 00 30 0d 06 09
2a 86 48 86 f7 0d
Dec 22 13:44:14 localhost pluto[8271]: | 01 01 04 05 00 03 81 81 00 42
85 82 d5 1e 56 91
Dec 22 13:44:14 localhost pluto[8271]: | 22 5d d0 3c ae 90 75 35 31 72
a1 87 1a 7f e4 33
Dec 22 13:44:14 localhost pluto[8271]: | 0e a0 c0 6d 0a c5 ac 18 b5 8c
b2 5b 55 ac 6a 72
Dec 22 13:44:14 localhost pluto[8271]: | 67 ec 9d 47 29 a0 0f f4 1d a9
04 3b a0 33 16 68
Dec 22 13:44:14 localhost pluto[8271]: | ab 61 a7 9c 3c 2a 3f e6 31 2d
6d 0a 99 d5 23 e7
Dec 22 13:44:14 localhost pluto[8271]: | 67 4f 2e e3 d4 e7 11 bc df f9
38 89 89 33 d1 9d
Dec 22 13:44:14 localhost pluto[8271]: | 9e ee 07 a2 71 00 13 55 62 ad
c1 06 6a 1d 2f 9f
Dec 22 13:44:14 localhost pluto[8271]: | 45 54 ca 04 a9 5f 04 e8 ab 4e
50 18 44 08 e1 dd
Dec 22 13:44:14 localhost pluto[8271]: | 4c 11 d0 44 8f 49 be 80 8d 00
00 00 84 5e 6e ab
Dec 22 13:44:14 localhost pluto[8271]: | ae b7 60 3c 46 c1 34 77 8d 43
ad 4a db 28 f8 74
Dec 22 13:44:14 localhost pluto[8271]: | ce 6d 83 aa 0c b0 ac 2c 33 8c
d4 fd 7d 50 f6 c3
Dec 22 13:44:14 localhost pluto[8271]: | 8e 1d 73 52 0f 5f c5 9b 52 6f
e0 b8 ec 3d 6f 9c
Dec 22 13:44:14 localhost pluto[8271]: | 54 de b7 fb c9 ac 36 5f b7 0f
d9 1a 1e 58 26 3e
Dec 22 13:44:14 localhost pluto[8271]: | 24 59 49 d8 a5 30 f0 5e 03 44
2f e5 12 62 42 0e
Dec 22 13:44:14 localhost pluto[8271]: | 8f 9e 6a 6b 83 2a 2f a7 c2 ee
79 14 06 5f eb d6
Dec 22 13:44:14 localhost pluto[8271]: | 03 2d ce e2 44 78 50 74 b3 b3
e7 6c 38 fb aa ca
Dec 22 13:44:14 localhost pluto[8271]: | 22 06 da 5d 0c 4e 3a 65 77 19
30 17 df
Dec 22 13:44:14 localhost pluto[8271]: | IV:
Dec 22 13:44:14 localhost pluto[8271]: | 07 f7 83 d6 c1 8f 91 73
Dec 22 13:44:14 localhost pluto[8271]: | emitting 3 zero bytes of encryption
padding into ISAKMP Message
Dec 22 13:44:14 localhost pluto[8271]: | encrypting using OAKLEY_3DES_CBC
Dec 22 13:44:14 localhost pluto[8271]: | next IV: eb 89 cc 2a b8 48 d9 8a
Dec 22 13:44:14 localhost pluto[8271]: | emitting length of ISAKMP Message:
1036
Dec 22 13:44:14 localhost pluto[8271]: | last encrypted block of Phase 1:
Dec 22 13:44:14 localhost pluto[8271]: | eb 89 cc 2a b8 48 d9 8a
Dec 22 13:44:14 localhost pluto[8271]: | complete state transition with
STF_OK
Dec 22 13:44:14 localhost pluto[8271]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #7: transition from state STATE_MAIN_R2 to state
STATE_MAIN_R3
Dec 22 13:44:14 localhost pluto[8271]: | sending reply packet to
88.254.240.233:500 (from port=500)
Dec 22 13:44:14 localhost pluto[8271]: | NAT-T: new mapping
88.254.240.233:500/4500)
Dec 22 13:44:14 localhost pluto[8271]: | processing connection
vpnerp-over-adsl2
Dec 22 13:44:14 localhost pluto[8271]: | processing connection
vpnerp-over-adsl2
Dec 22 13:44:14 localhost pluto[8271]: | processing connection
b-labris.l2tp-zcert[1] 88.254.240.233
Dec 22 13:44:14 localhost pluto[8271]: | processing connection
vpnlan2-over-adsl1
Dec 22 13:44:14 localhost pluto[8271]: | processing connection
vpnlan1-over-adsl1
Dec 22 13:44:14 localhost pluto[8271]: | processing connection
vpnlan2-over-adsl1
Dec 22 13:44:14 localhost pluto[8271]: | processing connection
b-labris.l2tp-zcert[2] 88.254.240.233
Dec 22 13:44:14 localhost pluto[8271]: | NAT-T: updating local port to 4500
Dec 22 13:44:14 localhost pluto[8271]: | NAT-T connection has wrong
interface definition EXTERNALIP:4500 vs EXTERNALIP:500
Dec 22 13:44:14 localhost pluto[8271]: | NAT-T: using interface ppp0:4500
Dec 22 13:44:14 localhost pluto[8271]: | sending 1036 bytes for
STATE_MAIN_R2 through ppp0:4500 to 88.254.240.233:4500:
Dec 22 13:44:14 localhost pluto[8271]: | 00 00 00 00 54 0b 44 fa 30 5f
01 63 48 e2 02 2f
Dec 22 13:44:14 localhost pluto[8271]: | ab 05 97 7c 05 10 02 01 00 00
00 00 00 00 04 0c
Dec 22 13:44:14 localhost pluto[8271]: | df 41 1f 50 4b 5b 61 44 31 7c
21 91 7c d1 82 34
Dec 22 13:44:14 localhost pluto[8271]: | e3 28 4a 52 3c 4c 89 a4 ac 1b
be 2e 3b 79 0a b5
Dec 22 13:44:14 localhost pluto[8271]: | 92 52 99 31 e7 7c db e4 db 11
f6 8c 0e a7 40 4f
Dec 22 13:44:14 localhost pluto[8271]: | 1b 8b 11 86 bb 7e 15 50 e6 09
3c 86 6c 31 50 d5
Dec 22 13:44:14 localhost pluto[8271]: | 41 f8 c8 96 dc e9 e3 22 20 ba
5e df 41 98 12 02
Dec 22 13:44:14 localhost pluto[8271]: | f2 d4 e8 69 f2 97 ef f9 bf e3
dd 5e ba 27 4c b6
Dec 22 13:44:14 localhost pluto[8271]: | fe 14 dc 33 e9 53 57 91 56 75
5d ad 7b 0f ea 75
Dec 22 13:44:14 localhost pluto[8271]: | 3e 80 ef 5e 99 08 0d fc 39 5e
1a 82 42 d6 49 d3
Dec 22 13:44:14 localhost pluto[8271]: | 10 3b 67 2d ea bc 1c 67 b9 ce
14 cb a8 80 a9 9a
Dec 22 13:44:14 localhost pluto[8271]: | 8b 4f f1 dd b7 be f7 10 19 58
6a 4a 65 55 2e 8c
Dec 22 13:44:14 localhost pluto[8271]: | b5 65 81 27 26 bd 68 57 55 24
38 18 fd c6 29 e5
Dec 22 13:44:14 localhost pluto[8271]: | f1 b9 b6 cb 62 ee 22 a3 44 57
1e 9a 90 fb f0 97
Dec 22 13:44:14 localhost pluto[8271]: | 1c eb c7 31 f4 57 ff e3 3e 5b
35 a1 c5 9d 0b ba
Dec 22 13:44:14 localhost pluto[8271]: | 48 f6 ff 3c 0e f7 18 b0 e5 89
75 cc a4 a0 a1 60
Dec 22 13:44:14 localhost pluto[8271]: | 1b 0e cd 55 e8 65 fb d7 3f 72
85 c0 2a c5 fd 2d
Dec 22 13:44:14 localhost pluto[8271]: | 6d a6 c0 e5 34 34 5e ae 1e 2f
63 50 b3 81 d9 b2
Dec 22 13:44:14 localhost pluto[8271]: | b1 6d b4 74 2e b7 2a a5 08 c6
e5 23 b6 a6 63 8d
Dec 22 13:44:15 localhost pluto[8271]: | e2 34 fa a6 ef be 01 9f e2 65
a9 c7 01 de 41 b4
Dec 22 13:44:15 localhost pluto[8271]: | df c3 d0 1a 98 50 80 21 75 64
b4 9f 6a 02 4b c6
Dec 22 13:44:15 localhost pluto[8271]: | c3 80 98 22 a6 d4 c8 c8 63 12
4b 3d 84 f1 6c ce
Dec 22 13:44:15 localhost pluto[8271]: | 52 6b 16 cb 6e d1 4d 38 97 ad
7e 60 bd 23 3b d3
Dec 22 13:44:15 localhost pluto[8271]: | 04 35 d7 50 54 50 13 a2 2f f6
c1 4e 74 ab 51 91
Dec 22 13:44:15 localhost pluto[8271]: | 5a 75 65 2a 1e 14 aa fc 8e 9e
f7 fd 1d 7c 2f 7f
Dec 22 13:44:15 localhost pluto[8271]: | c6 e8 21 93 cb 61 72 0c 84 27
9c ea 98 a3 37 cb
Dec 22 13:44:15 localhost pluto[8271]: | 13 28 b0 d6 28 b3 2d 35 cd ab
44 44 5d 78 c8 54
Dec 22 13:44:15 localhost pluto[8271]: | f9 07 4d ce 28 cd 4a 3c 95 b8
13 1f 82 ad 73 d3
Dec 22 13:44:15 localhost pluto[8271]: | 8e d6 f3 3e c8 a8 12 05 52 31
3c 15 e0 0d 3f 9c
Dec 22 13:44:15 localhost pluto[8271]: | aa de a2 e5 b3 aa 6a 20 b3 d4
25 7f 6f 79 68 a4
Dec 22 13:44:15 localhost pluto[8271]: | 6c 8b 9a 67 4a 53 7f 1e 6f 1b
2c 51 02 46 5a 4d
Dec 22 13:44:15 localhost pluto[8271]: | 8e fd 7b c3 9e b2 a5 de 10 18
5e 97 21 0d 2f b7
Dec 22 13:44:15 localhost pluto[8271]: | bf a6 dd d5 a9 8b 2a e7 7a ec
a5 da 85 38 1a 0c
Dec 22 13:44:15 localhost pluto[8271]: | e2 6e d6 cb 61 88 f3 5f 3e 5d
b9 bf 7e d1 19 3f
Dec 22 13:44:15 localhost pluto[8271]: | be 7d 36 23 e9 62 12 ae d3 4c
88 fb 11 c9 46 3b
Dec 22 13:44:15 localhost pluto[8271]: | ad 18 3b f4 e3 15 13 cc 20 b8
d2 fa 7d a7 b1 84
Dec 22 13:44:15 localhost pluto[8271]: | bb f1 4a 90 d6 15 02 d1 17 70
60 e5 63 bb 3b d1
Dec 22 13:44:15 localhost pluto[8271]: | c7 e5 c4 05 8c bd 80 2c e3 1d
85 17 7e 54 8e 2a
Dec 22 13:44:15 localhost pluto[8271]: | b5 54 e3 a5 bc dd 64 23 10 74
e5 9b 9a 15 0c 7a
Dec 22 13:44:15 localhost pluto[8271]: | d8 2e 84 d1 36 40 c8 5e 12 6e
4c 37 1a 97 3a 4a
Dec 22 13:44:15 localhost pluto[8271]: | 2e 73 50 7d 5c f7 91 bd c6 3b
a8 39 55 e8 64 81
Dec 22 13:44:15 localhost pluto[8271]: | 51 31 32 35 9e 88 d7 81 7e ab
5b d4 55 9b 43 d3
Dec 22 13:44:15 localhost pluto[8271]: | d6 a3 ca 12 8f 86 18 7c 46 8e
8b 73 1c 27 30 aa
Dec 22 13:44:15 localhost pluto[8271]: | 78 30 1d fb a8 cf db 90 04 51
14 b9 30 7b b7 bf
Dec 22 13:44:15 localhost pluto[8271]: | c1 a6 a6 d1 61 b3 af d2 ce e7
01 96 27 a6 a6 87
Dec 22 13:44:15 localhost pluto[8271]: | 15 85 a0 0b e3 cd 05 74 9c 85
47 88 0d a4 2a bc
Dec 22 13:44:15 localhost pluto[8271]: | 25 f6 d4 a4 6b e2 b4 47 25 b6
29 aa f5 86 b5 72
Dec 22 13:44:15 localhost pluto[8271]: | a1 49 d0 87 09 ab a4 bf c1 de
df 59 af 1e 9a e3
Dec 22 13:44:15 localhost pluto[8271]: | 97 3b 6c 72 a0 6f 99 07 65 dd
a4 28 26 79 8c f6
Dec 22 13:44:15 localhost pluto[8271]: | 17 94 e6 c9 5e 55 8b e7 89 2d
fc 78 7d 11 6b 1d
Dec 22 13:44:15 localhost pluto[8271]: | 6f e8 98 fb fa a3 f3 26 c0 4d
cf a7 cc f6 68 0c
Dec 22 13:44:15 localhost pluto[8271]: | e6 1f 28 04 5f 4c 85 f9 dd 7c
82 6c 2d e9 f0 13
Dec 22 13:44:15 localhost pluto[8271]: | 24 63 a4 f5 9d 25 db 94 30 c6
e7 1c 08 06 21 74
Dec 22 13:44:15 localhost pluto[8271]: | bf d9 2e d1 05 08 6a 1c 27 53
df 3d fb 1d 30 92
Dec 22 13:44:15 localhost pluto[8271]: | 7d 28 78 85 e2 25 de 0b ed 57
bf d9 7a 92 81 c1
Dec 22 13:44:15 localhost pluto[8271]: | 57 1c ec 0c 9b 1d 0f 7e b7 ad
d2 8c 9a 11 b4 97
Dec 22 13:44:15 localhost pluto[8271]: | 87 ed cf 13 c7 b1 46 67 c4 c1
ce 2b 76 10 7a 30
Dec 22 13:44:15 localhost pluto[8271]: | f9 4c a3 87 03 7d c0 0e 5b db
38 f5 b1 10 db 13
Dec 22 13:44:15 localhost pluto[8271]: | 46 43 32 ee dd ff bd 00 59 3f
44 04 0a 63 c9 9d
Dec 22 13:44:15 localhost pluto[8271]: | 45 0a 2f d8 c6 9c 8c 5b 8e 19
c7 06 ef 00 59 37
Dec 22 13:44:15 localhost pluto[8271]: | 38 9f 1a 91 8e 2a d7 86 ab 4e
c1 24 b2 2d 35 6f
Dec 22 13:44:15 localhost pluto[8271]: | 8d 93 df e6 59 51 a7 f6 23 b1
47 5a 7a 5b 96 5b
Dec 22 13:44:15 localhost pluto[8271]: | ad 81 e2 67 f0 53 62 11 33 53
c6 df 01 d8 da d4
Dec 22 13:44:15 localhost pluto[8271]: | 2a 8d 29 01 cc 14 fc 32 e3 11
54 04 44 59 58 70
Dec 22 13:44:15 localhost pluto[8271]: | 75 36 9f ba 8d 58 85 91 eb 89
cc 2a b8 48 d9 8a
Dec 22 13:44:15 localhost pluto[8271]: | inserting event EVENT_SA_EXPIRE,
timeout in 28800 seconds for #7
Dec 22 13:44:15 localhost pluto[8271]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #7: STATE_MAIN_R3: sent MR3, ISAKMP SA established
{auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_sha
group=modp2048}
Dec 22 13:44:15 localhost pluto[8271]: | modecfg pull: noquirk policy:push
not-client
Dec 22 13:44:15 localhost pluto[8271]: | phase 1 is done, looking for phase
1 to unpend
Dec 22 13:44:15 localhost pluto[8271]: | next event EVENT_RETRANSMIT in 17
seconds for #2
Dec 22 13:44:15 localhost pluto[8271]: |
Dec 22 13:44:15 localhost pluto[8271]: | *received 316 bytes from
88.254.240.233:4500 on ppp0 (port=4500)
Dec 22 13:44:15 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63 48 e2
02 2f ab 05 97 7c
Dec 22 13:44:15 localhost pluto[8271]: | 08 10 20 01 00 00 00 01 00 00
01 3c bb 44 ad cc
Dec 22 13:44:15 localhost pluto[8271]: | c2 c4 88 3d 92 d2 45 b4 e9 a0
e5 2f 62 c6 33 e8
Dec 22 13:44:15 localhost pluto[8271]: | a8 6c d5 a5 38 63 ce ca ac dd
3b 22 ba 48 a1 4b
Dec 22 13:44:15 localhost pluto[8271]: | 58 47 11 32 91 79 62 c8 67 cb
45 56 69 95 00 a3
Dec 22 13:44:15 localhost pluto[8271]: | 35 6f 81 92 d7 bf 77 a4 6a b9
7b a0 81 9c fc d8
Dec 22 13:44:15 localhost pluto[8271]: | 3e b7 5a 14 f1 5e 69 a1 4c 14
99 d1 6e 25 9d ef
Dec 22 13:44:15 localhost pluto[8271]: | 2c b4 3f 3f 12 d6 8c 45 c1 67
b9 17 c5 7e 3d 1e
Dec 22 13:44:15 localhost pluto[8271]: | 0e 05 b8 89 db 6e e8 13 21 dd
2e 6a 69 2b f0 0c
Dec 22 13:44:15 localhost pluto[8271]: | 2d 51 f2 83 80 93 60 75 e4 4d
4e 44 0f cd 95 4b
Dec 22 13:44:15 localhost pluto[8271]: | 10 0d 64 9b 29 c4 57 71 ff d8
a2 d0 c7 da 88 74
Dec 22 13:44:15 localhost pluto[8271]: | 7d 35 e9 7f db 1f a1 3b 2b 96
75 dc 3d 3d 9f 9e
Dec 22 13:44:15 localhost pluto[8271]: | 04 56 44 98 ff 32 48 78 9b 0f
76 67 71 37 02 c8
Dec 22 13:44:15 localhost pluto[8271]: | 75 f0 38 eb e2 56 23 ba 7f 73
e5 bf 1b e6 f6 9a
Dec 22 13:44:15 localhost pluto[8271]: | fb b2 c6 1f 26 2a 73 ff fe 0c
c0 c4 94 fb 4e 51
Dec 22 13:44:15 localhost pluto[8271]: | 99 a2 7c e0 b1 62 b9 e5 c1 ea
2e 7d 1b 62 f3 a2
Dec 22 13:44:15 localhost pluto[8271]: | 81 59 30 d9 30 4c d4 e8 6a f5
3a 11 b6 cb 59 be
Dec 22 13:44:15 localhost pluto[8271]: | 8e 2a a2 f2 52 13 ca 6d 18 82
57 f1 a2 26 9a af
Dec 22 13:44:15 localhost pluto[8271]: | 22 6e 24 bc ba 15 6f 3d a8 a6
50 9e 12 8c f5 b6
Dec 22 13:44:15 localhost pluto[8271]: | fc 88 60 36 f5 d1 88 f5 ad b6
2f 03
Dec 22 13:44:15 localhost pluto[8271]: | **parse ISAKMP Message:
Dec 22 13:44:15 localhost pluto[8271]: | initiator cookie:
Dec 22 13:44:15 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63
Dec 22 13:44:15 localhost pluto[8271]: | responder cookie:
Dec 22 13:44:15 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c
Dec 22 13:44:15 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_HASH
Dec 22 13:44:15 localhost pluto[8271]: | ISAKMP version: ISAKMP Version
1.0
Dec 22 13:44:15 localhost pluto[8271]: | exchange type: ISAKMP_XCHG_QUICK
Dec 22 13:44:15 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION
Dec 22 13:44:15 localhost pluto[8271]: | message ID: 00 00 00 01
Dec 22 13:44:15 localhost pluto[8271]: | length: 316
Dec 22 13:44:15 localhost pluto[8271]: | processing packet with exchange
type=ISAKMP_XCHG_QUICK (32)
Dec 22 13:44:15 localhost pluto[8271]: | ICOOKIE: 54 0b 44 fa 30 5f 01 63
Dec 22 13:44:15 localhost pluto[8271]: | RCOOKIE: 48 e2 02 2f ab 05 97 7c
Dec 22 13:44:15 localhost pluto[8271]: | peer: 58 fe f0 e9
Dec 22 13:44:15 localhost pluto[8271]: | state hash entry 27
Dec 22 13:44:15 localhost pluto[8271]: | peer and cookies match on #7,
provided msgid 00000001 vs 00000000
Dec 22 13:44:15 localhost pluto[8271]: | state object not found
Dec 22 13:44:15 localhost pluto[8271]: | ICOOKIE: 54 0b 44 fa 30 5f 01 63
Dec 22 13:44:15 localhost pluto[8271]: | RCOOKIE: 48 e2 02 2f ab 05 97 7c
Dec 22 13:44:15 localhost pluto[8271]: | peer: 58 fe f0 e9
Dec 22 13:44:15 localhost pluto[8271]: | state hash entry 27
Dec 22 13:44:15 localhost pluto[8271]: | peer and cookies match on #7,
provided msgid 00000000 vs 00000000
Dec 22 13:44:15 localhost pluto[8271]: | state object #7 found, in
STATE_MAIN_R3
Dec 22 13:44:15 localhost pluto[8271]: | processing connection
b-labris.l2tp-zcert[2] 88.254.240.233
Dec 22 13:44:15 localhost pluto[8271]: | last Phase 1 IV: eb 89 cc 2a b8
48 d9 8a
Dec 22 13:44:15 localhost pluto[8271]: | current Phase 1 IV: eb 89 cc 2a
b8 48 d9 8a
Dec 22 13:44:15 localhost pluto[8271]: | computed Phase 2 IV:
Dec 22 13:44:15 localhost pluto[8271]: | e3 d9 57 c5 aa 81 1e d1 3b 99
ae 4b b9 86 e4 bd
Dec 22 13:44:15 localhost pluto[8271]: | a2 c1 d4 c1
Dec 22 13:44:15 localhost pluto[8271]: | received encrypted packet from
88.254.240.233:4500
Dec 22 13:44:15 localhost pluto[8271]: | decrypting 288 bytes using
algorithm OAKLEY_3DES_CBC
Dec 22 13:44:15 localhost pluto[8271]: | decrypted:
Dec 22 13:44:15 localhost pluto[8271]: | 01 00 00 18 25 cb c3 51 fa f5
1b 29 42 16 68 c3
Dec 22 13:44:15 localhost pluto[8271]: | 65 cc 5a bd 35 7e 8b 52 0a 00
00 ac 00 00 00 01
Dec 22 13:44:15 localhost pluto[8271]: | 00 00 00 01 02 00 00 38 01 03
04 01 5a 09 a3 30
Dec 22 13:44:15 localhost pluto[8271]: | 00 00 00 2c 01 0c 00 00 80 04
00 04 80 06 00 80
Dec 22 13:44:15 localhost pluto[8271]: | 80 05 00 02 80 01 00 01 00 02
00 04 00 00 0e 10
Dec 22 13:44:15 localhost pluto[8271]: | 80 01 00 02 00 02 00 04 00 03
d0 90 02 00 00 34
Dec 22 13:44:15 localhost pluto[8271]: | 02 03 04 01 5a 09 a3 30 00 00
00 28 01 03 00 00
Dec 22 13:44:15 localhost pluto[8271]: | 80 04 00 04 80 05 00 02 80 01
00 01 00 02 00 04
Dec 22 13:44:15 localhost pluto[8271]: | 00 00 0e 10 80 01 00 02 00 02
00 04 00 03 d0 90
Dec 22 13:44:15 localhost pluto[8271]: | 00 00 00 34 03 03 04 01 5a 09
a3 30 00 00 00 28
Dec 22 13:44:15 localhost pluto[8271]: | 01 0b 00 00 80 04 00 04 80 05
00 02 80 01 00 01
Dec 22 13:44:15 localhost pluto[8271]: | 00 02 00 04 00 00 0e 10 80 01
00 02 00 02 00 04
Dec 22 13:44:15 localhost pluto[8271]: | 00 03 d0 90 05 00 00 34 09 20
d0 75 a1 c5 1b 39
Dec 22 13:44:15 localhost pluto[8271]: | 8e 56 91 09 40 c7 a8 70 13 19
93 a0 f8 56 52 e0
Dec 22 13:44:15 localhost pluto[8271]: | 5b b6 e5 ae 5f 87 19 fa ba 9c
71 83 1a 59 a2 b7
Dec 22 13:44:15 localhost pluto[8271]: | 3b b9 af 04 9a b1 2a d1 05 00
00 0c 01 11 06 a5
Dec 22 13:44:15 localhost pluto[8271]: | c0 a8 02 03 15 00 00 0c 01 11
06 a5 58 e1 e8 6f
Dec 22 13:44:15 localhost pluto[8271]: | 00 00 00 0c 01 00 00 00 c0 a8
02 03 00 00 00 00
Dec 22 13:44:15 localhost pluto[8271]: | next IV: f5 d1 88 f5 ad b6 2f 03
Dec 22 13:44:15 localhost pluto[8271]: | ***parse ISAKMP Hash Payload:
Dec 22 13:44:15 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_SA
Dec 22 13:44:15 localhost pluto[8271]: | length: 24
Dec 22 13:44:15 localhost pluto[8271]: | ***parse ISAKMP Security
Association Payload:
Dec 22 13:44:15 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_NONCE
Dec 22 13:44:15 localhost pluto[8271]: | length: 172
Dec 22 13:44:15 localhost pluto[8271]: | DOI: ISAKMP_DOI_IPSEC
Dec 22 13:44:15 localhost pluto[8271]: | ***parse ISAKMP Nonce Payload:
Dec 22 13:44:15 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_ID
Dec 22 13:44:15 localhost pluto[8271]: | length: 52
Dec 22 13:44:15 localhost pluto[8271]: | ***parse ISAKMP Identification
Payload (IPsec DOI):
Dec 22 13:44:15 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_ID
Dec 22 13:44:15 localhost pluto[8271]: | length: 12
Dec 22 13:44:15 localhost pluto[8271]: | ID type: ID_IPV4_ADDR
Dec 22 13:44:15 localhost pluto[8271]: | Protocol ID: 17
Dec 22 13:44:15 localhost pluto[8271]: | port: 1701
Dec 22 13:44:15 localhost pluto[8271]: | ***parse ISAKMP Identification
Payload (IPsec DOI):
Dec 22 13:44:15 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_NAT-OA
Dec 22 13:44:15 localhost pluto[8271]: | length: 12
Dec 22 13:44:15 localhost pluto[8271]: | ID type: ID_IPV4_ADDR
Dec 22 13:44:15 localhost pluto[8271]: | Protocol ID: 17
Dec 22 13:44:15 localhost pluto[8271]: | port: 1701
Dec 22 13:44:15 localhost pluto[8271]: | ***parse ISAKMP NAT-OA Payload:
Dec 22 13:44:15 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_NONE
Dec 22 13:44:15 localhost pluto[8271]: | length: 12
Dec 22 13:44:15 localhost pluto[8271]: | ID type: ID_IPV4_ADDR
Dec 22 13:44:15 localhost pluto[8271]: | removing 4 bytes of padding
Dec 22 13:44:15 localhost pluto[8271]: | HASH(1) computed:
Dec 22 13:44:15 localhost pluto[8271]: | 25 cb c3 51 fa f5 1b 29 42 16
68 c3 65 cc 5a bd
Dec 22 13:44:15 localhost pluto[8271]: | 35 7e 8b 52
Dec 22 13:44:15 localhost pluto[8271]: | peer client is 192.168.2.3
Dec 22 13:44:15 localhost pluto[8271]: | peer client protocol/port is
17/1701
Dec 22 13:44:15 localhost pluto[8271]: | our client is EXTERNALIP
Dec 22 13:44:15 localhost pluto[8271]: | our client protocol/port is 17/1701
Dec 22 13:44:15 localhost pluto[8271]: | find_client_connection starting
with b-labris.l2tp-zcert
Dec 22 13:44:15 localhost pluto[8271]: | looking for EXTERNALIP/32:17/1701
-> 192.168.2.3/32:17/1701
Dec 22 13:44:15 localhost pluto[8271]: | concrete checking against sr#0
EXTERNALIP/32 -> 0.0.0.0/32
Dec 22 13:44:15 localhost pluto[8271]: | match_id a=C=TR, ST=AN,
L=Ankara, O=Labris SG User Company, CN=vpngateway
Dec 22 13:44:15 localhost pluto[8271]: | b=C=TR, ST=AN,
L=Ankara, O=Labris SG User Company, CN=vpngateway
Dec 22 13:44:15 localhost pluto[8271]: | results matched
Dec 22 13:44:15 localhost pluto[8271]: | trusted_ca called with a=(empty)
b=(empty)
Dec 22 13:44:15 localhost pluto[8271]: | fc_try trying
b-labris.l2tp-zcert:EXTERNALIP/32:17/1701 -> 192.168.2.3/32:17/1701 vs
b-labris.l2tp-zcert:EXTERNALIP/32:17/1701 -> 0.0.0.0/32:17/1701
Dec 22 13:44:15 localhost pluto[8271]: | match_id a=C=TR, ST=AN,
L=Ankara, O=Labris SG User Company, CN=vpngateway
Dec 22 13:44:15 localhost pluto[8271]: | b=88.254.240.233
Dec 22 13:44:15 localhost pluto[8271]: | results fail
Dec 22 13:44:15 localhost pluto[8271]: | fc_try concluding with none [0]
Dec 22 13:44:15 localhost pluto[8271]: | fc_try b-labris.l2tp-zcert gives
none
Dec 22 13:44:15 localhost pluto[8271]: | find_host_pair: comparing to
EXTERNALIP:500 88.254.240.233:500
Dec 22 13:44:15 localhost pluto[8271]: | find_host_pair: comparing to
EXTERNALIP:500 0.0.0.0:500
Dec 22 13:44:15 localhost pluto[8271]: | checking hostpair EXTERNALIP/32
-> 0.0.0.0/32 is found
Dec 22 13:44:15 localhost pluto[8271]: | match_id a=C=TR, ST=AN,
L=Ankara, O=Labris SG User Company, CN=vpngateway
Dec 22 13:44:15 localhost pluto[8271]: | b=(none)
Dec 22 13:44:15 localhost pluto[8271]: | results matched
Dec 22 13:44:15 localhost pluto[8271]: | trusted_ca called with a=(empty)
b=(empty)
Dec 22 13:44:15 localhost pluto[8271]: | fc_try trying
b-labris.l2tp-zcert:EXTERNALIP/32:17/1701 -> 192.168.2.3/32:17/1701 vs
b-labris.l2tp-zcert:EXTERNALIP/32:17/1701 -> 0.0.0.0/32:17/1701
Dec 22 13:44:15 localhost pluto[8271]: | fc_try concluding with none [0]
Dec 22 13:44:15 localhost pluto[8271]: | match_id a=C=TR, ST=AN,
L=Ankara, O=Labris SG User Company, CN=vpngateway
Dec 22 13:44:15 localhost pluto[8271]: | b=(none)
Dec 22 13:44:15 localhost pluto[8271]: | results matched
Dec 22 13:44:15 localhost pluto[8271]: | trusted_ca called with a=(empty)
b=(empty)
Dec 22 13:44:15 localhost pluto[8271]: | fc_try_oppo trying
b-labris.l2tp-zcert:EXTERNALIP/32 -> 192.168.2.3/32 vs
b-labris.l2tp-zcert:EXTERNALIP/32 -> 0.0.0.0/32
Dec 22 13:44:15 localhost pluto[8271]: | fc_try_oppo concluding with none
[0]
Dec 22 13:44:15 localhost pluto[8271]: | concluding with d = none
Dec 22 13:44:15 localhost pluto[8271]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #7: cannot respond to IPsec SA request because no connection
is known for EXTERNALIP[C=TR, ST=AN, L=Ankara, O=Labris SG User Company,
CN=vpngateway]:17/1701...88.254.240.233[C=TR, ST=AN, L=Ankara, O=Labris SG
User Company, CN=vpngateway]:17/1701===192.168.2.3/32
Dec 22 13:44:15 localhost pluto[8271]: | complete state transition with
(null)
Dec 22 13:44:15 localhost pluto[8271]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #7: sending encrypted notification INVALID_ID_INFORMATION to
88.254.240.233:4500
Dec 22 13:44:15 localhost pluto[8271]: | **emit ISAKMP Message:
Dec 22 13:44:15 localhost pluto[8271]: | initiator cookie:
Dec 22 13:44:15 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63
Dec 22 13:44:15 localhost pluto[8271]: | responder cookie:
Dec 22 13:44:15 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c
Dec 22 13:44:15 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_HASH
Dec 22 13:44:15 localhost pluto[8271]: | ISAKMP version: ISAKMP Version
1.0
Dec 22 13:44:15 localhost pluto[8271]: | exchange type: ISAKMP_XCHG_INFO
Dec 22 13:44:15 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION
Dec 22 13:44:15 localhost pluto[8271]: | message ID: 2f 7a 41 a0
Dec 22 13:44:15 localhost pluto[8271]: | ***emit ISAKMP Hash Payload:
Dec 22 13:44:15 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_N
Dec 22 13:44:15 localhost pluto[8271]: | emitting 20 zero bytes of HASH(1)
into ISAKMP Hash Payload
Dec 22 13:44:15 localhost pluto[8271]: | emitting length of ISAKMP Hash
Payload: 24
Dec 22 13:44:15 localhost pluto[8271]: | ***emit ISAKMP Notification
Payload:
Dec 22 13:44:15 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_NONE
Dec 22 13:44:15 localhost pluto[8271]: | DOI: ISAKMP_DOI_IPSEC
Dec 22 13:44:15 localhost pluto[8271]: | protocol ID: 1
Dec 22 13:44:15 localhost pluto[8271]: | SPI size: 0
Dec 22 13:44:15 localhost pluto[8271]: | Notify Message Type:
INVALID_ID_INFORMATION
Dec 22 13:44:15 localhost pluto[8271]: | emitting length of ISAKMP
Notification Payload: 12
Dec 22 13:44:15 localhost pluto[8271]: | HASH(1) computed:
Dec 22 13:44:15 localhost pluto[8271]: | 09 7a 1a 8f 19 7d d9 24 24 de
00 cf ee 5c e3 43
Dec 22 13:44:15 localhost pluto[8271]: | 9a ae 5c b0
Dec 22 13:44:15 localhost pluto[8271]: | last Phase 1 IV: eb 89 cc 2a b8
48 d9 8a
Dec 22 13:44:15 localhost pluto[8271]: | current Phase 1 IV: eb 89 cc 2a
b8 48 d9 8a
Dec 22 13:44:15 localhost pluto[8271]: | computed Phase 2 IV:
Dec 22 13:44:15 localhost pluto[8271]: | f5 2a c8 33 89 5e ae 09 bb 08
ee cc 71 00 a9 c0
Dec 22 13:44:15 localhost pluto[8271]: | 23 f7 18 8d
Dec 22 13:44:15 localhost pluto[8271]: | encrypting:
Dec 22 13:44:15 localhost pluto[8271]: | 0b 00 00 18 09 7a 1a 8f 19 7d
d9 24 24 de 00 cf
Dec 22 13:44:15 localhost pluto[8271]: | ee 5c e3 43 9a ae 5c b0 00 00
00 0c 00 00 00 01
Dec 22 13:44:15 localhost pluto[8271]: | 01 00 00 12
Dec 22 13:44:15 localhost pluto[8271]: | IV:
Dec 22 13:44:15 localhost pluto[8271]: | f5 2a c8 33 89 5e ae 09 bb 08
ee cc 71 00 a9 c0
Dec 22 13:44:15 localhost pluto[8271]: | 23 f7 18 8d
Dec 22 13:44:15 localhost pluto[8271]: | emitting 4 zero bytes of encryption
padding into ISAKMP Message
Dec 22 13:44:15 localhost pluto[8271]: | encrypting using OAKLEY_3DES_CBC
Dec 22 13:44:15 localhost pluto[8271]: | next IV: 8c a5 68 80 90 2d 79 52
Dec 22 13:44:15 localhost pluto[8271]: | emitting length of ISAKMP Message:
68
Dec 22 13:44:15 localhost pluto[8271]: | sending 68 bytes for notification
packet through ppp0:4500 to 88.254.240.233:4500:
Dec 22 13:44:15 localhost pluto[8271]: | 00 00 00 00 54 0b 44 fa 30 5f
01 63 48 e2 02 2f
Dec 22 13:44:15 localhost pluto[8271]: | ab 05 97 7c 08 10 05 01 2f 7a
41 a0 00 00 00 44
Dec 22 13:44:15 localhost pluto[8271]: | 0b 54 c2 99 00 6e 81 0e d3 0b
ee a2 46 41 c5 1c
Dec 22 13:44:15 localhost pluto[8271]: | 9c 69 d2 c7 14 cc f7 a5 13 fe
58 6a 97 76 9e 2d
Dec 22 13:44:15 localhost pluto[8271]: | 8c a5 68 80 90 2d 79 52
Dec 22 13:44:15 localhost pluto[8271]: | state transition function for
STATE_QUICK_R0 failed: INVALID_ID_INFORMATION
Dec 22 13:44:15 localhost pluto[8271]: | next event EVENT_RETRANSMIT in 17
seconds for #2
Dec 22 13:44:16 localhost pluto[8271]: |
Dec 22 13:44:16 localhost pluto[8271]: | *received 316 bytes from
88.254.240.233:4500 on ppp0 (port=4500)
Dec 22 13:44:16 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63 48 e2
02 2f ab 05 97 7c
Dec 22 13:44:16 localhost pluto[8271]: | 08 10 20 01 00 00 00 01 00 00
01 3c bb 44 ad cc
Dec 22 13:44:16 localhost pluto[8271]: | c2 c4 88 3d 92 d2 45 b4 e9 a0
e5 2f 62 c6 33 e8
Dec 22 13:44:16 localhost pluto[8271]: | a8 6c d5 a5 38 63 ce ca ac dd
3b 22 ba 48 a1 4b
Dec 22 13:44:16 localhost pluto[8271]: | 58 47 11 32 91 79 62 c8 67 cb
45 56 69 95 00 a3
Dec 22 13:44:16 localhost pluto[8271]: | 35 6f 81 92 d7 bf 77 a4 6a b9
7b a0 81 9c fc d8
Dec 22 13:44:16 localhost pluto[8271]: | 3e b7 5a 14 f1 5e 69 a1 4c 14
99 d1 6e 25 9d ef
Dec 22 13:44:16 localhost pluto[8271]: | 2c b4 3f 3f 12 d6 8c 45 c1 67
b9 17 c5 7e 3d 1e
Dec 22 13:44:16 localhost pluto[8271]: | 0e 05 b8 89 db 6e e8 13 21 dd
2e 6a 69 2b f0 0c
Dec 22 13:44:16 localhost pluto[8271]: | 2d 51 f2 83 80 93 60 75 e4 4d
4e 44 0f cd 95 4b
Dec 22 13:44:16 localhost pluto[8271]: | 10 0d 64 9b 29 c4 57 71 ff d8
a2 d0 c7 da 88 74
Dec 22 13:44:16 localhost pluto[8271]: | 7d 35 e9 7f db 1f a1 3b 2b 96
75 dc 3d 3d 9f 9e
Dec 22 13:44:16 localhost pluto[8271]: | 04 56 44 98 ff 32 48 78 9b 0f
76 67 71 37 02 c8
Dec 22 13:44:16 localhost pluto[8271]: | 75 f0 38 eb e2 56 23 ba 7f 73
e5 bf 1b e6 f6 9a
Dec 22 13:44:16 localhost pluto[8271]: | fb b2 c6 1f 26 2a 73 ff fe 0c
c0 c4 94 fb 4e 51
Dec 22 13:44:16 localhost pluto[8271]: | 99 a2 7c e0 b1 62 b9 e5 c1 ea
2e 7d 1b 62 f3 a2
Dec 22 13:44:16 localhost pluto[8271]: | 81 59 30 d9 30 4c d4 e8 6a f5
3a 11 b6 cb 59 be
Dec 22 13:44:16 localhost pluto[8271]: | 8e 2a a2 f2 52 13 ca 6d 18 82
57 f1 a2 26 9a af
Dec 22 13:44:16 localhost pluto[8271]: | 22 6e 24 bc ba 15 6f 3d a8 a6
50 9e 12 8c f5 b6
Dec 22 13:44:16 localhost pluto[8271]: | fc 88 60 36 f5 d1 88 f5 ad b6
2f 03
Dec 22 13:44:16 localhost pluto[8271]: | **parse ISAKMP Message:
Dec 22 13:44:16 localhost pluto[8271]: | initiator cookie:
Dec 22 13:44:16 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63
Dec 22 13:44:16 localhost pluto[8271]: | responder cookie:
Dec 22 13:44:16 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c
Dec 22 13:44:16 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_HASH
Dec 22 13:44:16 localhost pluto[8271]: | ISAKMP version: ISAKMP Version
1.0
Dec 22 13:44:16 localhost pluto[8271]: | exchange type: ISAKMP_XCHG_QUICK
Dec 22 13:44:16 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION
Dec 22 13:44:16 localhost pluto[8271]: | message ID: 00 00 00 01
Dec 22 13:44:16 localhost pluto[8271]: | length: 316
Dec 22 13:44:16 localhost pluto[8271]: | processing packet with exchange
type=ISAKMP_XCHG_QUICK (32)
Dec 22 13:44:16 localhost pluto[8271]: | ICOOKIE: 54 0b 44 fa 30 5f 01 63
Dec 22 13:44:16 localhost pluto[8271]: | RCOOKIE: 48 e2 02 2f ab 05 97 7c
Dec 22 13:44:16 localhost pluto[8271]: | peer: 58 fe f0 e9
Dec 22 13:44:16 localhost pluto[8271]: | state hash entry 27
Dec 22 13:44:16 localhost pluto[8271]: | peer and cookies match on #7,
provided msgid 00000001 vs 00000000
Dec 22 13:44:16 localhost pluto[8271]: | state object not found
Dec 22 13:44:16 localhost pluto[8271]: | ICOOKIE: 54 0b 44 fa 30 5f 01 63
Dec 22 13:44:16 localhost pluto[8271]: | RCOOKIE: 48 e2 02 2f ab 05 97 7c
Dec 22 13:44:16 localhost pluto[8271]: | peer: 58 fe f0 e9
Dec 22 13:44:16 localhost pluto[8271]: | state hash entry 27
Dec 22 13:44:16 localhost pluto[8271]: | peer and cookies match on #7,
provided msgid 00000000 vs 00000000
Dec 22 13:44:16 localhost pluto[8271]: | state object #7 found, in
STATE_MAIN_R3
Dec 22 13:44:16 localhost pluto[8271]: | processing connection
b-labris.l2tp-zcert[2] 88.254.240.233
Dec 22 13:44:16 localhost pluto[8271]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #7: Quick Mode I1 message is unacceptable because it uses a
previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 22 13:44:16 localhost pluto[8271]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #7: sending encrypted notification INVALID_MESSAGE_ID to
88.254.240.233:4500
Dec 22 13:44:16 localhost pluto[8271]: | **emit ISAKMP Message:
Dec 22 13:44:16 localhost pluto[8271]: | initiator cookie:
Dec 22 13:44:16 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63
Dec 22 13:44:16 localhost pluto[8271]: | responder cookie:
Dec 22 13:44:16 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c
Dec 22 13:44:16 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_HASH
Dec 22 13:44:16 localhost pluto[8271]: | ISAKMP version: ISAKMP Version
1.0
Dec 22 13:44:16 localhost pluto[8271]: | exchange type: ISAKMP_XCHG_INFO
Dec 22 13:44:16 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION
Dec 22 13:44:16 localhost pluto[8271]: | message ID: d2 de 71 42
Dec 22 13:44:16 localhost pluto[8271]: | ***emit ISAKMP Hash Payload:
Dec 22 13:44:16 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_N
Dec 22 13:44:16 localhost pluto[8271]: | emitting 20 zero bytes of HASH(1)
into ISAKMP Hash Payload
Dec 22 13:44:16 localhost pluto[8271]: | emitting length of ISAKMP Hash
Payload: 24
Dec 22 13:44:16 localhost pluto[8271]: | ***emit ISAKMP Notification
Payload:
Dec 22 13:44:16 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_NONE
Dec 22 13:44:16 localhost pluto[8271]: | DOI: ISAKMP_DOI_IPSEC
Dec 22 13:44:16 localhost pluto[8271]: | protocol ID: 1
Dec 22 13:44:16 localhost pluto[8271]: | SPI size: 0
Dec 22 13:44:16 localhost pluto[8271]: | Notify Message Type:
INVALID_MESSAGE_ID
Dec 22 13:44:16 localhost pluto[8271]: | emitting length of ISAKMP
Notification Payload: 12
Dec 22 13:44:16 localhost pluto[8271]: | HASH(1) computed:
Dec 22 13:44:16 localhost pluto[8271]: | fa 06 d1 7c 51 06 61 49 dc d7
92 cb 8c 7a 6d fc
Dec 22 13:44:16 localhost pluto[8271]: | 8c 52 76 28
Dec 22 13:44:16 localhost pluto[8271]: | last Phase 1 IV: eb 89 cc 2a b8
48 d9 8a
Dec 22 13:44:16 localhost pluto[8271]: | current Phase 1 IV: eb 89 cc 2a
b8 48 d9 8a
Dec 22 13:44:16 localhost pluto[8271]: | computed Phase 2 IV:
Dec 22 13:44:16 localhost pluto[8271]: | 18 6b 0b d1 4b ce 76 e7 5c 98
0a 88 90 31 2c c1
Dec 22 13:44:16 localhost pluto[8271]: | d6 5c 65 bc
Dec 22 13:44:16 localhost pluto[8271]: | encrypting:
Dec 22 13:44:16 localhost pluto[8271]: | 0b 00 00 18 fa 06 d1 7c 51 06
61 49 dc d7 92 cb
Dec 22 13:44:16 localhost pluto[8271]: | 8c 7a 6d fc 8c 52 76 28 00 00
00 0c 00 00 00 01
Dec 22 13:44:16 localhost pluto[8271]: | 01 00 00 09
Dec 22 13:44:16 localhost pluto[8271]: | IV:
Dec 22 13:44:16 localhost pluto[8271]: | 18 6b 0b d1 4b ce 76 e7 5c 98
0a 88 90 31 2c c1
Dec 22 13:44:16 localhost pluto[8271]: | d6 5c 65 bc
Dec 22 13:44:16 localhost pluto[8271]: | emitting 4 zero bytes of encryption
padding into ISAKMP Message
Dec 22 13:44:16 localhost pluto[8271]: | encrypting using OAKLEY_3DES_CBC
Dec 22 13:44:16 localhost pluto[8271]: | next IV: 57 f7 ff c1 24 7e b5 8e
Dec 22 13:44:16 localhost pluto[8271]: | emitting length of ISAKMP Message:
68
Dec 22 13:44:16 localhost pluto[8271]: | sending 68 bytes for notification
packet through ppp0:4500 to 88.254.240.233:4500:
Dec 22 13:44:16 localhost pluto[8271]: | 00 00 00 00 54 0b 44 fa 30 5f
01 63 48 e2 02 2f
Dec 22 13:44:16 localhost pluto[8271]: | ab 05 97 7c 08 10 05 01 d2 de
71 42 00 00 00 44
Dec 22 13:44:16 localhost pluto[8271]: | d4 88 e1 90 6e fa 06 e7 f9 37
d6 1b 88 a7 5d a1
Dec 22 13:44:16 localhost pluto[8271]: | 50 26 f6 05 af 87 d6 6e 33 c8
7d 20 46 ac 5b 06
Dec 22 13:44:16 localhost pluto[8271]: | 57 f7 ff c1 24 7e b5 8e
Dec 22 13:44:16 localhost pluto[8271]: | next event EVENT_RETRANSMIT in 16
seconds for #2
Dec 22 13:44:18 localhost pluto[8271]: |
Dec 22 13:44:18 localhost pluto[8271]: | *received 316 bytes from
88.254.240.233:4500 on ppp0 (port=4500)
Dec 22 13:44:18 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63 48 e2
02 2f ab 05 97 7c
Dec 22 13:44:18 localhost pluto[8271]: | 08 10 20 01 00 00 00 01 00 00
01 3c bb 44 ad cc
Dec 22 13:44:18 localhost pluto[8271]: | c2 c4 88 3d 92 d2 45 b4 e9 a0
e5 2f 62 c6 33 e8
Dec 22 13:44:18 localhost pluto[8271]: | a8 6c d5 a5 38 63 ce ca ac dd
3b 22 ba 48 a1 4b
Dec 22 13:44:18 localhost pluto[8271]: | 58 47 11 32 91 79 62 c8 67 cb
45 56 69 95 00 a3
Dec 22 13:44:18 localhost pluto[8271]: | 35 6f 81 92 d7 bf 77 a4 6a b9
7b a0 81 9c fc d8
Dec 22 13:44:18 localhost pluto[8271]: | 3e b7 5a 14 f1 5e 69 a1 4c 14
99 d1 6e 25 9d ef
Dec 22 13:44:18 localhost pluto[8271]: | 2c b4 3f 3f 12 d6 8c 45 c1 67
b9 17 c5 7e 3d 1e
Dec 22 13:44:18 localhost pluto[8271]: | 0e 05 b8 89 db 6e e8 13 21 dd
2e 6a 69 2b f0 0c
Dec 22 13:44:18 localhost pluto[8271]: | 2d 51 f2 83 80 93 60 75 e4 4d
4e 44 0f cd 95 4b
Dec 22 13:44:18 localhost pluto[8271]: | 10 0d 64 9b 29 c4 57 71 ff d8
a2 d0 c7 da 88 74
Dec 22 13:44:18 localhost pluto[8271]: | 7d 35 e9 7f db 1f a1 3b 2b 96
75 dc 3d 3d 9f 9e
Dec 22 13:44:18 localhost pluto[8271]: | 04 56 44 98 ff 32 48 78 9b 0f
76 67 71 37 02 c8
Dec 22 13:44:18 localhost pluto[8271]: | 75 f0 38 eb e2 56 23 ba 7f 73
e5 bf 1b e6 f6 9a
Dec 22 13:44:18 localhost pluto[8271]: | fb b2 c6 1f 26 2a 73 ff fe 0c
c0 c4 94 fb 4e 51
Dec 22 13:44:18 localhost pluto[8271]: | 99 a2 7c e0 b1 62 b9 e5 c1 ea
2e 7d 1b 62 f3 a2
Dec 22 13:44:18 localhost pluto[8271]: | 81 59 30 d9 30 4c d4 e8 6a f5
3a 11 b6 cb 59 be
Dec 22 13:44:18 localhost pluto[8271]: | 8e 2a a2 f2 52 13 ca 6d 18 82
57 f1 a2 26 9a af
Dec 22 13:44:18 localhost pluto[8271]: | 22 6e 24 bc ba 15 6f 3d a8 a6
50 9e 12 8c f5 b6
Dec 22 13:44:18 localhost pluto[8271]: | fc 88 60 36 f5 d1 88 f5 ad b6
2f 03
Dec 22 13:44:18 localhost pluto[8271]: | **parse ISAKMP Message:
Dec 22 13:44:18 localhost pluto[8271]: | initiator cookie:
Dec 22 13:44:18 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63
Dec 22 13:44:18 localhost pluto[8271]: | responder cookie:
Dec 22 13:44:18 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c
Dec 22 13:44:18 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_HASH
Dec 22 13:44:18 localhost pluto[8271]: | ISAKMP version: ISAKMP Version
1.0
Dec 22 13:44:18 localhost pluto[8271]: | exchange type: ISAKMP_XCHG_QUICK
Dec 22 13:44:18 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION
Dec 22 13:44:18 localhost pluto[8271]: | message ID: 00 00 00 01
Dec 22 13:44:18 localhost pluto[8271]: | length: 316
Dec 22 13:44:18 localhost pluto[8271]: | processing packet with exchange
type=ISAKMP_XCHG_QUICK (32)
Dec 22 13:44:18 localhost pluto[8271]: | ICOOKIE: 54 0b 44 fa 30 5f 01 63
Dec 22 13:44:18 localhost pluto[8271]: | RCOOKIE: 48 e2 02 2f ab 05 97 7c
Dec 22 13:44:18 localhost pluto[8271]: | peer: 58 fe f0 e9
Dec 22 13:44:18 localhost pluto[8271]: | state hash entry 27
Dec 22 13:44:18 localhost pluto[8271]: | peer and cookies match on #7,
provided msgid 00000001 vs 00000000
Dec 22 13:44:18 localhost pluto[8271]: | state object not found
Dec 22 13:44:18 localhost pluto[8271]: | ICOOKIE: 54 0b 44 fa 30 5f 01 63
Dec 22 13:44:18 localhost pluto[8271]: | RCOOKIE: 48 e2 02 2f ab 05 97 7c
Dec 22 13:44:18 localhost pluto[8271]: | peer: 58 fe f0 e9
Dec 22 13:44:18 localhost pluto[8271]: | state hash entry 27
Dec 22 13:44:18 localhost pluto[8271]: | peer and cookies match on #7,
provided msgid 00000000 vs 00000000
Dec 22 13:44:18 localhost pluto[8271]: | state object #7 found, in
STATE_MAIN_R3
Dec 22 13:44:18 localhost pluto[8271]: | processing connection
b-labris.l2tp-zcert[2] 88.254.240.233
Dec 22 13:44:18 localhost pluto[8271]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #7: Quick Mode I1 message is unacceptable because it uses a
previously used Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 22 13:44:18 localhost pluto[8271]: "b-labris.l2tp-zcert"[2]
88.254.240.233 #7: sending encrypted notification INVALID_MESSAGE_ID to
88.254.240.233:4500
Dec 22 13:44:18 localhost pluto[8271]: | **emit ISAKMP Message:
Dec 22 13:44:18 localhost pluto[8271]: | initiator cookie:
Dec 22 13:44:18 localhost pluto[8271]: | 54 0b 44 fa 30 5f 01 63
Dec 22 13:44:18 localhost pluto[8271]: | responder cookie:
Dec 22 13:44:18 localhost pluto[8271]: | 48 e2 02 2f ab 05 97 7c
Dec 22 13:44:18 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_HASH
Dec 22 13:44:18 localhost pluto[8271]: | ISAKMP version: ISAKMP Version
1.0
Dec 22 13:44:18 localhost pluto[8271]: | exchange type: ISAKMP_XCHG_INFO
Dec 22 13:44:18 localhost pluto[8271]: | flags: ISAKMP_FLAG_ENCRYPTION
Dec 22 13:44:18 localhost pluto[8271]: | message ID: c0 8b 32 3b
Dec 22 13:44:18 localhost pluto[8271]: | ***emit ISAKMP Hash Payload:
Dec 22 13:44:18 localhost pluto[8271]: | next payload type: ISAKMP_NEXT_N
Dec 22 13:44:18 localhost pluto[8271]: | emitting 20 zero bytes of HASH(1)
into ISAKMP Hash Payload
Dec 22 13:44:18 localhost pluto[8271]: | emitting length of ISAKMP Hash
Payload: 24
Dec 22 13:44:18 localhost pluto[8271]: | ***emit ISAKMP Notification
Payload:
Dec 22 13:44:18 localhost pluto[8271]: | next payload type:
ISAKMP_NEXT_NONE
Dec 22 13:44:18 localhost pluto[8271]: | DOI: ISAKMP_DOI_IPSEC
Dec 22 13:44:18 localhost pluto[8271]: | protocol ID: 1
Dec 22 13:44:18 localhost pluto[8271]: | SPI size: 0
Dec 22 13:44:18 localhost pluto[8271]: | Notify Message Type:
INVALID_MESSAGE_ID
Dec 22 13:44:18 localhost pluto[8271]: | emitting length of ISAKMP
Notification Payload: 12
Dec 22 13:44:18 localhost pluto[8271]: | HASH(1) computed:
Dec 22 13:44:18 localhost pluto[8271]: | b4 4b 1d 82 53 06 4a f0 90 32
52 48 6b f6 1a 0b
Dec 22 13:44:18 localhost pluto[8271]: | cb ed dd 88
Dec 22 13:44:18 localhost pluto[8271]: | last Phase 1 IV: eb 89 cc 2a b8
48 d9 8a
Dec 22 13:44:18 localhost pluto[8271]: | current Phase 1 IV: eb 89 cc 2a
b8 48 d9 8a
Dec 22 13:44:18 localhost pluto[8271]: | computed Phase 2 IV:
Dec 22 13:44:18 localhost pluto[8271]: | bd 7e 08 6f 36 93 cb 27 2c b7
d2 02 c2 d4 e4 24
Dec 22 13:44:18 localhost pluto[8271]: | 67 28 25 8b
Dec 22 13:44:18 localhost pluto[8271]: | encrypting:
Dec 22 13:44:18 localhost pluto[8271]: | 0b 00 00 18 b4 4b 1d 82 53 06
4a f0 90 32 52 48
Dec 22 13:44:18 localhost pluto[8271]: | 6b f6 1a 0b cb ed dd 88 00 00
00 0c 00 00 00 01
Dec 22 13:44:18 localhost pluto[8271]: | 01 00 00 09
Dec 22 13:44:18 localhost pluto[8271]: | IV:
Dec 22 13:44:18 localhost pluto[8271]: | bd 7e 08 6f 36 93 cb 27 2c b7
d2 02 c2 d4 e4 24
Dec 22 13:44:18 localhost pluto[8271]: | 67 28 25 8b
Dec 22 13:44:18 localhost pluto[8271]: | emitting 4 zero bytes of encryption
padding into ISAKMP Message
Dec 22 13:44:18 localhost pluto[8271]: | encrypting using OAKLEY_3DES_CBC
Dec 22 13:44:18 localhost pluto[8271]: | next IV: f4 95 3a ea 59 e2 a5 d0
Dec 22 13:44:18 localhost pluto[8271]: | emitting length of ISAKMP Message:
68
Dec 22 13:44:18 localhost pluto[8271]: | sending 68 bytes for notification
packet through ppp0:4500 to 88.254.240.233:4500:
Dec 22 13:44:18 localhost pluto[8271]: | 00 00 00 00 54 0b 44 fa 30 5f
01 63 48 e2 02 2f
Dec 22 13:44:18 localhost pluto[8271]: | ab 05 97 7c 08 10 05 01 c0 8b
32 3b 00 00 00 44
Dec 22 13:44:18 localhost pluto[8271]: | 02 5b b5 7b 47 ee b0 b5 12 11
66 c7 64 27 dc cc
Dec 22 13:44:18 localhost pluto[8271]: | 67 86 db 80 01 b2 f7 37 ca a8
73 eb ba 2e 79 9d
Dec 22 13:44:18 localhost pluto[8271]: | f4 95 3a ea 59 e2 a5 d0
Dec 22 13:44:18 localhost pluto[8271]: | next event EVENT_RETRANSMIT in 14
seconds for #2
Dec 22 13:44:22 localhost pluto[8271]: |
PSK LOGS: (PSK trials were with 2.4 kernel)
Dec 22 02:52:21 localhost pluto[9274]: packet from 88.254.240.233:500:
received Vendor ID payload [RFC 3947] method set to=110
Dec 22 02:52:21 localhost pluto[9274]: packet from 88.254.240.233:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but
already using method 110
Dec 22 02:52:21 localhost pluto[9274]: packet from 88.254.240.233:500:
ignoring Vendor ID payload [FRAGMENTATION]
Dec 22 02:52:21 localhost pluto[9274]: packet from 88.254.240.233:500:
ignoring unknown Vendor ID payload [fb1de3cdf341b7ea16b7e5be0855f120]
Dec 22 02:52:21 localhost pluto[9274]: packet from 88.254.240.233:500:
ignoring Vendor ID payload [Vid-Initial-Contact]
Dec 22 02:52:21 localhost pluto[9274]: packet from 88.254.240.233:500:
ignoring unknown Vendor ID payload [e3a5966a76379fe707228231e5ce8652]
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] 88.254.240.233 #7:
responding to Main Mode from unknown peer 88.254.240.233
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] 88.254.240.233 #7:
Diffie-Hellamn group 20 is not a supported modp group. Attribute
OAKLEY_GROUP_DESCRIPTION
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] 88.254.240.233 #7:
Diffie-Hellamn group 19 is not a supported modp group. Attribute
OAKLEY_GROUP_DESCRIPTION
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] 88.254.240.233 #7:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] 88.254.240.233 #7:
STATE_MAIN_R1: sent MR1, expecting MI2
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] 88.254.240.233 #7:
NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] 88.254.240.233 #7:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] 88.254.240.233 #7:
STATE_MAIN_R2: sent MR2, expecting MI3
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] 88.254.240.233 #7:
Main mode peer ID is ID_IPV4_ADDR: '192.168.2.3'
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[5] 88.254.240.233 #7:
switched from "labris.l2tp" to "labris.l2tp"
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[6] 88.254.240.233 #7:
deleting connection "labris.l2tp" instance with peer
88.254.240.233{isakmp=#0/ipsec=#0}
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[6] 88.254.240.233 #7: I
did not send a certificate because I do not have one.
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[6] 88.254.240.233 #7:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Dec 22 02:52:21 localhost pluto[9274]: | NAT-T: new mapping
88.254.240.233:500/1024)
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[6] 88.254.240.233 #7:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[6] 88.254.240.233 #7:
cannot respond to IPsec SA request because no connection is known for
EXTERNALIP:17/1701...88.254.240.233[192.168.2.3]:17/1701===192.168.2.3/32
Dec 22 02:52:21 localhost pluto[9274]: "labris.l2tp"[6] 88.254.240.233 #7:
sending encrypted notification INVALID_ID_INFORMATION to 88.254.240.233:1024
Dec 22 02:52:23 localhost pluto[9274]: "labris.l2tp"[6] 88.254.240.233 #7:
Quick Mode I1 message is unacceptable because it uses a previously used
Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 22 02:52:23 localhost pluto[9274]: "labris.l2tp"[6] 88.254.240.233 #7:
sending encrypted notification INVALID_MESSAGE_ID to 88.254.240.233:1024
Dec 22 02:52:25 localhost pluto[9274]: "labris.l2tp"[6] 88.254.240.233 #7:
Quick Mode I1 message is unacceptable because it uses a previously used
Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 22 02:52:25 localhost pluto[9274]: "labris.l2tp"[6] 88.254.240.233 #7:
sending encrypted notification INVALID_MESSAGE_ID to 88.254.240.233:1024
Dec 22 02:52:29 localhost pluto[9274]: "labris.l2tp"[6] 88.254.240.233 #7:
Quick Mode I1 message is unacceptable because it uses a previously used
Message ID 0x01000000 (perhaps this is a duplicated packet)
Dec 22 02:52:29 localhost pluto[9274]: "labris.l2tp"[6] 88.254.240.233 #7:
sending encrypted notification INVALID_MESSAGE_ID to 88.254.240.233:1024
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20071222/65e83fe7/attachment-0001.html
More information about the Users
mailing list