[Openswan Users] HELP : fail to reconnect, but fist successfully connect

christophe yayon cyayon at nbux.org
Mon Mar 31 13:43:59 EDT 2008


i got the same problem with a macosx 10.5.2 client... strange, it seems not
a iphone specific problem...

here is the logs with "controlmore" :




Mar 31 19:40:01 nebu pluto[22614]: |
Mar 31 19:40:01 nebu pluto[22614]: | *received 300 bytes from XX.XX.XX.XX:500
on eth0 (port=500)
Mar 31 19:40:01 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1  00 00 00
00  00 00 00 00
Mar 31 19:40:01 nebu pluto[22614]: |   01 10 02 00  00 00 00 00  00 00 01
2c  0d 00 00 34
Mar 31 19:40:01 nebu pluto[22614]: |   00 00 00 01  00 00 00 01  00 00 00
28  01 01 00 01
Mar 31 19:40:01 nebu pluto[22614]: |   00 00 00 20  01 01 00 00  80 0b 00
01  80 0c 0e 10
Mar 31 19:40:01 nebu pluto[22614]: |   80 01 00 05  80 03 00 01  80 02 00
02  80 04 00 02
Mar 31 19:40:01 nebu pluto[22614]: |   0d 00 00 14  4a 13 1c 81  07 03 58
45  5c 57 28 f2
Mar 31 19:40:01 nebu pluto[22614]: |   0e 95 45 2f  0d 00 00 14  4d f3 79
28  e9 fc 4f d1
Mar 31 19:40:01 nebu pluto[22614]: |   b3 26 21 70  d5 15 c6 62  0d 00 00
14  8f 8d 83 82
Mar 31 19:40:01 nebu pluto[22614]: |   6d 24 6b 6f  c7 a8 a6 a4  28 c1 1d
e8  0d 00 00 14
Mar 31 19:40:01 nebu pluto[22614]: |   43 9b 59 f8  ba 67 6c 4c  77 37 ae
22  ea b8 f5 82
Mar 31 19:40:01 nebu pluto[22614]: |   0d 00 00 14  4d 1e 0e 13  6d ea fa
34  c4 f3 ea 9f
Mar 31 19:40:01 nebu pluto[22614]: |   02 ec 72 85  0d 00 00 14  80 d0 bb
3d  ef 54 56 5e
Mar 31 19:40:01 nebu pluto[22614]: |   e8 46 45 d4  c8 5c e3 ee  0d 00 00
14  99 09 b6 4e
Mar 31 19:40:01 nebu pluto[22614]: |   ed 93 7c 65  73 de 52 ac  e9 52 fa
6b  0d 00 00 14
Mar 31 19:40:01 nebu pluto[22614]: |   7d 94 19 a6  53 10 ca 6f  2c 17 9d
92  15 52 9d 56
Mar 31 19:40:01 nebu pluto[22614]: |   0d 00 00 14  cd 60 46 43  35 df 21
f8  7c fd b2 fc
Mar 31 19:40:01 nebu pluto[22614]: |   68 b6 a4 48  0d 00 00 14  90 cb 80
91  3e bb 69 6e
Mar 31 19:40:01 nebu pluto[22614]: |   08 63 81 b5  ec 42 7b 1f  00 00 00
14  af ca d7 13
Mar 31 19:40:01 nebu pluto[22614]: |   68 a1 f1 c9  6b 86 96 fc  77 57 01 00
Mar 31 19:40:01 nebu pluto[22614]: | **parse ISAKMP Message:
Mar 31 19:40:01 nebu pluto[22614]: |    initiator cookie:
Mar 31 19:40:01 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:01 nebu pluto[22614]: |    responder cookie:
Mar 31 19:40:01 nebu pluto[22614]: |   00 00 00 00  00 00 00 00
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_SA
Mar 31 19:40:01 nebu pluto[22614]: |    ISAKMP version: ISAKMP Version 1.0
Mar 31 19:40:01 nebu pluto[22614]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar 31 19:40:01 nebu pluto[22614]: |    flags: none
Mar 31 19:40:01 nebu pluto[22614]: |    message ID:  00 00 00 00
Mar 31 19:40:01 nebu pluto[22614]: |    length: 300
Mar 31 19:40:01 nebu pluto[22614]: |  processing packet with exchange
type=ISAKMP_XCHG_IDPROT (2)
Mar 31 19:40:01 nebu pluto[22614]: | np=1 and sd=0x80e1380
Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Security Association
Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: |    length: 52
Mar 31 19:40:01 nebu pluto[22614]: |    DOI: ISAKMP_DOI_IPSEC
Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c
Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: |    length: 20
Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c
Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: |    length: 20
Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c
Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: |    length: 20
Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c
Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: |    length: 20
Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c
Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: |    length: 20
Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c
Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: |    length: 20
Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c
Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: |    length: 20
Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c
Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: |    length: 20
Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c
Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: |    length: 20
Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c
Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: |    length: 20
Mar 31 19:40:01 nebu pluto[22614]: | np=13 and sd=0x80e144c
Mar 31 19:40:01 nebu pluto[22614]: | ***parse ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:01 nebu pluto[22614]: |    length: 20
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: received
Vendor ID payload [RFC 3947] method set to=109
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike] method set to=110
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: ignoring
unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: ignoring
unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: ignoring
unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: ignoring
unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: ignoring
unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already
using method 110
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already
using method 110
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already
using method 110
Mar 31 19:40:01 nebu pluto[22614]: packet from XX.XX.XX.XX:500: received
Vendor ID payload [Dead Peer Detection]
Mar 31 19:40:01 nebu pluto[22614]: | nat-t detected, sending nat-t VID
Mar 31 19:40:01 nebu pluto[22614]: | find_host_connection called from
main_inI1_outR1
Mar 31 19:40:01 nebu pluto[22614]: | find_host_pair: comparing to
10.199.37.2:500 0.0.0.0:500
Mar 31 19:40:01 nebu pluto[22614]: | find_host_pair: comparing to
10.199.37.2:500 XX.XX.XX.XX:500
Mar 31 19:40:01 nebu pluto[22614]: | find_host_pair_conn
(find_host_connection2): 10.199.37.2:500 XX.XX.XX.XX:500 -> hp:iphone
Mar 31 19:40:01 nebu pluto[22614]: | creating state object #5 at 0x80fe480
Mar 31 19:40:01 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:01 nebu pluto[22614]: | ICOOKIE:  27 e0 47 b6  99 15 5a c1
Mar 31 19:40:01 nebu pluto[22614]: | RCOOKIE:  36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:01 nebu pluto[22614]: | peer:  52 ee e3 25
Mar 31 19:40:01 nebu pluto[22614]: | state hash entry 12
Mar 31 19:40:01 nebu pluto[22614]: | inserting event EVENT_SO_DISCARD,
timeout in 0 seconds for #5
Mar 31 19:40:01 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: responding to
Main Mode from unknown peer XX.XX.XX.XX
Mar 31 19:40:01 nebu pluto[22614]: | **emit ISAKMP Message:
Mar 31 19:40:01 nebu pluto[22614]: |    initiator cookie:
Mar 31 19:40:01 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:01 nebu pluto[22614]: |    responder cookie:
Mar 31 19:40:01 nebu pluto[22614]: |   36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_SA
Mar 31 19:40:01 nebu pluto[22614]: |    ISAKMP version: ISAKMP Version 1.0
Mar 31 19:40:01 nebu pluto[22614]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar 31 19:40:01 nebu pluto[22614]: |    flags: none
Mar 31 19:40:01 nebu pluto[22614]: |    message ID:  00 00 00 00
Mar 31 19:40:01 nebu pluto[22614]: | ***emit ISAKMP Security Association
Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: |    DOI: ISAKMP_DOI_IPSEC
Mar 31 19:40:01 nebu pluto[22614]: | ****parse IPsec DOI SIT:
Mar 31 19:40:01 nebu pluto[22614]: |    IPsec DOI SIT: SIT_IDENTITY_ONLY
Mar 31 19:40:01 nebu pluto[22614]: | ****parse ISAKMP Proposal Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:01 nebu pluto[22614]: |    length: 40
Mar 31 19:40:01 nebu pluto[22614]: |    proposal number: 1
Mar 31 19:40:01 nebu pluto[22614]: |    protocol ID: PROTO_ISAKMP
Mar 31 19:40:01 nebu pluto[22614]: |    SPI size: 0
Mar 31 19:40:01 nebu pluto[22614]: |    number of transforms: 1
Mar 31 19:40:01 nebu pluto[22614]: | *****parse ISAKMP Transform Payload
(ISAKMP):
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:01 nebu pluto[22614]: |    length: 32
Mar 31 19:40:01 nebu pluto[22614]: |    transform number: 1
Mar 31 19:40:01 nebu pluto[22614]: |    transform ID: KEY_IKE
Mar 31 19:40:01 nebu pluto[22614]: | ******parse ISAKMP Oakley attribute:
Mar 31 19:40:01 nebu pluto[22614]: |    af+type: OAKLEY_LIFE_TYPE
Mar 31 19:40:01 nebu pluto[22614]: |    length/value: 1
Mar 31 19:40:01 nebu pluto[22614]: |    [1 is OAKLEY_LIFE_SECONDS]
Mar 31 19:40:01 nebu pluto[22614]: | ******parse ISAKMP Oakley attribute:
Mar 31 19:40:01 nebu pluto[22614]: |    af+type: OAKLEY_LIFE_DURATION
Mar 31 19:40:01 nebu pluto[22614]: |    length/value: 3600
Mar 31 19:40:01 nebu pluto[22614]: | ******parse ISAKMP Oakley attribute:
Mar 31 19:40:01 nebu pluto[22614]: |    af+type: OAKLEY_ENCRYPTION_ALGORITHM
Mar 31 19:40:01 nebu pluto[22614]: |    length/value: 5
Mar 31 19:40:01 nebu pluto[22614]: |    [5 is OAKLEY_3DES_CBC]
Mar 31 19:40:01 nebu pluto[22614]: | ike_alg_enc_ok(ealg=5,key_len=0):
blocksize=8, keyminlen=192, keydeflen=192, keymaxlen=192, ret=1
Mar 31 19:40:01 nebu pluto[22614]: | ******parse ISAKMP Oakley attribute:
Mar 31 19:40:01 nebu pluto[22614]: |    af+type:
OAKLEY_AUTHENTICATION_METHOD
Mar 31 19:40:01 nebu pluto[22614]: |    length/value: 1
Mar 31 19:40:01 nebu pluto[22614]: |    [1 is OAKLEY_PRESHARED_KEY]
Mar 31 19:40:01 nebu pluto[22614]: | started looking for secret for
10.199.37.2->192.168.0.12 of kind PPK_PSK
Mar 31 19:40:01 nebu pluto[22614]: | replace him to 0.0.0.0
Mar 31 19:40:01 nebu pluto[22614]: | actually looking for secret for
10.199.37.2->0.0.0.0 of kind PPK_PSK
Mar 31 19:40:01 nebu pluto[22614]: | 1: compared PSK 0.0.0.0 to 10.199.37.2/
192.168.0.12 -> 2
Mar 31 19:40:01 nebu pluto[22614]: | 2: compared PSK 10.199.37.2 to
10.199.37.2 / 192.168.0.12 -> 6
Mar 31 19:40:01 nebu pluto[22614]: | best_match 0>6 best=0x80faed8 (line=10)
Mar 31 19:40:01 nebu pluto[22614]: | concluding with best_match=6
best=0x80faed8 (lineno=10)
Mar 31 19:40:01 nebu pluto[22614]: | ******parse ISAKMP Oakley attribute:
Mar 31 19:40:01 nebu pluto[22614]: |    af+type: OAKLEY_HASH_ALGORITHM
Mar 31 19:40:01 nebu pluto[22614]: |    length/value: 2
Mar 31 19:40:01 nebu pluto[22614]: |    [2 is OAKLEY_SHA1]
Mar 31 19:40:01 nebu pluto[22614]: | ******parse ISAKMP Oakley attribute:
Mar 31 19:40:01 nebu pluto[22614]: |    af+type: OAKLEY_GROUP_DESCRIPTION
Mar 31 19:40:01 nebu pluto[22614]: |    length/value: 2
Mar 31 19:40:01 nebu pluto[22614]: |    [2 is OAKLEY_GROUP_MODP1024]
Mar 31 19:40:01 nebu pluto[22614]: | Oakley Transform 1 accepted
Mar 31 19:40:01 nebu pluto[22614]: | ****emit IPsec DOI SIT:
Mar 31 19:40:01 nebu pluto[22614]: |    IPsec DOI SIT: SIT_IDENTITY_ONLY
Mar 31 19:40:01 nebu pluto[22614]: | ****emit ISAKMP Proposal Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:01 nebu pluto[22614]: |    proposal number: 1
Mar 31 19:40:01 nebu pluto[22614]: |    protocol ID: PROTO_ISAKMP
Mar 31 19:40:01 nebu pluto[22614]: |    SPI size: 0
Mar 31 19:40:01 nebu pluto[22614]: |    number of transforms: 1
Mar 31 19:40:01 nebu pluto[22614]: | *****emit ISAKMP Transform Payload
(ISAKMP):
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:01 nebu pluto[22614]: |    transform number: 1
Mar 31 19:40:01 nebu pluto[22614]: |    transform ID: KEY_IKE
Mar 31 19:40:01 nebu pluto[22614]: | emitting 24 raw bytes of attributes
into ISAKMP Transform Payload (ISAKMP)
Mar 31 19:40:01 nebu pluto[22614]: | attributes  80 0b 00 01  80 0c 0e 10
80 01 00 05  80 03 00 01
Mar 31 19:40:01 nebu pluto[22614]: |   80 02 00 02  80 04 00 02
Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Transform
Payload (ISAKMP): 32
Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Proposal
Payload: 40
Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Security
Association Payload: 52
Mar 31 19:40:01 nebu pluto[22614]: | ***emit ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: | emitting 12 raw bytes of Vendor ID into
ISAKMP Vendor ID Payload
Mar 31 19:40:01 nebu pluto[22614]: | Vendor ID  4f 45 4b 42  7a 64 59 7b  77
4d 5d 40
Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Vendor ID
Payload: 16
Mar 31 19:40:01 nebu pluto[22614]: | ***emit ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_VID
Mar 31 19:40:01 nebu pluto[22614]: | emitting 16 raw bytes of DPP Vendor ID
into ISAKMP Vendor ID Payload
Mar 31 19:40:01 nebu pluto[22614]: | DPP Vendor ID  af ca d7 13  68 a1 f1
c9  6b 86 96 fc  77 57 01 00
Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Vendor ID
Payload: 20
Mar 31 19:40:01 nebu pluto[22614]: | sender checking NAT-t: 1 and 110
Mar 31 19:40:01 nebu pluto[22614]: | out_vendorid(): sending
[draft-ietf-ipsec-nat-t-ike]
Mar 31 19:40:01 nebu pluto[22614]: | ***emit ISAKMP Vendor ID Payload:
Mar 31 19:40:01 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:01 nebu pluto[22614]: | emitting 16 raw bytes of V_ID into
ISAKMP Vendor ID Payload
Mar 31 19:40:01 nebu pluto[22614]: | V_ID  4d f3 79 28  e9 fc 4f d1  b3 26
21 70  d5 15 c6 62
Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Vendor ID
Payload: 20
Mar 31 19:40:01 nebu pluto[22614]: | emitting length of ISAKMP Message: 136
Mar 31 19:40:01 nebu pluto[22614]: | complete state transition with STF_OK
Mar 31 19:40:01 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: transition
from state STATE_MAIN_R0 to state STATE_MAIN_R1
Mar 31 19:40:01 nebu pluto[22614]: | sending reply packet to XX.XX.XX.XX:500
(from port=500)
Mar 31 19:40:01 nebu pluto[22614]: | sending 136 bytes for STATE_MAIN_R0
through eth0:500 to XX.XX.XX.XX:500:
Mar 31 19:40:01 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1  36 a4 14
99  ea 0e 87 a5
Mar 31 19:40:01 nebu pluto[22614]: |   01 10 02 00  00 00 00 00  00 00 00
88  0d 00 00 34
Mar 31 19:40:01 nebu pluto[22614]: |   00 00 00 01  00 00 00 01  00 00 00
28  01 01 00 01
Mar 31 19:40:01 nebu pluto[22614]: |   00 00 00 20  01 01 00 00  80 0b 00
01  80 0c 0e 10
Mar 31 19:40:01 nebu pluto[22614]: |   80 01 00 05  80 03 00 01  80 02 00
02  80 04 00 02
Mar 31 19:40:01 nebu pluto[22614]: |   0d 00 00 10  4f 45 4b 42  7a 64 59
7b  77 4d 5d 40
Mar 31 19:40:01 nebu pluto[22614]: |   0d 00 00 14  af ca d7 13  68 a1 f1
c9  6b 86 96 fc
Mar 31 19:40:01 nebu pluto[22614]: |   77 57 01 00  00 00 00 14  4d f3 79
28  e9 fc 4f d1
Mar 31 19:40:01 nebu pluto[22614]: |   b3 26 21 70  d5 15 c6 62
Mar 31 19:40:01 nebu pluto[22614]: | inserting event EVENT_RETRANSMIT,
timeout in 10 seconds for #5
Mar 31 19:40:01 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5:
STATE_MAIN_R1: sent MR1, expecting MI2
Mar 31 19:40:01 nebu pluto[22614]: | modecfg pull: noquirk policy:push
not-client
Mar 31 19:40:01 nebu pluto[22614]: | phase 1 is done, looking for phase 1 to
unpend
Mar 31 19:40:01 nebu pluto[22614]: | next event EVENT_RETRANSMIT in 10
seconds for #5
Mar 31 19:40:02 nebu pluto[22619]: ! helper 0 doing build_kenonce op id: 5
Mar 31 19:40:02 nebu pluto[22614]: |
Mar 31 19:40:02 nebu pluto[22614]: | *received 228 bytes from XX.XX.XX.XX:500
on eth0 (port=500)
Mar 31 19:40:02 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1  36 a4 14
99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: |   04 10 02 00  00 00 00 00  00 00 00
e4  0a 00 00 84
Mar 31 19:40:02 nebu pluto[22614]: |   66 64 9a 34  5a 12 4e 78  5f d3 9d
c2  ba 33 df 47
Mar 31 19:40:02 nebu pluto[22614]: |   96 58 17 d7  e5 7f 04 5e  b6 03 59
48  e3 1c fb a7
Mar 31 19:40:02 nebu pluto[22614]: |   da 06 57 6e  a3 eb 07 60  88 10 d9
4b  cd 49 c3 cf
Mar 31 19:40:02 nebu pluto[22614]: |   8c b2 16 9f  df 6a 00 7e  cf 47 0b
62  b0 8c 1b bc
Mar 31 19:40:02 nebu pluto[22614]: |   90 15 84 d5  ec 5a 81 9e  5e 0f 03
b3  18 49 e0 f6
Mar 31 19:40:02 nebu pluto[22614]: |   27 4b 14 fe  84 57 59 9d  3e b9 48
89  f2 9a 8c 57
Mar 31 19:40:02 nebu pluto[22614]: |   1d fa cf 9c  50 a1 f1 e2  91 7d f6
94  7c 3b 82 00
Mar 31 19:40:02 nebu pluto[22614]: |   ec 27 34 34  cf f9 1d 31  4d 4e 6d
24  79 d4 02 2a
Mar 31 19:40:02 nebu pluto[22614]: |   0f 00 00 14  a7 6e f1 a3  0b e5 f0
f0  43 bf 3c e1
Mar 31 19:40:02 nebu pluto[22614]: |   e2 7f 1d 16  0f 00 00 18  5c 08 24
b3  74 26 78 f5
Mar 31 19:40:02 nebu pluto[22614]: |   e8 23 d1 8d  5d fb d9 b7  97 b3 3f
00  00 00 00 18
Mar 31 19:40:02 nebu pluto[22614]: |   a4 dd a0 c3  92 cc 84 ae  1b 3e e7
9f  25 79 43 8d
Mar 31 19:40:02 nebu pluto[22614]: |   6e cc 24 a3
Mar 31 19:40:02 nebu pluto[22614]: | **parse ISAKMP Message:
Mar 31 19:40:02 nebu pluto[22614]: |    initiator cookie:
Mar 31 19:40:02 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:02 nebu pluto[22614]: |    responder cookie:
Mar 31 19:40:02 nebu pluto[22614]: |   36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_KE
Mar 31 19:40:02 nebu pluto[22614]: |    ISAKMP version: ISAKMP Version 1.0
Mar 31 19:40:02 nebu pluto[22614]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar 31 19:40:02 nebu pluto[22614]: |    flags: none
Mar 31 19:40:02 nebu pluto[22614]: |    message ID:  00 00 00 00
Mar 31 19:40:02 nebu pluto[22614]: |    length: 228
Mar 31 19:40:02 nebu pluto[22614]: |  processing packet with exchange
type=ISAKMP_XCHG_IDPROT (2)
Mar 31 19:40:02 nebu pluto[22614]: | ICOOKIE:  27 e0 47 b6  99 15 5a c1
Mar 31 19:40:02 nebu pluto[22614]: | RCOOKIE:  36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: | peer:  52 ee e3 25
Mar 31 19:40:02 nebu pluto[22614]: | state hash entry 12
Mar 31 19:40:02 nebu pluto[22614]: | peer and cookies match on #5, provided
msgid 00000000 vs 00000000
Mar 31 19:40:02 nebu pluto[22614]: | state object #5 found, in STATE_MAIN_R1
Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:02 nebu pluto[22614]: | np=4 and sd=0x80e13d4
Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP Key Exchange Payload:
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONCE
Mar 31 19:40:02 nebu pluto[22614]: |    length: 132
Mar 31 19:40:02 nebu pluto[22614]: | np=10 and sd=0x80e1428
Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP Nonce Payload:
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_15
Mar 31 19:40:02 nebu pluto[22614]: |    length: 20
Mar 31 19:40:02 nebu pluto[22614]: | np=15 and sd=(nil)
Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP NAT-D Payload:
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_15
Mar 31 19:40:02 nebu pluto[22614]: |    length: 24
Mar 31 19:40:02 nebu pluto[22614]: | np=15 and sd=(nil)
Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP NAT-D Payload:
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:02 nebu pluto[22614]: |    length: 24
Mar 31 19:40:02 nebu pluto[22614]: | **emit ISAKMP Message:
Mar 31 19:40:02 nebu pluto[22614]: |    initiator cookie:
Mar 31 19:40:02 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:02 nebu pluto[22614]: |    responder cookie:
Mar 31 19:40:02 nebu pluto[22614]: |   36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_KE
Mar 31 19:40:02 nebu pluto[22614]: |    ISAKMP version: ISAKMP Version 1.0
Mar 31 19:40:02 nebu pluto[22614]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar 31 19:40:02 nebu pluto[22614]: |    flags: none
Mar 31 19:40:02 nebu pluto[22614]: |    message ID:  00 00 00 00
Mar 31 19:40:02 nebu pluto[22614]: | DH public value received:
Mar 31 19:40:02 nebu pluto[22614]: |   66 64 9a 34  5a 12 4e 78  5f d3 9d
c2  ba 33 df 47
Mar 31 19:40:02 nebu pluto[22614]: |   96 58 17 d7  e5 7f 04 5e  b6 03 59
48  e3 1c fb a7
Mar 31 19:40:02 nebu pluto[22614]: |   da 06 57 6e  a3 eb 07 60  88 10 d9
4b  cd 49 c3 cf
Mar 31 19:40:02 nebu pluto[22614]: |   8c b2 16 9f  df 6a 00 7e  cf 47 0b
62  b0 8c 1b bc
Mar 31 19:40:02 nebu pluto[22614]: |   90 15 84 d5  ec 5a 81 9e  5e 0f 03
b3  18 49 e0 f6
Mar 31 19:40:02 nebu pluto[22614]: |   27 4b 14 fe  84 57 59 9d  3e b9 48
89  f2 9a 8c 57
Mar 31 19:40:02 nebu pluto[22614]: |   1d fa cf 9c  50 a1 f1 e2  91 7d f6
94  7c 3b 82 00
Mar 31 19:40:02 nebu pluto[22614]: |   ec 27 34 34  cf f9 1d 31  4d 4e 6d
24  79 d4 02 2a
Mar 31 19:40:02 nebu pluto[22614]: | inI2: checking NAT-t: 1 and 16
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hasher=0x80e34e0(20)
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: icookie=
Mar 31 19:40:02 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: rcookie=
Mar 31 19:40:02 nebu pluto[22614]: |   36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: ip=  0a c7 25 02
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: port=500
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hash=  a2 7c 06 57  2b 40
a6 bb  96 fb 15 a1  57 d0 e7 d4
Mar 31 19:40:02 nebu pluto[22614]: |   57 05 c3 0a
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hasher=0x80e34e0(20)
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: icookie=
Mar 31 19:40:02 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: rcookie=
Mar 31 19:40:02 nebu pluto[22614]: |   36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: ip=  52 ee e3 25
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: port=500
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hash=  e3 1d de c8  45 e1
95 17  f2 54 93 1c  dd 94 4a e8
Mar 31 19:40:02 nebu pluto[22614]: |   e5 10 27 80
Mar 31 19:40:02 nebu pluto[22614]: | NAT_TRAVERSAL hash=0 (me:0) (him:0)
Mar 31 19:40:02 nebu pluto[22614]: | expected NAT-D(me):  a2 7c 06 57  2b 40
a6 bb  96 fb 15 a1  57 d0 e7 d4
Mar 31 19:40:02 nebu pluto[22614]: |   57 05 c3 0a
Mar 31 19:40:02 nebu pluto[22614]: | expected NAT-D(him):
Mar 31 19:40:02 nebu pluto[22614]: |   e3 1d de c8  45 e1 95 17  f2 54 93
1c  dd 94 4a e8
Mar 31 19:40:02 nebu pluto[22614]: |   e5 10 27 80
Mar 31 19:40:02 nebu pluto[22614]: | received NAT-D:  5c 08 24 b3  74 26 78
f5  e8 23 d1 8d  5d fb d9 b7
Mar 31 19:40:02 nebu pluto[22614]: |   97 b3 3f 00
Mar 31 19:40:02 nebu pluto[22614]: | NAT_TRAVERSAL hash=1 (me:0) (him:0)
Mar 31 19:40:02 nebu pluto[22614]: | expected NAT-D(me):  a2 7c 06 57  2b 40
a6 bb  96 fb 15 a1  57 d0 e7 d4
Mar 31 19:40:02 nebu pluto[22614]: |   57 05 c3 0a
Mar 31 19:40:02 nebu pluto[22614]: | expected NAT-D(him):
Mar 31 19:40:02 nebu pluto[22614]: |   e3 1d de c8  45 e1 95 17  f2 54 93
1c  dd 94 4a e8
Mar 31 19:40:02 nebu pluto[22614]: |   e5 10 27 80
Mar 31 19:40:02 nebu pluto[22614]: | received NAT-D:  a4 dd a0 c3  92 cc 84
ae  1b 3e e7 9f  25 79 43 8d
Mar 31 19:40:02 nebu pluto[22614]: |   6e cc 24 a3
Mar 31 19:40:02 nebu pluto[22614]: | NAT_TRAVERSAL hash=2 (me:0) (him:0)
Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5:
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): both are
NATed
Mar 31 19:40:02 nebu pluto[22614]: | 0: w->pcw_dead: 0 w->pcw_work: 0 cnt: 1
Mar 31 19:40:02 nebu pluto[22614]: | asking helper 0 to do build_kenonce op
on seq: 5
Mar 31 19:40:02 nebu pluto[22614]: | inserting event EVENT_CRYPTO_FAILED,
timeout in 300 seconds for #5
Mar 31 19:40:02 nebu pluto[22614]: | complete state transition with
STF_SUSPEND
Mar 31 19:40:02 nebu pluto[22614]: | next event EVENT_NAT_T_KEEPALIVE in 13
seconds
Mar 31 19:40:02 nebu pluto[22619]: ! Local DH secret:
Mar 31 19:40:02 nebu pluto[22619]: !   50 46 b7 51  f4 aa de 0f  30 c9 60
28  8a d3 93 7e
Mar 31 19:40:02 nebu pluto[22619]: !   ad c1 8f 0c  8f 8e 3b ed  5f af 84
52  cf 99 f2 4d
Mar 31 19:40:02 nebu pluto[22619]: ! Public DH value sent:
Mar 31 19:40:02 nebu pluto[22619]: !   fd 14 c6 6c  f7 25 76 a6  2c 7f b2
6b  cc b6 1e cf
Mar 31 19:40:02 nebu pluto[22619]: !   d3 82 ee f9  8f ca bf 56  e7 bf 1a
96  c3 b4 b4 d4
Mar 31 19:40:02 nebu pluto[22619]: !   7a 6c 7e 0c  e9 2c c8 80  0b 2b 22
2b  bd 94 ac 2a
Mar 31 19:40:02 nebu pluto[22619]: !   97 54 3b 5a  56 04 1f 36  d1 08 41
7c  b4 73 9b a2
Mar 31 19:40:02 nebu pluto[22619]: !   a4 a5 ef 01  1d 72 ff ad  f8 f6 22
cf  7c ff 07 dd
Mar 31 19:40:02 nebu pluto[22619]: !   62 8d 60 88  8c ed d9 65  8a 71 bd
e2  05 c2 61 47
Mar 31 19:40:02 nebu pluto[22619]: !   61 1e 32 3d  04 39 67 69  44 c3 29
1a  3c 13 06 c4
Mar 31 19:40:02 nebu pluto[22619]: !   e7 fa 0b 23  5c d9 31 f2  39 40 63
fb  fa df bb de
Mar 31 19:40:02 nebu pluto[22619]: ! Generated nonce:
Mar 31 19:40:02 nebu pluto[22619]: !   79 7e 0b 30  06 72 bc 4b  43 ac 72
92  52 cb 61 39
Mar 31 19:40:02 nebu pluto[22614]: | helper 0 has work (cnt now 0)
Mar 31 19:40:02 nebu pluto[22614]: | helper 0 replies to sequence 5
Mar 31 19:40:02 nebu pluto[22614]: | calling callback function 0x8063790
Mar 31 19:40:02 nebu pluto[22614]: | main inI2_outR2: calculated ke+nonce,
sending R2
Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:02 nebu pluto[22614]: | ***emit ISAKMP Key Exchange Payload:
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONCE
Mar 31 19:40:02 nebu pluto[22614]: | emitting 128 raw bytes of keyex value
into ISAKMP Key Exchange Payload
Mar 31 19:40:02 nebu pluto[22614]: | keyex value  fd 14 c6 6c  f7 25 76 a6
2c 7f b2 6b  cc b6 1e cf
Mar 31 19:40:02 nebu pluto[22614]: |   d3 82 ee f9  8f ca bf 56  e7 bf 1a
96  c3 b4 b4 d4
Mar 31 19:40:02 nebu pluto[22614]: |   7a 6c 7e 0c  e9 2c c8 80  0b 2b 22
2b  bd 94 ac 2a
Mar 31 19:40:02 nebu pluto[22614]: |   97 54 3b 5a  56 04 1f 36  d1 08 41
7c  b4 73 9b a2
Mar 31 19:40:02 nebu pluto[22614]: |   a4 a5 ef 01  1d 72 ff ad  f8 f6 22
cf  7c ff 07 dd
Mar 31 19:40:02 nebu pluto[22614]: |   62 8d 60 88  8c ed d9 65  8a 71 bd
e2  05 c2 61 47
Mar 31 19:40:02 nebu pluto[22614]: |   61 1e 32 3d  04 39 67 69  44 c3 29
1a  3c 13 06 c4
Mar 31 19:40:02 nebu pluto[22614]: |   e7 fa 0b 23  5c d9 31 f2  39 40 63
fb  fa df bb de
Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP Key Exchange
Payload: 132
Mar 31 19:40:02 nebu pluto[22614]: | ***emit ISAKMP Nonce Payload:
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:02 nebu pluto[22614]: | emitting 16 raw bytes of Nr into ISAKMP
Nonce Payload
Mar 31 19:40:02 nebu pluto[22614]: | Nr  79 7e 0b 30  06 72 bc 4b  43 ac 72
92  52 cb 61 39
Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP Nonce
Payload: 20
Mar 31 19:40:02 nebu pluto[22614]: | sending NATD payloads
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hasher=0x80e34e0(20)
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: icookie=
Mar 31 19:40:02 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: rcookie=
Mar 31 19:40:02 nebu pluto[22614]: |   36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: ip=  52 ee e3 25
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: port=0
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hash=  a2 60 40 d9  7d d6
7f f9  49 89 be 62  43 82 24 f4
Mar 31 19:40:02 nebu pluto[22614]: |   f8 77 55 98
Mar 31 19:40:02 nebu pluto[22614]: | ***emit ISAKMP NAT-D Payload:
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_15
Mar 31 19:40:02 nebu pluto[22614]: | emitting 20 raw bytes of NAT-D into
ISAKMP NAT-D Payload
Mar 31 19:40:02 nebu pluto[22614]: | NAT-D  a2 60 40 d9  7d d6 7f f9  49 89
be 62  43 82 24 f4
Mar 31 19:40:02 nebu pluto[22614]: |   f8 77 55 98
Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP NAT-D
Payload: 24
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hasher=0x80e34e0(20)
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: icookie=
Mar 31 19:40:02 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: rcookie=
Mar 31 19:40:02 nebu pluto[22614]: |   36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: ip=  0a c7 25 02
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: port=0
Mar 31 19:40:02 nebu pluto[22614]: | _natd_hash: hash=  62 f7 70 f7  c6 fe
6f 03  f4 24 8a e9  c3 82 10 10
Mar 31 19:40:02 nebu pluto[22614]: |   e2 27 1f 1b
Mar 31 19:40:02 nebu pluto[22614]: | ***emit ISAKMP NAT-D Payload:
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:02 nebu pluto[22614]: | emitting 20 raw bytes of NAT-D into
ISAKMP NAT-D Payload
Mar 31 19:40:02 nebu pluto[22614]: | NAT-D  62 f7 70 f7  c6 fe 6f 03  f4 24
8a e9  c3 82 10 10
Mar 31 19:40:02 nebu pluto[22614]: |   e2 27 1f 1b
Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP NAT-D
Payload: 24
Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP Message: 228
Mar 31 19:40:02 nebu pluto[22614]: | started looking for secret for
10.199.37.2->192.168.0.12 of kind PPK_PSK
Mar 31 19:40:02 nebu pluto[22614]: | replace him to 0.0.0.0
Mar 31 19:40:02 nebu pluto[22614]: | actually looking for secret for
10.199.37.2->0.0.0.0 of kind PPK_PSK
Mar 31 19:40:02 nebu pluto[22614]: | 1: compared PSK 0.0.0.0 to 10.199.37.2/
192.168.0.12 -> 2
Mar 31 19:40:02 nebu pluto[22614]: | 2: compared PSK 10.199.37.2 to
10.199.37.2 / 192.168.0.12 -> 6
Mar 31 19:40:02 nebu pluto[22614]: | best_match 0>6 best=0x80faed8 (line=10)
Mar 31 19:40:02 nebu pluto[22614]: | concluding with best_match=6
best=0x80faed8 (lineno=10)
Mar 31 19:40:02 nebu pluto[22614]: | calc_dh_shared(): time elapsed
(OAKLEY_GROUP_MODP1024): 4096 usec
Mar 31 19:40:02 nebu pluto[22614]: | DH shared secret:
Mar 31 19:40:02 nebu pluto[22614]: |   2c d4 27 d6  ad 9a ae ae  a6 d5 fa
93  bd a6 80 7d
Mar 31 19:40:02 nebu pluto[22614]: |   12 af d2 e1  6c da f5 20  f8 06 be
56  09 ee 09 bc
Mar 31 19:40:02 nebu pluto[22614]: |   37 c6 e8 6a  d7 01 40 d5  cc df f5
64  7c 40 4b 5a
Mar 31 19:40:02 nebu pluto[22614]: |   e5 4c 3b b7  0e d2 0f e1  e8 77 be
5f  a6 a3 11 37
Mar 31 19:40:02 nebu pluto[22614]: |   9f 96 3e 17  9d 3a 26 ba  87 a2 16
39  f0 11 e6 61
Mar 31 19:40:02 nebu pluto[22614]: |   c3 52 1e 97  fb b1 e3 39  19 9c 60
ae  fb e9 88 19
Mar 31 19:40:02 nebu pluto[22614]: |   30 c2 57 00  8e f5 0b 24  79 25 70
d1  2e dd 23 77
Mar 31 19:40:02 nebu pluto[22614]: |   c5 ce 31 76  19 cd 2d 6d  0d e4 54
24  68 bb d7 34
Mar 31 19:40:02 nebu pluto[22614]: | Skey inputs (PSK+NI+NR)
Mar 31 19:40:02 nebu pluto[22614]: | ni:   a7 6e f1 a3  0b e5 f0 f0  43 bf
3c e1  e2 7f 1d 16
Mar 31 19:40:02 nebu pluto[22614]: | nr:   79 7e 0b 30  06 72 bc 4b  43 ac
72 92  52 cb 61 39
Mar 31 19:40:02 nebu pluto[22614]: | keyid:   d3 99 c6 3b  50 46 8e d0  af
cb 83 36  10 bc e0 13
Mar 31 19:40:02 nebu pluto[22614]: |   4b 91 70 5f
Mar 31 19:40:02 nebu pluto[22614]: | DH_i:  66 64 9a 34  5a 12 4e 78  5f d3
9d c2  ba 33 df 47
Mar 31 19:40:02 nebu pluto[22614]: |   96 58 17 d7  e5 7f 04 5e  b6 03 59
48  e3 1c fb a7
Mar 31 19:40:02 nebu pluto[22614]: |   da 06 57 6e  a3 eb 07 60  88 10 d9
4b  cd 49 c3 cf
Mar 31 19:40:02 nebu pluto[22614]: |   8c b2 16 9f  df 6a 00 7e  cf 47 0b
62  b0 8c 1b bc
Mar 31 19:40:02 nebu pluto[22614]: |   90 15 84 d5  ec 5a 81 9e  5e 0f 03
b3  18 49 e0 f6
Mar 31 19:40:02 nebu pluto[22614]: |   27 4b 14 fe  84 57 59 9d  3e b9 48
89  f2 9a 8c 57
Mar 31 19:40:02 nebu pluto[22614]: |   1d fa cf 9c  50 a1 f1 e2  91 7d f6
94  7c 3b 82 00
Mar 31 19:40:02 nebu pluto[22614]: |   ec 27 34 34  cf f9 1d 31  4d 4e 6d
24  79 d4 02 2a
Mar 31 19:40:02 nebu pluto[22614]: | DH_r:  fd 14 c6 6c  f7 25 76 a6  2c 7f
b2 6b  cc b6 1e cf
Mar 31 19:40:02 nebu pluto[22614]: |   d3 82 ee f9  8f ca bf 56  e7 bf 1a
96  c3 b4 b4 d4
Mar 31 19:40:02 nebu pluto[22614]: |   7a 6c 7e 0c  e9 2c c8 80  0b 2b 22
2b  bd 94 ac 2a
Mar 31 19:40:02 nebu pluto[22614]: |   97 54 3b 5a  56 04 1f 36  d1 08 41
7c  b4 73 9b a2
Mar 31 19:40:02 nebu pluto[22614]: |   a4 a5 ef 01  1d 72 ff ad  f8 f6 22
cf  7c ff 07 dd
Mar 31 19:40:02 nebu pluto[22614]: |   62 8d 60 88  8c ed d9 65  8a 71 bd
e2  05 c2 61 47
Mar 31 19:40:02 nebu pluto[22614]: |   61 1e 32 3d  04 39 67 69  44 c3 29
1a  3c 13 06 c4
Mar 31 19:40:02 nebu pluto[22614]: |   e7 fa 0b 23  5c d9 31 f2  39 40 63
fb  fa df bb de
Mar 31 19:40:02 nebu pluto[22614]: | Skeyid:    d3 99 c6 3b  50 46 8e d0  af
cb 83 36  10 bc e0 13
Mar 31 19:40:02 nebu pluto[22614]: |   4b 91 70 5f
Mar 31 19:40:02 nebu pluto[22614]: | Skeyid_d:  59 ab 63 b7  d3 e8 bc 0d  06
5f 5f 0c  5d 21 19 4c
Mar 31 19:40:02 nebu pluto[22614]: |   f3 e4 44 0a
Mar 31 19:40:02 nebu pluto[22614]: | Skeyid_a:  61 c0 65 dc  44 03 81 d3  87
e1 8a 7e  5b 4f f8 70
Mar 31 19:40:02 nebu pluto[22614]: |   f1 99 c2 c7
Mar 31 19:40:02 nebu pluto[22614]: | Skeyid_e:  c1 da d0 c6  46 7b 64 b8  e8
4e 34 fc  bd 05 dc 4e
Mar 31 19:40:02 nebu pluto[22614]: |   df 73 cb e5
Mar 31 19:40:02 nebu pluto[22614]: | enc key:  d3 93 81 10  70 aa 93 55  d0
b2 32 d1  4d ca 14 47
Mar 31 19:40:02 nebu pluto[22614]: |   f1 39 65 61  8f 45 4f 69
Mar 31 19:40:02 nebu pluto[22614]: | IV:  05 d3 48 04  11 de 52 2b  38 f6 bf
f7  a6 b1 19 31
Mar 31 19:40:02 nebu pluto[22614]: |   7d a1 fd f1
Mar 31 19:40:02 nebu pluto[22614]: | complete state transition with STF_OK
Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: transition
from state STATE_MAIN_R1 to state STATE_MAIN_R2
Mar 31 19:40:02 nebu pluto[22614]: | sending reply packet to XX.XX.XX.XX:500
(from port=500)
Mar 31 19:40:02 nebu pluto[22614]: | sending 228 bytes for STATE_MAIN_R1
through eth0:500 to XX.XX.XX.XX:500:
Mar 31 19:40:02 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1  36 a4 14
99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: |   04 10 02 00  00 00 00 00  00 00 00
e4  0a 00 00 84
Mar 31 19:40:02 nebu pluto[22614]: |   fd 14 c6 6c  f7 25 76 a6  2c 7f b2
6b  cc b6 1e cf
Mar 31 19:40:02 nebu pluto[22614]: |   d3 82 ee f9  8f ca bf 56  e7 bf 1a
96  c3 b4 b4 d4
Mar 31 19:40:02 nebu pluto[22614]: |   7a 6c 7e 0c  e9 2c c8 80  0b 2b 22
2b  bd 94 ac 2a
Mar 31 19:40:02 nebu pluto[22614]: |   97 54 3b 5a  56 04 1f 36  d1 08 41
7c  b4 73 9b a2
Mar 31 19:40:02 nebu pluto[22614]: |   a4 a5 ef 01  1d 72 ff ad  f8 f6 22
cf  7c ff 07 dd
Mar 31 19:40:02 nebu pluto[22614]: |   62 8d 60 88  8c ed d9 65  8a 71 bd
e2  05 c2 61 47
Mar 31 19:40:02 nebu pluto[22614]: |   61 1e 32 3d  04 39 67 69  44 c3 29
1a  3c 13 06 c4
Mar 31 19:40:02 nebu pluto[22614]: |   e7 fa 0b 23  5c d9 31 f2  39 40 63
fb  fa df bb de
Mar 31 19:40:02 nebu pluto[22614]: |   0f 00 00 14  79 7e 0b 30  06 72 bc
4b  43 ac 72 92
Mar 31 19:40:02 nebu pluto[22614]: |   52 cb 61 39  0f 00 00 18  a2 60 40
d9  7d d6 7f f9
Mar 31 19:40:02 nebu pluto[22614]: |   49 89 be 62  43 82 24 f4  f8 77 55
98  00 00 00 18
Mar 31 19:40:02 nebu pluto[22614]: |   62 f7 70 f7  c6 fe 6f 03  f4 24 8a
e9  c3 82 10 10
Mar 31 19:40:02 nebu pluto[22614]: |   e2 27 1f 1b
Mar 31 19:40:02 nebu pluto[22614]: | inserting event EVENT_RETRANSMIT,
timeout in 10 seconds for #5
Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5:
STATE_MAIN_R2: sent MR2, expecting MI3
Mar 31 19:40:02 nebu pluto[22614]: | modecfg pull: noquirk policy:push
not-client
Mar 31 19:40:02 nebu pluto[22614]: | phase 1 is done, looking for phase 1 to
unpend
Mar 31 19:40:02 nebu pluto[22614]: | next event EVENT_RETRANSMIT in 10
seconds for #5
Mar 31 19:40:02 nebu pluto[22614]: |
Mar 31 19:40:02 nebu pluto[22614]: | *received 68 bytes from XX.XX.XX.XX:4500
on eth0 (port=4500)
Mar 31 19:40:02 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1  36 a4 14
99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: |   05 10 02 01  00 00 00 00  00 00 00
44  2e 0f 0c 11
Mar 31 19:40:02 nebu pluto[22614]: |   9f ea 77 64  90 5e 9f 0f  e3 07 08
84  18 c0 e6 c0
Mar 31 19:40:02 nebu pluto[22614]: |   c0 27 59 15  8d 02 79 a4  16 ec 06
9a  36 25 a4 8f
Mar 31 19:40:02 nebu pluto[22614]: |   93 91 f4 b7
Mar 31 19:40:02 nebu pluto[22614]: | **parse ISAKMP Message:
Mar 31 19:40:02 nebu pluto[22614]: |    initiator cookie:
Mar 31 19:40:02 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:02 nebu pluto[22614]: |    responder cookie:
Mar 31 19:40:02 nebu pluto[22614]: |   36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_ID
Mar 31 19:40:02 nebu pluto[22614]: |    ISAKMP version: ISAKMP Version 1.0
Mar 31 19:40:02 nebu pluto[22614]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar 31 19:40:02 nebu pluto[22614]: |    flags: ISAKMP_FLAG_ENCRYPTION
Mar 31 19:40:02 nebu pluto[22614]: |    message ID:  00 00 00 00
Mar 31 19:40:02 nebu pluto[22614]: |    length: 68
Mar 31 19:40:02 nebu pluto[22614]: |  processing packet with exchange
type=ISAKMP_XCHG_IDPROT (2)
Mar 31 19:40:02 nebu pluto[22614]: | ICOOKIE:  27 e0 47 b6  99 15 5a c1
Mar 31 19:40:02 nebu pluto[22614]: | RCOOKIE:  36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: | peer:  52 ee e3 25
Mar 31 19:40:02 nebu pluto[22614]: | state hash entry 12
Mar 31 19:40:02 nebu pluto[22614]: | peer and cookies match on #5, provided
msgid 00000000 vs 00000000
Mar 31 19:40:02 nebu pluto[22614]: | state object #5 found, in STATE_MAIN_R2
Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:02 nebu pluto[22614]: | received encrypted packet from
XX.XX.XX.XX:4500
Mar 31 19:40:02 nebu pluto[22614]: | decrypting 40 bytes using algorithm
OAKLEY_3DES_CBC
Mar 31 19:40:02 nebu pluto[22614]: | decrypted:
Mar 31 19:40:02 nebu pluto[22614]: |   08 00 00 0c  01 11 01 f4  c0 a8 00
0c  00 00 00 18
Mar 31 19:40:02 nebu pluto[22614]: |   77 1b c3 c9  6f 3a 16 70  c0 16 70
58  cc 94 21 e9
Mar 31 19:40:02 nebu pluto[22614]: |   4e 78 32 50  00 00 00 04
Mar 31 19:40:02 nebu pluto[22614]: | next IV:  36 25 a4 8f  93 91 f4 b7
Mar 31 19:40:02 nebu pluto[22614]: | np=5 and sd=(nil)
Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP Identification Payload:
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_HASH
Mar 31 19:40:02 nebu pluto[22614]: |    length: 12
Mar 31 19:40:02 nebu pluto[22614]: |    ID type: ID_IPV4_ADDR
Mar 31 19:40:02 nebu pluto[22614]: |    DOI specific A: 17
Mar 31 19:40:02 nebu pluto[22614]: |    DOI specific B: 500
Mar 31 19:40:02 nebu pluto[22614]: | np=8 and sd=0x80e1410
Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP Hash Payload:
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:02 nebu pluto[22614]: |    length: 24
Mar 31 19:40:02 nebu pluto[22614]: | removing 4 bytes of padding
Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: Main mode
peer ID is ID_IPV4_ADDR: '192.168.0.12'
Mar 31 19:40:02 nebu pluto[22614]: | refine_connection: starting with iphone
Mar 31 19:40:02 nebu pluto[22614]: |   trusted_ca called with a=(empty)
b=(empty)
Mar 31 19:40:02 nebu pluto[22614]: | refine_connection: happy with starting
point: iphone
Mar 31 19:40:02 nebu pluto[22614]: | offered CA: '%none'
Mar 31 19:40:02 nebu pluto[22614]: | hashing 48 bytes of SA
Mar 31 19:40:02 nebu pluto[22614]: | authentication succeeded
Mar 31 19:40:02 nebu pluto[22614]: | thinking about whether to send my
certificate:
Mar 31 19:40:02 nebu pluto[22614]: |   I have RSA key: OAKLEY_PRESHARED_KEY
cert.type: CERT_NONE
Mar 31 19:40:02 nebu pluto[22614]: |   sendcert: CERT_ALWAYSSEND and I did
not get a certificate request
Mar 31 19:40:02 nebu pluto[22614]: |   so do not send cert.
Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: I did not
send a certificate because I do not have one.
Mar 31 19:40:02 nebu pluto[22614]: | **emit ISAKMP Message:
Mar 31 19:40:02 nebu pluto[22614]: |    initiator cookie:
Mar 31 19:40:02 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:02 nebu pluto[22614]: |    responder cookie:
Mar 31 19:40:02 nebu pluto[22614]: |   36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_ID
Mar 31 19:40:02 nebu pluto[22614]: |    ISAKMP version: ISAKMP Version 1.0
Mar 31 19:40:02 nebu pluto[22614]: |    exchange type: ISAKMP_XCHG_IDPROT
Mar 31 19:40:02 nebu pluto[22614]: |    flags: ISAKMP_FLAG_ENCRYPTION
Mar 31 19:40:02 nebu pluto[22614]: |    message ID:  00 00 00 00
Mar 31 19:40:02 nebu pluto[22614]: | ***emit ISAKMP Identification Payload
(IPsec DOI):
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_HASH
Mar 31 19:40:02 nebu pluto[22614]: |    ID type: ID_IPV4_ADDR
Mar 31 19:40:02 nebu pluto[22614]: |    Protocol ID: 0
Mar 31 19:40:02 nebu pluto[22614]: |    port: 0
Mar 31 19:40:02 nebu pluto[22614]: | emitting 4 raw bytes of my identity
into ISAKMP Identification Payload (IPsec DOI)
Mar 31 19:40:02 nebu pluto[22614]: | my identity  0a c7 25 02
Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP
Identification Payload (IPsec DOI): 12
Mar 31 19:40:02 nebu pluto[22614]: | hashing 48 bytes of SA
Mar 31 19:40:02 nebu pluto[22614]: | ***emit ISAKMP Hash Payload:
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:02 nebu pluto[22614]: | emitting 20 raw bytes of HASH_R into
ISAKMP Hash Payload
Mar 31 19:40:02 nebu pluto[22614]: | HASH_R  31 c7 db 4f  1a af 58 af  1f d7
cc 47  96 75 2e a5
Mar 31 19:40:02 nebu pluto[22614]: |   ac 83 3f af
Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP Hash Payload:
24
Mar 31 19:40:02 nebu pluto[22614]: | encrypting:
Mar 31 19:40:02 nebu pluto[22614]: |   08 00 00 0c  01 00 00 00  0a c7 25
02  00 00 00 18
Mar 31 19:40:02 nebu pluto[22614]: |   31 c7 db 4f  1a af 58 af  1f d7 cc
47  96 75 2e a5
Mar 31 19:40:02 nebu pluto[22614]: |   ac 83 3f af
Mar 31 19:40:02 nebu pluto[22614]: | IV:
Mar 31 19:40:02 nebu pluto[22614]: |   36 25 a4 8f  93 91 f4 b7
Mar 31 19:40:02 nebu pluto[22614]: | emitting 4 zero bytes of encryption
padding into ISAKMP Message
Mar 31 19:40:02 nebu pluto[22614]: | encrypting using OAKLEY_3DES_CBC
Mar 31 19:40:02 nebu pluto[22614]: | next IV:  ad ea 68 be  a9 72 0c 08
Mar 31 19:40:02 nebu pluto[22614]: | emitting length of ISAKMP Message: 68
Mar 31 19:40:02 nebu pluto[22614]: | last encrypted block of Phase 1:
Mar 31 19:40:02 nebu pluto[22614]: |   ad ea 68 be  a9 72 0c 08
Mar 31 19:40:02 nebu pluto[22614]: | complete state transition with STF_OK
Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: transition
from state STATE_MAIN_R2 to state STATE_MAIN_R3
Mar 31 19:40:02 nebu pluto[22614]: | sending reply packet to XX.XX.XX.XX:500
(from port=500)
Mar 31 19:40:02 nebu pluto[22614]: | NAT-T: new mapping XX.XX.XX.XX
:500/4500)
Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:02 nebu pluto[22614]: | NAT-T: updating local port to 4500
Mar 31 19:40:02 nebu pluto[22614]: | NAT-T connection has wrong interface
definition 10.199.37.2:4500 vs 10.199.37.2:500
Mar 31 19:40:02 nebu pluto[22614]: | NAT-T: using interface eth0:4500
Mar 31 19:40:02 nebu pluto[22614]: | sending 68 bytes for STATE_MAIN_R2
through eth0:4500 to XX.XX.XX.XX:4500:
Mar 31 19:40:02 nebu pluto[22614]: |   00 00 00 00  27 e0 47 b6  99 15 5a
c1  36 a4 14 99
Mar 31 19:40:02 nebu pluto[22614]: |   ea 0e 87 a5  05 10 02 01  00 00 00
00  00 00 00 44
Mar 31 19:40:02 nebu pluto[22614]: |   b6 3a 84 2f  c3 87 48 5d  ae a1 e1
4a  fa 56 af 1c
Mar 31 19:40:02 nebu pluto[22614]: |   c8 8a 51 72  77 7b ea 9d  21 77 4a
80  39 fe 77 05
Mar 31 19:40:02 nebu pluto[22614]: |   ad ea 68 be  a9 72 0c 08
Mar 31 19:40:02 nebu pluto[22614]: | inserting event EVENT_SA_REPLACE,
timeout in 3330 seconds for #5
Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
Mar 31 19:40:02 nebu pluto[22614]: | modecfg pull: noquirk policy:push
not-client
Mar 31 19:40:02 nebu pluto[22614]: | phase 1 is done, looking for phase 1 to
unpend
Mar 31 19:40:02 nebu pluto[22614]: | next event EVENT_NAT_T_KEEPALIVE in 13
seconds
Mar 31 19:40:02 nebu pluto[22614]: |
Mar 31 19:40:02 nebu pluto[22614]: | *received 84 bytes from XX.XX.XX.XX:4500
on eth0 (port=4500)
Mar 31 19:40:02 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1  36 a4 14
99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: |   08 10 05 01  ba 0c dc bd  00 00 00
54  b5 cd 64 6a
Mar 31 19:40:02 nebu pluto[22614]: |   63 31 60 7c  28 c7 c2 1f  e6 a6 95
56  20 a8 2d c7
Mar 31 19:40:02 nebu pluto[22614]: |   cc 43 0f d3  9e 8e d7 45  99 60 52
7e  24 6a 8b 6f
Mar 31 19:40:02 nebu pluto[22614]: |   0e 47 61 3e  98 f0 7f d4  18 2a be
71  c8 75 a4 65
Mar 31 19:40:02 nebu pluto[22614]: |   10 67 65 52
Mar 31 19:40:02 nebu pluto[22614]: | **parse ISAKMP Message:
Mar 31 19:40:02 nebu pluto[22614]: |    initiator cookie:
Mar 31 19:40:02 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:02 nebu pluto[22614]: |    responder cookie:
Mar 31 19:40:02 nebu pluto[22614]: |   36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_HASH
Mar 31 19:40:02 nebu pluto[22614]: |    ISAKMP version: ISAKMP Version 1.0
Mar 31 19:40:02 nebu pluto[22614]: |    exchange type: ISAKMP_XCHG_INFO
Mar 31 19:40:02 nebu pluto[22614]: |    flags: ISAKMP_FLAG_ENCRYPTION
Mar 31 19:40:02 nebu pluto[22614]: |    message ID:  ba 0c dc bd
Mar 31 19:40:02 nebu pluto[22614]: |    length: 84
Mar 31 19:40:02 nebu pluto[22614]: |  processing packet with exchange
type=ISAKMP_XCHG_INFO (5)
Mar 31 19:40:02 nebu pluto[22614]: | ICOOKIE:  27 e0 47 b6  99 15 5a c1
Mar 31 19:40:02 nebu pluto[22614]: | RCOOKIE:  36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: | peer:  52 ee e3 25
Mar 31 19:40:02 nebu pluto[22614]: | state hash entry 12
Mar 31 19:40:02 nebu pluto[22614]: | peer and cookies match on #5, provided
msgid 00000000 vs 00000000/00000000
Mar 31 19:40:02 nebu pluto[22614]: | p15 state object #5 found, in
STATE_MAIN_R3
Mar 31 19:40:02 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:02 nebu pluto[22614]: | last Phase 1 IV:  ad ea 68 be  a9 72 0c
08
Mar 31 19:40:02 nebu pluto[22614]: | current Phase 1 IV:  ad ea 68 be  a9 72
0c 08
Mar 31 19:40:02 nebu pluto[22614]: | computed Phase 2 IV:
Mar 31 19:40:02 nebu pluto[22614]: |   f3 05 4e 35  d8 5c 6d f0  61 78 ba
73  8c 25 a1 c2
Mar 31 19:40:02 nebu pluto[22614]: |   0b e7 b3 75
Mar 31 19:40:02 nebu pluto[22614]: | received encrypted packet from
XX.XX.XX.XX:4500
Mar 31 19:40:02 nebu pluto[22614]: | decrypting 56 bytes using algorithm
OAKLEY_3DES_CBC
Mar 31 19:40:02 nebu pluto[22614]: | decrypted:
Mar 31 19:40:02 nebu pluto[22614]: |   0b 00 00 18  8b f9 a2 48  8f 44 49
b7  d4 24 d8 d6
Mar 31 19:40:02 nebu pluto[22614]: |   d1 27 a2 c7  fa 26 81 9a  00 00 00
1c  00 00 00 01
Mar 31 19:40:02 nebu pluto[22614]: |   01 10 60 02  27 e0 47 b6  99 15 5a
c1  36 a4 14 99
Mar 31 19:40:02 nebu pluto[22614]: |   ea 0e 87 a5  00 00 00 04
Mar 31 19:40:02 nebu pluto[22614]: | next IV:  c8 75 a4 65  10 67 65 52
Mar 31 19:40:02 nebu pluto[22614]: | np=8 and sd=0x80e1410
Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP Hash Payload:
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_N
Mar 31 19:40:02 nebu pluto[22614]: |    length: 24
Mar 31 19:40:02 nebu pluto[22614]: | np=11 and sd=0x80e1434
Mar 31 19:40:02 nebu pluto[22614]: | ***parse ISAKMP Notification Payload:
Mar 31 19:40:02 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:02 nebu pluto[22614]: |    length: 28
Mar 31 19:40:02 nebu pluto[22614]: |    DOI: ISAKMP_DOI_IPSEC
Mar 31 19:40:02 nebu pluto[22614]: |    protocol ID: 1
Mar 31 19:40:02 nebu pluto[22614]: |    SPI size: 16
Mar 31 19:40:02 nebu pluto[22614]: |    Notify Message Type:
IPSEC_INITIAL_CONTACT
Mar 31 19:40:02 nebu pluto[22614]: | removing 4 bytes of padding
Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: ignoring
informational payload, type IPSEC_INITIAL_CONTACT
Mar 31 19:40:02 nebu pluto[22614]: | info:  27 e0 47 b6  99 15 5a c1  36 a4
14 99  ea 0e 87 a5
Mar 31 19:40:02 nebu pluto[22614]: | processing informational
IPSEC_INITIAL_CONTACT (24578)
Mar 31 19:40:02 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #5: received and
ignored informational message
Mar 31 19:40:02 nebu pluto[22614]: | complete state transition with
STF_IGNORE
Mar 31 19:40:02 nebu pluto[22614]: | next event EVENT_NAT_T_KEEPALIVE in 13
seconds
Mar 31 19:40:03 nebu pluto[22619]: ! helper 0 doing build_nonce op id: 6
Mar 31 19:40:03 nebu pluto[22619]: ! Generated nonce:
Mar 31 19:40:03 nebu pluto[22619]: !   55 5f 07 15  7f 7b ac ba  ac 0a 0c
1f  db 8e 30 2e
Mar 31 19:40:03 nebu pluto[22614]: |
Mar 31 19:40:03 nebu pluto[22614]: | *received 228 bytes from XX.XX.XX.XX:4500
on eth0 (port=4500)
Mar 31 19:40:03 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1  36 a4 14
99  ea 0e 87 a5
Mar 31 19:40:03 nebu pluto[22614]: |   08 10 20 01  bb b5 56 85  00 00 00
e4  21 1d 75 f6
Mar 31 19:40:03 nebu pluto[22614]: |   a5 f4 1c d0  9e 28 5e 06  e4 b4 f8
3b  d6 a0 66 4f
Mar 31 19:40:03 nebu pluto[22614]: |   a5 6a f3 59  bd 40 ab 66  02 bd d8
18  61 78 43 67
Mar 31 19:40:03 nebu pluto[22614]: |   fc 8c f0 05  9b 6c 07 03  ab f5 c5
7a  57 86 17 e8
Mar 31 19:40:03 nebu pluto[22614]: |   cc 0b 9c c5  c2 1b d9 c8  c1 02 d0
30  c3 31 f3 ed
Mar 31 19:40:03 nebu pluto[22614]: |   f3 04 bf af  22 70 26 9d  fa b3 0a
27  a1 09 d6 7f
Mar 31 19:40:03 nebu pluto[22614]: |   0d 40 47 b7  4c d4 c2 be  97 16 6d
6d  89 06 d8 1c
Mar 31 19:40:03 nebu pluto[22614]: |   47 fe 92 4d  64 5f bc 2e  0b 36 da
53  9d 1e 7d 8b
Mar 31 19:40:03 nebu pluto[22614]: |   0a 08 f0 d6  87 9d 8c 6b  51 1f 15
62  a0 df 8f 9a
Mar 31 19:40:03 nebu pluto[22614]: |   77 dc 64 e6  bc 4e 38 78  86 25 b4
04  87 ae 0b d6
Mar 31 19:40:03 nebu pluto[22614]: |   5a 7b bc e4  03 b5 79 75  a3 ef e9
b4  2e 40 df b8
Mar 31 19:40:03 nebu pluto[22614]: |   d5 e6 83 95  d7 41 39 2b  e1 a3 5a
ac  8f 0b 2f f6
Mar 31 19:40:03 nebu pluto[22614]: |   dc 70 a7 ec  03 f2 ae b1  41 51 4b
7f  b3 81 41 80
Mar 31 19:40:03 nebu pluto[22614]: |   c0 e1 af b6
Mar 31 19:40:03 nebu pluto[22614]: | **parse ISAKMP Message:
Mar 31 19:40:03 nebu pluto[22614]: |    initiator cookie:
Mar 31 19:40:03 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:03 nebu pluto[22614]: |    responder cookie:
Mar 31 19:40:03 nebu pluto[22614]: |   36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_HASH
Mar 31 19:40:03 nebu pluto[22614]: |    ISAKMP version: ISAKMP Version 1.0
Mar 31 19:40:03 nebu pluto[22614]: |    exchange type: ISAKMP_XCHG_QUICK
Mar 31 19:40:03 nebu pluto[22614]: |    flags: ISAKMP_FLAG_ENCRYPTION
Mar 31 19:40:03 nebu pluto[22614]: |    message ID:  bb b5 56 85
Mar 31 19:40:03 nebu pluto[22614]: |    length: 228
Mar 31 19:40:03 nebu pluto[22614]: |  processing packet with exchange
type=ISAKMP_XCHG_QUICK (32)
Mar 31 19:40:03 nebu pluto[22614]: | ICOOKIE:  27 e0 47 b6  99 15 5a c1
Mar 31 19:40:03 nebu pluto[22614]: | RCOOKIE:  36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:03 nebu pluto[22614]: | peer:  52 ee e3 25
Mar 31 19:40:03 nebu pluto[22614]: | state hash entry 12
Mar 31 19:40:03 nebu pluto[22614]: | peer and cookies match on #5, provided
msgid bbb55685 vs 00000000
Mar 31 19:40:03 nebu pluto[22614]: | state object not found
Mar 31 19:40:03 nebu pluto[22614]: | ICOOKIE:  27 e0 47 b6  99 15 5a c1
Mar 31 19:40:03 nebu pluto[22614]: | RCOOKIE:  36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:03 nebu pluto[22614]: | peer:  52 ee e3 25
Mar 31 19:40:03 nebu pluto[22614]: | state hash entry 12
Mar 31 19:40:03 nebu pluto[22614]: | peer and cookies match on #5, provided
msgid 00000000 vs 00000000
Mar 31 19:40:03 nebu pluto[22614]: | state object #5 found, in STATE_MAIN_R3
Mar 31 19:40:03 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:03 nebu pluto[22614]: | last Phase 1 IV:  ad ea 68 be  a9 72 0c
08
Mar 31 19:40:03 nebu pluto[22614]: | current Phase 1 IV:  ad ea 68 be  a9 72
0c 08
Mar 31 19:40:03 nebu pluto[22614]: | computed Phase 2 IV:
Mar 31 19:40:03 nebu pluto[22614]: |   38 f2 6b 5c  7c e4 26 93  6d cb 56
01  be 49 a2 b7
Mar 31 19:40:03 nebu pluto[22614]: |   47 e2 30 00
Mar 31 19:40:03 nebu pluto[22614]: | received encrypted packet from
XX.XX.XX.XX:4500
Mar 31 19:40:03 nebu pluto[22614]: | decrypting 200 bytes using algorithm
OAKLEY_3DES_CBC
Mar 31 19:40:03 nebu pluto[22614]: | decrypted:
Mar 31 19:40:03 nebu pluto[22614]: |   01 00 00 18  99 94 8b 68  a1 fb 88
b9  33 c0 d4 bb
Mar 31 19:40:03 nebu pluto[22614]: |   43 83 da d3  a3 c0 2d 1c  0a 00 00
80  00 00 00 01
Mar 31 19:40:03 nebu pluto[22614]: |   00 00 00 01  00 00 00 74  01 03 04
04  01 5f 68 50
Mar 31 19:40:03 nebu pluto[22614]: |   03 00 00 1c  01 0c 00 00  80 01 00
01  80 02 0e 10
Mar 31 19:40:03 nebu pluto[22614]: |   80 04 00 04  80 06 00 80  80 05 00
02  03 00 00 1c
Mar 31 19:40:03 nebu pluto[22614]: |   02 0c 00 00  80 01 00 01  80 02 0e
10  80 04 00 04
Mar 31 19:40:03 nebu pluto[22614]: |   80 06 00 80  80 05 00 01  03 00 00
18  03 03 00 00
Mar 31 19:40:03 nebu pluto[22614]: |   80 01 00 01  80 02 0e 10  80 04 00
04  80 05 00 02
Mar 31 19:40:03 nebu pluto[22614]: |   00 00 00 18  04 03 00 00  80 01 00
01  80 02 0e 10
Mar 31 19:40:03 nebu pluto[22614]: |   80 04 00 04  80 05 00 01  05 00 00
14  f6 d5 01 f4
Mar 31 19:40:03 nebu pluto[22614]: |   0d a2 ca 4b  75 e2 cb 8b  ef 56 70
58  05 00 00 0c
Mar 31 19:40:03 nebu pluto[22614]: |   01 11 c2 41  c0 a8 00 0c  00 00 00
0c  01 11 06 a5
Mar 31 19:40:03 nebu pluto[22614]: |   52 e9 ff 79  00 00 00 04
Mar 31 19:40:03 nebu pluto[22614]: | next IV:  b3 81 41 80  c0 e1 af b6
Mar 31 19:40:03 nebu pluto[22614]: | np=8 and sd=0x80e1410
Mar 31 19:40:03 nebu pluto[22614]: | ***parse ISAKMP Hash Payload:
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_SA
Mar 31 19:40:03 nebu pluto[22614]: |    length: 24
Mar 31 19:40:03 nebu pluto[22614]: | np=1 and sd=0x80e1380
Mar 31 19:40:03 nebu pluto[22614]: | ***parse ISAKMP Security Association
Payload:
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONCE
Mar 31 19:40:03 nebu pluto[22614]: |    length: 128
Mar 31 19:40:03 nebu pluto[22614]: |    DOI: ISAKMP_DOI_IPSEC
Mar 31 19:40:03 nebu pluto[22614]: | np=10 and sd=0x80e1428
Mar 31 19:40:03 nebu pluto[22614]: | ***parse ISAKMP Nonce Payload:
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_ID
Mar 31 19:40:03 nebu pluto[22614]: |    length: 20
Mar 31 19:40:03 nebu pluto[22614]: | np=5 and sd=(nil)
Mar 31 19:40:03 nebu pluto[22614]: | ***parse ISAKMP Identification Payload
(IPsec DOI):
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_ID
Mar 31 19:40:03 nebu pluto[22614]: |    length: 12
Mar 31 19:40:03 nebu pluto[22614]: |    ID type: ID_IPV4_ADDR
Mar 31 19:40:03 nebu pluto[22614]: |    Protocol ID: 17
Mar 31 19:40:03 nebu pluto[22614]: |    port: 49729
Mar 31 19:40:03 nebu pluto[22614]: | np=5 and sd=(nil)
Mar 31 19:40:03 nebu pluto[22614]: | ***parse ISAKMP Identification Payload
(IPsec DOI):
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:03 nebu pluto[22614]: |    length: 12
Mar 31 19:40:03 nebu pluto[22614]: |    ID type: ID_IPV4_ADDR
Mar 31 19:40:03 nebu pluto[22614]: |    Protocol ID: 17
Mar 31 19:40:03 nebu pluto[22614]: |    port: 1701
Mar 31 19:40:03 nebu pluto[22614]: | removing 4 bytes of padding
Mar 31 19:40:03 nebu pluto[22614]: | HASH(1) computed:
Mar 31 19:40:03 nebu pluto[22614]: |   99 94 8b 68  a1 fb 88 b9  33 c0 d4
bb  43 83 da d3
Mar 31 19:40:03 nebu pluto[22614]: |   a3 c0 2d 1c
Mar 31 19:40:03 nebu pluto[22614]: | peer client is 192.168.0.12
Mar 31 19:40:03 nebu pluto[22614]: | peer client protocol/port is 17/49729
Mar 31 19:40:03 nebu pluto[22614]: | our client is 82.233.255.121
Mar 31 19:40:03 nebu pluto[22614]: | our client protocol/port is 17/1701
Mar 31 19:40:03 nebu pluto[22614]: | find_client_connection starting with
iphone
Mar 31 19:40:03 nebu pluto[22614]: |   looking for 82.233.255.121/32:17/1701->
192.168.0.12/32:17/49729
Mar 31 19:40:03 nebu pluto[22614]: |   concrete checking against sr#0
10.199.37.2/32 -> 192.168.0.12/32
Mar 31 19:40:03 nebu pluto[22614]: |    match_id a=192.168.0.12
Mar 31 19:40:03 nebu pluto[22614]: |             b=192.168.0.12
Mar 31 19:40:03 nebu pluto[22614]: |    results  matched
Mar 31 19:40:03 nebu pluto[22614]: |   trusted_ca called with a=(empty)
b=(empty)
Mar 31 19:40:03 nebu pluto[22614]: |   fc_try concluding with none [0]
Mar 31 19:40:03 nebu pluto[22614]: |   fc_try iphone gives none
Mar 31 19:40:03 nebu pluto[22614]: | find_host_pair: comparing to
10.199.37.2:500 XX.XX.XX.XX:500
Mar 31 19:40:03 nebu pluto[22614]: | find_host_pair: comparing to
10.199.37.2:500 0.0.0.0:500
Mar 31 19:40:03 nebu pluto[22614]: |   checking hostpair 10.199.37.2/32 ->
192.168.0.12/32 is found
Mar 31 19:40:03 nebu pluto[22614]: |    match_id a=192.168.0.12
Mar 31 19:40:03 nebu pluto[22614]: |             b=(none)
Mar 31 19:40:03 nebu pluto[22614]: |    results  matched
Mar 31 19:40:03 nebu pluto[22614]: |   trusted_ca called with a=(empty)
b=(empty)
Mar 31 19:40:03 nebu pluto[22614]: |   fc_try trying iphone:
82.233.255.121/32:17/1701 -> 192.168.0.12/32:17/49701 vs iphone:
10.199.37.2/32:17/1701 -> 0.0.0.0/32:17/0
Mar 31 19:40:03 nebu pluto[22614]: |   fc_try concluding with none [0]
Mar 31 19:40:03 nebu pluto[22614]: |    match_id a=192.168.0.12
Mar 31 19:40:03 nebu pluto[22614]: |             b=(none)
Mar 31 19:40:03 nebu pluto[22614]: |    results  matched
Mar 31 19:40:03 nebu pluto[22614]: |   trusted_ca called with a=(empty)
b=(empty)
Mar 31 19:40:03 nebu pluto[22614]: |   fc_try_oppo trying iphone:
82.233.255.121/32 -> 192.168.0.12/32 vs iphone:10.199.37.2/32 -> 0.0.0.0/32
Mar 31 19:40:03 nebu pluto[22614]: |   fc_try_oppo concluding with none [0]
Mar 31 19:40:03 nebu pluto[22614]: |   concluding with d = none
Mar 31 19:40:03 nebu pluto[22614]: | using (something) old for transport
mode connection "iphone"
Mar 31 19:40:03 nebu pluto[22614]: | duplicating state object #5
Mar 31 19:40:03 nebu pluto[22614]: | creating state object #6 at 0x80febe0
Mar 31 19:40:03 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:03 nebu pluto[22614]: | ICOOKIE:  27 e0 47 b6  99 15 5a c1
Mar 31 19:40:03 nebu pluto[22614]: | RCOOKIE:  36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:03 nebu pluto[22614]: | peer:  52 ee e3 25
Mar 31 19:40:03 nebu pluto[22614]: | state hash entry 12
Mar 31 19:40:03 nebu pluto[22614]: | inserting event EVENT_SO_DISCARD,
timeout in 0 seconds for #6
Mar 31 19:40:03 nebu pluto[22614]: | ****parse IPsec DOI SIT:
Mar 31 19:40:03 nebu pluto[22614]: |    IPsec DOI SIT: SIT_IDENTITY_ONLY
Mar 31 19:40:03 nebu pluto[22614]: | ****parse ISAKMP Proposal Payload:
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:03 nebu pluto[22614]: |    length: 116
Mar 31 19:40:03 nebu pluto[22614]: |    proposal number: 1
Mar 31 19:40:03 nebu pluto[22614]: |    protocol ID: PROTO_IPSEC_ESP
Mar 31 19:40:03 nebu pluto[22614]: |    SPI size: 4
Mar 31 19:40:03 nebu pluto[22614]: |    number of transforms: 4
Mar 31 19:40:03 nebu pluto[22614]: | parsing 4 raw bytes of ISAKMP Proposal
Payload into SPI
Mar 31 19:40:03 nebu pluto[22614]: | SPI  01 5f 68 50
Mar 31 19:40:03 nebu pluto[22614]: | *****parse ISAKMP Transform Payload
(ESP):
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_T
Mar 31 19:40:03 nebu pluto[22614]: |    length: 28
Mar 31 19:40:03 nebu pluto[22614]: |    transform number: 1
Mar 31 19:40:03 nebu pluto[22614]: |    transform ID: ESP_AES
Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:
Mar 31 19:40:03 nebu pluto[22614]: |    af+type: SA_LIFE_TYPE
Mar 31 19:40:03 nebu pluto[22614]: |    length/value: 1
Mar 31 19:40:03 nebu pluto[22614]: |    [1 is SA_LIFE_TYPE_SECONDS]
Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:
Mar 31 19:40:03 nebu pluto[22614]: |    af+type: SA_LIFE_DURATION
Mar 31 19:40:03 nebu pluto[22614]: |    length/value: 3600
Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:
Mar 31 19:40:03 nebu pluto[22614]: |    af+type: ENCAPSULATION_MODE
Mar 31 19:40:03 nebu pluto[22614]: |    length/value: 4
Mar 31 19:40:03 nebu pluto[22614]: |    [4 is
ENCAPSULATION_MODE_UDP_TRANSPORT]
Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:
Mar 31 19:40:03 nebu pluto[22614]: |    af+type: KEY_LENGTH
Mar 31 19:40:03 nebu pluto[22614]: |    length/value: 128
Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:
Mar 31 19:40:03 nebu pluto[22614]: |    af+type: AUTH_ALGORITHM
Mar 31 19:40:03 nebu pluto[22614]: |    length/value: 2
Mar 31 19:40:03 nebu pluto[22614]: |    [2 is AUTH_ALGORITHM_HMAC_SHA1]
Mar 31 19:40:03 nebu pluto[22614]: | 0: w->pcw_dead: 0 w->pcw_work: 0 cnt: 1
Mar 31 19:40:03 nebu pluto[22614]: | asking helper 0 to do build_nonce op on
seq: 6
Mar 31 19:40:03 nebu pluto[22614]: | inserting event EVENT_CRYPTO_FAILED,
timeout in 300 seconds for #6
Mar 31 19:40:03 nebu pluto[22614]: | complete state transition with
STF_SUSPEND
Mar 31 19:40:03 nebu pluto[22614]: | next event EVENT_NAT_T_KEEPALIVE in 12
seconds
Mar 31 19:40:03 nebu pluto[22614]: | helper 0 has work (cnt now 0)
Mar 31 19:40:03 nebu pluto[22614]: | helper 0 replies to sequence 6
Mar 31 19:40:03 nebu pluto[22614]: | calling callback function 0x806b0a0
Mar 31 19:40:03 nebu pluto[22614]: | quick inI1_outR1: calculated ke+nonce,
sending R1
Mar 31 19:40:03 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:03 nebu pluto[22614]: | **emit ISAKMP Message:
Mar 31 19:40:03 nebu pluto[22614]: |    initiator cookie:
Mar 31 19:40:03 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:03 nebu pluto[22614]: |    responder cookie:
Mar 31 19:40:03 nebu pluto[22614]: |   36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_HASH
Mar 31 19:40:03 nebu pluto[22614]: |    ISAKMP version: ISAKMP Version 1.0
Mar 31 19:40:03 nebu pluto[22614]: |    exchange type: ISAKMP_XCHG_QUICK
Mar 31 19:40:03 nebu pluto[22614]: |    flags: ISAKMP_FLAG_ENCRYPTION
Mar 31 19:40:03 nebu pluto[22614]: |    message ID:  bb b5 56 85
Mar 31 19:40:03 nebu pluto[22614]: | ***emit ISAKMP Hash Payload:
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_SA
Mar 31 19:40:03 nebu pluto[22614]: | emitting 20 zero bytes of HASH into
ISAKMP Hash Payload
Mar 31 19:40:03 nebu pluto[22614]: | emitting length of ISAKMP Hash Payload:
24
Mar 31 19:40:03 nebu pluto[22614]: | ***emit ISAKMP Security Association
Payload:
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONCE
Mar 31 19:40:03 nebu pluto[22614]: |    DOI: ISAKMP_DOI_IPSEC
Mar 31 19:40:03 nebu pluto[22614]: | ****parse IPsec DOI SIT:
Mar 31 19:40:03 nebu pluto[22614]: |    IPsec DOI SIT: SIT_IDENTITY_ONLY
Mar 31 19:40:03 nebu pluto[22614]: | ****parse ISAKMP Proposal Payload:
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:03 nebu pluto[22614]: |    length: 116
Mar 31 19:40:03 nebu pluto[22614]: |    proposal number: 1
Mar 31 19:40:03 nebu pluto[22614]: |    protocol ID: PROTO_IPSEC_ESP
Mar 31 19:40:03 nebu pluto[22614]: |    SPI size: 4
Mar 31 19:40:03 nebu pluto[22614]: |    number of transforms: 4
Mar 31 19:40:03 nebu pluto[22614]: | parsing 4 raw bytes of ISAKMP Proposal
Payload into SPI
Mar 31 19:40:03 nebu pluto[22614]: | SPI  01 5f 68 50
Mar 31 19:40:03 nebu pluto[22614]: | *****parse ISAKMP Transform Payload
(ESP):
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_T
Mar 31 19:40:03 nebu pluto[22614]: |    length: 28
Mar 31 19:40:03 nebu pluto[22614]: |    transform number: 1
Mar 31 19:40:03 nebu pluto[22614]: |    transform ID: ESP_AES
Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:
Mar 31 19:40:03 nebu pluto[22614]: |    af+type: SA_LIFE_TYPE
Mar 31 19:40:03 nebu pluto[22614]: |    length/value: 1
Mar 31 19:40:03 nebu pluto[22614]: |    [1 is SA_LIFE_TYPE_SECONDS]
Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:
Mar 31 19:40:03 nebu pluto[22614]: |    af+type: SA_LIFE_DURATION
Mar 31 19:40:03 nebu pluto[22614]: |    length/value: 3600
Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:
Mar 31 19:40:03 nebu pluto[22614]: |    af+type: ENCAPSULATION_MODE
Mar 31 19:40:03 nebu pluto[22614]: |    length/value: 4
Mar 31 19:40:03 nebu pluto[22614]: |    [4 is
ENCAPSULATION_MODE_UDP_TRANSPORT]
Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:
Mar 31 19:40:03 nebu pluto[22614]: |    af+type: KEY_LENGTH
Mar 31 19:40:03 nebu pluto[22614]: |    length/value: 128
Mar 31 19:40:03 nebu pluto[22614]: | ******parse ISAKMP IPsec DOI attribute:
Mar 31 19:40:03 nebu pluto[22614]: |    af+type: AUTH_ALGORITHM
Mar 31 19:40:03 nebu pluto[22614]: |    length/value: 2
Mar 31 19:40:03 nebu pluto[22614]: |    [2 is AUTH_ALGORITHM_HMAC_SHA1]
Mar 31 19:40:03 nebu pluto[22614]: | ****emit IPsec DOI SIT:
Mar 31 19:40:03 nebu pluto[22614]: |    IPsec DOI SIT: SIT_IDENTITY_ONLY
Mar 31 19:40:03 nebu pluto[22614]: | ****emit ISAKMP Proposal Payload:
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:03 nebu pluto[22614]: |    proposal number: 1
Mar 31 19:40:03 nebu pluto[22614]: |    protocol ID: PROTO_IPSEC_ESP
Mar 31 19:40:03 nebu pluto[22614]: |    SPI size: 4
Mar 31 19:40:03 nebu pluto[22614]: |    number of transforms: 1
Mar 31 19:40:03 nebu pluto[22614]: | netlink_get_spi: allocated 0x3f3ead76
for esp.0 at 10.199.37.2
Mar 31 19:40:03 nebu pluto[22614]: | emitting 4 raw bytes of SPI into ISAKMP
Proposal Payload
Mar 31 19:40:03 nebu pluto[22614]: | SPI  3f 3e ad 76
Mar 31 19:40:03 nebu pluto[22614]: | *****emit ISAKMP Transform Payload
(ESP):
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:03 nebu pluto[22614]: |    transform number: 1
Mar 31 19:40:03 nebu pluto[22614]: |    transform ID: ESP_AES
Mar 31 19:40:03 nebu pluto[22614]: | emitting 20 raw bytes of attributes
into ISAKMP Transform Payload (ESP)
Mar 31 19:40:03 nebu pluto[22614]: | attributes  80 01 00 01  80 02 0e 10
80 04 00 04  80 06 00 80
Mar 31 19:40:03 nebu pluto[22614]: |   80 05 00 02
Mar 31 19:40:03 nebu pluto[22614]: | emitting length of ISAKMP Transform
Payload (ESP): 28
Mar 31 19:40:03 nebu pluto[22614]: | emitting length of ISAKMP Proposal
Payload: 40
Mar 31 19:40:03 nebu pluto[22614]: | emitting length of ISAKMP Security
Association Payload: 52
Mar 31 19:40:03 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #6: responding to
Quick Mode {msgid:8556b5bb}
Mar 31 19:40:03 nebu pluto[22614]: | ***emit ISAKMP Nonce Payload:
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_ID
Mar 31 19:40:03 nebu pluto[22614]: | emitting 16 raw bytes of Nr into ISAKMP
Nonce Payload
Mar 31 19:40:03 nebu pluto[22614]: | Nr  55 5f 07 15  7f 7b ac ba  ac 0a 0c
1f  db 8e 30 2e
Mar 31 19:40:03 nebu pluto[22614]: | emitting length of ISAKMP Nonce
Payload: 20
Mar 31 19:40:03 nebu pluto[22614]: | emitting 12 raw bytes of IDci into
ISAKMP Message
Mar 31 19:40:03 nebu pluto[22614]: | IDci  05 00 00 0c  01 11 c2 41  c0 a8
00 0c
Mar 31 19:40:03 nebu pluto[22614]: | emitting 12 raw bytes of IDcr into
ISAKMP Message
Mar 31 19:40:03 nebu pluto[22614]: | IDcr  00 00 00 0c  01 11 06 a5  52 e9
ff 79
Mar 31 19:40:03 nebu pluto[22614]: | HASH(2) computed:
Mar 31 19:40:03 nebu pluto[22614]: |   af 5d 32 d0  94 e6 b5 ea  38 a3 d8
a0  56 61 bf 4e
Mar 31 19:40:03 nebu pluto[22614]: |   73 36 68 2f
Mar 31 19:40:03 nebu pluto[22614]: | compute_proto_keymat:needed_len (after
ESP enc)=16
Mar 31 19:40:03 nebu pluto[22614]: | compute_proto_keymat:needed_len (after
ESP auth)=36
Mar 31 19:40:03 nebu pluto[22614]: | KEYMAT computed:
Mar 31 19:40:03 nebu pluto[22614]: |   8f d9 1f 33  0a 68 04 57  dc 23 04
11  29 a9 c5 ba
Mar 31 19:40:03 nebu pluto[22614]: |   3c 9f 59 1b  52 54 b5 51  9a 18 5d
05  0e 15 30 af
Mar 31 19:40:03 nebu pluto[22614]: |   45 1e 73 99
Mar 31 19:40:03 nebu pluto[22614]: | Peer KEYMAT computed:
Mar 31 19:40:03 nebu pluto[22614]: |   23 88 36 a3  d7 f9 3d 12  64 77 e8
27  a9 d0 22 f2
Mar 31 19:40:03 nebu pluto[22614]: |   74 98 fb 1c  4a 89 e4 cf  b6 83 12
04  e9 c9 d8 f3
Mar 31 19:40:03 nebu pluto[22614]: |   5a 27 23 56
Mar 31 19:40:03 nebu pluto[22614]: | install_inbound_ipsec_sa() checking if
we can route
Mar 31 19:40:03 nebu pluto[22614]: | route owner of "iphone"[2]
XX.XX.XX.XXerouted: self; eroute owner: self
Mar 31 19:40:03 nebu pluto[22614]: | could_route called for iphone
(kind=CK_INSTANCE)
Mar 31 19:40:03 nebu pluto[22614]: | looking for alg with transid: 12
keylen: 128 auth: 2
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 11 keylen: 0 auth: 1
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 11 keylen: 0 auth: 2
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 2 keylen: 8 auth: 0
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 2 keylen: 8 auth: 1
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 2 keylen: 8 auth: 2
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 3 keylen: 24 auth: 0
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 3 keylen: 24 auth: 1
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 3 keylen: 24 auth: 2
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 12 keylen: 16 auth: 0

Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 12 keylen: 16 auth: 1

Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 12 keylen: 16 auth: 2

Mar 31 19:40:03 nebu pluto[22614]: | encrypting:
Mar 31 19:40:03 nebu pluto[22614]: |   01 00 00 18  af 5d 32 d0  94 e6 b5
ea  38 a3 d8 a0
Mar 31 19:40:03 nebu pluto[22614]: |   56 61 bf 4e  73 36 68 2f  0a 00 00
34  00 00 00 01
Mar 31 19:40:03 nebu pluto[22614]: |   00 00 00 01  00 00 00 28  01 03 04
01  3f 3e ad 76
Mar 31 19:40:03 nebu pluto[22614]: |   00 00 00 1c  01 0c 00 00  80 01 00
01  80 02 0e 10
Mar 31 19:40:03 nebu pluto[22614]: |   80 04 00 04  80 06 00 80  80 05 00
02  05 00 00 14
Mar 31 19:40:03 nebu pluto[22614]: |   55 5f 07 15  7f 7b ac ba  ac 0a 0c
1f  db 8e 30 2e
Mar 31 19:40:03 nebu pluto[22614]: |   05 00 00 0c  01 11 c2 41  c0 a8 00
0c  00 00 00 0c
Mar 31 19:40:03 nebu pluto[22614]: |   01 11 06 a5  52 e9 ff 79
Mar 31 19:40:03 nebu pluto[22614]: | IV:
Mar 31 19:40:03 nebu pluto[22614]: |   b3 81 41 80  c0 e1 af b6
Mar 31 19:40:03 nebu pluto[22614]: | encrypting using OAKLEY_3DES_CBC
Mar 31 19:40:03 nebu pluto[22614]: | next IV:  38 57 79 b6  03 cd a4 89
Mar 31 19:40:03 nebu pluto[22614]: | emitting length of ISAKMP Message: 148
Mar 31 19:40:03 nebu pluto[22614]: | finished processing quick inI1
Mar 31 19:40:03 nebu pluto[22614]: | complete state transition with STF_OK
Mar 31 19:40:03 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #6: transition
from state STATE_QUICK_R0 to state STATE_QUICK_R1
Mar 31 19:40:03 nebu pluto[22614]: | sending reply packet to XX.XX.XX.XX:4500
(from port=4500)
Mar 31 19:40:03 nebu pluto[22614]: | sending 148 bytes for STATE_QUICK_R0
through eth0:4500 to XX.XX.XX.XX:4500:
Mar 31 19:40:03 nebu pluto[22614]: |   00 00 00 00  27 e0 47 b6  99 15 5a
c1  36 a4 14 99
Mar 31 19:40:03 nebu pluto[22614]: |   ea 0e 87 a5  08 10 20 01  bb b5 56
85  00 00 00 94
Mar 31 19:40:03 nebu pluto[22614]: |   b0 0c 50 e3  79 79 44 90  38 84 5b
c3  95 b0 a0 65
Mar 31 19:40:03 nebu pluto[22614]: |   b9 5e ab 43  39 ad 44 93  c4 e1 7b
4c  95 19 57 cc
Mar 31 19:40:03 nebu pluto[22614]: |   77 48 98 46  3a 33 69 26  b1 f9 15
e3  d5 18 fc d2
Mar 31 19:40:03 nebu pluto[22614]: |   af a5 26 b5  2e 2b 0c a0  56 12 3d
09  1a b1 6b 19
Mar 31 19:40:03 nebu pluto[22614]: |   3c 37 01 ff  10 d0 66 50  7c ff 7f
55  d3 29 34 04
Mar 31 19:40:03 nebu pluto[22614]: |   0a 42 c1 22  69 a0 87 08  ee 39 0a
bd  51 08 f1 2a
Mar 31 19:40:03 nebu pluto[22614]: |   8d 85 7c 54  76 03 23 46  3e 69 15
ff  b0 89 b2 d7
Mar 31 19:40:03 nebu pluto[22614]: |   38 57 79 b6  03 cd a4 89
Mar 31 19:40:03 nebu pluto[22614]: | inserting event EVENT_RETRANSMIT,
timeout in 10 seconds for #6
Mar 31 19:40:03 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #6:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Mar 31 19:40:03 nebu pluto[22614]: | modecfg pull: noquirk policy:push
not-client
Mar 31 19:40:03 nebu pluto[22614]: | phase 1 is done, looking for phase 1 to
unpend
Mar 31 19:40:03 nebu pluto[22614]: | next event EVENT_RETRANSMIT in 10
seconds for #6
Mar 31 19:40:03 nebu pluto[22614]: |
Mar 31 19:40:03 nebu pluto[22614]: | *received 60 bytes from XX.XX.XX.XX:4500
on eth0 (port=4500)
Mar 31 19:40:03 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1  36 a4 14
99  ea 0e 87 a5
Mar 31 19:40:03 nebu pluto[22614]: |   08 10 20 01  bb b5 56 85  00 00 00
3c  86 eb 9f b7
Mar 31 19:40:03 nebu pluto[22614]: |   f6 e7 0b a8  16 55 99 a8  67 47 61
20  1f db 9c 4e
Mar 31 19:40:03 nebu pluto[22614]: |   51 37 35 48  c1 1f dc 86  f8 2d 13 3d
Mar 31 19:40:03 nebu pluto[22614]: | **parse ISAKMP Message:
Mar 31 19:40:03 nebu pluto[22614]: |    initiator cookie:
Mar 31 19:40:03 nebu pluto[22614]: |   27 e0 47 b6  99 15 5a c1
Mar 31 19:40:03 nebu pluto[22614]: |    responder cookie:
Mar 31 19:40:03 nebu pluto[22614]: |   36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_HASH
Mar 31 19:40:03 nebu pluto[22614]: |    ISAKMP version: ISAKMP Version 1.0
Mar 31 19:40:03 nebu pluto[22614]: |    exchange type: ISAKMP_XCHG_QUICK
Mar 31 19:40:03 nebu pluto[22614]: |    flags: ISAKMP_FLAG_ENCRYPTION
Mar 31 19:40:03 nebu pluto[22614]: |    message ID:  bb b5 56 85
Mar 31 19:40:03 nebu pluto[22614]: |    length: 60
Mar 31 19:40:03 nebu pluto[22614]: |  processing packet with exchange
type=ISAKMP_XCHG_QUICK (32)
Mar 31 19:40:03 nebu pluto[22614]: | ICOOKIE:  27 e0 47 b6  99 15 5a c1
Mar 31 19:40:03 nebu pluto[22614]: | RCOOKIE:  36 a4 14 99  ea 0e 87 a5
Mar 31 19:40:03 nebu pluto[22614]: | peer:  52 ee e3 25
Mar 31 19:40:03 nebu pluto[22614]: | state hash entry 12
Mar 31 19:40:03 nebu pluto[22614]: | peer and cookies match on #6, provided
msgid bbb55685 vs bbb55685
Mar 31 19:40:03 nebu pluto[22614]: | state object #6 found, in
STATE_QUICK_R1
Mar 31 19:40:03 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:03 nebu pluto[22614]: | received encrypted packet from
XX.XX.XX.XX:4500
Mar 31 19:40:03 nebu pluto[22614]: | decrypting 32 bytes using algorithm
OAKLEY_3DES_CBC
Mar 31 19:40:03 nebu pluto[22614]: | decrypted:
Mar 31 19:40:03 nebu pluto[22614]: |   00 00 00 18  01 2f 6d fa  00 41 63
26  05 38 ed 8d
Mar 31 19:40:03 nebu pluto[22614]: |   41 5c 9c 07  75 e9 ca 8a  00 00 00
00  00 00 00 08
Mar 31 19:40:03 nebu pluto[22614]: | next IV:  c1 1f dc 86  f8 2d 13 3d
Mar 31 19:40:03 nebu pluto[22614]: | np=8 and sd=0x80e1410
Mar 31 19:40:03 nebu pluto[22614]: | ***parse ISAKMP Hash Payload:
Mar 31 19:40:03 nebu pluto[22614]: |    next payload type: ISAKMP_NEXT_NONE
Mar 31 19:40:03 nebu pluto[22614]: |    length: 24
Mar 31 19:40:03 nebu pluto[22614]: | removing 8 bytes of padding
Mar 31 19:40:03 nebu pluto[22614]: | HASH(3) computed:  01 2f 6d fa  00 41
63 26  05 38 ed 8d  41 5c 9c 07
Mar 31 19:40:03 nebu pluto[22614]: |   75 e9 ca 8a
Mar 31 19:40:03 nebu pluto[22614]: | install_ipsec_sa() for #6: outbound
only
Mar 31 19:40:03 nebu pluto[22614]: | route owner of "iphone"[2]
XX.XX.XX.XXerouted: self; eroute owner: self
Mar 31 19:40:03 nebu pluto[22614]: | could_route called for iphone
(kind=CK_INSTANCE)
Mar 31 19:40:03 nebu pluto[22614]: | looking for alg with transid: 12
keylen: 128 auth: 2
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 11 keylen: 0 auth: 1
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 11 keylen: 0 auth: 2
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 2 keylen: 8 auth: 0
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 2 keylen: 8 auth: 1
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 2 keylen: 8 auth: 2
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 3 keylen: 24 auth: 0
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 3 keylen: 24 auth: 1
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 3 keylen: 24 auth: 2
Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 12 keylen: 16 auth: 0

Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 12 keylen: 16 auth: 1

Mar 31 19:40:03 nebu pluto[22614]: | checking transid: 12 keylen: 16 auth: 2

Mar 31 19:40:03 nebu pluto[22614]: | sr for #6: erouted
Mar 31 19:40:03 nebu pluto[22614]: | route owner of "iphone"[2]
XX.XX.XX.XXerouted: self; eroute owner: self
Mar 31 19:40:03 nebu pluto[22614]: | route_and_eroute with c: iphone (next:
none) ero:iphone esr:{(nil)} ro:iphone rosr:{(nil)} and state: 6
Mar 31 19:40:03 nebu pluto[22614]: | eroute_connection replace eroute
10.199.37.2/32:1701 --17-> 192.168.0.12/32:49727 =>
esp.15f6850 at XX.XX.XX.XX(raw_eroute)
Mar 31 19:40:03 nebu pluto[22614]: | route_and_eroute: firewall_notified:
true
Mar 31 19:40:03 nebu pluto[22614]: | route_and_eroute: instance "iphone"[2]
XX.XX.XX.XX, setting eroute_owner {spd=0x80fd13c,sr=0x80fd13c} to #6 (was
#4) (newest_ipsec_sa=#4)
Mar 31 19:40:03 nebu pluto[22614]: | inI2: instance iphone[2], setting
newest_ipsec_sa to #6 (was #4) (spd.eroute=#6)
Mar 31 19:40:03 nebu pluto[22614]: | complete state transition with STF_OK
Mar 31 19:40:03 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #6: transition
from state STATE_QUICK_R1 to state STATE_QUICK_R2
Mar 31 19:40:03 nebu pluto[22614]: | inserting event EVENT_SA_REPLACE,
timeout in 3330 seconds for #6
Mar 31 19:40:03 nebu pluto[22614]: "iphone"[2] XX.XX.XX.XX #6:
STATE_QUICK_R2: IPsec SA established {ESP/NAT=>0x015f6850 <0x3f3ead76
xfrm=AES_128-HMAC_SHA1 NATD=XX.XX.XX.XX:4500 DPD=none}
Mar 31 19:40:03 nebu pluto[22614]: | modecfg pull: noquirk policy:push
not-client
Mar 31 19:40:03 nebu pluto[22614]: | phase 1 is done, looking for phase 1 to
unpend
Mar 31 19:40:03 nebu pluto[22614]: | next event EVENT_NAT_T_KEEPALIVE in 12
seconds
Mar 31 19:40:15 nebu pluto[22614]: |
Mar 31 19:40:15 nebu pluto[22614]: | *time to handle event
Mar 31 19:40:15 nebu pluto[22614]: | handling event EVENT_NAT_T_KEEPALIVE
Mar 31 19:40:15 nebu pluto[22614]: | event after this is
EVENT_PENDING_PHASE2 in 92 seconds
Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:15 nebu pluto[22614]: | ka_event: send NAT-KA to XX.XX.XX.XX:4500
(state=#6)
Mar 31 19:40:15 nebu pluto[22614]: | sending 1 bytes for NAT-T Keep Alive
through eth0:4500 to XX.XX.XX.XX:4500:
Mar 31 19:40:15 nebu pluto[22614]: |   ff
Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:15 nebu pluto[22614]: | ka_event: send NAT-KA to XX.XX.XX.XX:4500
(state=#5)
Mar 31 19:40:15 nebu pluto[22614]: | sending 1 bytes for NAT-T Keep Alive
through eth0:4500 to XX.XX.XX.XX:4500:
Mar 31 19:40:15 nebu pluto[22614]: |   ff
Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:15 nebu pluto[22614]: | processing connection iphone[2]
XX.XX.XX.XX
Mar 31 19:40:15 nebu pluto[22614]: | inserting event EVENT_NAT_T_KEEPALIVE,
timeout in 20 seconds
Mar 31 19:40:15 nebu pluto[22614]: | next event EVENT_NAT_T_KEEPALIVE in 20
seconds




On Mon, Mar 31, 2008 at 7:06 PM, Paul Wouters <paul at xelerance.com> wrote:

> On Mon, 31 Mar 2008, christophe yayon wrote:
>
> > I am trying to create  a IPSEC/L2TP connection between an openswan
> 2.4.12 /
> > l2tpd (or xl2tp)  and an iphone...
>
> Unfortunately, only Americans are allowed to have the iphone, or the
> iphone
> SDK which comes with an emulator.....
>
> > I had no problem with the FIRST connection (no problem at all), but,
>  when i
> > disconnect the vpn tunnel  (by turning if off on the device - client)
> and
> > reconnect, it fail and get these repeated messages in my logs :
>
> If you compiled with -DTRUST_PPPD_TO_DIE, you might want to try disabling
> that. But I don't think that is your real problem.
>
> > i need to restart ipsec service or put down (manually) the ipsec conn
> (ipsec
> > auto --down XXX)...
>
> Show us the logs of openswan configured with plutodebug="controlmore"?
>
> Paul
> --
> Building and integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>



-- 
Christophe Yayon
cyayon at nbux.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080331/05800f2e/attachment-0001.html 


More information about the Users mailing list