[Openswan Users] routing non-broadcast UDP packets over my VPN is failing
Shane Allen
sallen at hrsmart.com
Sat Oct 24 12:35:11 EDT 2009
I have two offices, one in the US and one in Argentina. I am trying to get IP phones to register back to my PBX in the US from the Argentina office over a VPN that I established between my gateways. Here's a rough topology:
10.1.0.0/24 <-> 10.1.0.1(eth1) [argw] 1.2.3.4(eth0) <-> (internet) <-> 5.6.7.8(eth0) [txgw] 192.168.0.1(eth1) <-> 192.168.0.0/16
Both linux boxes are running iptables Masquerading for the associated subnets in addition to handling the VPN traffic. The VPN is working -- I can ping and use TCP protocols (like SSH or HTTP) over the tunnel with no problems.
The IP phones, however, are trying to make an initial connection over UDP port 1719, and this is failing to route to the opposite side. Here's an example of the TCPdump output I am seeing:
root at argw:~# tcpdump -i eth1 -p -n ip host 192.168.5.2
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
19:27:10.993185 IP 10.1.0.96.49302 > 192.168.5.2.1719: UDP, length 65
19:27:15.992565 IP 10.1.0.96.49302 > 192.168.5.2.1719: UDP, length 65
If I do a similar dump on txgw (tcpdump -i eth1 -p -n ip host 192.168.5.2 or ip host 10.1.0.96) I get nothing. I've tested this both ways.
I've been searching for workarounds for a few days now and haven't gotten anywhere. I tested using a udping binary that contacts a host running an echo server, and set up an echo server on the far side. If I try local network udpings, they work. If I try udpings over the VPN they fail, regardless of packet size (I tried 1, 16, 128 and 256 byte packets). This leads me to believe the problem is routing UDP over the VPN, but I'm open to other possibilities.
I've included the (sanitized) output from ipsec barf below. I changed IPs and such for security purposes, if anything doesn't make sense due to the changes, let me know and I can clarify.
Thanks in advance for any insight you can offer!
-shane
txgw
Sat Oct 24 19:09:54 EEST 2009
+ _________________________ version
+ ipsec --version
Linux Openswan U2.4.12/K2.6.18-6-686 (netkey)
See `ipsec --copyright' for copyright information.
+ _________________________ /proc/version
+ cat /proc/version
Linux version 2.6.18-6-686 (Debian 2.6.18.dfsg.1-23) (dannf at debian.org) (gcc version 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)) #1 SMP Mon Oct 13 16:13:09 UTC 2008
+ _________________________ /proc/net/ipsec_eroute
+ test -r /proc/net/ipsec_eroute
+ _________________________ netstat-rn
+ netstat -nr
+ head -n 100
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
5.6.7.128 0.0.0.0 255.255.255.128 U 0 0 0 eth0
10.1.0.0 5.6.7.7 255.255.255.0 UG 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
0.0.0.0 5.6.7.7 0.0.0.0 UG 0 0 0 eth0
+ _________________________ /proc/net/ipsec_spi
+ test -r /proc/net/ipsec_spi
+ _________________________ /proc/net/ipsec_spigrp
+ test -r /proc/net/ipsec_spigrp
+ _________________________ /proc/net/ipsec_tncfg
+ test -r /proc/net/ipsec_tncfg
+ _________________________ /proc/net/pfkey
+ test -r /proc/net/pfkey
+ cat /proc/net/pfkey
sk RefCnt Rmem Wmem User Inode
+ _________________________ ip-xfrm-state
+ ip xfrm state
src 1.2.3.4 dst 5.6.7.8
proto esp spi 0x1bf9eb16 reqid 16385 mode tunnel
replay-window 32
auth sha1 0x1f26a4cf9502083830d07fe8137af408850e5047
enc aes 0xb5f2128c4c38f0e20cb89cfc26e9b899
src 5.6.7.8 dst 1.2.3.4
proto esp spi 0xa0b28b32 reqid 16385 mode tunnel
replay-window 32
auth sha1 0xf75b0b8f16cef0676ca8db475ae872972500dcc4
enc aes 0xf317e8acda7c8e4d1239f9dd0984cd58
+ _________________________ ip-xfrm-policy
+ ip xfrm policy
src 10.1.0.0/24 dst 192.168.0.0/16
dir in priority 2600
tmpl src 1.2.3.4 dst 5.6.7.8
proto esp reqid 16385 mode tunnel
src 192.168.0.0/16 dst 10.1.0.0/24
dir out priority 2600
tmpl src 5.6.7.8 dst 1.2.3.4
proto esp reqid 16385 mode tunnel
src 10.1.0.0/24 dst 192.168.0.0/16
dir fwd priority 2600
tmpl src 1.2.3.4 dst 5.6.7.8
proto esp reqid 16385 mode tunnel
src ::/0 dst ::/0
dir in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
dir in priority 0
src ::/0 dst ::/0
dir out priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 0
+ _________________________ /proc/sys/net/ipsec-star
+ test -d /proc/sys/net/ipsec
+ _________________________ ipsec/status
+ ipsec auto --status
000 interface lo/lo ::1
000 interface lo/lo 127.0.0.1
000 interface lo/lo 127.0.0.1
000 interface eth0/eth0 5.6.7.8
000 interface eth0/eth0 5.6.7.8
000 interface eth1/eth1 192.168.0.1
000 interface eth1/eth1 192.168.0.1
000 %myid = (none)
000 debug none
000
000 algorithm ESP encrypt: id=2, name=ESP_DES, ivlen=8, keysizemin=64, keysizemax=64
000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=8, keysizemin=192, keysizemax=192
000 algorithm ESP encrypt: id=7, name=ESP_BLOWFISH, ivlen=8, keysizemin=40, keysizemax=448
000 algorithm ESP encrypt: id=11, name=ESP_NULL, ivlen=0, keysizemin=0, keysizemax=0
000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=252, name=ESP_SERPENT, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP encrypt: id=253, name=ESP_TWOFISH, ivlen=8, keysizemin=128, keysizemax=256
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160
000 algorithm ESP auth attr: id=5, name=AUTH_ALGORITHM_HMAC_SHA2_256, keysizemin=256, keysizemax=256
000 algorithm ESP auth attr: id=251, name=(null), keysizemin=0, keysizemax=0
000
000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192
000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128
000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16
000 algorithm IKE hash: id=2, name=OAKLEY_SHA1, hashsize=20
000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024
000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536
000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048
000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072
000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096
000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144
000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192
000
000 stats db_ops.c: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0}
000
000 "ar-to-tx": 192.168.0.0/16===5.6.7.8[@txgw.example.com]---5.6.7.7...1.2.3.3---1.2.3.4[@argw.example.com]===10.1.0.0/24; erouted; eroute owner: #63
000 "ar-to-tx": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;
000 "ar-to-tx": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0
000 "ar-to-tx": policy: RSASIG+ENCRYPT+TUNNEL+PFS+UP; prio: 24,16; interface: eth0; encap: esp;
000 "ar-to-tx": newest ISAKMP SA: #70; newest IPsec SA: #63;
000 "ar-to-tx": IKE algorithm newest: 3DES_CBC_192-MD5-MODP1536
000
000 #70: "ar-to-tx":500 STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 2816s; newest ISAKMP; lastdpd=-1s(seq in:0 out:0)
000 #63: "ar-to-tx":500 STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 9365s; newest IPSEC; eroute owner
000 #63: "ar-to-tx" esp.a0b28b32 at 1.2.3.4 esp.1bf9eb16 at 5.6.7.8 tun.0 at 1.2.3.4 tun.0 at 5.6.7.8
000 #69: "ar-to-tx":500 STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_EXPIRE in 601s; lastdpd=-1s(seq in:0 out:0)
000
+ _________________________ ifconfig-a
+ ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:A0:CC:58:6E:08
inet addr:5.6.7.8 Bcast:5.6.7.255 Mask:255.255.255.128
inet6 addr: fe80::2a0:ccff:fe58:6e08/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:37765693 errors:1 dropped:0 overruns:0 frame:268
TX packets:31386600 errors:10 dropped:0 overruns:4 carrier:6
collisions:0 txqueuelen:1000
RX bytes:2321884528 (2.1 GiB) TX bytes:3679592456 (3.4 GiB)
Interrupt:201 Base address:0xb800
eth1 Link encap:Ethernet HWaddr 00:A0:CC:40:5E:8D
inet addr:192.168.0.1 Bcast:192.168.255.255 Mask:255.255.0.0
inet6 addr: fe80::2a0:ccff:fe40:5e8d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:32767259 errors:1 dropped:0 overruns:0 frame:603
TX packets:38176222 errors:28 dropped:0 overruns:4 carrier:24
collisions:0 txqueuelen:1000
RX bytes:3851921464 (3.5 GiB) TX bytes:1855011262 (1.7 GiB)
Interrupt:169 Base address:0xb400
eth2 Link encap:Ethernet HWaddr 00:0C:6E:FE:FD:C3
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:217 Base address:0xa400
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:9870 errors:0 dropped:0 overruns:0 frame:0
TX packets:9870 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:926479 (904.7 KiB) TX bytes:926479 (904.7 KiB)
sit0 Link encap:IPv6-in-IPv4
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
+ _________________________ ip-addr-list
+ ip addr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:a0:cc:58:6e:08 brd ff:ff:ff:ff:ff:ff
inet 5.6.7.8/25 brd 5.6.7.255 scope global eth0
inet6 fe80::2a0:ccff:fe58:6e08/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc htb state UNKNOWN qlen 1000
link/ether 00:a0:cc:40:5e:8d brd ff:ff:ff:ff:ff:ff
inet 192.168.0.1/16 brd 192.168.255.255 scope global eth1
inet6 fe80::2a0:ccff:fe40:5e8d/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 00:0c:6e:fe:fd:c3 brd ff:ff:ff:ff:ff:ff
5: sit0: <NOARP> mtu 1480 qdisc noop state DOWN
link/sit 0.0.0.0 brd 0.0.0.0
+ _________________________ ip-route-list
+ ip route list
5.6.7.128/25 dev eth0 proto kernel scope link src 5.6.7.8
10.1.0.0/24 via 5.6.7.7 dev eth0
192.168.0.0/16 dev eth1 proto kernel scope link src 192.168.0.1
default via 5.6.7.7 dev eth0
+ _________________________ ip-rule-list
+ ip rule list
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
+ _________________________ ipsec_verify
+ ipsec verify --nocolour
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.4.12/K2.6.18-6-686 (netkey)
Checking for IPsec support in kernel [OK]
NETKEY detected, testing for disabled ICMP send_redirects [OK]
NETKEY detected, testing for disabled ICMP accept_redirects [OK]
Checking for RSA private key (/etc/ipsec.secrets) [OK]
Checking that pluto is running [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing
Checking for 'ip' command [OK]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support [DISABLED]
+ _________________________ mii-tool
+ '[' -x /sbin/mii-tool ']'
+ /sbin/mii-tool -v
eth0: negotiated 100baseTx-FD, link ok
product info: vendor 00:10:18, model 33 rev 2
basic mode: autonegotiation enabled
basic status: autonegotiation complete, link ok
capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
eth1: negotiated 100baseTx-FD, link ok
product info: vendor 00:10:18, model 33 rev 2
basic mode: autonegotiation enabled
basic status: autonegotiation complete, link ok
capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
SIOCGMIIPHY on 'eth2' failed: Invalid argument
+ _________________________ ipsec/directory
+ ipsec --directory
/usr/lib/ipsec
+ _________________________ hostname/fqdn
+ hostname --fqdn
txgw.example.com
+ _________________________ hostname/ipaddress
+ hostname --ip-address
192.168.0.1
+ _________________________ uptime
+ uptime
19:09:54 up 2 days, 10:18, 2 users, load average: 0.00, 0.00, 0.00
+ _________________________ ps
+ ps alxwf
+ egrep -i 'ppid|pluto|ipsec|klips'
F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND
4 0 24105 23883 25 0 3868 1264 - R+ pts/0 0:00 \_ /bin/sh /usr/lib/ipsec/barf
1 0 24200 24105 25 0 3868 192 - R+ pts/0 0:00 \_ /bin/sh /usr/lib/ipsec/barf
1 0 13032 1 25 0 2580 436 wait S ? 0:00 /bin/bash /usr/lib/ipsec/_plutorun --debug --uniqueids yes --nocrsend --strictcrlpolicy --nat_traversal yes --keep_alive --protostack auto --force_keepalive --disable_port_floating --virtual_private --crlcheckinterval 0 --ocspuri --nhelpers 0 --dump --opts --stderrlog --wait no --pre --post --log daemon.error --pid /var/run/pluto/pluto.pid
1 0 13033 13032 25 0 2584 640 wait S ? 0:00 \_ /bin/bash /usr/lib/ipsec/_plutorun --debug --uniqueids yes --nocrsend --strictcrlpolicy --nat_traversal yes --keep_alive --protostack auto --force_keepalive --disable_port_floating --virtual_private --crlcheckinterval 0 --ocspuri --nhelpers 0 --dump --opts --stderrlog --wait no --pre --post --log daemon.error --pid /var/run/pluto/pluto.pid
4 0 13034 13033 15 0 7988 2540 - S ? 0:01 | \_ /usr/lib/ipsec/pluto --nofork --secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec.d --use-auto --uniqueids --nat_traversal --nhelpers 0
0 0 13074 13034 22 0 1696 304 429496 S ? 0:00 | \_ _pluto_adns
0 0 13035 13032 24 0 2552 1116 pipe_w S ? 0:00 \_ /bin/sh /usr/lib/ipsec/_plutoload --wait no --post
0 0 13037 1 18 0 1752 536 pipe_w S ? 0:00 logger -s -p daemon.error -t ipsec__plutorun
+ _________________________ ipsec/showdefaults
+ ipsec showdefaults
routephys=eth0
routevirt=ipsec0
routeaddr=5.6.7.8
routenexthop=5.6.7.7
+ _________________________ ipsec/conf
+ ipsec _include /etc/ipsec.conf
+ ipsec _keycensor
#< /etc/ipsec.conf 1
# /etc/ipsec.conf - Openswan IPsec configuration file
# RCSID $Id: ipsec.conf.in,v 1.15.2.6 2006-10-19 03:49:46 paul Exp $
# This file: /usr/share/doc/openswan/ipsec.conf-sample
#
# Manual: ipsec.conf.5
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
# plutodebug / klipsdebug = "all", "none" or a combation from below:
# "raw crypt parsing emitting control klips pfkey natt x509 private"
# eg: plutodebug="control parsing"
#
# ONLY enable plutodebug=all or klipsdebug=all if you are a developer !!
#
# NAT-TRAVERSAL support, see README.NAT-Traversal
nat_traversal=yes
# virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
#
# enable this if you see "failed to find any available worker"
nhelpers=0
# Add connections here
conn ar-to-tx
left=1.2.3.4 # Public Internet IP address of the LEFT VPN device
leftid=@argw.example.com
leftsubnet=10.1.0.0/24 # Subnet protected by the LEFT VPN device
leftnexthop=1.2.3.3 # correct in many situations
leftrsasigkey=[keyid AQN/3nAqq]
right=5.6.7.8 # Public Internet IP address of the RIGHT VPN device
rightid=@txgw.example.com
rightsubnet=192.168.0.0/16 # Subnet protected by the RIGHT VPN device
rightnexthop=5.6.7.7 # correct in many situations
rightrsasigkey=[keyid AQN6U8qSi]
auto=start # authorizes and starts this connection on booting
# sample VPN connections, see /etc/ipsec.d/examples/
#Disable Opportunistic Encryption
#< /etc/ipsec.d/examples/no_oe.conf 1
# 'include' this file to disable Opportunistic Encryption.
# See /usr/share/doc/openswan/policygroups.html for details.
#
# RCSID $Id: no_oe.conf.in,v 1.2 2004-10-03 19:33:10 paul Exp $
conn block
auto=ignore
conn private
auto=ignore
conn private-or-clear
auto=ignore
conn clear-or-private
auto=ignore
conn clear
auto=ignore
conn packetdefault
auto=ignore
#> /etc/ipsec.conf 47
+ _________________________ ipsec/secrets
+ ipsec _include /etc/ipsec.secrets
+ ipsec _secretcensor
#< /etc/ipsec.secrets 1
: RSA {
# RSA 2048 bits txgw.example.com Thu Oct 22 20:50:26 2009
# for signatures only, UNSAFE FOR ENCRYPTION
#pubkey=[keyid AQN6U8qSi]
Modulus: [...]
PublicExponent: [...]
# everything after this point is secret
PrivateExponent: [...]
Prime1: [...]
Prime2: [...]
Exponent1: [...]
Exponent2: [...]
Coefficient: [...]
}
# do not change the indenting of that "[sums to 7d9d...]"
+ _________________________ ipsec/listall
+ ipsec auto --listall
000
000 List of Public Keys:
000
000 Oct 22 22:21:09 2009, 2048 RSA Key AQN6U8qSi, until --- -- --:--:-- ---- ok (expires never)
000 ID_FQDN '@txgw.example.com'
000 Oct 22 22:21:09 2009, 2048 RSA Key AQN/3nAqq, until --- -- --:--:-- ---- ok (expires never)
000 ID_FQDN '@argw.example.com'
+ '[' /etc/ipsec.d/policies ']'
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/block
+ base=block
+ _________________________ ipsec/policies/block
+ cat /etc/ipsec.d/policies/block
# This file defines the set of CIDRs (network/mask-length) to which
# communication should never be allowed.
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: block.in,v 1.4 2003-02-17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/clear
+ base=clear
+ _________________________ ipsec/policies/clear
+ cat /etc/ipsec.d/policies/clear
# This file defines the set of CIDRs (network/mask-length) to which
# communication should always be in the clear.
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: clear.in,v 1.4.30.3 2006-11-21 19:49:51 paul Exp $
#
#
# Michael's idea: Always have ROOT NAMESERVERS in the clear.
# It will make OE work much better on machines running caching
# resolvers.
#
# Based on: http://www.internic.net/zones/named.root
# This file holds the information on root name servers needed to
# last update: Jan 29, 2004
# related version of root zone: 2004012900
198.41.0.4/32
192.228.79.201/32
192.33.4.12/32
128.8.10.90/32
192.203.230.10/32
192.5.5.241/32
192.112.36.4/32
128.63.2.53/32
192.36.148.17/32
192.58.128.30/32
193.0.14.129/32
198.32.64.12/32
202.12.27.33/32
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/clear-or-private
+ base=clear-or-private
+ _________________________ ipsec/policies/clear-or-private
+ cat /etc/ipsec.d/policies/clear-or-private
# This file defines the set of CIDRs (network/mask-length) to which
# we will communicate in the clear, or, if the other side initiates IPSEC,
# using encryption. This behaviour is also called "Opportunistic Responder".
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: clear-or-private.in,v 1.4 2003-02-17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/private
+ base=private
+ _________________________ ipsec/policies/private
+ cat /etc/ipsec.d/policies/private
# This file defines the set of CIDRs (network/mask-length) to which
# communication should always be private (i.e. encrypted).
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: private.in,v 1.4 2003-02-17 02:22:15 mcr Exp $
#
+ for policy in '$POLICIES/*'
++ basename /etc/ipsec.d/policies/private-or-clear
+ base=private-or-clear
+ _________________________ ipsec/policies/private-or-clear
+ cat /etc/ipsec.d/policies/private-or-clear
# This file defines the set of CIDRs (network/mask-length) to which
# communication should be private, if possible, but in the clear otherwise.
#
# If the target has a TXT (later IPSECKEY) record that specifies
# authentication material, we will require private (i.e. encrypted)
# communications. If no such record is found, communications will be
# in the clear.
#
# See /usr/share/doc/openswan/policygroups.html for details.
#
# $Id: private-or-clear.in,v 1.5 2003-02-17 02:22:15 mcr Exp $
#
0.0.0.0/0
+ _________________________ ipsec/ls-libdir
+ ls -l /usr/lib/ipsec
total 1404
-rwxr-xr-x 1 root root 15848 Oct 1 22:00 _confread
-rwxr-xr-x 1 root root 4472 Oct 1 22:00 _copyright
-rwxr-xr-x 1 root root 2379 Oct 1 22:00 _include
-rwxr-xr-x 1 root root 1475 Oct 1 22:00 _keycensor
-rwxr-xr-x 1 root root 8536 Oct 1 22:00 _pluto_adns
-rwxr-xr-x 1 root root 3586 Oct 1 22:00 _plutoload
-rwxr-xr-x 1 root root 8055 Oct 1 22:00 _plutorun
-rwxr-xr-x 1 root root 12324 Oct 1 22:00 _realsetup
-rwxr-xr-x 1 root root 1975 Oct 1 22:00 _secretcensor
-rwxr-xr-x 1 root root 11065 Oct 1 22:00 _startklips
-rwxr-xr-x 1 root root 13912 Oct 1 22:00 _updown
-rwxr-xr-x 1 root root 15740 Oct 1 22:00 _updown_x509
-rwxr-xr-x 1 root root 18891 Oct 1 22:00 auto
-rwxr-xr-x 1 root root 11343 Oct 1 22:00 barf
-rwxr-xr-x 1 root root 816 Oct 1 22:00 calcgoo
-rwxr-xr-x 1 root root 80788 Oct 1 22:00 eroute
-rwxr-xr-x 1 root root 19112 Oct 1 22:00 ikeping
-rwxr-xr-x 1 root root 60776 Oct 1 22:00 klipsdebug
-rwxr-xr-x 1 root root 1940 Oct 1 22:00 livetest
-rwxr-xr-x 1 root root 2604 Oct 1 22:00 look
-rwxr-xr-x 1 root root 7082 Oct 1 22:00 mailkey
-rwxr-xr-x 1 root root 16015 Oct 1 22:00 manual
-rwxr-xr-x 1 root root 1951 Oct 1 22:00 newhostkey
-rwxr-xr-x 1 root root 52076 Oct 1 22:00 pf_key
-rwxr-xr-x 1 root root 681396 Oct 1 22:00 pluto
-rwxr-xr-x 1 root root 6500 Oct 1 22:00 ranbits
-rwxr-xr-x 1 root root 18536 Oct 1 22:00 rsasigkey
-rwxr-xr-x 1 root root 766 Oct 1 22:00 secrets
lrwxrwxrwx 1 root root 17 Oct 22 16:58 setup -> /etc/init.d/ipsec
-rwxr-xr-x 1 root root 1054 Oct 1 22:00 showdefaults
-rwxr-xr-x 1 root root 4845 Oct 1 22:00 showhostkey
-rwxr-xr-x 1 root root 122208 Oct 1 22:00 spi
-rwxr-xr-x 1 root root 69008 Oct 1 22:00 spigrp
-rwxr-xr-x 1 root root 9872 Oct 1 22:00 tncfg
-rwxr-xr-x 1 root root 13518 Oct 1 22:00 verify
-rwxr-xr-x 1 root root 47136 Oct 1 22:00 whack
+ _________________________ ipsec/ls-execdir
+ ls -l /usr/lib/ipsec
total 1404
-rwxr-xr-x 1 root root 15848 Oct 1 22:00 _confread
-rwxr-xr-x 1 root root 4472 Oct 1 22:00 _copyright
-rwxr-xr-x 1 root root 2379 Oct 1 22:00 _include
-rwxr-xr-x 1 root root 1475 Oct 1 22:00 _keycensor
-rwxr-xr-x 1 root root 8536 Oct 1 22:00 _pluto_adns
-rwxr-xr-x 1 root root 3586 Oct 1 22:00 _plutoload
-rwxr-xr-x 1 root root 8055 Oct 1 22:00 _plutorun
-rwxr-xr-x 1 root root 12324 Oct 1 22:00 _realsetup
-rwxr-xr-x 1 root root 1975 Oct 1 22:00 _secretcensor
-rwxr-xr-x 1 root root 11065 Oct 1 22:00 _startklips
-rwxr-xr-x 1 root root 13912 Oct 1 22:00 _updown
-rwxr-xr-x 1 root root 15740 Oct 1 22:00 _updown_x509
-rwxr-xr-x 1 root root 18891 Oct 1 22:00 auto
-rwxr-xr-x 1 root root 11343 Oct 1 22:00 barf
-rwxr-xr-x 1 root root 816 Oct 1 22:00 calcgoo
-rwxr-xr-x 1 root root 80788 Oct 1 22:00 eroute
-rwxr-xr-x 1 root root 19112 Oct 1 22:00 ikeping
-rwxr-xr-x 1 root root 60776 Oct 1 22:00 klipsdebug
-rwxr-xr-x 1 root root 1940 Oct 1 22:00 livetest
-rwxr-xr-x 1 root root 2604 Oct 1 22:00 look
-rwxr-xr-x 1 root root 7082 Oct 1 22:00 mailkey
-rwxr-xr-x 1 root root 16015 Oct 1 22:00 manual
-rwxr-xr-x 1 root root 1951 Oct 1 22:00 newhostkey
-rwxr-xr-x 1 root root 52076 Oct 1 22:00 pf_key
-rwxr-xr-x 1 root root 681396 Oct 1 22:00 pluto
-rwxr-xr-x 1 root root 6500 Oct 1 22:00 ranbits
-rwxr-xr-x 1 root root 18536 Oct 1 22:00 rsasigkey
-rwxr-xr-x 1 root root 766 Oct 1 22:00 secrets
lrwxrwxrwx 1 root root 17 Oct 22 16:58 setup -> /etc/init.d/ipsec
-rwxr-xr-x 1 root root 1054 Oct 1 22:00 showdefaults
-rwxr-xr-x 1 root root 4845 Oct 1 22:00 showhostkey
-rwxr-xr-x 1 root root 122208 Oct 1 22:00 spi
-rwxr-xr-x 1 root root 69008 Oct 1 22:00 spigrp
-rwxr-xr-x 1 root root 9872 Oct 1 22:00 tncfg
-rwxr-xr-x 1 root root 13518 Oct 1 22:00 verify
-rwxr-xr-x 1 root root 47136 Oct 1 22:00 whack
+ _________________________ ipsec/updowns
++ ls /usr/lib/ipsec
++ egrep updown
+ for f in '`ls ${IPSEC_EXECDIR-/usr/libexec/ipsec} | egrep updown`'
+ cat /usr/lib/ipsec/_updown
#! /bin/sh
# iproute2 version, default updown script
#
# Copyright (C) 2003-2004 Nigel Metheringham
# Copyright (C) 2002-2004 Michael Richardson <mcr at xelerance.com>
# Copyright (C) 2003-2005 Tuomo Soini <tis at foobar.fi>
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
# RCSID $Id: _updown.in,v 1.21.2.11 2006-02-20 22:57:28 paul Exp $
# CAUTION: Installing a new version of Openswan will install a new
# copy of this script, wiping out any custom changes you make. If
# you need changes, make a copy of this under another name, and customize
# that, and use the (left/right)updown parameters in ipsec.conf to make
# Openswan use yours instead of this default one.
LC_ALL=C export LC_ALL
# things that this script gets (from ipsec_pluto(8) man page)
#
#
# PLUTO_VERSION
# indicates what version of this interface is being
# used. This document describes version 1.1. This
# is upwardly compatible with version 1.0.
#
# PLUTO_VERB
# specifies the name of the operation to be performed
# (prepare-host, prepare-client, up-host, up-client,
# down-host, or down-client). If the address family
# for security gateway to security gateway
# communications is IPv6, then a suffix of -v6 is added
# to the verb.
#
# PLUTO_CONNECTION
# is the name of the connection for which we are
# routing.
#
# PLUTO_CONN_POLICY
# the policy of the connection, as in:
# RSASIG+ENCRYPT+TUNNEL+PFS+DONTREKEY+OPPORTUNISTIC+failureDROP+lKOD+rKOD
#
# PLUTO_NEXT_HOP
# is the next hop to which packets bound for the peer
# must be sent.
#
# PLUTO_INTERFACE
# is the name of the ipsec interface to be used.
#
# PLUTO_ME
# is the IP address of our host.
#
# PLUTO_MY_CLIENT
# is the IP address / count of our client subnet. If
# the client is just the host, this will be the
# host's own IP address / max (where max is 32 for
# IPv4 and 128 for IPv6).
#
# PLUTO_MY_CLIENT_NET
# is the IP address of our client net. If the client
# is just the host, this will be the host's own IP
# address.
#
# PLUTO_MY_CLIENT_MASK
# is the mask for our client net. If the client is
# just the host, this will be 255.255.255.255.
#
# PLUTO_MY_SOURCEIP
# if non-empty, then the source address for the route will be
# set to this IP address.
#
# PLUTO_MY_PROTOCOL
# is the protocol for this connection. Useful for
# firewalling.
#
# PLUTO_MY_PORT
# is the port. Useful for firewalling.
#
# PLUTO_PEER
# is the IP address of our peer.
#
# PLUTO_PEER_CLIENT
# is the IP address / count of the peer's client sub
# net. If the client is just the peer, this will be
# the peer's own IP address / max (where max is 32
# for IPv4 and 128 for IPv6).
#
# PLUTO_PEER_CLIENT_NET
# is the IP address of the peer's client net. If the
# client is just the peer, this will be the peer's
# own IP address.
#
# PLUTO_PEER_CLIENT_MASK
# is the mask for the peer's client net. If the
# client is just the peer, this will be
# 255.255.255.255.
#
# PLUTO_PEER_PROTOCOL
# is the protocol set for remote end with port
# selector.
#
# PLUTO_PEER_PORT
# is the peer's port. Useful for firewalling.
#
# PLUTO_CONNECTION_TYPE
#
# Import default _updown configs from the /etc/default/pluto_updown file
#
# Two variables can be set in this file:
#
# DEFAULTSOURCE
# is the default value for PLUTO_MY_SOURCEIP
#
# IPROUTETABLE
# is the default value for IPROUTETABLE
#
# IPROUTEARGS
# is the extra argument list for ip route command
#
# IPRULEARGS
# is the extra argument list for ip rule command
#
if [ -f /etc/default/pluto_updown ]
then
. /etc/default/pluto_updown
fi
# check interface version
case "$PLUTO_VERSION" in
1.[0]) # Older Pluto?!? Play it safe, script may be using new features.
echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2
echo "$0: called by obsolete Pluto?" >&2
exit 2
;;
1.*) ;;
*) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2
exit 2
;;
esac
# check parameter(s)
case "$1:$*" in
':') # no parameters
;;
ipfwadm:ipfwadm) # due to (left/right)firewall; for default script only
;;
custom:*) # custom parameters (see above CAUTION comment)
;;
*) echo "$0: unknown parameters \`$*'" >&2
exit 2
;;
esac
# utility functions for route manipulation
# Meddling with this stuff should not be necessary and requires great care.
uproute() {
doroute add
ip route flush cache
}
downroute() {
doroute delete
ip route flush cache
}
uprule() {
# policy based advanced routing
if [ -n "$IPROUTETABLE" ]
then
dorule delete
dorule add
fi
# virtual sourceip support
if [ -n "$PLUTO_MY_SOURCEIP" ]
then
addsource
rc=$?
if [ $rc -ne 0 ];
then
changesource
fi
fi
ip route flush cache
}
downrule() {
if [ -n "$IPROUTETABLE" ]
then
dorule delete
ip route flush cache
fi
}
addsource() {
st=0
# check if given sourceip is local and add as alias if not
if ! ip -o route get ${PLUTO_MY_SOURCEIP%/*} | grep -q ^local
then
it="ip addr add ${PLUTO_MY_SOURCEIP%/*}/32 dev ${PLUTO_INTERFACE%:*}"
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: File exists'*)
# should not happen, but ... ignore if the
# address was already assigned on interface
oops=""
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: addsource \`$it' failed ($oops)" >&2
fi
fi
return $st
}
changesource() {
# Change used route source to destination if there is previous
# Route to same PLUTO_PEER_CLIENT. This is basically to fix
# configuration errors where all conns to same destination don't
# have (left/right)sourceip set.
st=0
parms="$PLUTO_PEER_CLIENT dev ${PLUTO_INTERFACE%:*}"
parms="$parms src ${PLUTO_MY_SOURCEIP%/*} $IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms="$parms table $IPROUTETABLE"
fi
it="ip route change $parms"
case "$PLUTO_PEER_CLIENT" in
"0.0.0.0/0")
# opportunistic encryption work around
it=
;;
esac
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: No such file or directory'*)
# Will happen every time first tunnel is activated because
# there is no previous route to PLUTO_PEER_CLIENT. So we
# need to ignore this error.
oops=""
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: changesource \`$it' failed ($oops)" >&2
fi
return $st
}
dorule() {
st=0
it2=
iprule="from $PLUTO_MY_CLIENT"
iprule2="to $PLUTO_PEER_CLIENT table $IPROUTETABLE $IPRULEARGS"
case "$PLUTO_PEER_CLIENT" in
"0.0.0.0/0")
# opportunistic encryption work around
st=0
;;
*)
if [ -z "$PLUTO_MY_SOURCEIP" ]
then
if [ "$PLUTO_ME" = "${PLUTO_MY_CLIENT%/*}" ]
then
it="ip rule $1 iif lo $iprule2"
else
it="ip rule $1 $iprule $iprule2"
fi
else
if [ "${PLUTO_MY_SOURCEIP%/*}" = "${PLUTO_MY_CLIENT%/*}" ]
then
it="ip rule $1 iif lo $iprule2"
else
it="ip rule $1 $iprule $iprule2"
it2="ip rule $1 iif lo $iprule2"
fi
fi
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: No such process'*)
# This is what ip rule gives
# for "could not find such a rule"
oops=
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: dorule \`$it' failed ($oops)" >&2
fi
if test "$st" = "0" -a -n "$it2"
then
oops="`eval $it2 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: No such process'*)
# This is what ip rule gives
# for "could not find such a rule"
oops=
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: dorule \`$it2' failed ($oops)" >&2
fi
fi
;;
esac
return $st
}
doroute() {
st=0
parms="$PLUTO_PEER_CLIENT"
parms2=
if [ -n "$PLUTO_NEXT_HOP" ] && [ "$PLUTO_NEXT_HOP" != "$PLUTO_PEER" ]
then
parms2="via $PLUTO_NEXT_HOP"
fi
parms2="$parms2 dev ${PLUTO_INTERFACE%:*}"
parms3="$IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms3="$parms3 table $IPROUTETABLE"
fi
if [ -z "$PLUTO_MY_SOURCEIP" ] && [ -n "$DEFAULTSOURCE" ]
then
PLUTO_MY_SOURCEIP="${DEFAULTSOURCE%/*}"
fi
if test "$1" = "add" -a -n "$PLUTO_MY_SOURCEIP"
then
addsource
parms3="$parms3 src ${PLUTO_MY_SOURCEIP%/*}"
fi
case "$PLUTO_PEER_CLIENT" in
"0.0.0.0/0")
# opportunistic encryption work around
# need to provide route that eclipses default, without
# replacing it.
it="ip route $1 0.0.0.0/1 $parms2 $parms3 &&
ip route $1 128.0.0.0/1 $parms2 $parms3"
;;
*) it="ip route $1 $parms $parms2 $parms3"
;;
esac
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: doroute \`$it' failed ($oops)" >&2
fi
return $st
}
# the big choice
case "$PLUTO_VERB:$1" in
prepare-host:*|prepare-client:*)
# delete possibly-existing route (preliminary to adding a route)
case "$PLUTO_PEER_CLIENT" in
"0.0.0.0/0")
# need to provide route that eclipses default, without
# replacing it.
parms1="0.0.0.0/1"
parms2="128.0.0.0/1"
it="ip route delete $parms1 $IPROUTEARGS 2>&1 ; ip route delete $parms2 $IPROUTEARGS 2>&1"
oops="`ip route delete $parms1 $IPROUTEARGS 2>&1 ; ip route delete $parms2 $IPROUTEARGS 2>&1`"
;;
*)
parms="$PLUTO_PEER_CLIENT $IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms="$parms table $IPROUTETABLE"
fi
it="ip route delete $parms 2>&1"
oops="`ip route delete $parms 2>&1`"
;;
esac
status="$?"
if test " $oops" = " " -a " $status" != " 0"
then
oops="silent error, exit status $status"
fi
case "$oops" in
*'RTNETLINK answers: No such process'*)
# This is what route (currently -- not documented!) gives
# for "could not find such a route".
oops=
status=0
;;
esac
if test " $oops" != " " -o " $status" != " 0"
then
echo "$0: \`$it' failed ($oops)" >&2
fi
exit $status
;;
route-host:*|route-client:*)
# connection to me or my client subnet being routed
uproute
;;
unroute-host:*|unroute-client:*)
# connection to me or my client subnet being unrouted
downroute
;;
up-host:*)
# connection to me coming up
uprule
# If you are doing a custom version, firewall commands go here.
;;
down-host:*)
# connection to me going down
downrule
# If you are doing a custom version, firewall commands go here.
;;
up-client:)
# connection to my client subnet coming up
uprule
# If you are doing a custom version, firewall commands go here.
;;
down-client:)
# connection to my client subnet going down
downrule
# If you are doing a custom version, firewall commands go here.
;;
up-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, coming up
uprule
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
down-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, going down
downrule
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
#
# IPv6
#
prepare-host-v6:*|prepare-client-v6:*)
;;
route-host-v6:*|route-client-v6:*)
# connection to me or my client subnet being routed
#uproute_v6
;;
unroute-host-v6:*|unroute-client-v6:*)
# connection to me or my client subnet being unrouted
#downroute_v6
;;
up-host-v6:*)
# connection to me coming up
# If you are doing a custom version, firewall commands go here.
;;
down-host-v6:*)
# connection to me going down
# If you are doing a custom version, firewall commands go here.
;;
up-client-v6:)
# connection to my client subnet coming up
# If you are doing a custom version, firewall commands go here.
;;
down-client-v6:)
# connection to my client subnet going down
# If you are doing a custom version, firewall commands go here.
;;
*) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2
exit 1
;;
esac
+ for f in '`ls ${IPSEC_EXECDIR-/usr/libexec/ipsec} | egrep updown`'
+ cat /usr/lib/ipsec/_updown_x509
#! /bin/sh
#
# customized updown script
#
# logging of VPN connections
#
# tag put in front of each log entry:
TAG=vpn
#
# syslog facility and priority used:
FAC_PRIO=local0.notice
#
# to create a special vpn logging file, put the following line into
# the syslog configuration file /etc/syslog.conf:
#
# local0.notice -/var/log/vpn
#
# are there port numbers?
if [ "$PLUTO_MY_PORT" != 0 ]
then
S_MY_PORT="--sport $PLUTO_MY_PORT"
D_MY_PORT="--dport $PLUTO_MY_PORT"
fi
if [ "$PLUTO_PEER_PORT" != 0 ]
then
S_PEER_PORT="--sport $PLUTO_PEER_PORT"
D_PEER_PORT="--dport $PLUTO_PEER_PORT"
fi
# CAUTION: Installing a new version of Openswan will install a new
# copy of this script, wiping out any custom changes you make. If
# you need changes, make a copy of this under another name, and customize
# that, and use the (left/right)updown parameters in ipsec.conf to make
# Openswan use yours instead of this default one.
LC_ALL=C export LC_ALL
# things that this script gets (from ipsec_pluto(8) man page)
#
#
# PLUTO_VERSION
# indicates what version of this interface is being
# used. This document describes version 1.1. This
# is upwardly compatible with version 1.0.
#
# PLUTO_VERB
# specifies the name of the operation to be performed
# (prepare-host, prepare-client, up-host, up-client,
# down-host, or down-client). If the address family
# for security gateway to security gateway communica
# tions is IPv6, then a suffix of -v6 is added to the
# verb.
#
# PLUTO_CONNECTION
# is the name of the connection for which we are
# routing.
#
# PLUTO_CONN_POLICY
# the policy of the connection, as in:
# RSASIG+ENCRYPT+TUNNEL+PFS+DONTREKEY+OPPORTUNISTIC+failureDROP+lKOD+rKOD
#
# PLUTO_NEXT_HOP
# is the next hop to which packets bound for the peer
# must be sent.
#
# PLUTO_INTERFACE
# is the name of the ipsec interface to be used.
#
# PLUTO_ME
# is the IP address of our host.
#
# PLUTO_MY_CLIENT
# is the IP address / count of our client subnet. If
# the client is just the host, this will be the
# host's own IP address / max (where max is 32 for
# IPv4 and 128 for IPv6).
#
# PLUTO_MY_CLIENT_NET
# is the IP address of our client net. If the client
# is just the host, this will be the host's own IP
# address.
#
# PLUTO_MY_CLIENT_MASK
# is the mask for our client net. If the client is
# just the host, this will be 255.255.255.255.
#
# PLUTO_MY_SOURCEIP
# if non-empty, then the source address for the route will be
# set to this IP address.
#
# PLUTO_MY_PROTOCOL
# is the protocol for this connection. Useful for
# firewalling.
#
# PLUTO_MY_PORT
# is the port. Useful for firewalling.
#
# PLUTO_PEER
# is the IP address of our peer.
#
# PLUTO_PEER_CLIENT
# is the IP address / count of the peer's client sub
# net. If the client is just the peer, this will be
# the peer's own IP address / max (where max is 32
# for IPv4 and 128 for IPv6).
#
# PLUTO_PEER_CLIENT_NET
# is the IP address of the peer's client net. If the
# client is just the peer, this will be the peer's
# own IP address.
#
# PLUTO_PEER_CLIENT_MASK
# is the mask for the peer's client net. If the
# client is just the peer, this will be
# 255.255.255.255.
#
# PLUTO_PEER_PROTOCOL
# is the protocol set for remote end with port
# selector.
#
# PLUTO_PEER_PORT
# is the peer's port. Useful for firewalling.
#
# PLUTO_CONNECTION_TYPE
#
# Import default _updown configs from the /etc/default/pluto_updown file
#
# Two variables can be set in this file:
#
# DEFAULTSOURCE
# is the default value for PLUTO_MY_SOURCEIP
#
# IPROUTETABLE
# is the default value for IPROUTETABLE
#
# IPROUTEARGS
# is the extra argument list for ip route command
#
# IPRULEARGS
# is the extra argument list for ip rule command
#
if [ -f /etc/default/pluto_updown ]
then
. /etc/default/pluto_updown
fi
# check interface version
case "$PLUTO_VERSION" in
1.[0]) # Older Pluto?!? Play it safe, script may be using new features.
echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2
echo "$0: called by obsolete Pluto?" >&2
exit 2
;;
1.*) ;;
*) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2
exit 2
;;
esac
# check parameter(s)
case "$1:$*" in
':') # no parameters
;;
ipfwadm:ipfwadm) # due to (left/right)firewall; for default script only
;;
custom:*) # custom parameters (see above CAUTION comment)
;;
*) echo "$0: unknown parameters \`$*'" >&2
exit 2
;;
esac
# utility functions for route manipulation
# Meddling with this stuff should not be necessary and requires great care.
uproute() {
doroute add
ip route flush cache
}
downroute() {
doroute delete
ip route flush cache
}
uprule() {
# policy based advanced routing
if [ -n "$IPROUTETABLE" ]
then
dorule delete
dorule add
fi
# virtual sourceip support
if [ -n "$PLUTO_MY_SOURCEIP" ]
then
addsource
changesource
fi
ip route flush cache
}
downrule() {
if [ -n "$IPROUTETABLE" ]
then
dorule delete
ip route flush cache
fi
}
addsource() {
st=0
if ! ip -o route get ${PLUTO_MY_SOURCEIP%/*} | grep -q ^local
then
it="ip addr add ${PLUTO_MY_SOURCEIP%/*}/32 dev ${PLUTO_INTERFACE%:*}"
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: addsource \`$it' failed ($oops)" >&2
fi
fi
return $st
}
changesource() {
st=0
parms="$PLUTO_PEER_CLIENT"
parms2="dev ${PLUTO_INTERFACE%:*}"
parms3="src ${PLUTO_MY_SOURCEIP%/*} $IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms3="$parms3 table '$IPROUTETABLE'"
fi
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# opportunistic encryption work around
it=
;;
esac
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: changesource \`$it' failed ($oops)" >&2
fi
return $st
}
dorule() {
st=0
it2=
iprule="from $PLUTO_MY_CLIENT"
iprule2="to $PLUTO_PEER_CLIENT table $IPROUTETABLE $IPRULEARGS"
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# opportunistic encryption work around
st=0
;;
*)
if [ -z "$PLUTO_MY_SOURCEIP" ]
then
if [ "$PLUTO_ME" = "${PLUTO_MY_CLIENT%/*}" ]
then
it="ip rule $1 iif lo $iprule2"
else
it="ip rule $1 $iprule $iprule2"
fi
else
if [ "${PLUTO_MY_SOURCEIP%/*}" = "${PLUTO_MY_CLIENT%/*}" ]
then
it="ip rule $1 iif lo $iprule2"
else
it="ip rule $1 $iprule $iprule2"
it2="ip rule $1 iif lo $iprule2"
fi
fi
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: No such process'*)
# This is what ip rule gives
# for "could not find such a rule"
oops=
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: dorule \`$it' failed ($oops)" >&2
fi
if test "$st" = "0" -a -n "$it2"
then
oops="`eval $it2 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
case "$oops" in
'RTNETLINK answers: No such process'*)
# This is what ip rule gives
# for "could not find such a rule"
oops=
st=0
;;
esac
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: dorule \`$it2' failed ($oops)" >&2
fi
fi
;;
esac
return $st
}
doroute() {
st=0
parms="$PLUTO_PEER_CLIENT"
parms2=
if [ -n "$PLUTO_NEXT_HOP" ] && [ "$PLUTO_NEXT_HOP" != "$PLUTO_PEER" ]
then
parms2="via $PLUTO_NEXT_HOP"
fi
parms2="$parms2 dev ${PLUTO_INTERFACE%:*}"
parms3="$IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms3="$parms3 table $IPROUTETABLE"
fi
if [ -z "$PLUTO_MY_SOURCEIP" ] && [ -n "$DEFAULTSOURCE" ]
then
PLUTO_MY_SOURCEIP="${DEFAULTSOURCE%/*}"
fi
if test "$1" = "add" -a -n "$PLUTO_MY_SOURCEIP"
then
addsource
parms3="$parms3 src ${PLUTO_MY_SOURCEIP%/*}"
fi
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# opportunistic encryption work around
# need to provide route that eclipses default, without
# replacing it.
it="ip route $1 0.0.0.0/1 $parms2 $parms3 &&
ip route $1 128.0.0.0/1 $parms2 $parms3"
;;
*) it="ip route $1 $parms $parms2 $parms3"
;;
esac
oops="`eval $it 2>&1`"
st=$?
if test " $oops" = " " -a " $st" != " 0"
then
oops="silent error, exit status $st"
fi
if test " $oops" != " " -o " $st" != " 0"
then
echo "$0: doroute \`$it' failed ($oops)" >&2
fi
return $st
}
# the big choice
case "$PLUTO_VERB:$1" in
prepare-host:*|prepare-client:*)
# delete possibly-existing route (preliminary to adding a route)
case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in
"0.0.0.0/0.0.0.0")
# need to provide route that eclipses default, without
# replacing it.
parms1="0.0.0.0/1"
parms2="128.0.0.0/1"
it="ip route delete $parms1 $IPROUTEARGS 2>&1 ; ip route delete $parms2 $IPROUTEARGS 2>&1"
oops="`ip route delete $parms1 $IPROUTEARGS 2>&1 ; ip route delete $parms2 $IPROUTEARGS 2>&1`"
;;
*)
parms="$PLUTO_PEER_CLIENT $IPROUTEARGS"
if [ -n "$IPROUTETABLE" ]
then
parms="$parms table $IPROUTETABLE"
fi
it="ip route delete $parms 2>&1"
oops="`ip route delete $parms 2>&1`"
;;
esac
status="$?"
if test " $oops" = " " -a " $status" != " 0"
then
oops="silent error, exit status $status"
fi
case "$oops" in
*'RTNETLINK answers: No such process'*)
# This is what route (currently -- not documented!) gives
# for "could not find such a route".
oops=
status=0
;;
esac
if test " $oops" != " " -o " $status" != " 0"
then
echo "$0: \`$it' failed ($oops)" >&2
fi
exit $status
;;
route-host:*|route-client:*)
# connection to me or my client subnet being routed
uproute
;;
unroute-host:*|unroute-client:*)
# connection to me or my client subnet being unrouted
downroute
;;
up-host:*)
# connection to me coming up
uprule
# If you are doing a custom version, firewall commands go here.
iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
-d $PLUTO_ME $D_MY_PORT -j ACCEPT
iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_ME $S_MY_PORT \
-d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
#
if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO \
"+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME"
else
logger -t $TAG -p $FAC_PRIO \
"+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME"
fi
;;
down-host:*)
# connection to me going down
downrule
# If you are doing a custom version, firewall commands go here.
iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
-d $PLUTO_ME $D_MY_PORT -j ACCEPT
iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_ME $S_MY_PORT \
-d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
#
if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO -- \
"- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME"
else
logger -t $TAG -p $FAC_PRIO -- \
"- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME"
fi
;;
up-client:)
# connection to my client subnet coming up
uprule
# If you are doing a custom version, firewall commands go here.
iptables -I FORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \
-d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
iptables -I FORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
-d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT -j ACCEPT
#
if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO \
"+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
else
logger -t $TAG -p $FAC_PRIO \
"+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
fi
;;
down-client:)
# connection to my client subnet going down
downrule
# If you are doing a custom version, firewall commands go here.
iptables -D FORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $S_MY_PORT \
-d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $D_PEER_PORT -j ACCEPT
iptables -D FORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK $S_PEER_PORT \
-d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK $D_MY_PORT -j ACCEPT
#
if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO -- \
"- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
else
logger -t $TAG -p $FAC_PRIO -- \
"- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT"
fi
;;
up-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, coming up
uprule
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
down-client:ipfwadm)
# connection to client subnet, with (left/right)firewall=yes, going down
downrule
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \
-D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK
;;
#
# IPv6
#
prepare-host-v6:*|prepare-client-v6:*)
;;
route-host-v6:*|route-client-v6:*)
# connection to me or my client subnet being routed
#uproute_v6
;;
unroute-host-v6:*|unroute-client-v6:*)
# connection to me or my client subnet being unrouted
#downroute_v6
;;
up-host-v6:*)
# connection to me coming up
# If you are doing a custom version, firewall commands go here.
;;
down-host-v6:*)
# connection to me going down
# If you are doing a custom version, firewall commands go here.
;;
up-client-v6:)
# connection to my client subnet coming up
# If you are doing a custom version, firewall commands go here.
;;
down-client-v6:)
# connection to my client subnet going down
# If you are doing a custom version, firewall commands go here.
;;
*) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2
exit 1
;;
esac
+ _________________________ /proc/net/dev
+ cat /proc/net/dev
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
lo: 926479 9870 0 0 0 0 0 0 926479 9870 0 0 0 0 0 0
eth0:2321885841 37765700 1 0 0 268 0 0 3679595053 31386605 10 0 4 0 6 0
eth1:3851924850 32767269 1 0 0 603 0 0 1855012576 38176231 28 0 4 0 24 0
eth2: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
sit0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
+ _________________________ /proc/net/route
+ cat /proc/net/route
Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT
eth0 80744141 00000000 0001 0 0 0 80FFFFFF 0 0 0
eth0 0000010A 81744141 0003 0 0 0 00FFFFFF 0 0 0
eth1 0000A8C0 00000000 0001 0 0 0 0000FFFF 0 0 0
eth0 00000000 81744141 0003 0 0 0 00000000 0 0 0
+ _________________________ /proc/sys/net/ipv4/ip_forward
+ cat /proc/sys/net/ipv4/ip_forward
1
+ _________________________ /proc/sys/net/ipv4/tcp_ecn
+ cat /proc/sys/net/ipv4/tcp_ecn
0
+ _________________________ /proc/sys/net/ipv4/conf/star-rp_filter
+ cd /proc/sys/net/ipv4/conf
+ egrep '^' all/rp_filter default/rp_filter eth0/rp_filter eth1/rp_filter lo/rp_filter
all/rp_filter:0
default/rp_filter:0
eth0/rp_filter:1
eth1/rp_filter:1
lo/rp_filter:0
+ _________________________ /proc/sys/net/ipv4/conf/star-rp_filter
+ cd /proc/sys/net/ipv4/conf
+ egrep '^' all/rp_filter default/rp_filter eth0/rp_filter eth1/rp_filter lo/rp_filter
all/rp_filter:0
default/rp_filter:0
eth0/rp_filter:1
eth1/rp_filter:1
lo/rp_filter:0
+ _________________________ /proc/sys/net/ipv4/conf/star-star-redirects
+ cd /proc/sys/net/ipv4/conf
+ egrep '^' all/accept_redirects all/secure_redirects all/send_redirects default/accept_redirects default/secure_redirects default/send_redirects eth0/accept_redirects eth0/secure_redirects eth0/send_redirects eth1/accept_redirects eth1/secure_redirects eth1/send_redirects lo/accept_redirects lo/secure_redirects lo/send_redirects
all/accept_redirects:0
all/secure_redirects:1
all/send_redirects:0
default/accept_redirects:0
default/secure_redirects:1
default/send_redirects:0
eth0/accept_redirects:0
eth0/secure_redirects:1
eth0/send_redirects:0
eth1/accept_redirects:0
eth1/secure_redirects:1
eth1/send_redirects:0
lo/accept_redirects:0
lo/secure_redirects:1
lo/send_redirects:0
+ _________________________ /proc/sys/net/ipv4/tcp_window_scaling
+ cat /proc/sys/net/ipv4/tcp_window_scaling
1
+ _________________________ /proc/sys/net/ipv4/tcp_adv_win_scale
+ cat /proc/sys/net/ipv4/tcp_adv_win_scale
2
+ _________________________ uname-a
+ uname -a
Linux txgw 2.6.18-6-686 #1 SMP Mon Oct 13 16:13:09 UTC 2008 i686 GNU/Linux
+ _________________________ config-built-with
+ test -r /proc/config_built_with
+ _________________________ distro-release
+ for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
+ test -f /etc/redhat-release
+ for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
+ test -f /etc/debian-release
+ for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
+ test -f /etc/SuSE-release
+ for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
+ test -f /etc/mandrake-release
+ for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
+ test -f /etc/mandriva-release
+ for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
+ test -f /etc/gentoo-release
+ _________________________ /proc/net/ipsec_version
+ test -r /proc/net/ipsec_version
+ test -r /proc/net/pfkey
++ uname -r
+ echo 'NETKEY (2.6.18-6-686) support detected '
NETKEY (2.6.18-6-686) support detected
+ _________________________ ipfwadm
+ test -r /sbin/ipfwadm
+ 'no old-style linux 1.x/2.0 ipfwadm firewall support'
/usr/lib/ipsec/barf: line 305: no old-style linux 1.x/2.0 ipfwadm firewall support: No such file or directory
+ _________________________ ipchains
+ test -r /sbin/ipchains
+ echo 'no old-style linux 2.0 ipchains firewall support'
no old-style linux 2.0 ipchains firewall support
+ _________________________ iptables
+ test -r /sbin/iptables
+ iptables -L -v -n
Chain INPUT (policy DROP 11 packets, 1219 bytes)
pkts bytes target prot opt in out source destination
226K 36M INETIN 0 -- eth0 * 0.0.0.0/0 0.0.0.0/0
554K 119M ACCEPT 0 -- * * 192.168.0.0/16 0.0.0.0/0
0 0 ACCEPT 0 -- lo * 0.0.0.0/0 0.0.0.0/0
738 252K ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
Chain FORWARD (policy DROP 135 packets, 44405 bytes)
pkts bytes target prot opt in out source destination
15M 12G INETIN 0 -- eth0 eth1 0.0.0.0/0 0.0.0.0/0
13M 2334M INETOUT 0 -- eth1 eth0 0.0.0.0/0 0.0.0.0/0
79355 11M ACCEPT 0 -- !eth0 !eth0 192.168.0.0/16 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 728K packets, 90M bytes)
pkts bytes target prot opt in out source destination
217K 95M INETOUT 0 -- * eth0 0.0.0.0/0 0.0.0.0/0
Chain DMZIN (0 references)
pkts bytes target prot opt in out source destination
Chain DMZOUT (0 references)
pkts bytes target prot opt in out source destination
Chain INETIN (2 references)
pkts bytes target prot opt in out source destination
4091 458K TREJECT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 5
0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 9
0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 10
0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 15
0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 16
0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 17
0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 18
237 18964 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 15/sec burst 5
0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
19123 2382K ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp !type 8
280 71748 UDPACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:500
9604 6689K UDPACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:4500
15M 12G ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED
0 0 TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 state RELATED
0 0 UDPACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:1024:65535 state RELATED
109K 19M TREJECT 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain INETOUT (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- * * 0.0.0.0/0 5.6.7.131 tcp dpt:25
0 0 ACCEPT tcp -- * * 0.0.0.0/0 5.6.7.140 tcp dpt:25
0 0 ACCEPT tcp -- * * 0.0.0.0/0 72.167.218.85 tcp dpt:25
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 reject-with icmp-port-unreachable
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:554 LOG flags 0 level 4 prefix `RTSP DETECTED: '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:554 LOG flags 0 level 4 prefix `RTSP DETECTED: '
13M 2429M ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain LDROP (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `TCP Dropped '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `UDP Dropped '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `ICMP Dropped '
0 0 LOG 0 -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `FRAGMENT Dropped '
0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain LREJECT (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `TCP Rejected '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `UDP Rejected '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `ICMP Rejected '
0 0 LOG 0 -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `FRAGMENT Rejected '
0 0 REJECT 0 -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain LTREJECT (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `TCP Rejected '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `UDP Rejected '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `ICMP Rejected '
0 0 LOG 0 -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `FRAGMENT Rejected '
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT 0 -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain TCPACCEPT (29 references)
pkts bytes target prot opt in out source destination
488 26768 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 625/sec burst 5
5 300 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `Possible SynFlood '
5 300 TREJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02
247K 193M ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02
0 0 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `Mismatch in TCPACCEPT '
0 0 TREJECT 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain TREJECT (13 references)
pkts bytes target prot opt in out source destination
11524 938K REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
98555 18M REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
1548 232K DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0
1933 290K REJECT 0 -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain UDPACCEPT (9 references)
pkts bytes target prot opt in out source destination
10980 6845K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `Mismatch on UDPACCEPT '
0 0 TREJECT 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain ULDROP (0 references)
pkts bytes target prot opt in out source destination
0 0 ULOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LDROP_TCP' queue_threshold 1
0 0 ULOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LDROP_UDP' queue_threshold 1
0 0 ULOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LDROP_ICMP' queue_threshold 1
0 0 ULOG 0 -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LDROP_FRAG' queue_threshold 1
0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain ULREJECT (0 references)
pkts bytes target prot opt in out source destination
0 0 ULOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LREJECT_TCP' queue_threshold 1
0 0 ULOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LREJECT_UDP' queue_threshold 1
0 0 ULOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LREJECT_UDP' queue_threshold 1
0 0 ULOG 0 -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LREJECT_FRAG' queue_threshold 1
0 0 REJECT 0 -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain ULTREJECT (0 references)
pkts bytes target prot opt in out source destination
0 0 ULOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LTREJECT_TCP' queue_threshold 1
0 0 ULOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LTREJECT_UDP' queue_threshold 1
0 0 ULOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LTREJECT_ICMP' queue_threshold 1
0 0 ULOG 0 -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LTREJECT_FRAG' queue_threshold 1
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT 0 -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
+ _________________________ iptables-nat
+ iptables -t nat -L -v -n
Chain PREROUTING (policy ACCEPT 1205K packets, 93M bytes)
pkts bytes target prot opt in out source destination
2102 126K DNAT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5666 to:192.168.0.25:5666
2119 127K DNAT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4444 to:192.168.0.56:4444
0 0 DNAT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5060 to:192.168.0.38:5060
Chain POSTROUTING (policy ACCEPT 449K packets, 22M bytes)
pkts bytes target prot opt in out source destination
793K 53M MASQUERADE 0 -- * eth0 192.168.0.0/16 !10.1.0.0/24
Chain OUTPUT (policy ACCEPT 434K packets, 21M bytes)
pkts bytes target prot opt in out source destination
+ _________________________ iptables-mangle
+ iptables -t mangle -L -v -n
Chain PREROUTING (policy ACCEPT 69M packets, 39G bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 1815K packets, 737M bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 68M packets, 39G bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 1787K packets, 315M bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 69M packets, 39G bytes)
pkts bytes target prot opt in out source destination
+ _________________________ /proc/modules
+ test -f /proc/modules
+ cat /proc/modules
ip_nat_h323 7104 0 - Live 0xd02dd000
ip_conntrack_h323 47676 1 ip_nat_h323, Live 0xd0347000
xfrm_user 20352 2 - Live 0xd0329000
xfrm4_tunnel 2624 0 - Live 0xd02db000
af_key 32016 0 - Live 0xd02c6000
xfrm4_mode_tunnel 2816 2 - Live 0xd02f9000
cls_u32 7716 2 - Live 0xd0316000
sch_sfq 5728 3 - Live 0xd0313000
sch_htb 15520 1 - Live 0xd0302000
deflate 3840 0 - Live 0xd0300000
zlib_deflate 18200 1 deflate, Live 0xd030d000
twofish 43136 0 - Live 0xd031d000
serpent 19008 0 - Live 0xd0307000
blowfish 9440 0 - Live 0xd02f5000
crypto_null 2656 0 - Live 0xd02f3000
tunnel4 3396 1 xfrm4_tunnel, Live 0xd02ef000
ipcomp 7336 0 - Live 0xd02ec000
esp4 7648 2 - Live 0xd02d8000
ah4 6336 0 - Live 0xd026b000
aes 28160 2 - Live 0xd02e4000
des 17536 0 - Live 0xd0285000
sha1 2656 2 - Live 0xd0283000
sha256 11104 0 - Live 0xd02d0000
ipt_MASQUERADE 3712 1 - Live 0xd026e000
xt_tcpudp 3136 52 - Live 0xd02c4000
iptable_mangle 2880 0 - Live 0xd024b000
iptable_nat 7044 1 - Live 0xd0260000
ip_nat 16876 3 ip_nat_h323,ipt_MASQUERADE,iptable_nat, Live 0xd027d000
ipt_REJECT 5248 12 - Live 0xd0263000
xt_limit 2752 29 - Live 0xd0247000
xt_state 2272 4 - Live 0xd0249000
ip_conntrack 49088 6 ip_nat_h323,ip_conntrack_h323,ipt_MASQUERADE,iptable_nat,ip_nat,xt_state, Live 0xd0270000
nfnetlink 6680 2 ip_nat,ip_conntrack, Live 0xd025d000
ipt_LOG 6112 17 - Live 0xd025a000
ipt_ULOG 7780 12 - Live 0xd0257000
iptable_filter 3104 1 - Live 0xd00fb000
ip_tables 13028 3 iptable_mangle,iptable_nat,iptable_filter, Live 0xd0252000
x_tables 13316 9 ipt_MASQUERADE,xt_tcpudp,iptable_nat,ipt_REJECT,xt_limit,xt_state,ipt_LOG,ipt_ULOG,ip_tables, Live 0xd024d000
button 6672 0 - Live 0xd0229000
ac 5188 0 - Live 0xd022c000
battery 9636 0 - Live 0xd0234000
ipv6 226272 28 - Live 0xd028b000
dm_snapshot 15552 0 - Live 0xd022f000
dm_mirror 19152 0 - Live 0xd014a000
dm_mod 50200 2 dm_snapshot,dm_mirror, Live 0xd0239000
loop 15048 0 - Live 0xd0150000
snd_intel8x0 30332 0 - Live 0xd0220000
snd_ac97_codec 83104 1 snd_intel8x0, Live 0xd0169000
snd_ac97_bus 2400 1 snd_ac97_codec, Live 0xd00fd000
snd_pcm 68676 2 snd_intel8x0,snd_ac97_codec, Live 0xd020e000
snd_timer 20996 1 snd_pcm, Live 0xd0128000
snd 47012 4 snd_intel8x0,snd_ac97_codec,snd_pcm,snd_timer, Live 0xd0201000
snd_page_alloc 10184 2 snd_intel8x0,snd_pcm, Live 0xd00b3000
parport_pc 32132 0 - Live 0xd0160000
parport 33256 1 parport_pc, Live 0xd0156000
psmouse 35016 0 - Live 0xd0135000
i810_audio 32916 0 - Live 0xd0140000
ac97_codec 17196 1 i810_audio, Live 0xd012f000
pcspkr 3072 0 - Live 0xd00f9000
serio_raw 6660 0 - Live 0xd0017000
soundcore 9248 2 snd,i810_audio, Live 0xd00f0000
shpchp 33024 0 - Live 0xd011e000
pci_hotplug 28704 1 shpchp, Live 0xd00c4000
rtc 12372 0 - Live 0xd00eb000
intel_agp 22204 1 - Live 0xd00e4000
agpgart 29896 1 intel_agp, Live 0xd00db000
evdev 9088 0 - Live 0xd00bb000
ext3 119240 2 - Live 0xd00ff000
jbd 52456 1 ext3, Live 0xd00cd000
mbcache 8356 1 ext3, Live 0xd00b7000
ide_cd 36064 0 - Live 0xd00a1000
cdrom 32544 1 ide_cd, Live 0xd007b000
ide_disk 14848 3 - Live 0xd001d000
8139too 25120 0 - Live 0xd00ab000
generic 4868 0 [permanent], Live 0xd0078000
ehci_hcd 28136 0 - Live 0xd0099000
8139cp 21920 0 - Live 0xd0092000
mii 5344 2 8139too,8139cp, Live 0xd0075000
tulip 46560 0 - Live 0xd0085000
piix 9444 0 [permanent], Live 0xd0022000
ide_core 110504 4 ide_cd,ide_disk,generic,piix, Live 0xd003c000
uhci_hcd 21164 0 - Live 0xd0035000
usbcore 112644 3 ehci_hcd,uhci_hcd, Live 0xd0058000
thermal 13608 0 - Live 0xd0030000
processor 28840 1 thermal, Live 0xd0027000
fan 4804 0 - Live 0xd001a000
+ _________________________ /proc/meminfo
+ cat /proc/meminfo
MemTotal: 248888 kB
MemFree: 15272 kB
Buffers: 51988 kB
Cached: 134096 kB
SwapCached: 0 kB
Active: 93000 kB
Inactive: 108548 kB
HighTotal: 0 kB
HighFree: 0 kB
LowTotal: 248888 kB
LowFree: 15272 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Dirty: 108 kB
Writeback: 0 kB
AnonPages: 15480 kB
Mapped: 6928 kB
Slab: 28300 kB
PageTables: 712 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
CommitLimit: 124444 kB
Committed_AS: 483732 kB
VmallocTotal: 778232 kB
VmallocUsed: 3244 kB
VmallocChunk: 774824 kB
+ _________________________ /proc/net/ipsec-ls
+ test -f /proc/net/ipsec_version
+ _________________________ usr/src/linux/.config
+ test -f /proc/config.gz
++ uname -r
+ test -f /lib/modules/2.6.18-6-686/build/.config
+ echo 'no .config file found, cannot list kernel properties'
no .config file found, cannot list kernel properties
+ _________________________ etc/syslog.conf
+ cat /etc/syslog.conf
# /etc/syslog.conf Configuration file for syslogd.
#
# For more information see syslog.conf(5)
# manpage.
#
# First some standard logfiles. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
uucp.* /var/log/uucp.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
# Logging for INN news system
#
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
#
# Some `catch-all' logfiles.
#
*.=debug;\
auth,authpriv.none;\
news.none;mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg *
#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
# news.=crit;news.=err;news.=notice;\
# *.=debug;*.=info;\
# *.=notice;*.=warn /dev/tty8
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
# you must invoke `xconsole' with the `-file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
# busy site..
#
daemon.*;mail.*;\
news.crit;news.err;news.notice;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
+ _________________________ etc/syslog-ng/syslog-ng.conf
+ cat /etc/syslog-ng/syslog-ng.conf
cat: /etc/syslog-ng/syslog-ng.conf: No such file or directory
+ _________________________ etc/resolv.conf
+ cat /etc/resolv.conf
search example.com hrdpt.com
nameserver 192.168.0.1
nameserver 206.16.27.185
nameserver 208.67.220.220
+ _________________________ lib/modules-ls
+ ls -ltr /lib/modules
total 4
drwxr-xr-x 3 root root 4096 Feb 27 2009 2.6.18-6-686
+ _________________________ /proc/ksyms-netif_rx
+ test -r /proc/ksyms
+ test -r /proc/kallsyms
+ egrep netif_rx /proc/kallsyms
c022823a T __netif_rx_schedule
c0229278 T netif_rx
c022a624 T netif_rx_ni
c0229278 U netif_rx [ipv6]
c022823a U __netif_rx_schedule [8139too]
c022823a U __netif_rx_schedule [8139cp]
c022823a U __netif_rx_schedule [tulip]
+ _________________________ lib/modules-netif_rx
+ modulegoo kernel/net/ipv4/ipip.o netif_rx
+ set +x
2.6.18-6-686:
+ _________________________ kern.debug
+ test -f /var/log/kern.debug
+ _________________________ klog
+ sed -n '23919,$p' /var/log/daemon.log.0
+ egrep -i 'ipsec|klips|pluto'
+ case "$1" in
+ cat
Oct 22 22:21:09 txgw ipsec_setup: Starting Openswan IPsec 2.4.12...
Oct 22 22:21:09 txgw ipsec__plutorun: 104 "ar-to-tx" #1: STATE_MAIN_I1: initiate
Oct 22 22:21:09 txgw ipsec__plutorun: ...could not start conn "ar-to-tx"
+ _________________________ plog
+ sed -n '5153,$p' /var/log/auth.log
+ egrep -i pluto
+ case "$1" in
+ cat
Oct 22 22:21:09 txgw ipsec__plutorun: Starting Pluto subsystem...
Oct 22 22:21:09 txgw pluto[13034]: Starting Pluto (Openswan Version 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OE`lPH|Vbpuu)
Oct 22 22:21:09 txgw pluto[13034]: Setting NAT-Traversal port-4500 floating to on
Oct 22 22:21:09 txgw pluto[13034]: port floating activation criteria nat_t=1/port_fload=1
Oct 22 22:21:09 txgw pluto[13034]: including NAT-Traversal patch (Version 0.6c)
Oct 22 22:21:09 txgw pluto[13034]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Oct 22 22:21:09 txgw pluto[13034]: no helpers will be started, all cryptographic operations will be done inline
Oct 22 22:21:09 txgw pluto[13034]: Using NETKEY IPsec interface code on 2.6.18-6-686
Oct 22 22:21:09 txgw pluto[13034]: Changing to directory '/etc/ipsec.d/cacerts'
Oct 22 22:21:09 txgw pluto[13034]: Changing to directory '/etc/ipsec.d/aacerts'
Oct 22 22:21:09 txgw pluto[13034]: Changing to directory '/etc/ipsec.d/ocspcerts'
Oct 22 22:21:09 txgw pluto[13034]: Changing to directory '/etc/ipsec.d/crls'
Oct 22 22:21:09 txgw pluto[13034]: Warning: empty directory
Oct 22 22:21:09 txgw pluto[13034]: added connection description "ar-to-tx"
Oct 22 22:21:09 txgw pluto[13034]: listening for IKE messages
Oct 22 22:21:09 txgw pluto[13034]: adding interface eth1/eth1 192.168.0.1:500
Oct 22 22:21:09 txgw pluto[13034]: adding interface eth1/eth1 192.168.0.1:4500
Oct 22 22:21:09 txgw pluto[13034]: adding interface eth0/eth0 5.6.7.8:500
Oct 22 22:21:09 txgw pluto[13034]: adding interface eth0/eth0 5.6.7.8:4500
Oct 22 22:21:09 txgw pluto[13034]: adding interface lo/lo 127.0.0.1:500
Oct 22 22:21:09 txgw pluto[13034]: adding interface lo/lo 127.0.0.1:4500
Oct 22 22:21:09 txgw pluto[13034]: adding interface lo/lo ::1:500
Oct 22 22:21:09 txgw pluto[13034]: loading secrets from "/etc/ipsec.secrets"
Oct 22 22:21:09 txgw pluto[13034]: "ar-to-tx" #1: initiating Main Mode
Oct 22 22:21:10 txgw pluto[13034]: packet from 1.2.3.4:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN
Oct 22 22:21:10 txgw pluto[13034]: packet from 1.2.3.4:500: received and ignored informational message
Oct 22 22:21:17 txgw pluto[13034]: packet from 1.2.3.4:500: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 22 22:21:17 txgw pluto[13034]: packet from 1.2.3.4:500: received Vendor ID payload [Dead Peer Detection]
Oct 22 22:21:17 txgw pluto[13034]: packet from 1.2.3.4:500: received Vendor ID payload [RFC 3947] method set to=109
Oct 22 22:21:17 txgw pluto[13034]: packet from 1.2.3.4:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
Oct 22 22:21:17 txgw pluto[13034]: packet from 1.2.3.4:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
Oct 22 22:21:17 txgw pluto[13034]: packet from 1.2.3.4:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 22 22:21:17 txgw pluto[13034]: packet from 1.2.3.4:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Oct 22 22:21:17 txgw pluto[13034]: "ar-to-tx" #2: responding to Main Mode
Oct 22 22:21:17 txgw pluto[13034]: "ar-to-tx" #2: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 22 22:21:17 txgw pluto[13034]: "ar-to-tx" #2: STATE_MAIN_R1: sent MR1, expecting MI2
Oct 22 22:21:17 txgw pluto[13034]: "ar-to-tx" #2: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 22 22:21:17 txgw pluto[13034]: "ar-to-tx" #2: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Oct 22 22:21:17 txgw pluto[13034]: "ar-to-tx" #2: STATE_MAIN_R2: sent MR2, expecting MI3
Oct 22 22:21:17 txgw pluto[13034]: "ar-to-tx" #2: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 22 22:21:17 txgw pluto[13034]: "ar-to-tx" #2: I did not send a certificate because I do not have one.
Oct 22 22:21:17 txgw pluto[13034]: "ar-to-tx" #2: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Oct 22 22:21:17 txgw pluto[13034]: "ar-to-tx" #2: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 22 22:21:17 txgw pluto[13034]: "ar-to-tx" #3: responding to Quick Mode {msgid:fe394aa3}
Oct 22 22:21:17 txgw pluto[13034]: "ar-to-tx" #3: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Oct 22 22:21:17 txgw pluto[13034]: "ar-to-tx" #3: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Oct 22 22:21:18 txgw pluto[13034]: "ar-to-tx" #3: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Oct 22 22:21:18 txgw pluto[13034]: "ar-to-tx" #3: STATE_QUICK_R2: IPsec SA established {ESP=>0x87dcdd6b <0x3c1e4804 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #1: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #1: received Vendor ID payload [Dead Peer Detection]
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #1: received Vendor ID payload [RFC 3947] method set to=109
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #1: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #1: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #1: I did not send a certificate because I do not have one.
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #1: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #1: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 22 22:21:19 txgw pluto[13034]: "ar-to-tx" #4: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#1}
Oct 22 22:21:20 txgw pluto[13034]: "ar-to-tx" #4: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Oct 22 22:21:20 txgw pluto[13034]: "ar-to-tx" #4: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x5af2e6ba <0x3bace3ca xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Oct 22 22:21:34 txgw pluto[13034]: "ar-to-tx" #5: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Oct 22 22:21:34 txgw pluto[13034]: "ar-to-tx" #5: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Oct 22 22:21:34 txgw pluto[13034]: "ar-to-tx" #5: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0xcd5bc96c <0xc670e365 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Oct 22 23:12:11 txgw pluto[13034]: "ar-to-tx" #6: initiating Main Mode to replace #1
Oct 22 23:12:11 txgw pluto[13034]: "ar-to-tx" #6: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 22 23:12:11 txgw pluto[13034]: "ar-to-tx" #6: received Vendor ID payload [Dead Peer Detection]
Oct 22 23:12:11 txgw pluto[13034]: "ar-to-tx" #6: received Vendor ID payload [RFC 3947] method set to=109
Oct 22 23:12:11 txgw pluto[13034]: "ar-to-tx" #6: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 22 23:12:11 txgw pluto[13034]: "ar-to-tx" #6: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 22 23:12:11 txgw pluto[13034]: "ar-to-tx" #6: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 22 23:12:12 txgw pluto[13034]: "ar-to-tx" #6: I did not send a certificate because I do not have one.
Oct 22 23:12:12 txgw pluto[13034]: "ar-to-tx" #6: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 22 23:12:12 txgw pluto[13034]: "ar-to-tx" #6: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 22 23:12:12 txgw pluto[13034]: "ar-to-tx" #6: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 22 23:12:12 txgw pluto[13034]: "ar-to-tx" #6: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 22 23:12:12 txgw pluto[13034]: "ar-to-tx" #6: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 22 23:12:12 txgw pluto[13034]: "ar-to-tx" #6: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 22 23:12:50 txgw pluto[13034]: "ar-to-tx" #7: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#6}
Oct 22 23:12:50 txgw pluto[13034]: "ar-to-tx" #7: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Oct 22 23:12:50 txgw pluto[13034]: "ar-to-tx" #7: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x9b658684 <0xa58a0ac4 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Oct 22 23:21:18 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 22 23:21:19 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 22 23:58:42 txgw pluto[13034]: "ar-to-tx" #8: initiating Main Mode to replace #6
Oct 22 23:58:42 txgw pluto[13034]: "ar-to-tx" #8: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 22 23:58:42 txgw pluto[13034]: "ar-to-tx" #8: received Vendor ID payload [Dead Peer Detection]
Oct 22 23:58:42 txgw pluto[13034]: "ar-to-tx" #8: received Vendor ID payload [RFC 3947] method set to=109
Oct 22 23:58:42 txgw pluto[13034]: "ar-to-tx" #8: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 22 23:58:42 txgw pluto[13034]: "ar-to-tx" #8: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 22 23:58:42 txgw pluto[13034]: "ar-to-tx" #8: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 22 23:58:43 txgw pluto[13034]: "ar-to-tx" #8: I did not send a certificate because I do not have one.
Oct 22 23:58:43 txgw pluto[13034]: "ar-to-tx" #8: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 22 23:58:43 txgw pluto[13034]: "ar-to-tx" #8: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 22 23:58:43 txgw pluto[13034]: "ar-to-tx" #8: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 22 23:58:44 txgw pluto[13034]: "ar-to-tx" #8: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 22 23:58:44 txgw pluto[13034]: "ar-to-tx" #8: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 22 23:58:44 txgw pluto[13034]: "ar-to-tx" #8: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 00:12:12 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: initiating Main Mode to replace #8
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: received Vendor ID payload [Dead Peer Detection]
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: I did not send a certificate because I do not have one.
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 00:44:06 txgw pluto[13034]: "ar-to-tx" #9: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 00:58:45 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: initiating Main Mode to replace #9
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: received Vendor ID payload [Dead Peer Detection]
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: I did not send a certificate because I do not have one.
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 01:34:27 txgw pluto[13034]: "ar-to-tx" #10: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 01:44:06 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 02:23:16 txgw pluto[13034]: "ar-to-tx" #11: initiating Main Mode to replace #10
Oct 23 02:23:17 txgw pluto[13034]: "ar-to-tx" #11: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 02:23:17 txgw pluto[13034]: "ar-to-tx" #11: received Vendor ID payload [Dead Peer Detection]
Oct 23 02:23:17 txgw pluto[13034]: "ar-to-tx" #11: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 02:23:17 txgw pluto[13034]: "ar-to-tx" #11: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 02:23:17 txgw pluto[13034]: "ar-to-tx" #11: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 02:23:17 txgw pluto[13034]: "ar-to-tx" #11: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 02:23:17 txgw pluto[13034]: "ar-to-tx" #11: I did not send a certificate because I do not have one.
Oct 23 02:23:17 txgw pluto[13034]: "ar-to-tx" #11: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 02:23:17 txgw pluto[13034]: "ar-to-tx" #11: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 02:23:17 txgw pluto[13034]: "ar-to-tx" #11: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 02:23:17 txgw pluto[13034]: "ar-to-tx" #11: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 02:23:17 txgw pluto[13034]: "ar-to-tx" #11: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 02:23:17 txgw pluto[13034]: "ar-to-tx" #11: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 02:34:27 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 03:06:09 txgw pluto[13034]: "ar-to-tx" #12: initiating Main Mode to replace #11
Oct 23 03:06:09 txgw pluto[13034]: "ar-to-tx" #12: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 03:06:09 txgw pluto[13034]: "ar-to-tx" #12: received Vendor ID payload [Dead Peer Detection]
Oct 23 03:06:09 txgw pluto[13034]: "ar-to-tx" #12: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 03:06:09 txgw pluto[13034]: "ar-to-tx" #12: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 03:06:09 txgw pluto[13034]: "ar-to-tx" #12: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 03:06:09 txgw pluto[13034]: "ar-to-tx" #12: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 03:06:10 txgw pluto[13034]: "ar-to-tx" #12: I did not send a certificate because I do not have one.
Oct 23 03:06:10 txgw pluto[13034]: "ar-to-tx" #12: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 03:06:10 txgw pluto[13034]: "ar-to-tx" #12: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 03:06:10 txgw pluto[13034]: "ar-to-tx" #12: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 03:06:10 txgw pluto[13034]: "ar-to-tx" #12: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 03:06:10 txgw pluto[13034]: "ar-to-tx" #12: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 03:06:10 txgw pluto[13034]: "ar-to-tx" #12: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 03:23:17 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 03:49:54 txgw pluto[13034]: "ar-to-tx" #13: initiating Main Mode to replace #12
Oct 23 03:49:54 txgw pluto[13034]: "ar-to-tx" #13: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 03:49:54 txgw pluto[13034]: "ar-to-tx" #13: received Vendor ID payload [Dead Peer Detection]
Oct 23 03:49:54 txgw pluto[13034]: "ar-to-tx" #13: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 03:49:54 txgw pluto[13034]: "ar-to-tx" #13: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 03:49:54 txgw pluto[13034]: "ar-to-tx" #13: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 03:49:54 txgw pluto[13034]: "ar-to-tx" #13: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 03:49:54 txgw pluto[13034]: "ar-to-tx" #13: I did not send a certificate because I do not have one.
Oct 23 03:49:54 txgw pluto[13034]: "ar-to-tx" #13: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 03:49:54 txgw pluto[13034]: "ar-to-tx" #13: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 03:49:54 txgw pluto[13034]: "ar-to-tx" #13: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 03:49:55 txgw pluto[13034]: "ar-to-tx" #13: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 03:49:55 txgw pluto[13034]: "ar-to-tx" #13: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 03:49:55 txgw pluto[13034]: "ar-to-tx" #13: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 04:06:10 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: initiating Main Mode to replace #13
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: received Vendor ID payload [Dead Peer Detection]
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: I did not send a certificate because I do not have one.
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 04:33:07 txgw pluto[13034]: "ar-to-tx" #14: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 04:49:55 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: initiating Main Mode to replace #14
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: received Vendor ID payload [Dead Peer Detection]
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: I did not send a certificate because I do not have one.
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 05:21:18 txgw pluto[13034]: "ar-to-tx" #15: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 05:33:07 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 06:09:32 txgw pluto[13034]: "ar-to-tx" #16: initiating Main Mode to replace #15
Oct 23 06:09:33 txgw pluto[13034]: "ar-to-tx" #16: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 06:09:33 txgw pluto[13034]: "ar-to-tx" #16: received Vendor ID payload [Dead Peer Detection]
Oct 23 06:09:33 txgw pluto[13034]: "ar-to-tx" #16: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 06:09:33 txgw pluto[13034]: "ar-to-tx" #16: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 06:09:33 txgw pluto[13034]: "ar-to-tx" #16: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 06:09:33 txgw pluto[13034]: "ar-to-tx" #16: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 06:09:33 txgw pluto[13034]: "ar-to-tx" #16: I did not send a certificate because I do not have one.
Oct 23 06:09:33 txgw pluto[13034]: "ar-to-tx" #16: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 06:09:33 txgw pluto[13034]: "ar-to-tx" #16: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 06:09:33 txgw pluto[13034]: "ar-to-tx" #16: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 06:09:33 txgw pluto[13034]: "ar-to-tx" #16: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 06:09:33 txgw pluto[13034]: "ar-to-tx" #16: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 06:09:33 txgw pluto[13034]: "ar-to-tx" #16: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 06:21:18 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 06:21:18 txgw pluto[13034]: "ar-to-tx" #16: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x87dcdd6b) not found (maybe expired)
Oct 23 06:21:18 txgw pluto[13034]: "ar-to-tx" #16: received and ignored informational message
Oct 23 06:21:21 txgw pluto[13034]: "ar-to-tx" #16: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x5af2e6ba) not found (maybe expired)
Oct 23 06:21:21 txgw pluto[13034]: "ar-to-tx" #16: received and ignored informational message
Oct 23 06:21:34 txgw pluto[13034]: "ar-to-tx" #16: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcd5bc96c) not found (maybe expired)
Oct 23 06:21:34 txgw pluto[13034]: "ar-to-tx" #16: received and ignored informational message
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: initiating Main Mode to replace #16
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: received Vendor ID payload [Dead Peer Detection]
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: I did not send a certificate because I do not have one.
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 06:56:28 txgw pluto[13034]: "ar-to-tx" #17: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 06:59:24 txgw pluto[13034]: "ar-to-tx" #18: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP to replace #7 {using isakmp#17}
Oct 23 06:59:25 txgw pluto[13034]: "ar-to-tx" #18: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Oct 23 06:59:25 txgw pluto[13034]: "ar-to-tx" #18: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x34e17b86 <0xf3c5495d xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Oct 23 07:09:33 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 07:12:50 txgw pluto[13034]: "ar-to-tx" #17: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x9b658684) not found (maybe expired)
Oct 23 07:12:50 txgw pluto[13034]: "ar-to-tx" #17: received and ignored informational message
Oct 23 07:43:35 txgw pluto[13034]: "ar-to-tx" #19: initiating Main Mode to replace #17
Oct 23 07:43:35 txgw pluto[13034]: "ar-to-tx" #19: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 07:43:35 txgw pluto[13034]: "ar-to-tx" #19: received Vendor ID payload [Dead Peer Detection]
Oct 23 07:43:35 txgw pluto[13034]: "ar-to-tx" #19: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 07:43:35 txgw pluto[13034]: "ar-to-tx" #19: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 07:43:35 txgw pluto[13034]: "ar-to-tx" #19: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 07:43:35 txgw pluto[13034]: "ar-to-tx" #19: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 07:43:35 txgw pluto[13034]: "ar-to-tx" #19: I did not send a certificate because I do not have one.
Oct 23 07:43:35 txgw pluto[13034]: "ar-to-tx" #19: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 07:43:35 txgw pluto[13034]: "ar-to-tx" #19: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 07:43:35 txgw pluto[13034]: "ar-to-tx" #19: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 07:43:36 txgw pluto[13034]: "ar-to-tx" #19: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 07:43:36 txgw pluto[13034]: "ar-to-tx" #19: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 07:43:36 txgw pluto[13034]: "ar-to-tx" #19: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 07:56:28 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 08:29:16 txgw pluto[13034]: "ar-to-tx" #20: initiating Main Mode to replace #19
Oct 23 08:29:16 txgw pluto[13034]: "ar-to-tx" #20: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 08:29:16 txgw pluto[13034]: "ar-to-tx" #20: received Vendor ID payload [Dead Peer Detection]
Oct 23 08:29:16 txgw pluto[13034]: "ar-to-tx" #20: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 08:29:16 txgw pluto[13034]: "ar-to-tx" #20: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 08:29:16 txgw pluto[13034]: "ar-to-tx" #20: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 08:29:16 txgw pluto[13034]: "ar-to-tx" #20: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 08:29:16 txgw pluto[13034]: "ar-to-tx" #20: I did not send a certificate because I do not have one.
Oct 23 08:29:16 txgw pluto[13034]: "ar-to-tx" #20: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 08:29:16 txgw pluto[13034]: "ar-to-tx" #20: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 08:29:16 txgw pluto[13034]: "ar-to-tx" #20: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 08:29:17 txgw pluto[13034]: "ar-to-tx" #20: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 08:29:17 txgw pluto[13034]: "ar-to-tx" #20: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 08:29:17 txgw pluto[13034]: "ar-to-tx" #20: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 08:43:36 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 09:13:02 txgw pluto[13034]: "ar-to-tx" #21: initiating Main Mode to replace #20
Oct 23 09:13:02 txgw pluto[13034]: "ar-to-tx" #21: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 09:13:02 txgw pluto[13034]: "ar-to-tx" #21: received Vendor ID payload [Dead Peer Detection]
Oct 23 09:13:02 txgw pluto[13034]: "ar-to-tx" #21: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 09:13:02 txgw pluto[13034]: "ar-to-tx" #21: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 09:13:02 txgw pluto[13034]: "ar-to-tx" #21: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 09:13:02 txgw pluto[13034]: "ar-to-tx" #21: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 09:13:02 txgw pluto[13034]: "ar-to-tx" #21: I did not send a certificate because I do not have one.
Oct 23 09:13:02 txgw pluto[13034]: "ar-to-tx" #21: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 09:13:02 txgw pluto[13034]: "ar-to-tx" #21: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 09:13:02 txgw pluto[13034]: "ar-to-tx" #21: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 09:13:03 txgw pluto[13034]: "ar-to-tx" #21: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 09:13:03 txgw pluto[13034]: "ar-to-tx" #21: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 09:13:03 txgw pluto[13034]: "ar-to-tx" #21: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 09:29:17 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: initiating Main Mode to replace #21
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: received Vendor ID payload [Dead Peer Detection]
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: I did not send a certificate because I do not have one.
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 09:59:48 txgw pluto[13034]: "ar-to-tx" #22: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 10:13:03 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 10:44:07 txgw pluto[13034]: "ar-to-tx" #23: initiating Main Mode to replace #22
Oct 23 10:44:08 txgw pluto[13034]: "ar-to-tx" #23: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 10:44:08 txgw pluto[13034]: "ar-to-tx" #23: received Vendor ID payload [Dead Peer Detection]
Oct 23 10:44:08 txgw pluto[13034]: "ar-to-tx" #23: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 10:44:08 txgw pluto[13034]: "ar-to-tx" #23: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 10:44:08 txgw pluto[13034]: "ar-to-tx" #23: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 10:44:08 txgw pluto[13034]: "ar-to-tx" #23: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 10:44:08 txgw pluto[13034]: "ar-to-tx" #23: I did not send a certificate because I do not have one.
Oct 23 10:44:08 txgw pluto[13034]: "ar-to-tx" #23: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 10:44:08 txgw pluto[13034]: "ar-to-tx" #23: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 10:44:08 txgw pluto[13034]: "ar-to-tx" #23: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 10:44:08 txgw pluto[13034]: "ar-to-tx" #23: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 10:44:08 txgw pluto[13034]: "ar-to-tx" #23: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 10:44:08 txgw pluto[13034]: "ar-to-tx" #23: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 10:59:48 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 11:33:24 txgw pluto[13034]: "ar-to-tx" #24: initiating Main Mode to replace #23
Oct 23 11:33:24 txgw pluto[13034]: "ar-to-tx" #24: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 11:33:24 txgw pluto[13034]: "ar-to-tx" #24: received Vendor ID payload [Dead Peer Detection]
Oct 23 11:33:24 txgw pluto[13034]: "ar-to-tx" #24: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 11:33:24 txgw pluto[13034]: "ar-to-tx" #24: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 11:33:24 txgw pluto[13034]: "ar-to-tx" #24: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 11:33:24 txgw pluto[13034]: "ar-to-tx" #24: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 11:33:25 txgw pluto[13034]: "ar-to-tx" #24: I did not send a certificate because I do not have one.
Oct 23 11:33:25 txgw pluto[13034]: "ar-to-tx" #24: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 11:33:25 txgw pluto[13034]: "ar-to-tx" #24: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 11:33:25 txgw pluto[13034]: "ar-to-tx" #24: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 11:33:25 txgw pluto[13034]: "ar-to-tx" #24: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 11:33:25 txgw pluto[13034]: "ar-to-tx" #24: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 11:33:25 txgw pluto[13034]: "ar-to-tx" #24: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 11:39:46 txgw pluto[13034]: packet from 24.16.32.113:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 11:39:46 txgw pluto[13034]: | payload malformed after IV
Oct 23 11:39:46 txgw pluto[13034]: |
Oct 23 11:39:46 txgw pluto[13034]: packet from 24.16.32.113:500: sending notification PAYLOAD_MALFORMED to 24.16.32.113:500
Oct 23 11:39:46 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 11:39:46 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 11:39:46 txgw pluto[13034]: packet from 24.16.32.113:500: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 11:39:46 txgw pluto[13034]: packet from 24.16.32.113:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 11:39:46 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 11:39:46 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 11:39:46 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 11:39:46 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 11:39:46 txgw pluto[13034]: packet from 24.16.32.113:500: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 11:39:48 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 11:39:48 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 11:39:48 txgw pluto[13034]: packet from 24.16.32.113:500: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 11:39:48 txgw pluto[13034]: packet from 24.16.32.113:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 11:39:48 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 11:39:48 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 11:39:48 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 11:39:48 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 11:39:48 txgw pluto[13034]: packet from 24.16.32.113:500: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 11:39:48 txgw pluto[13034]: packet from 24.16.32.113:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 11:39:48 txgw pluto[13034]: | payload malformed after IV
Oct 23 11:39:48 txgw pluto[13034]: |
Oct 23 11:39:48 txgw pluto[13034]: packet from 24.16.32.113:500: sending notification PAYLOAD_MALFORMED to 24.16.32.113:500
Oct 23 11:39:50 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 11:39:50 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 11:39:50 txgw pluto[13034]: packet from 24.16.32.113:500: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 11:39:50 txgw pluto[13034]: packet from 24.16.32.113:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 11:39:50 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 11:39:50 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 11:39:50 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 11:39:50 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 11:39:50 txgw pluto[13034]: packet from 24.16.32.113:500: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 11:39:50 txgw pluto[13034]: packet from 24.16.32.113:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 11:39:50 txgw pluto[13034]: | payload malformed after IV
Oct 23 11:39:50 txgw pluto[13034]: |
Oct 23 11:39:50 txgw pluto[13034]: packet from 24.16.32.113:500: sending notification PAYLOAD_MALFORMED to 24.16.32.113:500
Oct 23 11:39:54 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 11:39:54 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 11:39:54 txgw pluto[13034]: packet from 24.16.32.113:500: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 11:39:54 txgw pluto[13034]: packet from 24.16.32.113:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 11:39:54 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 11:39:54 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 11:39:54 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 11:39:54 txgw pluto[13034]: packet from 24.16.32.113:500: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 11:39:54 txgw pluto[13034]: packet from 24.16.32.113:500: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 11:39:54 txgw pluto[13034]: packet from 24.16.32.113:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 11:39:54 txgw pluto[13034]: | payload malformed after IV
Oct 23 11:39:54 txgw pluto[13034]: |
Oct 23 11:39:54 txgw pluto[13034]: packet from 24.16.32.113:500: sending notification PAYLOAD_MALFORMED to 24.16.32.113:500
Oct 23 11:44:08 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 12:22:26 txgw pluto[13034]: "ar-to-tx" #25: initiating Main Mode to replace #24
Oct 23 12:22:26 txgw pluto[13034]: "ar-to-tx" #25: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 12:22:26 txgw pluto[13034]: "ar-to-tx" #25: received Vendor ID payload [Dead Peer Detection]
Oct 23 12:22:26 txgw pluto[13034]: "ar-to-tx" #25: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 12:22:26 txgw pluto[13034]: "ar-to-tx" #25: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 12:22:26 txgw pluto[13034]: "ar-to-tx" #25: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 12:22:26 txgw pluto[13034]: "ar-to-tx" #25: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 12:22:27 txgw pluto[13034]: "ar-to-tx" #25: I did not send a certificate because I do not have one.
Oct 23 12:22:27 txgw pluto[13034]: "ar-to-tx" #25: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 12:22:27 txgw pluto[13034]: "ar-to-tx" #25: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 12:22:27 txgw pluto[13034]: "ar-to-tx" #25: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 12:22:27 txgw pluto[13034]: "ar-to-tx" #25: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 12:22:27 txgw pluto[13034]: "ar-to-tx" #25: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 12:22:27 txgw pluto[13034]: "ar-to-tx" #25: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 12:33:25 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 13:09:19 txgw pluto[13034]: "ar-to-tx" #26: initiating Main Mode to replace #25
Oct 23 13:09:19 txgw pluto[13034]: "ar-to-tx" #26: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 13:09:19 txgw pluto[13034]: "ar-to-tx" #26: received Vendor ID payload [Dead Peer Detection]
Oct 23 13:09:19 txgw pluto[13034]: "ar-to-tx" #26: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 13:09:19 txgw pluto[13034]: "ar-to-tx" #26: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 13:09:19 txgw pluto[13034]: "ar-to-tx" #26: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 13:09:19 txgw pluto[13034]: "ar-to-tx" #26: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 13:09:19 txgw pluto[13034]: "ar-to-tx" #26: I did not send a certificate because I do not have one.
Oct 23 13:09:19 txgw pluto[13034]: "ar-to-tx" #26: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 13:09:19 txgw pluto[13034]: "ar-to-tx" #26: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 13:09:19 txgw pluto[13034]: "ar-to-tx" #26: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 13:09:20 txgw pluto[13034]: "ar-to-tx" #26: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 13:09:20 txgw pluto[13034]: "ar-to-tx" #26: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 13:09:20 txgw pluto[13034]: "ar-to-tx" #26: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 13:22:27 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 13:54:09 txgw pluto[13034]: packet from 121.135.236.40:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 13:54:09 txgw pluto[13034]: | payload malformed after IV
Oct 23 13:54:09 txgw pluto[13034]: |
Oct 23 13:54:09 txgw pluto[13034]: packet from 121.135.236.40:500: sending notification PAYLOAD_MALFORMED to 121.135.236.40:500
Oct 23 13:54:09 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 13:54:09 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 13:54:09 txgw pluto[13034]: packet from 121.135.236.40:500: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 13:54:09 txgw pluto[13034]: packet from 121.135.236.40:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 13:54:09 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 13:54:09 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 13:54:09 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 13:54:09 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 13:54:09 txgw pluto[13034]: packet from 121.135.236.40:500: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 13:54:11 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 13:54:11 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 13:54:11 txgw pluto[13034]: packet from 121.135.236.40:500: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 13:54:11 txgw pluto[13034]: packet from 121.135.236.40:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 13:54:11 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 13:54:11 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 13:54:11 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 13:54:11 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 13:54:11 txgw pluto[13034]: packet from 121.135.236.40:500: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 13:54:11 txgw pluto[13034]: packet from 121.135.236.40:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 13:54:11 txgw pluto[13034]: | payload malformed after IV
Oct 23 13:54:11 txgw pluto[13034]: |
Oct 23 13:54:11 txgw pluto[13034]: packet from 121.135.236.40:500: sending notification PAYLOAD_MALFORMED to 121.135.236.40:500
Oct 23 13:54:13 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 13:54:13 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 13:54:13 txgw pluto[13034]: packet from 121.135.236.40:500: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 13:54:13 txgw pluto[13034]: packet from 121.135.236.40:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 13:54:13 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 13:54:13 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 13:54:13 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 13:54:13 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 13:54:13 txgw pluto[13034]: packet from 121.135.236.40:500: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 13:54:13 txgw pluto[13034]: packet from 121.135.236.40:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 13:54:13 txgw pluto[13034]: | payload malformed after IV
Oct 23 13:54:13 txgw pluto[13034]: |
Oct 23 13:54:13 txgw pluto[13034]: packet from 121.135.236.40:500: sending notification PAYLOAD_MALFORMED to 121.135.236.40:500
Oct 23 13:54:17 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 13:54:17 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 13:54:17 txgw pluto[13034]: packet from 121.135.236.40:500: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 13:54:17 txgw pluto[13034]: packet from 121.135.236.40:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 13:54:17 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 13:54:17 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 13:54:17 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 13:54:17 txgw pluto[13034]: packet from 121.135.236.40:500: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 13:54:17 txgw pluto[13034]: packet from 121.135.236.40:500: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 13:54:17 txgw pluto[13034]: packet from 121.135.236.40:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 13:54:17 txgw pluto[13034]: | payload malformed after IV
Oct 23 13:54:17 txgw pluto[13034]: |
Oct 23 13:54:17 txgw pluto[13034]: packet from 121.135.236.40:500: sending notification PAYLOAD_MALFORMED to 121.135.236.40:500
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: initiating Main Mode to replace #26
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: received Vendor ID payload [Dead Peer Detection]
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: I did not send a certificate because I do not have one.
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 14:00:01 txgw pluto[13034]: "ar-to-tx" #27: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 14:09:19 txgw pluto[13034]: "ar-to-tx" #26: received Delete SA payload: deleting ISAKMP State #26
Oct 23 14:09:19 txgw pluto[13034]: packet from 1.2.3.4:500: received and ignored informational message
Oct 23 14:41:42 txgw pluto[13034]: "ar-to-tx" #28: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP to replace #18 {using isakmp#27}
Oct 23 14:41:43 txgw pluto[13034]: "ar-to-tx" #28: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Oct 23 14:41:43 txgw pluto[13034]: "ar-to-tx" #28: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x746548e4 <0x52a9ec94 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: initiating Main Mode to replace #27
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: received Vendor ID payload [Dead Peer Detection]
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: I did not send a certificate because I do not have one.
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 14:46:38 txgw pluto[13034]: "ar-to-tx" #29: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 14:59:25 txgw pluto[13034]: "ar-to-tx" #29: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x34e17b86) not found (maybe expired)
Oct 23 14:59:25 txgw pluto[13034]: "ar-to-tx" #29: received and ignored informational message
Oct 23 15:00:01 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 15:13:40 txgw pluto[13034]: packet from 93.97.77.164:59551: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 15:13:40 txgw pluto[13034]: | payload malformed after IV
Oct 23 15:13:40 txgw pluto[13034]: |
Oct 23 15:13:40 txgw pluto[13034]: packet from 93.97.77.164:59551: sending notification PAYLOAD_MALFORMED to 93.97.77.164:59551
Oct 23 15:13:40 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 15:13:40 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 15:13:40 txgw pluto[13034]: packet from 93.97.77.164:59551: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 15:13:40 txgw pluto[13034]: packet from 93.97.77.164:59551: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 15:13:40 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 15:13:40 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 15:13:40 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 15:13:40 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 15:13:40 txgw pluto[13034]: packet from 93.97.77.164:59551: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 15:13:41 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 15:13:41 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 15:13:41 txgw pluto[13034]: packet from 93.97.77.164:59551: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 15:13:41 txgw pluto[13034]: packet from 93.97.77.164:59551: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 15:13:41 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 15:13:41 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 15:13:41 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 15:13:41 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 15:13:41 txgw pluto[13034]: packet from 93.97.77.164:59551: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 15:13:41 txgw pluto[13034]: packet from 93.97.77.164:59551: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 15:13:41 txgw pluto[13034]: | payload malformed after IV
Oct 23 15:13:41 txgw pluto[13034]: |
Oct 23 15:13:41 txgw pluto[13034]: packet from 93.97.77.164:59551: sending notification PAYLOAD_MALFORMED to 93.97.77.164:59551
Oct 23 15:13:43 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 15:13:43 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 15:13:43 txgw pluto[13034]: packet from 93.97.77.164:59551: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 15:13:43 txgw pluto[13034]: packet from 93.97.77.164:59551: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 15:13:43 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 15:13:43 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 15:13:43 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 15:13:43 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 15:13:43 txgw pluto[13034]: packet from 93.97.77.164:59551: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 15:13:43 txgw pluto[13034]: packet from 93.97.77.164:59551: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 15:13:43 txgw pluto[13034]: | payload malformed after IV
Oct 23 15:13:43 txgw pluto[13034]: |
Oct 23 15:13:43 txgw pluto[13034]: packet from 93.97.77.164:59551: sending notification PAYLOAD_MALFORMED to 93.97.77.164:59551
Oct 23 15:13:47 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 15:13:47 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 15:13:47 txgw pluto[13034]: packet from 93.97.77.164:59551: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 15:13:47 txgw pluto[13034]: packet from 93.97.77.164:59551: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 15:13:47 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 15:13:47 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 15:13:47 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 15:13:47 txgw pluto[13034]: packet from 93.97.77.164:59551: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 15:13:47 txgw pluto[13034]: packet from 93.97.77.164:59551: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 15:13:47 txgw pluto[13034]: packet from 93.97.77.164:59551: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 15:13:47 txgw pluto[13034]: | payload malformed after IV
Oct 23 15:13:47 txgw pluto[13034]: |
Oct 23 15:13:47 txgw pluto[13034]: packet from 93.97.77.164:59551: sending notification PAYLOAD_MALFORMED to 93.97.77.164:59551
Oct 23 15:28:51 txgw pluto[13034]: "ar-to-tx" #30: initiating Main Mode to replace #29
Oct 23 15:28:52 txgw pluto[13034]: "ar-to-tx" #30: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 15:28:52 txgw pluto[13034]: "ar-to-tx" #30: received Vendor ID payload [Dead Peer Detection]
Oct 23 15:28:52 txgw pluto[13034]: "ar-to-tx" #30: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 15:28:52 txgw pluto[13034]: "ar-to-tx" #30: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 15:28:52 txgw pluto[13034]: "ar-to-tx" #30: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 15:28:52 txgw pluto[13034]: "ar-to-tx" #30: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 15:28:52 txgw pluto[13034]: "ar-to-tx" #30: I did not send a certificate because I do not have one.
Oct 23 15:28:52 txgw pluto[13034]: "ar-to-tx" #30: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 15:28:52 txgw pluto[13034]: "ar-to-tx" #30: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 15:28:52 txgw pluto[13034]: "ar-to-tx" #30: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 15:28:52 txgw pluto[13034]: "ar-to-tx" #30: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 15:28:52 txgw pluto[13034]: "ar-to-tx" #30: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 15:28:52 txgw pluto[13034]: "ar-to-tx" #30: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 15:34:09 txgw pluto[13034]: packet from 207.219.39.179:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 15:34:09 txgw pluto[13034]: | payload malformed after IV
Oct 23 15:34:09 txgw pluto[13034]: |
Oct 23 15:34:09 txgw pluto[13034]: packet from 207.219.39.179:500: sending notification PAYLOAD_MALFORMED to 207.219.39.179:500
Oct 23 15:34:09 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 15:34:09 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 15:34:09 txgw pluto[13034]: packet from 207.219.39.179:500: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 15:34:09 txgw pluto[13034]: packet from 207.219.39.179:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 15:34:09 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 15:34:09 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 15:34:09 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 15:34:09 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 15:34:09 txgw pluto[13034]: packet from 207.219.39.179:500: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 15:34:11 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 15:34:11 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 15:34:11 txgw pluto[13034]: packet from 207.219.39.179:500: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 15:34:11 txgw pluto[13034]: packet from 207.219.39.179:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 15:34:11 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 15:34:11 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 15:34:11 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 15:34:11 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 15:34:11 txgw pluto[13034]: packet from 207.219.39.179:500: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 15:34:11 txgw pluto[13034]: packet from 207.219.39.179:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 15:34:11 txgw pluto[13034]: | payload malformed after IV
Oct 23 15:34:11 txgw pluto[13034]: |
Oct 23 15:34:11 txgw pluto[13034]: packet from 207.219.39.179:500: sending notification PAYLOAD_MALFORMED to 207.219.39.179:500
Oct 23 15:34:14 txgw pluto[13034]: packet from 207.219.39.179:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 15:34:14 txgw pluto[13034]: | payload malformed after IV
Oct 23 15:34:14 txgw pluto[13034]: |
Oct 23 15:34:14 txgw pluto[13034]: packet from 207.219.39.179:500: sending notification PAYLOAD_MALFORMED to 207.219.39.179:500
Oct 23 15:34:14 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 15:34:14 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 15:34:14 txgw pluto[13034]: packet from 207.219.39.179:500: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 15:34:14 txgw pluto[13034]: packet from 207.219.39.179:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 15:34:14 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 15:34:14 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 15:34:14 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 15:34:14 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 15:34:14 txgw pluto[13034]: packet from 207.219.39.179:500: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 15:34:18 txgw pluto[13034]: packet from 207.219.39.179:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 15:34:18 txgw pluto[13034]: | payload malformed after IV
Oct 23 15:34:18 txgw pluto[13034]: |
Oct 23 15:34:18 txgw pluto[13034]: packet from 207.219.39.179:500: sending notification PAYLOAD_MALFORMED to 207.219.39.179:500
Oct 23 15:34:18 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [MS-MamieExists]
Oct 23 15:34:18 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
Oct 23 15:34:18 txgw pluto[13034]: packet from 207.219.39.179:500: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 15:34:18 txgw pluto[13034]: packet from 207.219.39.179:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
Oct 23 15:34:18 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [FRAGMENTATION]
Oct 23 15:34:18 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Oct 23 15:34:18 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Oct 23 15:34:18 txgw pluto[13034]: packet from 207.219.39.179:500: ignoring Vendor ID payload [IKE CGA version 1]
Oct 23 15:34:18 txgw pluto[13034]: packet from 207.219.39.179:500: initial Main Mode message received on 5.6.7.8:500 but no connection has been authorized
Oct 23 15:46:38 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 16:16:43 txgw pluto[13034]: "ar-to-tx" #31: initiating Main Mode to replace #30
Oct 23 16:16:43 txgw pluto[13034]: "ar-to-tx" #31: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 16:16:43 txgw pluto[13034]: "ar-to-tx" #31: received Vendor ID payload [Dead Peer Detection]
Oct 23 16:16:43 txgw pluto[13034]: "ar-to-tx" #31: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 16:16:43 txgw pluto[13034]: "ar-to-tx" #31: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 16:16:43 txgw pluto[13034]: "ar-to-tx" #31: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 16:16:43 txgw pluto[13034]: "ar-to-tx" #31: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 16:16:44 txgw pluto[13034]: "ar-to-tx" #31: I did not send a certificate because I do not have one.
Oct 23 16:16:44 txgw pluto[13034]: "ar-to-tx" #31: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 16:16:44 txgw pluto[13034]: "ar-to-tx" #31: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 16:16:44 txgw pluto[13034]: "ar-to-tx" #31: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 16:16:44 txgw pluto[13034]: "ar-to-tx" #31: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 16:16:44 txgw pluto[13034]: "ar-to-tx" #31: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 16:16:44 txgw pluto[13034]: "ar-to-tx" #31: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 16:28:52 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 17:02:43 txgw pluto[13034]: "ar-to-tx" #32: initiating Main Mode to replace #31
Oct 23 17:02:43 txgw pluto[13034]: "ar-to-tx" #32: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 17:02:43 txgw pluto[13034]: "ar-to-tx" #32: received Vendor ID payload [Dead Peer Detection]
Oct 23 17:02:43 txgw pluto[13034]: "ar-to-tx" #32: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 17:02:43 txgw pluto[13034]: "ar-to-tx" #32: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 17:02:43 txgw pluto[13034]: "ar-to-tx" #32: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 17:02:43 txgw pluto[13034]: "ar-to-tx" #32: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 17:02:44 txgw pluto[13034]: "ar-to-tx" #32: I did not send a certificate because I do not have one.
Oct 23 17:02:44 txgw pluto[13034]: "ar-to-tx" #32: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 17:02:44 txgw pluto[13034]: "ar-to-tx" #32: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 17:02:44 txgw pluto[13034]: "ar-to-tx" #32: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 17:02:44 txgw pluto[13034]: "ar-to-tx" #32: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 17:02:44 txgw pluto[13034]: "ar-to-tx" #32: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 17:02:44 txgw pluto[13034]: "ar-to-tx" #32: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 17:16:44 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 17:27:13 txgw pluto[13034]: packet from 91.67.5.190:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 17:27:13 txgw pluto[13034]: | payload malformed after IV
Oct 23 17:27:13 txgw pluto[13034]: |
Oct 23 17:27:13 txgw pluto[13034]: packet from 91.67.5.190:500: sending notification PAYLOAD_MALFORMED to 91.67.5.190:500
Oct 23 17:27:14 txgw pluto[13034]: packet from 91.67.5.190:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 17:27:14 txgw pluto[13034]: | payload malformed after IV
Oct 23 17:27:14 txgw pluto[13034]: |
Oct 23 17:27:14 txgw pluto[13034]: packet from 91.67.5.190:500: sending notification PAYLOAD_MALFORMED to 91.67.5.190:500
Oct 23 17:27:16 txgw pluto[13034]: packet from 91.67.5.190:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 17:27:16 txgw pluto[13034]: | payload malformed after IV
Oct 23 17:27:16 txgw pluto[13034]: |
Oct 23 17:27:16 txgw pluto[13034]: packet from 91.67.5.190:500: sending notification PAYLOAD_MALFORMED to 91.67.5.190:500
Oct 23 17:27:20 txgw pluto[13034]: packet from 91.67.5.190:500: next payload type of ISAKMP Message has an unknown value: 133
Oct 23 17:27:20 txgw pluto[13034]: | payload malformed after IV
Oct 23 17:27:20 txgw pluto[13034]: |
Oct 23 17:27:20 txgw pluto[13034]: packet from 91.67.5.190:500: sending notification PAYLOAD_MALFORMED to 91.67.5.190:500
Oct 23 17:45:19 txgw pluto[13034]: "ar-to-tx" #33: initiating Main Mode to replace #32
Oct 23 17:45:20 txgw pluto[13034]: "ar-to-tx" #33: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 17:45:20 txgw pluto[13034]: "ar-to-tx" #33: received Vendor ID payload [Dead Peer Detection]
Oct 23 17:45:20 txgw pluto[13034]: "ar-to-tx" #33: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 17:45:20 txgw pluto[13034]: "ar-to-tx" #33: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 17:45:20 txgw pluto[13034]: "ar-to-tx" #33: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 17:45:20 txgw pluto[13034]: "ar-to-tx" #33: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 17:45:20 txgw pluto[13034]: "ar-to-tx" #33: I did not send a certificate because I do not have one.
Oct 23 17:45:20 txgw pluto[13034]: "ar-to-tx" #33: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 17:45:20 txgw pluto[13034]: "ar-to-tx" #33: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 17:45:20 txgw pluto[13034]: "ar-to-tx" #33: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 17:45:20 txgw pluto[13034]: "ar-to-tx" #33: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 17:45:20 txgw pluto[13034]: "ar-to-tx" #33: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 17:45:20 txgw pluto[13034]: "ar-to-tx" #33: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 18:02:44 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 18:30:16 txgw pluto[13034]: "ar-to-tx" #34: initiating Main Mode to replace #33
Oct 23 18:30:17 txgw pluto[13034]: "ar-to-tx" #34: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 18:30:17 txgw pluto[13034]: "ar-to-tx" #34: received Vendor ID payload [Dead Peer Detection]
Oct 23 18:30:17 txgw pluto[13034]: "ar-to-tx" #34: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 18:30:17 txgw pluto[13034]: "ar-to-tx" #34: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 18:30:17 txgw pluto[13034]: "ar-to-tx" #34: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 18:30:17 txgw pluto[13034]: "ar-to-tx" #34: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 18:30:17 txgw pluto[13034]: "ar-to-tx" #34: I did not send a certificate because I do not have one.
Oct 23 18:30:17 txgw pluto[13034]: "ar-to-tx" #34: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 18:30:17 txgw pluto[13034]: "ar-to-tx" #34: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 18:30:17 txgw pluto[13034]: "ar-to-tx" #34: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 18:30:17 txgw pluto[13034]: "ar-to-tx" #34: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 18:30:17 txgw pluto[13034]: "ar-to-tx" #34: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 18:30:17 txgw pluto[13034]: "ar-to-tx" #34: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 18:45:20 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 19:16:07 txgw pluto[13034]: "ar-to-tx" #35: initiating Main Mode to replace #34
Oct 23 19:16:07 txgw pluto[13034]: "ar-to-tx" #35: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 19:16:07 txgw pluto[13034]: "ar-to-tx" #35: received Vendor ID payload [Dead Peer Detection]
Oct 23 19:16:07 txgw pluto[13034]: "ar-to-tx" #35: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 19:16:07 txgw pluto[13034]: "ar-to-tx" #35: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 19:16:07 txgw pluto[13034]: "ar-to-tx" #35: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 19:16:07 txgw pluto[13034]: "ar-to-tx" #35: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 19:16:08 txgw pluto[13034]: "ar-to-tx" #35: I did not send a certificate because I do not have one.
Oct 23 19:16:08 txgw pluto[13034]: "ar-to-tx" #35: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 19:16:08 txgw pluto[13034]: "ar-to-tx" #35: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 19:16:08 txgw pluto[13034]: "ar-to-tx" #35: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 19:16:08 txgw pluto[13034]: "ar-to-tx" #35: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 19:16:08 txgw pluto[13034]: "ar-to-tx" #35: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 19:16:08 txgw pluto[13034]: "ar-to-tx" #35: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 19:30:17 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 20:06:45 txgw pluto[13034]: "ar-to-tx" #36: initiating Main Mode to replace #35
Oct 23 20:06:45 txgw pluto[13034]: "ar-to-tx" #36: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 20:06:45 txgw pluto[13034]: "ar-to-tx" #36: received Vendor ID payload [Dead Peer Detection]
Oct 23 20:06:45 txgw pluto[13034]: "ar-to-tx" #36: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 20:06:45 txgw pluto[13034]: "ar-to-tx" #36: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 20:06:45 txgw pluto[13034]: "ar-to-tx" #36: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 20:06:45 txgw pluto[13034]: "ar-to-tx" #36: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 20:06:45 txgw pluto[13034]: "ar-to-tx" #36: I did not send a certificate because I do not have one.
Oct 23 20:06:45 txgw pluto[13034]: "ar-to-tx" #36: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 20:06:45 txgw pluto[13034]: "ar-to-tx" #36: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 20:06:45 txgw pluto[13034]: "ar-to-tx" #36: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 20:06:46 txgw pluto[13034]: "ar-to-tx" #36: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 20:06:46 txgw pluto[13034]: "ar-to-tx" #36: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 20:06:46 txgw pluto[13034]: "ar-to-tx" #36: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 20:16:08 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: initiating Main Mode to replace #36
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: received Vendor ID payload [Dead Peer Detection]
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: I did not send a certificate because I do not have one.
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 20:52:42 txgw pluto[13034]: "ar-to-tx" #37: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 21:06:46 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 21:43:02 txgw pluto[13034]: "ar-to-tx" #38: initiating Main Mode to replace #37
Oct 23 21:43:03 txgw pluto[13034]: "ar-to-tx" #38: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 21:43:03 txgw pluto[13034]: "ar-to-tx" #38: received Vendor ID payload [Dead Peer Detection]
Oct 23 21:43:03 txgw pluto[13034]: "ar-to-tx" #38: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 21:43:03 txgw pluto[13034]: "ar-to-tx" #38: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 21:43:03 txgw pluto[13034]: "ar-to-tx" #38: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 21:43:03 txgw pluto[13034]: "ar-to-tx" #38: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 21:43:03 txgw pluto[13034]: "ar-to-tx" #38: I did not send a certificate because I do not have one.
Oct 23 21:43:03 txgw pluto[13034]: "ar-to-tx" #38: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 21:43:03 txgw pluto[13034]: "ar-to-tx" #38: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 21:43:03 txgw pluto[13034]: "ar-to-tx" #38: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 21:43:03 txgw pluto[13034]: "ar-to-tx" #38: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 21:43:03 txgw pluto[13034]: "ar-to-tx" #38: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 21:43:03 txgw pluto[13034]: "ar-to-tx" #38: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 21:52:42 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 22:26:50 txgw pluto[13034]: "ar-to-tx" #39: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP to replace #28 {using isakmp#38}
Oct 23 22:26:50 txgw pluto[13034]: "ar-to-tx" #39: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Oct 23 22:26:50 txgw pluto[13034]: "ar-to-tx" #39: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0xb5e4a82a <0x621048b7 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Oct 23 22:27:46 txgw pluto[13034]: "ar-to-tx" #40: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#38}
Oct 23 22:27:46 txgw pluto[13034]: "ar-to-tx" #40: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Oct 23 22:27:46 txgw pluto[13034]: "ar-to-tx" #40: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x892c4b2d <0xafde8a5b xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Oct 23 22:29:14 txgw pluto[13034]: "ar-to-tx" #41: initiating Main Mode to replace #38
Oct 23 22:29:14 txgw pluto[13034]: "ar-to-tx" #41: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 22:29:14 txgw pluto[13034]: "ar-to-tx" #41: received Vendor ID payload [Dead Peer Detection]
Oct 23 22:29:14 txgw pluto[13034]: "ar-to-tx" #41: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 22:29:14 txgw pluto[13034]: "ar-to-tx" #41: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 22:29:14 txgw pluto[13034]: "ar-to-tx" #41: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 22:29:14 txgw pluto[13034]: "ar-to-tx" #41: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 22:29:14 txgw pluto[13034]: "ar-to-tx" #41: I did not send a certificate because I do not have one.
Oct 23 22:29:14 txgw pluto[13034]: "ar-to-tx" #41: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 22:29:14 txgw pluto[13034]: "ar-to-tx" #41: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 22:29:14 txgw pluto[13034]: "ar-to-tx" #41: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 22:29:15 txgw pluto[13034]: "ar-to-tx" #41: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 22:29:15 txgw pluto[13034]: "ar-to-tx" #41: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 22:29:15 txgw pluto[13034]: "ar-to-tx" #41: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 22:41:43 txgw pluto[13034]: "ar-to-tx" #41: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x746548e4) not found (maybe expired)
Oct 23 22:41:43 txgw pluto[13034]: "ar-to-tx" #41: received and ignored informational message
Oct 23 22:43:03 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 23 23:13:14 txgw pluto[13034]: "ar-to-tx" #42: initiating Main Mode to replace #41
Oct 23 23:13:14 txgw pluto[13034]: "ar-to-tx" #42: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 23 23:13:14 txgw pluto[13034]: "ar-to-tx" #42: received Vendor ID payload [Dead Peer Detection]
Oct 23 23:13:14 txgw pluto[13034]: "ar-to-tx" #42: received Vendor ID payload [RFC 3947] method set to=109
Oct 23 23:13:14 txgw pluto[13034]: "ar-to-tx" #42: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 23 23:13:14 txgw pluto[13034]: "ar-to-tx" #42: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 23 23:13:14 txgw pluto[13034]: "ar-to-tx" #42: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 23 23:13:15 txgw pluto[13034]: "ar-to-tx" #42: I did not send a certificate because I do not have one.
Oct 23 23:13:15 txgw pluto[13034]: "ar-to-tx" #42: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 23 23:13:15 txgw pluto[13034]: "ar-to-tx" #42: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 23 23:13:15 txgw pluto[13034]: "ar-to-tx" #42: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 23 23:13:15 txgw pluto[13034]: "ar-to-tx" #42: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 23 23:13:15 txgw pluto[13034]: "ar-to-tx" #42: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 23 23:13:15 txgw pluto[13034]: "ar-to-tx" #42: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 23 23:29:15 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 00:03:23 txgw pluto[13034]: "ar-to-tx" #43: initiating Main Mode to replace #42
Oct 24 00:03:23 txgw pluto[13034]: "ar-to-tx" #43: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 00:03:23 txgw pluto[13034]: "ar-to-tx" #43: received Vendor ID payload [Dead Peer Detection]
Oct 24 00:03:23 txgw pluto[13034]: "ar-to-tx" #43: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 00:03:23 txgw pluto[13034]: "ar-to-tx" #43: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 00:03:23 txgw pluto[13034]: "ar-to-tx" #43: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 00:03:23 txgw pluto[13034]: "ar-to-tx" #43: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 00:03:33 txgw pluto[13034]: "ar-to-tx" #43: I did not send a certificate because I do not have one.
Oct 24 00:03:33 txgw pluto[13034]: "ar-to-tx" #43: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 00:03:33 txgw pluto[13034]: "ar-to-tx" #43: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 00:03:33 txgw pluto[13034]: "ar-to-tx" #43: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 00:03:34 txgw pluto[13034]: "ar-to-tx" #43: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 00:03:34 txgw pluto[13034]: "ar-to-tx" #43: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 00:03:34 txgw pluto[13034]: "ar-to-tx" #43: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 00:13:15 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 00:45:58 txgw pluto[13034]: "ar-to-tx" #44: initiating Main Mode to replace #43
Oct 24 00:45:58 txgw pluto[13034]: "ar-to-tx" #44: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 00:45:58 txgw pluto[13034]: "ar-to-tx" #44: received Vendor ID payload [Dead Peer Detection]
Oct 24 00:45:58 txgw pluto[13034]: "ar-to-tx" #44: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 00:45:58 txgw pluto[13034]: "ar-to-tx" #44: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 00:45:58 txgw pluto[13034]: "ar-to-tx" #44: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 00:45:58 txgw pluto[13034]: "ar-to-tx" #44: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 00:45:58 txgw pluto[13034]: "ar-to-tx" #44: I did not send a certificate because I do not have one.
Oct 24 00:45:58 txgw pluto[13034]: "ar-to-tx" #44: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 00:45:58 txgw pluto[13034]: "ar-to-tx" #44: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 00:45:58 txgw pluto[13034]: "ar-to-tx" #44: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 00:45:59 txgw pluto[13034]: "ar-to-tx" #44: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 00:45:59 txgw pluto[13034]: "ar-to-tx" #44: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 00:45:59 txgw pluto[13034]: "ar-to-tx" #44: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 01:03:34 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: initiating Main Mode to replace #44
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: received Vendor ID payload [Dead Peer Detection]
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: I did not send a certificate because I do not have one.
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 01:31:10 txgw pluto[13034]: "ar-to-tx" #45: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 01:45:59 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 02:18:28 txgw pluto[13034]: "ar-to-tx" #46: initiating Main Mode to replace #45
Oct 24 02:18:29 txgw pluto[13034]: "ar-to-tx" #46: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 02:18:29 txgw pluto[13034]: "ar-to-tx" #46: received Vendor ID payload [Dead Peer Detection]
Oct 24 02:18:29 txgw pluto[13034]: "ar-to-tx" #46: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 02:18:29 txgw pluto[13034]: "ar-to-tx" #46: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 02:18:29 txgw pluto[13034]: "ar-to-tx" #46: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 02:18:29 txgw pluto[13034]: "ar-to-tx" #46: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 02:18:29 txgw pluto[13034]: "ar-to-tx" #46: I did not send a certificate because I do not have one.
Oct 24 02:18:29 txgw pluto[13034]: "ar-to-tx" #46: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 02:18:29 txgw pluto[13034]: "ar-to-tx" #46: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 02:18:29 txgw pluto[13034]: "ar-to-tx" #46: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 02:18:29 txgw pluto[13034]: "ar-to-tx" #46: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 02:18:29 txgw pluto[13034]: "ar-to-tx" #46: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 02:18:29 txgw pluto[13034]: "ar-to-tx" #46: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 02:31:10 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 03:07:07 txgw pluto[13034]: "ar-to-tx" #47: initiating Main Mode to replace #46
Oct 24 03:07:07 txgw pluto[13034]: "ar-to-tx" #47: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 03:07:07 txgw pluto[13034]: "ar-to-tx" #47: received Vendor ID payload [Dead Peer Detection]
Oct 24 03:07:07 txgw pluto[13034]: "ar-to-tx" #47: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 03:07:07 txgw pluto[13034]: "ar-to-tx" #47: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 03:07:07 txgw pluto[13034]: "ar-to-tx" #47: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 03:07:07 txgw pluto[13034]: "ar-to-tx" #47: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 03:07:08 txgw pluto[13034]: "ar-to-tx" #47: I did not send a certificate because I do not have one.
Oct 24 03:07:08 txgw pluto[13034]: "ar-to-tx" #47: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 03:07:08 txgw pluto[13034]: "ar-to-tx" #47: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 03:07:08 txgw pluto[13034]: "ar-to-tx" #47: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 03:07:08 txgw pluto[13034]: "ar-to-tx" #47: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 03:07:08 txgw pluto[13034]: "ar-to-tx" #47: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 03:07:08 txgw pluto[13034]: "ar-to-tx" #47: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 03:18:29 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 03:57:13 txgw pluto[13034]: "ar-to-tx" #48: initiating Main Mode to replace #47
Oct 24 03:57:13 txgw pluto[13034]: "ar-to-tx" #48: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 03:57:13 txgw pluto[13034]: "ar-to-tx" #48: received Vendor ID payload [Dead Peer Detection]
Oct 24 03:57:13 txgw pluto[13034]: "ar-to-tx" #48: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 03:57:13 txgw pluto[13034]: "ar-to-tx" #48: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 03:57:13 txgw pluto[13034]: "ar-to-tx" #48: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 03:57:13 txgw pluto[13034]: "ar-to-tx" #48: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 03:57:13 txgw pluto[13034]: "ar-to-tx" #48: I did not send a certificate because I do not have one.
Oct 24 03:57:13 txgw pluto[13034]: "ar-to-tx" #48: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 03:57:13 txgw pluto[13034]: "ar-to-tx" #48: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 03:57:13 txgw pluto[13034]: "ar-to-tx" #48: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 03:57:14 txgw pluto[13034]: "ar-to-tx" #48: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 03:57:14 txgw pluto[13034]: "ar-to-tx" #48: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 03:57:14 txgw pluto[13034]: "ar-to-tx" #48: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 04:07:08 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: initiating Main Mode to replace #48
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: received Vendor ID payload [Dead Peer Detection]
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: I did not send a certificate because I do not have one.
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 04:40:39 txgw pluto[13034]: "ar-to-tx" #49: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 04:57:14 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 05:29:34 txgw pluto[13034]: "ar-to-tx" #50: initiating Main Mode to replace #49
Oct 24 05:29:35 txgw pluto[13034]: "ar-to-tx" #50: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 05:29:35 txgw pluto[13034]: "ar-to-tx" #50: received Vendor ID payload [Dead Peer Detection]
Oct 24 05:29:35 txgw pluto[13034]: "ar-to-tx" #50: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 05:29:35 txgw pluto[13034]: "ar-to-tx" #50: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 05:29:35 txgw pluto[13034]: "ar-to-tx" #50: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 05:29:35 txgw pluto[13034]: "ar-to-tx" #50: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 05:29:35 txgw pluto[13034]: "ar-to-tx" #50: I did not send a certificate because I do not have one.
Oct 24 05:29:35 txgw pluto[13034]: "ar-to-tx" #50: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 05:29:35 txgw pluto[13034]: "ar-to-tx" #50: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 05:29:35 txgw pluto[13034]: "ar-to-tx" #50: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 05:29:35 txgw pluto[13034]: "ar-to-tx" #50: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 05:29:35 txgw pluto[13034]: "ar-to-tx" #50: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 05:29:35 txgw pluto[13034]: "ar-to-tx" #50: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 05:40:39 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 06:14:20 txgw pluto[13034]: "ar-to-tx" #51: initiating Main Mode to replace #50
Oct 24 06:14:20 txgw pluto[13034]: "ar-to-tx" #51: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 06:14:20 txgw pluto[13034]: "ar-to-tx" #51: received Vendor ID payload [Dead Peer Detection]
Oct 24 06:14:20 txgw pluto[13034]: "ar-to-tx" #51: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 06:14:20 txgw pluto[13034]: "ar-to-tx" #51: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 06:14:20 txgw pluto[13034]: "ar-to-tx" #51: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 06:14:20 txgw pluto[13034]: "ar-to-tx" #51: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 06:14:21 txgw pluto[13034]: "ar-to-tx" #51: I did not send a certificate because I do not have one.
Oct 24 06:14:21 txgw pluto[13034]: "ar-to-tx" #51: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 06:14:21 txgw pluto[13034]: "ar-to-tx" #51: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 06:14:21 txgw pluto[13034]: "ar-to-tx" #51: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 06:14:21 txgw pluto[13034]: "ar-to-tx" #51: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 06:14:21 txgw pluto[13034]: "ar-to-tx" #51: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 06:14:21 txgw pluto[13034]: "ar-to-tx" #51: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 06:17:27 txgw pluto[13034]: "ar-to-tx" #52: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP to replace #40 {using isakmp#51}
Oct 24 06:17:27 txgw pluto[13034]: "ar-to-tx" #52: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Oct 24 06:17:27 txgw pluto[13034]: "ar-to-tx" #52: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0x77c617f4 <0x98c50295 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Oct 24 06:26:50 txgw pluto[13034]: "ar-to-tx" #51: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xb5e4a82a) not found (maybe expired)
Oct 24 06:26:50 txgw pluto[13034]: "ar-to-tx" #51: received and ignored informational message
Oct 24 06:27:47 txgw pluto[13034]: "ar-to-tx" #51: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x892c4b2d) not found (maybe expired)
Oct 24 06:27:47 txgw pluto[13034]: "ar-to-tx" #51: received and ignored informational message
Oct 24 06:29:35 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: initiating Main Mode to replace #51
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: received Vendor ID payload [Dead Peer Detection]
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: I did not send a certificate because I do not have one.
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 06:59:30 txgw pluto[13034]: "ar-to-tx" #53: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 07:14:21 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 07:46:33 txgw pluto[13034]: "ar-to-tx" #54: initiating Main Mode to replace #53
Oct 24 07:46:34 txgw pluto[13034]: "ar-to-tx" #54: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 07:46:34 txgw pluto[13034]: "ar-to-tx" #54: received Vendor ID payload [Dead Peer Detection]
Oct 24 07:46:34 txgw pluto[13034]: "ar-to-tx" #54: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 07:46:34 txgw pluto[13034]: "ar-to-tx" #54: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 07:46:34 txgw pluto[13034]: "ar-to-tx" #54: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 07:46:34 txgw pluto[13034]: "ar-to-tx" #54: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 07:46:34 txgw pluto[13034]: "ar-to-tx" #54: I did not send a certificate because I do not have one.
Oct 24 07:46:34 txgw pluto[13034]: "ar-to-tx" #54: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 07:46:34 txgw pluto[13034]: "ar-to-tx" #54: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 07:46:34 txgw pluto[13034]: "ar-to-tx" #54: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 07:46:34 txgw pluto[13034]: "ar-to-tx" #54: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 07:46:34 txgw pluto[13034]: "ar-to-tx" #54: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 07:46:34 txgw pluto[13034]: "ar-to-tx" #54: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 07:59:30 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 08:29:59 txgw pluto[13034]: "ar-to-tx" #55: initiating Main Mode to replace #54
Oct 24 08:29:59 txgw pluto[13034]: "ar-to-tx" #55: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 08:29:59 txgw pluto[13034]: "ar-to-tx" #55: received Vendor ID payload [Dead Peer Detection]
Oct 24 08:29:59 txgw pluto[13034]: "ar-to-tx" #55: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 08:29:59 txgw pluto[13034]: "ar-to-tx" #55: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 08:29:59 txgw pluto[13034]: "ar-to-tx" #55: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 08:29:59 txgw pluto[13034]: "ar-to-tx" #55: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 08:30:00 txgw pluto[13034]: "ar-to-tx" #55: I did not send a certificate because I do not have one.
Oct 24 08:30:00 txgw pluto[13034]: "ar-to-tx" #55: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 08:30:00 txgw pluto[13034]: "ar-to-tx" #55: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 08:30:00 txgw pluto[13034]: "ar-to-tx" #55: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 08:30:00 txgw pluto[13034]: "ar-to-tx" #55: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 08:30:00 txgw pluto[13034]: "ar-to-tx" #55: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 08:30:00 txgw pluto[13034]: "ar-to-tx" #55: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 08:46:34 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 09:12:39 txgw pluto[13034]: "ar-to-tx" #56: initiating Main Mode to replace #55
Oct 24 09:12:39 txgw pluto[13034]: "ar-to-tx" #56: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 09:12:39 txgw pluto[13034]: "ar-to-tx" #56: received Vendor ID payload [Dead Peer Detection]
Oct 24 09:12:39 txgw pluto[13034]: "ar-to-tx" #56: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 09:12:39 txgw pluto[13034]: "ar-to-tx" #56: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 09:12:39 txgw pluto[13034]: "ar-to-tx" #56: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 09:12:39 txgw pluto[13034]: "ar-to-tx" #56: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 09:12:39 txgw pluto[13034]: "ar-to-tx" #56: I did not send a certificate because I do not have one.
Oct 24 09:12:39 txgw pluto[13034]: "ar-to-tx" #56: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 09:12:39 txgw pluto[13034]: "ar-to-tx" #56: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 09:12:39 txgw pluto[13034]: "ar-to-tx" #56: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 09:12:40 txgw pluto[13034]: "ar-to-tx" #56: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 09:12:40 txgw pluto[13034]: "ar-to-tx" #56: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 09:12:40 txgw pluto[13034]: "ar-to-tx" #56: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 09:30:00 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: initiating Main Mode to replace #56
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: received Vendor ID payload [Dead Peer Detection]
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: I did not send a certificate because I do not have one.
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 09:55:34 txgw pluto[13034]: "ar-to-tx" #57: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 10:12:41 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: initiating Main Mode to replace #57
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: received Vendor ID payload [Dead Peer Detection]
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: I did not send a certificate because I do not have one.
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 10:38:40 txgw pluto[13034]: "ar-to-tx" #58: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 10:55:34 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 11:25:56 txgw pluto[13034]: "ar-to-tx" #59: initiating Main Mode to replace #58
Oct 24 11:25:57 txgw pluto[13034]: "ar-to-tx" #59: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 11:25:57 txgw pluto[13034]: "ar-to-tx" #59: received Vendor ID payload [Dead Peer Detection]
Oct 24 11:25:57 txgw pluto[13034]: "ar-to-tx" #59: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 11:25:57 txgw pluto[13034]: "ar-to-tx" #59: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 11:25:57 txgw pluto[13034]: "ar-to-tx" #59: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 11:25:57 txgw pluto[13034]: "ar-to-tx" #59: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 11:25:57 txgw pluto[13034]: "ar-to-tx" #59: I did not send a certificate because I do not have one.
Oct 24 11:25:57 txgw pluto[13034]: "ar-to-tx" #59: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 11:25:57 txgw pluto[13034]: "ar-to-tx" #59: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 11:25:57 txgw pluto[13034]: "ar-to-tx" #59: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 11:25:57 txgw pluto[13034]: "ar-to-tx" #59: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 11:25:57 txgw pluto[13034]: "ar-to-tx" #59: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 11:25:57 txgw pluto[13034]: "ar-to-tx" #59: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 11:38:40 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 12:11:58 txgw pluto[13034]: "ar-to-tx" #60: initiating Main Mode to replace #59
Oct 24 12:11:58 txgw pluto[13034]: "ar-to-tx" #60: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 12:11:58 txgw pluto[13034]: "ar-to-tx" #60: received Vendor ID payload [Dead Peer Detection]
Oct 24 12:11:58 txgw pluto[13034]: "ar-to-tx" #60: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 12:11:58 txgw pluto[13034]: "ar-to-tx" #60: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 12:11:58 txgw pluto[13034]: "ar-to-tx" #60: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 12:11:58 txgw pluto[13034]: "ar-to-tx" #60: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 12:11:59 txgw pluto[13034]: "ar-to-tx" #60: I did not send a certificate because I do not have one.
Oct 24 12:11:59 txgw pluto[13034]: "ar-to-tx" #60: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 12:11:59 txgw pluto[13034]: "ar-to-tx" #60: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 12:11:59 txgw pluto[13034]: "ar-to-tx" #60: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 12:11:59 txgw pluto[13034]: "ar-to-tx" #60: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 12:11:59 txgw pluto[13034]: "ar-to-tx" #60: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 12:11:59 txgw pluto[13034]: "ar-to-tx" #60: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 12:25:57 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 12:55:18 txgw pluto[13034]: "ar-to-tx" #61: initiating Main Mode to replace #60
Oct 24 12:55:18 txgw pluto[13034]: "ar-to-tx" #61: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 12:55:18 txgw pluto[13034]: "ar-to-tx" #61: received Vendor ID payload [Dead Peer Detection]
Oct 24 12:55:18 txgw pluto[13034]: "ar-to-tx" #61: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 12:55:18 txgw pluto[13034]: "ar-to-tx" #61: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 12:55:18 txgw pluto[13034]: "ar-to-tx" #61: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 12:55:18 txgw pluto[13034]: "ar-to-tx" #61: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 12:55:18 txgw pluto[13034]: "ar-to-tx" #61: I did not send a certificate because I do not have one.
Oct 24 12:55:18 txgw pluto[13034]: "ar-to-tx" #61: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 12:55:18 txgw pluto[13034]: "ar-to-tx" #61: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 12:55:18 txgw pluto[13034]: "ar-to-tx" #61: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 12:55:19 txgw pluto[13034]: "ar-to-tx" #61: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 12:55:19 txgw pluto[13034]: "ar-to-tx" #61: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 12:55:19 txgw pluto[13034]: "ar-to-tx" #61: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 13:11:59 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 13:39:25 txgw pluto[13034]: "ar-to-tx" #62: initiating Main Mode to replace #61
Oct 24 13:39:25 txgw pluto[13034]: "ar-to-tx" #62: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 13:39:25 txgw pluto[13034]: "ar-to-tx" #62: received Vendor ID payload [Dead Peer Detection]
Oct 24 13:39:25 txgw pluto[13034]: "ar-to-tx" #62: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 13:39:25 txgw pluto[13034]: "ar-to-tx" #62: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 13:39:25 txgw pluto[13034]: "ar-to-tx" #62: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 13:39:25 txgw pluto[13034]: "ar-to-tx" #62: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 13:39:25 txgw pluto[13034]: "ar-to-tx" #62: I did not send a certificate because I do not have one.
Oct 24 13:39:25 txgw pluto[13034]: "ar-to-tx" #62: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 13:39:25 txgw pluto[13034]: "ar-to-tx" #62: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 13:39:25 txgw pluto[13034]: "ar-to-tx" #62: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 13:39:26 txgw pluto[13034]: "ar-to-tx" #62: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 13:39:26 txgw pluto[13034]: "ar-to-tx" #62: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 13:39:26 txgw pluto[13034]: "ar-to-tx" #62: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 13:55:19 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 14:02:06 txgw pluto[13034]: "ar-to-tx" #63: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP to replace #52 {using isakmp#62}
Oct 24 14:02:06 txgw pluto[13034]: "ar-to-tx" #63: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Oct 24 14:02:06 txgw pluto[13034]: "ar-to-tx" #63: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=>0xa0b28b32 <0x1bf9eb16 xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}
Oct 24 14:17:27 txgw pluto[13034]: "ar-to-tx" #62: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x77c617f4) not found (maybe expired)
Oct 24 14:17:27 txgw pluto[13034]: "ar-to-tx" #62: received and ignored informational message
Oct 24 14:29:25 txgw pluto[13034]: "ar-to-tx" #64: initiating Main Mode to replace #62
Oct 24 14:29:25 txgw pluto[13034]: "ar-to-tx" #64: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 14:29:25 txgw pluto[13034]: "ar-to-tx" #64: received Vendor ID payload [Dead Peer Detection]
Oct 24 14:29:25 txgw pluto[13034]: "ar-to-tx" #64: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 14:29:25 txgw pluto[13034]: "ar-to-tx" #64: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 14:29:25 txgw pluto[13034]: "ar-to-tx" #64: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 14:29:25 txgw pluto[13034]: "ar-to-tx" #64: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 14:29:25 txgw pluto[13034]: "ar-to-tx" #64: I did not send a certificate because I do not have one.
Oct 24 14:29:25 txgw pluto[13034]: "ar-to-tx" #64: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 14:29:25 txgw pluto[13034]: "ar-to-tx" #64: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 14:29:25 txgw pluto[13034]: "ar-to-tx" #64: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 14:29:26 txgw pluto[13034]: "ar-to-tx" #64: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 14:29:26 txgw pluto[13034]: "ar-to-tx" #64: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 14:29:26 txgw pluto[13034]: "ar-to-tx" #64: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 14:39:26 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: initiating Main Mode to replace #64
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: received Vendor ID payload [Dead Peer Detection]
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: I did not send a certificate because I do not have one.
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 15:16:28 txgw pluto[13034]: "ar-to-tx" #65: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 15:29:26 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: initiating Main Mode to replace #65
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: received Vendor ID payload [Dead Peer Detection]
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: I did not send a certificate because I do not have one.
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 16:01:17 txgw pluto[13034]: "ar-to-tx" #66: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 16:16:28 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 16:44:47 txgw pluto[13034]: "ar-to-tx" #67: initiating Main Mode to replace #66
Oct 24 16:44:48 txgw pluto[13034]: "ar-to-tx" #67: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 16:44:48 txgw pluto[13034]: "ar-to-tx" #67: received Vendor ID payload [Dead Peer Detection]
Oct 24 16:44:48 txgw pluto[13034]: "ar-to-tx" #67: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 16:44:48 txgw pluto[13034]: "ar-to-tx" #67: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 16:44:48 txgw pluto[13034]: "ar-to-tx" #67: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 16:44:48 txgw pluto[13034]: "ar-to-tx" #67: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 16:44:48 txgw pluto[13034]: "ar-to-tx" #67: I did not send a certificate because I do not have one.
Oct 24 16:44:48 txgw pluto[13034]: "ar-to-tx" #67: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 16:44:48 txgw pluto[13034]: "ar-to-tx" #67: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 16:44:48 txgw pluto[13034]: "ar-to-tx" #67: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 16:44:48 txgw pluto[13034]: "ar-to-tx" #67: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 16:44:48 txgw pluto[13034]: "ar-to-tx" #67: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 16:44:48 txgw pluto[13034]: "ar-to-tx" #67: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 17:01:17 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 17:35:45 txgw pluto[13034]: "ar-to-tx" #68: initiating Main Mode to replace #67
Oct 24 17:35:45 txgw pluto[13034]: "ar-to-tx" #68: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 17:35:45 txgw pluto[13034]: "ar-to-tx" #68: received Vendor ID payload [Dead Peer Detection]
Oct 24 17:35:45 txgw pluto[13034]: "ar-to-tx" #68: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 17:35:45 txgw pluto[13034]: "ar-to-tx" #68: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 17:35:45 txgw pluto[13034]: "ar-to-tx" #68: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 17:35:45 txgw pluto[13034]: "ar-to-tx" #68: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 17:35:46 txgw pluto[13034]: "ar-to-tx" #68: I did not send a certificate because I do not have one.
Oct 24 17:35:46 txgw pluto[13034]: "ar-to-tx" #68: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 17:35:46 txgw pluto[13034]: "ar-to-tx" #68: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 17:35:46 txgw pluto[13034]: "ar-to-tx" #68: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 17:35:46 txgw pluto[13034]: "ar-to-tx" #68: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 17:35:46 txgw pluto[13034]: "ar-to-tx" #68: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 17:35:46 txgw pluto[13034]: "ar-to-tx" #68: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 17:44:48 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 18:19:54 txgw pluto[13034]: "ar-to-tx" #69: initiating Main Mode to replace #68
Oct 24 18:19:54 txgw pluto[13034]: "ar-to-tx" #69: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 18:19:54 txgw pluto[13034]: "ar-to-tx" #69: received Vendor ID payload [Dead Peer Detection]
Oct 24 18:19:54 txgw pluto[13034]: "ar-to-tx" #69: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 18:19:54 txgw pluto[13034]: "ar-to-tx" #69: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 18:19:54 txgw pluto[13034]: "ar-to-tx" #69: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 18:19:54 txgw pluto[13034]: "ar-to-tx" #69: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 18:19:54 txgw pluto[13034]: "ar-to-tx" #69: I did not send a certificate because I do not have one.
Oct 24 18:19:54 txgw pluto[13034]: "ar-to-tx" #69: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 18:19:54 txgw pluto[13034]: "ar-to-tx" #69: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 18:19:54 txgw pluto[13034]: "ar-to-tx" #69: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 18:19:55 txgw pluto[13034]: "ar-to-tx" #69: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 18:19:55 txgw pluto[13034]: "ar-to-tx" #69: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 18:19:55 txgw pluto[13034]: "ar-to-tx" #69: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
Oct 24 18:35:46 txgw pluto[13034]: packet from 1.2.3.4:500: Informational Exchange is for an unknown (expired?) SA
Oct 24 19:07:35 txgw pluto[13034]: "ar-to-tx" #70: initiating Main Mode to replace #69
Oct 24 19:07:35 txgw pluto[13034]: "ar-to-tx" #70: received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Oct 24 19:07:35 txgw pluto[13034]: "ar-to-tx" #70: received Vendor ID payload [Dead Peer Detection]
Oct 24 19:07:35 txgw pluto[13034]: "ar-to-tx" #70: received Vendor ID payload [RFC 3947] method set to=109
Oct 24 19:07:35 txgw pluto[13034]: "ar-to-tx" #70: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Oct 24 19:07:35 txgw pluto[13034]: "ar-to-tx" #70: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 19:07:35 txgw pluto[13034]: "ar-to-tx" #70: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 24 19:07:35 txgw pluto[13034]: "ar-to-tx" #70: I did not send a certificate because I do not have one.
Oct 24 19:07:35 txgw pluto[13034]: "ar-to-tx" #70: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 24 19:07:35 txgw pluto[13034]: "ar-to-tx" #70: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 19:07:35 txgw pluto[13034]: "ar-to-tx" #70: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 24 19:07:36 txgw pluto[13034]: "ar-to-tx" #70: Main mode peer ID is ID_FQDN: '@argw.example.com'
Oct 24 19:07:36 txgw pluto[13034]: "ar-to-tx" #70: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 19:07:36 txgw pluto[13034]: "ar-to-tx" #70: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
+ _________________________ date
+ date
Sat Oct 24 19:09:55 EEST 2009
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20091024/ada1b708/attachment-0001.html
More information about the Users
mailing list