[Openswan Users] VPN Cisco X OpenSwan Problems
Moacir Campos
moacir.campos at valemobi.com.br
Mon Oct 24 09:36:16 EDT 2011
Dear OpenSwan Users
I need establish a tunnel VPN IPSEC with cisco and Openswan. I don't have
acesses for modify cisco settings, my work is configure the OpenSwan.
The link is established between a Cisco palm and a linux server with
Openswan.
I think the problem would be the configuration leftsubnet, and lefthop
leftsourceip. The access list in cisco was appointed to configure the hosts
and not to a sub net, I do not know how to transpose this confuração in
openswan.
Anyone of you have faced similar challenges, or know what is wrong in my
settings.
Thank you for your attention
Moacir Campos
######################################
##########Conf Openswan ##############
######################################
config setup
plutodebug="all"
nat_traversal=yes
oe=off
protostack=netkey
conn bov
type=tunnel
authby=secret
left=200.19.63.235
# leftnexthop= ?
# leftsubnet= ?
right=200.98.XXX.XXX
rightsubnet=10.247.20.224/27
rightnexthop=200.98.XXX.XXX
rightid=200.98.XXX.XXX
leftid=200.19.63.235
esp=3des-sha1
keyexchange=ike
ike=3des-sha1
auto=add
#######################################
######### Cisco Conf #################
#######################################
crypto map rtp2 2102 ipsec-isakmp
description VPN TESTE
set peer 200.98.XXX.XXX
set transform-set rtpset3
match address 2102
crypto isakmp key XXXXXXXXXXXXXXXXXXX address 200.98.XXX.XXX
set peer 200.98.XXX.XXX
crypto ipsec transform-set rtpset3 esp-3des esp-sha-hmac
Extended IP access list 2102
10 permit ip host 125.255.41.1 10.247.20.224 0.0.0.31
20 permit ip host 125.255.42.232 10.247.20.224 0.0.0.31
30 permit ip host 125.255.42.233 10.247.20.224 0.0.0.31
40 permit ip host 125.255.42.234 10.247.20.224 0.0.0.31
50 permit ip host 125.255.42.235 10.247.20.224 0.0.0.31
60 permit ip host 125.255.42.236 10.247.20.224 0.0.0.31
70 permit ip host 125.255.42.237 10.247.20.224 0.0.0.31
80 permit ip host 125.255.42.242 10.247.20.224 0.0.0.31
90 permit ip host 125.255.42.243 10.247.20.224 0.0.0.31
100 permit ip host 125.255.42.244 10.247.20.224 0.0.0.31
110 permit ip host 125.255.42.245 10.247.20.224 0.0.0.31
120 permit ip host 125.255.42.246 10.247.20.224 0.0.0.31
130 permit ip host 125.255.42.247 10.247.20.224 0.0.0.31
140 permit ip host 125.255.46.198 10.247.20.224 0.0.0.31
150 permit ip host 125.255.46.199 10.247.20.224 0.0.0.31
160 permit ip host 10.2.60.80 10.247.20.224 0.0.0.31
-------Fase 1 ok------
RVPNT1#sh crypto isakmp sa | inc 200.98.XXX.XXX
200.19.63.235 200.98.XXX.XXX QM_IDLE 18041 ACTIVE
#############################################################
###### Debug Openswan
#############################################################
ipsec auto --status
000 "bov": 10.247.20.224/27===200.98.XXX.XXX<200.98.XXX.XXX>[+S=C]---200.98.XXX.XXX...200.19.63.235<200.19.63.235>[+S=C];
unrouted; eroute owner: #0
000 "bov": myip=unset; hisip=unset;
000 "bov": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s;
rekey_fuzz: 100%; keyingtries: 0
000 "bov": policy: PSK+ENCRYPT+TUNNEL+PFS+AGGRESSIVE+IKEv2ALLOW+lKOD+rKOD;
prio: 32,27; interface: eth0;
000 "bov": newest ISAKMP SA: #0; newest IPsec SA: #0;
000 "bov": IKE algorithms wanted: 3DES_CBC(5)_000-SHA1(2)-MODP1536(5),
3DES_CBC(5)_000-SHA1(2)-MODP1024(2); flags=-strict
000 "bov": IKE algorithms found: 3DES_CBC(5)_192-SHA1(2)_160-5,
3DES_CBC(5)_192-SHA1(2)_160-2,
000 "bov": ESP algorithms wanted: 3DES(3)_000-SHA1(2); flags=-strict
000 "bov": ESP algorithms loaded: 3DES(3)_192-SHA1(2)_160
##################################################################
# ipsec auto --up bov
104 "bov" #1: STATE_MAIN_I1: initiate
003 "bov" #1: received Vendor ID payload [RFC 3947] method set to=109
106 "bov" #1: STATE_MAIN_I2: sent MI2, expecting MR2
003 "bov" #1: received Vendor ID payload [Cisco-Unity]
003 "bov" #1: received Vendor ID payload [Dead Peer Detection]
003 "bov" #1: ignoring unknown Vendor ID payload
[9adddf2e7c2b6a7906dc744c0e672047]
003 "bov" #1: received Vendor ID payload [XAUTH]
003 "bov" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT
detected
108 "bov" #1: STATE_MAIN_I3: sent MI3, expecting MR3
004 "bov" #1: STATE_MAIN_I4: ISAKMP SA established
{auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha
group=modp1024}
117 "bov" #2: STATE_QUICK_I1: initiate
010 "bov" #2: STATE_QUICK_I1: retransmission; will wait 20s for response
010 "bov" #2: STATE_QUICK_I1: retransmission; will wait 40s for response
031 "bov" #2: max number of retransmissions (2) reached STATE_QUICK_I1. No
acceptable response to our first Quick Mode message: perhaps peer likes no
proposal
000 "bov" #2: starting keying attempt 2 of an unlimited number, but
releasing whack
###################################################################
/var/log/auth.log
Oct 24 13:23:38 fwvpn pluto[5067]: | creating state object #1 at 0x98b1de8
Oct 24 13:23:38 fwvpn pluto[5067]: | processing connection bov
Oct 24 13:23:38 fwvpn pluto[5067]: | ICOOKIE: d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | RCOOKIE: 00 00 00 00 00 00 00 00
Oct 24 13:23:38 fwvpn pluto[5067]: | state hash entry 13
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting state object #1 on chain 13
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting event EVENT_SO_DISCARD,
timeout in 0 seconds for #1
Oct 24 13:23:38 fwvpn pluto[5067]: | event added at head of queue
Oct 24 13:23:38 fwvpn pluto[5067]: | processing connection bov
Oct 24 13:23:38 fwvpn pluto[5067]: | Queuing pending Quick Mode with
200.19.63.235 "bov"
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: initiating Main Mode
Oct 24 13:23:38 fwvpn pluto[5067]: | **emit ISAKMP Message:
Oct 24 13:23:38 fwvpn pluto[5067]: | initiator cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | responder cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | 00 00 00 00 00 00 00 00
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_SA
Oct 24 13:23:38 fwvpn pluto[5067]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
Oct 24 13:23:38 fwvpn pluto[5067]: | exchange type: ISAKMP_XCHG_IDPROT
Oct 24 13:23:38 fwvpn pluto[5067]: | flags: none
Oct 24 13:23:38 fwvpn pluto[5067]: | message ID: 00 00 00 00
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Security Association
Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_VID
Oct 24 13:23:38 fwvpn pluto[5067]: | DOI: ISAKMP_DOI_IPSEC
Oct 24 13:23:38 fwvpn pluto[5067]: | ****emit IPsec DOI SIT:
Oct 24 13:23:38 fwvpn pluto[5067]: | IPsec DOI SIT: SIT_IDENTITY_ONLY
Oct 24 13:23:38 fwvpn pluto[5067]: | out_sa pcn: 0 has 1 valid proposals
Oct 24 13:23:38 fwvpn pluto[5067]: | out_sa pcn: 0 pn: 0<1 valid_count: 1
trans_cnt: 2
Oct 24 13:23:38 fwvpn pluto[5067]: | ****emit ISAKMP Proposal Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | proposal number: 0
Oct 24 13:23:38 fwvpn pluto[5067]: | protocol ID: PROTO_ISAKMP
Oct 24 13:23:38 fwvpn pluto[5067]: | SPI size: 0
Oct 24 13:23:38 fwvpn pluto[5067]: | number of transforms: 2
Oct 24 13:23:38 fwvpn pluto[5067]: | *****emit ISAKMP Transform Payload
(ISAKMP):
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_T
Oct 24 13:23:38 fwvpn pluto[5067]: | transform number: 0
Oct 24 13:23:38 fwvpn pluto[5067]: | transform ID: KEY_IKE
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_LIFE_TYPE
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | [1 is OAKLEY_LIFE_SECONDS]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_LIFE_DURATION
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 3600
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 5
Oct 24 13:23:38 fwvpn pluto[5067]: | [5 is OAKLEY_3DES_CBC]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_HASH_ALGORITHM
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 2
Oct 24 13:23:38 fwvpn pluto[5067]: | [2 is OAKLEY_SHA1]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type:
OAKLEY_AUTHENTICATION_METHOD
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | [1 is OAKLEY_PRESHARED_KEY]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_GROUP_DESCRIPTION
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 5
Oct 24 13:23:38 fwvpn pluto[5067]: | [5 is OAKLEY_GROUP_MODP1536]
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Transform
Payload (ISAKMP): 32
Oct 24 13:23:38 fwvpn pluto[5067]: | *****emit ISAKMP Transform Payload
(ISAKMP):
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | transform number: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | transform ID: KEY_IKE
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_LIFE_TYPE
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | [1 is OAKLEY_LIFE_SECONDS]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_LIFE_DURATION
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 3600
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 5
Oct 24 13:23:38 fwvpn pluto[5067]: | [5 is OAKLEY_3DES_CBC]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_HASH_ALGORITHM
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 2
Oct 24 13:23:38 fwvpn pluto[5067]: | [2 is OAKLEY_SHA1]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type:
OAKLEY_AUTHENTICATION_METHOD
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | [1 is OAKLEY_PRESHARED_KEY]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_GROUP_DESCRIPTION
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 2
Oct 24 13:23:38 fwvpn pluto[5067]: | [2 is OAKLEY_GROUP_MODP1024]
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Transform
Payload (ISAKMP): 32
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Proposal
Payload: 72
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Security
Association Payload: 84
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Vendor ID Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_VID
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 12 raw bytes of Vendor ID into
ISAKMP Vendor ID Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | Vendor ID 4f 45 6d 40 6b 67 53 46 45
48 40 7f
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Vendor ID
Payload: 16
Oct 24 13:23:38 fwvpn pluto[5067]: | out_vendorid(): sending [Dead Peer
Detection]
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Vendor ID Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_VID
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 16 raw bytes of V_ID into
ISAKMP Vendor ID Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | V_ID af ca d7 13 68 a1 f1 c9 6b 86
96 fc 77 57 01 00
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Vendor ID
Payload: 20
Oct 24 13:23:38 fwvpn pluto[5067]: | nat traversal enabled: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | nat add vid. port: 1 nonike: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | out_vendorid(): sending [RFC 3947]
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Vendor ID Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_VID
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 16 raw bytes of V_ID into
ISAKMP Vendor ID Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | V_ID 4a 13 1c 81 07 03 58 45 5c 57
28 f2 0e 95 45 2f
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Vendor ID
Payload: 20
Oct 24 13:23:38 fwvpn pluto[5067]: | out_vendorid(): sending
[draft-ietf-ipsec-nat-t-ike-03]
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Vendor ID Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_VID
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 16 raw bytes of V_ID into
ISAKMP Vendor ID Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | V_ID 7d 94 19 a6 53 10 ca 6f 2c 17
9d 92 15 52 9d 56
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Vendor ID
Payload: 20
Oct 24 13:23:38 fwvpn pluto[5067]: | out_vendorid(): sending
[draft-ietf-ipsec-nat-t-ike-02_n]
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Vendor ID Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_VID
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 16 raw bytes of V_ID into
ISAKMP Vendor ID Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | V_ID 90 cb 80 91 3e bb 69 6e 08 63
81 b5 ec 42 7b 1f
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Vendor ID
Payload: 20
Oct 24 13:23:38 fwvpn pluto[5067]: | out_vendorid(): sending
[draft-ietf-ipsec-nat-t-ike-02]
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Vendor ID Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_VID
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 16 raw bytes of V_ID into
ISAKMP Vendor ID Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | V_ID cd 60 46 43 35 df 21 f8 7c fd
b2 fc 68 b6 a4 48
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Vendor ID
Payload: 20
Oct 24 13:23:38 fwvpn pluto[5067]: | out_vendorid(): sending
[draft-ietf-ipsec-nat-t-ike-00]
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Vendor ID Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 16 raw bytes of V_ID into
ISAKMP Vendor ID Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | V_ID 44 85 15 2d 18 b6 bb cd 0b e8
a8 46 95 79 dd cc
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Vendor ID
Payload: 20
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Message: 248
Oct 24 13:23:38 fwvpn pluto[5067]: | sending 248 bytes for main_outI1
through eth0:500 to 200.19.63.235:500 (using #1)
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19 00 00 00 00
00 00 00 00
Oct 24 13:23:38 fwvpn pluto[5067]: | 01 10 02 00 00 00 00 00 00 00 00 f8
0d 00 00 54
Oct 24 13:23:38 fwvpn pluto[5067]: | 00 00 00 01 00 00 00 01 00 00 00 48
00 01 00 02
Oct 24 13:23:38 fwvpn pluto[5067]: | 03 00 00 20 00 01 00 00 80 0b 00 01
80 0c 0e 10
Oct 24 13:23:38 fwvpn pluto[5067]: | 80 01 00 05 80 02 00 02 80 03 00 01
80 04 00 05
Oct 24 13:23:38 fwvpn pluto[5067]: | 00 00 00 20 01 01 00 00 80 0b 00 01
80 0c 0e 10
Oct 24 13:23:38 fwvpn pluto[5067]: | 80 01 00 05 80 02 00 02 80 03 00 01
80 04 00 02
Oct 24 13:23:38 fwvpn pluto[5067]: | 0d 00 00 10 4f 45 6d 40 6b 67 53 46
45 48 40 7f
Oct 24 13:23:38 fwvpn pluto[5067]: | 0d 00 00 14 af ca d7 13 68 a1 f1 c9
6b 86 96 fc
Oct 24 13:23:38 fwvpn pluto[5067]: | 77 57 01 00 0d 00 00 14 4a 13 1c 81
07 03 58 45
Oct 24 13:23:38 fwvpn pluto[5067]: | 5c 57 28 f2 0e 95 45 2f 0d 00 00 14
7d 94 19 a6
Oct 24 13:23:38 fwvpn pluto[5067]: | 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
0d 00 00 14
Oct 24 13:23:38 fwvpn pluto[5067]: | 90 cb 80 91 3e bb 69 6e 08 63 81 b5
ec 42 7b 1f
Oct 24 13:23:38 fwvpn pluto[5067]: | 0d 00 00 14 cd 60 46 43 35 df 21 f8
7c fd b2 fc
Oct 24 13:23:38 fwvpn pluto[5067]: | 68 b6 a4 48 00 00 00 14 44 85 15 2d
18 b6 bb cd
Oct 24 13:23:38 fwvpn pluto[5067]: | 0b e8 a8 46 95 79 dd cc
Oct 24 13:23:38 fwvpn pluto[5067]: | deleting event for #1
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting event EVENT_RETRANSMIT,
timeout in 10 seconds for #1
Oct 24 13:23:38 fwvpn pluto[5067]: | event added at head of queue
Oct 24 13:23:38 fwvpn pluto[5067]: | * processed 0 messages from
cryptographic helpers
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_RETRANSMIT in 10
seconds for #1
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_RETRANSMIT in 10
seconds for #1
Oct 24 13:23:38 fwvpn pluto[5067]: |
Oct 24 13:23:38 fwvpn pluto[5067]: | *received 100 bytes from
200.19.63.235:500 on eth0 (port=500)
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19 6f 1a 78 33
29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | 01 10 02 00 00 00 00 00 00 00 00 64
0d 00 00 34
Oct 24 13:23:38 fwvpn pluto[5067]: | 00 00 00 01 00 00 00 01 00 00 00 28
01 01 00 01
Oct 24 13:23:38 fwvpn pluto[5067]: | 00 00 00 20 01 01 00 00 80 01 00 05
80 02 00 02
Oct 24 13:23:38 fwvpn pluto[5067]: | 80 04 00 02 80 03 00 01 80 0b 00 01
80 0c 0e 10
Oct 24 13:23:38 fwvpn pluto[5067]: | 00 00 00 14 4a 13 1c 81 07 03 58 45
5c 57 28 f2
Oct 24 13:23:38 fwvpn pluto[5067]: | 0e 95 45 2f
Oct 24 13:23:38 fwvpn pluto[5067]: | **parse ISAKMP Message:
Oct 24 13:23:38 fwvpn pluto[5067]: | initiator cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | responder cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_SA
Oct 24 13:23:38 fwvpn pluto[5067]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
Oct 24 13:23:38 fwvpn pluto[5067]: | exchange type: ISAKMP_XCHG_IDPROT
Oct 24 13:23:38 fwvpn pluto[5067]: | flags: none
Oct 24 13:23:38 fwvpn pluto[5067]: | message ID: 00 00 00 00
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 100
Oct 24 13:23:38 fwvpn pluto[5067]: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_IDPROT (2)
Oct 24 13:23:38 fwvpn pluto[5067]: | ICOOKIE: d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | RCOOKIE: 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | state hash entry 13
Oct 24 13:23:38 fwvpn pluto[5067]: | v1 state object not found
Oct 24 13:23:38 fwvpn pluto[5067]: | ICOOKIE: d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | RCOOKIE: 00 00 00 00 00 00 00 00
Oct 24 13:23:38 fwvpn pluto[5067]: | state hash entry 13
Oct 24 13:23:38 fwvpn pluto[5067]: | v1 peer and cookies match on #1,
provided msgid 00000000 vs 00000000
Oct 24 13:23:38 fwvpn pluto[5067]: | v1 state object #1 found, in
STATE_MAIN_I1
Oct 24 13:23:38 fwvpn pluto[5067]: | processing connection bov
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x2(ISAKMP_NEXT_SA) needed:
0x2 opt: 0x2080
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP Security Association
Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_VID
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 52
Oct 24 13:23:38 fwvpn pluto[5067]: | DOI: ISAKMP_DOI_IPSEC
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x2000(ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x2080
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP Vendor ID Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 20
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: received Vendor ID payload [RFC
3947] method set to=109
Oct 24 13:23:38 fwvpn pluto[5067]: | ****parse IPsec DOI SIT:
Oct 24 13:23:38 fwvpn pluto[5067]: | IPsec DOI SIT: SIT_IDENTITY_ONLY
Oct 24 13:23:38 fwvpn pluto[5067]: | ****parse ISAKMP Proposal Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 40
Oct 24 13:23:38 fwvpn pluto[5067]: | proposal number: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | protocol ID: PROTO_ISAKMP
Oct 24 13:23:38 fwvpn pluto[5067]: | SPI size: 0
Oct 24 13:23:38 fwvpn pluto[5067]: | number of transforms: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | *****parse ISAKMP Transform Payload
(ISAKMP):
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 32
Oct 24 13:23:38 fwvpn pluto[5067]: | transform number: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | transform ID: KEY_IKE
Oct 24 13:23:38 fwvpn pluto[5067]: | ******parse ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 5
Oct 24 13:23:38 fwvpn pluto[5067]: | [5 is OAKLEY_3DES_CBC]
Oct 24 13:23:38 fwvpn pluto[5067]: | ike_alg_enc_ok(ealg=5,key_len=0):
blocksize=8, keyminlen=192, keydeflen=192, keymaxlen=192, ret=1
Oct 24 13:23:38 fwvpn pluto[5067]: | ******parse ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_HASH_ALGORITHM
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 2
Oct 24 13:23:38 fwvpn pluto[5067]: | [2 is OAKLEY_SHA1]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******parse ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_GROUP_DESCRIPTION
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 2
Oct 24 13:23:38 fwvpn pluto[5067]: | [2 is OAKLEY_GROUP_MODP1024]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******parse ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type:
OAKLEY_AUTHENTICATION_METHOD
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | [1 is OAKLEY_PRESHARED_KEY]
Oct 24 13:23:38 fwvpn pluto[5067]: | started looking for secret for
200.98.XXX.XXX->200.19.63.235 of kind PPK_PSK
Oct 24 13:23:38 fwvpn pluto[5067]: | actually looking for secret for
200.98.XXX.XXX->200.19.63.235 of kind PPK_PSK
Oct 24 13:23:38 fwvpn pluto[5067]: | line 28: key type
PPK_PSK(200.98.XXX.XXX) to type PPK_PSK
Oct 24 13:23:38 fwvpn pluto[5067]: | 1: compared key 200.19.63.235 to
200.98.XXX.XXX / 200.19.63.235 -> 4
Oct 24 13:23:38 fwvpn pluto[5067]: | 2: compared key 200.98.XXX.XXX to
200.98.XXX.XXX / 200.19.63.235 -> 12
Oct 24 13:23:38 fwvpn pluto[5067]: | line 28: match=12
Oct 24 13:23:38 fwvpn pluto[5067]: | best_match 0>12 best=0x98b0ce8
(line=28)
Oct 24 13:23:38 fwvpn pluto[5067]: | line 23: key type
PPK_PSK(200.98.XXX.XXX) to type PPK_PSK
Oct 24 13:23:38 fwvpn pluto[5067]: | 1: compared key 200.19.63.234 to
200.98.XXX.XXX / 200.19.63.235 -> 0
Oct 24 13:23:38 fwvpn pluto[5067]: | 2: compared key 200.98.XXX.XXX to
200.98.XXX.XXX / 200.19.63.235 -> 8
Oct 24 13:23:38 fwvpn pluto[5067]: | line 23: match=8
Oct 24 13:23:38 fwvpn pluto[5067]: | concluding with best_match=12
best=0x98b0ce8 (lineno=28)
Oct 24 13:23:38 fwvpn pluto[5067]: | ******parse ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_LIFE_TYPE
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | [1 is OAKLEY_LIFE_SECONDS]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******parse ISAKMP Oakley attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: OAKLEY_LIFE_DURATION
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 3600
Oct 24 13:23:38 fwvpn pluto[5067]: | Oakley Transform 1 accepted
Oct 24 13:23:38 fwvpn pluto[5067]: | sender checking NAT-t: 1 and 109
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: enabling possible NAT-traversal
with method 4
Oct 24 13:23:38 fwvpn pluto[5067]: | 1: w->pcw_dead: 0 w->pcw_work: 0 cnt: 3
Oct 24 13:23:38 fwvpn pluto[5067]: | asking helper 1 to do build_kenonce op
on seq: 1 (len=2668, pcw_work=1)
Oct 24 13:23:38 fwvpn pluto[5067]: | crypto helper write of request:
cnt=2668<wlen=2668.
Oct 24 13:23:38 fwvpn pluto[5072]: ! helper 1 read 2664+4/2668 bytesfd: 9
Oct 24 13:23:38 fwvpn pluto[5067]: | deleting event for #1
Oct 24 13:23:38 fwvpn pluto[5072]: ! helper 1 doing build_kenonce op id: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting event EVENT_CRYPTO_FAILED,
timeout in 300 seconds for #1
Oct 24 13:23:38 fwvpn pluto[5067]: | event added after event
EVENT_PENDING_PHASE2
Oct 24 13:23:38 fwvpn pluto[5067]: | complete state transition with
STF_SUSPEND
Oct 24 13:23:38 fwvpn pluto[5067]: | * processed 0 messages from
cryptographic helpers
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_PENDING_DDNS in 54
seconds
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_PENDING_DDNS in 54
seconds
Oct 24 13:23:38 fwvpn pluto[5072]: ! Local DH secret:
Oct 24 13:23:38 fwvpn pluto[5072]: ! d7 be fb 1a da ff 4d b3 0e cd e4 6b
64 cd d0 8c
Oct 24 13:23:38 fwvpn pluto[5072]: ! 2d 7a 7e cf 28 4d e5 e0 45 ab 78 9c
0e ec 69 84
Oct 24 13:23:38 fwvpn pluto[5072]: ! Public DH value sent:
Oct 24 13:23:38 fwvpn pluto[5072]: ! dd f5 09 57 54 e3 97 d3 1a 35 70 e6
7e c8 ab b5
Oct 24 13:23:38 fwvpn pluto[5072]: ! f5 20 71 59 bf 6a 6c b2 9c 2e 21 db
55 89 9b 53
Oct 24 13:23:38 fwvpn pluto[5072]: ! fd 6e 95 e6 a2 c2 61 6b 8d 44 c5 d7
18 60 fd 86
Oct 24 13:23:38 fwvpn pluto[5072]: ! c2 3e a6 31 a9 c8 e0 94 cb 39 ca 13
8f 26 80 86
Oct 24 13:23:38 fwvpn pluto[5072]: ! a1 34 63 c7 02 38 61 0f 99 db 9a 5a
64 81 ac a8
Oct 24 13:23:38 fwvpn pluto[5072]: ! 03 72 aa 9e 32 40 e3 c7 43 ca 90 d1
19 4e b4 40
Oct 24 13:23:38 fwvpn pluto[5072]: ! 08 92 ee eb 93 37 60 7a 58 ea e6 55
56 95 aa 6a
Oct 24 13:23:38 fwvpn pluto[5072]: ! 13 73 26 46 69 3e 5a 49 1d 53 04 4c
4e bc 87 3e
Oct 24 13:23:38 fwvpn pluto[5072]: ! Generated nonce:
Oct 24 13:23:38 fwvpn pluto[5072]: ! 19 64 38 00 ea c7 5e df eb 1e 82 15
b2 09 34 43
Oct 24 13:23:38 fwvpn pluto[5067]: |
Oct 24 13:23:38 fwvpn pluto[5067]: | helper 1 has finished work (cnt now 1)
Oct 24 13:23:38 fwvpn pluto[5067]: | helper 1 replies to id: q#1
Oct 24 13:23:38 fwvpn pluto[5067]: | calling callback function 0x8070053
Oct 24 13:23:38 fwvpn pluto[5067]: | main inR1_outI2: calculated ke+nonce,
sending I2
Oct 24 13:23:38 fwvpn pluto[5067]: | processing connection bov
Oct 24 13:23:38 fwvpn pluto[5067]: | **emit ISAKMP Message:
Oct 24 13:23:38 fwvpn pluto[5067]: | initiator cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | responder cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_KE
Oct 24 13:23:38 fwvpn pluto[5067]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
Oct 24 13:23:38 fwvpn pluto[5067]: | exchange type: ISAKMP_XCHG_IDPROT
Oct 24 13:23:38 fwvpn pluto[5067]: | flags: none
Oct 24 13:23:38 fwvpn pluto[5067]: | message ID: 00 00 00 00
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Key Exchange Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONCE
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 128 raw bytes of keyex value
into ISAKMP Key Exchange Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value dd f5 09 57 54 e3 97 d3
1a 35 70 e6 7e c8 ab b5
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value f5 20 71 59 bf 6a 6c b2
9c 2e 21 db 55 89 9b 53
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value fd 6e 95 e6 a2 c2 61 6b
8d 44 c5 d7 18 60 fd 86
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value c2 3e a6 31 a9 c8 e0 94
cb 39 ca 13 8f 26 80 86
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value a1 34 63 c7 02 38 61 0f
99 db 9a 5a 64 81 ac a8
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value 03 72 aa 9e 32 40 e3 c7
43 ca 90 d1 19 4e b4 40
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value 08 92 ee eb 93 37 60 7a
58 ea e6 55 56 95 aa 6a
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value 13 73 26 46 69 3e 5a 49
1d 53 04 4c 4e bc 87 3e
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Key Exchange
Payload: 132
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Nonce Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 16 raw bytes of Ni into ISAKMP
Nonce Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | Ni 19 64 38 00 ea c7 5e df eb 1e 82
15 b2 09 34 43
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Nonce
Payload: 20
Oct 24 13:23:38 fwvpn pluto[5067]: | sending NATD payloads
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: hasher=0x813e560(20)
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: icookie=
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: rcookie=
Oct 24 13:23:38 fwvpn pluto[5067]: | 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: ip= c8 13 3f eb
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: port=500
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: hash= cc 5e 07 67 6b 60
d8 32 98 37 4a e4 c8 f4 1e be
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: hash= 95 91 78 e6
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP NAT-D Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NAT-D
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 20 raw bytes of NAT-D into
ISAKMP NAT-D Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | NAT-D cc 5e 07 67 6b 60 d8 32 98 37
4a e4 c8 f4 1e be
Oct 24 13:23:38 fwvpn pluto[5067]: | NAT-D 95 91 78 e6
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP NAT-D
Payload: 24
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: hasher=0x813e560(20)
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: icookie=
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: rcookie=
Oct 24 13:23:38 fwvpn pluto[5067]: | 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: ip= c8 62 da b4
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: port=500
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: hash= 57 1d a7 f6 e8 45
bb 9e f0 c8 06 42 79 2d 9d 54
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: hash= db 63 0a 79
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP NAT-D Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 20 raw bytes of NAT-D into
ISAKMP NAT-D Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | NAT-D 57 1d a7 f6 e8 45 bb 9e f0 c8
06 42 79 2d 9d 54
Oct 24 13:23:38 fwvpn pluto[5067]: | NAT-D db 63 0a 79
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP NAT-D
Payload: 24
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Message: 228
Oct 24 13:23:38 fwvpn pluto[5067]: | ICOOKIE: d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | RCOOKIE: 00 00 00 00 00 00 00 00
Oct 24 13:23:38 fwvpn pluto[5067]: | state hash entry 13
Oct 24 13:23:38 fwvpn pluto[5067]: | ICOOKIE: d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | RCOOKIE: 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | state hash entry 13
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting state object #1 on chain 13
Oct 24 13:23:38 fwvpn pluto[5067]: | complete state transition with STF_OK
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: transition from state
STATE_MAIN_I1 to state STATE_MAIN_I2
Oct 24 13:23:38 fwvpn pluto[5067]: | deleting event for #1
Oct 24 13:23:38 fwvpn pluto[5067]: | sending reply packet to
200.19.63.235:500 (from port 500)
Oct 24 13:23:38 fwvpn pluto[5067]: | sending 228 bytes for STATE_MAIN_I1
through eth0:500 to 200.19.63.235:500 (using #1)
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19 6f 1a 78 33
29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | 04 10 02 00 00 00 00 00 00 00 00 e4
0a 00 00 84
Oct 24 13:23:38 fwvpn pluto[5067]: | dd f5 09 57 54 e3 97 d3 1a 35 70 e6
7e c8 ab b5
Oct 24 13:23:38 fwvpn pluto[5067]: | f5 20 71 59 bf 6a 6c b2 9c 2e 21 db
55 89 9b 53
Oct 24 13:23:38 fwvpn pluto[5067]: | fd 6e 95 e6 a2 c2 61 6b 8d 44 c5 d7
18 60 fd 86
Oct 24 13:23:38 fwvpn pluto[5067]: | c2 3e a6 31 a9 c8 e0 94 cb 39 ca 13
8f 26 80 86
Oct 24 13:23:38 fwvpn pluto[5067]: | a1 34 63 c7 02 38 61 0f 99 db 9a 5a
64 81 ac a8
Oct 24 13:23:38 fwvpn pluto[5067]: | 03 72 aa 9e 32 40 e3 c7 43 ca 90 d1
19 4e b4 40
Oct 24 13:23:38 fwvpn pluto[5067]: | 08 92 ee eb 93 37 60 7a 58 ea e6 55
56 95 aa 6a
Oct 24 13:23:38 fwvpn pluto[5067]: | 13 73 26 46 69 3e 5a 49 1d 53 04 4c
4e bc 87 3e
Oct 24 13:23:38 fwvpn pluto[5067]: | 14 00 00 14 19 64 38 00 ea c7 5e df
eb 1e 82 15
Oct 24 13:23:38 fwvpn pluto[5067]: | b2 09 34 43 14 00 00 18 cc 5e 07 67
6b 60 d8 32
Oct 24 13:23:38 fwvpn pluto[5067]: | 98 37 4a e4 c8 f4 1e be 95 91 78 e6
00 00 00 18
Oct 24 13:23:38 fwvpn pluto[5067]: | 57 1d a7 f6 e8 45 bb 9e f0 c8 06 42
79 2d 9d 54
Oct 24 13:23:38 fwvpn pluto[5067]: | db 63 0a 79
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting event EVENT_RETRANSMIT,
timeout in 10 seconds for #1
Oct 24 13:23:38 fwvpn pluto[5067]: | event added at head of queue
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: STATE_MAIN_I2: sent MI2,
expecting MR2
Oct 24 13:23:38 fwvpn pluto[5067]: | modecfg pull: noquirk policy:push
not-client
Oct 24 13:23:38 fwvpn pluto[5067]: | phase 1 is done, looking for phase 2 to
unpend
Oct 24 13:23:38 fwvpn pluto[5067]: | * processed 1 messages from
cryptographic helpers
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_RETRANSMIT in 10
seconds for #1
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_RETRANSMIT in 10
seconds for #1
Oct 24 13:23:38 fwvpn pluto[5067]: |
Oct 24 13:23:38 fwvpn pluto[5067]: | *received 304 bytes from
200.19.63.235:500 on eth0 (port=500)
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19 6f 1a 78 33
29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | 04 10 02 00 00 00 00 00 00 00 01 30
0a 00 00 84
Oct 24 13:23:38 fwvpn pluto[5067]: | 96 97 db b9 c6 11 47 70 bf 9f ac 03
5c b3 95 b0
Oct 24 13:23:38 fwvpn pluto[5067]: | 5d 93 8b 60 e5 86 b7 f7 f5 d2 71 80
c3 db eb bf
Oct 24 13:23:38 fwvpn pluto[5067]: | 60 24 f2 7d 50 f6 eb 85 ee 6f f3 0b
2d 14 b2 15
Oct 24 13:23:38 fwvpn pluto[5067]: | 59 04 31 2d 31 1f c8 56 91 b1 a7 7c
d7 bd 7e b1
Oct 24 13:23:38 fwvpn pluto[5067]: | 2b fa d8 5a 7e 56 2e eb d9 0d 02 28
5a f4 5f f2
Oct 24 13:23:38 fwvpn pluto[5067]: | 75 88 8c a5 2d 61 c1 2a 8e 84 62 c5
9c 8e c6 a1
Oct 24 13:23:38 fwvpn pluto[5067]: | 90 c0 08 0c e3 36 b3 04 48 2f 27 52
0c 97 e2 a2
Oct 24 13:23:38 fwvpn pluto[5067]: | ea 52 26 6d 1e 29 07 e8 5e 8f e9 e6
74 a2 77 54
Oct 24 13:23:38 fwvpn pluto[5067]: | 0d 00 00 18 c5 f3 3f f8 8a 7e 86 30
9c 64 68 a1
Oct 24 13:23:38 fwvpn pluto[5067]: | 4e bc 48 cc 60 67 6e a5 0d 00 00 14
12 f5 f2 8c
Oct 24 13:23:38 fwvpn pluto[5067]: | 45 71 68 a9 70 2d 9f e2 74 cc 01 00
0d 00 00 14
Oct 24 13:23:38 fwvpn pluto[5067]: | af ca d7 13 68 a1 f1 c9 6b 86 96 fc
77 57 01 00
Oct 24 13:23:38 fwvpn pluto[5067]: | 0d 00 00 14 9a dd df 2e 29 52 c1 c9
61 e7 07 05
Oct 24 13:23:38 fwvpn pluto[5067]: | 45 d5 9c 58 14 00 00 0c 09 00 26 89
df d6 b7 12
Oct 24 13:23:38 fwvpn pluto[5067]: | 14 00 00 18 57 1d a7 f6 e8 45 bb 9e
f0 c8 06 42
Oct 24 13:23:38 fwvpn pluto[5067]: | 79 2d 9d 54 db 63 0a 79 00 00 00 18
cc 5e 07 67
Oct 24 13:23:38 fwvpn pluto[5067]: | 6b 60 d8 32 98 37 4a e4 c8 f4 1e be
95 91 78 e6
Oct 24 13:23:38 fwvpn pluto[5067]: | **parse ISAKMP Message:
Oct 24 13:23:38 fwvpn pluto[5067]: | initiator cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | responder cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_KE
Oct 24 13:23:38 fwvpn pluto[5067]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
Oct 24 13:23:38 fwvpn pluto[5067]: | exchange type: ISAKMP_XCHG_IDPROT
Oct 24 13:23:38 fwvpn pluto[5067]: | flags: none
Oct 24 13:23:38 fwvpn pluto[5067]: | message ID: 00 00 00 00
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 304
Oct 24 13:23:38 fwvpn pluto[5067]: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_IDPROT (2)
Oct 24 13:23:38 fwvpn pluto[5067]: | ICOOKIE: d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | RCOOKIE: 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | state hash entry 13
Oct 24 13:23:38 fwvpn pluto[5067]: | v1 peer and cookies match on #1,
provided msgid 00000000 vs 00000000
Oct 24 13:23:38 fwvpn pluto[5067]: | v1 state object #1 found, in
STATE_MAIN_I2
Oct 24 13:23:38 fwvpn pluto[5067]: | processing connection bov
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x10(ISAKMP_NEXT_KE)
needed: 0x410 opt: 0x102080
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP Key Exchange Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONCE
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 132
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x400(ISAKMP_NEXT_NONCE)
needed: 0x400 opt: 0x102080
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP Nonce Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_VID
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 24
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x2000(ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102080
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP Vendor ID Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_VID
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 20
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x2000(ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102080
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP Vendor ID Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_VID
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 20
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x2000(ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102080
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP Vendor ID Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_VID
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 20
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x2000(ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102080
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP Vendor ID Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NAT-D
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 12
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x100000(ISAKMP_NEXT_NAT-D)
needed: 0x0 opt: 0x102080
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP NAT-D Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NAT-D
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 24
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x100000(ISAKMP_NEXT_NAT-D)
needed: 0x0 opt: 0x102080
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP NAT-D Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 24
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: received Vendor ID payload
[Cisco-Unity]
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: received Vendor ID payload
[Dead Peer Detection]
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: ignoring unknown Vendor ID
payload [9adddf2e2952c1c961e7070545d59c58]
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: received Vendor ID payload
[XAUTH]
Oct 24 13:23:38 fwvpn pluto[5067]: | **emit ISAKMP Message:
Oct 24 13:23:38 fwvpn pluto[5067]: | initiator cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | responder cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_ID
Oct 24 13:23:38 fwvpn pluto[5067]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
Oct 24 13:23:38 fwvpn pluto[5067]: | exchange type: ISAKMP_XCHG_IDPROT
Oct 24 13:23:38 fwvpn pluto[5067]: | flags: ISAKMP_FLAG_ENCRYPTION
Oct 24 13:23:38 fwvpn pluto[5067]: | message ID: 00 00 00 00
Oct 24 13:23:38 fwvpn pluto[5067]: | DH public value received:
Oct 24 13:23:38 fwvpn pluto[5067]: | 96 97 db b9 c6 11 47 70 bf 9f ac 03
5c b3 95 b0
Oct 24 13:23:38 fwvpn pluto[5067]: | 5d 93 8b 60 e5 86 b7 f7 f5 d2 71 80
c3 db eb bf
Oct 24 13:23:38 fwvpn pluto[5067]: | 60 24 f2 7d 50 f6 eb 85 ee 6f f3 0b
2d 14 b2 15
Oct 24 13:23:38 fwvpn pluto[5067]: | 59 04 31 2d 31 1f c8 56 91 b1 a7 7c
d7 bd 7e b1
Oct 24 13:23:38 fwvpn pluto[5067]: | 2b fa d8 5a 7e 56 2e eb d9 0d 02 28
5a f4 5f f2
Oct 24 13:23:38 fwvpn pluto[5067]: | 75 88 8c a5 2d 61 c1 2a 8e 84 62 c5
9c 8e c6 a1
Oct 24 13:23:38 fwvpn pluto[5067]: | 90 c0 08 0c e3 36 b3 04 48 2f 27 52
0c 97 e2 a2
Oct 24 13:23:38 fwvpn pluto[5067]: | ea 52 26 6d 1e 29 07 e8 5e 8f e9 e6
74 a2 77 54
Oct 24 13:23:38 fwvpn pluto[5067]: | started looking for secret for
200.98.XXX.XXX->200.19.63.235 of kind PPK_PSK
Oct 24 13:23:38 fwvpn pluto[5067]: | actually looking for secret for
200.98.XXX.XXX->200.19.63.235 of kind PPK_PSK
Oct 24 13:23:38 fwvpn pluto[5067]: | line 28: key type
PPK_PSK(200.98.XXX.XXX) to type PPK_PSK
Oct 24 13:23:38 fwvpn pluto[5067]: | 1: compared key 200.19.63.235 to
200.98.XXX.XXX / 200.19.63.235 -> 4
Oct 24 13:23:38 fwvpn pluto[5067]: | 2: compared key 200.98.XXX.XXX to
200.98.XXX.XXX / 200.19.63.235 -> 12
Oct 24 13:23:38 fwvpn pluto[5067]: | line 28: match=12
Oct 24 13:23:38 fwvpn pluto[5067]: | best_match 0>12 best=0x98b0ce8
(line=28)
Oct 24 13:23:38 fwvpn pluto[5067]: | line 23: key type
PPK_PSK(200.98.XXX.XXX) to type PPK_PSK
Oct 24 13:23:38 fwvpn pluto[5067]: | 1: compared key 200.19.63.234 to
200.98.XXX.XXX / 200.19.63.235 -> 0
Oct 24 13:23:38 fwvpn pluto[5067]: | 2: compared key 200.98.XXX.XXX to
200.98.XXX.XXX / 200.19.63.235 -> 8
Oct 24 13:23:38 fwvpn pluto[5067]: | line 23: match=8
Oct 24 13:23:38 fwvpn pluto[5067]: | concluding with best_match=12
best=0x98b0ce8 (lineno=28)
Oct 24 13:23:38 fwvpn pluto[5067]: | parent1 type: 7 group: 2 len: 2668
Oct 24 13:23:38 fwvpn pluto[5067]: | 2: w->pcw_dead: 0 w->pcw_work: 0 cnt: 3
Oct 24 13:23:38 fwvpn pluto[5067]: | asking helper 2 to do compute dh+iv op
on seq: 2 (len=2668, pcw_work=1)
Oct 24 13:23:38 fwvpn pluto[5067]: | crypto helper write of request:
cnt=2668<wlen=2668.
Oct 24 13:23:38 fwvpn pluto[5073]: ! helper 2 read 2664+4/2668 bytesfd: 10
Oct 24 13:23:38 fwvpn pluto[5067]: | deleting event for #1
Oct 24 13:23:38 fwvpn pluto[5073]: ! helper 2 doing compute dh+iv op id: 2
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting event EVENT_CRYPTO_FAILED,
timeout in 300 seconds for #1
Oct 24 13:23:38 fwvpn pluto[5073]: ! peer's g: 96 97 db b9 c6 11 47 70
bf 9f ac 03 5c b3 95 b0
Oct 24 13:23:38 fwvpn pluto[5067]: | event added after event
EVENT_PENDING_PHASE2
Oct 24 13:23:38 fwvpn pluto[5073]: ! peer's g: 5d 93 8b 60 e5 86 b7 f7
f5 d2 71 80 c3 db eb bf
Oct 24 13:23:38 fwvpn pluto[5067]: | complete state transition with
STF_SUSPEND
Oct 24 13:23:38 fwvpn pluto[5073]: ! peer's g: 60 24 f2 7d 50 f6 eb 85
ee 6f f3 0b 2d 14 b2 15
Oct 24 13:23:38 fwvpn pluto[5067]: | * processed 0 messages from
cryptographic helpers
Oct 24 13:23:38 fwvpn pluto[5073]: ! peer's g: 59 04 31 2d 31 1f c8 56
91 b1 a7 7c d7 bd 7e b1
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_PENDING_DDNS in 54
seconds
Oct 24 13:23:38 fwvpn pluto[5073]: ! peer's g: 2b fa d8 5a 7e 56 2e eb
d9 0d 02 28 5a f4 5f f2
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_PENDING_DDNS in 54
seconds
Oct 24 13:23:38 fwvpn pluto[5073]: ! peer's g: 75 88 8c a5 2d 61 c1 2a
8e 84 62 c5 9c 8e c6 a1
Oct 24 13:23:38 fwvpn pluto[5073]: ! peer's g: 90 c0 08 0c e3 36 b3 04
48 2f 27 52 0c 97 e2 a2
Oct 24 13:23:38 fwvpn pluto[5073]: ! peer's g: ea 52 26 6d 1e 29 07 e8
5e 8f e9 e6 74 a2 77 54
Oct 24 13:23:38 fwvpn pluto[5073]: ! long term secret: d7 be fb 1a da ff
4d b3 0e cd e4 6b 64 cd d0 8c
Oct 24 13:23:38 fwvpn pluto[5073]: ! long term secret: 2d 7a 7e cf 28 4d
e5 e0 45 ab 78 9c 0e ec 69 84
Oct 24 13:23:38 fwvpn pluto[5073]: ! calc_dh_shared(): time elapsed
(OAKLEY_GROUP_MODP1024): 1259 usec
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH shared-secret:
Oct 24 13:23:38 fwvpn pluto[5073]: ! 4e 49 43 03 17 21 71 87 2c 85 95 c0
ab 31 e6 03
Oct 24 13:23:38 fwvpn pluto[5073]: ! 28 1d e0 a1 27 24 cc 10 0e aa 3e e9
92 e4 f6 68
Oct 24 13:23:38 fwvpn pluto[5073]: ! 00 3b e5 25 5b 03 60 b7 02 20 b7 13
14 c2 fa d7
Oct 24 13:23:38 fwvpn pluto[5073]: ! ea d9 8a 0a ac 33 af 33 2b 6c f3 61
45 48 25 b8
Oct 24 13:23:38 fwvpn pluto[5073]: ! 96 55 f2 b0 fc 1c 5b 8d e9 e8 70 d5
a2 05 84 35
Oct 24 13:23:38 fwvpn pluto[5073]: ! df 3b 61 10 47 28 a1 30 4a a0 85 66
f2 dc df ef
Oct 24 13:23:38 fwvpn pluto[5073]: ! ea e0 97 1f f0 34 b2 eb 36 72 41 e0
0f 0f fe 0a
Oct 24 13:23:38 fwvpn pluto[5073]: ! fc 3b 63 83 91 0b 64 3c 06 9f c1 f7
43 ae ef 96
Oct 24 13:23:38 fwvpn pluto[5073]: ! Skey inputs (PSK+NI+NR)
Oct 24 13:23:38 fwvpn pluto[5073]: ! ni: 19 64 38 00 ea c7 5e df eb 1e
82 15 b2 09 34 43
Oct 24 13:23:38 fwvpn pluto[5073]: ! nr: c5 f3 3f f8 8a 7e 86 30 9c 64
68 a1 4e bc 48 cc
Oct 24 13:23:38 fwvpn pluto[5073]: ! nr: 60 67 6e a5
Oct 24 13:23:38 fwvpn pluto[5073]: ! keyid: ff 78 60 84 2d 31 7e 66 7c
5f a2 44 91 35 42 7f
Oct 24 13:23:38 fwvpn pluto[5073]: ! keyid: 3d ee 08 84
Oct 24 13:23:38 fwvpn pluto[5073]: ! NSS: end of key computation
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_i: dd f5 09 57 54 e3 97 d3 1a 35
70 e6 7e c8 ab b5
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_i: f5 20 71 59 bf 6a 6c b2 9c 2e
21 db 55 89 9b 53
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_i: fd 6e 95 e6 a2 c2 61 6b 8d 44
c5 d7 18 60 fd 86
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_i: c2 3e a6 31 a9 c8 e0 94 cb 39
ca 13 8f 26 80 86
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_i: a1 34 63 c7 02 38 61 0f 99 db
9a 5a 64 81 ac a8
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_i: 03 72 aa 9e 32 40 e3 c7 43 ca
90 d1 19 4e b4 40
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_i: 08 92 ee eb 93 37 60 7a 58 ea
e6 55 56 95 aa 6a
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_i: 13 73 26 46 69 3e 5a 49 1d 53
04 4c 4e bc 87 3e
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_r: 96 97 db b9 c6 11 47 70 bf 9f
ac 03 5c b3 95 b0
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_r: 5d 93 8b 60 e5 86 b7 f7 f5 d2
71 80 c3 db eb bf
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_r: 60 24 f2 7d 50 f6 eb 85 ee 6f
f3 0b 2d 14 b2 15
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_r: 59 04 31 2d 31 1f c8 56 91 b1
a7 7c d7 bd 7e b1
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_r: 2b fa d8 5a 7e 56 2e eb d9 0d
02 28 5a f4 5f f2
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_r: 75 88 8c a5 2d 61 c1 2a 8e 84
62 c5 9c 8e c6 a1
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_r: 90 c0 08 0c e3 36 b3 04 48 2f
27 52 0c 97 e2 a2
Oct 24 13:23:38 fwvpn pluto[5073]: ! DH_r: ea 52 26 6d 1e 29 07 e8 5e 8f
e9 e6 74 a2 77 54
Oct 24 13:23:38 fwvpn pluto[5073]: ! end of IV generation
Oct 24 13:23:38 fwvpn pluto[5073]: ! Skeyid: ff 78 60 84 2d 31 7e 66 7c
5f a2 44 91 35 42 7f
Oct 24 13:23:38 fwvpn pluto[5073]: ! Skeyid: 3d ee 08 84
Oct 24 13:23:38 fwvpn pluto[5073]: ! Skeyid_d: d9 ac c6 55 f1 d6 15 88 b5
ba 5a bc 91 8c eb e1
Oct 24 13:23:38 fwvpn pluto[5073]: ! Skeyid_d: 49 50 46 3f
Oct 24 13:23:38 fwvpn pluto[5073]: ! Skeyid_a: 93 94 0e 01 eb 56 c5 c0 f5
d9 19 dc 65 26 4e 58
Oct 24 13:23:38 fwvpn pluto[5073]: ! Skeyid_a: 39 e9 5a b9
Oct 24 13:23:38 fwvpn pluto[5073]: ! Skeyid_e: 97 f1 d9 22 85 5b 03 8d d4
46 1e 8e b1 49 ad fa
Oct 24 13:23:38 fwvpn pluto[5073]: ! Skeyid_e: dd ae 36 ac
Oct 24 13:23:38 fwvpn pluto[5073]: ! enc key: 32 da bb 8f d2 32 e1 6d 20
b3 41 a5 75 66 ac 40
Oct 24 13:23:38 fwvpn pluto[5073]: ! enc key: 46 96 12 d7 2d 33 72 1a
Oct 24 13:23:38 fwvpn pluto[5073]: ! IV: a9 0a 5c a8 45 79 99 2c e0 fa 3a
d5 61 e3 87 3a
Oct 24 13:23:38 fwvpn pluto[5073]: ! IV: ff 9d d9 ff
Oct 24 13:23:38 fwvpn pluto[5067]: |
Oct 24 13:23:38 fwvpn pluto[5067]: | helper 2 has finished work (cnt now 1)
Oct 24 13:23:38 fwvpn pluto[5067]: | helper 2 replies to id: q#2
Oct 24 13:23:38 fwvpn pluto[5067]: | calling callback function 0x8071b45
Oct 24 13:23:38 fwvpn pluto[5067]: | main inR2_outI3: calculated DH, sending
R1
Oct 24 13:23:38 fwvpn pluto[5067]: | processing connection bov
Oct 24 13:23:38 fwvpn pluto[5067]: | thinking about whether to send my
certificate:
Oct 24 13:23:38 fwvpn pluto[5067]: | I have RSA key: OAKLEY_PRESHARED_KEY
cert.type: CERT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | sendcert: CERT_ALWAYSSEND and I did
not get a certificate request
Oct 24 13:23:38 fwvpn pluto[5067]: | so do not send cert.
Oct 24 13:23:38 fwvpn pluto[5067]: | I did not send a certificate because
digital signatures are not being used. (PSK)
Oct 24 13:23:38 fwvpn pluto[5067]: | I am not sending a certificate request
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: hasher=0x813e560(20)
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: icookie=
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: rcookie=
Oct 24 13:23:38 fwvpn pluto[5067]: | 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: ip= c8 62 da b4
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: port=500
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: hash= 57 1d a7 f6 e8 45
bb 9e f0 c8 06 42 79 2d 9d 54
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: hash= db 63 0a 79
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: hasher=0x813e560(20)
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: icookie=
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: rcookie=
Oct 24 13:23:38 fwvpn pluto[5067]: | 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: ip= c8 13 3f eb
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: port=500
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: hash= cc 5e 07 67 6b 60
d8 32 98 37 4a e4 c8 f4 1e be
Oct 24 13:23:38 fwvpn pluto[5067]: | _natd_hash: hash= 95 91 78 e6
Oct 24 13:23:38 fwvpn pluto[5067]: | NAT_TRAVERSAL hash=0 (me:0) (him:0)
Oct 24 13:23:38 fwvpn pluto[5067]: | expected NAT-D(me): 57 1d a7 f6 e8 45
bb 9e f0 c8 06 42 79 2d 9d 54
Oct 24 13:23:38 fwvpn pluto[5067]: | expected NAT-D(me): db 63 0a 79
Oct 24 13:23:38 fwvpn pluto[5067]: | expected NAT-D(him):
Oct 24 13:23:38 fwvpn pluto[5067]: | cc 5e 07 67 6b 60 d8 32 98 37 4a e4
c8 f4 1e be
Oct 24 13:23:38 fwvpn pluto[5067]: | 95 91 78 e6
Oct 24 13:23:38 fwvpn pluto[5067]: | received NAT-D: 57 1d a7 f6 e8 45 bb
9e f0 c8 06 42 79 2d 9d 54
Oct 24 13:23:38 fwvpn pluto[5067]: | received NAT-D: db 63 0a 79
Oct 24 13:23:38 fwvpn pluto[5067]: | NAT_TRAVERSAL hash=1 (me:1) (him:0)
Oct 24 13:23:38 fwvpn pluto[5067]: | expected NAT-D(me): 57 1d a7 f6 e8 45
bb 9e f0 c8 06 42 79 2d 9d 54
Oct 24 13:23:38 fwvpn pluto[5067]: | expected NAT-D(me): db 63 0a 79
Oct 24 13:23:38 fwvpn pluto[5067]: | expected NAT-D(him):
Oct 24 13:23:38 fwvpn pluto[5067]: | cc 5e 07 67 6b 60 d8 32 98 37 4a e4
c8 f4 1e be
Oct 24 13:23:38 fwvpn pluto[5067]: | 95 91 78 e6
Oct 24 13:23:38 fwvpn pluto[5067]: | received NAT-D: cc 5e 07 67 6b 60 d8
32 98 37 4a e4 c8 f4 1e be
Oct 24 13:23:38 fwvpn pluto[5067]: | received NAT-D: 95 91 78 e6
Oct 24 13:23:38 fwvpn pluto[5067]: | NAT_TRAVERSAL hash=2 (me:1) (him:1)
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: NAT-Traversal: Result using RFC
3947 (NAT-Traversal): no NAT detected
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting event EVENT_NAT_T_KEEPALIVE,
timeout in 20 seconds
Oct 24 13:23:38 fwvpn pluto[5067]: | event added at head of queue
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Identification Payload
(IPsec DOI):
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_HASH
Oct 24 13:23:38 fwvpn pluto[5067]: | ID type: ID_IPV4_ADDR
Oct 24 13:23:38 fwvpn pluto[5067]: | Protocol ID: 0
Oct 24 13:23:38 fwvpn pluto[5067]: | port: 0
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 4 raw bytes of my identity
into ISAKMP Identification Payload (IPsec DOI)
Oct 24 13:23:38 fwvpn pluto[5067]: | my identity c8 62 da b4
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP
Identification Payload (IPsec DOI): 12
Oct 24 13:23:38 fwvpn pluto[5067]: | hashing 80 bytes of SA
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Hash Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 20 raw bytes of HASH_I into
ISAKMP Hash Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | HASH_I 55 ef 3d 24 c6 b7 56 c9 13 08
b0 01 f9 e3 8f 19
Oct 24 13:23:38 fwvpn pluto[5067]: | HASH_I 5f 55 18 ee
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Hash Payload:
24
Oct 24 13:23:38 fwvpn pluto[5067]: | encrypting:
Oct 24 13:23:38 fwvpn pluto[5067]: | 08 00 00 0c 01 00 00 00 c8 62 da b4
00 00 00 18
Oct 24 13:23:38 fwvpn pluto[5067]: | 55 ef 3d 24 c6 b7 56 c9 13 08 b0 01
f9 e3 8f 19
Oct 24 13:23:38 fwvpn pluto[5067]: | 5f 55 18 ee
Oct 24 13:23:38 fwvpn pluto[5067]: | IV:
Oct 24 13:23:38 fwvpn pluto[5067]: | a9 0a 5c a8 45 79 99 2c e0 fa 3a d5
61 e3 87 3a
Oct 24 13:23:38 fwvpn pluto[5067]: | ff 9d d9 ff
Oct 24 13:23:38 fwvpn pluto[5067]: | unpadded size is: 36
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 4 zero bytes of encryption
padding into ISAKMP Message
Oct 24 13:23:38 fwvpn pluto[5067]: | encrypting 40 using OAKLEY_3DES_CBC
Oct 24 13:23:38 fwvpn pluto[5067]: | next IV: fb 8f 73 83 21 5e cd e5
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Message: 68
Oct 24 13:23:38 fwvpn pluto[5067]: | complete state transition with STF_OK
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: transition from state
STATE_MAIN_I2 to state STATE_MAIN_I3
Oct 24 13:23:38 fwvpn pluto[5067]: | deleting event for #1
Oct 24 13:23:38 fwvpn pluto[5067]: | sending reply packet to
200.19.63.235:500 (from port 500)
Oct 24 13:23:38 fwvpn pluto[5067]: | sending 68 bytes for STATE_MAIN_I2
through eth0:500 to 200.19.63.235:500 (using #1)
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19 6f 1a 78 33
29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | 05 10 02 01 00 00 00 00 00 00 00 44
01 59 82 e5
Oct 24 13:23:38 fwvpn pluto[5067]: | 62 95 39 02 7b 22 08 83 e8 e5 58 dd
cd da 94 f8
Oct 24 13:23:38 fwvpn pluto[5067]: | c8 03 34 bd 0a 0e 91 0e 52 c4 a2 81
fb 8f 73 83
Oct 24 13:23:38 fwvpn pluto[5067]: | 21 5e cd e5
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting event EVENT_RETRANSMIT,
timeout in 10 seconds for #1
Oct 24 13:23:38 fwvpn pluto[5067]: | event added at head of queue
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: STATE_MAIN_I3: sent MI3,
expecting MR3
Oct 24 13:23:38 fwvpn pluto[5067]: | modecfg pull: noquirk policy:push
not-client
Oct 24 13:23:38 fwvpn pluto[5067]: | phase 1 is done, looking for phase 2 to
unpend
Oct 24 13:23:38 fwvpn pluto[5067]: | * processed 1 messages from
cryptographic helpers
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_RETRANSMIT in 10
seconds for #1
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_RETRANSMIT in 10
seconds for #1
Oct 24 13:23:38 fwvpn pluto[5067]: |
Oct 24 13:23:38 fwvpn pluto[5067]: | *received 68 bytes from
200.19.63.235:500 on eth0 (port=500)
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19 6f 1a 78 33
29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | 05 10 02 01 00 00 00 00 00 00 00 44
1b c7 03 29
Oct 24 13:23:38 fwvpn pluto[5067]: | 73 ee 21 66 e1 d8 8d 1b 2c a0 e1 b2
fb 4b 97 e2
Oct 24 13:23:38 fwvpn pluto[5067]: | bf cb f1 12 c6 47 bd 9a 0d 2d c4 b0
30 2d 11 cc
Oct 24 13:23:38 fwvpn pluto[5067]: | 91 85 a9 57
Oct 24 13:23:38 fwvpn pluto[5067]: | **parse ISAKMP Message:
Oct 24 13:23:38 fwvpn pluto[5067]: | initiator cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | responder cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_ID
Oct 24 13:23:38 fwvpn pluto[5067]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
Oct 24 13:23:38 fwvpn pluto[5067]: | exchange type: ISAKMP_XCHG_IDPROT
Oct 24 13:23:38 fwvpn pluto[5067]: | flags: ISAKMP_FLAG_ENCRYPTION
Oct 24 13:23:38 fwvpn pluto[5067]: | message ID: 00 00 00 00
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 68
Oct 24 13:23:38 fwvpn pluto[5067]: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_IDPROT (2)
Oct 24 13:23:38 fwvpn pluto[5067]: | ICOOKIE: d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | RCOOKIE: 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | state hash entry 13
Oct 24 13:23:38 fwvpn pluto[5067]: | v1 peer and cookies match on #1,
provided msgid 00000000 vs 00000000
Oct 24 13:23:38 fwvpn pluto[5067]: | v1 state object #1 found, in
STATE_MAIN_I3
Oct 24 13:23:38 fwvpn pluto[5067]: | processing connection bov
Oct 24 13:23:38 fwvpn pluto[5067]: | received encrypted packet from
200.19.63.235:500
Oct 24 13:23:38 fwvpn pluto[5067]: | decrypting 40 bytes using algorithm
OAKLEY_3DES_CBC
Oct 24 13:23:38 fwvpn pluto[5067]: | decrypted:
Oct 24 13:23:38 fwvpn pluto[5067]: | 08 00 00 0c 01 11 01 f4 c8 13 3f eb
00 00 00 18
Oct 24 13:23:38 fwvpn pluto[5067]: | 85 64 31 0a e9 16 85 d1 a1 ec 21 93
52 01 8f 10
Oct 24 13:23:38 fwvpn pluto[5067]: | df 07 f6 f1 00 00 00 00
Oct 24 13:23:38 fwvpn pluto[5067]: | next IV: 30 2d 11 cc 91 85 a9 57
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x20(ISAKMP_NEXT_ID)
needed: 0x120 opt: 0x2080
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP Identification Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_HASH
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 12
Oct 24 13:23:38 fwvpn pluto[5067]: | ID type: ID_IPV4_ADDR
Oct 24 13:23:38 fwvpn pluto[5067]: | DOI specific A: 17
Oct 24 13:23:38 fwvpn pluto[5067]: | DOI specific B: 500
Oct 24 13:23:38 fwvpn pluto[5067]: | obj: c8 13 3f eb 00 00 00 18
85 64 31 0a
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x100(ISAKMP_NEXT_HASH)
needed: 0x100 opt: 0x2080
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP Hash Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 24
Oct 24 13:23:38 fwvpn pluto[5067]: | removing 4 bytes of padding
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: Main mode peer ID is
ID_IPV4_ADDR: '200.19.63.235'
Oct 24 13:23:38 fwvpn pluto[5067]: | hashing 80 bytes of SA
Oct 24 13:23:38 fwvpn pluto[5067]: | authentication succeeded
Oct 24 13:23:38 fwvpn pluto[5067]: | complete state transition with STF_OK
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: transition from state
STATE_MAIN_I3 to state STATE_MAIN_I4
Oct 24 13:23:38 fwvpn pluto[5067]: | deleting event for #1
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting event EVENT_SA_REPLACE,
timeout in 3005 seconds for #1
Oct 24 13:23:38 fwvpn pluto[5067]: | event added after event
EVENT_PENDING_PHASE2
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: STATE_MAIN_I4: ISAKMP SA
established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192
prf=oakley_sha group=modp1024}
Oct 24 13:23:38 fwvpn pluto[5067]: | modecfg pull: noquirk policy:push
not-client
Oct 24 13:23:38 fwvpn pluto[5067]: | phase 1 is done, looking for phase 2 to
unpend
Oct 24 13:23:38 fwvpn pluto[5067]: | unqueuing pending Quick Mode with
200.19.63.235 "bov" import:admin initiate
Oct 24 13:23:38 fwvpn pluto[5067]: | duplicating state object #1
Oct 24 13:23:38 fwvpn pluto[5067]: | creating state object #2 at 0x98b2810
Oct 24 13:23:38 fwvpn pluto[5067]: | processing connection bov
Oct 24 13:23:38 fwvpn pluto[5067]: | ICOOKIE: d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | RCOOKIE: 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | state hash entry 13
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting state object #2 on chain 13
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting event EVENT_SO_DISCARD,
timeout in 0 seconds for #2
Oct 24 13:23:38 fwvpn pluto[5067]: | event added at head of queue
Oct 24 13:23:38 fwvpn pluto[5067]: | kernel_alg_esp_enc_ok(3,0): alg_id=3,
alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
Oct 24 13:23:38 fwvpn pluto[5067]: | kernel_alg_esp_enc_keylen():alg_id=3,
keylen=24
Oct 24 13:23:38 fwvpn pluto[5067]: | kernel_alg_esp_auth_keylen(auth=2,
sadb_aalg=3): a_keylen=20
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #2: initiating Quick Mode
PSK+ENCRYPT+TUNNEL+PFS+UP+IKEv2ALLOW {using isakmp#1 msgid:c83b67f5
proposal=3DES(3)_192-SHA1(2)_160 pfsgroup=OAKLEY_GROUP_MODP1024}
Oct 24 13:23:38 fwvpn pluto[5067]: | 0: w->pcw_dead: 0 w->pcw_work: 0 cnt: 3
Oct 24 13:23:38 fwvpn pluto[5067]: | asking helper 0 to do build_kenonce op
on seq: 3 (len=2668, pcw_work=1)
Oct 24 13:23:38 fwvpn pluto[5067]: | crypto helper write of request:
cnt=2668<wlen=2668.
Oct 24 13:23:38 fwvpn pluto[5067]: | deleting event for #2
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting event EVENT_CRYPTO_FAILED,
timeout in 300 seconds for #2
Oct 24 13:23:38 fwvpn pluto[5067]: | event added after event
EVENT_PENDING_PHASE2
Oct 24 13:23:38 fwvpn pluto[5067]: | * processed 0 messages from
cryptographic helpers
Oct 24 13:23:38 fwvpn pluto[5071]: ! helper 0 read 2664+4/2668 bytesfd: 8
Oct 24 13:23:38 fwvpn pluto[5071]: ! helper 0 doing build_kenonce op id: 3
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_NAT_T_KEEPALIVE in 20
seconds
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_NAT_T_KEEPALIVE in 20
seconds
Oct 24 13:23:38 fwvpn pluto[5071]: ! Local DH secret:
Oct 24 13:23:38 fwvpn pluto[5071]: ! c6 12 79 08 81 85 ba c8 e5 0f d2 b5
3b b6 43 bf
Oct 24 13:23:38 fwvpn pluto[5071]: ! 5f 01 20 1d 62 97 c1 c9 34 dc ff b3
60 4a c0 83
Oct 24 13:23:38 fwvpn pluto[5071]: ! Public DH value sent:
Oct 24 13:23:38 fwvpn pluto[5071]: ! 1b 7b 10 3b 09 76 70 b4 49 25 8b f5
de c5 01 6d
Oct 24 13:23:38 fwvpn pluto[5071]: ! 02 64 88 b5 63 4b 29 5c e0 90 31 93
35 5e a0 12
Oct 24 13:23:38 fwvpn pluto[5071]: ! fd 57 24 09 f9 2b e4 3d 09 11 e8 e9
26 0c 92 f6
Oct 24 13:23:38 fwvpn pluto[5071]: ! 42 3c 94 ed 01 50 97 2c f8 79 3f aa
b2 2c e7 83
Oct 24 13:23:38 fwvpn pluto[5071]: ! 3b 37 50 3c c1 b8 78 59 bd 5c ee e5
89 4e 21 3d
Oct 24 13:23:38 fwvpn pluto[5071]: ! ac 2d 81 8e 6c 53 8a ac 62 5a 74 07
81 9d e4 37
Oct 24 13:23:38 fwvpn pluto[5071]: ! 51 ca 78 4f 73 91 a0 0f ab ba e6 2c
df 12 57 be
Oct 24 13:23:38 fwvpn pluto[5071]: ! a8 0c 55 3a b0 ff 82 8f 01 69 75 f8
9a d6 1a 48
Oct 24 13:23:38 fwvpn pluto[5071]: ! Generated nonce:
Oct 24 13:23:38 fwvpn pluto[5071]: ! 61 25 58 e4 89 4f 16 00 89 5a 60 e1
7f e2 67 e7
Oct 24 13:23:38 fwvpn pluto[5067]: |
Oct 24 13:23:38 fwvpn pluto[5067]: | helper 0 has finished work (cnt now 1)
Oct 24 13:23:38 fwvpn pluto[5067]: | helper 0 replies to id: q#3
Oct 24 13:23:38 fwvpn pluto[5067]: | calling callback function 0x8076daa
Oct 24 13:23:38 fwvpn pluto[5067]: | quick outI1: calculated ke+nonce,
sending I1
Oct 24 13:23:38 fwvpn pluto[5067]: | processing connection bov
Oct 24 13:23:38 fwvpn pluto[5067]: | **emit ISAKMP Message:
Oct 24 13:23:38 fwvpn pluto[5067]: | initiator cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | responder cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_HASH
Oct 24 13:23:38 fwvpn pluto[5067]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
Oct 24 13:23:38 fwvpn pluto[5067]: | exchange type: ISAKMP_XCHG_QUICK
Oct 24 13:23:38 fwvpn pluto[5067]: | flags: ISAKMP_FLAG_ENCRYPTION
Oct 24 13:23:38 fwvpn pluto[5067]: | message ID: f5 67 3b c8
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Hash Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_SA
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 20 zero bytes of HASH into
ISAKMP Hash Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Hash Payload:
24
Oct 24 13:23:38 fwvpn pluto[5067]: | kernel_alg_db_new() initial
trans_cnt=96
Oct 24 13:23:38 fwvpn pluto[5067]: | kernel_alg_db_new() will return
p_new->protoid=3, p_new->trans_cnt=1
Oct 24 13:23:38 fwvpn pluto[5067]: | kernel_alg_db_new() trans[0]:
transid=3, attr_cnt=1, attrs[0].type=5, attrs[0].val=2
Oct 24 13:23:38 fwvpn pluto[5067]: | returning new proposal from esp_info
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Security Association
Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONCE
Oct 24 13:23:38 fwvpn pluto[5067]: | DOI: ISAKMP_DOI_IPSEC
Oct 24 13:23:38 fwvpn pluto[5067]: | ****emit IPsec DOI SIT:
Oct 24 13:23:38 fwvpn pluto[5067]: | IPsec DOI SIT: SIT_IDENTITY_ONLY
Oct 24 13:23:38 fwvpn pluto[5067]: | out_sa pcn: 0 has 1 valid proposals
Oct 24 13:23:38 fwvpn pluto[5067]: | out_sa pcn: 0 pn: 0<1 valid_count: 1
trans_cnt: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | ****emit ISAKMP Proposal Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | proposal number: 0
Oct 24 13:23:38 fwvpn pluto[5067]: | protocol ID: PROTO_IPSEC_ESP
Oct 24 13:23:38 fwvpn pluto[5067]: | SPI size: 4
Oct 24 13:23:38 fwvpn pluto[5067]: | number of transforms: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | netlink_get_spi: allocated 0xc24587a1
for esp.0 at 200.98.XXX.XXX
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 4 raw bytes of SPI into ISAKMP
Proposal Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | SPI c2 45 87 a1
Oct 24 13:23:38 fwvpn pluto[5067]: | *****emit ISAKMP Transform Payload
(ESP):
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | transform number: 0
Oct 24 13:23:38 fwvpn pluto[5067]: | transform ID: ESP_3DES
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP IPsec DOI attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: GROUP_DESCRIPTION
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 2
Oct 24 13:23:38 fwvpn pluto[5067]: | [2 is OAKLEY_GROUP_MODP1024]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP IPsec DOI attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: ENCAPSULATION_MODE
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | [1 is ENCAPSULATION_MODE_TUNNEL]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP IPsec DOI attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: SA_LIFE_TYPE
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 1
Oct 24 13:23:38 fwvpn pluto[5067]: | [1 is SA_LIFE_TYPE_SECONDS]
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP IPsec DOI attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: SA_LIFE_DURATION
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 28800
Oct 24 13:23:38 fwvpn pluto[5067]: | ******emit ISAKMP IPsec DOI attribute:
Oct 24 13:23:38 fwvpn pluto[5067]: | af+type: AUTH_ALGORITHM
Oct 24 13:23:38 fwvpn pluto[5067]: | length/value: 2
Oct 24 13:23:38 fwvpn pluto[5067]: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Transform
Payload (ESP): 28
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Proposal
Payload: 40
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Security
Association Payload: 52
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Nonce Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_KE
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 16 raw bytes of Ni into ISAKMP
Nonce Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | Ni 61 25 58 e4 89 4f 16 00 89 5a 60
e1 7f e2 67 e7
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Nonce
Payload: 20
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Key Exchange Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_ID
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 128 raw bytes of keyex value
into ISAKMP Key Exchange Payload
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value 1b 7b 10 3b 09 76 70 b4
49 25 8b f5 de c5 01 6d
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value 02 64 88 b5 63 4b 29 5c
e0 90 31 93 35 5e a0 12
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value fd 57 24 09 f9 2b e4 3d
09 11 e8 e9 26 0c 92 f6
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value 42 3c 94 ed 01 50 97 2c
f8 79 3f aa b2 2c e7 83
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value 3b 37 50 3c c1 b8 78 59
bd 5c ee e5 89 4e 21 3d
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value ac 2d 81 8e 6c 53 8a ac
62 5a 74 07 81 9d e4 37
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value 51 ca 78 4f 73 91 a0 0f
ab ba e6 2c df 12 57 be
Oct 24 13:23:38 fwvpn pluto[5067]: | keyex value a8 0c 55 3a b0 ff 82 8f
01 69 75 f8 9a d6 1a 48
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Key Exchange
Payload: 132
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Identification Payload
(IPsec DOI):
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_ID
Oct 24 13:23:38 fwvpn pluto[5067]: | ID type: ID_IPV4_ADDR_SUBNET
Oct 24 13:23:38 fwvpn pluto[5067]: | Protocol ID: 0
Oct 24 13:23:38 fwvpn pluto[5067]: | port: 0
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 4 raw bytes of client network
into ISAKMP Identification Payload (IPsec DOI)
Oct 24 13:23:38 fwvpn pluto[5067]: | client network 0a f7 14 e0
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 4 raw bytes of client mask
into ISAKMP Identification Payload (IPsec DOI)
Oct 24 13:23:38 fwvpn pluto[5067]: | client mask ff ff ff e0
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP
Identification Payload (IPsec DOI): 16
Oct 24 13:23:38 fwvpn pluto[5067]: | ***emit ISAKMP Identification Payload
(IPsec DOI):
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | ID type: ID_IPV4_ADDR
Oct 24 13:23:38 fwvpn pluto[5067]: | Protocol ID: 0
Oct 24 13:23:38 fwvpn pluto[5067]: | port: 0
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting 4 raw bytes of client network
into ISAKMP Identification Payload (IPsec DOI)
Oct 24 13:23:38 fwvpn pluto[5067]: | client network c8 13 3f eb
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP
Identification Payload (IPsec DOI): 12
Oct 24 13:23:38 fwvpn pluto[5067]: | HASH(1) computed:
Oct 24 13:23:38 fwvpn pluto[5067]: | 61 0d 51 61 52 e4 47 2c ae f6 c4 c5
d9 2b aa 50
Oct 24 13:23:38 fwvpn pluto[5067]: | fd b1 62 57
Oct 24 13:23:38 fwvpn pluto[5067]: | last Phase 1 IV: 30 2d 11 cc 91 85 a9
57
Oct 24 13:23:38 fwvpn pluto[5067]: | current Phase 1 IV: 30 2d 11 cc 91 85
a9 57
Oct 24 13:23:38 fwvpn pluto[5067]: | computed Phase 2 IV:
Oct 24 13:23:38 fwvpn pluto[5067]: | 22 ea 11 53 0c dd e6 74 77 df 91 de
3a 2b ec 67
Oct 24 13:23:38 fwvpn pluto[5067]: | 83 9d 46 8b
Oct 24 13:23:38 fwvpn pluto[5067]: | encrypting:
Oct 24 13:23:38 fwvpn pluto[5067]: | 01 00 00 18 61 0d 51 61 52 e4 47 2c
ae f6 c4 c5
Oct 24 13:23:38 fwvpn pluto[5067]: | d9 2b aa 50 fd b1 62 57 0a 00 00 34
00 00 00 01
Oct 24 13:23:38 fwvpn pluto[5067]: | 00 00 00 01 00 00 00 28 00 03 04 01
c2 45 87 a1
Oct 24 13:23:38 fwvpn pluto[5067]: | 00 00 00 1c 00 03 00 00 80 03 00 02
80 04 00 01
Oct 24 13:23:38 fwvpn pluto[5067]: | 80 01 00 01 80 02 70 80 80 05 00 02
04 00 00 14
Oct 24 13:23:38 fwvpn pluto[5067]: | 61 25 58 e4 89 4f 16 00 89 5a 60 e1
7f e2 67 e7
Oct 24 13:23:38 fwvpn pluto[5067]: | 05 00 00 84 1b 7b 10 3b 09 76 70 b4
49 25 8b f5
Oct 24 13:23:38 fwvpn pluto[5067]: | de c5 01 6d 02 64 88 b5 63 4b 29 5c
e0 90 31 93
Oct 24 13:23:38 fwvpn pluto[5067]: | 35 5e a0 12 fd 57 24 09 f9 2b e4 3d
09 11 e8 e9
Oct 24 13:23:38 fwvpn pluto[5067]: | 26 0c 92 f6 42 3c 94 ed 01 50 97 2c
f8 79 3f aa
Oct 24 13:23:38 fwvpn pluto[5067]: | b2 2c e7 83 3b 37 50 3c c1 b8 78 59
bd 5c ee e5
Oct 24 13:23:38 fwvpn pluto[5067]: | 89 4e 21 3d ac 2d 81 8e 6c 53 8a ac
62 5a 74 07
Oct 24 13:23:38 fwvpn pluto[5067]: | 81 9d e4 37 51 ca 78 4f 73 91 a0 0f
ab ba e6 2c
Oct 24 13:23:38 fwvpn pluto[5067]: | df 12 57 be a8 0c 55 3a b0 ff 82 8f
01 69 75 f8
Oct 24 13:23:38 fwvpn pluto[5067]: | 9a d6 1a 48 05 00 00 10 04 00 00 00
0a f7 14 e0
Oct 24 13:23:38 fwvpn pluto[5067]: | ff ff ff e0 00 00 00 0c 01 00 00 00
c8 13 3f eb
Oct 24 13:23:38 fwvpn pluto[5067]: | IV:
Oct 24 13:23:38 fwvpn pluto[5067]: | 22 ea 11 53 0c dd e6 74 77 df 91 de
3a 2b ec 67
Oct 24 13:23:38 fwvpn pluto[5067]: | 83 9d 46 8b
Oct 24 13:23:38 fwvpn pluto[5067]: | unpadded size is: 256
Oct 24 13:23:38 fwvpn pluto[5067]: | encrypting 256 using OAKLEY_3DES_CBC
Oct 24 13:23:38 fwvpn pluto[5067]: | next IV: e1 eb 98 59 80 98 8b e4
Oct 24 13:23:38 fwvpn pluto[5067]: | emitting length of ISAKMP Message: 284
Oct 24 13:23:38 fwvpn pluto[5067]: | sending 284 bytes for quick_outI1
through eth0:500 to 200.19.63.235:500 (using #2)
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19 6f 1a 78 33
29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | 08 10 20 01 f5 67 3b c8 00 00 01 1c
b5 18 9e fa
Oct 24 13:23:38 fwvpn pluto[5067]: | 30 e3 b6 0d 12 fb ae 97 12 e0 4a 67
24 90 82 2d
Oct 24 13:23:38 fwvpn pluto[5067]: | 38 3d 98 01 f5 e2 4f fd 88 bc 8f b5
93 04 9f 92
Oct 24 13:23:38 fwvpn pluto[5067]: | 28 0e a2 d6 62 2e 4a 51 9d 40 70 87
d1 55 9a 41
Oct 24 13:23:38 fwvpn pluto[5067]: | db 33 8f b6 90 dd c9 6e cf 4b 70 e0
f3 9c 95 62
Oct 24 13:23:38 fwvpn pluto[5067]: | 0f a9 14 a3 34 4e 9c 37 de d8 86 d6
5b dc 1a 07
Oct 24 13:23:38 fwvpn pluto[5067]: | f0 50 b9 bf c2 f3 78 e5 db 02 c9 c8
8d ef d4 51
Oct 24 13:23:38 fwvpn pluto[5067]: | a3 f0 53 68 e4 21 77 62 68 6d c9 7a
01 c1 20 8d
Oct 24 13:23:38 fwvpn pluto[5067]: | 5e e6 a9 b1 cc fa bd 1f 3f 4b a3 55
9f 07 b1 97
Oct 24 13:23:38 fwvpn pluto[5067]: | 14 bf 8b 83 ec dc 6f 11 f4 72 c7 64
ad 66 1a 3a
Oct 24 13:23:38 fwvpn pluto[5067]: | 04 e6 19 66 06 a1 82 9d 6d 47 1b 06
97 34 33 47
Oct 24 13:23:38 fwvpn pluto[5067]: | f3 39 23 5d 83 0b 15 13 ec 40 7f 7c
7f eb 80 a5
Oct 24 13:23:38 fwvpn pluto[5067]: | 9b bf f8 4a e9 6d 81 ed 18 54 17 b5
29 de 79 13
Oct 24 13:23:38 fwvpn pluto[5067]: | f3 db 16 98 62 1a 6c 29 14 fb 91 06
c8 c3 13 d0
Oct 24 13:23:38 fwvpn pluto[5067]: | 7b 73 65 12 cd a8 e3 2c 1f 28 f4 6c
fb 81 a4 0e
Oct 24 13:23:38 fwvpn pluto[5067]: | 1a 00 18 1a 86 28 3a 35 bb b8 7f fe
d4 24 72 0c
Oct 24 13:23:38 fwvpn pluto[5067]: | 3c be 38 d3 e1 eb 98 59 80 98 8b e4
Oct 24 13:23:38 fwvpn pluto[5067]: | deleting event for #2
Oct 24 13:23:38 fwvpn pluto[5067]: | inserting event EVENT_RETRANSMIT,
timeout in 10 seconds for #2
Oct 24 13:23:38 fwvpn pluto[5067]: | event added at head of queue
Oct 24 13:23:38 fwvpn pluto[5067]: | * processed 1 messages from
cryptographic helpers
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_RETRANSMIT in 10
seconds for #2
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_RETRANSMIT in 10
seconds for #2
Oct 24 13:23:38 fwvpn pluto[5067]: |
Oct 24 13:23:38 fwvpn pluto[5067]: | *received 84 bytes from
200.19.63.235:500 on eth0 (port=500)
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19 6f 1a 78 33
29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | 08 10 05 01 7f 00 cd 7d 00 00 00 54
12 c4 6d ac
Oct 24 13:23:38 fwvpn pluto[5067]: | 8c b8 f5 28 b5 5b ad 04 8e 3b ba a3
b1 aa c5 f6
Oct 24 13:23:38 fwvpn pluto[5067]: | 53 7e 02 05 0d bc de aa 02 49 f8 c6
bb e9 cf 5a
Oct 24 13:23:38 fwvpn pluto[5067]: | 3c ec d0 ec 7c 86 bb 6d 6b 27 d4 60
79 06 a8 bb
Oct 24 13:23:38 fwvpn pluto[5067]: | b8 1e a9 b7
Oct 24 13:23:38 fwvpn pluto[5067]: | **parse ISAKMP Message:
Oct 24 13:23:38 fwvpn pluto[5067]: | initiator cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | responder cookie:
Oct 24 13:23:38 fwvpn pluto[5067]: | 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_HASH
Oct 24 13:23:38 fwvpn pluto[5067]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
Oct 24 13:23:38 fwvpn pluto[5067]: | exchange type: ISAKMP_XCHG_INFO
Oct 24 13:23:38 fwvpn pluto[5067]: | flags: ISAKMP_FLAG_ENCRYPTION
Oct 24 13:23:38 fwvpn pluto[5067]: | message ID: 7f 00 cd 7d
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 84
Oct 24 13:23:38 fwvpn pluto[5067]: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_INFO (5)
Oct 24 13:23:38 fwvpn pluto[5067]: | ICOOKIE: d3 e2 ba cf f8 1a 8a 19
Oct 24 13:23:38 fwvpn pluto[5067]: | RCOOKIE: 6f 1a 78 33 29 53 c1 c9
Oct 24 13:23:38 fwvpn pluto[5067]: | state hash entry 13
Oct 24 13:23:38 fwvpn pluto[5067]: | peer and cookies match on #2, provided
msgid 00000000 vs f5673bc8/00000000
Oct 24 13:23:38 fwvpn pluto[5067]: | peer and cookies match on #1, provided
msgid 00000000 vs 00000000/00000000
Oct 24 13:23:38 fwvpn pluto[5067]: | p15 state object #1 found, in
STATE_MAIN_I4
Oct 24 13:23:38 fwvpn pluto[5067]: | processing connection bov
Oct 24 13:23:38 fwvpn pluto[5067]: | last Phase 1 IV: 30 2d 11 cc 91 85 a9
57
Oct 24 13:23:38 fwvpn pluto[5067]: | current Phase 1 IV: 30 2d 11 cc 91 85
a9 57
Oct 24 13:23:38 fwvpn pluto[5067]: | computed Phase 2 IV:
Oct 24 13:23:38 fwvpn pluto[5067]: | 1f 2b 6d b0 f8 8e d9 73 10 95 31 c2
00 b4 db 90
Oct 24 13:23:38 fwvpn pluto[5067]: | 17 1e 65 25
Oct 24 13:23:38 fwvpn pluto[5067]: | received encrypted packet from
200.19.63.235:500
Oct 24 13:23:38 fwvpn pluto[5067]: | decrypting 56 bytes using algorithm
OAKLEY_3DES_CBC
Oct 24 13:23:38 fwvpn pluto[5067]: | decrypted:
Oct 24 13:23:38 fwvpn pluto[5067]: | 0b 00 00 18 fd 8a e0 de 2d 0e 32 56
a7 4e 3d d9
Oct 24 13:23:38 fwvpn pluto[5067]: | b6 43 41 c7 02 04 3c 04 00 00 00 1c
00 00 00 01
Oct 24 13:23:38 fwvpn pluto[5067]: | 03 04 00 0e c2 45 87 a1 0a 00 00 34
00 00 00 01
Oct 24 13:23:38 fwvpn pluto[5067]: | 00 00 00 01 00 00 00 00
Oct 24 13:23:38 fwvpn pluto[5067]: | next IV: 79 06 a8 bb b8 1e a9 b7
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x100(ISAKMP_NEXT_HASH)
needed: 0x100 opt: 0x0
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP Hash Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_N
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 24
Oct 24 13:23:38 fwvpn pluto[5067]: | got payload 0x800(ISAKMP_NEXT_N)
needed: 0x0 opt: 0x0
Oct 24 13:23:38 fwvpn pluto[5067]: | ***parse ISAKMP Notification Payload:
Oct 24 13:23:38 fwvpn pluto[5067]: | next payload type: ISAKMP_NEXT_NONE
Oct 24 13:23:38 fwvpn pluto[5067]: | length: 28
Oct 24 13:23:38 fwvpn pluto[5067]: | DOI: ISAKMP_DOI_IPSEC
Oct 24 13:23:38 fwvpn pluto[5067]: | protocol ID: 3
Oct 24 13:23:38 fwvpn pluto[5067]: | SPI size: 4
Oct 24 13:23:38 fwvpn pluto[5067]: | Notify Message Type:
NO_PROPOSAL_CHOSEN
Oct 24 13:23:38 fwvpn pluto[5067]: | removing 4 bytes of padding
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: ignoring informational payload,
type NO_PROPOSAL_CHOSEN msgid=00000000
Oct 24 13:23:38 fwvpn pluto[5067]: | info: c2 45 87 a1 0a 00 00 34 00 00
00 01 00 00 00 01
Oct 24 13:23:38 fwvpn pluto[5067]: | processing informational
NO_PROPOSAL_CHOSEN (14)
Oct 24 13:23:38 fwvpn pluto[5067]: "bov" #1: received and ignored
informational message
Oct 24 13:23:38 fwvpn pluto[5067]: | complete state transition with
STF_IGNORE
Oct 24 13:23:38 fwvpn pluto[5067]: | * processed 0 messages from
cryptographic helpers
Oct 24 13:23:38 fwvpn pluto[5067]: | next event EVENT_RETRANSMIT in 10
seconds for #2
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20111024/3b51217b/attachment-0001.html
More information about the Users
mailing list