IPv6 readyNote: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

[Users] Win2k - Freeswan: Windows CryptVerifySignature error

From: Seide, S (Stefan.Seide_at_t-systems.com)
Date: Wed Mar 27 2002 - 18:13:35 CET

Hi,

I'm trying to connect a Windows 2000 SP2 client to a Freeswan gateway

The Linux Side is SuSE Linux 7.1 + Freeswan 1.96/X.509 Patch 0.99.
For the Windows Client I used the IPSec-Tool to create the rules an to
import the certificates. Verifing the certificates with the IPSec-Snapin
I found the following ones (sorry, do not know the english names):
- my own cert with private key under
  "lokaler Computer -> Eigene Zertifikate -> Zertifikate"
- Root certificate
  "lokaler Computer -> Vertrauenswuerdige Stammzertifizierungsstellen -> Zertifikate"
- IPSec gateway certificate
  "lokaler Computer -> Zwischenzertifizierungsstellen -> Zertifikate"
looking at their properties, all certificates seems to be valid

Now, tying to ping a host behind the gateway, windows starts establishing a SA but
fails with error messages in oakley.log. On the Linux side nothing went wrong -
the logfile shows that windows is sending an AUTHENTICATION_FAILED

Using another windows client (98/NT) with PGPnet and the same certificates or Win2K
with preshared secrets everything works fine.

TIA,
Stefan Seide

x.x.x.x - Win2k
y.y.y.y - IPSec gateway
z.z.z.z - host behind gateway

oakley.log
==========

3-27: 12:37:41:160 Posting acquire: op=812A7468 src=x.x.x.x.0 dst=z.z.z.z.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.0, Tunnel 1, TunnelEndpt=y.y.y.y Inbound TunnelEndpt=x.x.x.x
 3-27: 12:37:41:160 Acquire thread waiting
 3-27: 12:37:41:104 find(ipsec): 2ee48014-490d-48c0-b6f5351917e0a9a0
 3-27: 12:37:41:104 outstanding_kernel_req returned 0
 3-27: 12:37:41:104 Created new SA 239cd0
 3-27: 12:37:41:104 Acquire: src = x.x.x.x.0000, dst = y.y.y.y.62465, proto = 00, context = 812A7468, ProxySrc = x.x.x.x.0000, ProxyDst = z.z.z.0.0000 SrcMask = 0.0.0.0 DstMask = 255.255.255.0
 3-27: 12:37:41:104 constructing ISAKMP Header
 3-27: 12:37:41:104 constructing SA (ISAKMP)
 3-27: 12:37:41:104 find(isakmp): 2ee48014-490d-48c0-b6f5351917e0a9a0
 3-27: 12:37:41:104 Setting group desc
 3-27: 12:37:41:104 Setting group desc
 3-27: 12:37:41:104 Setting group desc
 3-27: 12:37:41:104 Setting group desc
 3-27: 12:37:41:104 Constructing Vendor
 3-27: 12:37:41:104 Throw: State mask=1
 3-27: 12:37:41:104 Added Timeout ba588
 3-27: 12:37:41:104 Setting Retransmit: sa 239cd0 handle ba588 context 23a478
 3-27: 12:37:41:104
 3-27: 12:37:41:104 Sending: SA = 0x00239CD0 to y.y.y.y
 3-27: 12:37:41:104 ISAKMP Header: (V1.0), len = 216
 3-27: 12:37:41:104 I-COOKIE 2d1dadbe39531df4
 3-27: 12:37:41:104 R-COOKIE 0000000000000000
 3-27: 12:37:41:104 exchange: Oakley Main Mode
 3-27: 12:37:41:104 flags: 0
 3-27: 12:37:41:104 next payload: SA
 3-27: 12:37:41:104 message ID: 00000000
 3-27: 12:37:41:104
 3-27: 12:37:41:104 Resume: (get) SA = 0x00239cd0 from y.y.y.y
 3-27: 12:37:41:104 ISAKMP Header: (V1.0), len = 84
 3-27: 12:37:41:104 I-COOKIE 2d1dadbe39531df4
 3-27: 12:37:41:104 R-COOKIE 1276e8e52d99b5f9
 3-27: 12:37:41:104 exchange: Oakley Main Mode
 3-27: 12:37:41:104 flags: 0
 3-27: 12:37:41:104 next payload: SA
 3-27: 12:37:41:104 message ID: 00000000
 3-27: 12:37:41:104 Stopping RetransTimer sa:00239CD0 centry:00000000 handle:000BA588
 3-27: 12:37:41:104 processing payload SA
 3-27: 12:37:41:104 Received Phase 1 Transform 1
 3-27: 12:37:41:104 Encryption Alg Dreifach-DES CBC(5)
 3-27: 12:37:41:104 Hash Alg SHA(2)
 3-27: 12:37:41:104 Oakley Group 2
 3-27: 12:37:41:104 Auth Method RSA-Signatur mit Zertifikaten(3)
 3-27: 12:37:41:104 Life type in Seconds
 3-27: 12:37:41:104 Life duration of 28800
 3-27: 12:37:41:104 Phase 1 SA accepted: transform=1
 3-27: 12:37:42:104 SA - Oakley proposal accepted
 3-27: 12:37:42:104 In state OAK_MM_SA_SETUP
 3-27: 12:37:42:104 constructing ISAKMP Header
 3-27: 12:37:42:104 constructing KE
 3-27: 12:37:42:104 constructing NONCE (ISAKMP)
 3-27: 12:37:42:104 Throw: State mask=7
 3-27: 12:37:42:104
 3-27: 12:37:42:104 Sending: SA = 0x00239CD0 to y.y.y.y
 3-27: 12:37:42:104 ISAKMP Header: (V1.0), len = 184
 3-27: 12:37:42:104 I-COOKIE 2d1dadbe39531df4
 3-27: 12:37:42:104 R-COOKIE 1276e8e52d99b5f9
 3-27: 12:37:42:104 exchange: Oakley Main Mode
 3-27: 12:37:42:104 flags: 0
 3-27: 12:37:42:104 next payload: KE
 3-27: 12:37:42:104 message ID: 00000000
 3-27: 12:37:42:104
 3-27: 12:37:42:104 Resume: (get) SA = 0x00239cd0 from y.y.y.y
 3-27: 12:37:42:104 ISAKMP Header: (V1.0), len = 188
 3-27: 12:37:42:104 I-COOKIE 2d1dadbe39531df4
 3-27: 12:37:42:104 R-COOKIE 1276e8e52d99b5f9
 3-27: 12:37:42:104 exchange: Oakley Main Mode
 3-27: 12:37:42:104 flags: 0
 3-27: 12:37:42:104 next payload: KE
 3-27: 12:37:42:104 message ID: 00000000
 3-27: 12:37:42:104 Stopping RetransTimer sa:00239CD0 centry:00000000 handle:000BA588
 3-27: 12:37:42:104 processing payload KE
 3-27: 12:37:42:104 Generated 128 byte Shared Secret
 3-27: 12:37:42:104 KE processed; DH shared secret computed
 3-27: 12:37:42:104 processing payload NONCE
 3-27: 12:37:42:104 processing payload CR
 3-27: 12:37:42:104 Processing Cert request
 3-27: 12:37:42:104 In state OAK_MM_Key_EXCH
 3-27: 12:37:42:104 skeyid generated; crypto enabled (initiator)
 3-27: 12:37:42:104 constructing ISAKMP Header
 3-27: 12:37:42:104 constructing ID
 3-27: 12:37:42:104 Received no valid CRPs. Using all configured
 3-27: 12:37:42:104 Cert Trustes. 0 0
 3-27: 12:37:42:104 Key Contained Name
 3-27: 12:37:42:104 {536963ED-DCA0-4269-8733-A05177C3BB82}
 3-27: 12:37:42:104 Found try 1
 3-27: 12:37:42:104 constructing CERT
 3-27: 12:37:42:104 constructing SIG
 3-27: 12:37:42:104 Construct SIG
 3-27: 12:37:42:104 Hash algo 2
 3-27: 12:37:42:104 Initiator ID 09000000308183310b30090603550406
 3-27: 12:37:42:104 13024445310f300d0603550408130642
 3-27: 12:37:42:104 65726c696e31163014060355040a130d
 3-27: 12:37:42:104 542d4e6f7661204265726b6f6d310d30
 3-27: 12:37:42:104 0b060355040b13044541313531133011
 3-27: 12:37:42:104 0603550403130a495053656320546573
 3-27: 12:37:42:104 743127302506092a864886f70d010901
 3-27: 12:37:42:104 161873746566616e4067656f72676961
 3-27: 12:37:42:104 2e6265726b6f6d2e6465
 3-27: 12:37:42:104 Error 80090016 during CryptSignHash1!

 3-27: 12:37:42:104 Trying KE key
 3-27: 12:37:42:104 Signature Created Successfully
 3-27: 12:37:42:104 Sig LE: f275cbd20929ba915fe7d0b9b46d586b
 3-27: 12:37:42:104 0b0d6cc34beb1e7ab9d96fc88547191e
 3-27: 12:37:42:104 2dc3a72f1eb95d86d547774940c1e1a0
 3-27: 12:37:42:104 ca9787cb09c4c629e563dae3e241bacd
 3-27: 12:37:42:104 2c63cfc8e1862ff576ba85f611b665e9
 3-27: 12:37:42:104 bc815176252b9b2970c61076da8c543c
 3-27: 12:37:42:104 8a7e4c2926a5d0e5da7b5de4b2fbe01a
 3-27: 12:37:42:104 24f251ce69ac6f96a27be5e806a84b5e
 3-27: 12:37:42:104
 3-27: 12:37:42:104 SIG BE: 5e4ba806e8e57ba2966fac69ce51f224
 3-27: 12:37:42:104 1ae0fbb2e45d7bdae5d0a526294c7e8a
 3-27: 12:37:42:104 3c548cda7610c670299b2b25765181bc
 3-27: 12:37:42:104 e965b611f685ba76f52f86e1c8cf632c
 3-27: 12:37:42:104 cdba41e2e3da63e529c6c409cb8797ca
 3-27: 12:37:42:104 a0e1c140497747d5865db91e2fa7c32d
 3-27: 12:37:42:104 1e194785c86fd9b97a1eeb4bc36c0d0b
 3-27: 12:37:42:104 6b586db4b9d0e75f91ba2909d2cb75f2
 3-27: 12:37:42:104
 3-27: 12:37:42:104 AuthCount 1
 3-27: 12:37:42:104 Constructing Cert Request
 3-27: 12:37:42:104 Setting CertReq type
 3-27: 12:37:42:104 Throw: State mask=111f
 3-27: 12:37:42:104 Doing tripleDES
 3-27: 12:37:42:104
 3-27: 12:37:42:104 Sending: SA = 0x00239CD0 to y.y.y.y
 3-27: 12:37:42:104 ISAKMP Header: (V1.0), len = 1572
 3-27: 12:37:42:104 I-COOKIE 2d1dadbe39531df4
 3-27: 12:37:42:104 R-COOKIE 1276e8e52d99b5f9
 3-27: 12:37:42:104 exchange: Oakley Main Mode
 3-27: 12:37:42:104 flags: 1 ( encrypted )
 3-27: 12:37:42:104 next payload: ID
 3-27: 12:37:42:104 message ID: 00000000
 3-27: 12:37:43:104
 3-27: 12:37:43:104 Resume: (get) SA = 0x00239cd0 from y.y.y.y
 3-27: 12:37:43:104 ISAKMP Header: (V1.0), len = 1292
 3-27: 12:37:43:104 I-COOKIE 2d1dadbe39531df4
 3-27: 12:37:43:104 R-COOKIE 1276e8e52d99b5f9
 3-27: 12:37:43:104 exchange: Oakley Main Mode
 3-27: 12:37:43:104 flags: 1 ( encrypted )
 3-27: 12:37:43:104 next payload: ID
 3-27: 12:37:43:104 message ID: 00000000
 3-27: 12:37:43:104 Doing tripleDES
 3-27: 12:37:43:104 Stopping RetransTimer sa:00239CD0 centry:00000000 handle:000BA588
 3-27: 12:37:43:104 processing payload ID
 3-27: 12:37:43:104 Process Id
 3-27: 12:37:43:104 processing payload CERT
 3-27: 12:37:43:104 Processing Cert
 3-27: 12:37:43:104 ProcessingCert
 3-27: 12:37:43:104 processing payload SIG
 3-27: 12:37:43:104 Process SIG
 3-27: 12:37:43:104 Verifying CertStore
 3-27: 12:37:43:104 Cert Trustes. 0 0
 3-27: 12:37:43:104 Matched Name in cert host.domain.tld
 3-27: 12:37:43:104 Cert lifetime in seconds low 43117638, high 0
 3-27: 12:37:43:104 Responder ID 0200000067656f726769612e6265726b
 3-27: 12:37:43:104 6f6d2e6465
 3-27: 12:37:43:104 Sig to Verify d235ca7d758c6632b094a08d4670a4c7
 3-27: 12:37:43:104 f6aec722c3098e8408e037fb49b38230
 3-27: 12:37:43:104 ecbc3da42df2e4956c3f7ddb3ab933a6
 3-27: 12:37:43:104 9cc3b9568d2883238a224742efde80cf
 3-27: 12:37:43:104 dfd1e4f633babb51eb2ed2db4d4ed5a5
 3-27: 12:37:43:104 0cc0a6bfcf1bdffc95dcd5d2a810c25f
 3-27: 12:37:43:104 d8dd26658106ff698fae01d81e5b56f0
 3-27: 12:37:43:104 63e1eef54abbf818fa9d5d24bda26913
 3-27: 12:37:43:104
 3-27: 12:37:43:104 Error 80090006 during CryptVerifySignature!

 3-27: 12:37:43:104 Zertifikatsbasierte Identität.
Antragsteller DE, Ort, Name, Name2, IPSec Gateway, root_at_host.domain.tld
Ausstellende Zertifizierungsstelle DE, Ort, Name, Name2, OU, ON, ca_at_host.domain.td
Stammzertifizierungsstelle DE, Ort, Name, Name2, OU, ON, ca_at_host.domain.td
Peer-IP-Adresse: y.y.y.y

 3-27: 12:37:43:104 Quell-IP-Adresse x.x.x.x
Quell-IP-Adressmaske 255.255.255.255
Ziel-IP-Adresse y.y.y.y
Ziel-IP-Adressmaske 255.255.255.255
Protokoll 0
Quellport 0
Zielport 0

 3-27: 12:37:43:104 constructing ISAKMP Header
 3-27: 12:37:43:104 constructing HASH (null)
 3-27: 12:37:43:104 constructing NOTIFY 24
 3-27: 12:37:43:104 constructing HASH (ND)
 3-27: 12:37:43:104 Construct ND hash message len = 28 pcklen=80 hashlen=20
 3-27: 12:37:43:104 Construct ND Hash mess ID c85e47fb
 3-27: 12:37:43:104 ND Hash skeyid_a 9a4e67b6d913e81a12a2c498b2a5000f
 3-27: 12:37:43:104 f1fb0657
 3-27: 12:37:43:104 ND Hash message 0000001c00000001011000182d1dadbe
 3-27: 12:37:43:104 39531df41276e8e52d99b5f9
 3-27: 12:37:43:104 isadb_set_status sa:00239CD0 centry:00000000 status cbad033a
 3-27: 12:37:43:104 Schlüsselaustauschmodus (Hauptmodus)

 3-27: 12:37:43:104 Quell-IP-Adresse x.x.x.x
Quell-IP-Adressmaske 255.255.255.255
Ziel-IP-Adresse y.y.y.y
Ziel-IP-Adressmaske 255.255.255.255
Protokoll 0
Quellport 0
Zielport 0

 3-27: 12:37:43:104 Benutzer

 3-27: 12:37:43:104 Die Signatur konnte nicht überprüft werden.

 3-27: 12:37:43:104 ProcessFailure: sa:00239CD0 centry:00000000 status:cbad033a
 3-27: 12:37:43:104 Notify already constructed. Ignoring. Sa 00239CD0
 3-27: 12:37:43:104 Throw: State mask=200111f
 3-27: 12:37:43:104 Doing tripleDES
 3-27: 12:37:43:104
 3-27: 12:37:43:104 Sending: SA = 0x00239CD0 to 141.39.77.30
 3-27: 12:37:43:104 ISAKMP Header: (V1.0), len = 84
 3-27: 12:37:43:104 I-COOKIE 2d1dadbe39531df4
 3-27: 12:37:43:104 R-COOKIE 1276e8e52d99b5f9
 3-27: 12:37:43:104 exchange: ISAKMP Informational Exchange
 3-27: 12:37:43:104 flags: 1 ( encrypted )
 3-27: 12:37:43:104 next payload: HASH
 3-27: 12:37:43:104 message ID: c85e47fb
 3-27: 12:39:40:104 SA Dead. sa:00239CD0 status:cbad0328
 3-27: 12:39:40:104 constructing ISAKMP Header
 3-27: 12:39:40:104 constructing HASH (null)
 3-27: 12:39:40:104 constructing DELETE
 3-27: 12:39:40:104 constructing HASH (ND)
 3-27: 12:39:40:104 Construct ND hash message len = 28 pcklen=80 hashlen=20
 3-27: 12:39:40:104 Construct ND Hash mess ID 67fde8c4
 3-27: 12:39:40:104 ND Hash skeyid_a 9a4e67b6d913e81a12a2c498b2a5000f
 3-27: 12:39:40:104 f1fb0657
 3-27: 12:39:40:104 ND Hash message 0000001c00000001011000012d1dadbe
 3-27: 12:39:40:104 39531df41276e8e52d99b5f9
 3-27: 12:39:40:104 Throw: State mask=111f
 3-27: 12:39:40:104 Doing tripleDES
 3-27: 12:39:40:104
 3-27: 12:39:40:104 Sending: SA = 0x00239CD0 to y.y.y.y
 3-27: 12:39:40:104 ISAKMP Header: (V1.0), len = 84
 3-27: 12:39:40:104 I-COOKIE 2d1dadbe39531df4
 3-27: 12:39:40:104 R-COOKIE 1276e8e52d99b5f9
 3-27: 12:39:40:104 exchange: ISAKMP Informational Exchange
 3-27: 12:39:40:104 flags: 1 ( encrypted )
 3-27: 12:39:40:104 next payload: HASH
 3-27: 12:39:40:104 message ID: 67fde8c4
 3-27: 12:39:40:104 Deleting SA 00239CD0
 

last part of pluto output (where the connection fails)
======================================================

Mar 27 14:02:47 georgia Pluto[30473]: | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #2
Mar 27 14:02:47 georgia Pluto[30473]: "rw" x.x.x.x #2: sent MR3, ISAKMP SA established
Mar 27 14:02:47 georgia Pluto[30473]: | next event EVENT_SHUNT_SCAN in 107 seconds
Mar 27 14:02:47 georgia Pluto[30473]: |
Mar 27 14:02:47 georgia Pluto[30473]: | *received 84 bytes from x.x.x.x:500 on eth0
Mar 27 14:02:47 georgia Pluto[30473]: | 45 dd 1d ce 0d 54 26 e7 b9 85 19 10 85 94 93 1b
Mar 27 14:02:47 georgia Pluto[30473]: | 08 10 05 01 35 d0 33 f9 00 00 00 54 93 7d 23 e2
Mar 27 14:02:47 georgia Pluto[30473]: | 28 10 6f d2 8f 10 24 45 b1 d6 a6 c1 58 cc 9f 4a
Mar 27 14:02:47 georgia Pluto[30473]: | 1f 03 72 e9 6b e1 28 e3 e0 91 bf aa ff be 59 67
Mar 27 14:02:47 georgia Pluto[30473]: | ce 93 9c dd fe fe f6 53 69 aa 18 c0 67 55 cf 6e
Mar 27 14:02:47 georgia Pluto[30473]: | b4 4b 72 16
Mar 27 14:02:47 georgia Pluto[30473]: | **parse ISAKMP Message:
Mar 27 14:02:47 georgia Pluto[30473]: | initiator cookie:
Mar 27 14:02:47 georgia Pluto[30473]: | 45 dd 1d ce 0d 54 26 e7
Mar 27 14:02:47 georgia Pluto[30473]: | responder cookie:
Mar 27 14:02:47 georgia Pluto[30473]: | b9 85 19 10 85 94 93 1b
Mar 27 14:02:47 georgia Pluto[30473]: | next payload type: ISAKMP_NEXT_HASH
Mar 27 14:02:47 georgia Pluto[30473]: | ISAKMP version: ISAKMP Version 1.0
Mar 27 14:02:47 georgia Pluto[30473]: | exchange type: ISAKMP_XCHG_INFO
Mar 27 14:02:47 georgia Pluto[30473]: | flags: ISAKMP_FLAG_ENCRYPTION
Mar 27 14:02:47 georgia Pluto[30473]: | message ID: 35 d0 33 f9
Mar 27 14:02:47 georgia Pluto[30473]: | length: 84
Mar 27 14:02:47 georgia Pluto[30473]: | ICOOKIE: 45 dd 1d ce 0d 54 26 e7
Mar 27 14:02:47 georgia Pluto[30473]: | RCOOKIE: b9 85 19 10 85 94 93 1b
Mar 27 14:02:47 georgia Pluto[30473]: | peer: 8d 27 24 0c
Mar 27 14:02:47 georgia Pluto[30473]: | state hash entry 11
Mar 27 14:02:47 georgia Pluto[30473]: | state object #2 found, in STATE_MAIN_R3
Mar 27 14:02:47 georgia Pluto[30473]: | computed Phase 2 IV:
Mar 27 14:02:47 georgia Pluto[30473]: | 97 be dd 5f 0c 5b dd 5b 2f 3a 63 98 17 28 44 85
Mar 27 14:02:47 georgia Pluto[30473]: | 77 57 a3 66
Mar 27 14:02:47 georgia Pluto[30473]: | received encrypted packet from x.x.x.x:500
Mar 27 14:02:47 georgia Pluto[30473]: | decrypting 56 bytes using algorithm OAKLEY_3DES_CBC
Mar 27 14:02:47 georgia Pluto[30473]: | decrypted:
Mar 27 14:02:47 georgia Pluto[30473]: | 0b 00 00 18 49 91 e6 b7 72 c6 c7 b2 81 8c 18 68
Mar 27 14:02:47 georgia Pluto[30473]: | 7f ec 4a f2 f5 e4 40 23 00 00 00 1c 00 00 00 01
Mar 27 14:02:47 georgia Pluto[30473]: | 01 10 00 18 45 dd 1d ce 0d 54 26 e7 b9 85 19 10
Mar 27 14:02:47 georgia Pluto[30473]: | 85 94 93 1b 00 00 00 00
Mar 27 14:02:47 georgia Pluto[30473]: | next IV: 67 55 cf 6e b4 4b 72 16
Mar 27 14:02:47 georgia Pluto[30473]: | ***parse ISAKMP Hash Payload:
Mar 27 14:02:47 georgia Pluto[30473]: | next payload type: ISAKMP_NEXT_N
Mar 27 14:02:47 georgia Pluto[30473]: | length: 24
Mar 27 14:02:47 georgia Pluto[30473]: | ***parse ISAKMP Notification Payload:
Mar 27 14:02:47 georgia Pluto[30473]: | next payload type: ISAKMP_NEXT_NONE
Mar 27 14:02:47 georgia Pluto[30473]: | length: 28
Mar 27 14:02:47 georgia Pluto[30473]: | DOI: ISAKMP_DOI_IPSEC
Mar 27 14:02:47 georgia Pluto[30473]: | protocol ID: 1
Mar 27 14:02:47 georgia Pluto[30473]: | SPI size: 16
Mar 27 14:02:47 georgia Pluto[30473]: | Notify Message Type: AUTHENTICATION_FAILED
Mar 27 14:02:47 georgia Pluto[30473]: | removing 4 bytes of padding
Mar 27 14:02:47 georgia Pluto[30473]: "rw" x.x.x.x #2: ignoring informational payload, type AUTHENTICATION_FAILED
Mar 27 14:02:47 georgia Pluto[30473]: | info: 45 dd 1d ce 0d 54 26 e7 b9 85 19 10 85 94 93 1b
Mar 27 14:02:47 georgia Pluto[30473]: "rw" x.x.x.x #2: received and ignored informational message
Mar 27 14:02:47 georgia Pluto[30473]: | next event EVENT_SHUNT_SCAN in 107 seconds
Mar 27 14:04:34 georgia Pluto[30473]: |
Mar 27 14:04:34 georgia Pluto[30473]: | *time to handle event
Mar 27 14:04:34 georgia Pluto[30473]: | event after this is EVENT_SA_REPLACE in 347 seconds
Mar 27 14:04:34 georgia Pluto[30473]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds
Mar 27 14:04:34 georgia Pluto[30473]: | next event EVENT_SHUNT_SCAN in 120 seconds
Mar 27 14:04:50 georgia Pluto[30473]: |
Mar 27 14:04:50 georgia Pluto[30473]: | *received 84 bytes from x.x.x.x:500 on eth0
Mar 27 14:04:50 georgia Pluto[30473]: | 45 dd 1d ce 0d 54 26 e7 b9 85 19 10 85 94 93 1b
Mar 27 14:04:50 georgia Pluto[30473]: | 08 10 05 01 e8 80 02 59 00 00 00 54 62 63 dc 4b
Mar 27 14:04:50 georgia Pluto[30473]: | 6f 04 22 ae 10 fb b8 64 1f 9e ff ef 91 6c 14 4b
Mar 27 14:04:50 georgia Pluto[30473]: | 13 b8 5b df 4b 0b ed 9a ca e1 5d b8 72 7b df c0
Mar 27 14:04:50 georgia Pluto[30473]: | 03 cd 2d 7e 4f ca d0 83 fc 00 c3 45 d4 72 d4 aa
Mar 27 14:04:50 georgia Pluto[30473]: | f5 33 39 73
Mar 27 14:04:50 georgia Pluto[30473]: | **parse ISAKMP Message:
Mar 27 14:04:50 georgia Pluto[30473]: | initiator cookie:
Mar 27 14:04:50 georgia Pluto[30473]: | 45 dd 1d ce 0d 54 26 e7
Mar 27 14:04:50 georgia Pluto[30473]: | responder cookie:
Mar 27 14:04:50 georgia Pluto[30473]: | b9 85 19 10 85 94 93 1b
Mar 27 14:04:50 georgia Pluto[30473]: | next payload type: ISAKMP_NEXT_HASH
Mar 27 14:04:50 georgia Pluto[30473]: | ISAKMP version: ISAKMP Version 1.0
Mar 27 14:04:50 georgia Pluto[30473]: | exchange type: ISAKMP_XCHG_INFO
Mar 27 14:04:50 georgia Pluto[30473]: | flags: ISAKMP_FLAG_ENCRYPTION
Mar 27 14:04:50 georgia Pluto[30473]: | message ID: e8 80 02 59
Mar 27 14:04:50 georgia Pluto[30473]: | length: 84
Mar 27 14:04:50 georgia Pluto[30473]: | ICOOKIE: 45 dd 1d ce 0d 54 26 e7
Mar 27 14:04:50 georgia Pluto[30473]: | RCOOKIE: b9 85 19 10 85 94 93 1b
Mar 27 14:04:50 georgia Pluto[30473]: | peer: 8d 27 24 0c
Mar 27 14:04:50 georgia Pluto[30473]: | state hash entry 11
Mar 27 14:04:50 georgia Pluto[30473]: | state object #2 found, in STATE_MAIN_R3
Mar 27 14:04:50 georgia Pluto[30473]: | computed Phase 2 IV:
Mar 27 14:04:50 georgia Pluto[30473]: | f5 bf 4d 09 f3 4a 5b ca 9d 11 43 98 00 96 b3 e6
Mar 27 14:04:50 georgia Pluto[30473]: | 32 e4 fb 7d
Mar 27 14:04:50 georgia Pluto[30473]: | received encrypted packet from x.x.x.x:500
Mar 27 14:04:50 georgia Pluto[30473]: | decrypting 56 bytes using algorithm OAKLEY_3DES_CBC
Mar 27 14:04:50 georgia Pluto[30473]: | decrypted:
Mar 27 14:04:50 georgia Pluto[30473]: | 0c 00 00 18 fc a7 2a 52 30 b5 bc fa ed f7 f1 48
Mar 27 14:04:50 georgia Pluto[30473]: | 03 9c 9e 3e 4a fc 1a 94 00 00 00 1c 00 00 00 01
Mar 27 14:04:50 georgia Pluto[30473]: | 01 10 00 01 45 dd 1d ce 0d 54 26 e7 b9 85 19 10
Mar 27 14:04:50 georgia Pluto[30473]: | 85 94 93 1b 00 00 00 00
Mar 27 14:04:50 georgia Pluto[30473]: | next IV: d4 72 d4 aa f5 33 39 73
Mar 27 14:04:50 georgia Pluto[30473]: | ***parse ISAKMP Hash Payload:
Mar 27 14:04:50 georgia Pluto[30473]: | next payload type: ISAKMP_NEXT_D
Mar 27 14:04:50 georgia Pluto[30473]: | length: 24
Mar 27 14:04:50 georgia Pluto[30473]: | ***parse ISAKMP Delete Payload:
Mar 27 14:04:50 georgia Pluto[30473]: | next payload type: ISAKMP_NEXT_NONE
Mar 27 14:04:50 georgia Pluto[30473]: | length: 28
Mar 27 14:04:50 georgia Pluto[30473]: | DOI: ISAKMP_DOI_IPSEC
Mar 27 14:04:50 georgia Pluto[30473]: | protocol ID: 1
Mar 27 14:04:50 georgia Pluto[30473]: | SPI size: 16
Mar 27 14:04:50 georgia Pluto[30473]: | number of SPIs: 1
Mar 27 14:04:50 georgia Pluto[30473]: | removing 4 bytes of padding
Mar 27 14:04:50 georgia Pluto[30473]: "rw" x.x.x.x #2: ignoring Delete SA payload
Mar 27 14:04:50 georgia Pluto[30473]: | del: 45 dd 1d ce 0d 54 26 e7 b9 85 19 10 85 94 93 1b
Mar 27 14:04:50 georgia Pluto[30473]: "rw" x.x.x.x #2: received and ignored informational message
Mar 27 14:04:50 georgia Pluto[30473]: | next event EVENT_SHUNT_SCAN in 104 seconds
Mar 27 14:06:34 georgia Pluto[30473]: |
Mar 27 14:06:34 georgia Pluto[30473]: | *time to handle event
Mar 27 14:06:34 georgia Pluto[30473]: | event after this is EVENT_SA_REPLACE in 227 seconds
Mar 27 14:06:34 georgia Pluto[30473]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds
Mar 27 14:06:34 georgia Pluto[30473]: | next event EVENT_SHUNT_SCAN in 120 seconds
Mar 27 14:08:34 georgia Pluto[30473]: |
Mar 27 14:08:34 georgia Pluto[30473]: | *time to handle event
Mar 27 14:08:34 georgia Pluto[30473]: | event after this is EVENT_SA_REPLACE in 107 seconds
Mar 27 14:08:34 georgia Pluto[30473]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds
Mar 27 14:08:34 georgia Pluto[30473]: | next event EVENT_SA_REPLACE in 107 seconds for #1
Mar 27 14:10:21 georgia Pluto[30473]: |

last messages repeated on and on

----/.sig/------------------------------------------------------
Stefan Seide
Sprachübertagungssysteme, EA15.x T-Systems Nova GmbH, Berkom
e-mail: stefan.seide_at_t-systems.com Goslarer Ufer 35
phone: +49 30 3497 2359 D-10589 Berlin
fax: +49 30 3497 2967 Germany
---------------------------------------------------/.sig/-------

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:47 CEST