Note: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

RE: Re[4]: [Users] Freeswan Proposal Syntax

From: Myner, Josh (jmyner_at_gsite.com)
Date: Sun May 19 2002 - 07:56:27 CEST

Next message: jan0928: "*****SPAM***** [Users] The Visual FoxPro ODBC Driver. The driver will"
Previous message: Hanspeter Roth: "[Users] interoperability with Sidewinder"
Maybe in reply to: D. Hugh Redelmeier: "Re[4]: [Users] Freeswan Proposal Syntax"
Next in thread: Myner, Josh: "RE: Re[4]: [Users] Freeswan Proposal Syntax"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Regretfully, the guy on the AS/400 end can't upgrade due to management decisions. (Or so I'm told). On a positive note, it appears the ISAKMP SA is being established successfully now. The weird thing is... I haven't changed anything since the MR1 would not work. My guess is he did a reboot. Anyway, the IPsec connection is not coming up. I'm thinking this is either the AS/400 denying the connection based on policy, a routing problem with the ipsec0 interface on my end, or some other unknown bug. None of it seems to add up correctly though. I got word back that I'm filling up his error log.. ha.. (and he said there was no error.. sheesh).

Here is the error from his AS/400 end..

----------------------------------------------------------
Message ID . . . . . . : TCP870C
Date sent . . . . . . : 05/18/02 Time sent . . . . . . : 19:26:09
Message . . . . : Proposal not accepted with remote system 12.27.12.116
Cause . . . . . : A proposal was not chosen when negotiating with remote
  system 12.27.12.116 for VPN connection RESPONDER. The following additional
  information may be useful in resolving the problem:
    Proposed Exchange: 32.
    Local Role: Responder.
    Remote Proposal: ESP,3DES,XPORT,28800SEC,MD5:ESP,3DES,XPORT,28800SEC,SHA.
    Local Policy: ESP,3DES,1800SEC,100000K,XPORT,SHA.
----------------------------------------------------------

Once again, the ISAKMP SA is being established, but the IPSec is not.

Here is what I get doing a "ifconfig" on my system...

----------------------------------------------------------
eth0 Link encap:Ethernet HWaddr 00:B0:D0:D1:DE:21
          inet addr:12.27.12.116 Bcast:12.27.12.127 Mask:255.255.255.224
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:13086 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10941 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:1074064 (1.0 Mb) TX bytes:2108689 (2.0 Mb)
          Interrupt:11

ipsec0 Link encap:Ethernet HWaddr 00:B0:D0:D1:DE:21
          inet addr:12.27.12.116 Mask:255.255.255.224
          UP RUNNING NOARP MTU:16260 Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:72 overruns:0 carrier:0
          collisions:0 txqueuelen:10
          RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

lo Link encap:Local Loopback
          inet addr:127.0.0.1 Mask:255.0.0.0
          UP LOOPBACK RUNNING MTU:16436 Metric:1
          RX packets:12 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:854 (854.0 b) TX bytes:854 (854.0 b)
----------------------------------------------------------

Notice how the ipsec0 interface is dropping all packets? That makes me think it's a routing problem. However, since he can initiate the connection from his end with no problem, that doesn't make much sense.

"Whack" gives this as output...
----------------------------------------------------------
000 "worldpac": 12.27.12.116---12.27.12.97...63.89.49.214
000 "worldpac": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0
000 "worldpac": policy: PSK+ENCRYPT; interface: eth0; unrouted
000 "worldpac": newest ISAKMP SA: #1; newest IPsec SA: #0; eroute owner: #0
000
000 #2: "worldpac" STATE_QUICK_I1 (sent QI1, expecting QR1); EVENT_RETRANSMIT in 33s
000 #1: "worldpac" STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 2759s; newest ISAKMP
----------------------------------------------------------

I'm noticing one perticular interesting line in my Pluto log..

May 19 01:29:55 metro Pluto[868]: "worldpac" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN

Here is the entire pluto log from a fresh boot, manually bringing up the connection, and then looking at a brand new, empty upon boot /var/log/secure ...

----------------------------------------------------------
May 19 01:28:03 metro ipsec__plutorun: Starting Pluto subsystem...
May 19 01:28:03 metro Pluto[868]: Starting Pluto (FreeS/WAN Version 1.94)
May 19 01:28:04 metro Pluto[868]: | opening /dev/urandom
May 19 01:28:04 metro Pluto[868]: | inserting event EVENT_REINIT_SECRET, timeout in 3600 seconds
May 19 01:28:04 metro Pluto[868]: | process 868 listening for PF_KEY_V2 on file descriptor 6
May 19 01:28:04 metro Pluto[868]: | finish_pfkey_msg: SADB_REGISTER message 1 for AH
May 19 01:28:04 metro Pluto[868]: | 02 07 00 02 02 00 00 00 01 00 00 00 64 03 00 00
May 19 01:28:04 metro Pluto[868]: | pfkey_get: SADB_REGISTER message 1
May 19 01:28:04 metro Pluto[868]: | AH registered with kernel.
May 19 01:28:04 metro Pluto[868]: | finish_pfkey_msg: SADB_REGISTER message 2 for ESP
May 19 01:28:04 metro sshd[926]: Server listening on 0.0.0.0 port 22.
May 19 01:28:04 metro Pluto[868]: | 02 07 00 03 02 00 00 00 02 00 00 00 64 03 00 00
May 19 01:28:04 metro Pluto[868]: | pfkey_get: SADB_REGISTER message 2
May 19 01:28:04 metro Pluto[868]: | ESP registered with kernel.
May 19 01:28:04 metro Pluto[868]: | finish_pfkey_msg: SADB_REGISTER message 3 for IPCOMP
May 19 01:28:05 metro Pluto[868]: | 02 07 00 0a 02 00 00 00 03 00 00 00 64 03 00 00
May 19 01:28:05 metro Pluto[868]: | pfkey_get: SADB_REGISTER message 3
May 19 01:28:05 metro Pluto[868]: | IPCOMP registered with kernel.
May 19 01:28:05 metro Pluto[868]: | finish_pfkey_msg: SADB_REGISTER message 4 for IPIP
May 19 01:28:05 metro Pluto[868]: | 02 07 00 09 02 00 00 00 04 00 00 00 64 03 00 00
May 19 01:28:05 metro Pluto[868]: | pfkey_get: SADB_REGISTER message 4
May 19 01:28:05 metro Pluto[868]: | IPIP registered with kernel.
May 19 01:28:05 metro Pluto[868]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds
May 19 01:28:05 metro Pluto[868]: | next event EVENT_SHUNT_SCAN in 120 seconds
May 19 01:28:05 metro Pluto[868]: |
May 19 01:28:05 metro Pluto[868]: | *received whack message
May 19 01:28:05 metro Pluto[868]: added connection description "worldpac"
May 19 01:28:05 metro Pluto[868]: | 63.89.49.214...12.27.12.97---12.27.12.116
May 19 01:28:05 metro Pluto[868]: | ike_life: 3600s; ipsec_life: 1800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; policy: PSK+ENCRYPT
May 19 01:28:05 metro Pluto[868]: | next event EVENT_SHUNT_SCAN in 120 seconds
May 19 01:28:05 metro Pluto[868]: |
May 19 01:28:05 metro Pluto[868]: | *received whack message
May 19 01:28:05 metro Pluto[868]: listening for IKE messages
May 19 01:28:05 metro Pluto[868]: | found lo with address 127.0.0.1
May 19 01:28:05 metro Pluto[868]: | found eth0 with address 12.27.12.116
May 19 01:28:05 metro Pluto[868]: | found ipsec0 with address 12.27.12.116
May 19 01:28:05 metro Pluto[868]: adding interface ipsec0/eth0 12.27.12.116
May 19 01:28:05 metro Pluto[868]: | IP interface lo 127.0.0.1 has no matching ipsec* interface -- ignored
May 19 01:28:05 metro Pluto[868]: | could not open /proc/net/if_inet6
May 19 01:28:05 metro Pluto[868]: loading secrets from "/etc/ipsec.secrets"
May 19 01:28:05 metro Pluto[868]: | next event EVENT_SHUNT_SCAN in 120 seconds
May 19 01:29:13 metro sshd[1216]: Accepted password for admin from 24.247.112.43 port 1728
May 19 01:29:50 metro Pluto[868]: |
May 19 01:29:50 metro Pluto[868]: | *received whack message
May 19 01:29:50 metro Pluto[868]: | creating state object #1 at 0x8088d20
May 19 01:29:50 metro Pluto[868]: | ICOOKIE: 10 d2 7a bd 8d ec a6 25
May 19 01:29:50 metro Pluto[868]: | RCOOKIE: 00 00 00 00 00 00 00 00
May 19 01:29:50 metro Pluto[868]: | peer: 3f 59 31 d6
May 19 01:29:50 metro Pluto[868]: | state hash entry 26
May 19 01:29:50 metro Pluto[868]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #1
May 19 01:29:50 metro Pluto[868]: | Queuing pending Quick Mode with 63.89.49.214 "worldpac"
May 19 01:29:50 metro Pluto[868]: "worldpac" #1: initiating Main Mode
May 19 01:29:50 metro Pluto[868]: | **emit ISAKMP Message:
May 19 01:29:50 metro Pluto[868]: | initiator cookie:
May 19 01:29:50 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25
May 19 01:29:50 metro Pluto[868]: | responder cookie:
May 19 01:29:50 metro Pluto[868]: | 00 00 00 00 00 00 00 00
May 19 01:29:50 metro Pluto[868]: | next payload type: ISAKMP_NEXT_SA
May 19 01:29:50 metro Pluto[868]: | ISAKMP version: ISAKMP Version 1.0
May 19 01:29:50 metro Pluto[868]: | exchange type: ISAKMP_XCHG_IDPROT
May 19 01:29:50 metro Pluto[868]: | flags: none
May 19 01:29:50 metro Pluto[868]: | message ID: 00 00 00 00
May 19 01:29:50 metro Pluto[868]: | ***emit ISAKMP Security Association Payload:
May 19 01:29:50 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:50 metro Pluto[868]: | DOI: ISAKMP_DOI_IPSEC
May 19 01:29:50 metro Pluto[868]: | ****emit IPsec DOI SIT:
May 19 01:29:50 metro Pluto[868]: | IPsec DOI SIT: SIT_IDENTITY_ONLY
May 19 01:29:50 metro Pluto[868]: | ****emit ISAKMP Proposal Payload:
May 19 01:29:50 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:50 metro Pluto[868]: | proposal number: 1
May 19 01:29:50 metro Pluto[868]: | protocol ID: PROTO_ISAKMP
May 19 01:29:50 metro Pluto[868]: | SPI size: 0
May 19 01:29:50 metro Pluto[868]: | number of transforms: 4
May 19 01:29:50 metro Pluto[868]: | *****emit ISAKMP Transform Payload (ISAKMP):
May 19 01:29:50 metro Pluto[868]: | next payload type: ISAKMP_NEXT_T
May 19 01:29:50 metro Pluto[868]: | transform number: 0
May 19 01:29:50 metro Pluto[868]: | transform ID: KEY_IKE
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_LIFE_TYPE
May 19 01:29:50 metro Pluto[868]: | length/value: 1
May 19 01:29:50 metro Pluto[868]: | [1 is OAKLEY_LIFE_SECONDS]
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_LIFE_DURATION
May 19 01:29:50 metro Pluto[868]: | length/value: 3600
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 19 01:29:50 metro Pluto[868]: | length/value: 5
May 19 01:29:50 metro Pluto[868]: | [5 is OAKLEY_3DES_CBC]
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_HASH_ALGORITHM
May 19 01:29:50 metro Pluto[868]: | length/value: 1
May 19 01:29:50 metro Pluto[868]: | [1 is OAKLEY_MD5]
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 19 01:29:50 metro Pluto[868]: | length/value: 1
May 19 01:29:50 metro Pluto[868]: | [1 is OAKLEY_PRESHARED_KEY]
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 19 01:29:50 metro Pluto[868]: | length/value: 5
May 19 01:29:50 metro Pluto[868]: | [5 is OAKLEY_GROUP_MODP1536 (extension)]
May 19 01:29:50 metro Pluto[868]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
May 19 01:29:50 metro Pluto[868]: | *****emit ISAKMP Transform Payload (ISAKMP):
May 19 01:29:50 metro Pluto[868]: | next payload type: ISAKMP_NEXT_T
May 19 01:29:50 metro Pluto[868]: | transform number: 1
May 19 01:29:50 metro Pluto[868]: | transform ID: KEY_IKE
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_LIFE_TYPE
May 19 01:29:50 metro Pluto[868]: | length/value: 1
May 19 01:29:50 metro Pluto[868]: | [1 is OAKLEY_LIFE_SECONDS]
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_LIFE_DURATION
May 19 01:29:50 metro Pluto[868]: | length/value: 3600
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 19 01:29:50 metro Pluto[868]: | length/value: 5
May 19 01:29:50 metro Pluto[868]: | [5 is OAKLEY_3DES_CBC]
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_HASH_ALGORITHM
May 19 01:29:50 metro Pluto[868]: | length/value: 2
May 19 01:29:50 metro Pluto[868]: | [2 is OAKLEY_SHA]
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 19 01:29:50 metro Pluto[868]: | length/value: 1
May 19 01:29:50 metro Pluto[868]: | [1 is OAKLEY_PRESHARED_KEY]
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 19 01:29:50 metro Pluto[868]: | length/value: 5
May 19 01:29:50 metro Pluto[868]: | [5 is OAKLEY_GROUP_MODP1536 (extension)]
May 19 01:29:50 metro Pluto[868]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
May 19 01:29:50 metro Pluto[868]: | *****emit ISAKMP Transform Payload (ISAKMP):
May 19 01:29:50 metro Pluto[868]: | next payload type: ISAKMP_NEXT_T
May 19 01:29:50 metro Pluto[868]: | transform number: 2
May 19 01:29:50 metro Pluto[868]: | transform ID: KEY_IKE
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_LIFE_TYPE
May 19 01:29:50 metro Pluto[868]: | length/value: 1
May 19 01:29:50 metro Pluto[868]: | [1 is OAKLEY_LIFE_SECONDS]
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_LIFE_DURATION
May 19 01:29:50 metro Pluto[868]: | length/value: 3600
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 19 01:29:50 metro Pluto[868]: | length/value: 5
May 19 01:29:50 metro Pluto[868]: | [5 is OAKLEY_3DES_CBC]
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:50 metro Pluto[868]: | af+type: OAKLEY_HASH_ALGORITHM
May 19 01:29:50 metro Pluto[868]: | length/value: 2
May 19 01:29:50 metro Pluto[868]: | [2 is OAKLEY_SHA]
May 19 01:29:50 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 19 01:29:51 metro Pluto[868]: | length/value: 1
May 19 01:29:51 metro Pluto[868]: | [1 is OAKLEY_PRESHARED_KEY]
May 19 01:29:51 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 19 01:29:51 metro Pluto[868]: | length/value: 2
May 19 01:29:51 metro Pluto[868]: | [2 is OAKLEY_GROUP_MODP1024]
May 19 01:29:51 metro Pluto[868]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
May 19 01:29:51 metro Pluto[868]: | *****emit ISAKMP Transform Payload (ISAKMP):
May 19 01:29:51 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:51 metro Pluto[868]: | transform number: 3
May 19 01:29:51 metro Pluto[868]: | transform ID: KEY_IKE
May 19 01:29:51 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_LIFE_TYPE
May 19 01:29:51 metro Pluto[868]: | length/value: 1
May 19 01:29:51 metro Pluto[868]: | [1 is OAKLEY_LIFE_SECONDS]
May 19 01:29:51 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_LIFE_DURATION
May 19 01:29:51 metro Pluto[868]: | length/value: 3600
May 19 01:29:51 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 19 01:29:51 metro Pluto[868]: | length/value: 5
May 19 01:29:51 metro Pluto[868]: | [5 is OAKLEY_3DES_CBC]
May 19 01:29:51 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_HASH_ALGORITHM
May 19 01:29:51 metro Pluto[868]: | length/value: 1
May 19 01:29:51 metro Pluto[868]: | [1 is OAKLEY_MD5]
May 19 01:29:51 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 19 01:29:51 metro Pluto[868]: | length/value: 1
May 19 01:29:51 metro Pluto[868]: | [1 is OAKLEY_PRESHARED_KEY]
May 19 01:29:51 metro Pluto[868]: | ******emit ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 19 01:29:51 metro Pluto[868]: | length/value: 2
May 19 01:29:51 metro Pluto[868]: | [2 is OAKLEY_GROUP_MODP1024]
May 19 01:29:51 metro Pluto[868]: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
May 19 01:29:51 metro Pluto[868]: | emitting length of ISAKMP Proposal Payload: 136
May 19 01:29:51 metro Pluto[868]: | emitting length of ISAKMP Security Association Payload: 148
May 19 01:29:51 metro Pluto[868]: | emitting length of ISAKMP Message: 176
May 19 01:29:51 metro Pluto[868]: | sending 176 bytes for main_outI1 through eth0 to 63.89.49.214:500:
May 19 01:29:51 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25 00 00 00 00 00 00 00 00
May 19 01:29:51 metro Pluto[868]: | 01 10 02 00 00 00 00 00 00 00 00 b0 00 00 00 94
May 19 01:29:51 metro Pluto[868]: | 00 00 00 01 00 00 00 01 00 00 00 88 01 01 00 04
May 19 01:29:51 metro Pluto[868]: | 03 00 00 20 00 01 00 00 80 0b 00 01 80 0c 0e 10
May 19 01:29:51 metro Pluto[868]: | 80 01 00 05 80 02 00 01 80 03 00 01 80 04 00 05
May 19 01:29:51 metro Pluto[868]: | 03 00 00 20 01 01 00 00 80 0b 00 01 80 0c 0e 10
May 19 01:29:51 metro Pluto[868]: | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 05
May 19 01:29:51 metro Pluto[868]: | 03 00 00 20 02 01 00 00 80 0b 00 01 80 0c 0e 10
May 19 01:29:51 metro Pluto[868]: | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 02
May 19 01:29:51 metro Pluto[868]: | 00 00 00 20 03 01 00 00 80 0b 00 01 80 0c 0e 10
May 19 01:29:51 metro Pluto[868]: | 80 01 00 05 80 02 00 01 80 03 00 01 80 04 00 02
May 19 01:29:51 metro Pluto[868]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
May 19 01:29:51 metro Pluto[868]: | next event EVENT_RETRANSMIT in 10 seconds for #1
May 19 01:29:51 metro Pluto[868]: |
May 19 01:29:51 metro Pluto[868]: | *received 80 bytes from 63.89.49.214:500 on eth0
May 19 01:29:51 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25 78 31 49 3d d2 27 12 0b
May 19 01:29:51 metro Pluto[868]: | 01 10 02 00 00 00 00 00 00 00 00 50 00 00 00 34
May 19 01:29:51 metro Pluto[868]: | 00 00 00 01 00 00 00 01 00 00 00 28 01 01 00 01
May 19 01:29:51 metro Pluto[868]: | 00 00 00 20 02 01 00 00 80 0b 00 01 80 0c 0e 10
May 19 01:29:51 metro Pluto[868]: | 80 01 00 05 80 02 00 02 80 03 00 01 80 04 00 02
May 19 01:29:51 metro Pluto[868]: | **parse ISAKMP Message:
May 19 01:29:51 metro Pluto[868]: | initiator cookie:
May 19 01:29:51 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25
May 19 01:29:51 metro Pluto[868]: | responder cookie:
May 19 01:29:51 metro Pluto[868]: | 78 31 49 3d d2 27 12 0b
May 19 01:29:51 metro Pluto[868]: | next payload type: ISAKMP_NEXT_SA
May 19 01:29:51 metro Pluto[868]: | ISAKMP version: ISAKMP Version 1.0
May 19 01:29:51 metro Pluto[868]: | exchange type: ISAKMP_XCHG_IDPROT
May 19 01:29:51 metro Pluto[868]: | flags: none
May 19 01:29:51 metro Pluto[868]: | message ID: 00 00 00 00
May 19 01:29:51 metro Pluto[868]: | length: 80
May 19 01:29:51 metro Pluto[868]: | ICOOKIE: 10 d2 7a bd 8d ec a6 25
May 19 01:29:51 metro Pluto[868]: | RCOOKIE: 78 31 49 3d d2 27 12 0b
May 19 01:29:51 metro Pluto[868]: | peer: 3f 59 31 d6
May 19 01:29:51 metro Pluto[868]: | state hash entry 29
May 19 01:29:51 metro Pluto[868]: | state object not found
May 19 01:29:51 metro Pluto[868]: | ICOOKIE: 10 d2 7a bd 8d ec a6 25
May 19 01:29:51 metro Pluto[868]: | RCOOKIE: 00 00 00 00 00 00 00 00
May 19 01:29:51 metro Pluto[868]: | peer: 3f 59 31 d6
May 19 01:29:51 metro Pluto[868]: | state hash entry 26
May 19 01:29:51 metro Pluto[868]: | state object #1 found, in STATE_MAIN_I1
May 19 01:29:51 metro Pluto[868]: | ***parse ISAKMP Security Association Payload:
May 19 01:29:51 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:51 metro Pluto[868]: | length: 52
May 19 01:29:51 metro Pluto[868]: | DOI: ISAKMP_DOI_IPSEC
May 19 01:29:51 metro Pluto[868]: | ****parse IPsec DOI SIT:
May 19 01:29:51 metro Pluto[868]: | IPsec DOI SIT: SIT_IDENTITY_ONLY
May 19 01:29:51 metro Pluto[868]: | ****parse ISAKMP Proposal Payload:
May 19 01:29:51 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:51 metro Pluto[868]: | length: 40
May 19 01:29:51 metro Pluto[868]: | proposal number: 1
May 19 01:29:51 metro Pluto[868]: | protocol ID: PROTO_ISAKMP
May 19 01:29:51 metro Pluto[868]: | SPI size: 0
May 19 01:29:51 metro Pluto[868]: | number of transforms: 1
May 19 01:29:51 metro Pluto[868]: | *****parse ISAKMP Transform Payload (ISAKMP):
May 19 01:29:51 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:51 metro Pluto[868]: | length: 32
May 19 01:29:51 metro Pluto[868]: | transform number: 2
May 19 01:29:51 metro Pluto[868]: | transform ID: KEY_IKE
May 19 01:29:51 metro Pluto[868]: | ******parse ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_LIFE_TYPE
May 19 01:29:51 metro Pluto[868]: | length/value: 1
May 19 01:29:51 metro Pluto[868]: | [1 is OAKLEY_LIFE_SECONDS]
May 19 01:29:51 metro Pluto[868]: | ******parse ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_LIFE_DURATION
May 19 01:29:51 metro Pluto[868]: | length/value: 3600
May 19 01:29:51 metro Pluto[868]: | ******parse ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 19 01:29:51 metro Pluto[868]: | length/value: 5
May 19 01:29:51 metro Pluto[868]: | [5 is OAKLEY_3DES_CBC]
May 19 01:29:51 metro Pluto[868]: | ******parse ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_HASH_ALGORITHM
May 19 01:29:51 metro Pluto[868]: | length/value: 2
May 19 01:29:51 metro Pluto[868]: | [2 is OAKLEY_SHA]
May 19 01:29:51 metro Pluto[868]: | ******parse ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 19 01:29:51 metro Pluto[868]: | length/value: 1
May 19 01:29:51 metro Pluto[868]: | [1 is OAKLEY_PRESHARED_KEY]
May 19 01:29:51 metro Pluto[868]: | ******parse ISAKMP Oakley attribute:
May 19 01:29:51 metro Pluto[868]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 19 01:29:51 metro Pluto[868]: | length/value: 2
May 19 01:29:51 metro Pluto[868]: | [2 is OAKLEY_GROUP_MODP1024]
May 19 01:29:51 metro Pluto[868]: | Oakley Transform 2 accepted
May 19 01:29:51 metro Pluto[868]: | **emit ISAKMP Message:
May 19 01:29:51 metro Pluto[868]: | initiator cookie:
May 19 01:29:51 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25
May 19 01:29:51 metro Pluto[868]: | responder cookie:
May 19 01:29:51 metro Pluto[868]: | 78 31 49 3d d2 27 12 0b
May 19 01:29:51 metro Pluto[868]: | next payload type: ISAKMP_NEXT_KE
May 19 01:29:51 metro Pluto[868]: | ISAKMP version: ISAKMP Version 1.0
May 19 01:29:51 metro Pluto[868]: | exchange type: ISAKMP_XCHG_IDPROT
May 19 01:29:51 metro Pluto[868]: | flags: none
May 19 01:29:51 metro Pluto[868]: | message ID: 00 00 00 00
May 19 01:29:51 metro Pluto[868]: | Local DH secret:
May 19 01:29:51 metro Pluto[868]: | b0 6a 8c 8f ac ae 2e 55 51 8d dc 75 3f e6 da 11
May 19 01:29:51 metro Pluto[868]: | cf 32 95 ff b0 12 33 1e 89 11 4c a6 c4 f4 9b 43
May 19 01:29:51 metro Pluto[868]: | Public DH value sent:
May 19 01:29:51 metro Pluto[868]: | 92 ec ff db ac 30 9f 06 77 4e 04 73 87 88 7d 78
May 19 01:29:51 metro Pluto[868]: | df 2f b6 63 cb 2b 0b 56 b5 1b 30 f6 10 08 90 8f
May 19 01:29:51 metro Pluto[868]: | 90 d4 25 17 af 62 00 ac a3 1c 7d 7b de d5 5b 55
May 19 01:29:51 metro Pluto[868]: | f1 d2 70 b3 71 88 90 80 24 23 d9 c6 b0 3d 08 30
May 19 01:29:51 metro Pluto[868]: | f5 e8 aa 44 b6 25 44 ac 2b f5 8c 1d b6 4c e0 43
May 19 01:29:51 metro Pluto[868]: | 1c 34 68 cc c9 61 f6 7c 3c 34 f2 12 e3 6f c4 64
May 19 01:29:51 metro Pluto[868]: | 09 6d 64 26 97 a9 f6 eb f5 1b 48 d4 01 b8 6a c6
May 19 01:29:51 metro Pluto[868]: | 2c b1 1f c7 46 10 60 a3 1c b5 ec 92 e6 90 40 4e
May 19 01:29:51 metro Pluto[868]: | ***emit ISAKMP Key Exchange Payload:
May 19 01:29:51 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONCE
May 19 01:29:51 metro Pluto[868]: | emitting 128 raw bytes of keyex value into ISAKMP Key Exchange Payload
May 19 01:29:51 metro Pluto[868]: | keyex value 92 ec ff db ac 30 9f 06 77 4e 04 73 87 88 7d 78
May 19 01:29:51 metro Pluto[868]: | df 2f b6 63 cb 2b 0b 56 b5 1b 30 f6 10 08 90 8f
May 19 01:29:51 metro Pluto[868]: | 90 d4 25 17 af 62 00 ac a3 1c 7d 7b de d5 5b 55
May 19 01:29:51 metro Pluto[868]: | f1 d2 70 b3 71 88 90 80 24 23 d9 c6 b0 3d 08 30
May 19 01:29:51 metro Pluto[868]: | f5 e8 aa 44 b6 25 44 ac 2b f5 8c 1d b6 4c e0 43
May 19 01:29:51 metro Pluto[868]: | 1c 34 68 cc c9 61 f6 7c 3c 34 f2 12 e3 6f c4 64
May 19 01:29:51 metro Pluto[868]: | 09 6d 64 26 97 a9 f6 eb f5 1b 48 d4 01 b8 6a c6
May 19 01:29:51 metro Pluto[868]: | 2c b1 1f c7 46 10 60 a3 1c b5 ec 92 e6 90 40 4e
May 19 01:29:51 metro Pluto[868]: | emitting length of ISAKMP Key Exchange Payload: 132
May 19 01:29:52 metro Pluto[868]: | ***emit ISAKMP Nonce Payload:
May 19 01:29:52 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:52 metro Pluto[868]: | emitting 16 raw bytes of Ni into ISAKMP Nonce Payload
May 19 01:29:52 metro Pluto[868]: | Ni f5 3e e4 98 32 de 63 3f a4 6d 0b e9 5c a3 f8 94
May 19 01:29:52 metro Pluto[868]: | emitting length of ISAKMP Nonce Payload: 20
May 19 01:29:52 metro Pluto[868]: | emitting length of ISAKMP Message: 180
May 19 01:29:52 metro Pluto[868]: | ICOOKIE: 10 d2 7a bd 8d ec a6 25
May 19 01:29:52 metro Pluto[868]: | RCOOKIE: 00 00 00 00 00 00 00 00
May 19 01:29:52 metro Pluto[868]: | peer: 3f 59 31 d6
May 19 01:29:52 metro Pluto[868]: | state hash entry 26
May 19 01:29:52 metro Pluto[868]: | ICOOKIE: 10 d2 7a bd 8d ec a6 25
May 19 01:29:52 metro Pluto[868]: | RCOOKIE: 78 31 49 3d d2 27 12 0b
May 19 01:29:52 metro Pluto[868]: | peer: 3f 59 31 d6
May 19 01:29:52 metro Pluto[868]: | state hash entry 29
May 19 01:29:52 metro Pluto[868]: | sending 180 bytes for STF_REPLY through eth0 to 63.89.49.214:500:
May 19 01:29:52 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25 78 31 49 3d d2 27 12 0b
May 19 01:29:52 metro Pluto[868]: | 04 10 02 00 00 00 00 00 00 00 00 b4 0a 00 00 84
May 19 01:29:52 metro Pluto[868]: | 92 ec ff db ac 30 9f 06 77 4e 04 73 87 88 7d 78
May 19 01:29:52 metro Pluto[868]: | df 2f b6 63 cb 2b 0b 56 b5 1b 30 f6 10 08 90 8f
May 19 01:29:52 metro Pluto[868]: | 90 d4 25 17 af 62 00 ac a3 1c 7d 7b de d5 5b 55
May 19 01:29:52 metro Pluto[868]: | f1 d2 70 b3 71 88 90 80 24 23 d9 c6 b0 3d 08 30
May 19 01:29:52 metro Pluto[868]: | f5 e8 aa 44 b6 25 44 ac 2b f5 8c 1d b6 4c e0 43
May 19 01:29:52 metro Pluto[868]: | 1c 34 68 cc c9 61 f6 7c 3c 34 f2 12 e3 6f c4 64
May 19 01:29:52 metro Pluto[868]: | 09 6d 64 26 97 a9 f6 eb f5 1b 48 d4 01 b8 6a c6
May 19 01:29:52 metro Pluto[868]: | 2c b1 1f c7 46 10 60 a3 1c b5 ec 92 e6 90 40 4e
May 19 01:29:52 metro Pluto[868]: | 00 00 00 14 f5 3e e4 98 32 de 63 3f a4 6d 0b e9
May 19 01:29:52 metro Pluto[868]: | 5c a3 f8 94
May 19 01:29:52 metro Pluto[868]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
May 19 01:29:52 metro Pluto[868]: | next event EVENT_RETRANSMIT in 10 seconds for #1
May 19 01:29:52 metro Pluto[868]: |
May 19 01:29:52 metro Pluto[868]: | *received 172 bytes from 63.89.49.214:500 on eth0
May 19 01:29:52 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25 78 31 49 3d d2 27 12 0b
May 19 01:29:52 metro Pluto[868]: | 04 10 02 00 00 00 00 00 00 00 00 ac 0a 00 00 84
May 19 01:29:52 metro Pluto[868]: | 92 6a d3 66 5f 0a 23 10 85 0b 45 fa f2 eb 13 4d
May 19 01:29:52 metro Pluto[868]: | 26 4a ea 23 46 38 e9 22 77 8d 78 c6 2b ef 5a 7d
May 19 01:29:52 metro Pluto[868]: | c8 e5 3f 11 44 e1 7c 95 02 54 74 62 88 86 13 60
May 19 01:29:52 metro Pluto[868]: | 07 b6 b0 d5 8f 91 cc 12 52 57 26 6f ac 9b 29 12
May 19 01:29:52 metro Pluto[868]: | 64 38 ab ee 70 01 82 73 07 84 98 b6 e4 f7 50 95
May 19 01:29:52 metro Pluto[868]: | 66 29 51 10 5d e2 0a 4d c3 16 d8 9f dd d0 be 5b
May 19 01:29:52 metro Pluto[868]: | 99 3b 9c de c2 fe 88 0b 15 80 f9 d1 87 fc a8 f9
May 19 01:29:52 metro Pluto[868]: | db f9 28 d8 75 ba 0d fa e7 f6 04 f5 37 6d 83 c8
May 19 01:29:52 metro Pluto[868]: | 00 00 00 0c 64 e2 04 50 08 35 d1 9c
May 19 01:29:52 metro Pluto[868]: | **parse ISAKMP Message:
May 19 01:29:52 metro Pluto[868]: | initiator cookie:
May 19 01:29:52 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25
May 19 01:29:52 metro Pluto[868]: | responder cookie:
May 19 01:29:52 metro Pluto[868]: | 78 31 49 3d d2 27 12 0b
May 19 01:29:52 metro Pluto[868]: | next payload type: ISAKMP_NEXT_KE
May 19 01:29:52 metro Pluto[868]: | ISAKMP version: ISAKMP Version 1.0
May 19 01:29:52 metro Pluto[868]: | exchange type: ISAKMP_XCHG_IDPROT
May 19 01:29:52 metro Pluto[868]: | flags: none
May 19 01:29:52 metro Pluto[868]: | message ID: 00 00 00 00
May 19 01:29:52 metro Pluto[868]: | length: 172
May 19 01:29:52 metro Pluto[868]: | ICOOKIE: 10 d2 7a bd 8d ec a6 25
May 19 01:29:52 metro Pluto[868]: | RCOOKIE: 78 31 49 3d d2 27 12 0b
May 19 01:29:52 metro Pluto[868]: | peer: 3f 59 31 d6
May 19 01:29:52 metro Pluto[868]: | state hash entry 29
May 19 01:29:52 metro Pluto[868]: | state object #1 found, in STATE_MAIN_I2
May 19 01:29:52 metro Pluto[868]: | ***parse ISAKMP Key Exchange Payload:
May 19 01:29:52 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONCE
May 19 01:29:52 metro Pluto[868]: | length: 132
May 19 01:29:52 metro Pluto[868]: | ***parse ISAKMP Nonce Payload:
May 19 01:29:52 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:52 metro Pluto[868]: | length: 12
May 19 01:29:52 metro Pluto[868]: | **emit ISAKMP Message:
May 19 01:29:52 metro Pluto[868]: | initiator cookie:
May 19 01:29:52 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25
May 19 01:29:52 metro Pluto[868]: | responder cookie:
May 19 01:29:52 metro Pluto[868]: | 78 31 49 3d d2 27 12 0b
May 19 01:29:52 metro Pluto[868]: | next payload type: ISAKMP_NEXT_ID
May 19 01:29:52 metro Pluto[868]: | ISAKMP version: ISAKMP Version 1.0
May 19 01:29:52 metro Pluto[868]: | exchange type: ISAKMP_XCHG_IDPROT
May 19 01:29:52 metro Pluto[868]: | flags: ISAKMP_FLAG_ENCRYPTION
May 19 01:29:52 metro Pluto[868]: | message ID: 00 00 00 00
May 19 01:29:52 metro Pluto[868]: | DH public value received:
May 19 01:29:52 metro Pluto[868]: | 92 6a d3 66 5f 0a 23 10 85 0b 45 fa f2 eb 13 4d
May 19 01:29:52 metro Pluto[868]: | 26 4a ea 23 46 38 e9 22 77 8d 78 c6 2b ef 5a 7d
May 19 01:29:52 metro Pluto[868]: | c8 e5 3f 11 44 e1 7c 95 02 54 74 62 88 86 13 60
May 19 01:29:52 metro Pluto[868]: | 07 b6 b0 d5 8f 91 cc 12 52 57 26 6f ac 9b 29 12
May 19 01:29:52 metro Pluto[868]: | 64 38 ab ee 70 01 82 73 07 84 98 b6 e4 f7 50 95
May 19 01:29:52 metro Pluto[868]: | 66 29 51 10 5d e2 0a 4d c3 16 d8 9f dd d0 be 5b
May 19 01:29:52 metro Pluto[868]: | 99 3b 9c de c2 fe 88 0b 15 80 f9 d1 87 fc a8 f9
May 19 01:29:52 metro Pluto[868]: | db f9 28 d8 75 ba 0d fa e7 f6 04 f5 37 6d 83 c8
May 19 01:29:52 metro Pluto[868]: | DH shared secret:
May 19 01:29:52 metro Pluto[868]: | a2 26 0a 62 ae 0d 3e 58 e0 e8 7c c8 a2 39 93 45
May 19 01:29:52 metro Pluto[868]: | fd f2 46 47 d7 06 0e 03 8a e4 9b 6b 10 06 42 40
May 19 01:29:52 metro Pluto[868]: | 42 8c 7c 8b fb dd 49 9f 60 42 4f 19 d6 b3 fd 15
May 19 01:29:52 metro Pluto[868]: | 17 ba 15 82 a0 7c 48 00 f2 fc fc 3f bc 25 ad d6
May 19 01:29:52 metro Pluto[868]: | 1d 82 b4 cd 8c 17 e1 d8 67 02 53 68 a7 14 1c f3
May 19 01:29:52 metro Pluto[868]: | 36 10 1b 59 c5 88 ac 50 86 55 9f 43 72 9d 91 1f
May 19 01:29:52 metro Pluto[868]: | 35 37 70 69 f1 ba 0c 4a f3 af 39 47 36 e4 39 79
May 19 01:29:52 metro Pluto[868]: | 30 5b e5 aa 93 41 6d d1 e5 0d 7c 57 a5 26 f2 12
May 19 01:29:52 metro Pluto[868]: | Skeyid: d7 c2 ae d8 55 17 40 cd 4f 41 13 6e 4d 68 e6 0a
May 19 01:29:52 metro Pluto[868]: | 60 8c 4f e8
May 19 01:29:52 metro Pluto[868]: | Skeyid_d: a3 80 55 5d c6 d1 bd e7 7b 8a 4c ca c5 04 12 98
May 19 01:29:52 metro Pluto[868]: | 5c f6 41 07
May 19 01:29:52 metro Pluto[868]: | Skeyid_a: 88 2c a6 ff 1d b8 2e 5c b0 2b 00 17 4d ae 3c 54
May 19 01:29:52 metro Pluto[868]: | 85 da 7a c6
May 19 01:29:52 metro Pluto[868]: | Skeyid_e: 8e 12 35 6f 3f 4b f7 5c b5 1e 95 cc fd 1b 15 9c
May 19 01:29:52 metro Pluto[868]: | 50 05 a9 1a
May 19 01:29:52 metro Pluto[868]: | enc key: aa 20 bc 8a 96 da 9e 6d 65 25 f6 73 2a e3 97 01
May 19 01:29:52 metro Pluto[868]: | 69 80 1a 61 68 2f 0c 83
May 19 01:29:52 metro Pluto[868]: | IV: 7a b6 d6 65 a5 55 e1 4b ea 17 d3 b0 77 97 0e b5
May 19 01:29:52 metro Pluto[868]: | 0d a9 bf 51
May 19 01:29:52 metro Pluto[868]: | ***emit ISAKMP Identification Payload (IPsec DOI):
May 19 01:29:52 metro Pluto[868]: | next payload type: ISAKMP_NEXT_HASH
May 19 01:29:52 metro Pluto[868]: | ID type: ID_IPV4_ADDR
May 19 01:29:52 metro Pluto[868]: | Protocol ID: 0
May 19 01:29:52 metro Pluto[868]: | port: 0
May 19 01:29:52 metro Pluto[868]: | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)
May 19 01:29:52 metro Pluto[868]: | my identity 0c 1b 0c 74
May 19 01:29:52 metro Pluto[868]: | emitting length of ISAKMP Identification Payload (IPsec DOI): 12
May 19 01:29:52 metro Pluto[868]: | hashing 144 bytes of SA
May 19 01:29:52 metro Pluto[868]: | Hashing my ID: Type ID_IPV4_ADDR, Protocol 0, Port 0
May 19 01:29:52 metro Pluto[868]: | ***emit ISAKMP Hash Payload:
May 19 01:29:52 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:52 metro Pluto[868]: | emitting 20 raw bytes of HASH_I into ISAKMP Hash Payload
May 19 01:29:52 metro Pluto[868]: | HASH_I 7d 81 af 29 80 81 fa ab 29 1c 0a d5 7d 54 02 02
May 19 01:29:52 metro Pluto[868]: | 08 e1 29 07
May 19 01:29:52 metro Pluto[868]: | emitting length of ISAKMP Hash Payload: 24
May 19 01:29:52 metro Pluto[868]: | encrypting:
May 19 01:29:52 metro Pluto[868]: | 08 00 00 0c 01 00 00 00 0c 1b 0c 74 00 00 00 18
May 19 01:29:52 metro Pluto[868]: | 7d 81 af 29 80 81 fa ab 29 1c 0a d5 7d 54 02 02
May 19 01:29:52 metro Pluto[868]: | 08 e1 29 07
May 19 01:29:52 metro Pluto[868]: | emitting 4 zero bytes of encryption padding into ISAKMP Message
May 19 01:29:52 metro Pluto[868]: | encrypting using OAKLEY_3DES_CBC
May 19 01:29:52 metro Pluto[868]: | next IV: 32 2c e8 17 9c 49 9a 1a
May 19 01:29:52 metro Pluto[868]: | emitting length of ISAKMP Message: 68
May 19 01:29:52 metro Pluto[868]: | sending 68 bytes for STF_REPLY through eth0 to 63.89.49.214:500:
May 19 01:29:52 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25 78 31 49 3d d2 27 12 0b
May 19 01:29:52 metro Pluto[868]: | 05 10 02 01 00 00 00 00 00 00 00 44 95 b6 bd 23
May 19 01:29:52 metro Pluto[868]: | 34 b7 91 ec 35 60 96 4b 47 95 8b 61 7d df e4 e5
May 19 01:29:52 metro Pluto[868]: | 33 34 58 d9 c8 bd f1 92 32 bb 83 bd 32 2c e8 17
May 19 01:29:52 metro Pluto[868]: | 9c 49 9a 1a
May 19 01:29:52 metro Pluto[868]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
May 19 01:29:52 metro Pluto[868]: | next event EVENT_RETRANSMIT in 10 seconds for #1
May 19 01:29:53 metro Pluto[868]: |
May 19 01:29:53 metro Pluto[868]: | *received 68 bytes from 63.89.49.214:500 on eth0
May 19 01:29:53 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25 78 31 49 3d d2 27 12 0b
May 19 01:29:53 metro Pluto[868]: | 05 10 02 01 00 00 00 00 00 00 00 44 2c 3b f5 ec
May 19 01:29:53 metro Pluto[868]: | 62 cf ef e4 f4 1f b9 a0 9b 59 a4 f2 f3 d8 43 1b
May 19 01:29:53 metro Pluto[868]: | dd df 06 35 ff c6 8c 11 15 6d cc 5d d8 e3 9e 23
May 19 01:29:53 metro Pluto[868]: | bd 9c 8a 88
May 19 01:29:53 metro Pluto[868]: | **parse ISAKMP Message:
May 19 01:29:53 metro Pluto[868]: | initiator cookie:
May 19 01:29:53 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25
May 19 01:29:53 metro Pluto[868]: | responder cookie:
May 19 01:29:53 metro Pluto[868]: | 78 31 49 3d d2 27 12 0b
May 19 01:29:53 metro Pluto[868]: | next payload type: ISAKMP_NEXT_ID
May 19 01:29:53 metro Pluto[868]: | ISAKMP version: ISAKMP Version 1.0
May 19 01:29:53 metro Pluto[868]: | exchange type: ISAKMP_XCHG_IDPROT
May 19 01:29:53 metro Pluto[868]: | flags: ISAKMP_FLAG_ENCRYPTION
May 19 01:29:53 metro Pluto[868]: | message ID: 00 00 00 00
May 19 01:29:53 metro Pluto[868]: | length: 68
May 19 01:29:53 metro Pluto[868]: | ICOOKIE: 10 d2 7a bd 8d ec a6 25
May 19 01:29:53 metro Pluto[868]: | RCOOKIE: 78 31 49 3d d2 27 12 0b
May 19 01:29:53 metro Pluto[868]: | peer: 3f 59 31 d6
May 19 01:29:53 metro Pluto[868]: | state hash entry 29
May 19 01:29:53 metro Pluto[868]: | state object #1 found, in STATE_MAIN_I3
May 19 01:29:53 metro Pluto[868]: | received encrypted packet from 63.89.49.214:500
May 19 01:29:53 metro Pluto[868]: | decrypting 40 bytes using algorithm OAKLEY_3DES_CBC
May 19 01:29:53 metro Pluto[868]: | decrypted:
May 19 01:29:53 metro Pluto[868]: | 08 00 00 0c 01 00 00 00 3f 59 31 d6 00 00 00 18
May 19 01:29:53 metro Pluto[868]: | 49 86 f2 88 e0 c1 e6 c7 2a 8b b8 73 f8 ea 0a 03
May 19 01:29:53 metro Pluto[868]: | d1 19 e7 cf 00 00 00 00
May 19 01:29:53 metro Pluto[868]: | next IV: d8 e3 9e 23 bd 9c 8a 88
May 19 01:29:53 metro Pluto[868]: | ***parse ISAKMP Identification Payload:
May 19 01:29:53 metro Pluto[868]: | next payload type: ISAKMP_NEXT_HASH
May 19 01:29:53 metro Pluto[868]: | length: 12
May 19 01:29:53 metro Pluto[868]: | ID type: 1
May 19 01:29:53 metro Pluto[868]: | DOI specific A: 0
May 19 01:29:53 metro Pluto[868]: | DOI specific B: 0
May 19 01:29:53 metro Pluto[868]: | ***parse ISAKMP Hash Payload:
May 19 01:29:53 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:53 metro Pluto[868]: | length: 24
May 19 01:29:53 metro Pluto[868]: | removing 4 bytes of padding
May 19 01:29:53 metro Pluto[868]: | Peer's ID is ID_IPV4_ADDR: '63.89.49.214'
May 19 01:29:53 metro Pluto[868]: | hashing 144 bytes of SA
May 19 01:29:53 metro Pluto[868]: | Hashing his ID: Type ID_IPV4_ADDR, Protocol 0, Port 0
May 19 01:29:53 metro Pluto[868]: | authentication succeeded
May 19 01:29:53 metro Pluto[868]: | inserting event EVENT_SA_REPLACE, timeout in 2797 seconds for #1
May 19 01:29:53 metro Pluto[868]: "worldpac" #1: STATE_MAIN_I4: ISAKMP SA established
May 19 01:29:53 metro Pluto[868]: | unqueuing pending Quick Mode with 63.89.49.214 "worldpac"
May 19 01:29:53 metro Pluto[868]: | duplicating state object #1
May 19 01:29:53 metro Pluto[868]: | creating state object #2 at 0x8089018
May 19 01:29:53 metro Pluto[868]: | ICOOKIE: 10 d2 7a bd 8d ec a6 25
May 19 01:29:53 metro Pluto[868]: | RCOOKIE: 78 31 49 3d d2 27 12 0b
May 19 01:29:53 metro Pluto[868]: | peer: 3f 59 31 d6
May 19 01:29:53 metro Pluto[868]: | state hash entry 29
May 19 01:29:53 metro Pluto[868]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #2
May 19 01:29:53 metro Pluto[868]: "worldpac" #2: initiating Quick Mode PSK+ENCRYPT
May 19 01:29:53 metro Pluto[868]: | **emit ISAKMP Message:
May 19 01:29:53 metro Pluto[868]: | initiator cookie:
May 19 01:29:53 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25
May 19 01:29:53 metro Pluto[868]: | responder cookie:
May 19 01:29:53 metro Pluto[868]: | 78 31 49 3d d2 27 12 0b
May 19 01:29:53 metro Pluto[868]: | next payload type: ISAKMP_NEXT_HASH
May 19 01:29:53 metro Pluto[868]: | ISAKMP version: ISAKMP Version 1.0
May 19 01:29:53 metro Pluto[868]: | exchange type: ISAKMP_XCHG_QUICK
May 19 01:29:53 metro Pluto[868]: | flags: ISAKMP_FLAG_ENCRYPTION
May 19 01:29:53 metro Pluto[868]: | message ID: a5 48 68 66
May 19 01:29:53 metro Pluto[868]: | ***emit ISAKMP Hash Payload:
May 19 01:29:53 metro Pluto[868]: | next payload type: ISAKMP_NEXT_SA
May 19 01:29:53 metro Pluto[868]: | emitting 20 zero bytes of HASH into ISAKMP Hash Payload
May 19 01:29:53 metro Pluto[868]: | emitting length of ISAKMP Hash Payload: 24
May 19 01:29:53 metro Pluto[868]: | ***emit ISAKMP Security Association Payload:
May 19 01:29:53 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONCE
May 19 01:29:53 metro Pluto[868]: | DOI: ISAKMP_DOI_IPSEC
May 19 01:29:53 metro Pluto[868]: | ****emit IPsec DOI SIT:
May 19 01:29:53 metro Pluto[868]: | IPsec DOI SIT: SIT_IDENTITY_ONLY
May 19 01:29:53 metro Pluto[868]: | ****emit ISAKMP Proposal Payload:
May 19 01:29:53 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:53 metro Pluto[868]: | proposal number: 1
May 19 01:29:53 metro Pluto[868]: | protocol ID: PROTO_IPSEC_ESP
May 19 01:29:53 metro Pluto[868]: | SPI size: 4
May 19 01:29:53 metro Pluto[868]: | number of transforms: 2
May 19 01:29:53 metro Pluto[868]: | generate SPI: 14 72 c1 23
May 19 01:29:53 metro Pluto[868]: | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload
May 19 01:29:53 metro Pluto[868]: | SPI 14 72 c1 23
May 19 01:29:53 metro Pluto[868]: | *****emit ISAKMP Transform Payload (ESP):
May 19 01:29:53 metro Pluto[868]: | next payload type: ISAKMP_NEXT_T
May 19 01:29:53 metro Pluto[868]: | transform number: 0
May 19 01:29:53 metro Pluto[868]: | transform ID: ESP_3DES
May 19 01:29:53 metro Pluto[868]: | ******emit ISAKMP IPsec DOI attribute:
May 19 01:29:53 metro Pluto[868]: | af+type: ENCAPSULATION_MODE
May 19 01:29:53 metro Pluto[868]: | length/value: 2
May 19 01:29:53 metro Pluto[868]: | [2 is ENCAPSULATION_MODE_TRANSPORT]
May 19 01:29:53 metro Pluto[868]: | ******emit ISAKMP IPsec DOI attribute:
May 19 01:29:53 metro Pluto[868]: | af+type: SA_LIFE_TYPE
May 19 01:29:53 metro Pluto[868]: | length/value: 1
May 19 01:29:53 metro Pluto[868]: | [1 is SA_LIFE_TYPE_SECONDS]
May 19 01:29:53 metro Pluto[868]: | ******emit ISAKMP IPsec DOI attribute:
May 19 01:29:53 metro Pluto[868]: | af+type: SA_LIFE_DURATION
May 19 01:29:53 metro Pluto[868]: | length/value: 1800
May 19 01:29:53 metro Pluto[868]: | ******emit ISAKMP IPsec DOI attribute:
May 19 01:29:54 metro Pluto[868]: | af+type: AUTH_ALGORITHM
May 19 01:29:54 metro Pluto[868]: | length/value: 1
May 19 01:29:54 metro Pluto[868]: | [1 is AUTH_ALGORITHM_HMAC_MD5]
May 19 01:29:54 metro Pluto[868]: | emitting length of ISAKMP Transform Payload (ESP): 24
May 19 01:29:54 metro Pluto[868]: | *****emit ISAKMP Transform Payload (ESP):
May 19 01:29:54 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:54 metro Pluto[868]: | transform number: 1
May 19 01:29:54 metro Pluto[868]: | transform ID: ESP_3DES
May 19 01:29:54 metro Pluto[868]: | ******emit ISAKMP IPsec DOI attribute:
May 19 01:29:54 metro Pluto[868]: | af+type: ENCAPSULATION_MODE
May 19 01:29:54 metro Pluto[868]: | length/value: 2
May 19 01:29:54 metro Pluto[868]: | [2 is ENCAPSULATION_MODE_TRANSPORT]
May 19 01:29:54 metro Pluto[868]: | ******emit ISAKMP IPsec DOI attribute:
May 19 01:29:54 metro Pluto[868]: | af+type: SA_LIFE_TYPE
May 19 01:29:54 metro Pluto[868]: | length/value: 1
May 19 01:29:54 metro Pluto[868]: | [1 is SA_LIFE_TYPE_SECONDS]
May 19 01:29:54 metro Pluto[868]: | ******emit ISAKMP IPsec DOI attribute:
May 19 01:29:54 metro Pluto[868]: | af+type: SA_LIFE_DURATION
May 19 01:29:54 metro Pluto[868]: | length/value: 1800
May 19 01:29:54 metro Pluto[868]: | ******emit ISAKMP IPsec DOI attribute:
May 19 01:29:54 metro Pluto[868]: | af+type: AUTH_ALGORITHM
May 19 01:29:54 metro Pluto[868]: | length/value: 2
May 19 01:29:54 metro Pluto[868]: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
May 19 01:29:54 metro Pluto[868]: | emitting length of ISAKMP Transform Payload (ESP): 24
May 19 01:29:54 metro Pluto[868]: | emitting length of ISAKMP Proposal Payload: 60
May 19 01:29:54 metro Pluto[868]: | emitting length of ISAKMP Security Association Payload: 72
May 19 01:29:54 metro Pluto[868]: | ***emit ISAKMP Nonce Payload:
May 19 01:29:54 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:54 metro Pluto[868]: | emitting 16 raw bytes of Ni into ISAKMP Nonce Payload
May 19 01:29:54 metro Pluto[868]: | Ni bd fb a2 ae a7 a8 e3 3a 2c c8 8a 60 39 9d 73 af
May 19 01:29:54 metro Pluto[868]: | emitting length of ISAKMP Nonce Payload: 20
May 19 01:29:54 metro Pluto[868]: | HASH(1) computed:
May 19 01:29:54 metro Pluto[868]: | 0e 24 81 77 b2 42 86 66 5e 20 c4 3a b3 a3 d9 98
May 19 01:29:54 metro Pluto[868]: | 1b 81 60 c4
May 19 01:29:54 metro Pluto[868]: | computed Phase 2 IV:
May 19 01:29:54 metro Pluto[868]: | a6 b1 f5 cd dc 6b 7f a6 8c 93 cc d0 0d 98 df 8b
May 19 01:29:54 metro Pluto[868]: | 89 5d c8 98
May 19 01:29:54 metro Pluto[868]: | encrypting:
May 19 01:29:54 metro Pluto[868]: | 01 00 00 18 0e 24 81 77 b2 42 86 66 5e 20 c4 3a
May 19 01:29:54 metro Pluto[868]: | b3 a3 d9 98 1b 81 60 c4 0a 00 00 48 00 00 00 01
May 19 01:29:54 metro Pluto[868]: | 00 00 00 01 00 00 00 3c 01 03 04 02 14 72 c1 23
May 19 01:29:54 metro Pluto[868]: | 03 00 00 18 00 03 00 00 80 04 00 02 80 01 00 01
May 19 01:29:54 metro Pluto[868]: | 80 02 07 08 80 05 00 01 00 00 00 18 01 03 00 00
May 19 01:29:54 metro Pluto[868]: | 80 04 00 02 80 01 00 01 80 02 07 08 80 05 00 02
May 19 01:29:54 metro Pluto[868]: | 00 00 00 14 bd fb a2 ae a7 a8 e3 3a 2c c8 8a 60
May 19 01:29:54 metro Pluto[868]: | 39 9d 73 af
May 19 01:29:54 metro Pluto[868]: | emitting 4 zero bytes of encryption padding into ISAKMP Message
May 19 01:29:54 metro Pluto[868]: | encrypting using OAKLEY_3DES_CBC
May 19 01:29:54 metro Pluto[868]: | next IV: 3b a8 a5 a2 3a 38 39 9f
May 19 01:29:54 metro Pluto[868]: | emitting length of ISAKMP Message: 148
May 19 01:29:54 metro Pluto[868]: | sending 148 bytes for quick_outI1 through eth0 to 63.89.49.214:500:
May 19 01:29:54 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25 78 31 49 3d d2 27 12 0b
May 19 01:29:54 metro Pluto[868]: | 08 10 20 01 a5 48 68 66 00 00 00 94 60 c1 66 26
May 19 01:29:54 metro Pluto[868]: | 91 ba ff ee ed 7c 97 8f 8f 3a ac b4 b4 fb 4d 46
May 19 01:29:54 metro Pluto[868]: | f7 e5 29 a9 11 33 84 d7 f9 84 7d 3b fe 70 18 bf
May 19 01:29:54 metro Pluto[868]: | 86 79 19 7c 09 eb 12 06 4f d1 93 da 3d 28 8e b3
May 19 01:29:54 metro Pluto[868]: | 2a 01 72 82 c3 61 b8 87 94 d8 66 f1 10 c8 fc d3
May 19 01:29:54 metro Pluto[868]: | fd db 48 a4 cc 3d 7e 5a ba 84 83 02 0b 23 49 64
May 19 01:29:54 metro Pluto[868]: | 62 e8 12 c1 46 0c 8e 4c e1 00 f5 9d 06 51 0d f4
May 19 01:29:54 metro Pluto[868]: | b9 01 c8 7a d8 e0 0e 28 f1 59 92 94 3b a8 a5 a2
May 19 01:29:54 metro Pluto[868]: | 3a 38 39 9f
May 19 01:29:54 metro Pluto[868]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #2
May 19 01:29:54 metro Pluto[868]: | next event EVENT_RETRANSMIT in 10 seconds for #2
May 19 01:29:54 metro Pluto[868]: |
May 19 01:29:54 metro Pluto[868]: | *received 68 bytes from 63.89.49.214:500 on eth0
May 19 01:29:54 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25 78 31 49 3d d2 27 12 0b
May 19 01:29:54 metro Pluto[868]: | 08 10 05 01 cc a9 9c 21 00 00 00 44 75 8c b2 21
May 19 01:29:54 metro Pluto[868]: | b6 93 50 62 e9 63 6e 35 7a 8e c8 20 cc a8 d6 b9
May 19 01:29:54 metro Pluto[868]: | 20 17 c9 24 ea 07 ba 87 88 de 6b 47 f0 d3 52 6e
May 19 01:29:54 metro Pluto[868]: | 54 23 c0 d8
May 19 01:29:54 metro Pluto[868]: | **parse ISAKMP Message:
May 19 01:29:54 metro Pluto[868]: | initiator cookie:
May 19 01:29:54 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25
May 19 01:29:54 metro Pluto[868]: | responder cookie:
May 19 01:29:54 metro Pluto[868]: | 78 31 49 3d d2 27 12 0b
May 19 01:29:54 metro Pluto[868]: | next payload type: ISAKMP_NEXT_HASH
May 19 01:29:54 metro Pluto[868]: | ISAKMP version: ISAKMP Version 1.0
May 19 01:29:54 metro Pluto[868]: | exchange type: ISAKMP_XCHG_INFO
May 19 01:29:54 metro Pluto[868]: | flags: ISAKMP_FLAG_ENCRYPTION
May 19 01:29:54 metro Pluto[868]: | message ID: cc a9 9c 21
May 19 01:29:54 metro Pluto[868]: | length: 68
May 19 01:29:54 metro Pluto[868]: | ICOOKIE: 10 d2 7a bd 8d ec a6 25
May 19 01:29:54 metro Pluto[868]: | RCOOKIE: 78 31 49 3d d2 27 12 0b
May 19 01:29:55 metro Pluto[868]: | peer: 3f 59 31 d6
May 19 01:29:55 metro Pluto[868]: | state hash entry 29
May 19 01:29:55 metro Pluto[868]: | state object #1 found, in STATE_MAIN_I4
May 19 01:29:55 metro Pluto[868]: | computed Phase 2 IV:
May 19 01:29:55 metro Pluto[868]: | 68 27 6e 83 4f 56 bb 22 4d 17 e1 84 d1 65 af 47
May 19 01:29:55 metro Pluto[868]: | 6a 9e 3b 75
May 19 01:29:55 metro Pluto[868]: | received encrypted packet from 63.89.49.214:500
May 19 01:29:55 metro Pluto[868]: | decrypting 40 bytes using algorithm OAKLEY_3DES_CBC
May 19 01:29:55 metro Pluto[868]: | decrypted:
May 19 01:29:55 metro Pluto[868]: | 0b 00 00 18 22 9a b0 d0 3f f7 38 c0 ba cc 7c c5
May 19 01:29:55 metro Pluto[868]: | c2 07 9f e4 82 c6 e7 6d 00 00 00 10 00 00 00 01
May 19 01:29:55 metro Pluto[868]: | 03 04 00 0e 14 72 c1 23
May 19 01:29:55 metro Pluto[868]: | next IV: f0 d3 52 6e 54 23 c0 d8
May 19 01:29:55 metro Pluto[868]: | ***parse ISAKMP Hash Payload:
May 19 01:29:55 metro Pluto[868]: | next payload type: ISAKMP_NEXT_N
May 19 01:29:55 metro Pluto[868]: | length: 24
May 19 01:29:55 metro Pluto[868]: | ***parse ISAKMP Notification Payload:
May 19 01:29:55 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:29:55 metro Pluto[868]: | length: 16
May 19 01:29:55 metro Pluto[868]: | DOI: ISAKMP_DOI_IPSEC
May 19 01:29:55 metro Pluto[868]: | protocol ID: 3
May 19 01:29:55 metro Pluto[868]: | SPI size: 4
May 19 01:29:55 metro Pluto[868]: | Notify Message Type: NO_PROPOSAL_CHOSEN
May 19 01:29:55 metro Pluto[868]: "worldpac" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN
May 19 01:29:55 metro Pluto[868]: | info: 14 72 c1 23
May 19 01:29:55 metro Pluto[868]: "worldpac" #1: received and ignored informational message
May 19 01:29:55 metro Pluto[868]: | next event EVENT_RETRANSMIT in 9 seconds for #2
May 19 01:30:04 metro Pluto[868]: |
May 19 01:30:04 metro Pluto[868]: | *time to handle event
May 19 01:30:04 metro Pluto[868]: | event after this is EVENT_SHUNT_SCAN in 1 seconds
May 19 01:30:04 metro Pluto[868]: | handling event EVENT_RETRANSMIT for 63.89.49.214 "worldpac" #2
May 19 01:30:04 metro Pluto[868]: | sending 148 bytes for EVENT_RETRANSMIT through eth0 to 63.89.49.214:500:
May 19 01:30:04 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25 78 31 49 3d d2 27 12 0b
May 19 01:30:04 metro Pluto[868]: | 08 10 20 01 a5 48 68 66 00 00 00 94 60 c1 66 26
May 19 01:30:04 metro Pluto[868]: | 91 ba ff ee ed 7c 97 8f 8f 3a ac b4 b4 fb 4d 46
May 19 01:30:04 metro Pluto[868]: | f7 e5 29 a9 11 33 84 d7 f9 84 7d 3b fe 70 18 bf
May 19 01:30:04 metro Pluto[868]: | 86 79 19 7c 09 eb 12 06 4f d1 93 da 3d 28 8e b3
May 19 01:30:04 metro Pluto[868]: | 2a 01 72 82 c3 61 b8 87 94 d8 66 f1 10 c8 fc d3
May 19 01:30:04 metro Pluto[868]: | fd db 48 a4 cc 3d 7e 5a ba 84 83 02 0b 23 49 64
May 19 01:30:04 metro Pluto[868]: | 62 e8 12 c1 46 0c 8e 4c e1 00 f5 9d 06 51 0d f4
May 19 01:30:04 metro Pluto[868]: | b9 01 c8 7a d8 e0 0e 28 f1 59 92 94 3b a8 a5 a2
May 19 01:30:04 metro Pluto[868]: | 3a 38 39 9f
May 19 01:30:04 metro Pluto[868]: | inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #2
May 19 01:30:04 metro Pluto[868]: | next event EVENT_SHUNT_SCAN in 1 seconds
May 19 01:30:04 metro Pluto[868]: |
May 19 01:30:04 metro Pluto[868]: | *received 68 bytes from 63.89.49.214:500 on eth0
May 19 01:30:04 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25 78 31 49 3d d2 27 12 0b
May 19 01:30:04 metro Pluto[868]: | 08 10 05 01 fe e6 e2 d7 00 00 00 44 92 03 90 3e
May 19 01:30:04 metro Pluto[868]: | 10 f5 0c 48 eb 6e 1b 9e 2d 40 54 51 59 ce 07 db
May 19 01:30:04 metro Pluto[868]: | ed d3 35 6a 3e 55 86 b1 e4 94 45 a5 b6 3b fa 28
May 19 01:30:04 metro Pluto[868]: | 02 63 76 af
May 19 01:30:04 metro Pluto[868]: | **parse ISAKMP Message:
May 19 01:30:04 metro Pluto[868]: | initiator cookie:
May 19 01:30:04 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25
May 19 01:30:04 metro Pluto[868]: | responder cookie:
May 19 01:30:04 metro Pluto[868]: | 78 31 49 3d d2 27 12 0b
May 19 01:30:04 metro Pluto[868]: | next payload type: ISAKMP_NEXT_HASH
May 19 01:30:04 metro Pluto[868]: | ISAKMP version: ISAKMP Version 1.0
May 19 01:30:04 metro Pluto[868]: | exchange type: ISAKMP_XCHG_INFO
May 19 01:30:04 metro Pluto[868]: | flags: ISAKMP_FLAG_ENCRYPTION
May 19 01:30:04 metro Pluto[868]: | message ID: fe e6 e2 d7
May 19 01:30:04 metro Pluto[868]: | length: 68
May 19 01:30:04 metro Pluto[868]: | ICOOKIE: 10 d2 7a bd 8d ec a6 25
May 19 01:30:04 metro Pluto[868]: | RCOOKIE: 78 31 49 3d d2 27 12 0b
May 19 01:30:04 metro Pluto[868]: | peer: 3f 59 31 d6
May 19 01:30:04 metro Pluto[868]: | state hash entry 29
May 19 01:30:04 metro Pluto[868]: | state object #1 found, in STATE_MAIN_I4
May 19 01:30:04 metro Pluto[868]: | computed Phase 2 IV:
May 19 01:30:04 metro Pluto[868]: | 00 86 9e 25 39 02 b8 22 7f 8e 34 1c 3d 98 34 42
May 19 01:30:04 metro Pluto[868]: | 73 f3 ee d6
May 19 01:30:04 metro Pluto[868]: | received encrypted packet from 63.89.49.214:500
May 19 01:30:04 metro Pluto[868]: | decrypting 40 bytes using algorithm OAKLEY_3DES_CBC
May 19 01:30:04 metro Pluto[868]: | decrypted:
May 19 01:30:04 metro Pluto[868]: | 0b 00 00 18 9b 37 86 5f 16 ed f0 ca 81 be 63 0b
May 19 01:30:04 metro Pluto[868]: | 20 d8 cf d4 f2 de ab bb 00 00 00 10 00 00 00 01
May 19 01:30:04 metro Pluto[868]: | 03 04 00 0e 14 72 c1 23
May 19 01:30:04 metro Pluto[868]: | next IV: b6 3b fa 28 02 63 76 af
May 19 01:30:04 metro Pluto[868]: | ***parse ISAKMP Hash Payload:
May 19 01:30:04 metro Pluto[868]: | next payload type: ISAKMP_NEXT_N
May 19 01:30:04 metro Pluto[868]: | length: 24
May 19 01:30:04 metro Pluto[868]: | ***parse ISAKMP Notification Payload:
May 19 01:30:04 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:30:04 metro Pluto[868]: | length: 16
May 19 01:30:04 metro Pluto[868]: | DOI: ISAKMP_DOI_IPSEC
May 19 01:30:04 metro Pluto[868]: | protocol ID: 3
May 19 01:30:04 metro Pluto[868]: | SPI size: 4
May 19 01:30:04 metro Pluto[868]: | Notify Message Type: NO_PROPOSAL_CHOSEN
May 19 01:30:04 metro Pluto[868]: "worldpac" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN
May 19 01:30:04 metro Pluto[868]: | info: 14 72 c1 23
May 19 01:30:04 metro Pluto[868]: "worldpac" #1: received and ignored informational message
May 19 01:30:04 metro Pluto[868]: | next event EVENT_SHUNT_SCAN in 1 seconds
May 19 01:30:05 metro Pluto[868]: |
May 19 01:30:05 metro Pluto[868]: | *time to handle event
May 19 01:30:05 metro Pluto[868]: | event after this is EVENT_RETRANSMIT in 19 seconds
May 19 01:30:05 metro Pluto[868]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds
May 19 01:30:05 metro Pluto[868]: | next event EVENT_RETRANSMIT in 19 seconds for #2
May 19 01:30:24 metro Pluto[868]: |
May 19 01:30:24 metro Pluto[868]: | *time to handle event
May 19 01:30:24 metro Pluto[868]: | event after this is EVENT_SHUNT_SCAN in 101 seconds
May 19 01:30:24 metro Pluto[868]: | handling event EVENT_RETRANSMIT for 63.89.49.214 "worldpac" #2
May 19 01:30:24 metro Pluto[868]: | sending 148 bytes for EVENT_RETRANSMIT through eth0 to 63.89.49.214:500:
May 19 01:30:24 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25 78 31 49 3d d2 27 12 0b
May 19 01:30:24 metro Pluto[868]: | 08 10 20 01 a5 48 68 66 00 00 00 94 60 c1 66 26
May 19 01:30:24 metro Pluto[868]: | 91 ba ff ee ed 7c 97 8f 8f 3a ac b4 b4 fb 4d 46
May 19 01:30:24 metro Pluto[868]: | f7 e5 29 a9 11 33 84 d7 f9 84 7d 3b fe 70 18 bf
May 19 01:30:24 metro Pluto[868]: | 86 79 19 7c 09 eb 12 06 4f d1 93 da 3d 28 8e b3
May 19 01:30:24 metro Pluto[868]: | 2a 01 72 82 c3 61 b8 87 94 d8 66 f1 10 c8 fc d3
May 19 01:30:24 metro Pluto[868]: | fd db 48 a4 cc 3d 7e 5a ba 84 83 02 0b 23 49 64
May 19 01:30:24 metro Pluto[868]: | 62 e8 12 c1 46 0c 8e 4c e1 00 f5 9d 06 51 0d f4
May 19 01:30:24 metro Pluto[868]: | b9 01 c8 7a d8 e0 0e 28 f1 59 92 94 3b a8 a5 a2
May 19 01:30:24 metro Pluto[868]: | 3a 38 39 9f
May 19 01:30:24 metro Pluto[868]: | inserting event EVENT_RETRANSMIT, timeout in 40 seconds for #2
May 19 01:30:24 metro Pluto[868]: | next event EVENT_RETRANSMIT in 40 seconds for #2
May 19 01:30:25 metro Pluto[868]: |
May 19 01:30:25 metro Pluto[868]: | *received 68 bytes from 63.89.49.214:500 on eth0
May 19 01:30:25 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25 78 31 49 3d d2 27 12 0b
May 19 01:30:25 metro Pluto[868]: | 08 10 05 01 4a 79 03 2e 00 00 00 44 fe 48 cd 50
May 19 01:30:25 metro Pluto[868]: | 29 20 65 c5 47 4e a0 fd b2 b2 df 64 17 37 86 08
May 19 01:30:25 metro Pluto[868]: | f8 46 68 f8 6b 6f 2c 7a fd 92 80 ac bf ad 82 57
May 19 01:30:25 metro Pluto[868]: | 8e b3 a8 2e
May 19 01:30:25 metro Pluto[868]: | **parse ISAKMP Message:
May 19 01:30:25 metro Pluto[868]: | initiator cookie:
May 19 01:30:25 metro Pluto[868]: | 10 d2 7a bd 8d ec a6 25
May 19 01:30:25 metro Pluto[868]: | responder cookie:
May 19 01:30:25 metro Pluto[868]: | 78 31 49 3d d2 27 12 0b
May 19 01:30:25 metro Pluto[868]: | next payload type: ISAKMP_NEXT_HASH
May 19 01:30:25 metro Pluto[868]: | ISAKMP version: ISAKMP Version 1.0
May 19 01:30:25 metro Pluto[868]: | exchange type: ISAKMP_XCHG_INFO
May 19 01:30:25 metro Pluto[868]: | flags: ISAKMP_FLAG_ENCRYPTION
May 19 01:30:25 metro Pluto[868]: | message ID: 4a 79 03 2e
May 19 01:30:25 metro Pluto[868]: | length: 68
May 19 01:30:25 metro Pluto[868]: | ICOOKIE: 10 d2 7a bd 8d ec a6 25
May 19 01:30:25 metro Pluto[868]: | RCOOKIE: 78 31 49 3d d2 27 12 0b
May 19 01:30:25 metro Pluto[868]: | peer: 3f 59 31 d6
May 19 01:30:25 metro Pluto[868]: | state hash entry 29
May 19 01:30:25 metro Pluto[868]: | state object #1 found, in STATE_MAIN_I4
May 19 01:30:25 metro Pluto[868]: | computed Phase 2 IV:
May 19 01:30:25 metro Pluto[868]: | 62 bb 20 1d aa a8 ed 24 30 fa 9e 55 93 17 29 3d
May 19 01:30:25 metro Pluto[868]: | 18 79 10 a4
May 19 01:30:25 metro Pluto[868]: | received encrypted packet from 63.89.49.214:500
May 19 01:30:25 metro Pluto[868]: | decrypting 40 bytes using algorithm OAKLEY_3DES_CBC
May 19 01:30:25 metro Pluto[868]: | decrypted:
May 19 01:30:25 metro Pluto[868]: | 0b 00 00 18 8a 8d c9 98 4b 79 20 2f db c1 c5 79
May 19 01:30:25 metro Pluto[868]: | 10 5b b3 8a 1a fc f6 3e 00 00 00 10 00 00 00 01
May 19 01:30:25 metro Pluto[868]: | 03 04 00 0e 14 72 c1 23
May 19 01:30:25 metro Pluto[868]: | next IV: bf ad 82 57 8e b3 a8 2e
May 19 01:30:25 metro Pluto[868]: | ***parse ISAKMP Hash Payload:
May 19 01:30:25 metro Pluto[868]: | next payload type: ISAKMP_NEXT_N
May 19 01:30:25 metro Pluto[868]: | length: 24
May 19 01:30:25 metro Pluto[868]: | ***parse ISAKMP Notification Payload:
May 19 01:30:25 metro Pluto[868]: | next payload type: ISAKMP_NEXT_NONE
May 19 01:30:25 metro Pluto[868]: | length: 16
May 19 01:30:25 metro Pluto[868]: | DOI: ISAKMP_DOI_IPSEC
May 19 01:30:25 metro Pluto[868]: | protocol ID: 3
May 19 01:30:25 metro Pluto[868]: | SPI size: 4
May 19 01:30:25 metro Pluto[868]: | Notify Message Type: NO_PROPOSAL_CHOSEN
May 19 01:30:25 metro Pluto[868]: "worldpac" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN
May 19 01:30:25 metro Pluto[868]: | info: 14 72 c1 23
May 19 01:30:25 metro Pluto[868]: "worldpac" #1: received and ignored informational message
May 19 01:30:25 metro Pluto[868]: | next event EVENT_RETRANSMIT in 39 seconds for #2
May 19 01:30:31 metro Pluto[868]: |
May 19 01:30:31 metro Pluto[868]: | *received whack message
May 19 01:30:31 metro Pluto[868]: | next event EVENT_RETRANSMIT in 33 seconds for #2
May 19 01:30:58 metro Pluto[868]: |
May 19 01:30:58 metro Pluto[868]: | *received whack message
May 19 01:30:58 metro Pluto[868]: | next event EVENT_RETRANSMIT in 6 seconds for #2
----------------------------------------------------------

Here is my current /etc/ipsec.conf ...

----------------------------------------------------------
# /etc/ipsec.conf - FreeS/WAN IPsec configuration file

# More elaborate and more varied sample configurations can be found
# in FreeS/WAN's doc/examples file, and in the HTML documentation.

# basic configuration
config setup
        # THIS SETTING MUST BE CORRECT or almost nothing will work;
        # %defaultroute is okay for most simple cases.
        interfaces=%defaultroute
        # Debug-logging controls: "none" for (almost) none, "all" for lots.
        klipsdebug=all
        plutodebug=all
        #klipsdebug=none
        #plutodebug=none
        # Use auto= parameters in conn descriptions to control startup actions.
        # %search will process action specified in auto= for each conn
        plutoload=%search
        plutostart=%search
        # Close down old connection when new one using same ID shows up.
        uniqueids=yes

# defaults for subsequent connection descriptions
# (mostly to fix internal defaults which, in retrospect, were badly chosen)
conn %default
keyingtries=0
disablearrivalcheck=no
# authby=rsasig
# leftrsasigkey=%dns
# rightrsasigkey=%dns

conn worldpac
     type=transport
     keyexchange=ike
     auth=esp
     authby=secret
     pfs=no
     # right and left are prettymuch interchangeable, but no reason to
     # try to switch them. "right" is the ip of THIS machine.
     # "rightnexthop" is the ip of the gateway machine between
     # "right" and the rest of the internet
     right=12.27.12.116
     rightnexthop=12.27.12.97
     left=63.89.49.214
     auto=add
----------------------------------------------------------

Any clue...? I'm going to experiment with my ipsec.conf and try combinations based off from his log result to see if the policy is the problem. If not, then I'm going to double check my routing. Any other help is much appreciated.

Joshua Myner : MCP, MMCP
Systems Administrator / Application Developer
jmyner_at_gsite.com : (616)324-8231 Ext. 17
Granite Solutions http://www.gsite.com

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

Next message: jan0928: "*****SPAM***** [Users] The Visual FoxPro ODBC Driver. The driver will"
Previous message: Hanspeter Roth: "[Users] interoperability with Sidewinder"
Maybe in reply to: D. Hugh Redelmeier: "Re[4]: [Users] Freeswan Proposal Syntax"
Next in thread: Myner, Josh: "RE: Re[4]: [Users] Freeswan Proposal Syntax"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:04 CEST