Re: [Users] FreeS/Wan and Windows 2000

From: Angelica Delgado (angelicadel_at_yahoo.com)
Date: Sat Aug 10 2002 - 02:19:15 CEST

Previous message: Angelica Delgado: "Re: [Users] FreeS/Wan and Windows 2000"
In reply to: Andreas Steffen: "Re: [Users] FreeS/Wan and Windows 2000"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Andreas Steffen,

Thank you for your help. I enabled the oakley.log and
I got the following mistake:
8-09: 14:42:55:436:1e4 IKE authentication credentials
are unacceptable
Please, help. I am new in working with FreeS/Wan and
Windows 2000. Do you know what I did wrong?

Thanks in advance,
Angelica

oakley.log output
===================================================
8-09: 14:36:09:296:4fc Initialization OK
8-09: 14:38:01:296:4fc
isadb_schedule_kill_oldPolicy_sas:
c608899b-2cfc-4d11-85b6e277d2232b27 4
8-09: 14:38:01:296:4fc
isadb_schedule_kill_oldPolicy_sas:
42fb144b-c8ab-491f-a2b7ae95c07d71d4 4
8-09: 14:38:01:296:4fc
isadb_schedule_kill_oldPolicy_sas:
359e6805-3487-459d-a1d76fe85da21f17 3
8-09: 14:38:01:296:4fc
isadb_schedule_kill_oldPolicy_sas:
a831371a-2469-47ed-8d5da9484ca4c3b0 3
8-09: 14:38:01:296:4fc
isadb_schedule_kill_oldPolicy_sas:
cc236a18-3968-4b15-886174b8c4a414ed 1
8-09: 14:38:01:296:4fc
isadb_schedule_kill_oldPolicy_sas:
ea1a80e4-8419-4589-aa7a15063e9a97e8 2
8-09: 14:38:01:296:4fc
isadb_schedule_kill_oldPolicy_sas:
e9976ccb-e482-4790-bbd5f1e9a3031c3a 2
8-09: 14:38:01:311:288 entered kill_old_policy_sas
8-09: 14:38:01:311:288 entered kill_old_policy_sas
8-09: 14:38:01:311:288 entered kill_old_policy_sas
8-09: 14:38:01:311:288 entered kill_old_policy_sas
8-09: 14:38:01:311:288 entered kill_old_policy_sas
8-09: 14:38:01:311:288 entered kill_old_policy_sas
8-09: 14:38:01:311:288 entered kill_old_policy_sas
8-09: 14:40:55:217:544 Acquire from driver:
op=81AF59E0 src=172.16.0.30.0 dst=172.16.0.254.0 proto
= 0, SrcMask=255.255.255.255, DstMask=255.255.255.0,
Tunnel 1, TunnelEndpt=172.16.0.254 Inbound
TunnelEndpt=172.16.0.30
8-09: 14:40:55:233:1e4 Filter to match: Src
172.16.0.254 Dst 172.16.0.30
8-09: 14:40:55:249:1e4 MM PolicyName: 2
8-09: 14:40:55:249:1e4 MMPolicy dwFlags 2
SoftSAExpireTime 28800
8-09: 14:40:55:249:1e4 MMOffer[0] LifetimeSec 28800
QMLimit 1 DHGroup 2
8-09: 14:40:55:249:1e4 MMOffer[0] Encrypt: Triple DES
CBC Hash: SHA
8-09: 14:40:55:249:1e4 MMOffer[1] LifetimeSec 28800
QMLimit 1 DHGroup 2
8-09: 14:40:55:249:1e4 MMOffer[1] Encrypt: Triple DES
CBC Hash: MD5
8-09: 14:40:55:249:1e4 MMOffer[2] LifetimeSec 28800
QMLimit 1 DHGroup 1
8-09: 14:40:55:249:1e4 MMOffer[2] Encrypt: DES CBC
Hash: SHA
8-09: 14:40:55:249:1e4 MMOffer[3] LifetimeSec 28800
QMLimit 1 DHGroup 1
8-09: 14:40:55:249:1e4 MMOffer[3] Encrypt: DES CBC
Hash: MD5
8-09: 14:40:55:249:1e4 Auth[0]:RSA Sig C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu
8-09: 14:40:55:264:1e4 QM PolicyName: Host-test2
filter action dwFlags 1
8-09: 14:40:55:264:1e4 QMOffer[0] LifetimeKBytes
50000 LifetimeSec 3600
8-09: 14:40:55:264:1e4 QMOffer[0] dwFlags 0
dwPFSGroup 268435456
8-09: 14:40:55:264:1e4 Algo[0] Operation: ESP Algo:
Triple DES CBC HMAC: MD5
8-09: 14:40:55:264:1e4 Starting Negotiation: src =
172.16.0.30.0000, dst = 172.16.0.254.0500, proto = 00,
context = 81AF59E0, ProxySrc = 172.16.0.30.0000,
ProxyDst = 172.16.0.0.0000 SrcMask = 255.255.255.255
DstMask = 255.255.255.0
8-09: 14:40:55:264:1e4 constructing ISAKMP Header
8-09: 14:40:55:264:1e4 constructing SA (ISAKMP)
8-09: 14:40:55:264:1e4 Constructing Vendor
8-09: 14:40:55:264:1e4
8-09: 14:40:55:264:1e4 Sending: SA = 0x000AFF18 to
172.16.0.254:Type 2
8-09: 14:40:55:264:1e4 ISAKMP Header: (V1.0), len =
216
8-09: 14:40:55:264:1e4 I-COOKIE 5edcfb9afd38c69f
8-09: 14:40:55:264:1e4 R-COOKIE 0000000000000000
8-09: 14:40:55:264:1e4 exchange: Oakley Main Mode
8-09: 14:40:55:264:1e4 flags: 0
8-09: 14:40:55:264:1e4 next payload: SA
8-09: 14:40:55:264:1e4 message ID: 00000000
8-09: 14:41:00:30:1e4
8-09: 14:41:00:30:1e4 Receive: (get) SA = 0x000aff18
from 172.16.0.254
8-09: 14:41:00:30:1e4 ISAKMP Header: (V1.0), len = 84

8-09: 14:41:00:30:1e4 I-COOKIE 5edcfb9afd38c69f
8-09: 14:41:00:30:1e4 R-COOKIE 0f455177db95075a
8-09: 14:41:00:30:1e4 exchange: Oakley Main Mode
8-09: 14:41:00:30:1e4 flags: 0
8-09: 14:41:00:30:1e4 next payload: SA
8-09: 14:41:00:30:1e4 message ID: 00000000
8-09: 14:41:00:30:1e4 processing payload SA
8-09: 14:41:00:30:1e4 Received Phase 1 Transform 1
8-09: 14:41:00:30:1e4 Encryption Alg Triple DES
CBC(5)
8-09: 14:41:00:30:1e4 Hash Alg SHA(2)
8-09: 14:41:00:30:1e4 Oakley Group 2
8-09: 14:41:00:30:1e4 Auth Method RSA Signature
with Certificates(3)
8-09: 14:41:00:30:1e4 Life type in Seconds
8-09: 14:41:00:30:1e4 Life duration of 28800
8-09: 14:41:00:30:1e4 Phase 1 SA accepted:
transform=1
8-09: 14:41:00:30:1e4 SA - Oakley proposal accepted
8-09: 14:41:00:30:1e4 constructing ISAKMP Header
8-09: 14:41:00:92:54c Retransmit failed to find SA
8-09: 14:41:00:108:1e4 constructing KE
8-09: 14:41:00:108:1e4 constructing NONCE (ISAKMP)
8-09: 14:41:00:108:1e4
8-09: 14:41:00:108:1e4 Sending: SA = 0x000AFF18 to
172.16.0.254:Type 2
8-09: 14:41:00:108:1e4 ISAKMP Header: (V1.0), len =
184
8-09: 14:41:00:108:1e4 I-COOKIE 5edcfb9afd38c69f
8-09: 14:41:00:108:1e4 R-COOKIE 0f455177db95075a
8-09: 14:41:00:108:1e4 exchange: Oakley Main Mode
8-09: 14:41:00:108:1e4 flags: 0
8-09: 14:41:00:108:1e4 next payload: KE
8-09: 14:41:00:108:1e4 message ID: 00000000
8-09: 14:41:00:124:1e4
8-09: 14:41:00:124:1e4 Receive: (get) SA = 0x000aff18
from 172.16.0.254
8-09: 14:41:00:124:1e4 ISAKMP Header: (V1.0), len =
188
8-09: 14:41:00:124:1e4 I-COOKIE 5edcfb9afd38c69f
8-09: 14:41:00:124:1e4 R-COOKIE 0f455177db95075a
8-09: 14:41:00:124:1e4 exchange: Oakley Main Mode
8-09: 14:41:00:124:1e4 flags: 0
8-09: 14:41:00:124:1e4 next payload: KE
8-09: 14:41:00:124:1e4 message ID: 00000000
8-09: 14:41:00:124:1e4 processing payload KE
8-09: 14:41:00:155:1e4 processing payload NONCE
8-09: 14:41:00:155:1e4 processing payload CRP
8-09: 14:41:00:155:1e4 constructing ISAKMP Header
8-09: 14:41:00:155:1e4 constructing ID
8-09: 14:41:00:155:1e4 Received no valid CRPs. Using
all configured
8-09: 14:41:00:155:1e4 Looking for IPSec only cert
8-09: 14:41:00:217:1e4 Cert Trustes. 0 100
8-09: 14:41:00:217:1e4 CertFindExtenstion failed with
0

8-09: 14:41:00:327:1e4 Entered CRL check
8-09: 14:41:00:327:1e4 Left CRL check
8-09: 14:41:00:327:1e4 Cert SHA Thumbprint
2dd078d7972afb5ff0c6287944331cdb
8-09: 14:41:00:327:1e4 80c32584
8-09: 14:41:00:327:1e4 SubjectName: C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=AIRE,
E=angelicadel_at_yahoo.com
8-09: 14:41:00:327:1e4 Cert Serialnumber 05
8-09: 14:41:00:327:1e4 Cert SHA Thumbprint
2dd078d7972afb5ff0c6287944331cdb
8-09: 14:41:00:327:1e4 80c32584
8-09: 14:41:00:327:1e4 SubjectName: C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu
8-09: 14:41:00:327:1e4 Cert Serialnumber 00
8-09: 14:41:00:327:1e4 Cert SHA Thumbprint
00dc8ef5ad8dd276652bb7ea90f1bd3f
8-09: 14:41:00:327:1e4 2562a3b7
8-09: 14:41:00:342:1e4 constructing CERT
8-09: 14:41:00:342:1e4 Construct SIG
8-09: 14:41:00:389:1e4 Constructing Cert Request
8-09: 14:41:00:389:1e4 C=US, S=Texas, L=Brownsville,
O=UTB, OU=CS, CN=EMG, E=adelgado_at_utb.edu
8-09: 14:41:00:389:1e4
8-09: 14:41:00:389:1e4 Sending: SA = 0x000AFF18 to
172.16.0.254:Type 2
8-09: 14:41:00:389:1e4 ISAKMP Header: (V1.0), len =
1716
8-09: 14:41:00:389:1e4 I-COOKIE 5edcfb9afd38c69f
8-09: 14:41:00:389:1e4 R-COOKIE 0f455177db95075a
8-09: 14:41:00:389:1e4 exchange: Oakley Main Mode
8-09: 14:41:00:389:1e4 flags: 1 ( encrypted )
8-09: 14:41:00:389:1e4 next payload: ID
8-09: 14:41:00:389:1e4 message ID: 00000000
8-09: 14:41:01:389:54c retransmit: sa = 000AFF18
centry 00000000 , count = 1
8-09: 14:41:01:389:54c
8-09: 14:41:01:389:54c Sending: SA = 0x000AFF18 to
172.16.0.254:Type 2
8-09: 14:41:01:389:54c ISAKMP Header: (V1.0), len =
1716
8-09: 14:41:01:389:54c I-COOKIE 5edcfb9afd38c69f
8-09: 14:41:01:389:54c R-COOKIE 0f455177db95075a
8-09: 14:41:01:389:54c exchange: Oakley Main Mode
8-09: 14:41:01:389:54c flags: 1 ( encrypted )
8-09: 14:41:01:389:54c next payload: ID
8-09: 14:41:01:389:54c message ID: 00000000
8-09: 14:41:03:389:54c retransmit: sa = 000AFF18
centry 00000000 , count = 2
8-09: 14:41:03:389:54c
8-09: 14:41:03:389:54c Sending: SA = 0x000AFF18 to
172.16.0.254:Type 2
8-09: 14:41:03:389:54c ISAKMP Header: (V1.0), len =
1716
8-09: 14:41:03:389:54c I-COOKIE 5edcfb9afd38c69f
8-09: 14:41:03:389:54c R-COOKIE 0f455177db95075a
8-09: 14:41:03:389:54c exchange: Oakley Main Mode
8-09: 14:41:03:389:54c flags: 1 ( encrypted )
8-09: 14:41:03:389:54c next payload: ID
8-09: 14:41:03:389:54c message ID: 00000000
8-09: 14:41:07:389:54c retransmit: sa = 000AFF18
centry 00000000 , count = 3
8-09: 14:41:07:389:54c
8-09: 14:41:07:389:54c Sending: SA = 0x000AFF18 to
172.16.0.254:Type 2
8-09: 14:41:07:389:54c ISAKMP Header: (V1.0), len =
1716
8-09: 14:41:07:389:54c I-COOKIE 5edcfb9afd38c69f
8-09: 14:41:07:389:54c R-COOKIE 0f455177db95075a
8-09: 14:41:07:389:54c exchange: Oakley Main Mode
8-09: 14:41:07:389:54c flags: 1 ( encrypted )
8-09: 14:41:07:389:54c next payload: ID
8-09: 14:41:07:389:54c message ID: 00000000
8-09: 14:41:07:452:1e4
8-09: 14:41:07:452:1e4 Receive: (get) SA = 0x000aff18
from 172.16.0.254
8-09: 14:41:07:452:1e4 ISAKMP Header: (V1.0), len =
1564
8-09: 14:41:07:452:1e4 I-COOKIE 5edcfb9afd38c69f
8-09: 14:41:07:452:1e4 R-COOKIE 0f455177db95075a
8-09: 14:41:07:452:1e4 exchange: Oakley Main Mode
8-09: 14:41:07:452:1e4 flags: 1 ( encrypted )
8-09: 14:41:07:452:1e4 next payload: ID
8-09: 14:41:07:452:1e4 message ID: 00000000
8-09: 14:41:07:452:1e4 processing payload ID
8-09: 14:41:07:452:1e4 processing payload CERT
8-09: 14:41:07:452:1e4 processing payload SIG
8-09: 14:41:07:452:1e4 Verifying CertStore
8-09: 14:41:07:452:1e4 SubjectName: C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu
8-09: 14:41:07:452:1e4 Cert Serialnumber 01
8-09: 14:41:07:452:1e4 Cert SHA Thumbprint
d81560d3d477c2e77dfbf817930507df
8-09: 14:41:07:452:1e4 ece83595
8-09: 14:41:07:452:1e4 Trust failed. 28 0
8-09: 14:41:07:452:1e4 Cert Trustes. 28 0
8-09: 14:41:07:452:1e4 SubjectName: C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu
8-09: 14:41:07:452:1e4 Cert Serialnumber 01
8-09: 14:41:07:452:1e4 Cert SHA Thumbprint
d81560d3d477c2e77dfbf817930507df
8-09: 14:41:07:452:1e4 ece83595
8-09: 14:41:07:452:1e4 Cert SHA Thumbprint
d81560d3d477c2e77dfbf817930507df
8-09: 14:41:07:452:1e4 ece83595
8-09: 14:41:07:452:1e4 Certificate based Identity.

Peer Subject C=US, S=Texas, L=Brownsville, O=UTB,
OU=CS, CN=EMG, E=adelgado_at_utb.edu

Peer SHA Thumbprint
d81560d3d477c2e77dfbf817930507dfece83595

Peer Issuing Certificate Authority C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu

Root Certificate Authority C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu

My Subject C=US, S=Texas, L=Brownsville, O=UTB, OU=CS,
CN=AIRE, E=angelicadel_at_yahoo.com

My SHA Thumbprint
2dd078d7972afb5ff0c6287944331cdb80c32584

Peer IP Address: 172.16.0.254

8-09: 14:41:07:452:1e4 Source IP Address 172.16.0.30

Source IP Address Mask 255.255.255.255

Destination IP Address 172.16.0.254

Destination IP Address Mask 255.255.255.255

Protocol 0

Source Port 0

Destination Port 0

IKE Local Addr

IKE Peer Addr

8-09: 14:41:07:452:1e4 isadb_set_status sa:000AFF18
centry:00000000 status 35e9
8-09: 14:41:07:467:1e4 Key Exchange Mode (Main Mode)

8-09: 14:41:07:467:1e4 Source IP Address 172.16.0.30

Source IP Address Mask 255.255.255.255

Destination IP Address 172.16.0.254

Destination IP Address Mask 255.255.255.255

Protocol 0

Source Port 0

Destination Port 0

IKE Local Addr

IKE Peer Addr

8-09: 14:41:07:467:1e4 Certificate based Identity.

Peer Subject C=US, S=Texas, L=Brownsville, O=UTB,
OU=CS, CN=EMG, E=adelgado_at_utb.edu

Peer SHA Thumbprint
d81560d3d477c2e77dfbf817930507dfece83595

Peer Issuing Certificate Authority C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu

Root Certificate Authority C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu

My Subject C=US, S=Texas, L=Brownsville, O=UTB, OU=CS,
CN=AIRE, E=angelicadel_at_yahoo.com

My SHA Thumbprint
2dd078d7972afb5ff0c6287944331cdb80c32584

Peer IP Address: 172.16.0.254

8-09: 14:41:07:467:1e4 Me

8-09: 14:41:07:467:1e4 IKE authentication credentials
are unacceptable

8-09: 14:41:07:467:1e4 0x0 0x0
8-09: 14:41:07:467:1e4 ProcessFailure: sa:000AFF18
centry:00000000 status:35e9
8-09: 14:41:07:467:1e4 Not creating notify.
8-09: 14:42:54:311:1e4 SA Dead. sa:000AFF18
status:35f0
8-09: 14:42:54:311:1e4 constructing ISAKMP Header
8-09: 14:42:54:311:1e4 constructing HASH (null)
8-09: 14:42:54:311:1e4 constructing DELETE. MM
000AFF18
8-09: 14:42:54:311:1e4 constructing HASH
(Notify/Delete)
8-09: 14:42:54:311:1e4
8-09: 14:42:54:311:1e4 Sending: SA = 0x000AFF18 to
172.16.0.254:Type 1
8-09: 14:42:54:311:1e4 ISAKMP Header: (V1.0), len =
84
8-09: 14:42:54:311:1e4 I-COOKIE 5edcfb9afd38c69f
8-09: 14:42:54:311:1e4 R-COOKIE 0f455177db95075a
8-09: 14:42:54:311:1e4 exchange: ISAKMP
Informational Exchange
8-09: 14:42:54:311:1e4 flags: 1 ( encrypted )
8-09: 14:42:54:311:1e4 next payload: HASH
8-09: 14:42:54:311:1e4 message ID: 96c8ee2f
8-09: 14:42:55:202:544 Acquire from driver:
op=81B7DD00 src=172.16.0.30.0 dst=172.16.0.254.0 proto
= 0, SrcMask=255.255.255.255, DstMask=255.255.255.0,
Tunnel 1, TunnelEndpt=172.16.0.254 Inbound
TunnelEndpt=172.16.0.30
8-09: 14:42:55:202:1e4 Filter to match: Src
172.16.0.254 Dst 172.16.0.30
8-09: 14:42:55:202:1e4 MM PolicyName: 2
8-09: 14:42:55:202:1e4 MMPolicy dwFlags 2
SoftSAExpireTime 28800
8-09: 14:42:55:202:1e4 MMOffer[0] LifetimeSec 28800
QMLimit 1 DHGroup 2
8-09: 14:42:55:202:1e4 MMOffer[0] Encrypt: Triple DES
CBC Hash: SHA
8-09: 14:42:55:202:1e4 MMOffer[1] LifetimeSec 28800
QMLimit 1 DHGroup 2
8-09: 14:42:55:202:1e4 MMOffer[1] Encrypt: Triple DES
CBC Hash: MD5
8-09: 14:42:55:202:1e4 MMOffer[2] LifetimeSec 28800
QMLimit 1 DHGroup 1
8-09: 14:42:55:202:1e4 MMOffer[2] Encrypt: DES CBC
Hash: SHA
8-09: 14:42:55:202:1e4 MMOffer[3] LifetimeSec 28800
QMLimit 1 DHGroup 1
8-09: 14:42:55:202:1e4 MMOffer[3] Encrypt: DES CBC
Hash: MD5
8-09: 14:42:55:202:1e4 Auth[0]:RSA Sig C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu
8-09: 14:42:55:202:1e4 QM PolicyName: Host-test2
filter action dwFlags 1
8-09: 14:42:55:202:1e4 QMOffer[0] LifetimeKBytes
50000 LifetimeSec 3600
8-09: 14:42:55:202:1e4 QMOffer[0] dwFlags 0
dwPFSGroup 268435456
8-09: 14:42:55:202:1e4 Algo[0] Operation: ESP Algo:
Triple DES CBC HMAC: MD5
8-09: 14:42:55:202:1e4 Starting Negotiation: src =
172.16.0.30.0000, dst = 172.16.0.254.0500, proto = 00,
context = 81B7DD00, ProxySrc = 172.16.0.30.0000,
ProxyDst = 172.16.0.0.0000 SrcMask = 255.255.255.255
DstMask = 255.255.255.0
8-09: 14:42:55:202:1e4 constructing ISAKMP Header
8-09: 14:42:55:202:1e4 constructing SA (ISAKMP)
8-09: 14:42:55:202:1e4 Constructing Vendor
8-09: 14:42:55:202:1e4
8-09: 14:42:55:202:1e4 Sending: SA = 0x000AFF18 to
172.16.0.254:Type 2
8-09: 14:42:55:202:1e4 ISAKMP Header: (V1.0), len =
216
8-09: 14:42:55:202:1e4 I-COOKIE 83d5234854bd5602
8-09: 14:42:55:202:1e4 R-COOKIE 0000000000000000
8-09: 14:42:55:202:1e4 exchange: Oakley Main Mode
8-09: 14:42:55:202:1e4 flags: 0
8-09: 14:42:55:202:1e4 next payload: SA
8-09: 14:42:55:202:1e4 message ID: 00000000
8-09: 14:42:55:202:1e4
8-09: 14:42:55:202:1e4 Receive: (get) SA = 0x000aff18
from 172.16.0.254
8-09: 14:42:55:202:1e4 ISAKMP Header: (V1.0), len =
84
8-09: 14:42:55:202:1e4 I-COOKIE 83d5234854bd5602
8-09: 14:42:55:202:1e4 R-COOKIE 7f1b8341c1e36568
8-09: 14:42:55:202:1e4 exchange: Oakley Main Mode
8-09: 14:42:55:202:1e4 flags: 0
8-09: 14:42:55:202:1e4 next payload: SA
8-09: 14:42:55:202:1e4 message ID: 00000000
8-09: 14:42:55:202:1e4 processing payload SA
8-09: 14:42:55:202:1e4 Received Phase 1 Transform 1
8-09: 14:42:55:202:1e4 Encryption Alg Triple DES
CBC(5)
8-09: 14:42:55:202:1e4 Hash Alg SHA(2)
8-09: 14:42:55:202:1e4 Oakley Group 2
8-09: 14:42:55:202:1e4 Auth Method RSA Signature
with Certificates(3)
8-09: 14:42:55:202:1e4 Life type in Seconds
8-09: 14:42:55:202:1e4 Life duration of 28800
8-09: 14:42:55:202:1e4 Phase 1 SA accepted:
transform=1
8-09: 14:42:55:202:1e4 SA - Oakley proposal accepted
8-09: 14:42:55:202:1e4 constructing ISAKMP Header
8-09: 14:42:55:264:1e4 constructing KE
8-09: 14:42:55:264:1e4 constructing NONCE (ISAKMP)
8-09: 14:42:55:264:1e4
8-09: 14:42:55:264:1e4 Sending: SA = 0x000AFF18 to
172.16.0.254:Type 2
8-09: 14:42:55:264:1e4 ISAKMP Header: (V1.0), len =
184
8-09: 14:42:55:264:1e4 I-COOKIE 83d5234854bd5602
8-09: 14:42:55:264:1e4 R-COOKIE 7f1b8341c1e36568
8-09: 14:42:55:264:1e4 exchange: Oakley Main Mode
8-09: 14:42:55:264:1e4 flags: 0
8-09: 14:42:55:264:1e4 next payload: KE
8-09: 14:42:55:264:1e4 message ID: 00000000
8-09: 14:42:55:280:1e4
8-09: 14:42:55:280:1e4 Receive: (get) SA = 0x000aff18
from 172.16.0.254
8-09: 14:42:55:280:1e4 ISAKMP Header: (V1.0), len =
188
8-09: 14:42:55:280:1e4 I-COOKIE 83d5234854bd5602
8-09: 14:42:55:280:1e4 R-COOKIE 7f1b8341c1e36568
8-09: 14:42:55:280:1e4 exchange: Oakley Main Mode
8-09: 14:42:55:280:1e4 flags: 0
8-09: 14:42:55:280:1e4 next payload: KE
8-09: 14:42:55:280:1e4 message ID: 00000000
8-09: 14:42:55:280:1e4 processing payload KE
8-09: 14:42:55:311:1e4 processing payload NONCE
8-09: 14:42:55:311:1e4 processing payload CRP
8-09: 14:42:55:311:1e4 constructing ISAKMP Header
8-09: 14:42:55:311:1e4 constructing ID
8-09: 14:42:55:311:1e4 Received no valid CRPs. Using
all configured
8-09: 14:42:55:311:1e4 Looking for IPSec only cert
8-09: 14:42:55:311:1e4 Cert Trustes. 0 100
8-09: 14:42:55:311:1e4 CertFindExtenstion failed with
0

8-09: 14:42:55:311:1e4 Entered CRL check
8-09: 14:42:55:311:1e4 Left CRL check
8-09: 14:42:55:311:1e4 Cert SHA Thumbprint
2dd078d7972afb5ff0c6287944331cdb
8-09: 14:42:55:311:1e4 80c32584
8-09: 14:42:55:311:1e4 SubjectName: C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=AIRE,
E=angelicadel_at_yahoo.com
8-09: 14:42:55:311:1e4 Cert Serialnumber 05
8-09: 14:42:55:311:1e4 Cert SHA Thumbprint
2dd078d7972afb5ff0c6287944331cdb
8-09: 14:42:55:311:1e4 80c32584
8-09: 14:42:55:311:1e4 SubjectName: C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu
8-09: 14:42:55:311:1e4 Cert Serialnumber 00
8-09: 14:42:55:311:1e4 Cert SHA Thumbprint
00dc8ef5ad8dd276652bb7ea90f1bd3f
8-09: 14:42:55:311:1e4 2562a3b7
8-09: 14:42:55:311:1e4 constructing CERT
8-09: 14:42:55:311:1e4 Construct SIG
8-09: 14:42:55:358:1e4 Constructing Cert Request
8-09: 14:42:55:358:1e4 C=US, S=Texas, L=Brownsville,
O=UTB, OU=CS, CN=EMG, E=adelgado_at_utb.edu
8-09: 14:42:55:358:1e4
8-09: 14:42:55:358:1e4 Sending: SA = 0x000AFF18 to
172.16.0.254:Type 2
8-09: 14:42:55:358:1e4 ISAKMP Header: (V1.0), len =
1716
8-09: 14:42:55:358:1e4 I-COOKIE 83d5234854bd5602
8-09: 14:42:55:358:1e4 R-COOKIE 7f1b8341c1e36568
8-09: 14:42:55:358:1e4 exchange: Oakley Main Mode
8-09: 14:42:55:358:1e4 flags: 1 ( encrypted )
8-09: 14:42:55:358:1e4 next payload: ID
8-09: 14:42:55:358:1e4 message ID: 00000000
8-09: 14:42:55:421:1e4
8-09: 14:42:55:421:1e4 Receive: (get) SA = 0x000aff18
from 172.16.0.254
8-09: 14:42:55:421:1e4 ISAKMP Header: (V1.0), len =
1564
8-09: 14:42:55:421:1e4 I-COOKIE 83d5234854bd5602
8-09: 14:42:55:421:1e4 R-COOKIE 7f1b8341c1e36568
8-09: 14:42:55:421:1e4 exchange: Oakley Main Mode
8-09: 14:42:55:421:1e4 flags: 1 ( encrypted )
8-09: 14:42:55:421:1e4 next payload: ID
8-09: 14:42:55:421:1e4 message ID: 00000000
8-09: 14:42:55:421:1e4 processing payload ID
8-09: 14:42:55:421:1e4 processing payload CERT
8-09: 14:42:55:421:1e4 processing payload SIG
8-09: 14:42:55:421:1e4 Verifying CertStore
8-09: 14:42:55:421:1e4 SubjectName: C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu
8-09: 14:42:55:421:1e4 Cert Serialnumber 01
8-09: 14:42:55:421:1e4 Cert SHA Thumbprint
d81560d3d477c2e77dfbf817930507df
8-09: 14:42:55:421:1e4 ece83595
8-09: 14:42:55:421:1e4 Trust failed. 28 0
8-09: 14:42:55:421:1e4 Cert Trustes. 28 0
8-09: 14:42:55:421:1e4 SubjectName: C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu
8-09: 14:42:55:421:1e4 Cert Serialnumber 01
8-09: 14:42:55:421:1e4 Cert SHA Thumbprint
d81560d3d477c2e77dfbf817930507df
8-09: 14:42:55:421:1e4 ece83595
8-09: 14:42:55:436:1e4 Cert SHA Thumbprint
d81560d3d477c2e77dfbf817930507df
8-09: 14:42:55:436:1e4 ece83595
8-09: 14:42:55:436:1e4 Certificate based Identity.

Peer Subject C=US, S=Texas, L=Brownsville, O=UTB,
OU=CS, CN=EMG, E=adelgado_at_utb.edu

Peer SHA Thumbprint
d81560d3d477c2e77dfbf817930507dfece83595

Peer Issuing Certificate Authority C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu

Root Certificate Authority C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu

My Subject C=US, S=Texas, L=Brownsville, O=UTB, OU=CS,
CN=AIRE, E=angelicadel_at_yahoo.com

My SHA Thumbprint
2dd078d7972afb5ff0c6287944331cdb80c32584

Peer IP Address: 172.16.0.254

8-09: 14:42:55:436:1e4 Source IP Address 172.16.0.30

Source IP Address Mask 255.255.255.255

Destination IP Address 172.16.0.254

Destination IP Address Mask 255.255.255.255

Protocol 0

Source Port 0

Destination Port 0

IKE Local Addr

IKE Peer Addr

8-09: 14:42:55:436:1e4 isadb_set_status sa:000AFF18
centry:00000000 status 35e9
8-09: 14:42:55:436:1e4 Key Exchange Mode (Main Mode)

8-09: 14:42:55:436:1e4 Source IP Address 172.16.0.30

Source IP Address Mask 255.255.255.255

Destination IP Address 172.16.0.254

Destination IP Address Mask 255.255.255.255

Protocol 0

Source Port 0

Destination Port 0

IKE Local Addr

IKE Peer Addr

8-09: 14:42:55:436:1e4 Certificate based Identity.

Peer Subject C=US, S=Texas, L=Brownsville, O=UTB,
OU=CS, CN=EMG, E=adelgado_at_utb.edu

Peer SHA Thumbprint
d81560d3d477c2e77dfbf817930507dfece83595

Peer Issuing Certificate Authority C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu

Root Certificate Authority C=US, S=Texas,
L=Brownsville, O=UTB, OU=CS, CN=EMG,
E=adelgado_at_utb.edu

My Subject C=US, S=Texas, L=Brownsville, O=UTB, OU=CS,
CN=AIRE, E=angelicadel_at_yahoo.com

My SHA Thumbprint
2dd078d7972afb5ff0c6287944331cdb80c32584

Peer IP Address: 172.16.0.254

8-09: 14:42:55:436:1e4 Me

8-09: 14:42:55:436:1e4 IKE authentication credentials
are unacceptable

8-09: 14:42:55:436:1e4 0x0 0x0
8-09: 14:42:55:436:1e4 ProcessFailure: sa:000AFF18
centry:00000000 status:35e9
8-09: 14:42:55:436:1e4 Not creating notify.
=====================================================

--- Andreas Steffen <andreas.steffen_at_strongsec.net>
wrote:
> Hi Angelica,
>
> On the FreeS/WAN side everything seems ok. It is W2k
> that
> has a problem with FreeSW/ANs certificate. Please
> enable
> the oakley.log in the Windows registry and look for
> errors there.
>
> Regards
>
> Andreas
>
> Angelica Delgado wrote:
> > hi:
> > I have a Linux FreeS/WAN gateway (172.16.0.254)
> with
> > 2.4.18-3ipsec RedHat 7.3 and FreeS/WAN version
> 1.98b.
> > I am trying to get W2K computer (172.16.0.30) work
> > with it. W2K machine is using ipsec MARCUS
> toolkit.
> > It goes through Phase 1 (main mode) and cannot
> proceed
> > to Phase 2. The message in /var/log/secure is
> > "...sent MR3, ISAKMP SA established."
> >
> > The output of "ipsec barf" is as follows...
> followed
> > by W2K config... Please help:
> >
> > Thanks.
> >
> > Angelica
>
>
======================================================================
> Andreas Steffen e-mail:
> andreas.steffen_at_strongsec.com
> strongSec GmbH phone: +41 76 340
> 25 56
> Alter Z�richweg 20 home:
> http://www.strongsec.com
> CH-8952 Schlieren (Switzerland)
> ==========================================[strong
> internet security]==
>
> _______________________________________________
> Users mailing list
> Users_at_lists.freeswan.org
> http://lists.freeswan.org/mailman/listinfo/users

__________________________________________________
Do You Yahoo!?
HotJobs - Search Thousands of New Jobs
http://www.hotjobs.com
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

Previous message: Angelica Delgado: "Re: [Users] FreeS/Wan and Windows 2000"
In reply to: Andreas Steffen: "Re: [Users] FreeS/Wan and Windows 2000"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Aug 10 2002 - 05:19:46 CEST