[Users] Windows XP Problems II

From: Krishna Oliveira de Hollanda Padilha (krishna_at_padilha.com)
Date: Thu Nov 07 2002 - 17:25:48 CET

• Next message: Ken Bantoft: "Re: [Users] Message on secure log - no acceptable Oakley Transform policy does not allow OAKLEY_PRESHARED_KEY authentication"
• Previous message: Billy Mullins: "[Users] Re: [Bugs] Using/Compiling Superfreeswan 1.99 kb1"
• In reply to: Arthur L. Mandalho: "[Users] Message on secure log - no acceptable Oakley Transform policy does not allow OAKLEY_PRESHARED_KEY authentication"
• Next in thread: fdo_montenegro: "[Users] Compile ERROR in Super-Freeswan-1.99_kb1 (make menumod)"
• Reply: fdo_montenegro: "[Users] Compile ERROR in Super-Freeswan-1.99_kb1 (make menumod)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

I think that I had configured the WinXP ok...
But I'm still having problems to estabilish
Connection... On the freeswan side I get no information
about any connection from my xp roadwarrior...

the a output of Oakley.log is below.. if someone
can help me, I will be very thankfully....

Krishna Padilha

11-07: 14:20:04:764:7dc Acquire from driver: op=82717238
src=192.168.200.100.0 dst=200.198.94.170.0 proto = 0,
SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 1,
TunnelEndpt=200.198.94.170 Inbound TunnelEndpt=192.168.200.100
11-07: 14:20:04:774:a44 Filter to match: Src 200.198.94.170 Dst
192.168.200.100
11-07: 14:20:04:794:a44 MM PolicyName: 4
11-07: 14:20:04:794:a44 MMPolicy dwFlags 2 SoftSAExpireTime 28800
11-07: 14:20:04:794:a44 MMOffer[0] LifetimeSec 28800 QMLimit 1 DHGroup 2
11-07: 14:20:04:804:a44 MMOffer[0] Encrypt: Triplo DES CBC Hash: SHA
11-07: 14:20:04:804:a44 MMOffer[1] LifetimeSec 28800 QMLimit 1 DHGroup 2
11-07: 14:20:04:804:a44 MMOffer[1] Encrypt: Triplo DES CBC Hash: MD5
11-07: 14:20:04:804:a44 MMOffer[2] LifetimeSec 28800 QMLimit 1 DHGroup 1
11-07: 14:20:04:804:a44 MMOffer[2] Encrypt: DES CBC Hash: SHA
11-07: 14:20:04:804:a44 MMOffer[3] LifetimeSec 28800 QMLimit 1 DHGroup 1
11-07: 14:20:04:804:a44 MMOffer[3] Encrypt: DES CBC Hash: MD5
11-07: 14:20:04:824:a44 Auth[0]:RSA Sig C=BR, S=Minas Gerais, L=Belo
Horizonte, O=Laboratorio Hermes Pardini, CN=HPARDINI,
E=admin_at_labhpardini.com.br
11-07: 14:20:04:824:a44 QM PolicyName: Host-roadwarrior filter action
dwFlags 1
11-07: 14:20:04:824:a44 QMOffer[0] LifetimeKBytes 50000 LifetimeSec 3600
11-07: 14:20:04:824:a44 QMOffer[0] dwFlags 0 dwPFSGroup 268435456
11-07: 14:20:04:824:a44 Algo[0] Operation: ESP Algo: Triplo DES CBC
HMAC: MD5
11-07: 14:20:04:824:a44 Starting Negotiation: src =
192.168.200.100.0000, dst = 200.198.94.170.0500, proto = 00, context =
82717238, ProxySrc = 192.168.200.100.0000, ProxyDst =
200.198.94.170.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.255
11-07: 14:20:04:824:a44 constructing ISAKMP Header
11-07: 14:20:04:824:a44 constructing SA (ISAKMP)
11-07: 14:20:04:824:a44 Constructing Vendor
11-07: 14:20:04:824:a44
11-07: 14:20:04:824:a44 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:04:824:a44 ISAKMP Header: (V1.0), len = 216
11-07: 14:20:04:824:a44 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:04:824:a44 R-COOKIE 0000000000000000
11-07: 14:20:04:824:a44 exchange: Oakley Main Mode
11-07: 14:20:04:824:a44 flags: 0
11-07: 14:20:04:824:a44 next payload: SA
11-07: 14:20:04:824:a44 message ID: 00000000
11-07: 14:20:05:835:7e4 retransmit: sa = 000D4180 centry 00000000 ,
count = 1
11-07: 14:20:05:835:7e4
11-07: 14:20:05:835:7e4 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:05:835:7e4 ISAKMP Header: (V1.0), len = 216
11-07: 14:20:05:835:7e4 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:05:835:7e4 R-COOKIE 0000000000000000
11-07: 14:20:05:835:7e4 exchange: Oakley Main Mode
11-07: 14:20:05:835:7e4 flags: 0
11-07: 14:20:05:835:7e4 next payload: SA
11-07: 14:20:05:835:7e4 message ID: 00000000
11-07: 14:20:06:737:a44
11-07: 14:20:06:737:a44 Receive: (get) SA = 0x000d4180 from
200.198.94.170
11-07: 14:20:06:737:a44 ISAKMP Header: (V1.0), len = 84
11-07: 14:20:06:737:a44 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:06:737:a44 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:06:737:a44 exchange: Oakley Main Mode
11-07: 14:20:06:737:a44 flags: 0
11-07: 14:20:06:737:a44 next payload: SA
11-07: 14:20:06:737:a44 message ID: 00000000
11-07: 14:20:06:737:a44 processing payload SA
11-07: 14:20:06:737:a44 Received Phase 1 Transform 1
11-07: 14:20:06:737:a44 Encryption Alg Triplo DES CBC(5)
11-07: 14:20:06:737:a44 Hash Alg SHA(2)
11-07: 14:20:06:737:a44 Oakley Group 2
11-07: 14:20:06:737:a44 Auth Method Assinatura RSA com Certificados
(3)
11-07: 14:20:06:737:a44 Life type in Seconds
11-07: 14:20:06:737:a44 Life duration of 28800
11-07: 14:20:06:737:a44 Phase 1 SA accepted: transform=1
11-07: 14:20:06:737:a44 SA - Oakley proposal accepted
11-07: 14:20:06:737:a44 constructing ISAKMP Header
11-07: 14:20:06:767:a44 constructing KE
11-07: 14:20:06:767:a44 constructing NONCE (ISAKMP)
11-07: 14:20:06:767:a44
11-07: 14:20:06:767:a44 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:06:767:a44 ISAKMP Header: (V1.0), len = 184
11-07: 14:20:06:767:a44 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:06:767:a44 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:06:767:a44 exchange: Oakley Main Mode
11-07: 14:20:06:767:a44 flags: 0
11-07: 14:20:06:767:a44 next payload: KE
11-07: 14:20:06:767:a44 message ID: 00000000
11-07: 14:20:07:127:474 fill_isakmp: SA 000D4180 not finished
11-07: 14:20:07:768:7e4 retransmit: sa = 000D4180 centry 00000000 ,
count = 1
11-07: 14:20:07:768:7e4
11-07: 14:20:07:768:7e4 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:07:768:7e4 ISAKMP Header: (V1.0), len = 184
11-07: 14:20:07:768:7e4 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:07:768:7e4 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:07:768:7e4 exchange: Oakley Main Mode
11-07: 14:20:07:768:7e4 flags: 0
11-07: 14:20:07:768:7e4 next payload: KE
11-07: 14:20:07:768:7e4 message ID: 00000000
11-07: 14:20:08:669:a44
11-07: 14:20:08:669:a44 Receive: (get) SA = 0x00000000 from
200.198.94.170
11-07: 14:20:08:669:a44 ISAKMP Header: (V1.0), len = 84
11-07: 14:20:08:669:a44 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:08:669:a44 R-COOKIE e8feeadf94fd6ed1
11-07: 14:20:08:669:a44 exchange: Oakley Main Mode
11-07: 14:20:08:669:a44 flags: 0
11-07: 14:20:08:669:a44 next payload: SA
11-07: 14:20:08:669:a44 message ID: 00000000
11-07: 14:20:08:669:a44 Responder received header with responder cookie
non-zero
11-07: 14:20:08:669:a44 Responding with new SA 0
11-07: 14:20:08:669:a44 HandleFirstPacketResponder failed 3616
11-07: 14:20:08:669:a44 constructing ISAKMP Header
11-07: 14:20:08:669:a44 constructing NOTIFY 4
11-07: 14:20:08:669:a44 ProcessFailure: sa:0093F968 centry:00000000
status:3616
11-07: 14:20:08:669:a44 Notify already constructed. Ignoring. Sa
0093F968
11-07: 14:20:08:669:a44
11-07: 14:20:08:669:a44 Sending: SA = 0x0093F968 to 200.198.94.170:Type
1
11-07: 14:20:08:669:a44 ISAKMP Header: (V1.0), len = 56
11-07: 14:20:08:669:a44 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:08:669:a44 R-COOKIE e8feeadf94fd6ed1
11-07: 14:20:08:669:a44 exchange: ISAKMP Informational Exchange
11-07: 14:20:08:669:a44 flags: 0
11-07: 14:20:08:669:a44 next payload: NOTIFY
11-07: 14:20:08:669:a44 message ID: 96353591
11-07: 14:20:09:771:7e4 retransmit: sa = 000D4180 centry 00000000 ,
count = 2
11-07: 14:20:09:771:7e4
11-07: 14:20:09:771:7e4 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:09:771:7e4 ISAKMP Header: (V1.0), len = 184
11-07: 14:20:09:771:7e4 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:09:771:7e4 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:09:771:7e4 exchange: Oakley Main Mode
11-07: 14:20:09:771:7e4 flags: 0
11-07: 14:20:09:771:7e4 next payload: KE
11-07: 14:20:09:771:7e4 message ID: 00000000
11-07: 14:20:10:873:a44
11-07: 14:20:10:873:a44 Receive: (get) SA = 0x000d4180 from
200.198.94.170
11-07: 14:20:10:873:a44 ISAKMP Header: (V1.0), len = 188
11-07: 14:20:10:873:a44 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:10:873:a44 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:10:873:a44 exchange: Oakley Main Mode
11-07: 14:20:10:873:a44 flags: 0
11-07: 14:20:10:873:a44 next payload: KE
11-07: 14:20:10:873:a44 message ID: 00000000
11-07: 14:20:10:873:a44 processing payload KE
11-07: 14:20:10:883:a44 processing payload NONCE
11-07: 14:20:10:883:a44 processing payload CRP
11-07: 14:20:10:893:a44 constructing ISAKMP Header
11-07: 14:20:10:893:a44 constructing ID
11-07: 14:20:10:893:a44 Received no valid CRPs. Using all configured
11-07: 14:20:10:893:a44 Looking for IPSec only cert
11-07: 14:20:11:23:a44 Cert Trustes. 0 100
11-07: 14:20:11:23:a44 CertFindExtenstion failed with 0

11-07: 14:20:11:173:a44 Entered CRL check
11-07: 14:20:11:183:a44 Left CRL check
11-07: 14:20:11:183:a44 Cert SHA Thumbprint
6acc4e9af5bc00b1764bfb74ef5a1df5
11-07: 14:20:11:183:a44 42fcb9f9
11-07: 14:20:11:193:a44 SubjectName: C=BR, S=Minas Gerais, L=Belo
Horizonte, O=My Company Ltd, CN=krishna, E=admin_at_labhpardini.com.br
11-07: 14:20:11:193:a44 Cert Serialnumber 02
11-07: 14:20:11:193:a44 Cert SHA Thumbprint
6acc4e9af5bc00b1764bfb74ef5a1df5
11-07: 14:20:11:193:a44 42fcb9f9
11-07: 14:20:11:193:a44 SubjectName: C=BR, S=Minas Gerais, L=Belo
Horizonte, O=Laboratorio Hermes Pardini, CN=HPARDINI,
E=admin_at_labhpardini.com.br
11-07: 14:20:11:193:a44 Cert Serialnumber 00
11-07: 14:20:11:193:a44 Cert SHA Thumbprint
4c2c00454959feed19ee0c0c376a1f6c
11-07: 14:20:11:193:a44 5d76a020
11-07: 14:20:11:193:a44 constructing CERT
11-07: 14:20:11:193:a44 Construct SIG
11-07: 14:20:11:213:a44 Constructing Cert Request
11-07: 14:20:11:213:a44 C=BR, S=Minas Gerais, L=Belo Horizonte,
O=Laboratorio Hermes Pardini, CN=HPARDINI, E=admin_at_labhpardini.com.br
11-07: 14:20:11:213:a44
11-07: 14:20:11:213:a44 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:11:213:a44 ISAKMP Header: (V1.0), len = 1860
11-07: 14:20:11:213:a44 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:11:213:a44 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:11:213:a44 exchange: Oakley Main Mode
11-07: 14:20:11:213:a44 flags: 1 ( encrypted )
11-07: 14:20:11:213:a44 next payload: ID
11-07: 14:20:11:213:a44 message ID: 00000000
11-07: 14:20:12:215:7e4 retransmit: sa = 000D4180 centry 00000000 ,
count = 1
11-07: 14:20:12:215:7e4
11-07: 14:20:12:215:7e4 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:12:215:7e4 ISAKMP Header: (V1.0), len = 1860
11-07: 14:20:12:215:7e4 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:12:215:7e4 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:12:215:7e4 exchange: Oakley Main Mode
11-07: 14:20:12:215:7e4 flags: 1 ( encrypted )
11-07: 14:20:12:215:7e4 next payload: ID
11-07: 14:20:12:215:7e4 message ID: 00000000
11-07: 14:20:12:956:474 fill_isakmp: SA 000D4180 not finished
11-07: 14:20:14:217:7e4 retransmit: sa = 000D4180 centry 00000000 ,
count = 2
11-07: 14:20:14:217:7e4
11-07: 14:20:14:217:7e4 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:14:217:7e4 ISAKMP Header: (V1.0), len = 1860
11-07: 14:20:14:217:7e4 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:14:217:7e4 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:14:217:7e4 exchange: Oakley Main Mode
11-07: 14:20:14:217:7e4 flags: 1 ( encrypted )
11-07: 14:20:14:217:7e4 next payload: ID
11-07: 14:20:14:217:7e4 message ID: 00000000
11-07: 14:20:18:223:7e4 retransmit: sa = 000D4180 centry 00000000 ,
count = 3
11-07: 14:20:18:223:7e4
11-07: 14:20:18:223:7e4 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:18:223:7e4 ISAKMP Header: (V1.0), len = 1860
11-07: 14:20:18:223:7e4 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:18:223:7e4 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:18:223:7e4 exchange: Oakley Main Mode
11-07: 14:20:18:223:7e4 flags: 1 ( encrypted )
11-07: 14:20:18:223:7e4 next payload: ID
11-07: 14:20:18:223:7e4 message ID: 00000000
11-07: 14:20:26:225:7e4 retransmit: sa = 000D4180 centry 00000000 ,
count = 4
11-07: 14:20:26:225:7e4
11-07: 14:20:26:225:7e4 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:26:225:7e4 ISAKMP Header: (V1.0), len = 1860
11-07: 14:20:26:225:7e4 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:26:225:7e4 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:26:225:7e4 exchange: Oakley Main Mode
11-07: 14:20:26:225:7e4 flags: 1 ( encrypted )
11-07: 14:20:26:225:7e4 next payload: ID
11-07: 14:20:26:225:7e4 message ID: 00000000
11-07: 14:20:27:957:474 fill_isakmp: SA 000D4180 not finished
11-07: 14:20:28:318:a44
11-07: 14:20:28:318:a44 Receive: (get) SA = 0x000d4180 from
200.198.94.170
11-07: 14:20:28:318:a44 ISAKMP Header: (V1.0), len = 1724
11-07: 14:20:28:318:a44 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:28:318:a44 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:28:318:a44 exchange: Oakley Main Mode
11-07: 14:20:28:318:a44 flags: 1 ( encrypted )
11-07: 14:20:28:318:a44 next payload: ID
11-07: 14:20:28:318:a44 message ID: 00000000
11-07: 14:20:28:318:a44 processing payload ID
11-07: 14:20:28:318:a44 processing payload CERT
11-07: 14:20:28:318:a44 processing payload SIG
11-07: 14:20:28:318:a44 Verifying CertStore
11-07: 14:20:28:318:a44 SubjectName: C=BR, S=Minas Gerais, L=Belo
Horizonte, O=Laboratorio Hermes Pardini, CN=HPARDINI,
E=admin_at_labhpardini.com.br
11-07: 14:20:28:318:a44 Cert Serialnumber 01
11-07: 14:20:28:318:a44 Cert SHA Thumbprint
923167bd6faeb70ca51674c1baf4aa4c
11-07: 14:20:28:318:a44 c8eafe56
11-07: 14:20:28:318:a44 Cert Trustes. 0 100
11-07: 14:20:28:318:a44 SubjectName: C=BR, S=Minas Gerais, L=Belo
Horizonte, O=Laboratorio Hermes Pardini, CN=HPARDINI,
E=admin_at_labhpardini.com.br
11-07: 14:20:28:318:a44 Cert Serialnumber 01
11-07: 14:20:28:318:a44 Cert SHA Thumbprint
923167bd6faeb70ca51674c1baf4aa4c
11-07: 14:20:28:318:a44 c8eafe56
11-07: 14:20:28:318:a44 SubjectName: C=BR, S=Minas Gerais, L=Belo
Horizonte, O=Laboratorio Hermes Pardini, CN=HPARDINI,
E=admin_at_labhpardini.com.br
11-07: 14:20:28:318:a44 Cert Serialnumber 00
11-07: 14:20:28:318:a44 Cert SHA Thumbprint
4c2c00454959feed19ee0c0c376a1f6c
11-07: 14:20:28:318:a44 5d76a020
11-07: 14:20:28:318:a44 Cert SHA Thumbprint
923167bd6faeb70ca51674c1baf4aa4c
11-07: 14:20:28:318:a44 c8eafe56
11-07: 14:20:28:318:a44 Entered CRL check
11-07: 14:20:28:328:a44 Left CRL check
11-07: 14:20:28:328:a44 CertFindExtenstion failed with 0

11-07: 14:20:28:328:a44 Signature validated

11-07: 14:20:28:328:a44 MM established. SA: 000D4180
11-07: 14:20:28:328:a44 GetSpi: src = 200.198.94.170.0000, dst =
192.168.200.100.0000, proto = 00, context = 82717238, srcMask =
255.255.255.255, destMask = 255.255.255.255, TunnelFilter 1
11-07: 14:20:28:328:a44 Setting SPI 1329825586
11-07: 14:20:28:328:a44 constructing ISAKMP Header
11-07: 14:20:28:328:a44 constructing HASH (null)
11-07: 14:20:28:328:a44 constructing SA (IPSEC)
11-07: 14:20:28:328:a44 Sending Tunnelling Attribute
11-07: 14:20:28:328:a44 constructing QM KE
11-07: 14:20:28:358:a44 constructing NONCE (IPSEC)
11-07: 14:20:28:358:a44 constructing ID (proxy)
11-07: 14:20:28:358:a44 constructing ID (proxy)
11-07: 14:20:28:358:a44 constructing HASH (QM)
11-07: 14:20:28:358:a44
11-07: 14:20:28:358:a44 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:28:358:a44 ISAKMP Header: (V1.0), len = 300
11-07: 14:20:28:358:a44 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:28:358:a44 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:28:358:a44 exchange: Oakley Quick Mode
11-07: 14:20:28:358:a44 flags: 1 ( encrypted )
11-07: 14:20:28:358:a44 next payload: HASH
11-07: 14:20:28:358:a44 message ID: 4630428e
11-07: 14:20:29:359:7e4 retransmit: sa = 000D4180 centry 000BB3B0 ,
count = 1
11-07: 14:20:29:359:7e4
11-07: 14:20:29:359:7e4 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:29:359:7e4 ISAKMP Header: (V1.0), len = 300
11-07: 14:20:29:359:7e4 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:29:359:7e4 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:29:359:7e4 exchange: Oakley Quick Mode
11-07: 14:20:29:359:7e4 flags: 1 ( encrypted )
11-07: 14:20:29:359:7e4 next payload: HASH
11-07: 14:20:29:359:7e4 message ID: 4630428e
11-07: 14:20:31:362:7e4 retransmit: sa = 000D4180 centry 000BB3B0 ,
count = 2
11-07: 14:20:31:362:7e4
11-07: 14:20:31:362:7e4 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:31:362:7e4 ISAKMP Header: (V1.0), len = 300
11-07: 14:20:31:362:7e4 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:31:362:7e4 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:31:362:7e4 exchange: Oakley Quick Mode
11-07: 14:20:31:362:7e4 flags: 1 ( encrypted )
11-07: 14:20:31:362:7e4 next payload: HASH
11-07: 14:20:31:362:7e4 message ID: 4630428e
11-07: 14:20:32:394:a44
11-07: 14:20:32:394:a44 Receive: (get) SA = 0x000d4180 from
200.198.94.170
11-07: 14:20:32:394:a44 ISAKMP Header: (V1.0), len = 1724
11-07: 14:20:32:394:a44 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:32:394:a44 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:32:394:a44 exchange: Oakley Main Mode
11-07: 14:20:32:394:a44 flags: 1 ( encrypted )
11-07: 14:20:32:394:a44 next payload: ID
11-07: 14:20:32:394:a44 message ID: 00000000
11-07: 14:20:32:394:a44 invalid payload received
11-07: 14:20:32:394:a44 GetPacket failed 3613
11-07: 14:20:35:368:7e4 retransmit: sa = 000D4180 centry 000BB3B0 ,
count = 3
11-07: 14:20:35:368:7e4
11-07: 14:20:35:368:7e4 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:35:368:7e4 ISAKMP Header: (V1.0), len = 300
11-07: 14:20:35:368:7e4 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:35:368:7e4 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:35:368:7e4 exchange: Oakley Quick Mode
11-07: 14:20:35:368:7e4 flags: 1 ( encrypted )
11-07: 14:20:35:368:7e4 next payload: HASH
11-07: 14:20:35:368:7e4 message ID: 4630428e
11-07: 14:20:36:229:a44
11-07: 14:20:36:229:a44 Receive: (get) SA = 0x000d4180 from
200.198.94.170
11-07: 14:20:36:229:a44 ISAKMP Header: (V1.0), len = 1724
11-07: 14:20:36:229:a44 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:36:229:a44 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:36:229:a44 exchange: Oakley Main Mode
11-07: 14:20:36:229:a44 flags: 1 ( encrypted )
11-07: 14:20:36:229:a44 next payload: ID
11-07: 14:20:36:229:a44 message ID: 00000000
11-07: 14:20:36:229:a44 invalid payload received
11-07: 14:20:36:229:a44 GetPacket failed 3613
11-07: 14:20:43:369:7e4 retransmit: sa = 000D4180 centry 000BB3B0 ,
count = 4
11-07: 14:20:43:369:7e4
11-07: 14:20:43:369:7e4 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:43:369:7e4 ISAKMP Header: (V1.0), len = 300
11-07: 14:20:43:369:7e4 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:43:369:7e4 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:43:369:7e4 exchange: Oakley Quick Mode
11-07: 14:20:43:369:7e4 flags: 1 ( encrypted )
11-07: 14:20:43:369:7e4 next payload: HASH
11-07: 14:20:43:369:7e4 message ID: 4630428e
11-07: 14:20:48:697:a44
11-07: 14:20:48:697:a44 Receive: (get) SA = 0x00000000 from
200.198.94.170
11-07: 14:20:48:697:a44 ISAKMP Header: (V1.0), len = 84
11-07: 14:20:48:697:a44 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:48:697:a44 R-COOKIE e8feeadf94fd6ed1
11-07: 14:20:48:697:a44 exchange: Oakley Main Mode
11-07: 14:20:48:697:a44 flags: 0
11-07: 14:20:48:697:a44 next payload: SA
11-07: 14:20:48:697:a44 message ID: 00000000
11-07: 14:20:48:697:a44 Responder received header with responder cookie
non-zero
11-07: 14:20:48:697:a44 Responding with new SA 0
11-07: 14:20:48:697:a44 HandleFirstPacketResponder failed 3616
11-07: 14:20:48:697:a44 constructing ISAKMP Header
11-07: 14:20:48:697:a44 constructing NOTIFY 4
11-07: 14:20:48:697:a44 ProcessFailure: sa:0093F968 centry:00000000
status:3616
11-07: 14:20:48:697:a44 Notify already constructed. Ignoring. Sa
0093F968
11-07: 14:20:48:697:a44
11-07: 14:20:48:697:a44 Sending: SA = 0x0093F968 to 200.198.94.170:Type
1
11-07: 14:20:48:697:a44 ISAKMP Header: (V1.0), len = 56
11-07: 14:20:48:697:a44 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:48:697:a44 R-COOKIE e8feeadf94fd6ed1
11-07: 14:20:48:697:a44 exchange: ISAKMP Informational Exchange
11-07: 14:20:48:697:a44 flags: 0
11-07: 14:20:48:697:a44 next payload: NOTIFY
11-07: 14:20:48:697:a44 message ID: a02281d0
11-07: 14:20:59:372:7e4 retransmit: sa = 000D4180 centry 000BB3B0 ,
count = 5
11-07: 14:20:59:372:7e4
11-07: 14:20:59:372:7e4 Sending: SA = 0x000D4180 to 200.198.94.170:Type
2
11-07: 14:20:59:372:7e4 ISAKMP Header: (V1.0), len = 300
11-07: 14:20:59:372:7e4 I-COOKIE d8b4a76cd3f9dbd3
11-07: 14:20:59:372:7e4 R-COOKIE 79228cca6ffbe18b
11-07: 14:20:59:372:7e4 exchange: Oakley Quick Mode
11-07: 14:20:59:372:7e4 flags: 1 ( encrypted )
11-07: 14:20:59:372:7e4 next payload: HASH
11-07: 14:20:59:372:7e4 message ID: 4630428e
11-07: 14:21:24:268:7dc Acquire from driver: op=826FAC58
src=192.168.200.100.0 dst=10.10.1.1.0 proto = 0, SrcMask=0.0.0.0,
DstMask=255.255.255.0, Tunnel 1, TunnelEndpt=200.198.94.170 Inbound
TunnelEndpt=192.168.200.100
11-07: 14:21:24:268:a44 Filter to match: Src 200.198.94.170 Dst
192.168.200.100
11-07: 14:21:24:268:a44 MM PolicyName: 4
11-07: 14:21:24:268:a44 MMPolicy dwFlags 2 SoftSAExpireTime 28800
11-07: 14:21:24:268:a44 MMOffer[0] LifetimeSec 28800 QMLimit 1 DHGroup 2
11-07: 14:21:24:268:a44 MMOffer[0] Encrypt: Triplo DES CBC Hash: SHA
11-07: 14:21:24:268:a44 MMOffer[1] LifetimeSec 28800 QMLimit 1 DHGroup 2
11-07: 14:21:24:268:a44 MMOffer[1] Encrypt: Triplo DES CBC Hash: MD5
11-07: 14:21:24:268:a44 MMOffer[2] LifetimeSec 28800 QMLimit 1 DHGroup 1
11-07: 14:21:24:268:a44 MMOffer[2] Encrypt: DES CBC Hash: SHA
11-07: 14:21:24:268:a44 MMOffer[3] LifetimeSec 28800 QMLimit 1 DHGroup 1
11-07: 14:21:24:268:a44 MMOffer[3] Encrypt: DES CBC Hash: MD5
11-07: 14:21:24:268:a44 Auth[0]:RSA Sig C=BR, S=Minas Gerais, L=Belo
Horizonte, O=Laboratorio Hermes Pardini, CN=HPARDINI,
E=admin_at_labhpardini.com.br
11-07: 14:21:24:268:a44 QM PolicyName: Host-roadwarrior-net filter
action dwFlags 1
11-07: 14:21:24:268:a44 QMOffer[0] LifetimeKBytes 50000 LifetimeSec 3600
11-07: 14:21:24:268:a44 QMOffer[0] dwFlags 0 dwPFSGroup 268435456
11-07: 14:21:24:268:a44 Algo[0] Operation: ESP Algo: Triplo DES CBC
HMAC: MD5
11-07: 14:21:24:268:a44 Starting Negotiation: src =
192.168.200.100.0000, dst = 200.198.94.170.0500, proto = 00, context =
826FAC58, ProxySrc = 0.0.0.0.0000, ProxyDst = 10.10.1.0.0000 SrcMask =
0.0.0.0 DstMask = 255.255.255.0
11-07: 14:21:24:268:a44 constructing ISAKMP Header
11-07: 14:21:24:268:a44 constructing SA (ISAKMP)
11-07: 14:21:24:268:a44 Constructing Vendor
11-07: 14:21:24:268:a44
11-07: 14:21:24:268:a44 Sending: SA = 0x0010A740 to 200.198.94.170:Type
2
11-07: 14:21:24:268:a44 ISAKMP Header: (V1.0), len = 216
11-07: 14:21:24:268:a44 I-COOKIE 4576d5eb08e05cab
11-07: 14:21:24:268:a44 R-COOKIE 0000000000000000
11-07: 14:21:24:268:a44 exchange: Oakley Main Mode
11-07: 14:21:24:268:a44 flags: 0
11-07: 14:21:24:268:a44 next payload: SA
11-07: 14:21:24:268:a44 message ID: 00000000
11-07: 14:21:25:270:7e4 retransmit: sa = 0010A740 centry 00000000 ,
count = 1
11-07: 14:21:25:270:7e4
11-07: 14:21:25:270:7e4 Sending: SA = 0x0010A740 to 200.198.94.170:Type
2
11-07: 14:21:25:270:7e4 ISAKMP Header: (V1.0), len = 216
11-07: 14:21:25:270:7e4 I-COOKIE 4576d5eb08e05cab
11-07: 14:21:25:270:7e4 R-COOKIE 0000000000000000
11-07: 14:21:25:270:7e4 exchange: Oakley Main Mode
11-07: 14:21:25:270:7e4 flags: 0
11-07: 14:21:25:270:7e4 next payload: SA
11-07: 14:21:25:270:7e4 message ID: 00000000
11-07: 14:21:26:121:a44
11-07: 14:21:26:121:a44 Receive: (get) SA = 0x0010a740 from
200.198.94.170
11-07: 14:21:26:121:a44 ISAKMP Header: (V1.0), len = 84
11-07: 14:21:26:121:a44 I-COOKIE 4576d5eb08e05cab
11-07: 14:21:26:121:a44 R-COOKIE 65221d4cf486bdc8
11-07: 14:21:26:121:a44 exchange: Oakley Main Mode
11-07: 14:21:26:121:a44 flags: 0
11-07: 14:21:26:121:a44 next payload: SA
11-07: 14:21:26:121:a44 message ID: 00000000
11-07: 14:21:26:121:a44 processing payload SA
11-07: 14:21:26:121:a44 Received Phase 1 Transform 1
11-07: 14:21:26:121:a44 Encryption Alg Triplo DES CBC(5)
11-07: 14:21:26:121:a44 Hash Alg SHA(2)
11-07: 14:21:26:121:a44 Oakley Group 2
11-07: 14:21:26:121:a44 Auth Method Assinatura RSA com Certificados
(3)
11-07: 14:21:26:121:a44 Life type in Seconds
11-07: 14:21:26:121:a44 Life duration of 28800
11-07: 14:21:26:121:a44 Phase 1 SA accepted: transform=1
11-07: 14:21:26:121:a44 SA - Oakley proposal accepted
11-07: 14:21:26:121:a44 constructing ISAKMP Header
11-07: 14:21:26:141:a44 constructing KE
11-07: 14:21:26:141:a44 constructing NONCE (ISAKMP)
11-07: 14:21:26:141:a44
11-07: 14:21:26:141:a44 Sending: SA = 0x0010A740 to 200.198.94.170:Type
2
11-07: 14:21:26:141:a44 ISAKMP Header: (V1.0), len = 184
11-07: 14:21:26:141:a44 I-COOKIE 4576d5eb08e05cab
11-07: 14:21:26:141:a44 R-COOKIE 65221d4cf486bdc8
11-07: 14:21:26:141:a44 exchange: Oakley Main Mode
11-07: 14:21:26:141:a44 flags: 0
11-07: 14:21:26:141:a44 next payload: KE
11-07: 14:21:26:141:a44 message ID: 00000000
11-07: 14:21:27:142:7e4 retransmit: sa = 0010A740 centry 00000000 ,
count = 1
11-07: 14:21:27:142:7e4
11-07: 14:21:27:142:7e4 Sending: SA = 0x0010A740 to 200.198.94.170:Type
2
11-07: 14:21:27:142:7e4 ISAKMP Header: (V1.0), len = 184
11-07: 14:21:27:142:7e4 I-COOKIE 4576d5eb08e05cab
11-07: 14:21:27:142:7e4 R-COOKIE 65221d4cf486bdc8
11-07: 14:21:27:142:7e4 exchange: Oakley Main Mode
11-07: 14:21:27:142:7e4 flags: 0
11-07: 14:21:27:142:7e4 next payload: KE
11-07: 14:21:27:142:7e4 message ID: 00000000
11-07: 14:21:27:983:474 fill_isakmp: SA 0010A740 not finished
11-07: 14:21:28:84:a44
11-07: 14:21:28:84:a44 Receive: (get) SA = 0x00000000 from
200.198.94.170
11-07: 14:21:28:84:a44 ISAKMP Header: (V1.0), len = 84
11-07: 14:21:28:84:a44 I-COOKIE 4576d5eb08e05cab
11-07: 14:21:28:84:a44 R-COOKIE 90a3b282f151b188
11-07: 14:21:28:84:a44 exchange: Oakley Main Mode
11-07: 14:21:28:84:a44 flags: 0
11-07: 14:21:28:84:a44 next payload: SA
11-07: 14:21:28:84:a44 message ID: 00000000
11-07: 14:21:28:84:a44 Responder received header with responder cookie
non-zero
11-07: 14:21:28:84:a44 Responding with new SA 0
11-07: 14:21:28:84:a44 HandleFirstPacketResponder failed 3616
11-07: 14:21:28:84:a44 constructing ISAKMP Header
11-07: 14:21:28:84:a44 constructing NOTIFY 4
11-07: 14:21:28:84:a44 ProcessFailure: sa:0093F968 centry:00000000
status:3616
11-07: 14:21:28:84:a44 Notify already constructed. Ignoring. Sa
0093F968
11-07: 14:21:28:84:a44
11-07: 14:21:28:84:a44 Sending: SA = 0x0093F968 to 200.198.94.170:Type 1
11-07: 14:21:28:84:a44 ISAKMP Header: (V1.0), len = 56
11-07: 14:21:28:84:a44 I-COOKIE 4576d5eb08e05cab
11-07: 14:21:28:84:a44 R-COOKIE 90a3b282f151b188
11-07: 14:21:28:84:a44 exchange: ISAKMP Informational Exchange
11-07: 14:21:28:84:a44 flags: 0
11-07: 14:21:28:84:a44 next payload: NOTIFY
11-07: 14:21:28:84:a44 message ID: 0368462b
11-07: 14:21:29:145:7e4 retransmit: sa = 0010A740 centry 00000000 ,
count = 2
11-07: 14:21:29:145:7e4
11-07: 14:21:29:145:7e4 Sending: SA = 0x0010A740 to 200.198.94.170:Type
2
11-07: 14:21:29:145:7e4 ISAKMP Header: (V1.0), len = 184
11-07: 14:21:29:145:7e4 I-COOKIE 4576d5eb08e05cab
11-07: 14:21:29:145:7e4 R-COOKIE 65221d4cf486bdc8
11-07: 14:21:29:145:7e4 exchange: Oakley Main Mode
11-07: 14:21:29:145:7e4 flags: 0
11-07: 14:21:29:145:7e4 next payload: KE
11-07: 14:21:29:145:7e4 message ID: 00000000
11-07: 14:21:30:267:a44
11-07: 14:21:30:267:a44 Receive: (get) SA = 0x0010a740 from
200.198.94.170
11-07: 14:21:30:267:a44 ISAKMP Header: (V1.0), len = 188
11-07: 14:21:30:267:a44 I-COOKIE 4576d5eb08e05cab
11-07: 14:21:30:267:a44 R-COOKIE 65221d4cf486bdc8
11-07: 14:21:30:267:a44 exchange: Oakley Main Mode
11-07: 14:21:30:267:a44 flags: 0
11-07: 14:21:30:267:a44 next payload: KE
11-07: 14:21:30:267:a44 message ID: 00000000
11-07: 14:21:30:267:a44 processing payload KE
11-07: 14:21:30:277:a44 processing payload NONCE
11-07: 14:21:30:277:a44 processing payload CRP
11-07: 14:21:30:277:a44 constructing ISAKMP Header
11-07: 14:21:30:277:a44 constructing ID
11-07: 14:21:30:277:a44 Received no valid CRPs. Using all configured
11-07: 14:21:30:277:a44 Looking for IPSec only cert
11-07: 14:21:30:277:a44 Cert Trustes. 0 100
11-07: 14:21:30:277:a44 CertFindExtenstion failed with 0

11-07: 14:21:30:277:a44 Entered CRL check
11-07: 14:21:30:287:a44 Left CRL check
11-07: 14:21:30:287:a44 Cert SHA Thumbprint
6acc4e9af5bc00b1764bfb74ef5a1df5
11-07: 14:21:30:287:a44 42fcb9f9
11-07: 14:21:30:287:a44 SubjectName: C=BR, S=Minas Gerais, L=Belo
Horizonte, O=My Company Ltd, CN=krishna, E=admin_at_labhpardini.com.br
11-07: 14:21:30:287:a44 Cert Serialnumber 02
11-07: 14:21:30:287:a44 Cert SHA Thumbprint
6acc4e9af5bc00b1764bfb74ef5a1df5
11-07: 14:21:30:287:a44 42fcb9f9
11-07: 14:21:30:287:a44 SubjectName: C=BR, S=Minas Gerais, L=Belo
Horizonte, O=Laboratorio Hermes Pardini, CN=HPARDINI,
E=admin_at_labhpardini.com.br
11-07: 14:21:30:287:a44 Cert Serialnumber 00
11-07: 14:21:30:287:a44 Cert SHA Thumbprint
4c2c00454959feed19ee0c0c376a1f6c
11-07: 14:21:30:287:a44 5d76a020
11-07: 14:21:30:287:a44 constructing CERT
11-07: 14:21:30:287:a44 Construct SIG
11-07: 14:21:30:307:a44 Constructing Cert Request
11-07: 14:21:30:307:a44 C=BR, S=Minas Gerais, L=Belo Horizonte,
O=Laboratorio Hermes Pardini, CN=HPARDINI, E=admin_at_labhpardini.com.br
11-07: 14:21:30:307:a44
11-07: 14:21:30:307:a44 Sending: SA = 0x0010A740 to 200.198.94.170:Type
2
11-07: 14:21:30:307:a44 ISAKMP Header: (V1.0), len = 1860
11-07: 14:21:30:307:a44 I-COOKIE 4576d5eb08e05cab
11-07: 14:21:30:307:a44 R-COOKIE 65221d4cf486bdc8
11-07: 14:21:30:307:a44 exchange: Oakley Main Mode
11-07: 14:21:30:307:a44 flags: 1 ( encrypted )
11-07: 14:21:30:307:a44 next payload: ID
11-07: 14:21:30:307:a44 message ID: 00000000
11-07: 14:21:31:28:790 isadb_schedule_kill_oldPolicy_sas:
7f9f03db-e34e-4bfb-870ad9231f582bd0 4
11-07: 14:21:31:28:790 isadb_schedule_kill_oldPolicy_sas:
c731647e-b5fa-4883-af02059a589855ff 4
11-07: 14:21:31:28:790 isadb_schedule_kill_oldPolicy_sas:
6550236f-7be1-408e-8393fe23a2098b2a 3
11-07: 14:21:31:28:790 isadb_schedule_kill_oldPolicy_sas:
3beeefb7-13b3-400e-b0e8bc87c42ed6ba 3
11-07: 14:21:31:28:790 isadb_schedule_kill_oldPolicy_sas:
5fcb65f6-5eb3-4681-97101e5f074b54ff 3
11-07: 14:21:31:28:790 isadb_schedule_kill_oldPolicy_sas:
9acedfd9-cc8d-415a-874aebe3bf0d6521 3
11-07: 14:21:31:28:790 isadb_schedule_kill_oldPolicy_sas:
8e516cbd-c6d0-41c0-850639c143d503f2 1
11-07: 14:21:31:28:790 isadb_schedule_kill_oldPolicy_sas:
99ed9d9b-9637-4f3a-a394769d307885d5 2
11-07: 14:21:31:28:790 isadb_schedule_kill_oldPolicy_sas:
6c5ac9f9-1bad-4d78-8cad43192e63d2f9 2
11-07: 14:21:31:28:790 isadb_schedule_kill_oldPolicy_sas:
65a55fff-9701-4c17-882c4af38dce30f1 2
11-07: 14:21:31:28:790 isadb_schedule_kill_oldPolicy_sas:
10db6782-dab1-4b22-a53a256920f0fe16 2
11-07: 14:21:31:38:a44 entered kill_old_policy_sas
11-07: 14:21:31:38:a44 entered kill_old_policy_sas
11-07: 14:21:31:38:a44 SA Dead. sa:0010A740 status:3619
11-07: 14:21:31:38:a44 isadb_set_status sa:0010A740 centry:00000000
status 3619
11-07: 14:21:31:38:a18 entered kill_old_policy_sas
11-07: 14:21:31:48:a44 Modo de troca de chave (Modo principal)

11-07: 14:21:31:48:a44 Endereço IP de origem 192.168.200.100

Máscara do endereço IP de origem 255.255.255.255

Endereço IP de destino 200.198.94.170

Máscara do endereço IP de destino 255.255.255.255

Protocolo 0

Porta de origem 0

Porta de destino 0

End. local IKE

End. IKE de mesmo nível

11-07: 14:21:31:48:a44 Identidade baseada no certificado.

Entidade de mesmo nível

Impressão digital SHA de mesmo nível
0000000000000000000000000000000000000000

Autoridade de certificação emitente

Autoridade de certificação raiz

Minha entidade C=BR, S=Minas Gerais, L=Belo Horizonte, O=My Company Ltd,
CN=krishna, E=admin_at_labhpardini.com.br

Minha impressão digital SHA 6acc4e9af5bc00b1764bfb74ef5a1df542fcb9f9

Endereço IP de mesmo nível: 200.198.94.170

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: Ken Bantoft: "Re: [Users] Message on secure log - no acceptable Oakley Transform policy does not allow OAKLEY_PRESHARED_KEY authentication"
• Previous message: Billy Mullins: "[Users] Re: [Bugs] Using/Compiling Superfreeswan 1.99 kb1"
• In reply to: Arthur L. Mandalho: "[Users] Message on secure log - no acceptable Oakley Transform policy does not allow OAKLEY_PRESHARED_KEY authentication"
• Next in thread: fdo_montenegro: "[Users] Compile ERROR in Super-Freeswan-1.99_kb1 (make menumod)"
• Reply: fdo_montenegro: "[Users] Compile ERROR in Super-Freeswan-1.99_kb1 (make menumod)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Fri Nov 08 2002 - 05:20:38 CET