localhost.localdomain Tue Nov 26 21:47:19 CST 2002 + _________________________ version + ipsec --version Linux FreeS/WAN U1.99/K1.98b See `ipsec --copyright' for copyright information. + _________________________ proc/version + cat /proc/version Linux version 2.4.19 (root@localhost.localdomain) (gcc version 2.96 20000731 (Red Hat Linux 7.3 2.96-110)) #4 SMP Tue Nov 5 16:02:32 CST 2002 + _________________________ proc/net/ipsec_eroute + sort +3 /proc/net/ipsec_eroute + _________________________ netstart-rn + netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 148.223.58.5 0.0.0.0 255.255.255.255 UH 40 0 0 ppp0 148.223.58.5 0.0.0.0 255.255.255.255 UH 40 0 0 ipsec0 192.168.254.0 0.0.0.0 255.255.255.0 U 40 0 0 eth1 192.168.254.0 0.0.0.0 255.255.255.0 U 40 0 0 eth1 10.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 lo 0.0.0.0 148.223.58.5 0.0.0.0 UG 40 0 0 ppp0 + _________________________ proc/net/ipsec_spi + cat /proc/net/ipsec_spi + _________________________ proc/net/ipsec_spigrp + cat /proc/net/ipsec_spigrp + _________________________ proc/net/ipsec_tncfg + cat /proc/net/ipsec_tncfg ipsec0 -> ppp0 mtu=16260(1492) -> 1492 ipsec1 -> NULL mtu=0(0) -> 0 ipsec2 -> NULL mtu=0(0) -> 0 ipsec3 -> NULL mtu=0(0) -> 0 + _________________________ proc/net/pf_key + cat /proc/net/pf_key sock pid socket next prev e n p sndbf Flags Type St c11c8a00 18356 c61fd920 0 0 0 0 2 65535 00000000 3 1 + _________________________ proc/net/pf_key-star + cd /proc/net + egrep '^' pf_key_registered pf_key_supported pf_key_registered:satype socket pid sk pf_key_registered: 2 c61fd920 18356 c11c8a00 pf_key_registered: 3 c61fd920 18356 c11c8a00 pf_key_registered: 9 c61fd920 18356 c11c8a00 pf_key_registered: 10 c61fd920 18356 c11c8a00 pf_key_supported:satype exttype alg_id ivlen minbits maxbits pf_key_supported: 2 14 3 0 160 160 pf_key_supported: 2 14 2 0 128 128 pf_key_supported: 3 15 3 128 168 168 pf_key_supported: 3 14 3 0 160 160 pf_key_supported: 3 14 2 0 128 128 pf_key_supported: 9 15 1 0 32 32 pf_key_supported: 10 15 2 0 1 1 + _________________________ proc/sys/net/ipsec-star + cd /proc/sys/net/ipsec + egrep '^' debug_ah debug_eroute debug_esp debug_ipcomp debug_netlink debug_pfkey debug_radij debug_rcv debug_spi debug_tunnel debug_verbose debug_xform icmp inbound_policy_check tos debug_ah:0 debug_eroute:0 debug_esp:0 debug_ipcomp:0 debug_netlink:0 debug_pfkey:0 debug_radij:0 debug_rcv:0 debug_spi:0 debug_tunnel:0 debug_verbose:0 debug_xform:0 icmp:1 inbound_policy_check:1 tos:1 + _________________________ ipsec/status + ipsec auto --status 000 interface ipsec0/ppp0 200.67.32.187 000 000 "roadwarrior-net"[2]: 192.168.254.0/24===200.67.32.187[C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esv@ttte.no-ip.com]---148.223.58.5...200.65.105.19[C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esanchezvela@yahoo.com] 000 "roadwarrior-net"[2]: ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1 000 "roadwarrior-net"[2]: policy: RSASIG+ENCRYPT+COMPRESS+TUNNEL+PFS; interface: ppp0; unrouted 000 "roadwarrior-net"[2]: newest ISAKMP SA: #42; newest IPsec SA: #0; eroute owner: #0 000 "roadwarrior-net": 192.168.254.0/24===200.67.32.187[C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esv@ttte.no-ip.com]---148.223.58.5...%any 000 "roadwarrior-net": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1 000 "roadwarrior-net": policy: RSASIG+ENCRYPT+COMPRESS+TUNNEL+PFS; interface: ppp0; unrouted 000 "roadwarrior-net": newest ISAKMP SA: #0; newest IPsec SA: #0; eroute owner: #0 000 000 #36: "roadwarrior-net"[2] 200.65.105.19 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 2936s 000 #30: "roadwarrior-net"[2] 200.65.105.19 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 2776s 000 #43: "roadwarrior-net"[2] 200.65.105.19 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_RETRANSMIT in 6s 000 #42: "roadwarrior-net"[2] 200.65.105.19 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 3295s; newest ISAKMP 000 #26: "roadwarrior-net"[2] 200.65.105.19 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 2603s 000 #4: "roadwarrior-net"[2] 200.65.105.19 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 1800s 000 #1: "roadwarrior-net"[2] 200.65.105.19 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 1242s 000 #14: "roadwarrior-net"[2] 200.65.105.19 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 2124s 000 #8: "roadwarrior-net"[2] 200.65.105.19 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 1971s 000 #20: "roadwarrior-net"[2] 200.65.105.19 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 2276s 000 #44: "roadwarrior-net"[2] 200.65.105.19 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_RETRANSMIT in 7s 000 + _________________________ ifconfig-a + ifconfig -a eth0 Link encap:Ethernet HWaddr 00:D0:B7:9F:39:63 inet addr:10.0.0.2 Bcast:10.255.255.255 Mask:255.0.0.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:25658 errors:0 dropped:0 overruns:0 frame:0 TX packets:21553 errors:0 dropped:0 overruns:0 carrier:0 collisions:3 txqueuelen:100 RX bytes:6072739 (5.7 Mb) TX bytes:5166180 (4.9 Mb) Interrupt:10 eth1 Link encap:Ethernet HWaddr 00:80:AD:07:4C:4E inet addr:192.168.254.1 Bcast:192.168.254.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:52476 errors:0 dropped:0 overruns:0 frame:0 TX packets:43639 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:4690059 (4.4 Mb) TX bytes:11775866 (11.2 Mb) Interrupt:11 Base address:0xdc00 ipsec0 Link encap:Point-to-Point Protocol inet addr:200.67.32.187 Mask:255.255.255.255 UP RUNNING NOARP MTU:16260 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) ipsec1 Link encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) ipsec2 Link encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) ipsec3 Link encap:IPIP Tunnel HWaddr NOARP MTU:0 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:10 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:128 errors:0 dropped:0 overruns:0 frame:0 TX packets:128 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:11504 (11.2 Kb) TX bytes:11504 (11.2 Kb) ppp0 Link encap:Point-to-Point Protocol inet addr:200.67.32.187 P-t-P:148.223.58.5 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 RX packets:13215 errors:0 dropped:0 overruns:0 frame:0 TX packets:10220 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:1079685 (1.0 Mb) TX bytes:3754460 (3.5 Mb) + _________________________ ipsec/directory + ipsec --directory /usr/local/lib/ipsec + _________________________ hostname/fqdn + hostname --fqdn localhost.localdomain + _________________________ hostname/ipaddress + hostname --ip-address 127.0.0.1 + _________________________ uptime + uptime 9:47pm up 13:23, 1 user, load average: 0.83, 0.56, 0.54 + _________________________ ps + ps alxwf + egrep -i 'ppid|pluto|ipsec|klips' F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND 000 0 18710 17220 9 0 2244 1036 wait4 S pts/2 0:00 \_ /bin/sh /usr/local/sbin/ipsec barf 000 0 18711 18710 16 0 2260 1072 wait4 S pts/2 0:00 \_ /bin/sh /usr/local/lib/ipsec/barf 040 0 18751 18711 15 0 2260 1072 - R pts/2 0:00 \_ /bin/sh /usr/local/lib/ipsec/barf 040 0 18348 1 9 0 1980 920 wait4 S pts/2 0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug all --uniqueids 040 0 18353 18348 9 0 1980 920 wait4 S pts/2 0:00 \_ /bin/sh /usr/local/lib/ipsec/_plutorun --debug all --unique 100 0 18356 18353 9 0 2080 1016 unix_w S pts/2 0:01 | \_ /usr/local/lib/ipsec/pluto --nofork --debug-all --uniqu 000 0 18397 18356 9 0 1408 288 do_sel S pts/2 0:00 | \_ _pluto_adns -d 7 10 000 0 18354 18348 8 0 1956 896 pipe_w S pts/2 0:00 \_ /bin/sh /usr/local/lib/ipsec/_plutoload --load %search --st 000 0 18349 1 9 0 1344 364 pipe_w S pts/2 0:00 logger -p daemon.error -t ipsec__plutorun + _________________________ ipsec/showdefaults + ipsec showdefaults routephys=ppp0 routephys=ppp0 routevirt=ipsec0 routevirt=ipsec0 routeaddr=200.67.32.187 routeaddr=200.67.32.187 routenexthop=148.223.58.5 routenexthop=148.223.58.5 defaultroutephys=ppp0 defaultroutevirt=ipsec0 defaultrouteaddr=200.67.32.187 defaultroutenexthop=148.223.58.5 + _________________________ ipsec/conf + ipsec _include /etc/ipsec.conf + ipsec _keycensor #< /etc/ipsec.conf 1 # /etc/ipsec.conf - FreeS/WAN IPsec configuration file # More elaborate and more varied sample configurations can be found # in FreeS/WAN's doc/examples file, and in the HTML documentation. # basic configuration config setup # THIS SETTING MUST BE CORRECT or almost nothing will work; # %defaultroute is okay for most simple cases. interfaces=%defaultroute # Debug-logging controls: "none" for (almost) none, "all" for lots. klipsdebug=none plutodebug=all # Use auto= parameters in conn descriptions to control startup actions. plutoload=%search plutostart=%search # Close down old connection when new one using same ID shows up. uniqueids=yes strictcrlpolicy=no # defaults for subsequent connection descriptions # (these defaults will soon go away) conn %default keyingtries=1 compress = yes disablearrivalcheck=no authby=rsasig leftrsasigkey=%cert rightrsasigkey=%cert # pfs = yes conn roadwarrior-net left = %defaultroute leftsubnet = 192.168.254.0/24 leftcert = /etc/ipsec.d/certs/ttte.no-ip.com.pem leftid = "C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esv@ttte.no-ip.com" right = %any auto = add pfs = yes # conn roadwarrior # right = %any # left = %defaultroute # leftcert = /etc/ipsec.d/certs/ttte.no-ip.com.pem # leftid = "C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esv@ttte.no-ip.com" # auto = add # pfs = yes ## conn road ## left=%defaultroute ## leftsubnet=192.168.254.0/24 ## leftid=@ttte.no-ip.com ## leftrsasigkey=[keyid AQNT62Yrf] ## right=148.235.43.33 ## rightnexthop=148.235.43.34 ## rightsubnet=192.168.4.0/24 ## rightrsasigkey=[keyid AQOPB8GtE] ## rightid=@mvela.no-ip.com ## auto=add ## + _________________________ ipsec/secrets + ipsec _include /etc/ipsec.secrets + ipsec _secretcensor #< /etc/ipsec.secrets 1 # This file holds shared secrets or RSA private keys for inter-Pluto # authentication. See ipsec_pluto(8) manpage, and HTML documentation. # RSA private key for this host, authenticating it to any other host # which knows the public part. Suitable public keys, for ipsec.conf, DNS, # or configuration of other implementations, can be extracted conveniently # with "[sums to ef67...]". : RSA ttte.no-ip.com.key "[sums to 7867...]" + _________________________ ipsec/ls-dir + ls -l /usr/local/lib/ipsec total 4200 -rwxr-xr-x 1 root root 11183 Nov 8 11:34 _confread -rwxr-xr-x 1 root root 11183 Nov 6 12:01 _confread.old -rwxr-xr-x 1 root root 46385 Nov 8 11:34 _copyright -rwxr-xr-x 1 root root 46385 Nov 6 12:01 _copyright.old -rwxr-xr-x 1 root root 2163 Nov 8 11:34 _include -rwxr-xr-x 1 root root 2163 Nov 6 12:01 _include.old -rwxr-xr-x 1 root root 1472 Nov 8 11:34 _keycensor -rwxr-xr-x 1 root root 1472 Nov 6 12:01 _keycensor.old -rwxr-xr-x 1 root root 72237 Nov 8 11:34 _pluto_adns -rwxr-xr-x 1 root root 72237 Nov 6 12:01 _pluto_adns.old -rwxr-xr-x 1 root root 3495 Nov 8 11:34 _plutoload -rwxr-xr-x 1 root root 3495 Nov 6 12:01 _plutoload.old -rwxr-xr-x 1 root root 4730 Nov 12 15:49 _plutorun -rwxr-xr-x 1 root root 4730 Nov 6 12:01 _plutorun.old -rwxr-xr-x 1 root root 7530 Nov 8 11:34 _realsetup -rwxr-xr-x 1 root root 7530 Nov 6 12:01 _realsetup.old -rwxr-xr-x 1 root root 1971 Nov 8 11:34 _secretcensor -rwxr-xr-x 1 root root 1971 Nov 6 12:01 _secretcensor.old -rwxr-xr-x 1 root root 7062 Nov 8 11:34 _startklips -rwxr-xr-x 1 root root 7062 Nov 6 12:01 _startklips.old -rwxr-xr-x 1 root root 5014 Nov 8 11:34 _updown -rwxr-xr-x 1 root root 5014 Nov 7 18:31 _updown.old -rwxr-xr-x 1 root root 9099 Nov 8 11:34 _updown.x509 -rwxr-xr-x 1 root root 9099 Nov 6 12:01 _updown.x509.old -rwxr-xr-x 1 root root 13335 Nov 12 15:49 auto -rwxr-xr-x 1 root root 13335 Nov 7 18:31 auto.old -rwxr-xr-x 1 root root 7198 Nov 8 11:34 barf -rwxr-xr-x 1 root root 7198 Nov 6 12:01 barf.old -rwxr-xr-x 1 root root 816 Nov 8 11:34 calcgoo -rwxr-xr-x 1 root root 816 Nov 6 12:01 calcgoo.old -rwxr-xr-x 1 root root 225305 Nov 8 11:34 eroute -rwxr-xr-x 1 root root 98952 Nov 8 11:34 ikeping -rwxr-xr-x 1 root root 98952 Nov 6 12:01 ikeping.old -rwxr-xr-x 1 root root 2915 Nov 8 11:34 ipsec -rwxr-xr-x 1 root root 2915 Nov 6 12:01 ipsec.old -rw-r--r-- 1 root root 1950 Nov 8 11:34 ipsec_pr.template -rwxr-xr-x 1 root root 161930 Nov 8 11:34 klipsdebug -rw-r--r-- 1 root root 1973 Nov 7 18:25 log -rwxr-xr-x 1 root root 2437 Nov 8 11:34 look -rwxr-xr-x 1 root root 2437 Nov 6 12:01 look.old -rwxr-xr-x 1 root root 16157 Nov 8 11:34 manual -rwxr-xr-x 1 root root 16157 Nov 6 12:01 manual.old -rwxr-xr-x 1 root root 1847 Nov 8 11:34 newhostkey -rwxr-xr-x 1 root root 1847 Nov 6 12:01 newhostkey.old -rwxr-xr-x 1 root root 139781 Nov 8 11:34 pf_key -rwxr-xr-x 1 root root 894781 Nov 8 11:34 pluto -rwxr-xr-x 1 root root 894781 Nov 6 12:01 pluto.old -rwxr-xr-x 1 root root 52710 Nov 8 11:34 ranbits -rwxr-xr-x 1 root root 52710 Nov 6 12:01 ranbits.old -rwxr-xr-x 1 root root 77798 Nov 8 11:34 rsasigkey -rwxr-xr-x 1 root root 77798 Nov 6 12:01 rsasigkey.old -rwxr-xr-x 1 root root 16671 Nov 8 11:34 send-pr -rwxr-xr-x 1 root root 16671 Nov 6 12:01 send-pr.old lrwxrwxrwx 1 root root 22 Nov 8 11:34 setup -> /etc/rc.d/init.d/ipsec -rwxr-xr-x 1 root root 1041 Nov 8 11:34 showdefaults -rwxr-xr-x 1 root root 1041 Nov 6 12:01 showdefaults.old -rwxr-xr-x 1 root root 4205 Nov 8 11:34 showhostkey -rwxr-xr-x 1 root root 4205 Nov 6 12:01 showhostkey.old -rwxr-xr-x 1 root root 246314 Nov 8 11:34 spi -rwxr-xr-x 1 root root 202046 Nov 8 11:34 spigrp -rwxr-xr-x 1 root root 71167 Nov 8 11:34 tncfg -rwxr-xr-x 1 root root 16876 Nov 8 11:34 uml_netjig -rw-r--r-- 1 root root 1944 Nov 7 18:30 up.log -rwxr-xr-x 1 root root 3353 Nov 8 11:34 verify -rwxr-xr-x 1 root root 3353 Nov 6 12:01 verify.old -rwxr-xr-x 1 root root 141935 Nov 8 11:34 whack -rwxr-xr-x 1 root root 141935 Nov 6 12:01 whack.old + _________________________ ipsec/updowns ++ ls /usr/local/lib/ipsec ++ egrep updown + cat /usr/local/lib/ipsec/_updown #! /bin/sh # default updown script # Copyright (C) 2000, 2001 D. Hugh Redelmeier, Henry Spencer # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the # Free Software Foundation; either version 2 of the License, or (at your # option) any later version. See . # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # # RCSID $Id: _updown,v 1.19 2002/03/25 18:04:42 henry Exp $ # CAUTION: Installing a new version of FreeS/WAN will install a new # copy of this script, wiping out any custom changes you make. If # you need changes, make a copy of this under another name, and customize # that, and use the (left/right)updown parameters in ipsec.conf to make # FreeS/WAN use yours instead of this default one. # check interface version case "$PLUTO_VERSION" in 1.[0]) # Older Pluto?!? Play it safe, script may be using new features. echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2 echo "$0: called by obsolete Pluto?" >&2 exit 2 ;; 1.*) ;; *) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2 exit 2 ;; esac # check parameter(s) case "$1:$*" in ':') # no parameters ;; ipfwadm:ipfwadm) # due to (left/right)firewall; for default script only ;; custom:*) # custom parameters (see above CAUTION comment) ;; *) echo "$0: unknown parameters \`$*'" >&2 exit 2 ;; esac # utility functions for route manipulation # Meddling with this stuff should not be necessary and requires great care. uproute() { doroute add } downroute() { doroute del } doroute() { parms="-net $PLUTO_PEER_CLIENT_NET netmask $PLUTO_PEER_CLIENT_MASK" parms2="dev $PLUTO_INTERFACE gw $PLUTO_NEXT_HOP" case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in "0.0.0.0/0.0.0.0") # horrible kludge for obscure routing bug with opportunistic it="route $1 -net 0.0.0.0 netmask 128.0.0.0 $parms2 && route $1 -net 128.0.0.0 netmask 128.0.0.0 $parms2" ;; *) it="route $1 $parms $parms2" ;; esac eval $it st=$? if test $st -ne 0 then # route has already given its own cryptic message echo "$0: \`$it' failed" >&2 if test " $1 $st" = " add 7" then # another totally undocumented interface -- 7 and # "SIOCADDRT: Network is unreachable" means that # the gateway isn't reachable. echo "$0: (incorrect or missing nexthop setting??)" >&2 fi fi return $st } # the big choice case "$PLUTO_VERB:$1" in prepare-host:*|prepare-client:*) # delete possibly-existing route (preliminary to adding a route) case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in "0.0.0.0/0.0.0.0") # horrible kludge for obscure routing bug with opportunistic it="route del -net 0.0.0.0 netmask 128.0.0.0 2>&1 ; route del -net 128.0.0.0 netmask 128.0.0.0 2>&1" ;; *) it="route del -net $PLUTO_PEER_CLIENT_NET \ netmask $PLUTO_PEER_CLIENT_MASK 2>&1" ;; esac oops="`eval $it`" status="$?" if test " $oops" = " " -a " $status" != " 0" then oops="silent error, exit status $status" fi case "$oops" in 'SIOCDELRT: No such process'*) # This is what route (currently -- not documented!) gives # for "could not find such a route". oops= status=0 ;; esac if test " $oops" != " " -o " $status" != " 0" then echo "$0: \`$it' failed ($oops)" >&2 fi exit $status ;; route-host:*|route-client:*) # connection to me or my client subnet being routed uproute ;; unroute-host:*|unroute-client:*) # connection to me or my client subnet being unrouted downroute ;; up-host:*) # connection to me coming up # If you are doing a custom version, firewall commands go here. ;; down-host:*) # connection to me going down # If you are doing a custom version, firewall commands go here. ;; up-client:) # connection to my client subnet coming up # If you are doing a custom version, firewall commands go here. ;; down-client:) # connection to my client subnet going down # If you are doing a custom version, firewall commands go here. ;; up-client:ipfwadm) # connection to client subnet, with (left/right)firewall=yes, coming up # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK ;; down-client:ipfwadm) # connection to client subnet, with (left/right)firewall=yes, going down # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK ;; *) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2 exit 1 ;; esac + cat /usr/local/lib/ipsec/_updown.old #! /bin/sh # default updown script # Copyright (C) 2000, 2001 D. Hugh Redelmeier, Henry Spencer # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the # Free Software Foundation; either version 2 of the License, or (at your # option) any later version. See . # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # # RCSID $Id: _updown,v 1.19 2002/03/25 18:04:42 henry Exp $ # CAUTION: Installing a new version of FreeS/WAN will install a new # copy of this script, wiping out any custom changes you make. If # you need changes, make a copy of this under another name, and customize # that, and use the (left/right)updown parameters in ipsec.conf to make # FreeS/WAN use yours instead of this default one. # check interface version case "$PLUTO_VERSION" in 1.[0]) # Older Pluto?!? Play it safe, script may be using new features. echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2 echo "$0: called by obsolete Pluto?" >&2 exit 2 ;; 1.*) ;; *) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2 exit 2 ;; esac # check parameter(s) case "$1:$*" in ':') # no parameters ;; ipfwadm:ipfwadm) # due to (left/right)firewall; for default script only ;; custom:*) # custom parameters (see above CAUTION comment) ;; *) echo "$0: unknown parameters \`$*'" >&2 exit 2 ;; esac # utility functions for route manipulation # Meddling with this stuff should not be necessary and requires great care. uproute() { doroute add } downroute() { doroute del } doroute() { parms="-net $PLUTO_PEER_CLIENT_NET netmask $PLUTO_PEER_CLIENT_MASK" parms2="dev $PLUTO_INTERFACE gw $PLUTO_NEXT_HOP" case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in "0.0.0.0/0.0.0.0") # horrible kludge for obscure routing bug with opportunistic it="route $1 -net 0.0.0.0 netmask 128.0.0.0 $parms2 && route $1 -net 128.0.0.0 netmask 128.0.0.0 $parms2" ;; *) it="route $1 $parms $parms2" ;; esac eval $it st=$? if test $st -ne 0 then # route has already given its own cryptic message echo "$0: \`$it' failed" >&2 if test " $1 $st" = " add 7" then # another totally undocumented interface -- 7 and # "SIOCADDRT: Network is unreachable" means that # the gateway isn't reachable. echo "$0: (incorrect or missing nexthop setting??)" >&2 fi fi return $st } # the big choice case "$PLUTO_VERB:$1" in prepare-host:*|prepare-client:*) # delete possibly-existing route (preliminary to adding a route) case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in "0.0.0.0/0.0.0.0") # horrible kludge for obscure routing bug with opportunistic it="route del -net 0.0.0.0 netmask 128.0.0.0 2>&1 ; route del -net 128.0.0.0 netmask 128.0.0.0 2>&1" ;; *) it="route del -net $PLUTO_PEER_CLIENT_NET \ netmask $PLUTO_PEER_CLIENT_MASK 2>&1" ;; esac oops="`eval $it`" status="$?" if test " $oops" = " " -a " $status" != " 0" then oops="silent error, exit status $status" fi case "$oops" in 'SIOCDELRT: No such process'*) # This is what route (currently -- not documented!) gives # for "could not find such a route". oops= status=0 ;; esac if test " $oops" != " " -o " $status" != " 0" then echo "$0: \`$it' failed ($oops)" >&2 fi exit $status ;; route-host:*|route-client:*) # connection to me or my client subnet being routed uproute ;; unroute-host:*|unroute-client:*) # connection to me or my client subnet being unrouted downroute ;; up-host:*) # connection to me coming up # If you are doing a custom version, firewall commands go here. ;; down-host:*) # connection to me going down # If you are doing a custom version, firewall commands go here. ;; up-client:) # connection to my client subnet coming up # If you are doing a custom version, firewall commands go here. ;; down-client:) # connection to my client subnet going down # If you are doing a custom version, firewall commands go here. ;; up-client:ipfwadm) # connection to client subnet, with (left/right)firewall=yes, coming up # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK ;; down-client:ipfwadm) # connection to client subnet, with (left/right)firewall=yes, going down # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK ;; *) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2 exit 1 ;; esac + cat /usr/local/lib/ipsec/_updown.x509 #! /bin/sh # # customized updown script # # logging of VPN connections # # tag put in front of each log entry: TAG=vpn # # syslog facility and priority used: FAC_PRIO=local0.notice # # to create a special vpn logging file, put the following line into # the syslog configuration file /etc/syslog.conf: # # local0.notice -/var/log/vpn # # check interface version case "$PLUTO_VERSION" in 1.[0]) # Older Pluto?!? Play it safe, script may be using new features. echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2 echo "$0: called by obsolete Pluto?" >&2 exit 2 ;; 1.*) ;; *) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2 exit 2 ;; esac # check parameter(s) case "$1:$*" in ':') # no parameters ;; ipfwadm:ipfwadm) # due to (left/right)firewall; for default script only ;; custom:*) # custom parameters (see above CAUTION comment) ;; *) echo "$0: unknown parameters \`$*'" >&2 exit 2 ;; esac # utility functions for route manipulation # Meddling with this stuff should not be necessary and requires great care. uproute() { doroute add } downroute() { doroute del } doroute() { parms="-net $PLUTO_PEER_CLIENT_NET netmask $PLUTO_PEER_CLIENT_MASK" parms2="dev $PLUTO_INTERFACE gw $PLUTO_NEXT_HOP" case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in "0.0.0.0/0.0.0.0") # horrible kludge for obscure routing bug with opportunistic it="route $1 -net 0.0.0.0 netmask 128.0.0.0 $parms2 &&" it="$it route $1 -net 128.0.0.0 netmask 128.0.0.0 $parms2" route $1 -net 0.0.0.0 netmask 128.0.0.0 $parms2 && route $1 -net 128.0.0.0 netmask 128.0.0.0 $parms2 ;; *) it="route $1 $parms $parms2" route $1 $parms $parms2 ;; esac st=$? if test $st -ne 0 then # route has already given its own cryptic message echo "$0: \`$it' failed" >&2 if test " $1 $st" = " add 7" then # another totally undocumented interface -- 7 and # "SIOCADDRT: Network is unreachable" means that # the gateway isn't reachable. echo "$0: (incorrect or missing nexthop setting??)" >&2 fi fi return $st } # the big choice case "$PLUTO_VERB:$1" in prepare-host:*|prepare-client:*) # delete possibly-existing route (preliminary to adding a route) case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in "0.0.0.0/0.0.0.0") # horrible kludge for obscure routing bug with opportunistic parms1="-net 0.0.0.0 netmask 128.0.0.0" parms2="-net 128.0.0.0 netmask 128.0.0.0" it="route del $parms1 2>&1 ; route del $parms2 2>&1" oops="`route del $parms1 2>&1 ; route del $parms2 2>&1`" ;; *) parms="-net $PLUTO_PEER_CLIENT_NET netmask $PLUTO_PEER_CLIENT_MASK" it="route del $parms 2>&1" oops="`route del $parms 2>&1`" ;; esac status="$?" if test " $oops" = " " -a " $status" != " 0" then oops="silent error, exit status $status" fi case "$oops" in 'SIOCDELRT: No such process'*) # This is what route (currently -- not documented!) gives # for "could not find such a route". oops= status=0 ;; esac if test " $oops" != " " -o " $status" != " 0" then echo "$0: \`$it' failed ($oops)" >&2 fi exit $status ;; route-host:*|route-client:*) # connection to me or my client subnet being routed uproute ;; unroute-host:*|unroute-client:*) # connection to me or my client subnet being unrouted downroute ;; up-host:*) # connection to me coming up # If you are doing a custom version, firewall commands go here. if [ "$PLUTO_MY_PROTOCOL" == "6" ] || [ "$PLUTO_MY_PROTOCOL" == "17" ] then iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --sport $PLUTO_PEER_PORT \ -d 0.0.0.0/0.0.0.0 --dport $PLUTO_MY_PORT -j ACCEPT iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -s 0.0.0.0/0.0.0.0 --sport $PLUTO_MY_PORT \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --dport $PLUTO_PEER_PORT -j ACCEPT else iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK \ -j ACCEPT iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK -j ACCEPT fi if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] then logger -t $TAG -p $FAC_PRIO \ "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME" else logger -t $TAG -p $FAC_PRIO \ "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME" fi ;; down-host:*) # connection to me going down # If you are doing a custom version, firewall commands go here. if [ "$PLUTO_MY_PROTOCOL" == "6" ] || [ "$PLUTO_MY_PROTOCOL" == "17" ] then iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --sport $PLUTO_PEER_PORT \ -j ACCEPT iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --dport $PLUTO_PEER_PORT -j ACCEPT else iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK \ -j ACCEPT iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK -j ACCEPT fi if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] then logger -t $TAG -p $FAC_PRIO -- \ "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME" else logger -t $TAG -p $FAC_PRIO -- \ "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME" fi ;; up-client:) # connection to my client subnet coming up # If you are doing a custom version, firewall commands go here. if [ "$PLUTO_MY_PROTOCOL" == "6" ] || [ "$PLUTO_MY_PROTOCOL" == "17" ] then iptables -I FORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK --sport $PLUTO_MY_PORT \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --dport $PLUTO_PEER_PORT -j ACCEPT iptables -I FORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --sport $PLUTO_PEER_PORT \ -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK --dport $PLUTO_MY_PORT -j ACCEPT else iptables -I FORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK -j ACCEPT iptables -I FORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK \ -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK -j ACCEPT fi if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] then logger -t $TAG -p $FAC_PRIO \ "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" else logger -t $TAG -p $FAC_PRIO \ "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" fi ;; down-client:) # connection to my client subnet going down # If you are doing a custom version, firewall commands go here. if [ "$PLUTO_MY_PROTOCOL" == "6" ] || [ "$PLUTO_MY_PROTOCOL" == "17" ] then iptables -D FORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK --sport $PLUTO_MY_PORT \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --dport $PLUTO_PEER_PORT -j ACCEPT iptables -D FORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --sport $PLUTO_PEER_PORT \ -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK --dport $PLUTO_MY_PORT -j ACCEPT else iptables -D FORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK -j ACCEPT iptables -D FORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK \ -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK -j ACCEPT fi if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] then logger -t $TAG -p $FAC_PRIO -- \ "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" else logger -t $TAG -p $FAC_PRIO -- \ "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" fi ;; up-client:ipfwadm) # connection to client subnet, with (left/right)firewall=yes, coming up # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK ;; down-client:ipfwadm) # connection to client subnet, with (left/right)firewall=yes, going down # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK ;; *) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2 exit 1 ;; esac + cat /usr/local/lib/ipsec/_updown.x509.old #! /bin/sh # # customized updown script # # logging of VPN connections # # tag put in front of each log entry: TAG=vpn # # syslog facility and priority used: FAC_PRIO=local0.notice # # to create a special vpn logging file, put the following line into # the syslog configuration file /etc/syslog.conf: # # local0.notice -/var/log/vpn # # check interface version case "$PLUTO_VERSION" in 1.[0]) # Older Pluto?!? Play it safe, script may be using new features. echo "$0: obsolete interface version \`$PLUTO_VERSION'," >&2 echo "$0: called by obsolete Pluto?" >&2 exit 2 ;; 1.*) ;; *) echo "$0: unknown interface version \`$PLUTO_VERSION'" >&2 exit 2 ;; esac # check parameter(s) case "$1:$*" in ':') # no parameters ;; ipfwadm:ipfwadm) # due to (left/right)firewall; for default script only ;; custom:*) # custom parameters (see above CAUTION comment) ;; *) echo "$0: unknown parameters \`$*'" >&2 exit 2 ;; esac # utility functions for route manipulation # Meddling with this stuff should not be necessary and requires great care. uproute() { doroute add } downroute() { doroute del } doroute() { parms="-net $PLUTO_PEER_CLIENT_NET netmask $PLUTO_PEER_CLIENT_MASK" parms2="dev $PLUTO_INTERFACE gw $PLUTO_NEXT_HOP" case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in "0.0.0.0/0.0.0.0") # horrible kludge for obscure routing bug with opportunistic it="route $1 -net 0.0.0.0 netmask 128.0.0.0 $parms2 &&" it="$it route $1 -net 128.0.0.0 netmask 128.0.0.0 $parms2" route $1 -net 0.0.0.0 netmask 128.0.0.0 $parms2 && route $1 -net 128.0.0.0 netmask 128.0.0.0 $parms2 ;; *) it="route $1 $parms $parms2" route $1 $parms $parms2 ;; esac st=$? if test $st -ne 0 then # route has already given its own cryptic message echo "$0: \`$it' failed" >&2 if test " $1 $st" = " add 7" then # another totally undocumented interface -- 7 and # "SIOCADDRT: Network is unreachable" means that # the gateway isn't reachable. echo "$0: (incorrect or missing nexthop setting??)" >&2 fi fi return $st } # the big choice case "$PLUTO_VERB:$1" in prepare-host:*|prepare-client:*) # delete possibly-existing route (preliminary to adding a route) case "$PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK" in "0.0.0.0/0.0.0.0") # horrible kludge for obscure routing bug with opportunistic parms1="-net 0.0.0.0 netmask 128.0.0.0" parms2="-net 128.0.0.0 netmask 128.0.0.0" it="route del $parms1 2>&1 ; route del $parms2 2>&1" oops="`route del $parms1 2>&1 ; route del $parms2 2>&1`" ;; *) parms="-net $PLUTO_PEER_CLIENT_NET netmask $PLUTO_PEER_CLIENT_MASK" it="route del $parms 2>&1" oops="`route del $parms 2>&1`" ;; esac status="$?" if test " $oops" = " " -a " $status" != " 0" then oops="silent error, exit status $status" fi case "$oops" in 'SIOCDELRT: No such process'*) # This is what route (currently -- not documented!) gives # for "could not find such a route". oops= status=0 ;; esac if test " $oops" != " " -o " $status" != " 0" then echo "$0: \`$it' failed ($oops)" >&2 fi exit $status ;; route-host:*|route-client:*) # connection to me or my client subnet being routed uproute ;; unroute-host:*|unroute-client:*) # connection to me or my client subnet being unrouted downroute ;; up-host:*) # connection to me coming up # If you are doing a custom version, firewall commands go here. if [ "$PLUTO_MY_PROTOCOL" == "6" ] || [ "$PLUTO_MY_PROTOCOL" == "17" ] then iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --sport $PLUTO_PEER_PORT \ -d 0.0.0.0/0.0.0.0 --dport $PLUTO_MY_PORT -j ACCEPT iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -s 0.0.0.0/0.0.0.0 --sport $PLUTO_MY_PORT \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --dport $PLUTO_PEER_PORT -j ACCEPT else iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK \ -j ACCEPT iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK -j ACCEPT fi if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] then logger -t $TAG -p $FAC_PRIO \ "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME" else logger -t $TAG -p $FAC_PRIO \ "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME" fi ;; down-host:*) # connection to me going down # If you are doing a custom version, firewall commands go here. if [ "$PLUTO_MY_PROTOCOL" == "6" ] || [ "$PLUTO_MY_PROTOCOL" == "17" ] then iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --sport $PLUTO_PEER_PORT \ -j ACCEPT iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --dport $PLUTO_PEER_PORT -j ACCEPT else iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK \ -j ACCEPT iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK -j ACCEPT fi if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] then logger -t $TAG -p $FAC_PRIO -- \ "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME" else logger -t $TAG -p $FAC_PRIO -- \ "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME" fi ;; up-client:) # connection to my client subnet coming up # If you are doing a custom version, firewall commands go here. if [ "$PLUTO_MY_PROTOCOL" == "6" ] || [ "$PLUTO_MY_PROTOCOL" == "17" ] then iptables -I FORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK --sport $PLUTO_MY_PORT \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --dport $PLUTO_PEER_PORT -j ACCEPT iptables -I FORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --sport $PLUTO_PEER_PORT \ -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK --dport $PLUTO_MY_PORT -j ACCEPT else iptables -I FORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK -j ACCEPT iptables -I FORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK \ -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK -j ACCEPT fi if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] then logger -t $TAG -p $FAC_PRIO \ "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" else logger -t $TAG -p $FAC_PRIO \ "+ `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" fi ;; down-client:) # connection to my client subnet going down # If you are doing a custom version, firewall commands go here. if [ "$PLUTO_MY_PROTOCOL" == "6" ] || [ "$PLUTO_MY_PROTOCOL" == "17" ] then iptables -D FORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK --sport $PLUTO_MY_PORT \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --dport $PLUTO_PEER_PORT -j ACCEPT iptables -D FORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK --sport $PLUTO_PEER_PORT \ -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK --dport $PLUTO_MY_PORT -j ACCEPT else iptables -D FORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \ -s $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -d $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK -j ACCEPT iptables -D FORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \ -s $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK \ -d $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK -j ACCEPT fi if [ "$PLUTO_PEER_CLIENT" == "$PLUTO_PEER/32" ] then logger -t $TAG -p $FAC_PRIO -- \ "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" else logger -t $TAG -p $FAC_PRIO -- \ "- `echo -e $PLUTO_PEER_ID` $PLUTO_PEER_CLIENT == $PLUTO_PEER -- $PLUTO_ME == $PLUTO_MY_CLIENT" fi ;; up-client:ipfwadm) # connection to client subnet, with (left/right)firewall=yes, coming up # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. ipfwadm -F -i accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK ;; down-client:ipfwadm) # connection to client subnet, with (left/right)firewall=yes, going down # This is used only by the default updown script, not by your custom # ones, so do not mess with it; see CAUTION comment up at top. ipfwadm -F -d accept -b -S $PLUTO_MY_CLIENT_NET/$PLUTO_MY_CLIENT_MASK \ -D $PLUTO_PEER_CLIENT_NET/$PLUTO_PEER_CLIENT_MASK ;; *) echo "$0: unknown verb \`$PLUTO_VERB' or parameter \`$1'" >&2 exit 1 ;; esac + _________________________ proc/net/dev + cat /proc/net/dev Inter-| Receive | Transmit face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed lo: 11504 128 0 0 0 0 0 0 11504 128 0 0 0 0 0 0 eth0: 6072739 25658 0 0 0 0 0 0 5166180 21553 0 0 0 3 0 0 eth1: 4690059 52476 0 0 0 0 0 0 11775866 43639 0 0 0 0 0 0 ppp0: 1079685 13215 0 0 0 0 0 0 3754460 10220 0 0 0 0 0 0 ipsec0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ipsec1: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ipsec2: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ipsec3: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 + _________________________ proc/net/route + cat /proc/net/route Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT ppp0 053ADF94 00000000 0005 0 0 0 FFFFFFFF 40 0 0 ipsec0 053ADF94 00000000 0005 0 0 0 FFFFFFFF 40 0 0 eth1 00FEA8C0 00000000 0001 0 0 0 00FFFFFF 40 0 0 eth1 00FEA8C0 00000000 0001 0 0 0 00FFFFFF 40 0 0 eth0 0000000A 00000000 0001 0 0 0 000000FF 40 0 0 lo 0000007F 00000000 0001 0 0 0 000000FF 40 0 0 ppp0 00000000 053ADF94 0003 0 0 0 00000000 40 0 0 + _________________________ proc/sys/net/ipv4/ip_forward + cat /proc/sys/net/ipv4/ip_forward 1 + _________________________ proc/sys/net/ipv4/conf/star-rp_filter + cd /proc/sys/net/ipv4/conf + egrep '^' all/rp_filter default/rp_filter eth0/rp_filter eth1/rp_filter ipsec0/rp_filter lo/rp_filter ppp0/rp_filter all/rp_filter:0 default/rp_filter:0 eth0/rp_filter:0 eth1/rp_filter:0 ipsec0/rp_filter:0 lo/rp_filter:0 ppp0/rp_filter:0 + _________________________ uname-a + uname -a Linux localhost.localdomain 2.4.19 #4 SMP Tue Nov 5 16:02:32 CST 2002 i686 unknown + _________________________ redhat-release + test -r /etc/redhat-release + cat /etc/redhat-release Red Hat Linux release 7.3 (Valhalla) + _________________________ proc/net/ipsec_version + cat /proc/net/ipsec_version FreeS/WAN version: 1.98b + _________________________ iptables/list + iptables -L -v -n Chain INPUT (policy ACCEPT 6190 packets, 740K bytes) pkts bytes target prot opt in out source destination 0 0 LOG tcp -- * * 200.65.105.19 0.0.0.0/0 tcp dpt:!22 LOG flags 0 level 4 28 13712 ACCEPT udp -- * * 200.65.105.19 0.0.0.0/0 udp dpt:!22 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:500 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:500 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:50 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:50 81 4260 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 Chain FORWARD (policy ACCEPT 13086 packets, 5188K bytes) pkts bytes target prot opt in out source destination 0 0 LOG all -- ppp0 * 10.0.0.0/8 0.0.0.0/0 LOG flags 0 level 4 0 0 LOG all -- ppp0 * 192.168.0.0/16 0.0.0.0/0 LOG flags 0 level 4 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:500 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:500 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:50 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:50 0 0 DROP all -- ppp0 * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW Chain OUTPUT (policy ACCEPT 46456 packets, 11M bytes) pkts bytes target prot opt in out source destination 0 0 LOG tcp -- * * 0.0.0.0/0 200.65.105.19 tcp spt:!22 LOG flags 0 level 4 13 5312 ACCEPT udp -- * * 0.0.0.0/0 200.65.105.19 udp spt:!22 + _________________________ ipchains/list + ipchains -L -v -n ipchains: Incompatible with this kernel + _________________________ ipfwadm/forward + ipfwadm -F -l -n -e Generic IP Firewall Chains not in this kernel + _________________________ ipfwadm/input + ipfwadm -I -l -n -e Generic IP Firewall Chains not in this kernel + _________________________ ipfwadm/output + ipfwadm -O -l -n -e Generic IP Firewall Chains not in this kernel + _________________________ iptables/nat + iptables -t nat -L -v -n Chain PREROUTING (policy ACCEPT 1919 packets, 153K bytes) pkts bytes target prot opt in out source destination 0 0 LOG tcp -- * * 200.65.105.19 0.0.0.0/0 tcp dpt:!22 LOG flags 0 level 4 1 244 ACCEPT udp -- * * 200.65.105.19 0.0.0.0/0 udp dpt:!22 Chain POSTROUTING (policy ACCEPT 81 packets, 18044 bytes) pkts bytes target prot opt in out source destination 0 0 LOG tcp -- * * 0.0.0.0/0 200.65.105.19 tcp spt:!22 LOG flags 0 level 4 0 0 ACCEPT udp -- * * 0.0.0.0/0 200.65.105.19 udp spt:!22 0 0 MASQUERADE all -- * * 0.0.0.0/0 !192.168.0.0/16 Chain OUTPUT (policy ACCEPT 164 packets, 26216 bytes) pkts bytes target prot opt in out source destination + _________________________ ipchains/masq + ipchains -M -L -v -n ipchains: cannot open file `/proc/net/ip_masquerade' + _________________________ ipfwadm/masq + ipfwadm -M -l -n -e Generic IP Firewall Chains not in this kernel + _________________________ iptables/mangle + iptables -t mangle -L -v -n Chain PREROUTING (policy ACCEPT 39545 packets, 4154K bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 34794 packets, 2497K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 4724 packets, 1656K bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 27567 packets, 7633K bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 32372 packets, 9311K bytes) pkts bytes target prot opt in out source destination + _________________________ proc/modules + cat /proc/modules ipsec 252384 2 iptable_mangle 2688 0 (autoclean) (unused) ipt_state 1088 1 (autoclean) ipt_LOG 4224 6 (autoclean) ipt_MASQUERADE 2144 1 (autoclean) iptable_filter 2368 1 (autoclean) iptable_nat 19732 1 [ipt_MASQUERADE] ip_conntrack 21516 2 [ipt_state ipt_MASQUERADE iptable_nat] ip_tables 14144 8 [iptable_mangle ipt_state ipt_LOG ipt_MASQUERADE iptable_filter iptable_nat] ppp_synctty 6720 0 (unused) ppp_async 8224 1 ppp_generic 22892 3 [ppp_synctty ppp_async] slhc 6116 0 [ppp_generic] dmfe 15196 1 + _________________________ proc/meminfo + cat /proc/meminfo total: used: free: shared: buffers: cached: Mem: 129867776 125124608 4743168 0 4202496 77021184 Swap: 271392768 421888 270970880 MemTotal: 126824 kB MemFree: 4632 kB MemShared: 0 kB Buffers: 4104 kB Cached: 74804 kB SwapCached: 412 kB Active: 39668 kB Inactive: 70116 kB HighTotal: 0 kB HighFree: 0 kB LowTotal: 126824 kB LowFree: 4632 kB SwapTotal: 265032 kB SwapFree: 264620 kB + _________________________ dev/ipsec-ls + ls -l '/dev/ipsec*' ls: /dev/ipsec*: No such file or directory + _________________________ proc/net/ipsec-ls + ls -l /proc/net/ipsec_eroute /proc/net/ipsec_klipsdebug /proc/net/ipsec_spi /proc/net/ipsec_spigrp /proc/net/ipsec_tncfg /proc/net/ipsec_version -r--r--r-- 1 root root 0 Nov 26 21:47 /proc/net/ipsec_eroute -r--r--r-- 1 root root 0 Nov 26 21:47 /proc/net/ipsec_klipsdebug -r--r--r-- 1 root root 0 Nov 26 21:47 /proc/net/ipsec_spi -r--r--r-- 1 root root 0 Nov 26 21:47 /proc/net/ipsec_spigrp -r--r--r-- 1 root root 0 Nov 26 21:47 /proc/net/ipsec_tncfg -r--r--r-- 1 root root 0 Nov 26 21:47 /proc/net/ipsec_version + _________________________ usr/src/linux/.config + test -f /usr/src/linux/.config + egrep 'IP|NETLINK' /usr/src/linux/.config # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP2 is not set # CONFIG_MWINCHIP3D is not set CONFIG_SYSVIPC=y # CONFIG_MD_MULTIPATH is not set # CONFIG_NETLINK_DEV is not set CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y # CONFIG_IP_MULTIPLE_TABLES is not set # CONFIG_IP_ROUTE_MULTIPATH is not set # CONFIG_IP_ROUTE_TOS is not set # CONFIG_IP_ROUTE_VERBOSE is not set # CONFIG_IP_ROUTE_LARGE_TABLES is not set # CONFIG_IP_PNP is not set # CONFIG_NET_IPIP is not set # CONFIG_NET_IPGRE is not set # CONFIG_IP_MROUTE is not set # IP: Netfilter Configuration CONFIG_IP_NF_CONNTRACK=m CONFIG_IP_NF_FTP=m CONFIG_IP_NF_IRC=m CONFIG_IP_NF_QUEUE=m CONFIG_IP_NF_IPTABLES=m CONFIG_IP_NF_MATCH_LIMIT=m CONFIG_IP_NF_MATCH_MAC=m # CONFIG_IP_NF_MATCH_PKTTYPE is not set CONFIG_IP_NF_MATCH_MARK=m CONFIG_IP_NF_MATCH_MULTIPORT=m CONFIG_IP_NF_MATCH_TOS=m # CONFIG_IP_NF_MATCH_ECN is not set CONFIG_IP_NF_MATCH_AH_ESP=m CONFIG_IP_NF_MATCH_LENGTH=m CONFIG_IP_NF_MATCH_TTL=m CONFIG_IP_NF_MATCH_TCPMSS=m # CONFIG_IP_NF_MATCH_HELPER is not set CONFIG_IP_NF_MATCH_STATE=m # CONFIG_IP_NF_MATCH_CONNTRACK is not set CONFIG_IP_NF_MATCH_UNCLEAN=m CONFIG_IP_NF_MATCH_OWNER=m CONFIG_IP_NF_FILTER=m CONFIG_IP_NF_TARGET_REJECT=m CONFIG_IP_NF_TARGET_MIRROR=m CONFIG_IP_NF_NAT=m CONFIG_IP_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=m CONFIG_IP_NF_TARGET_REDIRECT=m CONFIG_IP_NF_NAT_LOCAL=y CONFIG_IP_NF_NAT_SNMP_BASIC=m CONFIG_IP_NF_NAT_IRC=m CONFIG_IP_NF_NAT_FTP=m CONFIG_IP_NF_MANGLE=m CONFIG_IP_NF_TARGET_TOS=m # CONFIG_IP_NF_TARGET_ECN is not set CONFIG_IP_NF_TARGET_MARK=m CONFIG_IP_NF_TARGET_LOG=m CONFIG_IP_NF_TARGET_ULOG=m CONFIG_IP_NF_TARGET_TCPMSS=m CONFIG_IP_NF_ARPTABLES=m CONFIG_IP_NF_ARPFILTER=m # CONFIG_IP_NF_COMPAT_IPCHAINS is not set # CONFIG_IP_NF_COMPAT_IPFWADM is not set # CONFIG_IPV6 is not set # CONFIG_IPX is not set CONFIG_IPSEC=m CONFIG_IPSEC_IPIP=y CONFIG_IPSEC_AH=y CONFIG_IPSEC_AUTH_HMAC_MD5=y CONFIG_IPSEC_AUTH_HMAC_SHA1=y CONFIG_IPSEC_ESP=y CONFIG_IPSEC_ENC_3DES=y CONFIG_IPSEC_IPCOMP=y CONFIG_IPSEC_DEBUG=y # CONFIG_IDEDMA_PCI_WIP is not set # CONFIG_IDE_CHIPSETS is not set # CONFIG_SCSI_IPS is not set # CONFIG_TULIP is not set # CONFIG_HIPPI is not set # CONFIG_PLIP is not set # CONFIG_SLIP is not set # CONFIG_PCMCIA_XIRTULIP is not set # CONFIG_USB_SERIAL_IPAQ is not set + _________________________ etc/syslog.conf + cat /etc/syslog.conf # Log all kernel messages to the console. # Logging much else clutters up the screen. #kern.* /dev/console # Log anything (except mail) of level info or higher. # Don't log private authentication messages! *.info;mail.none;authpriv.none;cron.none /var/log/messages # The authpriv file has restricted access. authpriv.* /var/log/secure # Log all the mail messages in one place. mail.* /var/log/maillog # Log cron stuff cron.* /var/log/cron # Everybody gets emergency messages *.emerg * auth.* /var/log/auth.log # Save news errors of level crit and higher in a special file. uucp,news.crit /var/log/spooler # Save boot messages also to boot.log local6.* /var/log/local6.log local7.* /var/log/boot.log + _________________________ etc/resolv.conf + cat /etc/resolv.conf nameserver 200.33.148.201 nameserver 200.33.148.193 + _________________________ lib/modules-ls + ls -ltr /lib/modules total 16 drwxr-xr-x 4 root root 4096 Sep 26 10:25 2.4.18-3 drwxr-xr-x 4 root root 4096 Nov 5 08:19 2.4.18-10 drwxr-xr-x 4 root root 4096 Nov 5 16:15 2.4.19 drwxr-xr-x 4 root root 4096 Nov 13 13:23 2.4.18-17.7.x + _________________________ proc/ksyms-netif_rx + egrep netif_rx /proc/ksyms c0220a90 netif_rx_Rsmp_5fdf92c1 + _________________________ lib/modules-netif_rx + modulegoo kernel/net/ipv4/ipip.o netif_rx + set +x 2.4.18-10: U netif_rx_R4eaed564 2.4.18-17.7.x: U netif_rx_Rf513676d 2.4.18-3: U netif_rx_R35fec680 2.4.19: + _________________________ kern.debug + test -f /var/log/kern.debug + _________________________ klog + sed -n '14619,$p' /var/log/messages + egrep -i 'ipsec|klips|pluto' + cat Nov 26 21:09:30 localhost ipsec_setup: Starting FreeS/WAN IPsec 1.99... Nov 26 21:09:30 localhost kernel: klips_debug:pfkey_address_build: exttype=23 proto=0 prefixlen=0 Nov 26 21:09:30 localhost ipsec_setup: Using /lib/modules/2.4.19/kernel/net/ipsec/ipsec.o Nov 26 21:09:31 localhost kernel: klips_debug:pfkey_address_build: found address family AF_INET. Nov 26 21:09:31 localhost kernel: klips_debug:pfkey_address_build: found address=255.255.255.255:0. Nov 26 21:09:31 localhost kernel: klips_debug:pfkey_address_build: successful. Nov 26 21:09:31 localhost kernel: klips_debug:pfkey_safe_build: error=0 Nov 26 21:09:31 localhost ipsec_setup: KLIPS debug `none' Nov 26 21:09:31 localhost /etc/hotplug/net.agent: invoke ifup ipsec2 Nov 26 21:09:31 localhost /etc/hotplug/net.agent: invoke ifup ipsec1 Nov 26 21:09:31 localhost /etc/hotplug/net.agent: invoke ifup ipsec0 Nov 26 21:09:31 localhost /etc/hotplug/net.agent: invoke ifup ipsec3 Nov 26 21:09:31 localhost kernel: klips_debug:pfkey_safe_build:success. Nov 26 21:09:31 localhost ipsec_setup: KLIPS ipsec0 on ppp0 200.67.32.187/255.255.255.255 pointopoint 148.223.58.5 Nov 26 21:09:31 localhost kernel: klips_debug:pfkey_address_build: exttype=24 proto=0 prefixlen=0 Nov 26 21:09:31 localhost kernel: klips_debug:pfkey_address_build: found address family AF_INET. Nov 26 21:09:31 localhost kernel: klips_debug:pfkey_address_build: found address=255.255.255.0:0. Nov 26 21:09:31 localhost ipsec_setup: ...FreeS/WAN IPsec started Nov 26 21:09:31 localhost kernel: klips_debug:pfkey_address_build: successful. Nov 26 21:09:31 localhost kernel: klips_debug:pfkey_safe_build: error=0 Nov 26 21:09:31 localhost kernel: klips_debug:pfkey_safe_build:success. Nov 26 21:09:32 localhost kernel: klips_debug:pfkey_msg_build: pfkey_msg=c3673aa0 allocated 176 bytes, &(extensions[0])=c21ddd1c Nov 26 21:09:32 localhost kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[1]=c2c7c5c0 to=c3673ab0 Nov 26 21:09:32 localhost kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[5]=c2c7c6c0 to=c3673ac0 Nov 26 21:09:32 localhost kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[6]=c2c7c560 to=c3673ad8 Nov 26 21:09:32 localhost kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[21]=c2c7c540 to=c3673af0 Nov 26 21:09:32 localhost kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[22]=c2c7c640 to=c3673b08 Nov 26 21:09:32 localhost kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[23]=c66d35e0 to=c3673b20 Nov 26 21:09:32 localhost kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[24]=c2c7c6e0 to=c3673b38 Nov 26 21:09:32 localhost kernel: klips_debug:pfkey_msg_build: extensions permitted=01e00063, seen=01e00063, required=01e00043. Nov 26 21:09:32 localhost kernel: klips_debug:pfkey_upmsg: allocating 176 bytes... Nov 26 21:09:32 localhost kernel: klips_debug:pfkey_upmsg: ...allocated at c7fd6940. Nov 26 21:09:32 localhost kernel: klips_debug:pfkey_x_addflow_parse: sending up x_addflow reply message for satype=9(IPIP) (proto=4) to socket=c2b1f1c0 succeeded. Nov 26 21:09:33 localhost kernel: klips_debug:pfkey_x_addflow_parse: extr->tdb cleaned up and freed. Nov 26 21:09:33 localhost kernel: klips_debug:pfkey_sendmsg: . Nov 26 21:09:33 localhost kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Nov 26 21:09:33 localhost kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=13, errno=0, satype=9(IPIP), len=13, res=0, seq=18, pid=17684. Nov 26 21:09:33 localhost kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=c21dde2c. Nov 26 21:09:33 localhost kernel: klips_debug:pfkey_msg_interp: allocated extr->tdb=c3635c00. Nov 26 21:09:33 localhost kernel: klips_debug:pfkey_msg_interp: satype 9 lookups to proto=4. Nov 26 21:09:33 localhost kernel: klips_debug:pfkey_msg_interp: processing ext 1 c52742b0 with processor c885be20. Nov 26 21:09:33 localhost kernel: klips_debug:pfkey_sa_process: . Nov 26 21:09:33 localhost kernel: klips_debug:pfkey_msg_interp: processing ext 6 c52742c0 with processor c885c100. Nov 26 21:09:33 localhost kernel: klips_debug:pfkey_address_process: Nov 26 21:09:33 localhost kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 200.67.32.187. Nov 26 21:09:34 localhost kernel: klips_debug:pfkey_address_process: found dst address. Nov 26 21:09:34 localhost kernel: klips_debug:pfkey_address_process: tdb_said.dst set to 200.67.32.187. Nov 26 21:09:34 localhost kernel: klips_debug:pfkey_address_process: successful. Nov 26 21:09:34 localhost kernel: klips_debug:pfkey_msg_interp: processing ext 18 c52742d8 with processor c885c910. Nov 26 21:09:34 localhost kernel: klips_debug:pfkey_x_satype_process: . Nov 26 21:09:34 localhost kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=c21dde30. Nov 26 21:09:34 localhost kernel: klips_debug:pfkey_x_satype_process: protocol==50 decoded from satype==3(ESP). Nov 26 21:09:34 localhost kernel: klips_debug:pfkey_msg_interp: processing ext 19 c52742e0 with processor c885be20. Nov 26 21:09:34 localhost kernel: klips_debug:pfkey_sa_process: . Nov 26 21:09:34 localhost kernel: klips_debug:pfkey_alloc_ipsec_sa: tdb struct already allocated Nov 26 21:09:34 localhost kernel: klips_debug:pfkey_msg_interp: processing ext 20 c52742f0 with processor c885c100. Nov 26 21:09:34 localhost kernel: klips_debug:pfkey_address_process: Nov 26 21:09:35 localhost kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 200.67.32.187. Nov 26 21:09:35 localhost kernel: klips_debug:pfkey_address_process: found 2nd dst address. Nov 26 21:09:35 localhost kernel: klips_debug:pfkey_alloc_ipsec_sa: tdb struct already allocated Nov 26 21:09:35 localhost kernel: klips_debug:pfkey_address_process: tdb_said.dst set to 200.67.32.187. Nov 26 21:09:35 localhost kernel: klips_debug:pfkey_address_process: successful. Nov 26 21:09:35 localhost kernel: klips_debug:pfkey_msg_interp: parsing message type 13 with msg_parser c885faa0. Nov 26 21:09:35 localhost kernel: klips_debug:pfkey_x_grpsa_parse: . Nov 26 21:09:35 localhost kernel: klips_debug:gettdb: linked entry in tdb table for hash=252 of SA:tun0x1003@200.67.32.187 requested. Nov 26 21:09:35 localhost kernel: klips_debug:gettdb: linked entry in tdb table for hash=195 of SA:esp0x82874a9e@200.67.32.187 requested. Nov 26 21:09:35 localhost kernel: klips_debug:pfkey_msg_hdr_build: Nov 26 21:09:35 localhost kernel: klips_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=c21ddd10 pfkey_ext=c21ddd9c *pfkey_ext=00000000. Nov 26 21:09:35 localhost kernel: klips_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=c21ddd10 pfkey_ext=c21ddd9c *pfkey_ext=c2c7c6e0. Nov 26 21:09:36 localhost kernel: klips_debug:pfkey_safe_build: error=0 Nov 26 21:09:36 localhost kernel: klips_debug:pfkey_safe_build:success. Nov 26 21:09:36 localhost kernel: klips_debug:pfkey_sa_build: spi=00001003 replay=0 sa_state=0 auth=0 encrypt=0 flags=0 Nov 26 21:09:36 localhost kernel: klips_debug:pfkey_safe_build: error=0 Nov 26 21:09:36 localhost kernel: klips_debug:pfkey_safe_build:success. Nov 26 21:09:36 localhost kernel: klips_debug:pfkey_address_build: exttype=6 proto=0 prefixlen=0 Nov 26 21:09:36 localhost kernel: klips_debug:pfkey_address_build: found address family AF_INET. Nov 26 21:09:36 localhost kernel: klips_debug:pfkey_address_build: found address=200.67.32.187:0. Nov 26 21:09:36 localhost kernel: klips_debug:pfkey_address_build: successful. Nov 26 21:09:36 localhost kernel: klips_debug:pfkey_safe_build: error=0 Nov 26 21:09:36 localhost kernel: klips_debug:pfkey_safe_build:success. Nov 26 21:09:36 localhost kernel: klips_debug:pfkey_x_satype_build: Nov 26 21:09:37 localhost kernel: klips_debug:pfkey_safe_build: error=0 Nov 26 21:09:37 localhost kernel: klips_debug:pfkey_safe_build:success. Nov 26 21:09:37 localhost kernel: klips_debug:pfkey_sa_build: spi=82874a9e replay=0 sa_state=0 auth=0 encrypt=0 flags=0 Nov 26 21:09:37 localhost kernel: klips_debug:pfkey_safe_build: error=0 Nov 26 21:09:37 localhost kernel: klips_debug:pfkey_safe_build:success. Nov 26 21:09:37 localhost kernel: klips_debug:pfkey_address_build: exttype=20 proto=0 prefixlen=0 Nov 26 21:09:37 localhost kernel: klips_debug:pfkey_address_build: found address family AF_INET. Nov 26 21:09:37 localhost kernel: klips_debug:pfkey_address_build: found address=200.67.32.187:0. Nov 26 21:09:37 localhost kernel: klips_debug:pfkey_address_build: successful. Nov 26 21:09:37 localhost kernel: klips_debug:pfkey_safe_build: error=0 Nov 26 21:09:37 localhost kernel: klips_debug:pfkey_safe_build:success. Nov 26 21:09:37 localhost kernel: klips_debug:pfkey_msg_build: pfkey_msg=c52743a0 allocated 104 bytes, &(extensions[0])=c21ddd9c Nov 26 21:09:38 localhost kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[1]=c66d35e0 to=c52743b0 Nov 26 21:09:38 localhost kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[6]=c2c7c640 to=c52743c0 Nov 26 21:09:38 localhost kernel: klips_debug:pfkey_msg_build: copying 8 bytes from extensions[18]=c2c7c540 to=c52743d8 Nov 26 21:09:38 localhost kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[19]=c2c7c560 to=c52743e0 Nov 26 21:09:38 localhost kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[20]=c2c7c6c0 to=c52743f0 Nov 26 21:09:38 localhost kernel: klips_debug:pfkey_msg_build: extensions permitted=001c0043, seen=001c0043, required=00000043. Nov 26 21:09:38 localhost kernel: klips_debug:pfkey_upmsg: allocating 104 bytes... Nov 26 21:09:38 localhost kernel: klips_debug:pfkey_upmsg: ...allocated at c5d576c0. Nov 26 21:09:38 localhost kernel: klips_debug:pfkey_x_grpsa_parse: sending up x_grpsa reply message for satype=9(IPIP) to socket=c2b1f1c0 succeeded. Nov 26 21:09:38 localhost kernel: klips_debug:pfkey_x_grpsa_parse: succeeded in sending x_grpsa reply message. Nov 26 21:09:38 localhost kernel: klips_debug:@ flags = 6 @key = c6a43260 key = 00000000->00000000 @mask = 00000000 Nov 26 21:09:38 localhost kernel: klips_debug:@ flags = 6 @key = c6a4326c key = ffffffff->ffffffff @mask = 00000000 Nov 26 21:09:39 localhost kernel: klips_debug: off = 0 Nov 26 21:09:39 localhost kernel: klips_debug:ipsec_eroute_get_info: buffer=0xc2313000, *start=0x0, offset=0, length=3072 Nov 26 21:09:39 localhost kernel: klips_debug:rj_walktree: for: rn=c277f368 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Nov 26 21:09:39 localhost kernel: klips_debug:rj_walktree: processing leaves, rn=c277f398 rj_b=-3 rj_flags=6 leaf key = ffffffff->ffffffff Nov 26 21:09:39 localhost kernel: klips_debug:rj_walktree: while: base=00000000 rn=c277f368 rj_b=-3 rj_flags=6 leaf key = 00000000->00000000 Nov 26 21:09:39 localhost kernel: klips_debug:pfkey_sendmsg: . Nov 26 21:09:39 localhost kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Nov 26 21:09:39 localhost kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=4, errno=0, satype=3(ESP), len=10, res=0, seq=19, pid=17684. Nov 26 21:09:40 localhost kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=c21dde2c. Nov 26 21:09:40 localhost kernel: klips_debug:pfkey_msg_interp: allocated extr->tdb=c1184200. Nov 26 21:09:40 localhost kernel: klips_debug:pfkey_msg_interp: satype 3 lookups to proto=50. Nov 26 21:09:40 localhost kernel: klips_debug:pfkey_msg_interp: processing ext 1 c277f850 with processor c885be20. Nov 26 21:09:40 localhost kernel: klips_debug:pfkey_sa_process: . Nov 26 21:09:40 localhost kernel: klips_debug:pfkey_msg_interp: processing ext 5 c277f860 with processor c885c100. Nov 26 21:09:40 localhost kernel: klips_debug:pfkey_address_process: Nov 26 21:09:40 localhost kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 200.65.105.19. Nov 26 21:09:40 localhost kernel: klips_debug:pfkey_address_process: found src address. Nov 26 21:09:40 localhost kernel: klips_debug:pfkey_address_process: successful. Nov 26 21:09:40 localhost kernel: klips_debug:pfkey_msg_interp: processing ext 6 c277f878 with processor c885c100. Nov 26 21:09:40 localhost kernel: klips_debug:pfkey_address_process: Nov 26 21:09:41 localhost kernel: klips_debug:pfkey_address_process: found address family=2, AF_INET, 200.67.32.187. Nov 26 21:09:41 localhost kernel: klips_debug:pfkey_address_process: found dst address. Nov 26 21:09:41 localhost kernel: klips_debug:pfkey_address_process: tdb_said.dst set to 200.67.32.187. Nov 26 21:09:41 localhost kernel: klips_debug:pfkey_address_process: successful. Nov 26 21:09:41 localhost kernel: klips_debug:pfkey_msg_interp: parsing message type 4 with msg_parser c885e860. Nov 26 21:09:41 localhost kernel: klips_debug:pfkey_delete_parse: . Nov 26 21:09:41 localhost kernel: klips_debug:gettdb: linked entry in tdb table for hash=195 of SA:esp0x82874a9e@200.67.32.187 requested. Nov 26 21:09:41 localhost kernel: klips_debug:deltdbchain: passed SA:esp0x82874a9e@200.67.32.187 Nov 26 21:09:41 localhost kernel: klips_debug:deltdbchain: unlinking and delting SA:esp0x82874a9e@200.67.32.187<6>, inext=tun0x1003@200.67.32.187<6>. Nov 26 21:09:41 localhost kernel: klips_debug:deltdb: deleting SA:esp0x82874a9e@200.67.32.187, hashval=195. Nov 26 21:09:41 localhost kernel: klips_debug:deltdb: successfully deleted first tdb in chain. Nov 26 21:09:41 localhost kernel: klips_debug:deltdbchain: unlinking and delting SA:tun0x1003@200.67.32.187<6>. Nov 26 21:09:42 localhost kernel: klips_debug:deltdb: deleting SA:tun0x1003@200.67.32.187, hashval=252. Nov 26 21:09:42 localhost kernel: klips_debug:deltdb: successfully deleted first tdb in chain. Nov 26 21:09:42 localhost kernel: klips_debug:pfkey_msg_hdr_build: Nov 26 21:09:42 localhost kernel: klips_debug:pfkey_msg_hdr_build: on_entry &pfkey_ext=c21ddd44 pfkey_ext=c21ddd6c *pfkey_ext=00000000. Nov 26 21:09:42 localhost kernel: klips_debug:pfkey_msg_hdr_build: on_exit &pfkey_ext=c21ddd44 pfkey_ext=c21ddd6c *pfkey_ext=c2c7c5e0. Nov 26 21:09:42 localhost kernel: klips_debug:pfkey_safe_build: error=0 Nov 26 21:09:42 localhost kernel: klips_debug:pfkey_safe_build:success. Nov 26 21:09:42 localhost kernel: klips_debug:pfkey_sa_build: spi=82874a9e replay=0 sa_state=0 auth=0 encrypt=0 flags=0 Nov 26 21:09:42 localhost kernel: klips_debug:pfkey_safe_build: error=0 Nov 26 21:09:42 localhost kernel: klips_debug:pfkey_safe_build:success. Nov 26 21:09:42 localhost kernel: klips_debug:pfkey_address_build: exttype=5 proto=0 prefixlen=0 Nov 26 21:09:42 localhost kernel: klips_debug:pfkey_address_build: found address family AF_INET. Nov 26 21:09:43 localhost kernel: klips_debug:pfkey_address_build: found address=200.65.105.19:500. Nov 26 21:09:43 localhost kernel: klips_debug:pfkey_address_build: successful. Nov 26 21:09:43 localhost kernel: klips_debug:pfkey_safe_build: error=0 Nov 26 21:09:43 localhost kernel: klips_debug:pfkey_safe_build:success. Nov 26 21:09:43 localhost kernel: klips_debug:pfkey_address_build: exttype=6 proto=0 prefixlen=0 Nov 26 21:09:43 localhost kernel: klips_debug:pfkey_address_build: found address family AF_INET. Nov 26 21:09:43 localhost kernel: klips_debug:pfkey_address_build: found address=200.67.32.187:0. Nov 26 21:09:43 localhost kernel: klips_debug:pfkey_address_build: successful. Nov 26 21:09:43 localhost kernel: klips_debug:pfkey_safe_build: error=0 Nov 26 21:09:43 localhost kernel: klips_debug:pfkey_safe_build:success. Nov 26 21:09:43 localhost kernel: klips_debug:pfkey_msg_build: pfkey_msg=c52743a0 allocated 80 bytes, &(extensions[0])=c21ddd6c Nov 26 21:09:43 localhost kernel: klips_debug:pfkey_msg_build: copying 16 bytes from extensions[1]=c2c7c660 to=c52743b0 Nov 26 21:09:44 localhost kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[5]=c2c7c580 to=c52743c0 Nov 26 21:09:44 localhost kernel: klips_debug:pfkey_msg_build: copying 24 bytes from extensions[6]=c2c7c340 to=c52743d8 Nov 26 21:09:44 localhost kernel: klips_debug:pfkey_msg_build: extensions permitted=00000063, seen=00000063, required=00000063. Nov 26 21:09:44 localhost kernel: klips_debug:pfkey_upmsg: allocating 80 bytes... Nov 26 21:09:44 localhost kernel: klips_debug:pfkey_upmsg: ...allocated at c2ae4820. Nov 26 21:09:44 localhost kernel: klips_debug:pfkey_delete_parse: sending up delete reply message for satype=3(ESP) to socket=c2b1f1c0 succeeded. Nov 26 21:09:44 localhost kernel: klips_debug:pfkey_release: sock=c2b1f1c0 sk=c2d82f40 Nov 26 21:09:44 localhost kernel: klips_debug:pfkey_destroy_socket: . Nov 26 21:09:44 localhost kernel: klips_debug:pfkey_remove_socket: . Nov 26 21:09:44 localhost kernel: klips_debug:pfkey_remove_socket: succeeded. Nov 26 21:09:44 localhost kernel: klips_debug:pfkey_destroy_socket: pfkey_remove_socket called. Nov 26 21:09:44 localhost kernel: klips_debug:pfkey_destroy_socket: sk(c2d82f40)->(&c2d82f94)receive_queue.{next=c2d82f94,prev=c2d82f94}. Nov 26 21:09:45 localhost kernel: klips_debug:pfkey_destroy_socket: destroyed. Nov 26 21:09:45 localhost kernel: klips_debug:pfkey_list_remove_socket: removing sock=c2b1f1c0 Nov 26 21:09:45 localhost kernel: klips_debug:pfkey_release: succeeded. Nov 26 21:09:46 localhost kernel: klips_debug:ipsec_device_event: NETDEV_GOING_DOWN dev=ipsec0 Nov 26 21:09:46 localhost kernel: klips_debug:ipsec_device_event: NETDEV_DOWN dev=ipsec0 flags=80 Nov 26 21:09:46 localhost kernel: IPSEC EVENT: KLIPS device ipsec0 shut down. Nov 26 21:09:46 localhost kernel: klips_debug:ipsec_tunnel_ioctl: tncfg service call #35313 for dev=ipsec0 Nov 26 21:09:46 localhost kernel: klips_debug:ipsec_tunnel_ioctl: calling ipsec_tunnel_detatch. Nov 26 21:09:46 localhost kernel: klips_debug:ipsec_tunnel_detach: physical device ppp0 being detached from virtual device ipsec0 Nov 26 21:09:46 localhost kernel: klips_debug:pfkey_create: sock=c2b1f580 type:3 state:1 flags:0 protocol:2 Nov 26 21:09:46 localhost kernel: klips_debug:pfkey_create: sock->fasync_list=00000000 sk->sleep=c2b1f59c. Nov 26 21:09:46 localhost kernel: klips_debug:pfkey_insert_socket: sk=c624b800 Nov 26 21:09:46 localhost kernel: klips_debug:pfkey_list_insert_socket: socketp=c2b1f580 Nov 26 21:09:46 localhost kernel: klips_debug:pfkey_create: Socket sock=c2b1f580 sk=c624b800 initialised. Nov 26 21:09:46 localhost kernel: klips_debug:pfkey_sendmsg: . Nov 26 21:09:46 localhost kernel: klips_debug:pfkey_sendmsg: msg sent for parsing. Nov 26 21:09:46 localhost kernel: klips_debug:pfkey_msg_interp: parsing message ver=2, type=16, errno=0, satype=0(UNKNOWN), len=9, res=0, seq=1, pid=18134. Nov 26 21:09:47 localhost kernel: klips_debug:pfkey_alloc_ipsec_sa: allocated tdb struct=c4bfde2c. Nov 26 21:09:47 localhost kernel: klips_debug:pfkey_msg_interp: allocated extr->tdb=c1184200. Nov 26 21:09:47 localhost kernel: klips_debug:pfkey_msg_interp: processing ext 25 c5274d30 with processor c885c9f0. Nov 26 21:09:47 localhost kernel: klips_debug:pfkey_x_debug_process: . Nov 26 21:09:47 localhost kernel: klips_debug:pfkey_x_debug_process: unset Nov 26 21:09:47 localhost kernel: klips_info:pfkey_cleanup: shutting down PF_KEY domain sockets. Nov 26 21:09:47 localhost kernel: klips_info:cleanup_module: ipsec module unloaded. Nov 26 21:09:47 localhost kernel: klips_info:ipsec_init: KLIPS startup, FreeS/WAN IPSec version: 1.98b + _________________________ plog + sed -n '29122,$p' /var/log/secure + egrep -i pluto + cat Nov 26 21:09:31 localhost ipsec__plutorun: Starting Pluto subsystem... Nov 26 21:09:31 localhost pluto[18356]: Starting Pluto (FreeS/WAN Version 1.99) Nov 26 21:09:31 localhost pluto[18356]: including X.509 patch (Version 0.9.15) Nov 26 21:09:31 localhost pluto[18356]: | opening /dev/urandom Nov 26 21:09:31 localhost pluto[18356]: | inserting event EVENT_REINIT_SECRET, timeout in 3600 seconds Nov 26 21:09:32 localhost pluto[18356]: | process 18356 listening for PF_KEY_V2 on file descriptor 6 Nov 26 21:09:32 localhost pluto[18356]: | finish_pfkey_msg: SADB_REGISTER message 1 for AH Nov 26 21:09:32 localhost pluto[18356]: | 02 07 00 02 02 00 00 00 01 00 00 00 b4 47 00 00 Nov 26 21:09:32 localhost pluto[18356]: | pfkey_get: SADB_REGISTER message 1 Nov 26 21:09:32 localhost pluto[18356]: | AH registered with kernel. Nov 26 21:09:32 localhost pluto[18356]: | finish_pfkey_msg: SADB_REGISTER message 2 for ESP Nov 26 21:09:32 localhost pluto[18356]: | 02 07 00 03 02 00 00 00 02 00 00 00 b4 47 00 00 Nov 26 21:09:32 localhost pluto[18356]: | pfkey_get: SADB_REGISTER message 2 Nov 26 21:09:32 localhost pluto[18356]: | ESP registered with kernel. Nov 26 21:09:32 localhost pluto[18356]: | finish_pfkey_msg: SADB_REGISTER message 3 for IPCOMP Nov 26 21:09:32 localhost pluto[18356]: | 02 07 00 0a 02 00 00 00 03 00 00 00 b4 47 00 00 Nov 26 21:09:32 localhost pluto[18356]: | pfkey_get: SADB_REGISTER message 3 Nov 26 21:09:33 localhost pluto[18356]: | IPCOMP registered with kernel. Nov 26 21:09:33 localhost pluto[18356]: | finish_pfkey_msg: SADB_REGISTER message 4 for IPIP Nov 26 21:09:33 localhost pluto[18356]: | 02 07 00 09 02 00 00 00 04 00 00 00 b4 47 00 00 Nov 26 21:09:33 localhost pluto[18356]: | pfkey_get: SADB_REGISTER message 4 Nov 26 21:09:33 localhost pluto[18356]: | IPIP registered with kernel. Nov 26 21:09:33 localhost pluto[18356]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Nov 26 21:09:33 localhost pluto[18356]: Changing to directory '/etc/ipsec.d/cacerts' Nov 26 21:09:33 localhost pluto[18356]: loaded cacert file 'cacert.pem' (1310 bytes) Nov 26 21:09:33 localhost pluto[18356]: | file content is not binary ASN.1 Nov 26 21:09:33 localhost pluto[18356]: | -----BEGIN CERTIFICATE----- Nov 26 21:09:33 localhost pluto[18356]: | -----END CERTIFICATE----- Nov 26 21:09:33 localhost pluto[18356]: | file coded in PEM format Nov 26 21:09:34 localhost pluto[18356]: | L0 - certificate: Nov 26 21:09:38 localhost pluto[18356]: | 35 bd 72 12 c1 cc fd 03 b5 f3 f2 75 fc e4 1a a3 Nov 26 21:09:38 localhost pluto[18356]: | e9 00 ce 20 ab 38 71 ad 28 65 5e 08 2f 66 78 cf Nov 26 21:09:38 localhost pluto[18356]: | 0e ee 3d d4 ea ca 24 dc 96 3a 39 d9 2c 82 d5 0d Nov 26 21:09:38 localhost pluto[18356]: | 45 f0 26 33 25 6c 31 af 5d 53 78 3d ba 73 0b Nov 26 21:09:39 localhost pluto[18356]: | L1 - tbsCertificate: Nov 26 21:09:39 localhost pluto[18356]: | 30 82 03 04 a0 03 02 01 02 02 01 00 30 0d 06 09 Nov 26 21:09:43 localhost pluto[18356]: | 2d 69 70 2e 63 6f 6d 82 01 00 30 0c 06 03 55 1d Nov 26 21:09:43 localhost pluto[18356]: | 13 04 05 30 03 01 01 ff Nov 26 21:09:43 localhost pluto[18356]: | L2 - DEFAULT v1: Nov 26 21:09:43 localhost pluto[18356]: | L3 - version: Nov 26 21:09:43 localhost pluto[18356]: | 02 Nov 26 21:09:43 localhost pluto[18356]: | v3 Nov 26 21:09:43 localhost pluto[18356]: | L2 - serialNumber: Nov 26 21:09:43 localhost pluto[18356]: | 00 Nov 26 21:09:44 localhost pluto[18356]: | L2 - signature: Nov 26 21:09:44 localhost pluto[18356]: | L3 - sigAlg: Nov 26 21:09:44 localhost pluto[18356]: | 'md5WithRSAEncryption' Nov 26 21:09:44 localhost pluto[18356]: | L2 - issuer: Nov 26 21:09:45 localhost pluto[18356]: | 0d 01 09 01 16 13 72 6f 6f 74 40 74 74 74 65 2e Nov 26 21:09:45 localhost pluto[18356]: | 6e 6f 2d 69 70 2e 63 6f 6d Nov 26 21:09:45 localhost pluto[18356]: | 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=root@ttte.no-ip.com' Nov 26 21:09:45 localhost pluto[18356]: | L2 - validity: Nov 26 21:09:45 localhost pluto[18356]: | L3 - notBefore: Nov 26 21:09:45 localhost pluto[18356]: | 'Nov 26 21:21:53 UTC 2002' Nov 26 21:09:45 localhost pluto[18356]: | L3 - notAfter: Nov 26 21:09:45 localhost pluto[18356]: | 'Jun 04 17:35:45 UTC 2013' Nov 26 21:09:45 localhost pluto[18356]: | L2 - subject: Nov 26 21:09:45 localhost pluto[18356]: | 30 81 96 31 0b 30 09 06 03 55 04 06 13 02 4d 58 Nov 26 21:09:46 localhost pluto[18356]: | 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=root@ttte.no-ip.com' Nov 26 21:09:46 localhost pluto[18356]: | L2 - subjectPublicKeyInfo: Nov 26 21:09:46 localhost pluto[18356]: | L3 - algorithm: Nov 26 21:09:46 localhost pluto[18356]: | L4 - algorithm: Nov 26 21:09:46 localhost pluto[18356]: | 'rsaEncryption' Nov 26 21:09:46 localhost pluto[18356]: | L3 - subjectPublicKey: Nov 26 21:09:46 localhost pluto[18356]: | L4 - RSAPublicKey: Nov 26 21:09:46 localhost pluto[18356]: | L5 - modulus: Nov 26 21:09:46 localhost pluto[18356]: | 00 c7 4b cd c9 33 c0 d0 5a 06 f8 b4 a2 d4 c7 ff Nov 26 21:09:47 localhost pluto[18356]: | 48 61 45 97 a1 0a 85 2f ab 73 83 9a b0 58 b6 9d Nov 26 21:09:47 localhost pluto[18356]: | 1f Nov 26 21:09:47 localhost pluto[18356]: | L5 - publicExponent: Nov 26 21:09:47 localhost pluto[18356]: | 01 00 01 Nov 26 21:09:47 localhost pluto[18356]: | L2 - optional extensions: Nov 26 21:09:47 localhost pluto[18356]: | L3 - extensions: Nov 26 21:09:47 localhost pluto[18356]: | L4 - extension: Nov 26 21:09:47 localhost pluto[18356]: | L5 - extnID: Nov 26 21:09:48 localhost pluto[18356]: | 'subjectKeyIdentifier' Nov 26 21:09:48 localhost pluto[18356]: | L5 - critical: Nov 26 21:09:48 localhost pluto[18356]: | FALSE Nov 26 21:09:48 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:09:48 localhost pluto[18356]: | 04 14 00 04 9e 46 33 2e 47 be 17 68 7e ff 8c 04 Nov 26 21:09:48 localhost pluto[18356]: | f9 2f 63 f1 de 2d Nov 26 21:09:48 localhost pluto[18356]: | L4 - extension: Nov 26 21:09:48 localhost pluto[18356]: | L5 - extnID: Nov 26 21:09:48 localhost pluto[18356]: | 'authorityKeyIdentifier' Nov 26 21:09:48 localhost pluto[18356]: | L5 - critical: Nov 26 21:09:48 localhost pluto[18356]: | FALSE Nov 26 21:09:49 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:09:49 localhost pluto[18356]: | 30 81 b8 80 14 00 04 9e 46 33 2e 47 be 17 68 7e Nov 26 21:09:50 localhost pluto[18356]: | 2e 63 6f 6d 31 22 30 20 06 09 2a 86 48 86 f7 0d Nov 26 21:09:50 localhost pluto[18356]: | L4 - extension: Nov 26 21:09:50 localhost pluto[18356]: | L5 - extnID: Nov 26 21:09:50 localhost pluto[18356]: | 'basicConstraints' Nov 26 21:09:50 localhost pluto[18356]: | L5 - critical: Nov 26 21:09:50 localhost pluto[18356]: | FALSE Nov 26 21:09:50 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:09:50 localhost pluto[18356]: | 30 03 01 01 ff Nov 26 21:09:50 localhost pluto[18356]: | L6 - basicConstraints: Nov 26 21:09:50 localhost pluto[18356]: | L7 - CA: Nov 26 21:09:50 localhost pluto[18356]: | ff Nov 26 21:09:50 localhost pluto[18356]: | TRUE Nov 26 21:09:50 localhost pluto[18356]: | L1 - signatureAlgorithm: Nov 26 21:09:50 localhost pluto[18356]: | L2 - algorithm: Nov 26 21:09:50 localhost pluto[18356]: | 'md5WithRSAEncryption' Nov 26 21:09:50 localhost pluto[18356]: | L1 - signature: Nov 26 21:09:50 localhost pluto[18356]: | 00 74 88 32 d1 32 47 ff ed 5d dd b0 36 2f 88 df Nov 26 21:09:51 localhost pluto[18356]: | 27 c8 5e a7 88 52 19 3c dd 8a 6e 2f 00 f5 e4 7e Nov 26 21:09:51 localhost pluto[18356]: | be 86 43 42 68 e3 56 b0 23 72 c1 ab 53 4b a6 a8 Nov 26 21:09:51 localhost pluto[18356]: | 0b Nov 26 21:09:51 localhost pluto[18356]: Changing to directory '/etc/ipsec.d/crls' Nov 26 21:09:51 localhost pluto[18356]: loaded crl file 'crl.pem' (528 bytes) Nov 26 21:09:51 localhost pluto[18356]: | file content is not binary ASN.1 Nov 26 21:09:51 localhost pluto[18356]: | -----BEGIN X509 CRL----- Nov 26 21:09:51 localhost pluto[18356]: | -----END X509 CRL----- Nov 26 21:09:51 localhost pluto[18356]: | file coded in PEM format Nov 26 21:09:51 localhost pluto[18356]: | L0 - certificateList: Nov 26 21:09:51 localhost pluto[18356]: | 30 82 01 5c 30 81 c6 30 0d 06 09 2a 86 48 86 f7 Nov 26 21:09:51 localhost pluto[18356]: | 0d 01 01 04 05 00 30 81 96 31 0b 30 09 06 03 55 Nov 26 21:09:51 localhost pluto[18356]: | 04 06 13 02 4d 58 31 13 30 11 06 03 55 04 08 13 Nov 26 21:09:52 localhost pluto[18356]: | L1 - tbsCertList: Nov 26 21:09:52 localhost pluto[18356]: | 30 81 c6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 Nov 26 21:09:53 localhost pluto[18356]: | 65 2e 6e 6f 2d 69 70 2e 63 6f 6d 17 0d 30 32 31 Nov 26 21:09:53 localhost pluto[18356]: | 31 32 36 32 32 33 36 31 32 5a 17 0d 30 32 31 32 Nov 26 21:09:53 localhost pluto[18356]: | 32 36 32 32 33 36 31 32 5a Nov 26 21:09:53 localhost pluto[18356]: | L2 - signature: Nov 26 21:09:53 localhost pluto[18356]: | L3 - sigAlg: Nov 26 21:09:53 localhost pluto[18356]: | 'md5WithRSAEncryption' Nov 26 21:09:53 localhost pluto[18356]: | L2 - issuer: Nov 26 21:09:53 localhost pluto[18356]: | 30 81 96 31 0b 30 09 06 03 55 04 06 13 02 4d 58 Nov 26 21:09:53 localhost pluto[18356]: | 6e 6f 2d 69 70 2e 63 6f 6d Nov 26 21:09:53 localhost pluto[18356]: | 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=root@ttte.no-ip.com' Nov 26 21:09:53 localhost pluto[18356]: | L2 - thisUpdate: Nov 26 21:09:53 localhost pluto[18356]: | 'Nov 26 22:36:12 UTC 2002' Nov 26 21:09:53 localhost pluto[18356]: | L2 - nextUpdate: Nov 26 21:09:53 localhost pluto[18356]: | 'Dec 26 22:36:12 UTC 2002' Nov 26 21:09:53 localhost pluto[18356]: | L1 - signatureAlgorithm: Nov 26 21:09:53 localhost pluto[18356]: | L2 - algorithm: Nov 26 21:09:54 localhost pluto[18356]: | 'md5WithRSAEncryption' Nov 26 21:09:54 localhost pluto[18356]: | L1 - signature: Nov 26 21:09:54 localhost pluto[18356]: | 00 94 5e b1 7c c6 c3 f3 96 43 00 92 94 55 36 16 Nov 26 21:09:54 localhost pluto[18356]: | 2a bb 20 19 8a ef e8 02 53 ea e7 f0 7c 74 4e 5f Nov 26 21:09:54 localhost pluto[18356]: | 51 cf 03 90 49 80 8e 30 7b 10 54 9a d9 88 31 96 Nov 26 21:09:54 localhost pluto[18356]: | 3c Nov 26 21:09:54 localhost pluto[18356]: loaded my default X.509 cert file '/etc/x509cert.der' (971 bytes) Nov 26 21:09:54 localhost pluto[18356]: | file coded in DER format Nov 26 21:09:54 localhost pluto[18356]: | L0 - certificate: Nov 26 21:09:54 localhost pluto[18356]: | 30 82 03 c7 30 82 03 30 a0 03 02 01 02 02 01 05 Nov 26 21:09:57 localhost pluto[18356]: | da 95 26 c2 89 19 c1 3c 9d 5d 53 a6 14 4b f5 71 Nov 26 21:09:57 localhost pluto[18356]: | b0 93 a7 c8 ee bb 59 f8 55 21 1d Nov 26 21:09:57 localhost pluto[18356]: | L1 - tbsCertificate: Nov 26 21:09:57 localhost pluto[18356]: | 30 82 03 30 a0 03 02 01 02 02 01 05 30 0d 06 09 Nov 26 21:09:59 localhost pluto[18356]: | 6f 74 40 74 74 74 65 2e 6e 6f 2d 69 70 2e 63 6f Nov 26 21:09:59 localhost pluto[18356]: | 6d 82 01 00 Nov 26 21:09:59 localhost pluto[18356]: | L2 - DEFAULT v1: Nov 26 21:09:59 localhost pluto[18356]: | L3 - version: Nov 26 21:09:59 localhost pluto[18356]: | 02 Nov 26 21:09:59 localhost pluto[18356]: | v3 Nov 26 21:09:59 localhost pluto[18356]: | L2 - serialNumber: Nov 26 21:09:59 localhost pluto[18356]: | 05 Nov 26 21:09:59 localhost pluto[18356]: | L2 - signature: Nov 26 21:09:59 localhost pluto[18356]: | L3 - sigAlg: Nov 26 21:09:59 localhost pluto[18356]: | 'md5WithRSAEncryption' Nov 26 21:09:59 localhost pluto[18356]: | L2 - issuer: Nov 26 21:09:59 localhost pluto[18356]: | 30 81 96 31 0b 30 09 06 03 55 04 06 13 02 4d 58 Nov 26 21:09:59 localhost pluto[18356]: | 31 13 30 11 06 03 55 04 08 13 0a 4e 75 65 76 6f Nov 26 21:10:00 localhost pluto[18356]: | 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=root@ttte.no-ip.com' Nov 26 21:10:00 localhost pluto[18356]: | L2 - validity: Nov 26 21:10:00 localhost pluto[18356]: | L3 - notBefore: Nov 26 21:10:00 localhost pluto[18356]: | 'Nov 27 01:47:14 UTC 2002' Nov 26 21:10:00 localhost pluto[18356]: | L3 - notAfter: Nov 26 21:10:00 localhost pluto[18356]: | 'Nov 24 01:47:14 UTC 2012' Nov 26 21:10:00 localhost pluto[18356]: | L2 - subject: Nov 26 21:10:00 localhost pluto[18356]: | 0d 01 09 01 16 12 65 73 76 40 74 74 74 65 2e 6e Nov 26 21:10:00 localhost pluto[18356]: | 6f 2d 69 70 2e 63 6f 6d Nov 26 21:10:00 localhost pluto[18356]: | 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esv@ttte.no-ip.com' Nov 26 21:10:00 localhost pluto[18356]: | L2 - subjectPublicKeyInfo: Nov 26 21:10:01 localhost pluto[18356]: | L3 - algorithm: Nov 26 21:10:01 localhost pluto[18356]: | L4 - algorithm: Nov 26 21:10:01 localhost pluto[18356]: | 'rsaEncryption' Nov 26 21:10:01 localhost pluto[18356]: | L3 - subjectPublicKey: Nov 26 21:10:01 localhost pluto[18356]: | L4 - RSAPublicKey: Nov 26 21:10:01 localhost pluto[18356]: | L5 - modulus: Nov 26 21:10:01 localhost pluto[18356]: | 71 27 7e 6e 5a 41 2e 56 70 23 64 b1 66 24 b4 dd Nov 26 21:10:01 localhost pluto[18356]: | 77 af 67 39 82 e9 00 f6 1e c5 81 74 b5 5a 4b b3 Nov 26 21:10:01 localhost pluto[18356]: | 81 Nov 26 21:10:01 localhost pluto[18356]: | L5 - publicExponent: Nov 26 21:10:01 localhost pluto[18356]: | 01 00 01 Nov 26 21:10:01 localhost pluto[18356]: | L2 - optional extensions: Nov 26 21:10:01 localhost pluto[18356]: | L3 - extensions: Nov 26 21:10:01 localhost pluto[18356]: | L4 - extension: Nov 26 21:10:01 localhost pluto[18356]: | L5 - extnID: Nov 26 21:10:01 localhost pluto[18356]: | 'basicConstraints' Nov 26 21:10:01 localhost pluto[18356]: | L5 - critical: Nov 26 21:10:01 localhost pluto[18356]: | FALSE Nov 26 21:10:02 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:10:02 localhost pluto[18356]: | 30 00 Nov 26 21:10:02 localhost pluto[18356]: | L6 - basicConstraints: Nov 26 21:10:02 localhost pluto[18356]: | L7 - CA: Nov 26 21:10:02 localhost pluto[18356]: | FALSE Nov 26 21:10:02 localhost pluto[18356]: | L4 - extension: Nov 26 21:10:02 localhost pluto[18356]: | L5 - extnID: Nov 26 21:10:02 localhost pluto[18356]: | 'nsComment' Nov 26 21:10:02 localhost pluto[18356]: | L5 - critical: Nov 26 21:10:02 localhost pluto[18356]: | FALSE Nov 26 21:10:02 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:10:02 localhost pluto[18356]: | 16 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72 61 Nov 26 21:10:02 localhost pluto[18356]: | 74 65 64 20 43 65 72 74 69 66 69 63 61 74 65 Nov 26 21:10:02 localhost pluto[18356]: | L4 - extension: Nov 26 21:10:02 localhost pluto[18356]: | L5 - extnID: Nov 26 21:10:02 localhost pluto[18356]: | 'subjectKeyIdentifier' Nov 26 21:10:02 localhost pluto[18356]: | L5 - critical: Nov 26 21:10:02 localhost pluto[18356]: | FALSE Nov 26 21:10:02 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:10:02 localhost pluto[18356]: | 04 14 a4 a0 3a 8d 9d 2e 64 6b fb 7d 37 4c 1f fb Nov 26 21:10:02 localhost pluto[18356]: | aa 9e 89 9b c5 51 Nov 26 21:10:02 localhost pluto[18356]: | L4 - extension: Nov 26 21:10:02 localhost pluto[18356]: | L5 - extnID: Nov 26 21:10:02 localhost pluto[18356]: | 'authorityKeyIdentifier' Nov 26 21:10:03 localhost pluto[18356]: | L5 - critical: Nov 26 21:10:03 localhost pluto[18356]: | FALSE Nov 26 21:10:03 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:10:03 localhost pluto[18356]: | 01 09 01 16 13 72 6f 6f 74 40 74 74 74 65 2e 6e Nov 26 21:10:03 localhost pluto[18356]: | 6f 2d 69 70 2e 63 6f 6d 82 01 00 Nov 26 21:10:03 localhost pluto[18356]: | L1 - signatureAlgorithm: Nov 26 21:10:03 localhost pluto[18356]: | L2 - algorithm: Nov 26 21:10:03 localhost pluto[18356]: | 'md5WithRSAEncryption' Nov 26 21:10:03 localhost pluto[18356]: | L1 - signature: Nov 26 21:10:03 localhost pluto[18356]: | 00 67 a5 ec 87 e6 61 84 fe ac 9c c0 37 82 3a fb Nov 26 21:10:03 localhost pluto[18356]: | 3c 19 30 33 d2 c6 08 20 f5 06 c4 5c b5 06 c5 68 Nov 26 21:10:04 localhost pluto[18356]: | 1d Nov 26 21:10:04 localhost pluto[18356]: | next event EVENT_SHUNT_SCAN in 89 seconds Nov 26 21:10:04 localhost pluto[18356]: | Nov 26 21:10:04 localhost pluto[18356]: | *received whack message Nov 26 21:10:04 localhost pluto[18356]: loaded host cert file '/etc/ipsec.d/certs/ttte.no-ip.com.pem' (3684 bytes) Nov 26 21:10:04 localhost pluto[18356]: | file content is not binary ASN.1 Nov 26 21:10:04 localhost pluto[18356]: | -----BEGIN CERTIFICATE----- Nov 26 21:10:04 localhost pluto[18356]: | -----END CERTIFICATE----- Nov 26 21:10:04 localhost pluto[18356]: | file coded in PEM format Nov 26 21:10:04 localhost pluto[18356]: | L0 - certificate: Nov 26 21:10:04 localhost pluto[18356]: | 30 82 03 c7 30 82 03 30 a0 03 02 01 02 02 01 05 Nov 26 21:10:07 localhost pluto[18356]: | fe 46 b5 cf 25 cc 6c 51 a6 87 79 61 ec 0f 45 14 Nov 26 21:10:07 localhost pluto[18356]: | c1 bf 7e ca 41 7c dd 6e 5d 9e 1d d8 01 f3 c5 ac Nov 26 21:10:07 localhost pluto[18356]: | da 95 26 c2 89 19 c1 3c 9d 5d 53 a6 14 4b f5 71 Nov 26 21:10:07 localhost pluto[18356]: | b0 93 a7 c8 ee bb 59 f8 55 21 1d Nov 26 21:10:07 localhost pluto[18356]: | L1 - tbsCertificate: Nov 26 21:10:07 localhost pluto[18356]: | 30 82 03 30 a0 03 02 01 02 02 01 05 30 0d 06 09 Nov 26 21:10:07 localhost pluto[18356]: | 2a 86 48 86 f7 0d 01 01 04 05 00 30 81 96 31 0b Nov 26 21:10:07 localhost pluto[18356]: | 30 09 06 03 55 04 06 13 02 4d 58 31 13 30 11 06 Nov 26 21:10:09 localhost pluto[18356]: | 6d 82 01 00 Nov 26 21:10:09 localhost pluto[18356]: | L2 - DEFAULT v1: Nov 26 21:10:09 localhost pluto[18356]: | L3 - version: Nov 26 21:10:09 localhost pluto[18356]: | 02 Nov 26 21:10:09 localhost pluto[18356]: | v3 Nov 26 21:10:09 localhost pluto[18356]: | L2 - serialNumber: Nov 26 21:10:09 localhost pluto[18356]: | 05 Nov 26 21:10:10 localhost pluto[18356]: | L2 - signature: Nov 26 21:10:10 localhost pluto[18356]: | L3 - sigAlg: Nov 26 21:10:10 localhost pluto[18356]: | 'md5WithRSAEncryption' Nov 26 21:10:10 localhost pluto[18356]: | L2 - issuer: Nov 26 21:10:10 localhost pluto[18356]: | 30 81 96 31 0b 30 09 06 03 55 04 06 13 02 4d 58 Nov 26 21:10:10 localhost pluto[18356]: | 31 13 30 11 06 03 55 04 08 13 0a 4e 75 65 76 6f Nov 26 21:10:10 localhost pluto[18356]: | 6e 6f 2d 69 70 2e 63 6f 6d Nov 26 21:10:10 localhost pluto[18356]: | 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=root@ttte.no-ip.com' Nov 26 21:10:10 localhost pluto[18356]: | L2 - validity: Nov 26 21:10:10 localhost pluto[18356]: | L3 - notBefore: Nov 26 21:10:10 localhost pluto[18356]: | 'Nov 27 01:47:14 UTC 2002' Nov 26 21:10:10 localhost pluto[18356]: | L3 - notAfter: Nov 26 21:10:10 localhost pluto[18356]: | 'Nov 24 01:47:14 UTC 2012' Nov 26 21:10:10 localhost pluto[18356]: | L2 - subject: Nov 26 21:10:10 localhost pluto[18356]: | 30 81 95 31 0b 30 09 06 03 55 04 06 13 02 4d 58 Nov 26 21:10:11 localhost pluto[18356]: | 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esv@ttte.no-ip.com' Nov 26 21:10:11 localhost pluto[18356]: | L2 - subjectPublicKeyInfo: Nov 26 21:10:11 localhost pluto[18356]: | L3 - algorithm: Nov 26 21:10:11 localhost pluto[18356]: | L4 - algorithm: Nov 26 21:10:11 localhost pluto[18356]: | 'rsaEncryption' Nov 26 21:10:11 localhost pluto[18356]: | L3 - subjectPublicKey: Nov 26 21:10:11 localhost pluto[18356]: | L4 - RSAPublicKey: Nov 26 21:10:11 localhost pluto[18356]: | L5 - modulus: Nov 26 21:10:11 localhost pluto[18356]: | 00 e3 a7 83 85 e1 24 66 45 ff 6c 0e 25 5d 43 96 Nov 26 21:10:11 localhost pluto[18356]: | b2 ba 87 1d c5 26 53 69 a8 f1 00 29 0e dc 81 bc Nov 26 21:10:12 localhost pluto[18356]: | 81 Nov 26 21:10:12 localhost pluto[18356]: | L5 - publicExponent: Nov 26 21:10:12 localhost pluto[18356]: | 01 00 01 Nov 26 21:10:12 localhost pluto[18356]: | L2 - optional extensions: Nov 26 21:10:12 localhost pluto[18356]: | L3 - extensions: Nov 26 21:10:12 localhost pluto[18356]: | L4 - extension: Nov 26 21:10:12 localhost pluto[18356]: | L5 - extnID: Nov 26 21:10:12 localhost pluto[18356]: | 'basicConstraints' Nov 26 21:10:12 localhost pluto[18356]: | L5 - critical: Nov 26 21:10:12 localhost pluto[18356]: | FALSE Nov 26 21:10:12 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:10:12 localhost pluto[18356]: | 30 00 Nov 26 21:10:12 localhost pluto[18356]: | L6 - basicConstraints: Nov 26 21:10:12 localhost pluto[18356]: | L7 - CA: Nov 26 21:10:12 localhost pluto[18356]: | FALSE Nov 26 21:10:12 localhost pluto[18356]: | L4 - extension: Nov 26 21:10:12 localhost pluto[18356]: | L5 - extnID: Nov 26 21:10:12 localhost pluto[18356]: | 'nsComment' Nov 26 21:10:12 localhost pluto[18356]: | L5 - critical: Nov 26 21:10:12 localhost pluto[18356]: | FALSE Nov 26 21:10:12 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:10:12 localhost pluto[18356]: | 16 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72 61 Nov 26 21:10:13 localhost pluto[18356]: | 74 65 64 20 43 65 72 74 69 66 69 63 61 74 65 Nov 26 21:10:13 localhost pluto[18356]: | L4 - extension: Nov 26 21:10:13 localhost pluto[18356]: | L5 - extnID: Nov 26 21:10:13 localhost pluto[18356]: | 'subjectKeyIdentifier' Nov 26 21:10:13 localhost pluto[18356]: | L5 - critical: Nov 26 21:10:13 localhost pluto[18356]: | FALSE Nov 26 21:10:13 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:10:13 localhost pluto[18356]: | 04 14 a4 a0 3a 8d 9d 2e 64 6b fb 7d 37 4c 1f fb Nov 26 21:10:13 localhost pluto[18356]: | aa 9e 89 9b c5 51 Nov 26 21:10:13 localhost pluto[18356]: | L4 - extension: Nov 26 21:10:13 localhost pluto[18356]: | L5 - extnID: Nov 26 21:10:13 localhost pluto[18356]: | 'authorityKeyIdentifier' Nov 26 21:10:13 localhost pluto[18356]: | L5 - critical: Nov 26 21:10:13 localhost pluto[18356]: | FALSE Nov 26 21:10:13 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:10:13 localhost pluto[18356]: | 30 81 b8 80 14 00 04 9e 46 33 2e 47 be 17 68 7e Nov 26 21:10:14 localhost pluto[18356]: | 6f 2d 69 70 2e 63 6f 6d 82 01 00 Nov 26 21:10:14 localhost pluto[18356]: | L1 - signatureAlgorithm: Nov 26 21:10:14 localhost pluto[18356]: | L2 - algorithm: Nov 26 21:10:14 localhost pluto[18356]: | 'md5WithRSAEncryption' Nov 26 21:10:14 localhost pluto[18356]: | L1 - signature: Nov 26 21:10:14 localhost pluto[18356]: | 00 67 a5 ec 87 e6 61 84 fe ac 9c c0 37 82 3a fb Nov 26 21:10:14 localhost pluto[18356]: | 1d Nov 26 21:10:14 localhost pluto[18356]: | not before : Nov 27 01:47:14 UTC 2002 Nov 26 21:10:14 localhost pluto[18356]: | current time: Nov 27 03:10:14 UTC 2002 Nov 26 21:10:14 localhost pluto[18356]: | not after : Nov 24 01:47:14 UTC 2012 Nov 26 21:10:14 localhost pluto[18356]: added connection description "roadwarrior-net" Nov 26 21:10:14 localhost pluto[18356]: | 192.168.254.0/24===200.67.32.187[C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esv@ttte.no-ip.com]---148.223.58.5...%any Nov 26 21:10:14 localhost pluto[18356]: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1; policy: RSASIG+ENCRYPT+COMPRESS+TUNNEL+PFS Nov 26 21:10:14 localhost pluto[18356]: | next event EVENT_SHUNT_SCAN in 79 seconds Nov 26 21:10:14 localhost pluto[18356]: | Nov 26 21:10:15 localhost pluto[18356]: | *received whack message Nov 26 21:10:15 localhost pluto[18356]: listening for IKE messages Nov 26 21:10:15 localhost pluto[18356]: | found lo with address 127.0.0.1 Nov 26 21:10:15 localhost pluto[18356]: | found eth0 with address 10.0.0.2 Nov 26 21:10:15 localhost pluto[18356]: | found eth1 with address 192.168.254.1 Nov 26 21:10:15 localhost pluto[18356]: | found ppp0 with address 200.67.32.187 Nov 26 21:10:15 localhost pluto[18356]: | found ipsec0 with address 200.67.32.187 Nov 26 21:10:15 localhost pluto[18356]: adding interface ipsec0/ppp0 200.67.32.187 Nov 26 21:10:15 localhost pluto[18356]: | IP interface eth1 192.168.254.1 has no matching ipsec* interface -- ignored Nov 26 21:10:15 localhost pluto[18356]: | IP interface eth0 10.0.0.2 has no matching ipsec* interface -- ignored Nov 26 21:10:15 localhost pluto[18356]: | IP interface lo 127.0.0.1 has no matching ipsec* interface -- ignored Nov 26 21:10:15 localhost pluto[18356]: | could not open /proc/net/if_inet6 Nov 26 21:10:15 localhost pluto[18356]: loading secrets from "/etc/ipsec.secrets" Nov 26 21:10:15 localhost pluto[18356]: loaded private key file '/etc/ipsec.d/private/ttte.no-ip.com.key' (1675 bytes) Nov 26 21:10:15 localhost pluto[18356]: | file content is not binary ASN.1 Nov 26 21:10:15 localhost pluto[18356]: | -----BEGIN RSA PRIVATE KEY----- Nov 26 21:10:15 localhost pluto[18356]: | Proc-Type: 4,ENCRYPTED Nov 26 21:10:15 localhost pluto[18356]: | DEK-Info: DES-EDE3-CBC,1ABCAFD713F4DE88 Nov 26 21:10:15 localhost pluto[18356]: | -----END RSA PRIVATE KEY----- Nov 26 21:10:15 localhost pluto[18356]: | decrypting file using 'DES-EDE3-CBC' Nov 26 21:10:15 localhost pluto[18356]: | file coded in PEM format Nov 26 21:10:15 localhost pluto[18356]: | L0 - RSAPrivateKey: Nov 26 21:10:15 localhost pluto[18356]: | L1 - version: Nov 26 21:10:16 localhost pluto[18356]: | L1 - modulus: Nov 26 21:10:16 localhost pluto[18356]: | L1 - publicExponent: Nov 26 21:10:16 localhost pluto[18356]: | L1 - privateExponent: Nov 26 21:10:16 localhost pluto[18356]: | L1 - prime1: Nov 26 21:10:16 localhost pluto[18356]: | L1 - prime2: Nov 26 21:10:16 localhost pluto[18356]: | L1 - exponent1: Nov 26 21:10:16 localhost pluto[18356]: | L1 - exponent2: Nov 26 21:10:16 localhost pluto[18356]: | L1 - coefficient: Nov 26 21:10:16 localhost pluto[18356]: | next event EVENT_SHUNT_SCAN in 77 seconds Nov 26 21:11:29 localhost pluto[18356]: | Nov 26 21:11:29 localhost pluto[18356]: | *received 216 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:11:29 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b 00 00 00 00 00 00 00 00 Nov 26 21:11:29 localhost pluto[18356]: | b5 87 e4 61 00 00 00 03 Nov 26 21:11:29 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:11:29 localhost pluto[18356]: | initiator cookie: Nov 26 21:11:29 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:29 localhost pluto[18356]: | responder cookie: Nov 26 21:11:29 localhost pluto[18356]: | 00 00 00 00 00 00 00 00 Nov 26 21:11:30 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SA Nov 26 21:11:30 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:11:30 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:11:30 localhost pluto[18356]: | flags: none Nov 26 21:11:30 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:11:30 localhost pluto[18356]: | length: 216 Nov 26 21:11:30 localhost pluto[18356]: | ***parse ISAKMP Security Association Payload: Nov 26 21:11:30 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_VID Nov 26 21:11:30 localhost pluto[18356]: | length: 164 Nov 26 21:11:30 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:11:30 localhost pluto[18356]: | ***parse ISAKMP Vendor ID Payload: Nov 26 21:11:30 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:30 localhost pluto[18356]: | length: 24 Nov 26 21:11:30 localhost pluto[18356]: packet from 200.65.105.19:500: ignoring Vendor ID payload Nov 26 21:11:30 localhost pluto[18356]: | VID: 1e 2b 51 69 05 99 1c 7d 7c 96 fc bf b5 87 e4 61 Nov 26 21:11:30 localhost pluto[18356]: | 00 00 00 03 Nov 26 21:11:30 localhost pluto[18356]: | instantiated "roadwarrior-net" for 200.65.105.19 Nov 26 21:11:30 localhost pluto[18356]: | creating state object #1 at 0x80aaf30 Nov 26 21:11:30 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:30 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:30 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:11:30 localhost pluto[18356]: | state hash entry 12 Nov 26 21:11:30 localhost pluto[18356]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #1 Nov 26 21:11:30 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #1: responding to Main Mode from unknown peer 200.65.105.19 Nov 26 21:11:31 localhost pluto[18356]: | **emit ISAKMP Message: Nov 26 21:11:31 localhost pluto[18356]: | initiator cookie: Nov 26 21:11:31 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:31 localhost pluto[18356]: | responder cookie: Nov 26 21:11:31 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:31 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SA Nov 26 21:11:31 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:11:31 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:11:31 localhost pluto[18356]: | flags: none Nov 26 21:11:31 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:11:31 localhost pluto[18356]: | ***emit ISAKMP Security Association Payload: Nov 26 21:11:31 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:31 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:11:31 localhost pluto[18356]: | ****parse IPsec DOI SIT: Nov 26 21:11:31 localhost pluto[18356]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Nov 26 21:11:31 localhost pluto[18356]: | ****parse ISAKMP Proposal Payload: Nov 26 21:11:31 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:31 localhost pluto[18356]: | length: 152 Nov 26 21:11:31 localhost pluto[18356]: | proposal number: 1 Nov 26 21:11:31 localhost pluto[18356]: | protocol ID: PROTO_ISAKMP Nov 26 21:11:31 localhost pluto[18356]: | SPI size: 0 Nov 26 21:11:31 localhost pluto[18356]: | number of transforms: 4 Nov 26 21:11:31 localhost pluto[18356]: | *****parse ISAKMP Transform Payload (ISAKMP): Nov 26 21:11:31 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_T Nov 26 21:11:32 localhost pluto[18356]: | length: 36 Nov 26 21:11:32 localhost pluto[18356]: | transform number: 1 Nov 26 21:11:32 localhost pluto[18356]: | transform ID: KEY_IKE Nov 26 21:11:32 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:32 localhost pluto[18356]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM Nov 26 21:11:32 localhost pluto[18356]: | length/value: 5 Nov 26 21:11:32 localhost pluto[18356]: | [5 is OAKLEY_3DES_CBC] Nov 26 21:11:32 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:32 localhost pluto[18356]: | af+type: OAKLEY_HASH_ALGORITHM Nov 26 21:11:32 localhost pluto[18356]: | length/value: 2 Nov 26 21:11:32 localhost pluto[18356]: | [2 is OAKLEY_SHA] Nov 26 21:11:32 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:32 localhost pluto[18356]: | af+type: OAKLEY_GROUP_DESCRIPTION Nov 26 21:11:32 localhost pluto[18356]: | length/value: 2 Nov 26 21:11:32 localhost pluto[18356]: | [2 is OAKLEY_GROUP_MODP1024] Nov 26 21:11:32 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:32 localhost pluto[18356]: | af+type: OAKLEY_AUTHENTICATION_METHOD Nov 26 21:11:32 localhost pluto[18356]: | length/value: 3 Nov 26 21:11:32 localhost pluto[18356]: | [3 is OAKLEY_RSA_SIG] Nov 26 21:11:32 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:32 localhost pluto[18356]: | af+type: OAKLEY_LIFE_TYPE Nov 26 21:11:32 localhost pluto[18356]: | length/value: 1 Nov 26 21:11:32 localhost pluto[18356]: | [1 is OAKLEY_LIFE_SECONDS] Nov 26 21:11:32 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:33 localhost pluto[18356]: | af+type: OAKLEY_LIFE_DURATION (variable length) Nov 26 21:11:33 localhost pluto[18356]: | length/value: 4 Nov 26 21:11:33 localhost pluto[18356]: | long duration: 28800 Nov 26 21:11:33 localhost pluto[18356]: | Oakley Transform 1 accepted Nov 26 21:11:33 localhost pluto[18356]: | ****emit IPsec DOI SIT: Nov 26 21:11:33 localhost pluto[18356]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Nov 26 21:11:33 localhost pluto[18356]: | ****emit ISAKMP Proposal Payload: Nov 26 21:11:33 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:33 localhost pluto[18356]: | proposal number: 1 Nov 26 21:11:33 localhost pluto[18356]: | protocol ID: PROTO_ISAKMP Nov 26 21:11:33 localhost pluto[18356]: | SPI size: 0 Nov 26 21:11:33 localhost pluto[18356]: | number of transforms: 1 Nov 26 21:11:33 localhost pluto[18356]: | *****emit ISAKMP Transform Payload (ISAKMP): Nov 26 21:11:33 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:33 localhost pluto[18356]: | transform number: 1 Nov 26 21:11:33 localhost pluto[18356]: | transform ID: KEY_IKE Nov 26 21:11:33 localhost pluto[18356]: | emitting 28 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) Nov 26 21:11:33 localhost pluto[18356]: | attributes 80 01 00 05 80 02 00 02 80 04 00 02 80 03 00 03 Nov 26 21:11:33 localhost pluto[18356]: | 80 0b 00 01 00 0c 00 04 00 00 70 80 Nov 26 21:11:33 localhost pluto[18356]: | emitting length of ISAKMP Transform Payload (ISAKMP): 36 Nov 26 21:11:33 localhost pluto[18356]: | emitting length of ISAKMP Proposal Payload: 44 Nov 26 21:11:33 localhost pluto[18356]: | emitting length of ISAKMP Security Association Payload: 56 Nov 26 21:11:33 localhost pluto[18356]: | emitting length of ISAKMP Message: 84 Nov 26 21:11:33 localhost pluto[18356]: | sending 84 bytes for STATE_MAIN_R0 through ppp0 to 200.65.105.19:500: Nov 26 21:11:34 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:34 localhost pluto[18356]: | 01 10 02 00 00 00 00 00 00 00 00 54 00 00 00 38 Nov 26 21:11:34 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1 Nov 26 21:11:34 localhost pluto[18356]: | next event EVENT_SHUNT_SCAN in -1 seconds Nov 26 21:11:34 localhost pluto[18356]: | Nov 26 21:11:34 localhost pluto[18356]: | *time to handle event Nov 26 21:11:34 localhost pluto[18356]: | event after this is EVENT_RETRANSMIT in 10 seconds Nov 26 21:11:34 localhost pluto[18356]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Nov 26 21:11:34 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 10 seconds for #1 Nov 26 21:11:34 localhost pluto[18356]: | Nov 26 21:11:34 localhost pluto[18356]: | *received 216 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:11:34 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b 00 00 00 00 00 00 00 00 Nov 26 21:11:35 localhost pluto[18356]: | 01 10 02 00 00 00 00 00 00 00 00 d8 0d 00 00 a4 Nov 26 21:11:35 localhost pluto[18356]: | b5 87 e4 61 00 00 00 03 Nov 26 21:11:35 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:11:35 localhost pluto[18356]: | initiator cookie: Nov 26 21:11:35 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:35 localhost pluto[18356]: | responder cookie: Nov 26 21:11:35 localhost pluto[18356]: | 00 00 00 00 00 00 00 00 Nov 26 21:11:35 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SA Nov 26 21:11:35 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:11:35 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:11:35 localhost pluto[18356]: | flags: none Nov 26 21:11:35 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:11:35 localhost pluto[18356]: | length: 216 Nov 26 21:11:36 localhost pluto[18356]: | ***parse ISAKMP Security Association Payload: Nov 26 21:11:36 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_VID Nov 26 21:11:36 localhost pluto[18356]: | length: 164 Nov 26 21:11:36 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:11:36 localhost pluto[18356]: | ***parse ISAKMP Vendor ID Payload: Nov 26 21:11:36 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:36 localhost pluto[18356]: | length: 24 Nov 26 21:11:36 localhost pluto[18356]: packet from 200.65.105.19:500: ignoring Vendor ID payload Nov 26 21:11:36 localhost pluto[18356]: | VID: 1e 2b 51 69 05 99 1c 7d 7c 96 fc bf b5 87 e4 61 Nov 26 21:11:36 localhost pluto[18356]: | 00 00 00 03 Nov 26 21:11:36 localhost pluto[18356]: | creating state object #2 at 0x80ab1d0 Nov 26 21:11:36 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:36 localhost pluto[18356]: | RCOOKIE: 05 6b 92 48 88 a7 bf 01 Nov 26 21:11:36 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:11:36 localhost pluto[18356]: | state hash entry 21 Nov 26 21:11:36 localhost pluto[18356]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #2 Nov 26 21:11:36 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #2: responding to Main Mode from unknown peer 200.65.105.19 Nov 26 21:11:36 localhost pluto[18356]: | **emit ISAKMP Message: Nov 26 21:11:36 localhost pluto[18356]: | initiator cookie: Nov 26 21:11:36 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:36 localhost pluto[18356]: | responder cookie: Nov 26 21:11:36 localhost pluto[18356]: | 05 6b 92 48 88 a7 bf 01 Nov 26 21:11:36 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SA Nov 26 21:11:36 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:11:37 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:11:37 localhost pluto[18356]: | flags: none Nov 26 21:11:37 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:11:37 localhost pluto[18356]: | ***emit ISAKMP Security Association Payload: Nov 26 21:11:37 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:37 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:11:37 localhost pluto[18356]: | ****parse IPsec DOI SIT: Nov 26 21:11:37 localhost pluto[18356]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Nov 26 21:11:37 localhost pluto[18356]: | ****parse ISAKMP Proposal Payload: Nov 26 21:11:37 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:37 localhost pluto[18356]: | length: 152 Nov 26 21:11:37 localhost pluto[18356]: | proposal number: 1 Nov 26 21:11:37 localhost pluto[18356]: | protocol ID: PROTO_ISAKMP Nov 26 21:11:37 localhost pluto[18356]: | SPI size: 0 Nov 26 21:11:37 localhost pluto[18356]: | number of transforms: 4 Nov 26 21:11:37 localhost pluto[18356]: | *****parse ISAKMP Transform Payload (ISAKMP): Nov 26 21:11:37 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_T Nov 26 21:11:37 localhost pluto[18356]: | length: 36 Nov 26 21:11:37 localhost pluto[18356]: | transform number: 1 Nov 26 21:11:37 localhost pluto[18356]: | transform ID: KEY_IKE Nov 26 21:11:37 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:37 localhost pluto[18356]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM Nov 26 21:11:37 localhost pluto[18356]: | length/value: 5 Nov 26 21:11:37 localhost pluto[18356]: | [5 is OAKLEY_3DES_CBC] Nov 26 21:11:38 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:38 localhost pluto[18356]: | af+type: OAKLEY_HASH_ALGORITHM Nov 26 21:11:38 localhost pluto[18356]: | length/value: 2 Nov 26 21:11:38 localhost pluto[18356]: | [2 is OAKLEY_SHA] Nov 26 21:11:38 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:38 localhost pluto[18356]: | af+type: OAKLEY_GROUP_DESCRIPTION Nov 26 21:11:38 localhost pluto[18356]: | length/value: 2 Nov 26 21:11:38 localhost pluto[18356]: | [2 is OAKLEY_GROUP_MODP1024] Nov 26 21:11:38 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:38 localhost pluto[18356]: | af+type: OAKLEY_AUTHENTICATION_METHOD Nov 26 21:11:38 localhost pluto[18356]: | length/value: 3 Nov 26 21:11:38 localhost pluto[18356]: | [3 is OAKLEY_RSA_SIG] Nov 26 21:11:38 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:38 localhost pluto[18356]: | af+type: OAKLEY_LIFE_TYPE Nov 26 21:11:38 localhost pluto[18356]: | length/value: 1 Nov 26 21:11:38 localhost pluto[18356]: | [1 is OAKLEY_LIFE_SECONDS] Nov 26 21:11:38 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:38 localhost pluto[18356]: | af+type: OAKLEY_LIFE_DURATION (variable length) Nov 26 21:11:38 localhost pluto[18356]: | length/value: 4 Nov 26 21:11:38 localhost pluto[18356]: | long duration: 28800 Nov 26 21:11:38 localhost pluto[18356]: | Oakley Transform 1 accepted Nov 26 21:11:38 localhost pluto[18356]: | ****emit IPsec DOI SIT: Nov 26 21:11:38 localhost pluto[18356]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Nov 26 21:11:38 localhost pluto[18356]: | ****emit ISAKMP Proposal Payload: Nov 26 21:11:39 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:39 localhost pluto[18356]: | proposal number: 1 Nov 26 21:11:39 localhost pluto[18356]: | protocol ID: PROTO_ISAKMP Nov 26 21:11:39 localhost pluto[18356]: | SPI size: 0 Nov 26 21:11:39 localhost pluto[18356]: | number of transforms: 1 Nov 26 21:11:39 localhost pluto[18356]: | *****emit ISAKMP Transform Payload (ISAKMP): Nov 26 21:11:39 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:39 localhost pluto[18356]: | transform number: 1 Nov 26 21:11:39 localhost pluto[18356]: | transform ID: KEY_IKE Nov 26 21:11:39 localhost pluto[18356]: | emitting 28 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) Nov 26 21:11:39 localhost pluto[18356]: | attributes 80 01 00 05 80 02 00 02 80 04 00 02 80 03 00 03 Nov 26 21:11:39 localhost pluto[18356]: | 80 0b 00 01 00 0c 00 04 00 00 70 80 Nov 26 21:11:39 localhost pluto[18356]: | emitting length of ISAKMP Transform Payload (ISAKMP): 36 Nov 26 21:11:39 localhost pluto[18356]: | emitting length of ISAKMP Proposal Payload: 44 Nov 26 21:11:39 localhost pluto[18356]: | emitting length of ISAKMP Security Association Payload: 56 Nov 26 21:11:39 localhost pluto[18356]: | emitting length of ISAKMP Message: 84 Nov 26 21:11:39 localhost pluto[18356]: | sending 84 bytes for STATE_MAIN_R0 through ppp0 to 200.65.105.19:500: Nov 26 21:11:39 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b 05 6b 92 48 88 a7 bf 01 Nov 26 21:11:39 localhost pluto[18356]: | 01 10 02 00 00 00 00 00 00 00 00 54 00 00 00 38 Nov 26 21:11:39 localhost pluto[18356]: | 00 00 00 01 00 00 00 01 00 00 00 2c 01 01 00 01 Nov 26 21:11:39 localhost pluto[18356]: | 00 00 00 24 01 01 00 00 80 01 00 05 80 02 00 02 Nov 26 21:11:39 localhost pluto[18356]: | 80 04 00 02 80 03 00 03 80 0b 00 01 00 0c 00 04 Nov 26 21:11:39 localhost pluto[18356]: | 00 00 70 80 Nov 26 21:11:39 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #2 Nov 26 21:11:40 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 4 seconds for #1 Nov 26 21:11:40 localhost pluto[18356]: | Nov 26 21:11:40 localhost pluto[18356]: | *received 216 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:11:40 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b 00 00 00 00 00 00 00 00 Nov 26 21:11:40 localhost pluto[18356]: | 00 00 00 18 1e 2b 51 69 05 99 1c 7d 7c 96 fc bf Nov 26 21:11:40 localhost pluto[18356]: | b5 87 e4 61 00 00 00 03 Nov 26 21:11:40 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:11:40 localhost pluto[18356]: | initiator cookie: Nov 26 21:11:40 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:40 localhost pluto[18356]: | responder cookie: Nov 26 21:11:40 localhost pluto[18356]: | 00 00 00 00 00 00 00 00 Nov 26 21:11:40 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SA Nov 26 21:11:40 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:11:41 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:11:41 localhost pluto[18356]: | flags: none Nov 26 21:11:41 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:11:41 localhost pluto[18356]: | length: 216 Nov 26 21:11:41 localhost pluto[18356]: | ***parse ISAKMP Security Association Payload: Nov 26 21:11:41 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_VID Nov 26 21:11:41 localhost pluto[18356]: | length: 164 Nov 26 21:11:41 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:11:41 localhost pluto[18356]: | ***parse ISAKMP Vendor ID Payload: Nov 26 21:11:41 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:41 localhost pluto[18356]: | length: 24 Nov 26 21:11:41 localhost pluto[18356]: packet from 200.65.105.19:500: ignoring Vendor ID payload Nov 26 21:11:41 localhost pluto[18356]: | VID: 1e 2b 51 69 05 99 1c 7d 7c 96 fc bf b5 87 e4 61 Nov 26 21:11:41 localhost pluto[18356]: | 00 00 00 03 Nov 26 21:11:41 localhost pluto[18356]: | creating state object #3 at 0x80ab518 Nov 26 21:11:41 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:41 localhost pluto[18356]: | RCOOKIE: e2 60 67 74 d0 f7 70 24 Nov 26 21:11:41 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:11:41 localhost pluto[18356]: | state hash entry 22 Nov 26 21:11:41 localhost pluto[18356]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #3 Nov 26 21:11:41 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #3: responding to Main Mode from unknown peer 200.65.105.19 Nov 26 21:11:41 localhost pluto[18356]: | **emit ISAKMP Message: Nov 26 21:11:41 localhost pluto[18356]: | initiator cookie: Nov 26 21:11:42 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:42 localhost pluto[18356]: | responder cookie: Nov 26 21:11:42 localhost pluto[18356]: | e2 60 67 74 d0 f7 70 24 Nov 26 21:11:42 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SA Nov 26 21:11:42 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:11:42 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:11:42 localhost pluto[18356]: | flags: none Nov 26 21:11:42 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:11:42 localhost pluto[18356]: | ***emit ISAKMP Security Association Payload: Nov 26 21:11:42 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:42 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:11:42 localhost pluto[18356]: | ****parse IPsec DOI SIT: Nov 26 21:11:42 localhost pluto[18356]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Nov 26 21:11:42 localhost pluto[18356]: | ****parse ISAKMP Proposal Payload: Nov 26 21:11:42 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:42 localhost pluto[18356]: | length: 152 Nov 26 21:11:42 localhost pluto[18356]: | proposal number: 1 Nov 26 21:11:42 localhost pluto[18356]: | protocol ID: PROTO_ISAKMP Nov 26 21:11:42 localhost pluto[18356]: | SPI size: 0 Nov 26 21:11:42 localhost pluto[18356]: | number of transforms: 4 Nov 26 21:11:42 localhost pluto[18356]: | *****parse ISAKMP Transform Payload (ISAKMP): Nov 26 21:11:42 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_T Nov 26 21:11:42 localhost pluto[18356]: | length: 36 Nov 26 21:11:42 localhost pluto[18356]: | transform number: 1 Nov 26 21:11:43 localhost pluto[18356]: | transform ID: KEY_IKE Nov 26 21:11:43 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:43 localhost pluto[18356]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM Nov 26 21:11:43 localhost pluto[18356]: | length/value: 5 Nov 26 21:11:43 localhost pluto[18356]: | [5 is OAKLEY_3DES_CBC] Nov 26 21:11:43 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:43 localhost pluto[18356]: | af+type: OAKLEY_HASH_ALGORITHM Nov 26 21:11:43 localhost pluto[18356]: | length/value: 2 Nov 26 21:11:43 localhost pluto[18356]: | [2 is OAKLEY_SHA] Nov 26 21:11:43 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:43 localhost pluto[18356]: | af+type: OAKLEY_GROUP_DESCRIPTION Nov 26 21:11:43 localhost pluto[18356]: | length/value: 2 Nov 26 21:11:43 localhost pluto[18356]: | [2 is OAKLEY_GROUP_MODP1024] Nov 26 21:11:43 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:43 localhost pluto[18356]: | af+type: OAKLEY_AUTHENTICATION_METHOD Nov 26 21:11:43 localhost pluto[18356]: | length/value: 3 Nov 26 21:11:43 localhost pluto[18356]: | [3 is OAKLEY_RSA_SIG] Nov 26 21:11:43 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:43 localhost pluto[18356]: | af+type: OAKLEY_LIFE_TYPE Nov 26 21:11:43 localhost pluto[18356]: | length/value: 1 Nov 26 21:11:43 localhost pluto[18356]: | [1 is OAKLEY_LIFE_SECONDS] Nov 26 21:11:43 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:11:43 localhost pluto[18356]: | af+type: OAKLEY_LIFE_DURATION (variable length) Nov 26 21:11:43 localhost pluto[18356]: | length/value: 4 Nov 26 21:11:44 localhost pluto[18356]: | long duration: 28800 Nov 26 21:11:44 localhost pluto[18356]: | Oakley Transform 1 accepted Nov 26 21:11:44 localhost pluto[18356]: | ****emit IPsec DOI SIT: Nov 26 21:11:44 localhost pluto[18356]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Nov 26 21:11:44 localhost pluto[18356]: | ****emit ISAKMP Proposal Payload: Nov 26 21:11:44 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:44 localhost pluto[18356]: | proposal number: 1 Nov 26 21:11:44 localhost pluto[18356]: | protocol ID: PROTO_ISAKMP Nov 26 21:11:44 localhost pluto[18356]: | SPI size: 0 Nov 26 21:11:44 localhost pluto[18356]: | number of transforms: 1 Nov 26 21:11:44 localhost pluto[18356]: | *****emit ISAKMP Transform Payload (ISAKMP): Nov 26 21:11:44 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:44 localhost pluto[18356]: | transform number: 1 Nov 26 21:11:44 localhost pluto[18356]: | transform ID: KEY_IKE Nov 26 21:11:44 localhost pluto[18356]: | emitting 28 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) Nov 26 21:11:44 localhost pluto[18356]: | attributes 80 01 00 05 80 02 00 02 80 04 00 02 80 03 00 03 Nov 26 21:11:44 localhost pluto[18356]: | 80 0b 00 01 00 0c 00 04 00 00 70 80 Nov 26 21:11:44 localhost pluto[18356]: | emitting length of ISAKMP Transform Payload (ISAKMP): 36 Nov 26 21:11:44 localhost pluto[18356]: | emitting length of ISAKMP Proposal Payload: 44 Nov 26 21:11:44 localhost pluto[18356]: | emitting length of ISAKMP Security Association Payload: 56 Nov 26 21:11:44 localhost pluto[18356]: | emitting length of ISAKMP Message: 84 Nov 26 21:11:44 localhost pluto[18356]: | sending 84 bytes for STATE_MAIN_R0 through ppp0 to 200.65.105.19:500: Nov 26 21:11:44 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b e2 60 67 74 d0 f7 70 24 Nov 26 21:11:44 localhost pluto[18356]: | 01 10 02 00 00 00 00 00 00 00 00 54 00 00 00 38 Nov 26 21:11:45 localhost pluto[18356]: | 00 00 00 01 00 00 00 01 00 00 00 2c 01 01 00 01 Nov 26 21:11:45 localhost pluto[18356]: | 00 00 00 24 01 01 00 00 80 01 00 05 80 02 00 02 Nov 26 21:11:45 localhost pluto[18356]: | 80 04 00 02 80 03 00 03 80 0b 00 01 00 0c 00 04 Nov 26 21:11:45 localhost pluto[18356]: | 00 00 70 80 Nov 26 21:11:45 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #3 Nov 26 21:11:45 localhost pluto[18356]: | next event EVENT_RETRANSMIT in -1 seconds for #1 Nov 26 21:11:45 localhost pluto[18356]: | Nov 26 21:11:45 localhost pluto[18356]: | *time to handle event Nov 26 21:11:45 localhost pluto[18356]: | event after this is EVENT_RETRANSMIT in 4 seconds Nov 26 21:11:45 localhost pluto[18356]: | handling event EVENT_RETRANSMIT for 200.65.105.19 "roadwarrior-net" #1 Nov 26 21:11:45 localhost pluto[18356]: | sending 84 bytes for EVENT_RETRANSMIT through ppp0 to 200.65.105.19:500: Nov 26 21:11:45 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:45 localhost pluto[18356]: | 01 10 02 00 00 00 00 00 00 00 00 54 00 00 00 38 Nov 26 21:11:45 localhost pluto[18356]: | 00 00 00 01 00 00 00 01 00 00 00 2c 01 01 00 01 Nov 26 21:11:45 localhost pluto[18356]: | 00 00 00 24 01 01 00 00 80 01 00 05 80 02 00 02 Nov 26 21:11:45 localhost pluto[18356]: | 80 04 00 02 80 03 00 03 80 0b 00 01 00 0c 00 04 Nov 26 21:11:45 localhost pluto[18356]: | 00 00 70 80 Nov 26 21:11:45 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #1 Nov 26 21:11:45 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 4 seconds for #2 Nov 26 21:11:45 localhost pluto[18356]: | Nov 26 21:11:45 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:11:46 localhost pluto[18356]: | 0e 3c 8d 9c 84 c8 85 fa f0 c1 a3 f2 e4 0f 8e 0d Nov 26 21:11:46 localhost pluto[18356]: | 00 00 00 18 88 6e 30 d4 ad 34 24 10 3d bf e6 4e Nov 26 21:11:46 localhost pluto[18356]: | 8e 04 69 c3 51 60 d2 3a Nov 26 21:11:46 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:11:46 localhost pluto[18356]: | initiator cookie: Nov 26 21:11:46 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:46 localhost pluto[18356]: | responder cookie: Nov 26 21:11:46 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:46 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:11:46 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:11:46 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:11:46 localhost pluto[18356]: | flags: none Nov 26 21:11:46 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:11:46 localhost pluto[18356]: | length: 184 Nov 26 21:11:46 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:46 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:46 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:11:47 localhost pluto[18356]: | state hash entry 12 Nov 26 21:11:47 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R1 Nov 26 21:11:47 localhost pluto[18356]: | ***parse ISAKMP Key Exchange Payload: Nov 26 21:11:47 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONCE Nov 26 21:11:47 localhost pluto[18356]: | length: 132 Nov 26 21:11:47 localhost pluto[18356]: | ***parse ISAKMP Nonce Payload: Nov 26 21:11:47 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:47 localhost pluto[18356]: | length: 24 Nov 26 21:11:47 localhost pluto[18356]: | **emit ISAKMP Message: Nov 26 21:11:47 localhost pluto[18356]: | initiator cookie: Nov 26 21:11:47 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:47 localhost pluto[18356]: | responder cookie: Nov 26 21:11:47 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:47 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:11:47 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:11:47 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:11:47 localhost pluto[18356]: | flags: none Nov 26 21:11:47 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:11:47 localhost pluto[18356]: | DH public value received: Nov 26 21:11:47 localhost pluto[18356]: | 42 0f 84 5f ce 94 f3 95 c4 a5 aa 6e f9 a9 1a 3f Nov 26 21:11:48 localhost pluto[18356]: | 87 23 c4 52 e3 f1 0e 75 43 85 d9 cf f2 34 29 08 Nov 26 21:11:48 localhost pluto[18356]: | 0e 3c 8d 9c 84 c8 85 fa f0 c1 a3 f2 e4 0f 8e 0d Nov 26 21:11:48 localhost pluto[18356]: | Local DH secret: Nov 26 21:11:48 localhost pluto[18356]: | ff 16 19 f6 1d 8a a0 17 1d 14 9d 1f 0e 8d c4 75 Nov 26 21:11:48 localhost pluto[18356]: | 6b f6 a6 9c 9c 32 f2 d0 13 9c d1 a8 1f d8 eb 0f Nov 26 21:11:48 localhost pluto[18356]: | Public DH value sent: Nov 26 21:11:48 localhost pluto[18356]: | 9c b2 72 91 9a 44 cb 1e 27 78 7c cf 32 d0 c7 a3 Nov 26 21:11:48 localhost pluto[18356]: | 1c 4d 0f 68 ca 60 6b 1f 04 ea 7d df b0 e7 f2 87 Nov 26 21:11:48 localhost pluto[18356]: | fb 17 33 21 62 83 52 9b 05 08 38 ba 62 3c 0d 3b Nov 26 21:11:48 localhost pluto[18356]: | dc ed d2 14 e5 a3 a2 6b 71 44 05 e6 c0 26 f3 11 Nov 26 21:11:48 localhost pluto[18356]: | ***emit ISAKMP Key Exchange Payload: Nov 26 21:11:48 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONCE Nov 26 21:11:48 localhost pluto[18356]: | emitting 128 raw bytes of keyex value into ISAKMP Key Exchange Payload Nov 26 21:11:48 localhost pluto[18356]: | keyex value 9c b2 72 91 9a 44 cb 1e 27 78 7c cf 32 d0 c7 a3 Nov 26 21:11:48 localhost pluto[18356]: | 1c 4d 0f 68 ca 60 6b 1f 04 ea 7d df b0 e7 f2 87 Nov 26 21:11:48 localhost pluto[18356]: | fb 17 33 21 62 83 52 9b 05 08 38 ba 62 3c 0d 3b Nov 26 21:11:49 localhost pluto[18356]: | emitting length of ISAKMP Key Exchange Payload: 132 Nov 26 21:11:49 localhost pluto[18356]: | ***emit ISAKMP Nonce Payload: Nov 26 21:11:49 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_CR Nov 26 21:11:49 localhost pluto[18356]: | emitting 16 raw bytes of Nr into ISAKMP Nonce Payload Nov 26 21:11:49 localhost pluto[18356]: | Nr 6a e4 9b a7 8f 49 0c 59 66 0f 1c ef 23 cc bb aa Nov 26 21:11:49 localhost pluto[18356]: | emitting length of ISAKMP Nonce Payload: 20 Nov 26 21:11:49 localhost pluto[18356]: | ***emit ISAKMP Certificate RequestPayload: Nov 26 21:11:49 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:49 localhost pluto[18356]: | cert type: CERT_X509_SIGNATURE Nov 26 21:11:49 localhost pluto[18356]: | emitting length of ISAKMP Certificate RequestPayload: 5 Nov 26 21:11:49 localhost pluto[18356]: | emitting 3 zero bytes of message padding into ISAKMP Message Nov 26 21:11:49 localhost pluto[18356]: | emitting length of ISAKMP Message: 188 Nov 26 21:11:49 localhost pluto[18356]: | DH shared secret: Nov 26 21:11:49 localhost pluto[18356]: | 75 ef 05 b2 62 d7 80 84 b3 2f 37 e5 cd 68 6a b2 Nov 26 21:11:50 localhost pluto[18356]: | 36 b3 86 66 c0 fd cc 57 2c 83 e9 7a 4d 03 da dd Nov 26 21:11:50 localhost pluto[18356]: | Skeyid: 52 7e 64 69 75 d4 fa 31 43 46 f5 78 37 50 ad 2d Nov 26 21:11:50 localhost pluto[18356]: | cc 36 b3 bf Nov 26 21:11:50 localhost pluto[18356]: | Skeyid_d: b1 dc 51 e5 dc f1 d3 07 d1 1c 34 0b e0 67 3b 70 Nov 26 21:11:50 localhost pluto[18356]: | f0 47 87 d4 Nov 26 21:11:50 localhost pluto[18356]: | Skeyid_a: c2 0a 43 e2 d6 3f 9d b4 ea 12 fb 87 ea d9 ee 36 Nov 26 21:11:50 localhost pluto[18356]: | 13 17 cb a8 Nov 26 21:11:50 localhost pluto[18356]: | Skeyid_e: 9c 6b 1b 46 f8 0e 78 56 e5 ff d3 a9 e9 d1 44 c0 Nov 26 21:11:50 localhost pluto[18356]: | 7d 33 e0 46 Nov 26 21:11:50 localhost pluto[18356]: | enc key: 25 80 58 ad 56 ea 9a b1 9e 8f 72 a9 8e 25 a3 8a Nov 26 21:11:50 localhost pluto[18356]: | e0 82 f8 9b ab 45 b5 92 Nov 26 21:11:50 localhost pluto[18356]: | IV: 07 1d 55 51 00 86 30 a0 0d 88 b4 93 79 66 b0 70 Nov 26 21:11:50 localhost pluto[18356]: | 15 58 9c 0c Nov 26 21:11:50 localhost pluto[18356]: | sending 188 bytes for STATE_MAIN_R1 through ppp0 to 200.65.105.19:500: Nov 26 21:11:50 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:51 localhost pluto[18356]: | 07 00 00 14 6a e4 9b a7 8f 49 0c 59 66 0f 1c ef Nov 26 21:11:51 localhost pluto[18356]: | 23 cc bb aa 00 00 00 05 04 00 00 00 Nov 26 21:11:51 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1 Nov 26 21:11:51 localhost pluto[18356]: | next event EVENT_RETRANSMIT in -2 seconds for #2 Nov 26 21:11:51 localhost pluto[18356]: | Nov 26 21:11:51 localhost pluto[18356]: | *time to handle event Nov 26 21:11:51 localhost pluto[18356]: | event after this is EVENT_RETRANSMIT in 4 seconds Nov 26 21:11:51 localhost pluto[18356]: | handling event EVENT_RETRANSMIT for 200.65.105.19 "roadwarrior-net" #2 Nov 26 21:11:51 localhost pluto[18356]: | sending 84 bytes for EVENT_RETRANSMIT through ppp0 to 200.65.105.19:500: Nov 26 21:11:51 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b 05 6b 92 48 88 a7 bf 01 Nov 26 21:11:51 localhost pluto[18356]: | 00 00 70 80 Nov 26 21:11:51 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #2 Nov 26 21:11:51 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 4 seconds for #3 Nov 26 21:11:51 localhost pluto[18356]: | Nov 26 21:11:51 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:11:51 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:52 localhost pluto[18356]: | 8e 04 69 c3 51 60 d2 3a Nov 26 21:11:52 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:11:52 localhost pluto[18356]: | initiator cookie: Nov 26 21:11:52 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:52 localhost pluto[18356]: | responder cookie: Nov 26 21:11:52 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:52 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:11:52 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:11:52 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:11:52 localhost pluto[18356]: | flags: none Nov 26 21:11:52 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:11:52 localhost pluto[18356]: | length: 184 Nov 26 21:11:52 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:52 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:52 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:11:53 localhost pluto[18356]: | state hash entry 12 Nov 26 21:11:53 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R2 Nov 26 21:11:53 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #1: discarding duplicate packet; already STATE_MAIN_R2 Nov 26 21:11:53 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 2 seconds for #3 Nov 26 21:11:53 localhost pluto[18356]: | Nov 26 21:11:53 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:11:53 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:53 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:11:53 localhost pluto[18356]: | initiator cookie: Nov 26 21:11:53 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:53 localhost pluto[18356]: | responder cookie: Nov 26 21:11:53 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:54 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:11:54 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:11:54 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:11:54 localhost pluto[18356]: | flags: none Nov 26 21:11:54 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:11:54 localhost pluto[18356]: | length: 184 Nov 26 21:11:54 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:54 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:54 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:11:54 localhost pluto[18356]: | state hash entry 12 Nov 26 21:11:54 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R2 Nov 26 21:11:54 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #1: discarding duplicate packet; already STATE_MAIN_R2 Nov 26 21:11:54 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 1 seconds for #3 Nov 26 21:11:54 localhost pluto[18356]: | Nov 26 21:11:54 localhost pluto[18356]: | *received 56 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:11:54 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b 05 6b 92 48 88 a7 bf 01 Nov 26 21:11:54 localhost pluto[18356]: | 0b 10 05 00 d4 c6 91 7a 00 00 00 38 00 00 00 1c Nov 26 21:11:54 localhost pluto[18356]: | 00 00 00 01 01 10 00 04 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:55 localhost pluto[18356]: | 05 6b 92 48 88 a7 bf 01 Nov 26 21:11:55 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:11:55 localhost pluto[18356]: | initiator cookie: Nov 26 21:11:55 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:55 localhost pluto[18356]: | responder cookie: Nov 26 21:11:55 localhost pluto[18356]: | 05 6b 92 48 88 a7 bf 01 Nov 26 21:11:55 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_N Nov 26 21:11:55 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:11:55 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_INFO Nov 26 21:11:55 localhost pluto[18356]: | flags: none Nov 26 21:11:55 localhost pluto[18356]: | message ID: d4 c6 91 7a Nov 26 21:11:55 localhost pluto[18356]: | length: 56 Nov 26 21:11:55 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:55 localhost pluto[18356]: | RCOOKIE: 05 6b 92 48 88 a7 bf 01 Nov 26 21:11:55 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:11:55 localhost pluto[18356]: | state hash entry 21 Nov 26 21:11:55 localhost pluto[18356]: | state object #2 found, in STATE_MAIN_R1 Nov 26 21:11:55 localhost pluto[18356]: | ***parse ISAKMP Notification Payload: Nov 26 21:11:55 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:55 localhost pluto[18356]: | length: 28 Nov 26 21:11:55 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:11:56 localhost pluto[18356]: | protocol ID: 1 Nov 26 21:11:56 localhost pluto[18356]: | SPI size: 16 Nov 26 21:11:56 localhost pluto[18356]: | Notify Message Type: INVALID_COOKIE Nov 26 21:11:56 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #2: ignoring informational payload, type INVALID_COOKIE Nov 26 21:11:56 localhost pluto[18356]: | info: 0a 95 ef 17 45 11 ab 7b 05 6b 92 48 88 a7 bf 01 Nov 26 21:11:56 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #2: received and ignored informational message Nov 26 21:11:56 localhost pluto[18356]: | next event EVENT_RETRANSMIT in -1 seconds for #3 Nov 26 21:11:56 localhost pluto[18356]: | Nov 26 21:11:56 localhost pluto[18356]: | *time to handle event Nov 26 21:11:56 localhost pluto[18356]: | event after this is EVENT_RETRANSMIT in 5 seconds Nov 26 21:11:56 localhost pluto[18356]: | handling event EVENT_RETRANSMIT for 200.65.105.19 "roadwarrior-net" #3 Nov 26 21:11:56 localhost pluto[18356]: | sending 84 bytes for EVENT_RETRANSMIT through ppp0 to 200.65.105.19:500: Nov 26 21:11:56 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b e2 60 67 74 d0 f7 70 24 Nov 26 21:11:56 localhost pluto[18356]: | 00 00 70 80 Nov 26 21:11:56 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #3 Nov 26 21:11:56 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 5 seconds for #1 Nov 26 21:11:57 localhost pluto[18356]: | Nov 26 21:11:57 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:11:57 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:57 localhost pluto[18356]: | 04 10 02 00 00 00 00 00 00 00 00 b8 0a 00 00 84 Nov 26 21:11:57 localhost pluto[18356]: | 42 0f 84 5f ce 94 f3 95 c4 a5 aa 6e f9 a9 1a 3f Nov 26 21:11:57 localhost pluto[18356]: | ad f2 35 e9 4b 57 66 75 ba b1 ba cc 54 0f 7c d8 Nov 26 21:11:57 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:11:57 localhost pluto[18356]: | initiator cookie: Nov 26 21:11:57 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:57 localhost pluto[18356]: | responder cookie: Nov 26 21:11:57 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:57 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:11:58 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:11:58 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:11:58 localhost pluto[18356]: | flags: none Nov 26 21:11:58 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:11:58 localhost pluto[18356]: | length: 184 Nov 26 21:11:58 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:58 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:11:58 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:11:58 localhost pluto[18356]: | state hash entry 12 Nov 26 21:11:58 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R2 Nov 26 21:11:58 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #1: discarding duplicate packet; already STATE_MAIN_R2 Nov 26 21:11:58 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 3 seconds for #1 Nov 26 21:11:58 localhost pluto[18356]: | Nov 26 21:11:58 localhost pluto[18356]: | *received 56 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:11:58 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b e2 60 67 74 d0 f7 70 24 Nov 26 21:11:58 localhost pluto[18356]: | 0b 10 05 00 6f 36 2e 35 00 00 00 38 00 00 00 1c Nov 26 21:11:58 localhost pluto[18356]: | 00 00 00 01 01 10 00 04 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:58 localhost pluto[18356]: | e2 60 67 74 d0 f7 70 24 Nov 26 21:11:58 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:11:58 localhost pluto[18356]: | initiator cookie: Nov 26 21:11:58 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:59 localhost pluto[18356]: | responder cookie: Nov 26 21:11:59 localhost pluto[18356]: | e2 60 67 74 d0 f7 70 24 Nov 26 21:11:59 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_N Nov 26 21:11:59 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:11:59 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_INFO Nov 26 21:11:59 localhost pluto[18356]: | flags: none Nov 26 21:11:59 localhost pluto[18356]: | message ID: 6f 36 2e 35 Nov 26 21:11:59 localhost pluto[18356]: | length: 56 Nov 26 21:11:59 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:11:59 localhost pluto[18356]: | RCOOKIE: e2 60 67 74 d0 f7 70 24 Nov 26 21:11:59 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:11:59 localhost pluto[18356]: | state hash entry 22 Nov 26 21:11:59 localhost pluto[18356]: | state object #3 found, in STATE_MAIN_R1 Nov 26 21:11:59 localhost pluto[18356]: | ***parse ISAKMP Notification Payload: Nov 26 21:11:59 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:11:59 localhost pluto[18356]: | length: 28 Nov 26 21:11:59 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:11:59 localhost pluto[18356]: | protocol ID: 1 Nov 26 21:11:59 localhost pluto[18356]: | SPI size: 16 Nov 26 21:11:59 localhost pluto[18356]: | Notify Message Type: INVALID_COOKIE Nov 26 21:11:59 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #3: ignoring informational payload, type INVALID_COOKIE Nov 26 21:11:59 localhost pluto[18356]: | info: 0a 95 ef 17 45 11 ab 7b e2 60 67 74 d0 f7 70 24 Nov 26 21:12:00 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #3: received and ignored informational message Nov 26 21:12:00 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 1 seconds for #1 Nov 26 21:12:00 localhost pluto[18356]: | Nov 26 21:12:00 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:12:00 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:00 localhost pluto[18356]: | 8e 04 69 c3 51 60 d2 3a Nov 26 21:12:00 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:12:00 localhost pluto[18356]: | initiator cookie: Nov 26 21:12:00 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:00 localhost pluto[18356]: | responder cookie: Nov 26 21:12:00 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:00 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:12:00 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:12:01 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:12:01 localhost pluto[18356]: | flags: none Nov 26 21:12:01 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:12:01 localhost pluto[18356]: | length: 184 Nov 26 21:12:01 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:01 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:01 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:12:01 localhost pluto[18356]: | state hash entry 12 Nov 26 21:12:01 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R2 Nov 26 21:12:01 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #1: discarding duplicate packet; already STATE_MAIN_R2 Nov 26 21:12:01 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 0 seconds for #1 Nov 26 21:12:01 localhost pluto[18356]: | Nov 26 21:12:01 localhost pluto[18356]: | *time to handle event Nov 26 21:12:01 localhost pluto[18356]: | event after this is EVENT_RETRANSMIT in 10 seconds Nov 26 21:12:01 localhost pluto[18356]: | handling event EVENT_RETRANSMIT for 200.65.105.19 "roadwarrior-net" #1 Nov 26 21:12:01 localhost pluto[18356]: | sending 188 bytes for EVENT_RETRANSMIT through ppp0 to 200.65.105.19:500: Nov 26 21:12:02 localhost pluto[18356]: | 23 cc bb aa 00 00 00 05 04 00 00 00 Nov 26 21:12:02 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #1 Nov 26 21:12:02 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 9 seconds for #2 Nov 26 21:12:02 localhost pluto[18356]: | Nov 26 21:12:02 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:12:02 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:02 localhost pluto[18356]: | 04 10 02 00 00 00 00 00 00 00 00 b8 0a 00 00 84 Nov 26 21:12:02 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:12:02 localhost pluto[18356]: | initiator cookie: Nov 26 21:12:03 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:03 localhost pluto[18356]: | responder cookie: Nov 26 21:12:03 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:03 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:12:03 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:12:03 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:12:03 localhost pluto[18356]: | flags: none Nov 26 21:12:03 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:12:03 localhost pluto[18356]: | length: 184 Nov 26 21:12:03 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:03 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:03 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:12:03 localhost pluto[18356]: | state hash entry 12 Nov 26 21:12:03 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R2 Nov 26 21:12:03 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #1: discarding duplicate packet; already STATE_MAIN_R2 Nov 26 21:12:03 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 8 seconds for #2 Nov 26 21:12:03 localhost pluto[18356]: | Nov 26 21:12:03 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:12:03 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:04 localhost pluto[18356]: | 8e 04 69 c3 51 60 d2 3a Nov 26 21:12:04 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:12:04 localhost pluto[18356]: | initiator cookie: Nov 26 21:12:04 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:04 localhost pluto[18356]: | responder cookie: Nov 26 21:12:04 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:04 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:12:04 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:12:04 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:12:04 localhost pluto[18356]: | flags: none Nov 26 21:12:04 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:12:04 localhost pluto[18356]: | length: 184 Nov 26 21:12:04 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:04 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:04 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:12:05 localhost pluto[18356]: | state hash entry 12 Nov 26 21:12:05 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R2 Nov 26 21:12:05 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #1: discarding duplicate packet; already STATE_MAIN_R2 Nov 26 21:12:05 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 6 seconds for #2 Nov 26 21:12:05 localhost pluto[18356]: | Nov 26 21:12:05 localhost pluto[18356]: | *received 1468 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:12:05 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:09 localhost pluto[18356]: | 9c 24 05 f4 3b e5 a3 54 76 85 8b e4 40 f6 74 06 Nov 26 21:12:09 localhost pluto[18356]: | 1d 8e e4 10 69 1f fc 2c fd 6b 58 4d Nov 26 21:12:09 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:12:09 localhost pluto[18356]: | initiator cookie: Nov 26 21:12:09 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:09 localhost pluto[18356]: | responder cookie: Nov 26 21:12:09 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:09 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_ID Nov 26 21:12:09 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:12:09 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:12:09 localhost pluto[18356]: | flags: ISAKMP_FLAG_ENCRYPTION Nov 26 21:12:09 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:12:09 localhost pluto[18356]: | length: 1468 Nov 26 21:12:09 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:09 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:09 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:12:09 localhost pluto[18356]: | state hash entry 12 Nov 26 21:12:09 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R2 Nov 26 21:12:09 localhost pluto[18356]: | received encrypted packet from 200.65.105.19:500 Nov 26 21:12:10 localhost pluto[18356]: | decrypting 1440 bytes using algorithm OAKLEY_3DES_CBC Nov 26 21:12:10 localhost pluto[18356]: | decrypted: Nov 26 21:12:10 localhost pluto[18356]: | 06 00 00 a4 09 00 00 00 30 81 99 31 0b 30 09 06 Nov 26 21:12:10 localhost pluto[18356]: | 03 55 04 06 13 02 4d 58 31 13 30 11 06 03 55 04 Nov 26 21:12:13 localhost pluto[18356]: | next IV: 69 1f fc 2c fd 6b 58 4d Nov 26 21:12:13 localhost pluto[18356]: | ***parse ISAKMP Identification Payload: Nov 26 21:12:13 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_CERT Nov 26 21:12:13 localhost pluto[18356]: | length: 164 Nov 26 21:12:13 localhost pluto[18356]: | ID type: ID_DER_ASN1_DN Nov 26 21:12:13 localhost pluto[18356]: | DOI specific A: 0 Nov 26 21:12:14 localhost pluto[18356]: | DOI specific B: 0 Nov 26 21:12:14 localhost pluto[18356]: | ***parse ISAKMP Certificate Payload: Nov 26 21:12:14 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SIG Nov 26 21:12:14 localhost pluto[18356]: | length: 980 Nov 26 21:12:14 localhost pluto[18356]: | cert encoding: CERT_X509_SIGNATURE Nov 26 21:12:14 localhost pluto[18356]: | ***parse ISAKMP Signature Payload: Nov 26 21:12:14 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_CR Nov 26 21:12:14 localhost pluto[18356]: | length: 132 Nov 26 21:12:14 localhost pluto[18356]: | ***parse ISAKMP Certificate RequestPayload: Nov 26 21:12:14 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:12:14 localhost pluto[18356]: | length: 158 Nov 26 21:12:14 localhost pluto[18356]: | cert type: CERT_X509_SIGNATURE Nov 26 21:12:14 localhost pluto[18356]: | removing 6 bytes of padding Nov 26 21:12:14 localhost pluto[18356]: | DER ASN1 DN: 30 81 99 31 0b 30 09 06 03 55 04 06 13 02 4d 58 Nov 26 21:12:14 localhost pluto[18356]: | 31 13 30 11 06 03 55 04 08 13 0a 4e 75 65 76 6f Nov 26 21:12:14 localhost pluto[18356]: | 20 4c 65 6f 6e 31 0c 30 0a 06 03 55 04 07 13 03 Nov 26 21:12:14 localhost pluto[18356]: | 47 70 65 31 16 30 14 06 03 55 04 0a 13 0d 54 54 Nov 26 21:12:14 localhost pluto[18356]: | 54 45 20 53 41 20 64 65 20 43 56 31 0f 30 0d 06 Nov 26 21:12:14 localhost pluto[18356]: | 03 55 04 0b 13 06 54 61 6c 6c 65 72 31 17 30 15 Nov 26 21:12:14 localhost pluto[18356]: | 06 03 55 04 03 13 0e 74 74 74 65 2e 6e 6f 2d 69 Nov 26 21:12:14 localhost pluto[18356]: | 70 2e 63 6f 6d 31 25 30 23 06 09 2a 86 48 86 f7 Nov 26 21:12:14 localhost pluto[18356]: | 0d 01 09 01 16 16 65 73 61 6e 63 68 65 7a 76 65 Nov 26 21:12:14 localhost pluto[18356]: | 6c 61 40 79 61 68 6f 6f 2e 63 6f 6d Nov 26 21:12:14 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #1: Peer ID is ID_DER_ASN1_DN: 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esanchezvela@yahoo.com' Nov 26 21:12:14 localhost pluto[18356]: | L0 - certificate: Nov 26 21:12:15 localhost pluto[18356]: | 30 82 03 cb 30 82 03 34 a0 03 02 01 02 02 01 04 Nov 26 21:12:15 localhost pluto[18356]: | 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 Nov 26 21:12:17 localhost pluto[18356]: | 8c 26 d2 90 76 6f e5 5d 53 95 94 c0 f9 8d 57 ce Nov 26 21:12:17 localhost pluto[18356]: | fd c2 4a a9 e3 32 1c f4 69 80 a0 54 60 79 02 dd Nov 26 21:12:17 localhost pluto[18356]: | 64 9a a0 b6 ef 45 b6 6e 11 14 91 f3 19 d5 87 Nov 26 21:12:17 localhost pluto[18356]: | L1 - tbsCertificate: Nov 26 21:12:17 localhost pluto[18356]: | 30 82 03 34 a0 03 02 01 02 02 01 04 30 0d 06 09 Nov 26 21:12:17 localhost pluto[18356]: | 2a 86 48 86 f7 0d 01 01 04 05 00 30 81 96 31 0b Nov 26 21:12:17 localhost pluto[18356]: | 30 09 06 03 55 04 06 13 02 4d 58 31 13 30 11 06 Nov 26 21:12:19 localhost pluto[18356]: | L2 - DEFAULT v1: Nov 26 21:12:19 localhost pluto[18356]: | L3 - version: Nov 26 21:12:19 localhost pluto[18356]: | 02 Nov 26 21:12:19 localhost pluto[18356]: | v3 Nov 26 21:12:19 localhost pluto[18356]: | L2 - serialNumber: Nov 26 21:12:19 localhost pluto[18356]: | 04 Nov 26 21:12:19 localhost pluto[18356]: | L2 - signature: Nov 26 21:12:19 localhost pluto[18356]: | L3 - sigAlg: Nov 26 21:12:20 localhost pluto[18356]: | 'md5WithRSAEncryption' Nov 26 21:12:20 localhost pluto[18356]: | L2 - issuer: Nov 26 21:12:20 localhost pluto[18356]: | 30 81 96 31 0b 30 09 06 03 55 04 06 13 02 4d 58 Nov 26 21:12:20 localhost pluto[18356]: | 31 13 30 11 06 03 55 04 08 13 0a 4e 75 65 76 6f Nov 26 21:12:20 localhost pluto[18356]: | 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=root@ttte.no-ip.com' Nov 26 21:12:20 localhost pluto[18356]: | L2 - validity: Nov 26 21:12:20 localhost pluto[18356]: | L3 - notBefore: Nov 26 21:12:20 localhost pluto[18356]: | 'Nov 26 23:02:43 UTC 2002' Nov 26 21:12:20 localhost pluto[18356]: | L3 - notAfter: Nov 26 21:12:20 localhost pluto[18356]: | 'Nov 23 23:02:43 UTC 2012' Nov 26 21:12:20 localhost pluto[18356]: | L2 - subject: Nov 26 21:12:20 localhost pluto[18356]: | 30 81 99 31 0b 30 09 06 03 55 04 06 13 02 4d 58 Nov 26 21:12:20 localhost pluto[18356]: | 31 13 30 11 06 03 55 04 08 13 0a 4e 75 65 76 6f Nov 26 21:12:21 localhost pluto[18356]: | 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esanchezvela@yahoo.com' Nov 26 21:12:21 localhost pluto[18356]: | L2 - subjectPublicKeyInfo: Nov 26 21:12:21 localhost pluto[18356]: | L3 - algorithm: Nov 26 21:12:21 localhost pluto[18356]: | L4 - algorithm: Nov 26 21:12:21 localhost pluto[18356]: | 'rsaEncryption' Nov 26 21:12:21 localhost pluto[18356]: | L3 - subjectPublicKey: Nov 26 21:12:21 localhost pluto[18356]: | L4 - RSAPublicKey: Nov 26 21:12:21 localhost pluto[18356]: | L5 - modulus: Nov 26 21:12:21 localhost pluto[18356]: | 00 ce e3 13 14 e6 1b c6 ca da 0d 4e 70 c6 07 8b Nov 26 21:12:21 localhost pluto[18356]: | 5e a7 ac 27 92 b5 11 6d 4c a3 b9 3d 77 3b c8 70 Nov 26 21:12:21 localhost pluto[18356]: | 18 4a 59 52 96 3e 1d 6a be 4c 7f e1 ec a9 be f4 Nov 26 21:12:21 localhost pluto[18356]: | 37 07 a2 80 f1 72 00 a0 9f 8f d9 cb 4c d0 14 83 Nov 26 21:12:21 localhost pluto[18356]: | dd Nov 26 21:12:21 localhost pluto[18356]: | L5 - publicExponent: Nov 26 21:12:21 localhost pluto[18356]: | 01 00 01 Nov 26 21:12:22 localhost pluto[18356]: | L2 - optional extensions: Nov 26 21:12:22 localhost pluto[18356]: | L3 - extensions: Nov 26 21:12:22 localhost pluto[18356]: | L4 - extension: Nov 26 21:12:22 localhost pluto[18356]: | L5 - extnID: Nov 26 21:12:22 localhost pluto[18356]: | 'basicConstraints' Nov 26 21:12:22 localhost pluto[18356]: | L5 - critical: Nov 26 21:12:22 localhost pluto[18356]: | FALSE Nov 26 21:12:22 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:12:22 localhost pluto[18356]: | 30 00 Nov 26 21:12:22 localhost pluto[18356]: | L6 - basicConstraints: Nov 26 21:12:22 localhost pluto[18356]: | L7 - CA: Nov 26 21:12:22 localhost pluto[18356]: | FALSE Nov 26 21:12:22 localhost pluto[18356]: | L4 - extension: Nov 26 21:12:22 localhost pluto[18356]: | L5 - extnID: Nov 26 21:12:22 localhost pluto[18356]: | 'nsComment' Nov 26 21:12:22 localhost pluto[18356]: | L5 - critical: Nov 26 21:12:22 localhost pluto[18356]: | FALSE Nov 26 21:12:22 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:12:22 localhost pluto[18356]: | 16 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72 61 Nov 26 21:12:22 localhost pluto[18356]: | 74 65 64 20 43 65 72 74 69 66 69 63 61 74 65 Nov 26 21:12:22 localhost pluto[18356]: | L4 - extension: Nov 26 21:12:22 localhost pluto[18356]: | L5 - extnID: Nov 26 21:12:22 localhost pluto[18356]: | 'subjectKeyIdentifier' Nov 26 21:12:22 localhost pluto[18356]: | L5 - critical: Nov 26 21:12:22 localhost pluto[18356]: | FALSE Nov 26 21:12:22 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:12:23 localhost pluto[18356]: | 04 14 7c 73 ef 34 d6 30 4e 23 a8 b7 7a e2 0c a3 Nov 26 21:12:23 localhost pluto[18356]: | 2f 3b 28 14 25 2e Nov 26 21:12:23 localhost pluto[18356]: | L4 - extension: Nov 26 21:12:23 localhost pluto[18356]: | L5 - extnID: Nov 26 21:12:23 localhost pluto[18356]: | 'authorityKeyIdentifier' Nov 26 21:12:23 localhost pluto[18356]: | L5 - critical: Nov 26 21:12:23 localhost pluto[18356]: | FALSE Nov 26 21:12:23 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:12:23 localhost pluto[18356]: | 30 81 b8 80 14 00 04 9e 46 33 2e 47 be 17 68 7e Nov 26 21:12:23 localhost pluto[18356]: | ff 8c 04 f9 2f 63 f1 de 2d a1 81 9c a4 81 99 30 Nov 26 21:12:23 localhost pluto[18356]: | 6f 2d 69 70 2e 63 6f 6d 82 01 00 Nov 26 21:12:23 localhost pluto[18356]: | L1 - signatureAlgorithm: Nov 26 21:12:23 localhost pluto[18356]: | L2 - algorithm: Nov 26 21:12:23 localhost pluto[18356]: | 'md5WithRSAEncryption' Nov 26 21:12:23 localhost pluto[18356]: | L1 - signature: Nov 26 21:12:23 localhost pluto[18356]: | 00 c7 31 5f 15 08 9b 57 69 2d 4a 18 6c 67 ea 58 Nov 26 21:12:23 localhost pluto[18356]: | e7 d9 53 ca e4 72 38 74 c6 f7 ea dd 9d 23 dc 66 Nov 26 21:12:24 localhost pluto[18356]: | 87 Nov 26 21:12:24 localhost pluto[18356]: | Subject: 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esanchezvela@yahoo.com' Nov 26 21:12:24 localhost pluto[18356]: | not before : Nov 26 23:02:43 UTC 2002 Nov 26 21:12:24 localhost pluto[18356]: | current time: Nov 27 03:12:24 UTC 2002 Nov 26 21:12:24 localhost pluto[18356]: | not after : Nov 23 23:02:43 UTC 2012 Nov 26 21:12:24 localhost pluto[18356]: | certificate is valid Nov 26 21:12:24 localhost pluto[18356]: | Issuer: 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=root@ttte.no-ip.com' Nov 26 21:12:24 localhost pluto[18356]: | issuer CA certificate found Nov 26 21:12:24 localhost pluto[18356]: | Signature Algorithm: 'md5WithRSAEncryption' Nov 26 21:12:24 localhost pluto[18356]: | digest: f1 98 77 5e d6 20 49 18 bb 66 c6 22 7d 3e fd d0 Nov 26 21:12:24 localhost pluto[18356]: | decrypted signature: Nov 26 21:12:25 localhost pluto[18356]: | d0 Nov 26 21:12:25 localhost pluto[18356]: | certificate signature is valid Nov 26 21:12:25 localhost pluto[18356]: | issuer CRL found Nov 26 21:12:25 localhost pluto[18356]: | Signature Algorithm: 'md5WithRSAEncryption' Nov 26 21:12:25 localhost pluto[18356]: | digest: 32 46 74 7f e0 0a f8 95 b3 13 81 fa bf 57 28 5b Nov 26 21:12:25 localhost pluto[18356]: | decrypted signature: Nov 26 21:12:25 localhost pluto[18356]: | 00 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:12:25 localhost pluto[18356]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:12:25 localhost pluto[18356]: | CRL signature is valid Nov 26 21:12:25 localhost pluto[18356]: | Next CRL update: Nov 26 21:12:25 localhost pluto[18356]: | this update : Nov 26 22:36:12 UTC 2002 Nov 26 21:12:25 localhost pluto[18356]: | current time: Nov 27 03:12:25 UTC 2002 Nov 26 21:12:25 localhost pluto[18356]: | next update : Dec 26 22:36:12 UTC 2002 Nov 26 21:12:25 localhost pluto[18356]: | Serial number: 04 Nov 26 21:12:25 localhost pluto[18356]: | certificate not revoked Nov 26 21:12:25 localhost pluto[18356]: | Subject: 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=root@ttte.no-ip.com' Nov 26 21:12:25 localhost pluto[18356]: | not before : Nov 26 21:21:53 UTC 2002 Nov 26 21:12:25 localhost pluto[18356]: | current time: Nov 27 03:12:25 UTC 2002 Nov 26 21:12:25 localhost pluto[18356]: | not after : Jun 04 17:35:45 UTC 2013 Nov 26 21:12:25 localhost pluto[18356]: | certificate is valid Nov 26 21:12:25 localhost pluto[18356]: | Issuer: 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=root@ttte.no-ip.com' Nov 26 21:12:25 localhost pluto[18356]: | issuer CA certificate found Nov 26 21:12:25 localhost pluto[18356]: | Signature Algorithm: 'md5WithRSAEncryption' Nov 26 21:12:26 localhost pluto[18356]: | digest: 71 dd 81 75 05 61 0c 4a 7d 10 95 5c 1d ad 55 d5 Nov 26 21:12:26 localhost pluto[18356]: | decrypted signature: Nov 26 21:12:26 localhost pluto[18356]: | 00 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:12:26 localhost pluto[18356]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:12:26 localhost pluto[18356]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 30 Nov 26 21:12:26 localhost pluto[18356]: | 20 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 04 Nov 26 21:12:26 localhost pluto[18356]: | 10 71 dd 81 75 05 61 0c 4a 7d 10 95 5c 1d ad 55 Nov 26 21:12:26 localhost pluto[18356]: | d5 Nov 26 21:12:26 localhost pluto[18356]: | certificate signature is valid Nov 26 21:12:26 localhost pluto[18356]: | issuer CRL found Nov 26 21:12:26 localhost pluto[18356]: | Signature Algorithm: 'md5WithRSAEncryption' Nov 26 21:12:26 localhost pluto[18356]: | digest: 32 46 74 7f e0 0a f8 95 b3 13 81 fa bf 57 28 5b Nov 26 21:12:26 localhost pluto[18356]: | decrypted signature: Nov 26 21:12:26 localhost pluto[18356]: | 00 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:12:26 localhost pluto[18356]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:12:26 localhost pluto[18356]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 30 Nov 26 21:12:26 localhost pluto[18356]: | 20 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 04 Nov 26 21:12:26 localhost pluto[18356]: | 10 32 46 74 7f e0 0a f8 95 b3 13 81 fa bf 57 28 Nov 26 21:12:26 localhost pluto[18356]: | 5b Nov 26 21:12:26 localhost pluto[18356]: | CRL signature is valid Nov 26 21:12:26 localhost pluto[18356]: | Next CRL update: Nov 26 21:12:27 localhost pluto[18356]: | this update : Nov 26 22:36:12 UTC 2002 Nov 26 21:12:27 localhost pluto[18356]: | current time: Nov 27 03:12:26 UTC 2002 Nov 26 21:12:27 localhost pluto[18356]: | next update : Dec 26 22:36:12 UTC 2002 Nov 26 21:12:27 localhost pluto[18356]: | Serial number: 00 Nov 26 21:12:27 localhost pluto[18356]: | certificate not revoked Nov 26 21:12:27 localhost pluto[18356]: | Public key validated Nov 26 21:12:27 localhost pluto[18356]: | switched from "roadwarrior-net" to "roadwarrior-net" Nov 26 21:12:27 localhost pluto[18356]: | instantiated "roadwarrior-net" for 200.65.105.19 Nov 26 21:12:27 localhost pluto[18356]: | hashing 160 bytes of SA Nov 26 21:12:27 localhost pluto[18356]: | an RSA Sig check passed with *AwEAAc7jE [preloaded key] Nov 26 21:12:27 localhost pluto[18356]: | authentication succeeded Nov 26 21:12:27 localhost pluto[18356]: | **emit ISAKMP Message: Nov 26 21:12:27 localhost pluto[18356]: | initiator cookie: Nov 26 21:12:27 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:27 localhost pluto[18356]: | responder cookie: Nov 26 21:12:27 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:27 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_ID Nov 26 21:12:27 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:12:27 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:12:27 localhost pluto[18356]: | flags: ISAKMP_FLAG_ENCRYPTION Nov 26 21:12:27 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:12:27 localhost pluto[18356]: | ***emit ISAKMP Identification Payload (IPsec DOI): Nov 26 21:12:27 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_CERT Nov 26 21:12:27 localhost pluto[18356]: | ID type: ID_DER_ASN1_DN Nov 26 21:12:27 localhost pluto[18356]: | Protocol ID: 0 Nov 26 21:12:27 localhost pluto[18356]: | port: 0 Nov 26 21:12:27 localhost pluto[18356]: | emitting 152 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) Nov 26 21:12:28 localhost pluto[18356]: | my identity 30 81 95 31 0b 30 09 06 03 55 04 06 13 02 4d 58 Nov 26 21:12:28 localhost pluto[18356]: | 31 13 30 11 06 03 55 04 08 13 0a 4e 75 65 76 6f Nov 26 21:12:28 localhost pluto[18356]: | 20 4c 65 6f 6e 31 0c 30 0a 06 03 55 04 07 13 03 Nov 26 21:12:28 localhost pluto[18356]: | 6f 2d 69 70 2e 63 6f 6d Nov 26 21:12:28 localhost pluto[18356]: | emitting length of ISAKMP Identification Payload (IPsec DOI): 160 Nov 26 21:12:28 localhost pluto[18356]: | ***emit ISAKMP Certificate Payload: Nov 26 21:12:28 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SIG Nov 26 21:12:28 localhost pluto[18356]: | cert encoding: CERT_X509_SIGNATURE Nov 26 21:12:28 localhost pluto[18356]: | emitting 971 raw bytes of CERT into ISAKMP Certificate Payload Nov 26 21:12:28 localhost pluto[18356]: | CERT 30 82 03 c7 30 82 03 30 a0 03 02 01 02 02 01 05 Nov 26 21:12:28 localhost pluto[18356]: | 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 Nov 26 21:12:28 localhost pluto[18356]: | 81 96 31 0b 30 09 06 03 55 04 06 13 02 4d 58 31 Nov 26 21:12:28 localhost pluto[18356]: | 13 30 11 06 03 55 04 08 13 0a 4e 75 65 76 6f 20 Nov 26 21:12:31 localhost pluto[18356]: | b0 93 a7 c8 ee bb 59 f8 55 21 1d Nov 26 21:12:31 localhost pluto[18356]: | emitting length of ISAKMP Certificate Payload: 976 Nov 26 21:12:31 localhost pluto[18356]: | hashing 160 bytes of SA Nov 26 21:12:31 localhost pluto[18356]: | signing hash with RSA Key *AwEAAeOng Nov 26 21:12:31 localhost pluto[18356]: | ***emit ISAKMP Signature Payload: Nov 26 21:12:31 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:12:31 localhost pluto[18356]: | emitting 128 raw bytes of SIG_R into ISAKMP Signature Payload Nov 26 21:12:31 localhost pluto[18356]: | SIG_R 52 f7 4c 66 b0 07 ec bd 24 70 3e da 4f 72 78 e7 Nov 26 21:12:31 localhost pluto[18356]: | 10 85 48 c4 b2 af 70 75 89 68 15 bb 53 75 a6 e6 Nov 26 21:12:31 localhost pluto[18356]: | 8f 29 db 7d f4 24 31 ca f3 ec c9 20 e5 14 b2 4f Nov 26 21:12:31 localhost pluto[18356]: | 33 9d f6 59 79 56 c6 b4 ea 34 11 63 bb 4f e0 c9 Nov 26 21:12:31 localhost pluto[18356]: | 5d f2 71 de 87 49 bb f4 c3 f1 ea 10 54 98 f0 d3 Nov 26 21:12:31 localhost pluto[18356]: | 1b 3d cf cf 8b 08 76 f1 f7 b4 bb 06 75 da 30 25 Nov 26 21:12:32 localhost pluto[18356]: | 3b 28 3c 7e 75 4e a3 e1 04 f3 04 4a 14 14 d5 8f Nov 26 21:12:32 localhost pluto[18356]: | 49 37 2c e1 a9 7f af a5 a2 0f 7b e0 7a 56 0b 81 Nov 26 21:12:32 localhost pluto[18356]: | emitting length of ISAKMP Signature Payload: 132 Nov 26 21:12:32 localhost pluto[18356]: | encrypting: Nov 26 21:12:32 localhost pluto[18356]: | 06 00 00 a0 09 00 00 00 30 81 95 31 0b 30 09 06 Nov 26 21:12:35 localhost pluto[18356]: | 14 14 d5 8f 49 37 2c e1 a9 7f af a5 a2 0f 7b e0 Nov 26 21:12:35 localhost pluto[18356]: | 7a 56 0b 81 Nov 26 21:12:35 localhost pluto[18356]: | emitting 4 zero bytes of encryption padding into ISAKMP Message Nov 26 21:12:35 localhost pluto[18356]: | encrypting using OAKLEY_3DES_CBC Nov 26 21:12:35 localhost pluto[18356]: | next IV: f7 aa ac ce 9a 84 f2 a6 Nov 26 21:12:35 localhost pluto[18356]: | emitting length of ISAKMP Message: 1300 Nov 26 21:12:35 localhost pluto[18356]: | last encrypted block of Phase 1: Nov 26 21:12:35 localhost pluto[18356]: | f7 aa ac ce 9a 84 f2 a6 Nov 26 21:12:35 localhost pluto[18356]: | sending 1300 bytes for STATE_MAIN_R2 through ppp0 to 200.65.105.19:500: Nov 26 21:12:35 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:36 localhost pluto[18356]: | 05 10 02 01 00 00 00 00 00 00 05 14 57 3d 16 33 Nov 26 21:12:39 localhost pluto[18356]: | 5a 24 e1 22 5f 2e 88 8e 14 99 f0 ba f7 aa ac ce Nov 26 21:12:39 localhost pluto[18356]: | 9a 84 f2 a6 Nov 26 21:12:39 localhost pluto[18356]: | inserting event EVENT_SA_REPLACE, timeout in 3330 seconds for #1 Nov 26 21:12:39 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #1: sent MR3, ISAKMP SA established Nov 26 21:12:39 localhost pluto[18356]: | next event EVENT_RETRANSMIT in -28 seconds for #2 Nov 26 21:12:39 localhost pluto[18356]: | Nov 26 21:12:39 localhost pluto[18356]: | *time to handle event Nov 26 21:12:39 localhost pluto[18356]: | event after this is EVENT_RETRANSMIT in -23 seconds Nov 26 21:12:39 localhost pluto[18356]: | handling event EVENT_RETRANSMIT for 200.65.105.19 "roadwarrior-net" #2 Nov 26 21:12:39 localhost pluto[18356]: | sending 84 bytes for EVENT_RETRANSMIT through ppp0 to 200.65.105.19:500: Nov 26 21:12:39 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b 05 6b 92 48 88 a7 bf 01 Nov 26 21:12:40 localhost pluto[18356]: | 00 00 70 80 Nov 26 21:12:40 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 40 seconds for #2 Nov 26 21:12:40 localhost pluto[18356]: | next event EVENT_RETRANSMIT in -24 seconds for #3 Nov 26 21:12:40 localhost pluto[18356]: | Nov 26 21:12:40 localhost pluto[18356]: | *time to handle event Nov 26 21:12:40 localhost pluto[18356]: | event after this is EVENT_RETRANSMIT in 40 seconds Nov 26 21:12:40 localhost pluto[18356]: | handling event EVENT_RETRANSMIT for 200.65.105.19 "roadwarrior-net" #3 Nov 26 21:12:40 localhost pluto[18356]: | sending 84 bytes for EVENT_RETRANSMIT through ppp0 to 200.65.105.19:500: Nov 26 21:12:40 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b e2 60 67 74 d0 f7 70 24 Nov 26 21:12:40 localhost pluto[18356]: | 01 10 02 00 00 00 00 00 00 00 00 54 00 00 00 38 Nov 26 21:12:40 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 40 seconds for #3 Nov 26 21:12:40 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 40 seconds for #3 Nov 26 21:12:40 localhost pluto[18356]: | Nov 26 21:12:40 localhost pluto[18356]: | *received 56 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:12:40 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b 05 6b 92 48 88 a7 bf 01 Nov 26 21:12:41 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:12:41 localhost pluto[18356]: | initiator cookie: Nov 26 21:12:41 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:41 localhost pluto[18356]: | responder cookie: Nov 26 21:12:41 localhost pluto[18356]: | 05 6b 92 48 88 a7 bf 01 Nov 26 21:12:41 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_N Nov 26 21:12:41 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:12:41 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_INFO Nov 26 21:12:41 localhost pluto[18356]: | flags: none Nov 26 21:12:41 localhost pluto[18356]: | message ID: fc ff 40 6e Nov 26 21:12:41 localhost pluto[18356]: | length: 56 Nov 26 21:12:41 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:41 localhost pluto[18356]: | RCOOKIE: 05 6b 92 48 88 a7 bf 01 Nov 26 21:12:41 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:12:41 localhost pluto[18356]: | state hash entry 21 Nov 26 21:12:41 localhost pluto[18356]: | state object #2 found, in STATE_MAIN_R1 Nov 26 21:12:41 localhost pluto[18356]: | ***parse ISAKMP Notification Payload: Nov 26 21:12:41 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:12:41 localhost pluto[18356]: | length: 28 Nov 26 21:12:41 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:12:41 localhost pluto[18356]: | protocol ID: 1 Nov 26 21:12:42 localhost pluto[18356]: | SPI size: 16 Nov 26 21:12:42 localhost pluto[18356]: | Notify Message Type: INVALID_COOKIE Nov 26 21:12:42 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #2: ignoring informational payload, type INVALID_COOKIE Nov 26 21:12:42 localhost pluto[18356]: | info: 0a 95 ef 17 45 11 ab 7b 05 6b 92 48 88 a7 bf 01 Nov 26 21:12:42 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #2: received and ignored informational message Nov 26 21:12:42 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 38 seconds for #3 Nov 26 21:12:42 localhost pluto[18356]: | Nov 26 21:12:42 localhost pluto[18356]: | *received 1468 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:12:46 localhost pluto[18356]: | 1d 8e e4 10 69 1f fc 2c fd 6b 58 4d Nov 26 21:12:46 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:12:46 localhost pluto[18356]: | initiator cookie: Nov 26 21:12:46 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:46 localhost pluto[18356]: | responder cookie: Nov 26 21:12:46 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:46 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_ID Nov 26 21:12:46 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:12:46 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:12:46 localhost pluto[18356]: | flags: ISAKMP_FLAG_ENCRYPTION Nov 26 21:12:46 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:12:46 localhost pluto[18356]: | length: 1468 Nov 26 21:12:46 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:46 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:46 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:12:46 localhost pluto[18356]: | state hash entry 12 Nov 26 21:12:46 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R3 Nov 26 21:12:46 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #1: retransmitting in response to duplicate packet; already STATE_MAIN_R3 Nov 26 21:12:47 localhost pluto[18356]: | sending 1300 bytes for retransmit in response to duplicate through ppp0 to 200.65.105.19:500: Nov 26 21:12:47 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:50 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 30 seconds for #3 Nov 26 21:12:50 localhost pluto[18356]: | Nov 26 21:12:50 localhost pluto[18356]: | *received 1468 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:12:50 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:54 localhost pluto[18356]: | 1d 8e e4 10 69 1f fc 2c fd 6b 58 4d Nov 26 21:12:54 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:12:54 localhost pluto[18356]: | initiator cookie: Nov 26 21:12:54 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:54 localhost pluto[18356]: | responder cookie: Nov 26 21:12:54 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:54 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_ID Nov 26 21:12:54 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:12:54 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:12:55 localhost pluto[18356]: | flags: ISAKMP_FLAG_ENCRYPTION Nov 26 21:12:55 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:12:55 localhost pluto[18356]: | length: 1468 Nov 26 21:12:55 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:55 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:12:55 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:12:55 localhost pluto[18356]: | state hash entry 12 Nov 26 21:12:55 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R3 Nov 26 21:12:55 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #1: retransmitting in response to duplicate packet; already STATE_MAIN_R3 Nov 26 21:12:55 localhost pluto[18356]: | sending 1300 bytes for retransmit in response to duplicate through ppp0 to 200.65.105.19:500: Nov 26 21:12:58 localhost pluto[18356]: | 9a 84 f2 a6 Nov 26 21:12:58 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 22 seconds for #3 Nov 26 21:12:58 localhost pluto[18356]: | Nov 26 21:12:58 localhost pluto[18356]: | *received 56 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:12:59 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b e2 60 67 74 d0 f7 70 24 Nov 26 21:12:59 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:12:59 localhost pluto[18356]: | initiator cookie: Nov 26 21:12:59 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:59 localhost pluto[18356]: | responder cookie: Nov 26 21:12:59 localhost pluto[18356]: | e2 60 67 74 d0 f7 70 24 Nov 26 21:12:59 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_N Nov 26 21:12:59 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:12:59 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_INFO Nov 26 21:12:59 localhost pluto[18356]: | flags: none Nov 26 21:12:59 localhost pluto[18356]: | message ID: 4b 46 29 61 Nov 26 21:12:59 localhost pluto[18356]: | length: 56 Nov 26 21:12:59 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:12:59 localhost pluto[18356]: | RCOOKIE: e2 60 67 74 d0 f7 70 24 Nov 26 21:12:59 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:12:59 localhost pluto[18356]: | state hash entry 22 Nov 26 21:12:59 localhost pluto[18356]: | state object #3 found, in STATE_MAIN_R1 Nov 26 21:12:59 localhost pluto[18356]: | ***parse ISAKMP Notification Payload: Nov 26 21:12:59 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:12:59 localhost pluto[18356]: | length: 28 Nov 26 21:12:59 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:13:00 localhost pluto[18356]: | protocol ID: 1 Nov 26 21:13:00 localhost pluto[18356]: | SPI size: 16 Nov 26 21:13:00 localhost pluto[18356]: | Notify Message Type: INVALID_COOKIE Nov 26 21:13:00 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #3: ignoring informational payload, type INVALID_COOKIE Nov 26 21:13:00 localhost pluto[18356]: | info: 0a 95 ef 17 45 11 ab 7b e2 60 67 74 d0 f7 70 24 Nov 26 21:13:00 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #3: received and ignored informational message Nov 26 21:13:00 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 20 seconds for #3 Nov 26 21:13:00 localhost pluto[18356]: | Nov 26 21:13:00 localhost pluto[18356]: | *received 1468 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:13:00 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:04 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:13:04 localhost pluto[18356]: | initiator cookie: Nov 26 21:13:04 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:04 localhost pluto[18356]: | responder cookie: Nov 26 21:13:04 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:04 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_ID Nov 26 21:13:04 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:13:04 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:13:04 localhost pluto[18356]: | flags: ISAKMP_FLAG_ENCRYPTION Nov 26 21:13:04 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:13:04 localhost pluto[18356]: | length: 1468 Nov 26 21:13:04 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:04 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:04 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:13:04 localhost pluto[18356]: | state hash entry 12 Nov 26 21:13:04 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R3 Nov 26 21:13:04 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #1: discarding duplicate packet -- exhausted retransmission; already STATE_MAIN_R3 Nov 26 21:13:04 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 16 seconds for #3 Nov 26 21:13:05 localhost pluto[18356]: | Nov 26 21:13:05 localhost pluto[18356]: | *received 1468 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:13:08 localhost pluto[18356]: | 9c 24 05 f4 3b e5 a3 54 76 85 8b e4 40 f6 74 06 Nov 26 21:13:08 localhost pluto[18356]: | 1d 8e e4 10 69 1f fc 2c fd 6b 58 4d Nov 26 21:13:08 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:13:08 localhost pluto[18356]: | initiator cookie: Nov 26 21:13:09 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:09 localhost pluto[18356]: | responder cookie: Nov 26 21:13:09 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:09 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_ID Nov 26 21:13:09 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:13:09 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:13:09 localhost pluto[18356]: | flags: ISAKMP_FLAG_ENCRYPTION Nov 26 21:13:09 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:13:09 localhost pluto[18356]: | length: 1468 Nov 26 21:13:09 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:09 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:09 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:13:09 localhost pluto[18356]: | state hash entry 12 Nov 26 21:13:09 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R3 Nov 26 21:13:09 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #1: discarding duplicate packet -- exhausted retransmission; already STATE_MAIN_R3 Nov 26 21:13:09 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 11 seconds for #3 Nov 26 21:13:09 localhost pluto[18356]: | Nov 26 21:13:09 localhost pluto[18356]: | *received 1468 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:13:09 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:13 localhost pluto[18356]: | 9c 24 05 f4 3b e5 a3 54 76 85 8b e4 40 f6 74 06 Nov 26 21:13:13 localhost pluto[18356]: | 1d 8e e4 10 69 1f fc 2c fd 6b 58 4d Nov 26 21:13:13 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:13:13 localhost pluto[18356]: | initiator cookie: Nov 26 21:13:13 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:13 localhost pluto[18356]: | responder cookie: Nov 26 21:13:13 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:13 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_ID Nov 26 21:13:13 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:13:13 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:13:13 localhost pluto[18356]: | flags: ISAKMP_FLAG_ENCRYPTION Nov 26 21:13:14 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:13:14 localhost pluto[18356]: | length: 1468 Nov 26 21:13:14 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:14 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:14 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:13:14 localhost pluto[18356]: | state hash entry 12 Nov 26 21:13:14 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R3 Nov 26 21:13:14 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #1: discarding duplicate packet -- exhausted retransmission; already STATE_MAIN_R3 Nov 26 21:13:14 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 6 seconds for #3 Nov 26 21:13:14 localhost pluto[18356]: | Nov 26 21:13:14 localhost pluto[18356]: | *received 56 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:13:14 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b 05 6b 92 48 88 a7 bf 01 Nov 26 21:13:14 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:13:14 localhost pluto[18356]: | initiator cookie: Nov 26 21:13:14 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:14 localhost pluto[18356]: | responder cookie: Nov 26 21:13:14 localhost pluto[18356]: | 05 6b 92 48 88 a7 bf 01 Nov 26 21:13:14 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_N Nov 26 21:13:14 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:13:14 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_INFO Nov 26 21:13:14 localhost pluto[18356]: | flags: none Nov 26 21:13:15 localhost pluto[18356]: | message ID: 7a a1 d7 05 Nov 26 21:13:15 localhost pluto[18356]: | length: 56 Nov 26 21:13:15 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:15 localhost pluto[18356]: | RCOOKIE: 05 6b 92 48 88 a7 bf 01 Nov 26 21:13:15 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:13:15 localhost pluto[18356]: | state hash entry 21 Nov 26 21:13:15 localhost pluto[18356]: | state object #2 found, in STATE_MAIN_R1 Nov 26 21:13:15 localhost pluto[18356]: | ***parse ISAKMP Notification Payload: Nov 26 21:13:15 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:13:15 localhost pluto[18356]: | length: 28 Nov 26 21:13:15 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:13:15 localhost pluto[18356]: | protocol ID: 1 Nov 26 21:13:15 localhost pluto[18356]: | SPI size: 16 Nov 26 21:13:15 localhost pluto[18356]: | Notify Message Type: INVALID_COOKIE Nov 26 21:13:15 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #2: ignoring informational payload, type INVALID_COOKIE Nov 26 21:13:15 localhost pluto[18356]: | info: 0a 95 ef 17 45 11 ab 7b 05 6b 92 48 88 a7 bf 01 Nov 26 21:13:15 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #2: received and ignored informational message Nov 26 21:13:15 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 5 seconds for #3 Nov 26 21:13:15 localhost pluto[18356]: | Nov 26 21:13:15 localhost pluto[18356]: | *received 56 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:13:15 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b e2 60 67 74 d0 f7 70 24 Nov 26 21:13:16 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:13:16 localhost pluto[18356]: | initiator cookie: Nov 26 21:13:16 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:16 localhost pluto[18356]: | responder cookie: Nov 26 21:13:16 localhost pluto[18356]: | e2 60 67 74 d0 f7 70 24 Nov 26 21:13:16 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_N Nov 26 21:13:16 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:13:16 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_INFO Nov 26 21:13:16 localhost pluto[18356]: | flags: none Nov 26 21:13:16 localhost pluto[18356]: | message ID: 1d d6 57 21 Nov 26 21:13:16 localhost pluto[18356]: | length: 56 Nov 26 21:13:16 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:16 localhost pluto[18356]: | RCOOKIE: e2 60 67 74 d0 f7 70 24 Nov 26 21:13:16 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:13:16 localhost pluto[18356]: | state hash entry 22 Nov 26 21:13:16 localhost pluto[18356]: | state object #3 found, in STATE_MAIN_R1 Nov 26 21:13:16 localhost pluto[18356]: | ***parse ISAKMP Notification Payload: Nov 26 21:13:16 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:13:16 localhost pluto[18356]: | length: 28 Nov 26 21:13:16 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:13:16 localhost pluto[18356]: | protocol ID: 1 Nov 26 21:13:16 localhost pluto[18356]: | SPI size: 16 Nov 26 21:13:16 localhost pluto[18356]: | Notify Message Type: INVALID_COOKIE Nov 26 21:13:16 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #3: ignoring informational payload, type INVALID_COOKIE Nov 26 21:13:17 localhost pluto[18356]: | info: 0a 95 ef 17 45 11 ab 7b e2 60 67 74 d0 f7 70 24 Nov 26 21:13:17 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #3: received and ignored informational message Nov 26 21:13:17 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 3 seconds for #3 Nov 26 21:13:17 localhost pluto[18356]: | Nov 26 21:13:17 localhost pluto[18356]: | *received 84 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:13:17 localhost pluto[18356]: | 8e 0c 43 51 0a a7 c4 ee ca 39 40 eb 60 90 fb ed Nov 26 21:13:17 localhost pluto[18356]: | 4b 2e 26 e0 Nov 26 21:13:17 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:13:17 localhost pluto[18356]: | initiator cookie: Nov 26 21:13:17 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:17 localhost pluto[18356]: | responder cookie: Nov 26 21:13:17 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:17 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_HASH Nov 26 21:13:17 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:13:17 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_INFO Nov 26 21:13:17 localhost pluto[18356]: | flags: ISAKMP_FLAG_ENCRYPTION Nov 26 21:13:17 localhost pluto[18356]: | message ID: f4 a0 36 21 Nov 26 21:13:17 localhost pluto[18356]: | length: 84 Nov 26 21:13:17 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:17 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:18 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:13:18 localhost pluto[18356]: | state hash entry 12 Nov 26 21:13:18 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R3 Nov 26 21:13:18 localhost pluto[18356]: | computed Phase 2 IV: Nov 26 21:13:18 localhost pluto[18356]: | d2 b1 44 3b 50 bc b5 50 d4 fe a5 e6 4b b3 25 2d Nov 26 21:13:18 localhost pluto[18356]: | 74 21 6d ad Nov 26 21:13:18 localhost pluto[18356]: | received encrypted packet from 200.65.105.19:500 Nov 26 21:13:18 localhost pluto[18356]: | decrypting 56 bytes using algorithm OAKLEY_3DES_CBC Nov 26 21:13:18 localhost pluto[18356]: | decrypted: Nov 26 21:13:18 localhost pluto[18356]: | bc e6 a3 2c 00 00 00 00 Nov 26 21:13:18 localhost pluto[18356]: | next IV: 60 90 fb ed 4b 2e 26 e0 Nov 26 21:13:18 localhost pluto[18356]: | ***parse ISAKMP Hash Payload: Nov 26 21:13:18 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_D Nov 26 21:13:18 localhost pluto[18356]: | length: 24 Nov 26 21:13:18 localhost pluto[18356]: | ***parse ISAKMP Delete Payload: Nov 26 21:13:18 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:13:18 localhost pluto[18356]: | length: 28 Nov 26 21:13:18 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:13:18 localhost pluto[18356]: | protocol ID: 1 Nov 26 21:13:18 localhost pluto[18356]: | SPI size: 16 Nov 26 21:13:18 localhost pluto[18356]: | number of SPIs: 1 Nov 26 21:13:19 localhost pluto[18356]: | removing 4 bytes of padding Nov 26 21:13:19 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #1: ignoring Delete SA payload Nov 26 21:13:19 localhost pluto[18356]: | del: 0a 95 ef 17 45 11 ab 7b f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:19 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #1: received and ignored informational message Nov 26 21:13:19 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 1 seconds for #3 Nov 26 21:13:19 localhost pluto[18356]: | Nov 26 21:13:19 localhost pluto[18356]: | *received 56 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:13:19 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:19 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:13:19 localhost pluto[18356]: | initiator cookie: Nov 26 21:13:19 localhost pluto[18356]: | 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:19 localhost pluto[18356]: | responder cookie: Nov 26 21:13:19 localhost pluto[18356]: | f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:19 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_N Nov 26 21:13:19 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:13:19 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_INFO Nov 26 21:13:19 localhost pluto[18356]: | flags: none Nov 26 21:13:19 localhost pluto[18356]: | message ID: 1a 85 d8 f9 Nov 26 21:13:19 localhost pluto[18356]: | length: 56 Nov 26 21:13:19 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:20 localhost pluto[18356]: | RCOOKIE: f6 7c 8a 4d bc e6 a3 2c Nov 26 21:13:20 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:13:20 localhost pluto[18356]: | state hash entry 12 Nov 26 21:13:20 localhost pluto[18356]: | state object #1 found, in STATE_MAIN_R3 Nov 26 21:13:20 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #1: Informational Exchange message for an established ISAKMP SA must be encrypted Nov 26 21:13:20 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 0 seconds for #3 Nov 26 21:13:20 localhost pluto[18356]: | Nov 26 21:13:20 localhost pluto[18356]: | *time to handle event Nov 26 21:13:20 localhost pluto[18356]: | event after this is EVENT_RETRANSMIT in 0 seconds Nov 26 21:13:20 localhost pluto[18356]: | handling event EVENT_RETRANSMIT for 200.65.105.19 "roadwarrior-net" #3 Nov 26 21:13:20 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #3: max number of retransmissions (2) reached STATE_MAIN_R1 Nov 26 21:13:20 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:20 localhost pluto[18356]: | RCOOKIE: e2 60 67 74 d0 f7 70 24 Nov 26 21:13:20 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:13:20 localhost pluto[18356]: | state hash entry 22 Nov 26 21:13:20 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 0 seconds for #2 Nov 26 21:13:20 localhost pluto[18356]: | Nov 26 21:13:20 localhost pluto[18356]: | *time to handle event Nov 26 21:13:20 localhost pluto[18356]: | event after this is EVENT_SHUNT_SCAN in 14 seconds Nov 26 21:13:20 localhost pluto[18356]: | handling event EVENT_RETRANSMIT for 200.65.105.19 "roadwarrior-net" #2 Nov 26 21:13:20 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19 #2: max number of retransmissions (2) reached STATE_MAIN_R1 Nov 26 21:13:20 localhost pluto[18356]: | ICOOKIE: 0a 95 ef 17 45 11 ab 7b Nov 26 21:13:20 localhost pluto[18356]: | RCOOKIE: 05 6b 92 48 88 a7 bf 01 Nov 26 21:13:20 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:13:21 localhost pluto[18356]: | state hash entry 21 Nov 26 21:13:21 localhost pluto[18356]: "roadwarrior-net"[1] 200.65.105.19: deleting connection "roadwarrior-net" instance with peer 200.65.105.19 Nov 26 21:13:21 localhost pluto[18356]: | next event EVENT_SHUNT_SCAN in 13 seconds Nov 26 21:13:34 localhost pluto[18356]: | Nov 26 21:13:34 localhost pluto[18356]: | *time to handle event Nov 26 21:13:34 localhost pluto[18356]: | event after this is EVENT_SA_REPLACE in 3275 seconds Nov 26 21:13:34 localhost pluto[18356]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Nov 26 21:13:34 localhost pluto[18356]: | next event EVENT_SHUNT_SCAN in 120 seconds Nov 26 21:15:34 localhost pluto[18356]: | Nov 26 21:15:34 localhost pluto[18356]: | *time to handle event Nov 26 21:15:34 localhost pluto[18356]: | event after this is EVENT_SA_REPLACE in 3155 seconds Nov 26 21:15:34 localhost pluto[18356]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Nov 26 21:15:34 localhost pluto[18356]: | next event EVENT_SHUNT_SCAN in 120 seconds Nov 26 21:17:34 localhost pluto[18356]: | Nov 26 21:17:34 localhost pluto[18356]: | *time to handle event Nov 26 21:17:34 localhost pluto[18356]: | event after this is EVENT_SA_REPLACE in 3035 seconds Nov 26 21:17:34 localhost pluto[18356]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Nov 26 21:17:34 localhost pluto[18356]: | next event EVENT_SHUNT_SCAN in 120 seconds Nov 26 21:19:34 localhost pluto[18356]: | Nov 26 21:19:34 localhost pluto[18356]: | *time to handle event Nov 26 21:19:34 localhost pluto[18356]: | event after this is EVENT_SA_REPLACE in 2915 seconds Nov 26 21:19:34 localhost pluto[18356]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Nov 26 21:19:34 localhost pluto[18356]: | next event EVENT_SHUNT_SCAN in 120 seconds Nov 26 21:20:48 localhost pluto[18356]: | Nov 26 21:20:48 localhost pluto[18356]: | *received 216 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:20:48 localhost pluto[18356]: | b5 87 e4 61 00 00 00 03 Nov 26 21:20:48 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:20:48 localhost pluto[18356]: | initiator cookie: Nov 26 21:20:48 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:20:49 localhost pluto[18356]: | responder cookie: Nov 26 21:20:49 localhost pluto[18356]: | 00 00 00 00 00 00 00 00 Nov 26 21:20:49 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SA Nov 26 21:20:49 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:20:49 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:20:49 localhost pluto[18356]: | flags: none Nov 26 21:20:49 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:20:49 localhost pluto[18356]: | length: 216 Nov 26 21:20:49 localhost pluto[18356]: | ***parse ISAKMP Security Association Payload: Nov 26 21:20:49 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_VID Nov 26 21:20:49 localhost pluto[18356]: | length: 164 Nov 26 21:20:49 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:20:49 localhost pluto[18356]: | ***parse ISAKMP Vendor ID Payload: Nov 26 21:20:49 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:20:49 localhost pluto[18356]: | length: 24 Nov 26 21:20:49 localhost pluto[18356]: packet from 200.65.105.19:500: ignoring Vendor ID payload Nov 26 21:20:49 localhost pluto[18356]: | VID: 1e 2b 51 69 05 99 1c 7d 7c 96 fc bf b5 87 e4 61 Nov 26 21:20:49 localhost pluto[18356]: | 00 00 00 03 Nov 26 21:20:49 localhost pluto[18356]: | creating state object #4 at 0x80abb10 Nov 26 21:20:49 localhost pluto[18356]: | ICOOKIE: 9c 47 d0 92 4a 54 c8 2a Nov 26 21:20:49 localhost pluto[18356]: | RCOOKIE: 86 0e cf bd c3 30 16 b5 Nov 26 21:20:49 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:20:49 localhost pluto[18356]: | state hash entry 12 Nov 26 21:20:49 localhost pluto[18356]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #4 Nov 26 21:20:50 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #4: responding to Main Mode from unknown peer 200.65.105.19 Nov 26 21:20:50 localhost pluto[18356]: | **emit ISAKMP Message: Nov 26 21:20:50 localhost pluto[18356]: | initiator cookie: Nov 26 21:20:50 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:20:50 localhost pluto[18356]: | responder cookie: Nov 26 21:20:50 localhost pluto[18356]: | 86 0e cf bd c3 30 16 b5 Nov 26 21:20:50 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SA Nov 26 21:20:50 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:20:50 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:20:50 localhost pluto[18356]: | flags: none Nov 26 21:20:50 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:20:50 localhost pluto[18356]: | ***emit ISAKMP Security Association Payload: Nov 26 21:20:50 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:20:50 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:20:50 localhost pluto[18356]: | ****parse IPsec DOI SIT: Nov 26 21:20:50 localhost pluto[18356]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Nov 26 21:20:50 localhost pluto[18356]: | ****parse ISAKMP Proposal Payload: Nov 26 21:20:50 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:20:50 localhost pluto[18356]: | length: 152 Nov 26 21:20:50 localhost pluto[18356]: | proposal number: 1 Nov 26 21:20:50 localhost pluto[18356]: | protocol ID: PROTO_ISAKMP Nov 26 21:20:50 localhost pluto[18356]: | SPI size: 0 Nov 26 21:20:50 localhost pluto[18356]: | number of transforms: 4 Nov 26 21:20:51 localhost pluto[18356]: | *****parse ISAKMP Transform Payload (ISAKMP): Nov 26 21:20:51 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_T Nov 26 21:20:51 localhost pluto[18356]: | length: 36 Nov 26 21:20:51 localhost pluto[18356]: | transform number: 1 Nov 26 21:20:51 localhost pluto[18356]: | transform ID: KEY_IKE Nov 26 21:20:51 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:20:51 localhost pluto[18356]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM Nov 26 21:20:51 localhost pluto[18356]: | length/value: 5 Nov 26 21:20:51 localhost pluto[18356]: | [5 is OAKLEY_3DES_CBC] Nov 26 21:20:51 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:20:51 localhost pluto[18356]: | af+type: OAKLEY_HASH_ALGORITHM Nov 26 21:20:51 localhost pluto[18356]: | length/value: 2 Nov 26 21:20:51 localhost pluto[18356]: | [2 is OAKLEY_SHA] Nov 26 21:20:51 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:20:51 localhost pluto[18356]: | af+type: OAKLEY_GROUP_DESCRIPTION Nov 26 21:20:51 localhost pluto[18356]: | length/value: 2 Nov 26 21:20:51 localhost pluto[18356]: | [2 is OAKLEY_GROUP_MODP1024] Nov 26 21:20:51 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:20:51 localhost pluto[18356]: | af+type: OAKLEY_AUTHENTICATION_METHOD Nov 26 21:20:51 localhost pluto[18356]: | length/value: 3 Nov 26 21:20:51 localhost pluto[18356]: | [3 is OAKLEY_RSA_SIG] Nov 26 21:20:51 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:20:51 localhost pluto[18356]: | af+type: OAKLEY_LIFE_TYPE Nov 26 21:20:51 localhost pluto[18356]: | length/value: 1 Nov 26 21:20:52 localhost pluto[18356]: | [1 is OAKLEY_LIFE_SECONDS] Nov 26 21:20:52 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:20:52 localhost pluto[18356]: | af+type: OAKLEY_LIFE_DURATION (variable length) Nov 26 21:20:52 localhost pluto[18356]: | length/value: 4 Nov 26 21:20:52 localhost pluto[18356]: | long duration: 28800 Nov 26 21:20:52 localhost pluto[18356]: | Oakley Transform 1 accepted Nov 26 21:20:52 localhost pluto[18356]: | ****emit IPsec DOI SIT: Nov 26 21:20:52 localhost pluto[18356]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Nov 26 21:20:52 localhost pluto[18356]: | ****emit ISAKMP Proposal Payload: Nov 26 21:20:52 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:20:52 localhost pluto[18356]: | proposal number: 1 Nov 26 21:20:52 localhost pluto[18356]: | protocol ID: PROTO_ISAKMP Nov 26 21:20:52 localhost pluto[18356]: | SPI size: 0 Nov 26 21:20:52 localhost pluto[18356]: | number of transforms: 1 Nov 26 21:20:52 localhost pluto[18356]: | *****emit ISAKMP Transform Payload (ISAKMP): Nov 26 21:20:52 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:20:52 localhost pluto[18356]: | transform number: 1 Nov 26 21:20:52 localhost pluto[18356]: | transform ID: KEY_IKE Nov 26 21:20:52 localhost pluto[18356]: | emitting 28 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) Nov 26 21:20:52 localhost pluto[18356]: | attributes 80 01 00 05 80 02 00 02 80 04 00 02 80 03 00 03 Nov 26 21:20:52 localhost pluto[18356]: | 80 0b 00 01 00 0c 00 04 00 00 70 80 Nov 26 21:20:52 localhost pluto[18356]: | emitting length of ISAKMP Transform Payload (ISAKMP): 36 Nov 26 21:20:52 localhost pluto[18356]: | emitting length of ISAKMP Proposal Payload: 44 Nov 26 21:20:52 localhost pluto[18356]: | emitting length of ISAKMP Security Association Payload: 56 Nov 26 21:20:53 localhost pluto[18356]: | emitting length of ISAKMP Message: 84 Nov 26 21:20:53 localhost pluto[18356]: | sending 84 bytes for STATE_MAIN_R0 through ppp0 to 200.65.105.19:500: Nov 26 21:20:53 localhost pluto[18356]: | 00 00 70 80 Nov 26 21:20:53 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #4 Nov 26 21:20:53 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 10 seconds for #4 Nov 26 21:20:53 localhost pluto[18356]: | Nov 26 21:20:53 localhost pluto[18356]: | *received 216 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:20:54 localhost pluto[18356]: | b5 87 e4 61 00 00 00 03 Nov 26 21:20:54 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:20:54 localhost pluto[18356]: | initiator cookie: Nov 26 21:20:54 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:20:54 localhost pluto[18356]: | responder cookie: Nov 26 21:20:54 localhost pluto[18356]: | 00 00 00 00 00 00 00 00 Nov 26 21:20:54 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SA Nov 26 21:20:54 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:20:54 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:20:54 localhost pluto[18356]: | flags: none Nov 26 21:20:54 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:20:54 localhost pluto[18356]: | length: 216 Nov 26 21:20:54 localhost pluto[18356]: | ***parse ISAKMP Security Association Payload: Nov 26 21:20:54 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_VID Nov 26 21:20:54 localhost pluto[18356]: | length: 164 Nov 26 21:20:54 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:20:54 localhost pluto[18356]: | ***parse ISAKMP Vendor ID Payload: Nov 26 21:20:54 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:20:54 localhost pluto[18356]: | length: 24 Nov 26 21:20:54 localhost pluto[18356]: packet from 200.65.105.19:500: ignoring Vendor ID payload Nov 26 21:20:54 localhost pluto[18356]: | VID: 1e 2b 51 69 05 99 1c 7d 7c 96 fc bf b5 87 e4 61 Nov 26 21:20:54 localhost pluto[18356]: | 00 00 00 03 Nov 26 21:20:54 localhost pluto[18356]: | creating state object #5 at 0x80abdb0 Nov 26 21:20:55 localhost pluto[18356]: | ICOOKIE: 9c 47 d0 92 4a 54 c8 2a Nov 26 21:20:55 localhost pluto[18356]: | RCOOKIE: 34 00 67 db 55 98 b9 d4 Nov 26 21:20:55 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:20:55 localhost pluto[18356]: | state hash entry 16 Nov 26 21:20:55 localhost pluto[18356]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #5 Nov 26 21:20:55 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #5: responding to Main Mode from unknown peer 200.65.105.19 Nov 26 21:20:55 localhost pluto[18356]: | **emit ISAKMP Message: Nov 26 21:20:55 localhost pluto[18356]: | initiator cookie: Nov 26 21:20:55 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:20:55 localhost pluto[18356]: | responder cookie: Nov 26 21:20:55 localhost pluto[18356]: | 34 00 67 db 55 98 b9 d4 Nov 26 21:20:55 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SA Nov 26 21:20:55 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:20:55 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:20:55 localhost pluto[18356]: | flags: none Nov 26 21:20:55 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:20:55 localhost pluto[18356]: | ***emit ISAKMP Security Association Payload: Nov 26 21:20:55 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:20:55 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:20:55 localhost pluto[18356]: | ****parse IPsec DOI SIT: Nov 26 21:20:55 localhost pluto[18356]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Nov 26 21:20:55 localhost pluto[18356]: | ****parse ISAKMP Proposal Payload: Nov 26 21:20:55 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:20:55 localhost pluto[18356]: | length: 152 Nov 26 21:20:56 localhost pluto[18356]: | proposal number: 1 Nov 26 21:20:56 localhost pluto[18356]: | protocol ID: PROTO_ISAKMP Nov 26 21:20:56 localhost pluto[18356]: | SPI size: 0 Nov 26 21:20:56 localhost pluto[18356]: | number of transforms: 4 Nov 26 21:20:56 localhost pluto[18356]: | *****parse ISAKMP Transform Payload (ISAKMP): Nov 26 21:20:56 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_T Nov 26 21:20:56 localhost pluto[18356]: | length: 36 Nov 26 21:20:56 localhost pluto[18356]: | transform number: 1 Nov 26 21:20:56 localhost pluto[18356]: | transform ID: KEY_IKE Nov 26 21:20:56 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:20:56 localhost pluto[18356]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM Nov 26 21:20:56 localhost pluto[18356]: | length/value: 5 Nov 26 21:20:56 localhost pluto[18356]: | [5 is OAKLEY_3DES_CBC] Nov 26 21:20:56 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:20:56 localhost pluto[18356]: | af+type: OAKLEY_HASH_ALGORITHM Nov 26 21:20:56 localhost pluto[18356]: | length/value: 2 Nov 26 21:20:56 localhost pluto[18356]: | [2 is OAKLEY_SHA] Nov 26 21:20:56 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:20:56 localhost pluto[18356]: | af+type: OAKLEY_GROUP_DESCRIPTION Nov 26 21:20:56 localhost pluto[18356]: | length/value: 2 Nov 26 21:20:56 localhost pluto[18356]: | [2 is OAKLEY_GROUP_MODP1024] Nov 26 21:20:56 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:20:56 localhost pluto[18356]: | af+type: OAKLEY_AUTHENTICATION_METHOD Nov 26 21:20:56 localhost pluto[18356]: | length/value: 3 Nov 26 21:20:57 localhost pluto[18356]: | [3 is OAKLEY_RSA_SIG] Nov 26 21:20:57 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:20:57 localhost pluto[18356]: | af+type: OAKLEY_LIFE_TYPE Nov 26 21:20:57 localhost pluto[18356]: | length/value: 1 Nov 26 21:20:57 localhost pluto[18356]: | [1 is OAKLEY_LIFE_SECONDS] Nov 26 21:20:57 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:20:57 localhost pluto[18356]: | af+type: OAKLEY_LIFE_DURATION (variable length) Nov 26 21:20:57 localhost pluto[18356]: | length/value: 4 Nov 26 21:20:57 localhost pluto[18356]: | long duration: 28800 Nov 26 21:20:57 localhost pluto[18356]: | Oakley Transform 1 accepted Nov 26 21:20:57 localhost pluto[18356]: | ****emit IPsec DOI SIT: Nov 26 21:20:57 localhost pluto[18356]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Nov 26 21:20:57 localhost pluto[18356]: | ****emit ISAKMP Proposal Payload: Nov 26 21:20:57 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:20:57 localhost pluto[18356]: | proposal number: 1 Nov 26 21:20:57 localhost pluto[18356]: | protocol ID: PROTO_ISAKMP Nov 26 21:20:57 localhost pluto[18356]: | SPI size: 0 Nov 26 21:20:57 localhost pluto[18356]: | number of transforms: 1 Nov 26 21:20:57 localhost pluto[18356]: | *****emit ISAKMP Transform Payload (ISAKMP): Nov 26 21:20:57 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:20:57 localhost pluto[18356]: | transform number: 1 Nov 26 21:20:57 localhost pluto[18356]: | transform ID: KEY_IKE Nov 26 21:20:57 localhost pluto[18356]: | emitting 28 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) Nov 26 21:20:57 localhost pluto[18356]: | attributes 80 01 00 05 80 02 00 02 80 04 00 02 80 03 00 03 Nov 26 21:20:58 localhost pluto[18356]: | 80 0b 00 01 00 0c 00 04 00 00 70 80 Nov 26 21:20:58 localhost pluto[18356]: | emitting length of ISAKMP Transform Payload (ISAKMP): 36 Nov 26 21:20:58 localhost pluto[18356]: | emitting length of ISAKMP Proposal Payload: 44 Nov 26 21:20:58 localhost pluto[18356]: | emitting length of ISAKMP Security Association Payload: 56 Nov 26 21:20:58 localhost pluto[18356]: | emitting length of ISAKMP Message: 84 Nov 26 21:20:58 localhost pluto[18356]: | sending 84 bytes for STATE_MAIN_R0 through ppp0 to 200.65.105.19:500: Nov 26 21:20:58 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 34 00 67 db 55 98 b9 d4 Nov 26 21:20:58 localhost pluto[18356]: | 00 00 70 80 Nov 26 21:20:58 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #5 Nov 26 21:20:58 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 5 seconds for #4 Nov 26 21:20:58 localhost pluto[18356]: | Nov 26 21:20:58 localhost pluto[18356]: | *received 216 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:20:59 localhost pluto[18356]: | b5 87 e4 61 00 00 00 03 Nov 26 21:20:59 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:20:59 localhost pluto[18356]: | initiator cookie: Nov 26 21:20:59 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:20:59 localhost pluto[18356]: | responder cookie: Nov 26 21:20:59 localhost pluto[18356]: | 00 00 00 00 00 00 00 00 Nov 26 21:20:59 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SA Nov 26 21:20:59 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:20:59 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:20:59 localhost pluto[18356]: | flags: none Nov 26 21:20:59 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:20:59 localhost pluto[18356]: | length: 216 Nov 26 21:20:59 localhost pluto[18356]: | ***parse ISAKMP Security Association Payload: Nov 26 21:20:59 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_VID Nov 26 21:20:59 localhost pluto[18356]: | length: 164 Nov 26 21:20:59 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:20:59 localhost pluto[18356]: | ***parse ISAKMP Vendor ID Payload: Nov 26 21:20:59 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:21:00 localhost pluto[18356]: | length: 24 Nov 26 21:21:00 localhost pluto[18356]: packet from 200.65.105.19:500: ignoring Vendor ID payload Nov 26 21:21:00 localhost pluto[18356]: | VID: 1e 2b 51 69 05 99 1c 7d 7c 96 fc bf b5 87 e4 61 Nov 26 21:21:00 localhost pluto[18356]: | 00 00 00 03 Nov 26 21:21:00 localhost pluto[18356]: | creating state object #6 at 0x80ab0f0 Nov 26 21:21:00 localhost pluto[18356]: | ICOOKIE: 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:00 localhost pluto[18356]: | RCOOKIE: 38 80 8d cb 32 f9 e2 93 Nov 26 21:21:00 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:21:00 localhost pluto[18356]: | state hash entry 16 Nov 26 21:21:00 localhost pluto[18356]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #6 Nov 26 21:21:00 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #6: responding to Main Mode from unknown peer 200.65.105.19 Nov 26 21:21:00 localhost pluto[18356]: | **emit ISAKMP Message: Nov 26 21:21:00 localhost pluto[18356]: | initiator cookie: Nov 26 21:21:00 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:00 localhost pluto[18356]: | responder cookie: Nov 26 21:21:00 localhost pluto[18356]: | 38 80 8d cb 32 f9 e2 93 Nov 26 21:21:00 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SA Nov 26 21:21:00 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:21:00 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:21:00 localhost pluto[18356]: | flags: none Nov 26 21:21:00 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:21:00 localhost pluto[18356]: | ***emit ISAKMP Security Association Payload: Nov 26 21:21:00 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:21:00 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:21:01 localhost pluto[18356]: | ****parse IPsec DOI SIT: Nov 26 21:21:01 localhost pluto[18356]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Nov 26 21:21:01 localhost pluto[18356]: | ****parse ISAKMP Proposal Payload: Nov 26 21:21:01 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:21:01 localhost pluto[18356]: | length: 152 Nov 26 21:21:01 localhost pluto[18356]: | proposal number: 1 Nov 26 21:21:01 localhost pluto[18356]: | protocol ID: PROTO_ISAKMP Nov 26 21:21:01 localhost pluto[18356]: | SPI size: 0 Nov 26 21:21:01 localhost pluto[18356]: | number of transforms: 4 Nov 26 21:21:01 localhost pluto[18356]: | *****parse ISAKMP Transform Payload (ISAKMP): Nov 26 21:21:01 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_T Nov 26 21:21:01 localhost pluto[18356]: | length: 36 Nov 26 21:21:01 localhost pluto[18356]: | transform number: 1 Nov 26 21:21:01 localhost pluto[18356]: | transform ID: KEY_IKE Nov 26 21:21:01 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:21:01 localhost pluto[18356]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM Nov 26 21:21:01 localhost pluto[18356]: | length/value: 5 Nov 26 21:21:01 localhost pluto[18356]: | [5 is OAKLEY_3DES_CBC] Nov 26 21:21:01 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:21:01 localhost pluto[18356]: | af+type: OAKLEY_HASH_ALGORITHM Nov 26 21:21:01 localhost pluto[18356]: | length/value: 2 Nov 26 21:21:01 localhost pluto[18356]: | [2 is OAKLEY_SHA] Nov 26 21:21:01 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:21:01 localhost pluto[18356]: | af+type: OAKLEY_GROUP_DESCRIPTION Nov 26 21:21:02 localhost pluto[18356]: | length/value: 2 Nov 26 21:21:02 localhost pluto[18356]: | [2 is OAKLEY_GROUP_MODP1024] Nov 26 21:21:02 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:21:02 localhost pluto[18356]: | af+type: OAKLEY_AUTHENTICATION_METHOD Nov 26 21:21:02 localhost pluto[18356]: | length/value: 3 Nov 26 21:21:02 localhost pluto[18356]: | [3 is OAKLEY_RSA_SIG] Nov 26 21:21:02 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:21:02 localhost pluto[18356]: | af+type: OAKLEY_LIFE_TYPE Nov 26 21:21:02 localhost pluto[18356]: | length/value: 1 Nov 26 21:21:02 localhost pluto[18356]: | [1 is OAKLEY_LIFE_SECONDS] Nov 26 21:21:02 localhost pluto[18356]: | ******parse ISAKMP Oakley attribute: Nov 26 21:21:02 localhost pluto[18356]: | af+type: OAKLEY_LIFE_DURATION (variable length) Nov 26 21:21:02 localhost pluto[18356]: | length/value: 4 Nov 26 21:21:02 localhost pluto[18356]: | long duration: 28800 Nov 26 21:21:02 localhost pluto[18356]: | Oakley Transform 1 accepted Nov 26 21:21:02 localhost pluto[18356]: | ****emit IPsec DOI SIT: Nov 26 21:21:02 localhost pluto[18356]: | IPsec DOI SIT: SIT_IDENTITY_ONLY Nov 26 21:21:02 localhost pluto[18356]: | ****emit ISAKMP Proposal Payload: Nov 26 21:21:02 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:21:02 localhost pluto[18356]: | proposal number: 1 Nov 26 21:21:02 localhost pluto[18356]: | protocol ID: PROTO_ISAKMP Nov 26 21:21:02 localhost pluto[18356]: | SPI size: 0 Nov 26 21:21:02 localhost pluto[18356]: | number of transforms: 1 Nov 26 21:21:02 localhost pluto[18356]: | *****emit ISAKMP Transform Payload (ISAKMP): Nov 26 21:21:03 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:21:03 localhost pluto[18356]: | transform number: 1 Nov 26 21:21:03 localhost pluto[18356]: | transform ID: KEY_IKE Nov 26 21:21:03 localhost pluto[18356]: | emitting 28 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP) Nov 26 21:21:03 localhost pluto[18356]: | attributes 80 01 00 05 80 02 00 02 80 04 00 02 80 03 00 03 Nov 26 21:21:03 localhost pluto[18356]: | 80 0b 00 01 00 0c 00 04 00 00 70 80 Nov 26 21:21:03 localhost pluto[18356]: | emitting length of ISAKMP Transform Payload (ISAKMP): 36 Nov 26 21:21:03 localhost pluto[18356]: | emitting length of ISAKMP Proposal Payload: 44 Nov 26 21:21:03 localhost pluto[18356]: | emitting length of ISAKMP Security Association Payload: 56 Nov 26 21:21:03 localhost pluto[18356]: | emitting length of ISAKMP Message: 84 Nov 26 21:21:03 localhost pluto[18356]: | sending 84 bytes for STATE_MAIN_R0 through ppp0 to 200.65.105.19:500: Nov 26 21:21:03 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 38 80 8d cb 32 f9 e2 93 Nov 26 21:21:03 localhost pluto[18356]: | 01 10 02 00 00 00 00 00 00 00 00 54 00 00 00 38 Nov 26 21:21:03 localhost pluto[18356]: | 00 00 00 01 00 00 00 01 00 00 00 2c 01 01 00 01 Nov 26 21:21:03 localhost pluto[18356]: | 00 00 00 24 01 01 00 00 80 01 00 05 80 02 00 02 Nov 26 21:21:03 localhost pluto[18356]: | 80 04 00 02 80 03 00 03 80 0b 00 01 00 0c 00 04 Nov 26 21:21:03 localhost pluto[18356]: | 00 00 70 80 Nov 26 21:21:03 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #6 Nov 26 21:21:03 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 0 seconds for #4 Nov 26 21:21:03 localhost pluto[18356]: | Nov 26 21:21:03 localhost pluto[18356]: | *time to handle event Nov 26 21:21:03 localhost pluto[18356]: | event after this is EVENT_RETRANSMIT in 5 seconds Nov 26 21:21:03 localhost pluto[18356]: | handling event EVENT_RETRANSMIT for 200.65.105.19 "roadwarrior-net" #4 Nov 26 21:21:03 localhost pluto[18356]: | sending 84 bytes for EVENT_RETRANSMIT through ppp0 to 200.65.105.19:500: Nov 26 21:21:04 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 86 0e cf bd c3 30 16 b5 Nov 26 21:21:04 localhost pluto[18356]: | 01 10 02 00 00 00 00 00 00 00 00 54 00 00 00 38 Nov 26 21:21:04 localhost pluto[18356]: | 00 00 00 01 00 00 00 01 00 00 00 2c 01 01 00 01 Nov 26 21:21:04 localhost pluto[18356]: | 00 00 00 24 01 01 00 00 80 01 00 05 80 02 00 02 Nov 26 21:21:04 localhost pluto[18356]: | 80 04 00 02 80 03 00 03 80 0b 00 01 00 0c 00 04 Nov 26 21:21:04 localhost pluto[18356]: | 00 00 70 80 Nov 26 21:21:04 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #4 Nov 26 21:21:04 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 4 seconds for #5 Nov 26 21:21:04 localhost pluto[18356]: | Nov 26 21:21:04 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:21:04 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 86 0e cf bd c3 30 16 b5 Nov 26 21:21:04 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:21:04 localhost pluto[18356]: | initiator cookie: Nov 26 21:21:05 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:05 localhost pluto[18356]: | responder cookie: Nov 26 21:21:05 localhost pluto[18356]: | 86 0e cf bd c3 30 16 b5 Nov 26 21:21:05 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:21:05 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:21:05 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:21:05 localhost pluto[18356]: | flags: none Nov 26 21:21:05 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:21:05 localhost pluto[18356]: | length: 184 Nov 26 21:21:05 localhost pluto[18356]: | ICOOKIE: 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:05 localhost pluto[18356]: | RCOOKIE: 86 0e cf bd c3 30 16 b5 Nov 26 21:21:05 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:21:05 localhost pluto[18356]: | state hash entry 12 Nov 26 21:21:05 localhost pluto[18356]: | state object #4 found, in STATE_MAIN_R1 Nov 26 21:21:05 localhost pluto[18356]: | ***parse ISAKMP Key Exchange Payload: Nov 26 21:21:05 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONCE Nov 26 21:21:05 localhost pluto[18356]: | length: 132 Nov 26 21:21:05 localhost pluto[18356]: | ***parse ISAKMP Nonce Payload: Nov 26 21:21:05 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:21:05 localhost pluto[18356]: | length: 24 Nov 26 21:21:05 localhost pluto[18356]: | **emit ISAKMP Message: Nov 26 21:21:05 localhost pluto[18356]: | initiator cookie: Nov 26 21:21:05 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:06 localhost pluto[18356]: | responder cookie: Nov 26 21:21:06 localhost pluto[18356]: | 86 0e cf bd c3 30 16 b5 Nov 26 21:21:06 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:21:06 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:21:06 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:21:06 localhost pluto[18356]: | flags: none Nov 26 21:21:06 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:21:06 localhost pluto[18356]: | DH public value received: Nov 26 21:21:06 localhost pluto[18356]: | 02 8c 9d 62 1c 1c 41 b7 09 ca a7 b0 2e 9e 19 d3 Nov 26 21:21:06 localhost pluto[18356]: | Local DH secret: Nov 26 21:21:06 localhost pluto[18356]: | bc 7f a6 93 26 1e ec be d6 86 58 4e fc 2e cc 10 Nov 26 21:21:06 localhost pluto[18356]: | 30 77 83 12 36 95 0b 2a 13 01 fa 1c 9a 2a 11 7c Nov 26 21:21:06 localhost pluto[18356]: | Public DH value sent: Nov 26 21:21:06 localhost pluto[18356]: | 34 ea 0e 55 d7 7c d7 0f 3b e0 88 7c 1d d2 5d ae Nov 26 21:21:07 localhost pluto[18356]: | c1 ff cb 4f 3e 46 9b 4f de 1c 94 4d 90 2a 4a be Nov 26 21:21:07 localhost pluto[18356]: | ***emit ISAKMP Key Exchange Payload: Nov 26 21:21:07 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONCE Nov 26 21:21:07 localhost pluto[18356]: | emitting 128 raw bytes of keyex value into ISAKMP Key Exchange Payload Nov 26 21:21:07 localhost pluto[18356]: | keyex value 34 ea 0e 55 d7 7c d7 0f 3b e0 88 7c 1d d2 5d ae Nov 26 21:21:07 localhost pluto[18356]: | 7e 3a e2 e8 d5 68 e5 b7 49 90 e5 69 1b f5 9d 4d Nov 26 21:21:07 localhost pluto[18356]: | 46 e9 51 dc 8d d4 86 81 07 a0 4b 01 28 0e 10 5e Nov 26 21:21:07 localhost pluto[18356]: | 35 8b dc 86 c4 3b e0 13 ac 07 a3 e6 56 13 96 e5 Nov 26 21:21:07 localhost pluto[18356]: | c5 84 78 e4 35 73 8e 45 9b ab 39 26 02 98 22 08 Nov 26 21:21:07 localhost pluto[18356]: | b9 63 9b 0f 95 83 32 c9 dd d3 f2 c1 51 9f 12 7a Nov 26 21:21:07 localhost pluto[18356]: | 32 3d c5 24 71 20 e3 64 66 42 55 d3 19 d5 55 e0 Nov 26 21:21:07 localhost pluto[18356]: | c1 ff cb 4f 3e 46 9b 4f de 1c 94 4d 90 2a 4a be Nov 26 21:21:07 localhost pluto[18356]: | emitting length of ISAKMP Key Exchange Payload: 132 Nov 26 21:21:07 localhost pluto[18356]: | ***emit ISAKMP Nonce Payload: Nov 26 21:21:07 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_CR Nov 26 21:21:07 localhost pluto[18356]: | emitting 16 raw bytes of Nr into ISAKMP Nonce Payload Nov 26 21:21:07 localhost pluto[18356]: | Nr 32 4e 2d 2b 89 e5 75 09 32 65 6f 47 b9 ee 04 91 Nov 26 21:21:07 localhost pluto[18356]: | emitting length of ISAKMP Nonce Payload: 20 Nov 26 21:21:07 localhost pluto[18356]: | ***emit ISAKMP Certificate RequestPayload: Nov 26 21:21:07 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:21:07 localhost pluto[18356]: | cert type: CERT_X509_SIGNATURE Nov 26 21:21:08 localhost pluto[18356]: | emitting length of ISAKMP Certificate RequestPayload: 5 Nov 26 21:21:08 localhost pluto[18356]: | emitting 3 zero bytes of message padding into ISAKMP Message Nov 26 21:21:08 localhost pluto[18356]: | emitting length of ISAKMP Message: 188 Nov 26 21:21:08 localhost pluto[18356]: | DH shared secret: Nov 26 21:21:08 localhost pluto[18356]: | 9b 34 2f e5 46 98 7f 8e 93 5b dd ac 99 bd 87 b1 Nov 26 21:21:08 localhost pluto[18356]: | cf 2a ef d2 0f f6 eb 75 26 47 b9 bc bf 00 16 64 Nov 26 21:21:08 localhost pluto[18356]: | Skeyid: 3a 9a 1f 37 f6 bf 33 6c e6 92 76 fe 61 1a 74 96 Nov 26 21:21:08 localhost pluto[18356]: | fb 8e 45 19 Nov 26 21:21:08 localhost pluto[18356]: | Skeyid_d: f8 b9 4a 00 02 ac 76 32 99 b7 ed f5 23 21 27 37 Nov 26 21:21:08 localhost pluto[18356]: | df 3c 03 aa Nov 26 21:21:08 localhost pluto[18356]: | Skeyid_a: e2 2f 0a 87 bf 42 c4 db ea b0 9d 68 6f c5 4f 2d Nov 26 21:21:08 localhost pluto[18356]: | d3 d6 80 41 Nov 26 21:21:08 localhost pluto[18356]: | Skeyid_e: a5 30 65 63 4a 2c d4 1d 38 65 a4 da 56 2f 56 87 Nov 26 21:21:08 localhost pluto[18356]: | 82 ba 17 ff Nov 26 21:21:08 localhost pluto[18356]: | enc key: e7 18 c5 b3 a4 0e cb 71 41 24 ef 1c 44 43 d5 a6 Nov 26 21:21:08 localhost pluto[18356]: | e4 65 88 37 98 06 e7 71 Nov 26 21:21:08 localhost pluto[18356]: | IV: 8c fd ce 76 7f dd 29 e8 b7 fe 85 00 c0 e4 fe 80 Nov 26 21:21:08 localhost pluto[18356]: | 7d 8b af 63 Nov 26 21:21:09 localhost pluto[18356]: | sending 188 bytes for STATE_MAIN_R1 through ppp0 to 200.65.105.19:500: Nov 26 21:21:09 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 86 0e cf bd c3 30 16 b5 Nov 26 21:21:09 localhost pluto[18356]: | b9 ee 04 91 00 00 00 05 04 00 00 00 Nov 26 21:21:09 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #4 Nov 26 21:21:09 localhost pluto[18356]: | next event EVENT_RETRANSMIT in -1 seconds for #5 Nov 26 21:21:09 localhost pluto[18356]: | Nov 26 21:21:09 localhost pluto[18356]: | *time to handle event Nov 26 21:21:09 localhost pluto[18356]: | event after this is EVENT_RETRANSMIT in 4 seconds Nov 26 21:21:09 localhost pluto[18356]: | handling event EVENT_RETRANSMIT for 200.65.105.19 "roadwarrior-net" #5 Nov 26 21:21:09 localhost pluto[18356]: | sending 84 bytes for EVENT_RETRANSMIT through ppp0 to 200.65.105.19:500: Nov 26 21:21:09 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 34 00 67 db 55 98 b9 d4 Nov 26 21:21:10 localhost pluto[18356]: | 00 00 70 80 Nov 26 21:21:10 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #5 Nov 26 21:21:10 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 3 seconds for #6 Nov 26 21:21:10 localhost pluto[18356]: | Nov 26 21:21:10 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:21:10 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 86 0e cf bd c3 30 16 b5 Nov 26 21:21:10 localhost pluto[18356]: | 23 12 3c 7f 90 d2 ec d8 Nov 26 21:21:10 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:21:10 localhost pluto[18356]: | initiator cookie: Nov 26 21:21:10 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:10 localhost pluto[18356]: | responder cookie: Nov 26 21:21:10 localhost pluto[18356]: | 86 0e cf bd c3 30 16 b5 Nov 26 21:21:10 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:21:11 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:21:11 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:21:11 localhost pluto[18356]: | flags: none Nov 26 21:21:11 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:21:11 localhost pluto[18356]: | length: 184 Nov 26 21:21:11 localhost pluto[18356]: | ICOOKIE: 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:11 localhost pluto[18356]: | RCOOKIE: 86 0e cf bd c3 30 16 b5 Nov 26 21:21:11 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:21:11 localhost pluto[18356]: | state hash entry 12 Nov 26 21:21:11 localhost pluto[18356]: | state object #4 found, in STATE_MAIN_R2 Nov 26 21:21:11 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #4: discarding duplicate packet; already STATE_MAIN_R2 Nov 26 21:21:11 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 2 seconds for #6 Nov 26 21:21:11 localhost pluto[18356]: | Nov 26 21:21:11 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:21:11 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 86 0e cf bd c3 30 16 b5 Nov 26 21:21:12 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:21:12 localhost pluto[18356]: | initiator cookie: Nov 26 21:21:12 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:12 localhost pluto[18356]: | responder cookie: Nov 26 21:21:12 localhost pluto[18356]: | 86 0e cf bd c3 30 16 b5 Nov 26 21:21:12 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:21:12 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:21:12 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:21:12 localhost pluto[18356]: | flags: none Nov 26 21:21:12 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:21:12 localhost pluto[18356]: | length: 184 Nov 26 21:21:12 localhost pluto[18356]: | ICOOKIE: 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:12 localhost pluto[18356]: | RCOOKIE: 86 0e cf bd c3 30 16 b5 Nov 26 21:21:12 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:21:12 localhost pluto[18356]: | state hash entry 12 Nov 26 21:21:12 localhost pluto[18356]: | state object #4 found, in STATE_MAIN_R2 Nov 26 21:21:12 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #4: discarding duplicate packet; already STATE_MAIN_R2 Nov 26 21:21:12 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 1 seconds for #6 Nov 26 21:21:12 localhost pluto[18356]: | Nov 26 21:21:12 localhost pluto[18356]: | *received 56 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:21:12 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 34 00 67 db 55 98 b9 d4 Nov 26 21:21:13 localhost pluto[18356]: | 0b 10 05 00 2a 6d ec 58 00 00 00 38 00 00 00 1c Nov 26 21:21:13 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:21:13 localhost pluto[18356]: | initiator cookie: Nov 26 21:21:13 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:13 localhost pluto[18356]: | responder cookie: Nov 26 21:21:13 localhost pluto[18356]: | 34 00 67 db 55 98 b9 d4 Nov 26 21:21:13 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_N Nov 26 21:21:13 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:21:13 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_INFO Nov 26 21:21:13 localhost pluto[18356]: | flags: none Nov 26 21:21:13 localhost pluto[18356]: | message ID: 2a 6d ec 58 Nov 26 21:21:13 localhost pluto[18356]: | length: 56 Nov 26 21:21:13 localhost pluto[18356]: | ICOOKIE: 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:13 localhost pluto[18356]: | RCOOKIE: 34 00 67 db 55 98 b9 d4 Nov 26 21:21:13 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:21:13 localhost pluto[18356]: | state hash entry 16 Nov 26 21:21:13 localhost pluto[18356]: | state object #5 found, in STATE_MAIN_R1 Nov 26 21:21:13 localhost pluto[18356]: | ***parse ISAKMP Notification Payload: Nov 26 21:21:13 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:21:13 localhost pluto[18356]: | length: 28 Nov 26 21:21:13 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:21:13 localhost pluto[18356]: | protocol ID: 1 Nov 26 21:21:14 localhost pluto[18356]: | SPI size: 16 Nov 26 21:21:14 localhost pluto[18356]: | Notify Message Type: INVALID_COOKIE Nov 26 21:21:14 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #5: ignoring informational payload, type INVALID_COOKIE Nov 26 21:21:14 localhost pluto[18356]: | info: 9c 47 d0 92 4a 54 c8 2a 34 00 67 db 55 98 b9 d4 Nov 26 21:21:14 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #5: received and ignored informational message Nov 26 21:21:14 localhost pluto[18356]: | next event EVENT_RETRANSMIT in -1 seconds for #6 Nov 26 21:21:14 localhost pluto[18356]: | Nov 26 21:21:14 localhost pluto[18356]: | *time to handle event Nov 26 21:21:14 localhost pluto[18356]: | event after this is EVENT_RETRANSMIT in 5 seconds Nov 26 21:21:14 localhost pluto[18356]: | handling event EVENT_RETRANSMIT for 200.65.105.19 "roadwarrior-net" #6 Nov 26 21:21:14 localhost pluto[18356]: | sending 84 bytes for EVENT_RETRANSMIT through ppp0 to 200.65.105.19:500: Nov 26 21:21:14 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 38 80 8d cb 32 f9 e2 93 Nov 26 21:21:14 localhost pluto[18356]: | 01 10 02 00 00 00 00 00 00 00 00 54 00 00 00 38 Nov 26 21:21:14 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #6 Nov 26 21:21:14 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 5 seconds for #4 Nov 26 21:21:14 localhost pluto[18356]: | Nov 26 21:21:14 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:21:14 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 86 0e cf bd c3 30 16 b5 Nov 26 21:21:15 localhost pluto[18356]: | 00 00 00 18 0c 45 f1 65 6b 2d 0d e2 a4 46 d7 fe Nov 26 21:21:15 localhost pluto[18356]: | 23 12 3c 7f 90 d2 ec d8 Nov 26 21:21:15 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:21:15 localhost pluto[18356]: | initiator cookie: Nov 26 21:21:15 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:15 localhost pluto[18356]: | responder cookie: Nov 26 21:21:15 localhost pluto[18356]: | 86 0e cf bd c3 30 16 b5 Nov 26 21:21:15 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:21:15 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:21:15 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:21:15 localhost pluto[18356]: | flags: none Nov 26 21:21:15 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:21:15 localhost pluto[18356]: | length: 184 Nov 26 21:21:15 localhost pluto[18356]: | ICOOKIE: 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:15 localhost pluto[18356]: | RCOOKIE: 86 0e cf bd c3 30 16 b5 Nov 26 21:21:15 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:21:15 localhost pluto[18356]: | state hash entry 12 Nov 26 21:21:16 localhost pluto[18356]: | state object #4 found, in STATE_MAIN_R2 Nov 26 21:21:16 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #4: discarding duplicate packet; already STATE_MAIN_R2 Nov 26 21:21:16 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 3 seconds for #4 Nov 26 21:21:16 localhost pluto[18356]: | Nov 26 21:21:16 localhost pluto[18356]: | *received 56 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:21:16 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 38 80 8d cb 32 f9 e2 93 Nov 26 21:21:16 localhost pluto[18356]: | 0b 10 05 00 1a cd 5e 54 00 00 00 38 00 00 00 1c Nov 26 21:21:16 localhost pluto[18356]: | 00 00 00 01 01 10 00 04 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:16 localhost pluto[18356]: | 38 80 8d cb 32 f9 e2 93 Nov 26 21:21:16 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:21:16 localhost pluto[18356]: | initiator cookie: Nov 26 21:21:16 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:16 localhost pluto[18356]: | responder cookie: Nov 26 21:21:16 localhost pluto[18356]: | 38 80 8d cb 32 f9 e2 93 Nov 26 21:21:16 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_N Nov 26 21:21:16 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:21:16 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_INFO Nov 26 21:21:16 localhost pluto[18356]: | flags: none Nov 26 21:21:16 localhost pluto[18356]: | message ID: 1a cd 5e 54 Nov 26 21:21:16 localhost pluto[18356]: | length: 56 Nov 26 21:21:16 localhost pluto[18356]: | ICOOKIE: 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:16 localhost pluto[18356]: | RCOOKIE: 38 80 8d cb 32 f9 e2 93 Nov 26 21:21:16 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:21:16 localhost pluto[18356]: | state hash entry 16 Nov 26 21:21:17 localhost pluto[18356]: | state object #6 found, in STATE_MAIN_R1 Nov 26 21:21:17 localhost pluto[18356]: | ***parse ISAKMP Notification Payload: Nov 26 21:21:17 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:21:17 localhost pluto[18356]: | length: 28 Nov 26 21:21:17 localhost pluto[18356]: | DOI: ISAKMP_DOI_IPSEC Nov 26 21:21:17 localhost pluto[18356]: | protocol ID: 1 Nov 26 21:21:17 localhost pluto[18356]: | SPI size: 16 Nov 26 21:21:17 localhost pluto[18356]: | Notify Message Type: INVALID_COOKIE Nov 26 21:21:17 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #6: ignoring informational payload, type INVALID_COOKIE Nov 26 21:21:17 localhost pluto[18356]: | info: 9c 47 d0 92 4a 54 c8 2a 38 80 8d cb 32 f9 e2 93 Nov 26 21:21:17 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #6: received and ignored informational message Nov 26 21:21:17 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 2 seconds for #4 Nov 26 21:21:17 localhost pluto[18356]: | Nov 26 21:21:17 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:21:17 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 86 0e cf bd c3 30 16 b5 Nov 26 21:21:17 localhost pluto[18356]: | 04 10 02 00 00 00 00 00 00 00 00 b8 0a 00 00 84 Nov 26 21:21:18 localhost pluto[18356]: | 23 12 3c 7f 90 d2 ec d8 Nov 26 21:21:18 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:21:18 localhost pluto[18356]: | initiator cookie: Nov 26 21:21:18 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:18 localhost pluto[18356]: | responder cookie: Nov 26 21:21:18 localhost pluto[18356]: | 86 0e cf bd c3 30 16 b5 Nov 26 21:21:18 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:21:18 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:21:18 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:21:18 localhost pluto[18356]: | flags: none Nov 26 21:21:18 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:21:18 localhost pluto[18356]: | length: 184 Nov 26 21:21:18 localhost pluto[18356]: | ICOOKIE: 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:18 localhost pluto[18356]: | RCOOKIE: 86 0e cf bd c3 30 16 b5 Nov 26 21:21:18 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:21:18 localhost pluto[18356]: | state hash entry 12 Nov 26 21:21:18 localhost pluto[18356]: | state object #4 found, in STATE_MAIN_R2 Nov 26 21:21:18 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #4: discarding duplicate packet; already STATE_MAIN_R2 Nov 26 21:21:18 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 1 seconds for #4 Nov 26 21:21:18 localhost pluto[18356]: | Nov 26 21:21:18 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:21:19 localhost pluto[18356]: | 00 00 00 18 0c 45 f1 65 6b 2d 0d e2 a4 46 d7 fe Nov 26 21:21:19 localhost pluto[18356]: | 23 12 3c 7f 90 d2 ec d8 Nov 26 21:21:19 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:21:19 localhost pluto[18356]: | initiator cookie: Nov 26 21:21:19 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:19 localhost pluto[18356]: | responder cookie: Nov 26 21:21:19 localhost pluto[18356]: | 86 0e cf bd c3 30 16 b5 Nov 26 21:21:19 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:21:19 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:21:19 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:21:19 localhost pluto[18356]: | flags: none Nov 26 21:21:19 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:21:19 localhost pluto[18356]: | length: 184 Nov 26 21:21:19 localhost pluto[18356]: | ICOOKIE: 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:19 localhost pluto[18356]: | RCOOKIE: 86 0e cf bd c3 30 16 b5 Nov 26 21:21:20 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:21:20 localhost pluto[18356]: | state hash entry 12 Nov 26 21:21:20 localhost pluto[18356]: | state object #4 found, in STATE_MAIN_R2 Nov 26 21:21:20 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #4: discarding duplicate packet; already STATE_MAIN_R2 Nov 26 21:21:20 localhost pluto[18356]: | next event EVENT_RETRANSMIT in -1 seconds for #4 Nov 26 21:21:20 localhost pluto[18356]: | Nov 26 21:21:20 localhost pluto[18356]: | *time to handle event Nov 26 21:21:20 localhost pluto[18356]: | event after this is EVENT_RETRANSMIT in 10 seconds Nov 26 21:21:20 localhost pluto[18356]: | handling event EVENT_RETRANSMIT for 200.65.105.19 "roadwarrior-net" #4 Nov 26 21:21:20 localhost pluto[18356]: | sending 188 bytes for EVENT_RETRANSMIT through ppp0 to 200.65.105.19:500: Nov 26 21:21:20 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 86 0e cf bd c3 30 16 b5 Nov 26 21:21:20 localhost pluto[18356]: | b9 ee 04 91 00 00 00 05 04 00 00 00 Nov 26 21:21:20 localhost pluto[18356]: | inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #4 Nov 26 21:21:20 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 10 seconds for #5 Nov 26 21:21:21 localhost pluto[18356]: | Nov 26 21:21:21 localhost pluto[18356]: | *received 184 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:21:21 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 86 0e cf bd c3 30 16 b5 Nov 26 21:21:21 localhost pluto[18356]: | 23 12 3c 7f 90 d2 ec d8 Nov 26 21:21:21 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:21:21 localhost pluto[18356]: | initiator cookie: Nov 26 21:21:21 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:21 localhost pluto[18356]: | responder cookie: Nov 26 21:21:21 localhost pluto[18356]: | 86 0e cf bd c3 30 16 b5 Nov 26 21:21:21 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_KE Nov 26 21:21:21 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:21:21 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:21:21 localhost pluto[18356]: | flags: none Nov 26 21:21:21 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:21:22 localhost pluto[18356]: | length: 184 Nov 26 21:21:22 localhost pluto[18356]: | ICOOKIE: 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:22 localhost pluto[18356]: | RCOOKIE: 86 0e cf bd c3 30 16 b5 Nov 26 21:21:22 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:21:22 localhost pluto[18356]: | state hash entry 12 Nov 26 21:21:22 localhost pluto[18356]: | state object #4 found, in STATE_MAIN_R2 Nov 26 21:21:22 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #4: discarding duplicate packet; already STATE_MAIN_R2 Nov 26 21:21:22 localhost pluto[18356]: | next event EVENT_RETRANSMIT in 8 seconds for #5 Nov 26 21:21:22 localhost pluto[18356]: | Nov 26 21:21:22 localhost pluto[18356]: | *received 1468 bytes from 200.65.105.19:500 on ppp0 Nov 26 21:21:22 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a 86 0e cf bd c3 30 16 b5 Nov 26 21:21:26 localhost pluto[18356]: | 8d a5 f7 fc 6d f9 49 6b e6 c0 4b c8 Nov 26 21:21:26 localhost pluto[18356]: | **parse ISAKMP Message: Nov 26 21:21:26 localhost pluto[18356]: | initiator cookie: Nov 26 21:21:26 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:26 localhost pluto[18356]: | responder cookie: Nov 26 21:21:26 localhost pluto[18356]: | 86 0e cf bd c3 30 16 b5 Nov 26 21:21:26 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_ID Nov 26 21:21:26 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:21:26 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:21:26 localhost pluto[18356]: | flags: ISAKMP_FLAG_ENCRYPTION Nov 26 21:21:26 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:21:26 localhost pluto[18356]: | length: 1468 Nov 26 21:21:26 localhost pluto[18356]: | ICOOKIE: 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:27 localhost pluto[18356]: | RCOOKIE: 86 0e cf bd c3 30 16 b5 Nov 26 21:21:27 localhost pluto[18356]: | peer: c8 41 69 13 Nov 26 21:21:27 localhost pluto[18356]: | state hash entry 12 Nov 26 21:21:27 localhost pluto[18356]: | state object #4 found, in STATE_MAIN_R2 Nov 26 21:21:27 localhost pluto[18356]: | received encrypted packet from 200.65.105.19:500 Nov 26 21:21:27 localhost pluto[18356]: | decrypting 1440 bytes using algorithm OAKLEY_3DES_CBC Nov 26 21:21:27 localhost pluto[18356]: | decrypted: Nov 26 21:21:27 localhost pluto[18356]: | 06 00 00 a4 09 00 00 00 30 81 99 31 0b 30 09 06 Nov 26 21:21:30 localhost pluto[18356]: | f7 0d 01 09 01 16 13 72 6f 6f 74 40 74 74 74 65 Nov 26 21:21:31 localhost pluto[18356]: | 2e 6e 6f 2d 69 70 2e 63 6f 6d 00 00 00 00 00 00 Nov 26 21:21:31 localhost pluto[18356]: | next IV: 6d f9 49 6b e6 c0 4b c8 Nov 26 21:21:31 localhost pluto[18356]: | ***parse ISAKMP Identification Payload: Nov 26 21:21:31 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_CERT Nov 26 21:21:31 localhost pluto[18356]: | length: 164 Nov 26 21:21:31 localhost pluto[18356]: | ID type: ID_DER_ASN1_DN Nov 26 21:21:31 localhost pluto[18356]: | DOI specific A: 0 Nov 26 21:21:31 localhost pluto[18356]: | DOI specific B: 0 Nov 26 21:21:31 localhost pluto[18356]: | ***parse ISAKMP Certificate Payload: Nov 26 21:21:31 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SIG Nov 26 21:21:31 localhost pluto[18356]: | length: 980 Nov 26 21:21:31 localhost pluto[18356]: | cert encoding: CERT_X509_SIGNATURE Nov 26 21:21:31 localhost pluto[18356]: | ***parse ISAKMP Signature Payload: Nov 26 21:21:31 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_CR Nov 26 21:21:31 localhost pluto[18356]: | length: 132 Nov 26 21:21:31 localhost pluto[18356]: | ***parse ISAKMP Certificate RequestPayload: Nov 26 21:21:31 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:21:31 localhost pluto[18356]: | length: 158 Nov 26 21:21:31 localhost pluto[18356]: | cert type: CERT_X509_SIGNATURE Nov 26 21:21:31 localhost pluto[18356]: | removing 6 bytes of padding Nov 26 21:21:31 localhost pluto[18356]: | DER ASN1 DN: 30 81 99 31 0b 30 09 06 03 55 04 06 13 02 4d 58 Nov 26 21:21:31 localhost pluto[18356]: | 31 13 30 11 06 03 55 04 08 13 0a 4e 75 65 76 6f Nov 26 21:21:32 localhost pluto[18356]: "roadwarrior-net"[2] 200.65.105.19 #4: Peer ID is ID_DER_ASN1_DN: 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esanchezvela@yahoo.com' Nov 26 21:21:32 localhost pluto[18356]: | L0 - certificate: Nov 26 21:21:32 localhost pluto[18356]: | 30 82 03 cb 30 82 03 34 a0 03 02 01 02 02 01 04 Nov 26 21:21:34 localhost pluto[18356]: | 64 9a a0 b6 ef 45 b6 6e 11 14 91 f3 19 d5 87 Nov 26 21:21:34 localhost pluto[18356]: | L1 - tbsCertificate: Nov 26 21:21:34 localhost pluto[18356]: | 30 82 03 34 a0 03 02 01 02 02 01 04 30 0d 06 09 Nov 26 21:21:35 localhost pluto[18356]: | 2a 86 48 86 f7 0d 01 01 04 05 00 30 81 96 31 0b Nov 26 21:21:37 localhost pluto[18356]: | L3 - version: Nov 26 21:21:37 localhost pluto[18356]: | 02 Nov 26 21:21:37 localhost pluto[18356]: | v3 Nov 26 21:21:37 localhost pluto[18356]: | L2 - serialNumber: Nov 26 21:21:37 localhost pluto[18356]: | 04 Nov 26 21:21:37 localhost pluto[18356]: | L2 - signature: Nov 26 21:21:37 localhost pluto[18356]: | L3 - sigAlg: Nov 26 21:21:37 localhost pluto[18356]: | 'md5WithRSAEncryption' Nov 26 21:21:37 localhost pluto[18356]: | L2 - issuer: Nov 26 21:21:37 localhost pluto[18356]: | 30 81 96 31 0b 30 09 06 03 55 04 06 13 02 4d 58 Nov 26 21:21:37 localhost pluto[18356]: | 6e 6f 2d 69 70 2e 63 6f 6d Nov 26 21:21:38 localhost pluto[18356]: | 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=root@ttte.no-ip.com' Nov 26 21:21:38 localhost pluto[18356]: | L2 - validity: Nov 26 21:21:38 localhost pluto[18356]: | L3 - notBefore: Nov 26 21:21:38 localhost pluto[18356]: | 'Nov 26 23:02:43 UTC 2002' Nov 26 21:21:38 localhost pluto[18356]: | L3 - notAfter: Nov 26 21:21:38 localhost pluto[18356]: | 'Nov 23 23:02:43 UTC 2012' Nov 26 21:21:38 localhost pluto[18356]: | L2 - subject: Nov 26 21:21:38 localhost pluto[18356]: | 30 81 99 31 0b 30 09 06 03 55 04 06 13 02 4d 58 Nov 26 21:21:38 localhost pluto[18356]: | 31 13 30 11 06 03 55 04 08 13 0a 4e 75 65 76 6f Nov 26 21:21:38 localhost pluto[18356]: | 20 4c 65 6f 6e 31 0c 30 0a 06 03 55 04 07 13 03 Nov 26 21:21:38 localhost pluto[18356]: | 47 70 65 31 16 30 14 06 03 55 04 0a 13 0d 54 54 Nov 26 21:21:38 localhost pluto[18356]: | 54 45 20 53 41 20 64 65 20 43 56 31 0f 30 0d 06 Nov 26 21:21:38 localhost pluto[18356]: | 03 55 04 0b 13 06 54 61 6c 6c 65 72 31 17 30 15 Nov 26 21:21:38 localhost pluto[18356]: | 06 03 55 04 03 13 0e 74 74 74 65 2e 6e 6f 2d 69 Nov 26 21:21:38 localhost pluto[18356]: | 70 2e 63 6f 6d 31 25 30 23 06 09 2a 86 48 86 f7 Nov 26 21:21:38 localhost pluto[18356]: | 0d 01 09 01 16 16 65 73 61 6e 63 68 65 7a 76 65 Nov 26 21:21:38 localhost pluto[18356]: | 6c 61 40 79 61 68 6f 6f 2e 63 6f 6d Nov 26 21:21:38 localhost pluto[18356]: | 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esanchezvela@yahoo.com' Nov 26 21:21:38 localhost pluto[18356]: | L2 - subjectPublicKeyInfo: Nov 26 21:21:38 localhost pluto[18356]: | L3 - algorithm: Nov 26 21:21:38 localhost pluto[18356]: | L4 - algorithm: Nov 26 21:21:38 localhost pluto[18356]: | 'rsaEncryption' Nov 26 21:21:38 localhost pluto[18356]: | L3 - subjectPublicKey: Nov 26 21:21:38 localhost pluto[18356]: | L4 - RSAPublicKey: Nov 26 21:21:39 localhost pluto[18356]: | L5 - modulus: Nov 26 21:21:39 localhost pluto[18356]: | 00 ce e3 13 14 e6 1b c6 ca da 0d 4e 70 c6 07 8b Nov 26 21:21:39 localhost pluto[18356]: | 37 07 a2 80 f1 72 00 a0 9f 8f d9 cb 4c d0 14 83 Nov 26 21:21:39 localhost pluto[18356]: | dd Nov 26 21:21:39 localhost pluto[18356]: | L5 - publicExponent: Nov 26 21:21:39 localhost pluto[18356]: | 01 00 01 Nov 26 21:21:39 localhost pluto[18356]: | L2 - optional extensions: Nov 26 21:21:39 localhost pluto[18356]: | L3 - extensions: Nov 26 21:21:39 localhost pluto[18356]: | L4 - extension: Nov 26 21:21:39 localhost pluto[18356]: | L5 - extnID: Nov 26 21:21:39 localhost pluto[18356]: | 'basicConstraints' Nov 26 21:21:39 localhost pluto[18356]: | L5 - critical: Nov 26 21:21:39 localhost pluto[18356]: | FALSE Nov 26 21:21:39 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:21:39 localhost pluto[18356]: | 30 00 Nov 26 21:21:39 localhost pluto[18356]: | L6 - basicConstraints: Nov 26 21:21:39 localhost pluto[18356]: | L7 - CA: Nov 26 21:21:39 localhost pluto[18356]: | FALSE Nov 26 21:21:40 localhost pluto[18356]: | L4 - extension: Nov 26 21:21:40 localhost pluto[18356]: | L5 - extnID: Nov 26 21:21:40 localhost pluto[18356]: | 'nsComment' Nov 26 21:21:40 localhost pluto[18356]: | L5 - critical: Nov 26 21:21:40 localhost pluto[18356]: | FALSE Nov 26 21:21:40 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:21:40 localhost pluto[18356]: | 16 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72 61 Nov 26 21:21:40 localhost pluto[18356]: | 74 65 64 20 43 65 72 74 69 66 69 63 61 74 65 Nov 26 21:21:40 localhost pluto[18356]: | L4 - extension: Nov 26 21:21:40 localhost pluto[18356]: | L5 - extnID: Nov 26 21:21:40 localhost pluto[18356]: | 'subjectKeyIdentifier' Nov 26 21:21:40 localhost pluto[18356]: | L5 - critical: Nov 26 21:21:40 localhost pluto[18356]: | FALSE Nov 26 21:21:40 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:21:40 localhost pluto[18356]: | 04 14 7c 73 ef 34 d6 30 4e 23 a8 b7 7a e2 0c a3 Nov 26 21:21:40 localhost pluto[18356]: | 2f 3b 28 14 25 2e Nov 26 21:21:40 localhost pluto[18356]: | L4 - extension: Nov 26 21:21:40 localhost pluto[18356]: | L5 - extnID: Nov 26 21:21:40 localhost pluto[18356]: | 'authorityKeyIdentifier' Nov 26 21:21:40 localhost pluto[18356]: | L5 - critical: Nov 26 21:21:40 localhost pluto[18356]: | FALSE Nov 26 21:21:40 localhost pluto[18356]: | L5 - extnValue: Nov 26 21:21:40 localhost pluto[18356]: | 30 81 b8 80 14 00 04 9e 46 33 2e 47 be 17 68 7e Nov 26 21:21:40 localhost pluto[18356]: | ff 8c 04 f9 2f 63 f1 de 2d a1 81 9c a4 81 99 30 Nov 26 21:21:41 localhost pluto[18356]: | 81 96 31 0b 30 09 06 03 55 04 06 13 02 4d 58 31 Nov 26 21:21:41 localhost pluto[18356]: | L2 - algorithm: Nov 26 21:21:41 localhost pluto[18356]: | 'md5WithRSAEncryption' Nov 26 21:21:41 localhost pluto[18356]: | L1 - signature: Nov 26 21:21:41 localhost pluto[18356]: | 00 c7 31 5f 15 08 9b 57 69 2d 4a 18 6c 67 ea 58 Nov 26 21:21:41 localhost pluto[18356]: | e7 d9 53 ca e4 72 38 74 c6 f7 ea dd 9d 23 dc 66 Nov 26 21:21:41 localhost pluto[18356]: | d5 89 fd c8 c6 09 a5 11 8d 18 33 e4 65 80 57 b4 Nov 26 21:21:41 localhost pluto[18356]: | e6 97 b4 96 c4 8f b1 2b e8 c8 fc c4 fe 8c ba 21 Nov 26 21:21:41 localhost pluto[18356]: | d6 7e 18 dc a2 f3 46 58 55 9c 8b 08 3e 30 63 f0 Nov 26 21:21:41 localhost pluto[18356]: | c2 9a 8c 26 d2 90 76 6f e5 5d 53 95 94 c0 f9 8d Nov 26 21:21:41 localhost pluto[18356]: | 57 ce fd c2 4a a9 e3 32 1c f4 69 80 a0 54 60 79 Nov 26 21:21:41 localhost pluto[18356]: | 02 dd 64 9a a0 b6 ef 45 b6 6e 11 14 91 f3 19 d5 Nov 26 21:21:41 localhost pluto[18356]: | 87 Nov 26 21:21:42 localhost pluto[18356]: | Subject: 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=esanchezvela@yahoo.com' Nov 26 21:21:42 localhost pluto[18356]: | not before : Nov 26 23:02:43 UTC 2002 Nov 26 21:21:42 localhost pluto[18356]: | current time: Nov 27 03:21:42 UTC 2002 Nov 26 21:21:42 localhost pluto[18356]: | not after : Nov 23 23:02:43 UTC 2012 Nov 26 21:21:42 localhost pluto[18356]: | certificate is valid Nov 26 21:21:42 localhost pluto[18356]: | Issuer: 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=root@ttte.no-ip.com' Nov 26 21:21:42 localhost pluto[18356]: | issuer CA certificate found Nov 26 21:21:42 localhost pluto[18356]: | Signature Algorithm: 'md5WithRSAEncryption' Nov 26 21:21:42 localhost pluto[18356]: | digest: f1 98 77 5e d6 20 49 18 bb 66 c6 22 7d 3e fd d0 Nov 26 21:21:42 localhost pluto[18356]: | decrypted signature: Nov 26 21:21:42 localhost pluto[18356]: | 00 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:21:42 localhost pluto[18356]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:21:42 localhost pluto[18356]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 30 Nov 26 21:21:42 localhost pluto[18356]: | 20 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 04 Nov 26 21:21:42 localhost pluto[18356]: | 10 f1 98 77 5e d6 20 49 18 bb 66 c6 22 7d 3e fd Nov 26 21:21:42 localhost pluto[18356]: | d0 Nov 26 21:21:42 localhost pluto[18356]: | certificate signature is valid Nov 26 21:21:42 localhost pluto[18356]: | issuer CRL found Nov 26 21:21:42 localhost pluto[18356]: | Signature Algorithm: 'md5WithRSAEncryption' Nov 26 21:21:42 localhost pluto[18356]: | digest: 32 46 74 7f e0 0a f8 95 b3 13 81 fa bf 57 28 5b Nov 26 21:21:42 localhost pluto[18356]: | decrypted signature: Nov 26 21:21:43 localhost pluto[18356]: | 00 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:21:43 localhost pluto[18356]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:21:43 localhost pluto[18356]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 30 Nov 26 21:21:43 localhost pluto[18356]: | 20 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 04 Nov 26 21:21:43 localhost pluto[18356]: | 10 32 46 74 7f e0 0a f8 95 b3 13 81 fa bf 57 28 Nov 26 21:21:43 localhost pluto[18356]: | 5b Nov 26 21:21:43 localhost pluto[18356]: | CRL signature is valid Nov 26 21:21:43 localhost pluto[18356]: | Next CRL update: Nov 26 21:21:43 localhost pluto[18356]: | this update : Nov 26 22:36:12 UTC 2002 Nov 26 21:21:43 localhost pluto[18356]: | current time: Nov 27 03:21:43 UTC 2002 Nov 26 21:21:43 localhost pluto[18356]: | next update : Dec 26 22:36:12 UTC 2002 Nov 26 21:21:43 localhost pluto[18356]: | Serial number: 04 Nov 26 21:21:43 localhost pluto[18356]: | certificate not revoked Nov 26 21:21:43 localhost pluto[18356]: | Subject: 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=root@ttte.no-ip.com' Nov 26 21:21:43 localhost pluto[18356]: | not before : Nov 26 21:21:53 UTC 2002 Nov 26 21:21:43 localhost pluto[18356]: | current time: Nov 27 03:21:43 UTC 2002 Nov 26 21:21:43 localhost pluto[18356]: | not after : Jun 04 17:35:45 UTC 2013 Nov 26 21:21:43 localhost pluto[18356]: | certificate is valid Nov 26 21:21:43 localhost pluto[18356]: | Issuer: 'C=MX, ST=Nuevo Leon, L=Gpe, O=TTTE SA de CV, OU=Taller, CN=ttte.no-ip.com, E=root@ttte.no-ip.com' Nov 26 21:21:43 localhost pluto[18356]: | issuer CA certificate found Nov 26 21:21:43 localhost pluto[18356]: | Signature Algorithm: 'md5WithRSAEncryption' Nov 26 21:21:43 localhost pluto[18356]: | digest: 71 dd 81 75 05 61 0c 4a 7d 10 95 5c 1d ad 55 d5 Nov 26 21:21:43 localhost pluto[18356]: | decrypted signature: Nov 26 21:21:43 localhost pluto[18356]: | 00 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:21:43 localhost pluto[18356]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:21:44 localhost pluto[18356]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 30 Nov 26 21:21:44 localhost pluto[18356]: | 20 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 04 Nov 26 21:21:44 localhost pluto[18356]: | 10 71 dd 81 75 05 61 0c 4a 7d 10 95 5c 1d ad 55 Nov 26 21:21:44 localhost pluto[18356]: | d5 Nov 26 21:21:44 localhost pluto[18356]: | certificate signature is valid Nov 26 21:21:44 localhost pluto[18356]: | issuer CRL found Nov 26 21:21:44 localhost pluto[18356]: | Signature Algorithm: 'md5WithRSAEncryption' Nov 26 21:21:44 localhost pluto[18356]: | digest: 32 46 74 7f e0 0a f8 95 b3 13 81 fa bf 57 28 5b Nov 26 21:21:44 localhost pluto[18356]: | decrypted signature: Nov 26 21:21:44 localhost pluto[18356]: | 00 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:21:44 localhost pluto[18356]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Nov 26 21:21:44 localhost pluto[18356]: | ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00 30 Nov 26 21:21:44 localhost pluto[18356]: | 20 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 04 Nov 26 21:21:44 localhost pluto[18356]: | 10 32 46 74 7f e0 0a f8 95 b3 13 81 fa bf 57 28 Nov 26 21:21:44 localhost pluto[18356]: | 5b Nov 26 21:21:44 localhost pluto[18356]: | CRL signature is valid Nov 26 21:21:44 localhost pluto[18356]: | Next CRL update: Nov 26 21:21:44 localhost pluto[18356]: | this update : Nov 26 22:36:12 UTC 2002 Nov 26 21:21:44 localhost pluto[18356]: | current time: Nov 27 03:21:44 UTC 2002 Nov 26 21:21:44 localhost pluto[18356]: | next update : Dec 26 22:36:12 UTC 2002 Nov 26 21:21:45 localhost pluto[18356]: | Serial number: 00 Nov 26 21:21:45 localhost pluto[18356]: | certificate not revoked Nov 26 21:21:45 localhost pluto[18356]: | Public key validated Nov 26 21:21:45 localhost pluto[18356]: | hashing 160 bytes of SA Nov 26 21:21:45 localhost pluto[18356]: | an RSA Sig check passed with *AwEAAc7jE [preloaded key] Nov 26 21:21:45 localhost pluto[18356]: | authentication succeeded Nov 26 21:21:45 localhost pluto[18356]: | **emit ISAKMP Message: Nov 26 21:21:45 localhost pluto[18356]: | initiator cookie: Nov 26 21:21:45 localhost pluto[18356]: | 9c 47 d0 92 4a 54 c8 2a Nov 26 21:21:45 localhost pluto[18356]: | responder cookie: Nov 26 21:21:45 localhost pluto[18356]: | 86 0e cf bd c3 30 16 b5 Nov 26 21:21:45 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_ID Nov 26 21:21:45 localhost pluto[18356]: | ISAKMP version: ISAKMP Version 1.0 Nov 26 21:21:45 localhost pluto[18356]: | exchange type: ISAKMP_XCHG_IDPROT Nov 26 21:21:45 localhost pluto[18356]: | flags: ISAKMP_FLAG_ENCRYPTION Nov 26 21:21:45 localhost pluto[18356]: | message ID: 00 00 00 00 Nov 26 21:21:45 localhost pluto[18356]: | ***emit ISAKMP Identification Payload (IPsec DOI): Nov 26 21:21:45 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_CERT Nov 26 21:21:45 localhost pluto[18356]: | ID type: ID_DER_ASN1_DN Nov 26 21:21:45 localhost pluto[18356]: | Protocol ID: 0 Nov 26 21:21:45 localhost pluto[18356]: | port: 0 Nov 26 21:21:45 localhost pluto[18356]: | emitting 152 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI) Nov 26 21:21:45 localhost pluto[18356]: | my identity 30 81 95 31 0b 30 09 06 03 55 04 06 13 02 4d 58 Nov 26 21:21:45 localhost pluto[18356]: | 31 13 30 11 06 03 55 04 08 13 0a 4e 75 65 76 6f Nov 26 21:21:45 localhost pluto[18356]: | 20 4c 65 6f 6e 31 0c 30 0a 06 03 55 04 07 13 03 Nov 26 21:21:45 localhost pluto[18356]: | 47 70 65 31 16 30 14 06 03 55 04 0a 13 0d 54 54 Nov 26 21:21:46 localhost pluto[18356]: | 54 45 20 53 41 20 64 65 20 43 56 31 0f 30 0d 06 Nov 26 21:21:46 localhost pluto[18356]: | 03 55 04 0b 13 06 54 61 6c 6c 65 72 31 17 30 15 Nov 26 21:21:46 localhost pluto[18356]: | 06 03 55 04 03 13 0e 74 74 74 65 2e 6e 6f 2d 69 Nov 26 21:21:46 localhost pluto[18356]: | 70 2e 63 6f 6d 31 21 30 1f 06 09 2a 86 48 86 f7 Nov 26 21:21:46 localhost pluto[18356]: | 0d 01 09 01 16 12 65 73 76 40 74 74 74 65 2e 6e Nov 26 21:21:46 localhost pluto[18356]: | 6f 2d 69 70 2e 63 6f 6d Nov 26 21:21:46 localhost pluto[18356]: | emitting length of ISAKMP Identification Payload (IPsec DOI): 160 Nov 26 21:21:46 localhost pluto[18356]: | ***emit ISAKMP Certificate Payload: Nov 26 21:21:46 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_SIG Nov 26 21:21:46 localhost pluto[18356]: | cert encoding: CERT_X509_SIGNATURE Nov 26 21:21:46 localhost pluto[18356]: | emitting 971 raw bytes of CERT into ISAKMP Certificate Payload Nov 26 21:21:46 localhost pluto[18356]: | CERT 30 82 03 c7 30 82 03 30 a0 03 02 01 02 02 01 05 Nov 26 21:21:46 localhost pluto[18356]: | 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 Nov 26 21:21:46 localhost pluto[18356]: | 81 96 31 0b 30 09 06 03 55 04 06 13 02 4d 58 31 Nov 26 21:21:46 localhost pluto[18356]: | 13 30 11 06 03 55 04 08 13 0a 4e 75 65 76 6f 20 Nov 26 21:21:46 localhost pluto[18356]: | 4c 65 6f 6e 31 0c 30 0a 06 03 55 04 07 13 03 47 Nov 26 21:21:46 localhost pluto[18356]: | 70 65 31 16 30 14 06 03 55 04 0a 13 0d 54 54 54 Nov 26 21:21:46 localhost pluto[18356]: | 45 20 53 41 20 64 65 20 43 56 31 0f 30 0d 06 03 Nov 26 21:21:46 localhost pluto[18356]: | 55 04 0b 13 06 54 61 6c 6c 65 72 31 17 30 15 06 Nov 26 21:21:46 localhost pluto[18356]: | 03 55 04 03 13 0e 74 74 74 65 2e 6e 6f 2d 69 70 Nov 26 21:21:46 localhost pluto[18356]: | 2e 63 6f 6d 31 22 30 20 06 09 2a 86 48 86 f7 0d Nov 26 21:21:46 localhost pluto[18356]: | 01 09 01 16 13 72 6f 6f 74 40 74 74 74 65 2e 6e Nov 26 21:21:46 localhost pluto[18356]: | 6f 2d 69 70 2e 63 6f 6d 30 1e 17 0d 30 32 31 31 Nov 26 21:21:46 localhost pluto[18356]: | 32 37 30 31 34 37 31 34 5a 17 0d 31 32 31 31 32 Nov 26 21:21:47 localhost pluto[18356]: | 34 30 31 34 37 31 34 5a 30 81 95 31 0b 30 09 06 Nov 26 21:21:47 localhost pluto[18356]: | 03 55 04 06 13 02 4d 58 31 13 30 11 06 03 55 04 Nov 26 21:21:47 localhost pluto[18356]: | 08 13 0a 4e 75 65 76 6f 20 4c 65 6f 6e 31 0c 30 Nov 26 21:21:47 localhost pluto[18356]: | 0a 06 03 55 04 07 13 03 47 70 65 31 16 30 14 06 Nov 26 21:21:47 localhost pluto[18356]: | 03 55 04 0a 13 0d 54 54 54 45 20 53 41 20 64 65 Nov 26 21:21:47 localhost pluto[18356]: | 20 43 56 31 0f 30 0d 06 03 55 04 0b 13 06 54 61 Nov 26 21:21:47 localhost pluto[18356]: | 6c 6c 65 72 31 17 30 15 06 03 55 04 03 13 0e 74 Nov 26 21:21:47 localhost pluto[18356]: | 74 74 65 2e 6e 6f 2d 69 70 2e 63 6f 6d 31 21 30 Nov 26 21:21:47 localhost pluto[18356]: | 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16 12 65 73 Nov 26 21:21:47 localhost pluto[18356]: | 76 40 74 74 74 65 2e 6e 6f 2d 69 70 2e 63 6f 6d Nov 26 21:21:47 localhost pluto[18356]: | 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 Nov 26 21:21:47 localhost pluto[18356]: | 05 00 03 81 8d 00 30 81 89 02 81 81 00 e3 a7 83 Nov 26 21:21:47 localhost pluto[18356]: | 85 e1 24 66 45 ff 6c 0e 25 5d 43 96 b2 ba 87 1d Nov 26 21:21:47 localhost pluto[18356]: | c5 26 53 69 a8 f1 00 29 0e dc 81 bc a7 35 97 a5 Nov 26 21:21:47 localhost pluto[18356]: | e7 e5 94 2c 6a 6d bc 57 bd 6e 56 9b 55 6f e5 99 Nov 26 21:21:47 localhost pluto[18356]: | 1a 00 a7 bb 4b 25 68 3d 5e fa 9d a6 fa db 2f 6f Nov 26 21:21:47 localhost pluto[18356]: | 96 cc fa 62 91 09 87 76 8f 82 2c f0 a4 83 11 54 Nov 26 21:21:47 localhost pluto[18356]: | 24 f9 ed 00 96 9e b4 49 32 81 0c 96 71 27 7e 6e Nov 26 21:21:47 localhost pluto[18356]: | 5a 41 2e 56 70 23 64 b1 66 24 b4 dd 77 af 67 39 Nov 26 21:21:47 localhost pluto[18356]: | 82 e9 00 f6 1e c5 81 74 b5 5a 4b b3 81 02 03 01 Nov 26 21:21:47 localhost pluto[18356]: | 00 01 a3 82 01 22 30 82 01 1e 30 09 06 03 55 1d Nov 26 21:21:47 localhost pluto[18356]: | 13 04 02 30 00 30 2c 06 09 60 86 48 01 86 f8 42 Nov 26 21:21:47 localhost pluto[18356]: | 01 0d 04 1f 16 1d 4f 70 65 6e 53 53 4c 20 47 65 Nov 26 21:21:47 localhost pluto[18356]: | 6e 65 72 61 74 65 64 20 43 65 72 74 69 66 69 63 Nov 26 21:21:48 localhost pluto[18356]: | 61 74 65 30 1d 06 03 55 1d 0e 04 16 04 14 a4 a0 Nov 26 21:21:48 localhost pluto[18356]: | 3a 8d 9d 2e 64 6b fb 7d 37 4c 1f fb aa 9e 89 9b Nov 26 21:21:48 localhost pluto[18356]: | c5 51 30 81 c3 06 03 55 1d 23 04 81 bb 30 81 b8 Nov 26 21:21:48 localhost pluto[18356]: | 80 14 00 04 9e 46 33 2e 47 be 17 68 7e ff 8c 04 Nov 26 21:21:48 localhost pluto[18356]: | f9 2f 63 f1 de 2d a1 81 9c a4 81 99 30 81 96 31 Nov 26 21:21:48 localhost pluto[18356]: | 0b 30 09 06 03 55 04 06 13 02 4d 58 31 13 30 11 Nov 26 21:21:48 localhost pluto[18356]: | 06 03 55 04 08 13 0a 4e 75 65 76 6f 20 4c 65 6f Nov 26 21:21:48 localhost pluto[18356]: | 6e 31 0c 30 0a 06 03 55 04 07 13 03 47 70 65 31 Nov 26 21:21:48 localhost pluto[18356]: | 16 30 14 06 03 55 04 0a 13 0d 54 54 54 45 20 53 Nov 26 21:21:48 localhost pluto[18356]: | 41 20 64 65 20 43 56 31 0f 30 0d 06 03 55 04 0b Nov 26 21:21:48 localhost pluto[18356]: | 13 06 54 61 6c 6c 65 72 31 17 30 15 06 03 55 04 Nov 26 21:21:48 localhost pluto[18356]: | 03 13 0e 74 74 74 65 2e 6e 6f 2d 69 70 2e 63 6f Nov 26 21:21:48 localhost pluto[18356]: | 6d 31 22 30 20 06 09 2a 86 48 86 f7 0d 01 09 01 Nov 26 21:21:48 localhost pluto[18356]: | 16 13 72 6f 6f 74 40 74 74 74 65 2e 6e 6f 2d 69 Nov 26 21:21:48 localhost pluto[18356]: | 70 2e 63 6f 6d 82 01 00 30 0d 06 09 2a 86 48 86 Nov 26 21:21:48 localhost pluto[18356]: | f7 0d 01 01 04 05 00 03 81 81 00 67 a5 ec 87 e6 Nov 26 21:21:48 localhost pluto[18356]: | 61 84 fe ac 9c c0 37 82 3a fb 3c 19 30 33 d2 c6 Nov 26 21:21:48 localhost pluto[18356]: | 08 20 f5 06 c4 5c b5 06 c5 68 99 a9 38 f6 8b 2a Nov 26 21:21:48 localhost pluto[18356]: | 40 9d b2 c3 c0 b6 61 e2 b2 06 4f c9 3e dc f1 38 Nov 26 21:21:48 localhost pluto[18356]: | 68 39 4c bc f3 95 9c 71 63 90 dc 03 32 a0 cb 7a Nov 26 21:21:48 localhost pluto[18356]: | fe 46 b5 cf 25 cc 6c 51 a6 87 79 61 ec 0f 45 14 Nov 26 21:21:48 localhost pluto[18356]: | c1 bf 7e ca 41 7c dd 6e 5d 9e 1d d8 01 f3 c5 ac Nov 26 21:21:48 localhost pluto[18356]: | da 95 26 c2 89 19 c1 3c 9d 5d 53 a6 14 4b f5 71 Nov 26 21:21:48 localhost pluto[18356]: | b0 93 a7 c8 ee bb 59 f8 55 21 1d Nov 26 21:21:49 localhost pluto[18356]: | emitting length of ISAKMP Certificate Payload: 976 Nov 26 21:21:49 localhost pluto[18356]: | hashing 160 bytes of SA Nov 26 21:21:49 localhost pluto[18356]: | signing hash with RSA Key *AwEAAeOng Nov 26 21:21:49 localhost pluto[18356]: | ***emit ISAKMP Signature Payload: Nov 26 21:21:49 localhost pluto[18356]: | next payload type: ISAKMP_NEXT_NONE Nov 26 21:21:49 localhost pluto[18356]: | emitting 128 raw bytes of SIG_R into ISAKMP Signature Payload Nov 26 21:21:49 localhost pluto[18356]: | SIG_R 84 67 e1 22 ae c1 4f 3b 97 6e 62 04 50 ed 95 e2 Nov 26 21:21:49 localhost pluto[18356]: | e3 9f 4d a4 98 35 d9 30 39 96 c7 00 86 3c 71 eb Nov 26 21:21:49 localhost pluto[18356]: | 92 1a 43 c4 be 99 f1 73 38 a2 57 c6 6e c4 9d b8 Nov 26 21:21:49 localhost pluto[18356]: | 4b 46 f0 01 63 98 8e da b4 ef e5 c1 1f 42 b3 7a Nov 26 21:21:49 localhost pluto[18356]: | 22 e6 34 a9 5c 04 36 75 95 92 45 59 f1 dd 3d ae Nov 26 21:21:49 localhost pluto[18356]: | 51 c1 d9 f6 5b b1 20 c9 3c fa 02 21 e6 9e 59 93 Nov 26 21:21:49 localhost pluto[18356]: | 34 9a 6f 8c 84 4e 36 18 e4 7f e6 f2 e8 30 95 ac Nov 26 21:21:49 localhost pluto[18356]: | da 6f 20 ea bc c5 7f e5 31 44 0d fc 1d 81 50 11 Nov 26 21:21:49 localhost pluto[18356]: | emitting length of ISAKMP Signature Payload: 132 Nov 26 21:21:49 localhost pluto[18356]: | encrypting: Nov 26 21:21:49 localhost pluto[18356]: | 06 00 00 a0 09 00 00 00 30 81 95 31 0b 30 09 06 Nov 26 21:21:49 localhost pluto[18356]: | 03 55 04 06 13 02 4d 58 31 13 30 11 06 03 55 04 Nov 26 21:21:49 localhost pluto[18356]: | 08 13 0a 4e 75 65 76 6f 20 4c 65 6f 6e 31 0c 30 Nov 26 21:21:49 localhost pluto[18356]: | 0a 06 03 55 04 07 13 03 47 70 65 31 16 30 14 06 Nov 26 21:21:49 localhost pluto[18356]: | 03 55 04 0a 13 0d 54 54 54 45 20 53 41 20 64 65 Nov 26 21:21:49 localhost pluto[18356]: | 20 43 56 31 0f 30 0d 06 03 55 04 0b 13 06 54 61 Nov 26 21:21:49 localhost pluto[18356]: | 6c 6c 65 72 31 17 30 15 06 03 55 04 03 13 0e 74 Nov 26 21:21:50 localhost pluto[18356]: | 74 74 65 2e 6e 6f 2d 69 70 2e 63 6f 6d 31 21 30 Nov 26 21:21:50 localhost pluto[18356]: | 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16 12 65 73 Nov 26 21:21:50 localhost pluto[18356]: | 76 40 74 74 74 65 2e 6e 6f 2d 69 70 2e 63 6f 6d Nov 26 21:21:50 localhost pluto[18356]: | 09 00 03 d0 04 30 82 03 c7 30 82 03 30 a0 03 02 Nov 26 21:21:50 localhost pluto[18356]: | 01 02 02 01 05 30 0d 06 09 2a 86 48 86 f7 0d 01 Nov 26 21:21:50 localhost pluto[18356]: | 01 04 05 00 30 81 96 31 0b 30 09 06 03 55 04 06 Nov 26 21:21:50 localhost pluto[18356]: | 13 02 4d 58 31 13 30 11 06 03 55 04 08 13 0a 4e Nov 26 21:21:50 localhost pluto[18356]: | 75 65 76 6f 20 4c 65 6f 6e 31 0c 30 0a 06 03 55 Nov 26 21:21:50 localhost pluto[18356]: | 04 07 13 03 47 70 65 31 16 30 14 06 03 55 04 0a Nov 26 21:21:50 localhost pluto[18356]: | 13 0d 54 54 54 45 20 53 41 20 64 65 20 43 56 31 Nov 26 21:21:50 localhost pluto[18356]: | 0f 30 0d 06 03 55 04 0b 13 06 54 61 6c 6c 65 72 Nov 26 21:21:50 localhost pluto[18356]: | 31 17 30 15 06 03 55 04 03 13 0e 74 74 74 65 2e Nov 26 21:21:50 localhost pluto[18356]: | 6e 6f 2d 69 70 2e 63 6f 6d 31 22 30 20 06 09 2a Nov 26 21:21:50 localhost pluto[18356]: | 86 48 86 f7 0d 01 09 01 16 13 72 6f 6f 74 40 74 Nov 26 21:21:50 localhost pluto[18356]: | 74 74 65 2e 6e 6f 2d 69 70 2e 63 6f 6d 30 1e 17 Nov 26 21:21:50 localhost pluto[18356]: | 0d 30 32 31 31 32 37 30 31 34 37 31 34 5a 17 0d