[Swan] Error ”cannot install eroute” when rekey/reconnect from the same IP (for L2TP)
Antonio Silva
asilva at wirelessmundi.com
Fri May 8 16:39:18 EEST 2015
Hi,
Not sure if this apply to me, i saw this same error in my log, "cannot
install eroute -- it is in use for "tunnel2-nat", when behind NAT i
tried to connect simultaneous users with windows and l2tp/ipsec
I've installed libreswan 3.12.
Is this setup possible?
For openswan i found this
https://lists.openswan.org/pipermail/users/2014-July/023037.html , but
not sure if this apply to libreswan as well....
****
My lab scenario to simulate a nat connection is very simple, two virtual
machines using wm on a debian box and them connect to the remote ipsec
server:
WM host win8.1 [192.168.8.131]
----
----
[192.168.8.1] HOST [192.168.10.25] ------- [192.168.10.254] SERVER
--- -
WM host win8.1 [192.168.8.129]
Attach my configuration and the respective log files when try to connect.
peer_one_connected.log.txt => peer one connected
peer_two_fail_simultaneous_con.log.txt => peer two fail to connect
Thanks for the help.
regards,
António
On 12/16/2014 02:11 AM, Paul Wouters wrote:
> On Fri, 12 Dec 2014, Elison Niven wrote:
>
>> Subject: [Swan] Error ”cannot install eroute” when rekey/reconnect
>> from the
>> same IP (for L2TP)
>
>> Is this fixed now ?
>> https://lists.openswan.org/pipermail/users/2010-April/018685.html
>
> I changed this test case:
>
> https://github.com/libreswan/libreswan/tree/master/testing/pluto/l2tp-02-netkey
>
>
> to simulate your scenario using:
>
> ipsec auto --up north-east-l2tp
> echo "c server" > /var/run/xl2tpd/l2tp-control
> sleep 5
> ipsec look
> : ==== cut ====
> cat /tmp/xl2tpd.log
> : ==== tuc ====
> ping -c 4 -n 192.0.2.254
> # testing passthrough plaintext
> echo quit | nc 192.0.2.254 22
> ip addr show dev ppp0
> sleep 5
> echo "d server" > /var/run/xl2tpd/l2tp-control
> ipsec auto --down north-east-l2tp
> sleep 5
> ipsec auto --up north-east-l2tp
> echo "c server" > /var/run/xl2tpd/l2tp-control
> sleep 5
> ipsec look
> echo done
>
> This worked fine. Both the first IPsec and PPP and the second IPsec and
> PPP came up successfully. Since it uses RSA, I then modified it to use
> PSK. But it still worked.
>
> Is there a chance you can try and test this with libreswan-3.12 ?
>
> Paul
>
>
> I'm not sure if that fully reproduced your
> connection from behind NAT? This connection used RSA, not PSK.
>
>
>
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
--
---
António Silva
-------------- next part --------------
# /etc/ipsec.conf - Openswan IPsec configuration file
# RCSID $Id: ipsec.conf.in,v 1.15.2.4 2006/07/11 16:17:53 paul Exp $
# This file: /usr/share/doc/openswan/ipsec.conf-sample
#
# Manual: ipsec.conf.5
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
plutodebug=all
plutorestartoncrash=false
dumpdir=/tmp
nat_traversal=yes
interfaces=%none
protostack=netkey
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
fragicmp=no
# Add connections here
## remote
conn tunnel1-nat
rightsubnet=vhost:%priv
also=tunnel1
conn tunnel1
pfs=no
type=transport
auto=add
auth=esp
authby=secret
keyingtries=3
rekey=no
ikelifetime=8h
keylife=1h
left=192.168.10.254
leftprotoport=17/%any
leftid=192.168.10.254
leftupdown=/opt/commsmundi/scripts/ipsec_monitor.php
right=%any
rightprotoport=17/%any
rightid=%any
rightupdown=/opt/commsmundi/scripts/ipsec_monitor.php
dpddelay=30
dpdtimeout=120
dpdaction=hold
# sample VPN connections, see /etc/ipsec.d/examples/
#Disable Opportunistic Encryption [ remove file include not supported any more ]
conn block
auto=ignore
conn private
auto=ignore
conn private-or-clear
auto=ignore
conn clear-or-private
auto=ignore
conn clear
auto=ignore
conn packetdefault
auto=ignore
-------------- next part --------------
May 8 15:22:53 bitch pluto[16274]: |
May 8 15:22:53 bitch pluto[16274]: | *received whack message
May 8 15:22:53 bitch pluto[16274]: shutting down
May 8 15:22:53 bitch pluto[16274]: | certs and keys locked by 'free_preshared_secrets'
May 8 15:22:53 bitch pluto[16274]: forgetting secrets
May 8 15:22:53 bitch pluto[16274]: | certs and keys unlocked by 'free_preshard_secrets'
May 8 15:22:53 bitch pluto[16274]: | processing connection tunnel1-nat[3] 192.168.10.25
May 8 15:22:53 bitch pluto[16274]: "tunnel1-nat"[3] 192.168.10.25: deleting connection "tunnel1-nat" instance with peer 192.168.10.25 {isakmp=#0/ipsec=#0}
May 8 15:22:53 bitch pluto[16274]: | processing connection tunnel1-nat
May 8 15:22:53 bitch pluto[16274]: "tunnel1-nat" #4: deleting state (STATE_QUICK_R0)
May 8 15:22:53 bitch pluto[16274]: | deleting state #4
May 8 15:22:53 bitch pluto[16274]: | deleting event for #4
May 8 15:22:53 bitch pluto[16274]: | ICOOKIE: b4 c5 a7 e5 d0 f7 4d bd
May 8 15:22:53 bitch pluto[16274]: | RCOOKIE: fa 87 f6 77 e3 c5 64 49
May 8 15:22:53 bitch pluto[16274]: | state hash entry 19
May 8 15:22:53 bitch pluto[16274]: | processing connection tunnel1-nat
May 8 15:22:53 bitch pluto[16274]: "tunnel1-nat" #5: deleting state (STATE_MAIN_R1)
May 8 15:22:53 bitch pluto[16274]: | deleting state #5
May 8 15:22:53 bitch pluto[16274]: | deleting event for #5
May 8 15:22:53 bitch pluto[16274]: | ICOOKIE: 0a 4d c3 3e 00 03 74 cf
May 8 15:22:53 bitch pluto[16274]: | RCOOKIE: 4b fb f6 8a 10 b3 31 74
May 8 15:22:53 bitch pluto[16274]: | state hash entry 30
May 8 15:22:53 bitch pluto[16274]: | processing connection tunnel1
May 8 15:22:53 bitch pluto[16274]: "tunnel1": deleting connection
May 8 15:22:53 bitch pluto[16274]: | processing connection tunnel1-nat
May 8 15:22:53 bitch pluto[16274]: "tunnel1-nat": deleting connection
May 8 15:22:53 bitch pluto[16274]: | crl fetch request list locked by 'free_crl_fetch'
May 8 15:22:53 bitch pluto[16274]: | crl fetch request list unlocked by 'free_crl_fetch'
May 8 15:22:53 bitch pluto[16274]: | authcert list locked by 'free_authcerts'
May 8 15:22:53 bitch pluto[16274]: | authcert list unlocked by 'free_authcerts'
May 8 15:22:53 bitch pluto[16274]: | crl list locked by 'free_crls'
May 8 15:22:53 bitch pluto[16274]: | crl list unlocked by 'free_crls'
May 8 15:22:53 bitch pluto[16274]: shutting down interface lo/lo 127.0.0.1:4500
May 8 15:22:53 bitch pluto[16274]: shutting down interface lo/lo 127.0.0.1:500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth0/eth0 10.10.0.1:4500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth0/eth0 10.10.0.1:500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth1/eth1 192.168.10.254:4500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth1/eth1 192.168.10.254:500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth1/eth1 192.168.11.254:4500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth1/eth1 192.168.11.254:500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth2/eth2 192.168.3.254:4500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth2/eth2 192.168.3.254:500
May 8 15:22:53 bitch ipsec__plutorun: pluto killed by SIGTERM, terminating without restart
May 8 15:22:53 bitch ipsec__plutorun: Starting Pluto subsystem...
May 8 15:22:53 bitch pluto[19962]: nss directory plutomain: /etc/ipsec.d
May 8 15:22:53 bitch pluto[19962]: NSS Initialized
May 8 15:22:53 bitch pluto[19962]: libcap-ng support [disabled]
May 8 15:22:53 bitch pluto[19962]: FIPS HMAC integrity support [disabled]
May 8 15:22:53 bitch pluto[19962]: Linux audit support [disabled]
May 8 15:22:53 bitch pluto[19962]: Starting Pluto (Libreswan Version 3.12 XFRM(netkey) KLIPS NSS DNSSEC XAUTH_PAM NETWORKMANAGER KLIPS_MAST CURL(non-NSS) LDAP(non-NSS)) pid:19962
May 8 15:22:53 bitch pluto[19962]: core dump dir: /tmp
May 8 15:22:53 bitch pluto[19962]: secrets file: /etc/ipsec.secrets
May 8 15:22:53 bitch pluto[19962]: leak-detective disabled
May 8 15:22:53 bitch pluto[19962]: SAref support [disabled]: Protocol not available
May 8 15:22:53 bitch pluto[19962]: SAbind support [disabled]: Protocol not available
May 8 15:22:53 bitch pluto[19962]: NSS crypto [enabled]
May 8 15:22:53 bitch pluto[19962]: XAUTH PAM support [enabled]
May 8 15:22:53 bitch pluto[19962]: NAT-Traversal support [enabled]
May 8 15:22:53 bitch pluto[19962]: | inserting event EVENT_REINIT_SECRET, timeout in 3600 seconds
May 8 15:22:53 bitch pluto[19962]: | event added at head of queue
May 8 15:22:53 bitch pluto[19962]: | inserting event EVENT_PENDING_DDNS, timeout in 60 seconds
May 8 15:22:53 bitch pluto[19962]: | event added at head of queue
May 8 15:22:53 bitch pluto[19962]: | inserting event EVENT_PENDING_PHASE2, timeout in 120 seconds
May 8 15:22:53 bitch pluto[19962]: | event added after event EVENT_PENDING_DDNS
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC_SSH: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating DISABLED-OAKLEY_AES_CTR: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_hash(): Activating DISABLED-OAKLEY_AES_XCBC: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating DISABLED-OAKLEY_CAMELLIA_CBC: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating OAKLEY_CAMELLIA_CTR: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_hash(): Activating OAKLEY_SHA2_384: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok
May 8 15:22:53 bitch pluto[19962]: starting up 3 crypto helpers
May 8 15:22:53 bitch pluto[19962]: started thread for crypto helper 0 (master fd 6)
May 8 15:22:53 bitch pluto[19962]: started thread for crypto helper 1 (master fd 8)
May 8 15:22:53 bitch pluto[19962]: | status value returned by setting the priority of this thread (crypto helper 1) 0
May 8 15:22:53 bitch pluto[19962]: | crypto helper 1 waiting on fd 9
May 8 15:22:53 bitch pluto[19962]: | status value returned by setting the priority of this thread (crypto helper 2) 0
May 8 15:22:53 bitch pluto[19962]: | crypto helper 2 waiting on fd 11
May 8 15:22:53 bitch pluto[19962]: | status value returned by setting the priority of this thread (crypto helper 0) 0
May 8 15:22:53 bitch pluto[19962]: | crypto helper 0 waiting on fd 7
May 8 15:22:53 bitch pluto[19962]: started thread for crypto helper 2 (master fd 10)
May 8 15:22:53 bitch pluto[19962]: Using Linux XFRM/NETKEY IPsec interface code on 3.10.58
May 8 15:22:53 bitch pluto[19962]: | process 19962 listening for PF_KEY_V2 on file descriptor 15
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_init()
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=18(ESP_AES_GCM_A)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=19(ESP_AES_GCM_B)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=20(ESP_AES_GCM_C)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=14(ESP_AES_CCM_A)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=15(ESP_AES_CCM_B)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=16(ESP_AES_CCM_C)
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating aes_ccm_8: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating aes_ccm_12: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating aes_ccm_16: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating aes_gcm_8: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating aes_gcm_12: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating aes_gcm_16: Ok
May 8 15:22:53 bitch pluto[19962]: | Registered AEAD AES CCM/GCM algorithms
May 8 15:22:53 bitch pluto[19962]: | finish_pfkey_msg: K_SADB_REGISTER message 1 for AH
May 8 15:22:53 bitch pluto[19962]: | 02 07 00 02 02 00 00 00 01 00 00 00 fa 4d 00 00
May 8 15:22:53 bitch pluto[19962]: | pfkey_get: K_SADB_REGISTER message 1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: sadb_msg_len=22 sadb_supported_len=72
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14, alg_id=251(ESP_KAME_NULL)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[0], exttype=14, satype=2, alg_id=251, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14, alg_id=2(ESP_DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[1], exttype=14, satype=2, alg_id=2, alg_ivlen=0, alg_minbits=128, alg_maxbits=128, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14, alg_id=3(ESP_3DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[2], exttype=14, satype=2, alg_id=3, alg_ivlen=0, alg_minbits=160, alg_maxbits=160, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14, alg_id=5(ESP_IDEA)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[3], exttype=14, satype=2, alg_id=5, alg_ivlen=0, alg_minbits=256, alg_maxbits=256, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14, alg_id=6(ESP_CAST)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[4], exttype=14, satype=2, alg_id=6, alg_ivlen=0, alg_minbits=384, alg_maxbits=384, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14, alg_id=7(ESP_BLOWFISH)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[5], exttype=14, satype=2, alg_id=7, alg_ivlen=0, alg_minbits=512, alg_maxbits=512, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14, alg_id=8(ESP_3IDEA)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[6], exttype=14, satype=2, alg_id=8, alg_ivlen=0, alg_minbits=160, alg_maxbits=160, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14, alg_id=9(ESP_DES_IV32)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[7], exttype=14, satype=2, alg_id=9, alg_ivlen=0, alg_minbits=128, alg_maxbits=128, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: sadb_msg_len=22 sadb_supported_len=88
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15, alg_id=11(ESP_NULL)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,11) fails because alg combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[8], exttype=15, satype=2, alg_id=11, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15, alg_id=2(ESP_DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,2) fails because alg combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[9], exttype=15, satype=2, alg_id=2, alg_ivlen=8, alg_minbits=64, alg_maxbits=64, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15, alg_id=3(ESP_3DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,3) fails because alg combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[10], exttype=15, satype=2, alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15, alg_id=6(ESP_CAST)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,6) fails because alg combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[11], exttype=15, satype=2, alg_id=6, alg_ivlen=8, alg_minbits=40, alg_maxbits=128, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15, alg_id=7(ESP_BLOWFISH)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,7) fails because alg combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[12], exttype=15, satype=2, alg_id=7, alg_ivlen=8, alg_minbits=40, alg_maxbits=448, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15, alg_id=12(ESP_AES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,12) fails because alg combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[13], exttype=15, satype=2, alg_id=12, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15, alg_id=252(ESP_SERPENT)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,252) fails because alg combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[14], exttype=15, satype=2, alg_id=252, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15, alg_id=22(ESP_CAMELLIA)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,22) fails because alg combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[15], exttype=15, satype=2, alg_id=22, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15, alg_id=253(ESP_TWOFISH)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,253) fails because alg combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[16], exttype=15, satype=2, alg_id=253, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15, alg_id=13(ESP_AES_CTR)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,13) fails because alg combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[17], exttype=15, satype=2, alg_id=13, alg_ivlen=8, alg_minbits=160, alg_maxbits=288, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | AH registered with kernel.
May 8 15:22:53 bitch pluto[19962]: | finish_pfkey_msg: K_SADB_REGISTER message 2 for ESP
May 8 15:22:53 bitch pluto[19962]: | 02 07 00 03 02 00 00 00 02 00 00 00 fa 4d 00 00
May 8 15:22:53 bitch pluto[19962]: | pfkey_get: K_SADB_REGISTER message 2
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: sadb_msg_len=22 sadb_supported_len=72
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14, alg_id=251(ESP_KAME_NULL)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=251
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[0], exttype=14, satype=3, alg_id=251, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14, alg_id=2(ESP_DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=2
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[1], exttype=14, satype=3, alg_id=2, alg_ivlen=0, alg_minbits=128, alg_maxbits=128, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14, alg_id=3(ESP_3DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=3
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[2], exttype=14, satype=3, alg_id=3, alg_ivlen=0, alg_minbits=160, alg_maxbits=160, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14, alg_id=5(ESP_IDEA)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=5
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[3], exttype=14, satype=3, alg_id=5, alg_ivlen=0, alg_minbits=256, alg_maxbits=256, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14, alg_id=6(ESP_CAST)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=6
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[4], exttype=14, satype=3, alg_id=6, alg_ivlen=0, alg_minbits=384, alg_maxbits=384, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14, alg_id=7(ESP_BLOWFISH)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=7
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[5], exttype=14, satype=3, alg_id=7, alg_ivlen=0, alg_minbits=512, alg_maxbits=512, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14, alg_id=8(ESP_3IDEA)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=8
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[6], exttype=14, satype=3, alg_id=8, alg_ivlen=0, alg_minbits=160, alg_maxbits=160, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14, alg_id=9(ESP_DES_IV32)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=9
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[7], exttype=14, satype=3, alg_id=9, alg_ivlen=0, alg_minbits=128, alg_maxbits=128, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: sadb_msg_len=22 sadb_supported_len=88
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=11(ESP_NULL)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[8], exttype=15, satype=3, alg_id=11, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=2(ESP_DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): Ignoring alg_id=2(ESP_DES) - too weak
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[9], exttype=15, satype=3, alg_id=2, alg_ivlen=8, alg_minbits=64, alg_maxbits=64, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=3(ESP_3DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[10], exttype=15, satype=3, alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=6(ESP_CAST)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[11], exttype=15, satype=3, alg_id=6, alg_ivlen=8, alg_minbits=40, alg_maxbits=128, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=7(ESP_BLOWFISH)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): Ignoring alg_id=7(ESP_BLOWFISH) - too weak
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[12], exttype=15, satype=3, alg_id=7, alg_ivlen=8, alg_minbits=40, alg_maxbits=448, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=12(ESP_AES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[13], exttype=15, satype=3, alg_id=12, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=252(ESP_SERPENT)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[14], exttype=15, satype=3, alg_id=252, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=22(ESP_CAMELLIA)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[15], exttype=15, satype=3, alg_id=22, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=253(ESP_TWOFISH)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[16], exttype=15, satype=3, alg_id=253, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15, alg_id=13(ESP_AES_CTR)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[17], exttype=15, satype=3, alg_id=13, alg_ivlen=8, alg_minbits=160, alg_maxbits=288, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | ESP registered with kernel.
May 8 15:22:53 bitch pluto[19962]: | finish_pfkey_msg: K_SADB_REGISTER message 3 for IPCOMP
May 8 15:22:53 bitch pluto[19962]: | 02 07 00 09 02 00 00 00 03 00 00 00 fa 4d 00 00
May 8 15:22:53 bitch pluto[19962]: | pfkey_get: K_SADB_REGISTER message 3
May 8 15:22:53 bitch pluto[19962]: | IPCOMP registered with kernel.
May 8 15:22:53 bitch pluto[19962]: | Registered AH, ESP and IPCOMP
May 8 15:22:53 bitch pluto[19962]: | Changed path to directory '/etc/ipsec.d/cacerts'
May 8 15:22:53 bitch pluto[19962]: | Changing to directory '/etc/ipsec.d/crls'
May 8 15:22:53 bitch pluto[19962]: | inserting event EVENT_LOG_DAILY, timeout in 31027 seconds
May 8 15:22:53 bitch pluto[19962]: | event added after event EVENT_REINIT_SECRET
May 8 15:22:53 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 60 seconds
May 8 15:22:54 bitch pluto[20012]: | calling addconn helper using execve
May 8 15:22:54 bitch pluto[19962]: |
May 8 15:22:54 bitch pluto[19962]: | *received whack message
May 8 15:22:54 bitch pluto[19962]: | find_host_pair_conn (check_connection_end): 192.168.10.254:500 %any:500 -> hp:none
May 8 15:22:54 bitch pluto[19962]: | Added new connection tunnel1-nat with policy PSK+ENCRYPT+DONT_REKEY+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW
May 8 15:22:54 bitch pluto[19962]: | counting wild cards for 192.168.10.254 is 0
May 8 15:22:54 bitch pluto[19962]: | counting wild cards for (none) is 15
May 8 15:22:54 bitch pluto[19962]: | based upon policy, the connection is a template.
May 8 15:22:54 bitch pluto[19962]: added connection description "tunnel1-nat"
May 8 15:22:54 bitch pluto[19962]: | %any:17/%any...192.168.10.254<192.168.10.254>:17/%any===vhost:?
May 8 15:22:54 bitch pluto[19962]: | ike_life: 28800s; ipsec_life: 3600s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3; policy: PSK+ENCRYPT+DONT_REKEY+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW
May 8 15:22:54 bitch pluto[19962]: | * processed 0 messages from cryptographic helpers
May 8 15:22:54 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 59 seconds
May 8 15:22:54 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 59 seconds
May 8 15:22:54 bitch pluto[19962]: |
May 8 15:22:54 bitch pluto[19962]: | *received whack message
May 8 15:22:54 bitch pluto[19962]: | find_host_pair_conn (check_connection_end): 192.168.10.254:500 %any:500 -> hp:none
May 8 15:22:54 bitch pluto[19962]: | Added new connection tunnel1 with policy PSK+ENCRYPT+DONT_REKEY+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW
May 8 15:22:54 bitch pluto[19962]: | counting wild cards for 192.168.10.254 is 0
May 8 15:22:54 bitch pluto[19962]: | counting wild cards for (none) is 15
May 8 15:22:54 bitch pluto[19962]: | based upon policy, the connection is a template.
May 8 15:22:54 bitch pluto[19962]: added connection description "tunnel1"
May 8 15:22:54 bitch pluto[19962]: | %any:17/%any...192.168.10.254<192.168.10.254>:17/%any
May 8 15:22:54 bitch pluto[19962]: | ike_life: 28800s; ipsec_life: 3600s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3; policy: PSK+ENCRYPT+DONT_REKEY+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW
May 8 15:22:54 bitch pluto[19962]: | * processed 0 messages from cryptographic helpers
May 8 15:22:54 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 59 seconds
May 8 15:22:54 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 59 seconds
May 8 15:22:54 bitch pluto[19962]: |
May 8 15:22:54 bitch pluto[19962]: | *received whack message
May 8 15:22:54 bitch pluto[19962]: listening for IKE messages
May 8 15:23:28 bitch pluto[19962]: |
May 8 15:23:28 bitch pluto[19962]: | *received 408 bytes from 192.168.10.25:500 on eth1 (port=500)
May 8 15:23:28 bitch pluto[19962]: | 3d 46 1f e3 1f 2f 33 ad 00 00 00 00 00 00 00 00
May 8 15:23:28 bitch pluto[19962]: | 01 10 02 00 00 00 00 00 00 00 01 98 0d 00 00 d4
May 8 15:23:28 bitch pluto[19962]: | 00 00 00 01 00 00 00 01 00 00 00 c8 01 01 00 05
May 8 15:23:28 bitch pluto[19962]: | 03 00 00 28 01 01 00 00 80 01 00 07 80 0e 01 00
May 8 15:23:28 bitch pluto[19962]: | 80 02 00 02 80 04 00 14 80 03 00 01 80 0b 00 01
May 8 15:23:28 bitch pluto[19962]: | 00 0c 00 04 00 00 70 80 03 00 00 28 02 01 00 00
May 8 15:23:28 bitch pluto[19962]: | 80 01 00 07 80 0e 00 80 80 02 00 02 80 04 00 13
May 8 15:23:28 bitch pluto[19962]: | 80 03 00 01 80 0b 00 01 00 0c 00 04 00 00 70 80
May 8 15:23:28 bitch pluto[19962]: | 03 00 00 28 03 01 00 00 80 01 00 07 80 0e 01 00
May 8 15:23:28 bitch pluto[19962]: | 80 02 00 02 80 04 00 0e 80 03 00 01 80 0b 00 01
May 8 15:23:28 bitch pluto[19962]: | 00 0c 00 04 00 00 70 80 03 00 00 24 04 01 00 00
May 8 15:23:28 bitch pluto[19962]: | 80 01 00 05 80 02 00 02 80 04 00 0e 80 03 00 01
May 8 15:23:28 bitch pluto[19962]: | 80 0b 00 01 00 0c 00 04 00 00 70 80 00 00 00 24
May 8 15:23:28 bitch pluto[19962]: | 05 01 00 00 80 01 00 05 80 02 00 02 80 04 00 02
May 8 15:23:28 bitch pluto[19962]: | 80 03 00 01 80 0b 00 01 00 0c 00 04 00 00 70 80
May 8 15:23:28 bitch pluto[19962]: | 0d 00 00 18 01 52 8b bb c0 06 96 12 18 49 ab 9a
May 8 15:23:28 bitch pluto[19962]: | 1c 5b 2a 51 00 00 00 01 0d 00 00 18 1e 2b 51 69
May 8 15:23:28 bitch pluto[19962]: | 05 99 1c 7d 7c 96 fc bf b5 87 e4 61 00 00 00 09
May 8 15:23:28 bitch pluto[19962]: | 0d 00 00 14 4a 13 1c 81 07 03 58 45 5c 57 28 f2
May 8 15:23:28 bitch pluto[19962]: | 0e 95 45 2f 0d 00 00 14 90 cb 80 91 3e bb 69 6e
May 8 15:23:28 bitch pluto[19962]: | 08 63 81 b5 ec 42 7b 1f 0d 00 00 14 40 48 b7 d5
May 8 15:23:28 bitch pluto[19962]: | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14
May 8 15:23:28 bitch pluto[19962]: | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be 08 55 f1 20
May 8 15:23:28 bitch pluto[19962]: | 0d 00 00 14 26 24 4d 38 ed db 61 b3 17 2a 36 e3
May 8 15:23:28 bitch pluto[19962]: | d0 cf b8 19 00 00 00 14 e3 a5 96 6a 76 37 9f e7
May 8 15:23:28 bitch pluto[19962]: | 07 22 82 31 e5 ce 86 52
May 8 15:23:28 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:23:28 bitch pluto[19962]: | initiator cookie:
May 8 15:23:28 bitch pluto[19962]: | 3d 46 1f e3 1f 2f 33 ad
May 8 15:23:28 bitch pluto[19962]: | responder cookie:
May 8 15:23:28 bitch pluto[19962]: | 00 00 00 00 00 00 00 00
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_SA
May 8 15:23:28 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0 (rfc2407)
May 8 15:23:28 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_IDPROT
May 8 15:23:28 bitch pluto[19962]: | flags: none
May 8 15:23:28 bitch pluto[19962]: | message ID: 00 00 00 00
May 8 15:23:28 bitch pluto[19962]: | length: 408
May 8 15:23:28 bitch pluto[19962]: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Security Association Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 212
May 8 15:23:28 bitch pluto[19962]: | DOI: ISAKMP_DOI_IPSEC
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 24
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 24
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 20
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 20
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 20
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 20
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 20
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_NONE
May 8 15:23:28 bitch pluto[19962]: | length: 20
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: ignoring unknown Vendor ID payload [01528bbbc00696121849ab9a1c5b2a5100000001]
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000009]
May 8 15:23:28 bitch pluto[19962]: | quirks.qnat_traversal_vid set to=83
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: received Vendor ID payload [RFC 3947]
May 8 15:23:28 bitch pluto[19962]: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-02_n]
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: received Vendor ID payload [FRAGMENTATION]
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: ignoring Vendor ID payload [Vid-Initial-Contact]
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: ignoring Vendor ID payload [IKE CGA version 1]
May 8 15:23:28 bitch pluto[19962]: | find_host_connection me=192.168.10.254:500 him=192.168.10.25:500 policy=none
May 8 15:23:28 bitch pluto[19962]: | find_host_pair: comparing to 192.168.10.254:500 0.0.0.0:500
May 8 15:23:28 bitch pluto[19962]: | find_host_pair_conn (find_host_connection): 192.168.10.254:500 192.168.10.25:500 -> hp:none
May 8 15:23:28 bitch pluto[19962]: | searching for connection with policy = none
May 8 15:23:28 bitch pluto[19962]: | find_host_connection returns empty
May 8 15:23:28 bitch pluto[19962]: | ****parse IPsec DOI SIT:
May 8 15:23:28 bitch pluto[19962]: | IPsec DOI SIT: SIT_IDENTITY_ONLY
May 8 15:23:28 bitch pluto[19962]: | ****parse ISAKMP Proposal Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_NONE
May 8 15:23:28 bitch pluto[19962]: | length: 200
May 8 15:23:28 bitch pluto[19962]: | proposal number: 1
May 8 15:23:28 bitch pluto[19962]: | protocol ID: PROTO_ISAKMP
May 8 15:23:28 bitch pluto[19962]: | SPI size: 0
May 8 15:23:28 bitch pluto[19962]: | number of transforms: 5
May 8 15:23:28 bitch pluto[19962]: | *****parse ISAKMP Transform Payload (ISAKMP):
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:23:28 bitch pluto[19962]: | length: 40
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform number: 1
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 7
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_KEY_LENGTH
May 8 15:23:28 bitch pluto[19962]: | length/value: 256
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 2
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:23:28 bitch pluto[19962]: | length/value: 20
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_TYPE
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_DURATION (variable length)
May 8 15:23:28 bitch pluto[19962]: | length/value: 4
May 8 15:23:28 bitch pluto[19962]: | *****parse ISAKMP Transform Payload (ISAKMP):
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:23:28 bitch pluto[19962]: | length: 40
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform number: 2
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 7
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_KEY_LENGTH
May 8 15:23:28 bitch pluto[19962]: | length/value: 128
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 2
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:23:28 bitch pluto[19962]: | length/value: 19
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_TYPE
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_DURATION (variable length)
May 8 15:23:28 bitch pluto[19962]: | length/value: 4
May 8 15:23:28 bitch pluto[19962]: | *****parse ISAKMP Transform Payload (ISAKMP):
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:23:28 bitch pluto[19962]: | length: 40
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform number: 3
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 7
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_KEY_LENGTH
May 8 15:23:28 bitch pluto[19962]: | length/value: 256
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 2
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:23:28 bitch pluto[19962]: | length/value: 14
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_TYPE
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_DURATION (variable length)
May 8 15:23:28 bitch pluto[19962]: | length/value: 4
May 8 15:23:28 bitch pluto[19962]: | *****parse ISAKMP Transform Payload (ISAKMP):
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:23:28 bitch pluto[19962]: | length: 36
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform number: 4
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 5
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 2
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:23:28 bitch pluto[19962]: | length/value: 14
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_TYPE
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:48 bitch pluto[19962]: |
May 8 15:23:48 bitch pluto[19962]: | next event EVENT_NAT_T_KEEPALIVE in 0 seconds
May 8 15:23:48 bitch pluto[19962]: | *time to handle event
May 8 15:23:48 bitch pluto[19962]: | handling event EVENT_NAT_T_KEEPALIVE
May 8 15:23:48 bitch pluto[19962]: | event after this is EVENT_PENDING_DDNS in 5 seconds
May 8 15:23:48 bitch pluto[19962]: | processing connection tunnel1-nat[2] 192.168.10.25
May 8 15:23:48 bitch pluto[19962]: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
May 8 15:23:48 bitch pluto[19962]: | processing connection tunnel1-nat[2] 192.168.10.25
May 8 15:23:48 bitch pluto[19962]: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
May 8 15:23:48 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 5 seconds
-------------- next part --------------
May 8 15:24:09 bitch pluto[19962]: |
May 8 15:24:09 bitch pluto[19962]: | *received 408 bytes from 192.168.10.25:1 on eth1 (port=500)
May 8 15:24:09 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df 00 00 00 00 00 00 00 00
May 8 15:24:09 bitch pluto[19962]: | 01 10 02 00 00 00 00 00 00 00 01 98 0d 00 00 d4
May 8 15:24:09 bitch pluto[19962]: | 00 00 00 01 00 00 00 01 00 00 00 c8 01 01 00 05
May 8 15:24:09 bitch pluto[19962]: | 03 00 00 28 01 01 00 00 80 01 00 07 80 0e 01 00
May 8 15:24:09 bitch pluto[19962]: | 80 02 00 02 80 04 00 14 80 03 00 01 80 0b 00 01
May 8 15:24:09 bitch pluto[19962]: | 00 0c 00 04 00 00 70 80 03 00 00 28 02 01 00 00
May 8 15:24:09 bitch pluto[19962]: | 80 01 00 07 80 0e 00 80 80 02 00 02 80 04 00 13
May 8 15:24:09 bitch pluto[19962]: | 80 03 00 01 80 0b 00 01 00 0c 00 04 00 00 70 80
May 8 15:24:09 bitch pluto[19962]: | 03 00 00 28 03 01 00 00 80 01 00 07 80 0e 01 00
May 8 15:24:09 bitch pluto[19962]: | 80 02 00 02 80 04 00 0e 80 03 00 01 80 0b 00 01
May 8 15:24:09 bitch pluto[19962]: | 00 0c 00 04 00 00 70 80 03 00 00 24 04 01 00 00
May 8 15:24:09 bitch pluto[19962]: | 80 01 00 05 80 02 00 02 80 04 00 0e 80 03 00 01
May 8 15:24:09 bitch pluto[19962]: | 80 0b 00 01 00 0c 00 04 00 00 70 80 00 00 00 24
May 8 15:24:09 bitch pluto[19962]: | 05 01 00 00 80 01 00 05 80 02 00 02 80 04 00 02
May 8 15:24:09 bitch pluto[19962]: | 80 03 00 01 80 0b 00 01 00 0c 00 04 00 00 70 80
May 8 15:24:09 bitch pluto[19962]: | 0d 00 00 18 01 52 8b bb c0 06 96 12 18 49 ab 9a
May 8 15:24:09 bitch pluto[19962]: | 1c 5b 2a 51 00 00 00 01 0d 00 00 18 1e 2b 51 69
May 8 15:24:09 bitch pluto[19962]: | 05 99 1c 7d 7c 96 fc bf b5 87 e4 61 00 00 00 09
May 8 15:24:09 bitch pluto[19962]: | 0d 00 00 14 4a 13 1c 81 07 03 58 45 5c 57 28 f2
May 8 15:24:09 bitch pluto[19962]: | 0e 95 45 2f 0d 00 00 14 90 cb 80 91 3e bb 69 6e
May 8 15:24:09 bitch pluto[19962]: | 08 63 81 b5 ec 42 7b 1f 0d 00 00 14 40 48 b7 d5
May 8 15:24:09 bitch pluto[19962]: | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14
May 8 15:24:09 bitch pluto[19962]: | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be 08 55 f1 20
May 8 15:24:09 bitch pluto[19962]: | 0d 00 00 14 26 24 4d 38 ed db 61 b3 17 2a 36 e3
May 8 15:24:09 bitch pluto[19962]: | d0 cf b8 19 00 00 00 14 e3 a5 96 6a 76 37 9f e7
May 8 15:24:09 bitch pluto[19962]: | 07 22 82 31 e5 ce 86 52
May 8 15:24:09 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:24:09 bitch pluto[19962]: | initiator cookie:
May 8 15:24:09 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:24:09 bitch pluto[19962]: | responder cookie:
May 8 15:24:09 bitch pluto[19962]: | 00 00 00 00 00 00 00 00
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_SA
May 8 15:24:09 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0 (rfc2407)
May 8 15:24:09 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_IDPROT
May 8 15:24:09 bitch pluto[19962]: | flags: none
May 8 15:24:09 bitch pluto[19962]: | message ID: 00 00 00 00
May 8 15:24:09 bitch pluto[19962]: | length: 408
May 8 15:24:09 bitch pluto[19962]: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Security Association Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 212
May 8 15:24:09 bitch pluto[19962]: | DOI: ISAKMP_DOI_IPSEC
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 24
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 24
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 20
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 20
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 20
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 20
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 20
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_NONE
May 8 15:24:09 bitch pluto[19962]: | length: 20
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: ignoring unknown Vendor ID payload [01528bbbc00696121849ab9a1c5b2a5100000001]
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000009]
May 8 15:24:09 bitch pluto[19962]: | quirks.qnat_traversal_vid set to=83
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: received Vendor ID payload [RFC 3947]
May 8 15:24:09 bitch pluto[19962]: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-02_n]
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: received Vendor ID payload [FRAGMENTATION]
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: ignoring Vendor ID payload [Vid-Initial-Contact]
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: ignoring Vendor ID payload [IKE CGA version 1]
May 8 15:24:09 bitch pluto[19962]: | find_host_connection me=192.168.10.254:500 him=192.168.10.25:1 policy=none
May 8 15:24:09 bitch pluto[19962]: | find_host_pair: comparing to 192.168.10.254:500 0.0.0.0:500
May 8 15:24:09 bitch pluto[19962]: | find_host_pair: comparing to 192.168.10.254:500 192.168.10.25:500
May 8 15:24:09 bitch pluto[19962]: | find_host_pair_conn (find_host_connection): 192.168.10.254:500 192.168.10.25:1 -> hp:tunnel1-nat
May 8 15:24:09 bitch pluto[19962]: | searching for connection with policy = none
May 8 15:24:09 bitch pluto[19962]: | found policy = PSK+ENCRYPT+DONT_REKEY+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW (tunnel1-nat)
May 8 15:24:09 bitch pluto[19962]: | find_host_connection returns tunnel1-nat
May 8 15:24:09 bitch pluto[19962]: | creating state object #3 at 0x7f4b99acae40
May 8 15:24:09 bitch pluto[19962]: | processing connection tunnel1-nat[2] 192.168.10.25
May 8 15:24:09 bitch pluto[19962]: | ICOOKIE: 14 d8 b2 ef 4f 94 ba df
May 8 15:24:09 bitch pluto[19962]: | RCOOKIE: f0 88 83 b3 05 30 fa ac
May 8 15:24:09 bitch pluto[19962]: | state hash entry 8
May 8 15:24:09 bitch pluto[19962]: | inserting state object #3
May 8 15:24:09 bitch pluto[19962]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #3
May 8 15:24:09 bitch pluto[19962]: | event added at head of queue
May 8 15:24:09 bitch pluto[19962]: | sender checking NAT-t: enabled and 83
May 8 15:24:09 bitch pluto[19962]: | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC
May 8 15:24:09 bitch pluto[19962]: "tunnel1-nat"[2] 192.168.10.25 #3: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
May 8 15:24:09 bitch pluto[19962]: "tunnel1-nat"[2] 192.168.10.25 #3: responding to Main Mode from unknown peer 192.168.10.25
May 8 15:24:09 bitch pluto[19962]: | **emit ISAKMP Message:
May 8 15:24:09 bitch pluto[19962]: | initiator cookie:
May 8 15:24:09 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:24:09 bitch pluto[19962]: | responder cookie:
May 8 15:24:09 bitch pluto[19962]: | f0 88 83 b3 05 30 fa ac
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_SA
May 8 15:24:09 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0 (rfc2407)
May 8 15:24:09 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_IDPROT
May 8 15:24:09 bitch pluto[19962]: | flags: none
May 8 15:24:09 bitch pluto[19962]: | message ID: 00 00 00 00
May 8 15:24:09 bitch pluto[19962]: | nat-t detected, sending nat-t VID
May 8 15:24:09 bitch pluto[19962]: | ***emit ISAKMP Security Association Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | DOI: ISAKMP_DOI_IPSEC
May 8 15:24:09 bitch pluto[19962]: | ****parse IPsec DOI SIT:
May 8 15:24:09 bitch pluto[19962]: | IPsec DOI SIT: SIT_IDENTITY_ONLY
May 8 15:24:09 bitch pluto[19962]: | ****parse ISAKMP Proposal Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_NONE
May 8 15:24:09 bitch pluto[19962]: | length: 200
May 8 15:24:09 bitch pluto[19962]: | proposal number: 1
May 8 15:24:09 bitch pluto[19962]: | protocol ID: PROTO_ISAKMP
May 8 15:24:09 bitch pluto[19962]: | SPI size: 0
May 8 15:24:09 bitch pluto[19962]: | number of transforms: 5
May 8 15:24:09 bitch pluto[19962]: | *****parse ISAKMP Transform Payload (ISAKMP):
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:24:09 bitch pluto[19962]: | length: 40
May 8 15:24:09 bitch pluto[19962]: | ISAKMP transform number: 1
May 8 15:24:09 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:24:09 bitch pluto[19962]: | length/value: 7
May 8 15:24:09 bitch pluto[19962]: | [7 is OAKLEY_AES_CBC]
May 8 15:24:09 bitch pluto[19962]: | ike_alg_enc_ok(ealg=7,key_len=0): blocksize=16, keyminlen=128, keydeflen=128, keymaxlen=256, ret=1
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_KEY_LENGTH
May 8 15:24:09 bitch pluto[19962]: | length/value: 256
May 8 15:24:09 bitch pluto[19962]: | ike_alg_enc_ok(ealg=7,key_len=256): blocksize=16, keyminlen=128, keydeflen=128, keymaxlen=256, ret=1
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:24:09 bitch pluto[19962]: | length/value: 2
May 8 15:24:09 bitch pluto[19962]: | [2 is OAKLEY_SHA1]
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:24:09 bitch pluto[19962]: | length/value: 20
May 8 15:24:09 bitch pluto[19962]: | [20 is OAKLEY_GROUP_ECP_384]
May 8 15:24:09 bitch pluto[19962]: "tunnel1-nat"[2] 192.168.10.25 #3: OAKLEY_GROUP 20 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
May 8 15:24:09 bitch pluto[19962]: | *****parse ISAKMP Transform Payload (ISAKMP):
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:24:09 bitch pluto[19962]: | length: 40
May 8 15:24:09 bitch pluto[19962]: | ISAKMP transform number: 2
May 8 15:24:09 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:24:09 bitch pluto[19962]: | length/value: 7
May 8 15:24:09 bitch pluto[19962]: | [7 is OAKLEY_AES_CBC]
May 8 15:24:09 bitch pluto[19962]: | ike_alg_enc_ok(ealg=7,key_len=0): blocksize=16, keyminlen=128, keydeflen=128, keymaxlen=256, ret=1
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_KEY_LENGTH
May 8 15:24:09 bitch pluto[19962]: | length/value: 128
May 8 15:24:09 bitch pluto[19962]: | ike_alg_enc_ok(ealg=7,key_len=128): blocksize=16, keyminlen=128, keydeflen=128, keymaxlen=256, ret=1
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:24:09 bitch pluto[19962]: | length/value: 2
May 8 15:24:09 bitch pluto[19962]: | [2 is OAKLEY_SHA1]
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:24:09 bitch pluto[19962]: | length/value: 19
May 8 15:24:09 bitch pluto[19962]: | [19 is OAKLEY_GROUP_ECP_256]
May 8 15:24:09 bitch pluto[19962]: "tunnel1-nat"[2] 192.168.10.25 #3: OAKLEY_GROUP 19 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
May 8 15:24:09 bitch pluto[19962]: | *****parse ISAKMP Transform Payload (ISAKMP):
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:24:09 bitch pluto[19962]: | length: 40
May 8 15:24:09 bitch pluto[19962]: | ISAKMP transform number: 3
May 8 15:24:09 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:24:09 bitch pluto[19962]: | length/value: 7
May 8 15:24:09 bitch pluto[19962]: | [7 is OAKLEY_AES_CBC]
May 8 15:24:09 bitch pluto[19962]: | ike_alg_enc_ok(ealg=7,key_len=0): blocksize=16, keyminlen=128, keydeflen=128, keymaxlen=256, ret=1
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_KEY_LENGTH
May 8 15:24:09 bitch pluto[19962]: | length/value: 256
May 8 15:24:09 bitch pluto[19962]: | ike_alg_enc_ok(ealg=7,key_len=256): blocksize=16, keyminlen=128, keydeflen=128, keymaxlen=256, ret=1
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:24:09 bitch pluto[19962]: | length/value: 2
May 8 15:24:09 bitch pluto[19962]: | [2 is OAKLEY_SHA1]
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:24:09 bitch pluto[19962]: | length/value: 14
May 8 15:24:09 bitch pluto[19962]: | [14 is OAKLEY_GROUP_MODP2048]
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 8 15:24:09 bitch pluto[19962]: | length/value: 1
May 8 15:24:21 bitch pluto[19962]: |
May 8 15:24:21 bitch pluto[19962]: | *received 444 bytes from 192.168.10.25:1024 on eth1 (port=4500)
May 8 15:24:21 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df f0 88 83 b3 05 30 fa ac
May 8 15:24:21 bitch pluto[19962]: | 08 10 20 01 00 00 00 01 00 00 01 bc 59 47 e1 29
May 8 15:24:21 bitch pluto[19962]: | 8f 66 e3 1f 0b 5d 9a 18 08 5a 18 4d 8b e7 ed d1
May 8 15:24:21 bitch pluto[19962]: | d7 72 45 fc 95 f1 e3 28 0b c7 98 e4 40 73 b4 3e
May 8 15:24:21 bitch pluto[19962]: | 8b b8 2a 82 07 bd 0d 93 80 84 5c 7b c3 1a a4 46
May 8 15:24:21 bitch pluto[19962]: | 71 91 eb cd c1 ad 84 8a 52 ed a2 69 7b cc 66 de
May 8 15:24:21 bitch pluto[19962]: | f7 29 d9 99 f8 48 6a 23 a7 e9 73 4a 47 34 de 5e
May 8 15:24:21 bitch pluto[19962]: | 58 85 f8 70 d9 72 ee ed 01 59 50 1a 01 85 af 57
May 8 15:24:21 bitch pluto[19962]: | e1 1b fb 6e a3 ff 41 d9 e5 3d 7d fd 86 5c 62 ef
May 8 15:24:21 bitch pluto[19962]: | 87 a6 1b 1f 8f 72 2d e5 67 fc 59 1a 1d 45 42 fe
May 8 15:24:21 bitch pluto[19962]: | 87 cd 05 6c 3e 39 e3 53 c7 b8 66 34 d6 ce 6f 51
May 8 15:24:21 bitch pluto[19962]: | 58 34 2f 6c 51 07 79 49 60 4b d6 e6 a6 2d a3 9d
May 8 15:24:21 bitch pluto[19962]: | 21 be dc e8 6a cd 64 4a e5 50 41 03 90 83 88 61
May 8 15:24:21 bitch pluto[19962]: | 02 ac 6e f0 f2 e4 09 8a 66 c1 7e 79 50 e9 f6 97
May 8 15:24:21 bitch pluto[19962]: | d8 80 86 2c 9e a7 db 52 44 74 a0 63 af 54 d4 0a
May 8 15:24:21 bitch pluto[19962]: | c5 58 46 13 50 dd 2e f8 31 4a 85 9f 70 19 7d e5
May 8 15:24:21 bitch pluto[19962]: | 89 d4 d4 85 3f da d3 ab 94 76 b5 98 bb 4c b5 ea
May 8 15:24:21 bitch pluto[19962]: | a6 88 65 70 c6 a9 08 87 e6 4e 94 02 db 06 b0 49
May 8 15:24:21 bitch pluto[19962]: | df 68 90 47 aa 88 8a ae bb 1b e3 1c 31 27 3a 31
May 8 15:24:21 bitch pluto[19962]: | 83 c4 7a 0e cd d2 b1 9c 3e 95 66 b9 83 c3 a9 9d
May 8 15:24:21 bitch pluto[19962]: | 30 73 a0 fe fe 87 c2 cf 4b 22 38 27 f2 e4 58 8d
May 8 15:24:21 bitch pluto[19962]: | de 8a 5c c5 99 dc 4b 5f 74 13 1e 9c 6d dd eb 5e
May 8 15:24:21 bitch pluto[19962]: | 8c c5 ca b3 ec 29 9c 32 0a 3a 32 16 aa 45 e1 09
May 8 15:24:21 bitch pluto[19962]: | 4c 5b 6a 20 43 53 fc 9f a6 99 4a 06 e2 de 0c 17
May 8 15:24:21 bitch pluto[19962]: | 2c 23 12 96 17 0e f1 1b ed ad 03 6c ec 90 26 35
May 8 15:24:21 bitch pluto[19962]: | ad 48 18 9e 69 46 e5 69 03 05 d1 c3 08 97 ff 44
May 8 15:24:21 bitch pluto[19962]: | 12 bd 74 c8 27 a9 d2 8e 21 78 eb ea a5 04 77 9f
May 8 15:24:21 bitch pluto[19962]: | 17 50 ad 8e 87 ca c8 92 e9 0b ff 9f
May 8 15:24:21 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:24:21 bitch pluto[19962]: | initiator cookie:
May 8 15:24:21 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:24:21 bitch pluto[19962]: | responder cookie:
May 8 15:24:21 bitch pluto[19962]: | f0 88 83 b3 05 30 fa ac
May 8 15:24:21 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_HASH
May 8 15:24:21 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0 (rfc2407)
May 8 15:24:21 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_QUICK
May 8 15:24:21 bitch pluto[19962]: | flags: ISAKMP_FLAG_v1_ENCRYPTION
May 8 15:24:21 bitch pluto[19962]: | message ID: 00 00 00 01
May 8 15:24:21 bitch pluto[19962]: | length: 444
May 8 15:24:21 bitch pluto[19962]: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32)
May 8 15:24:21 bitch pluto[19962]: | ICOOKIE: 14 d8 b2 ef 4f 94 ba df
May 8 15:24:21 bitch pluto[19962]: | RCOOKIE: f0 88 83 b3 05 30 fa ac
May 8 15:24:21 bitch pluto[19962]: | state hash entry 8
May 8 15:24:21 bitch pluto[19962]: | v1 peer and cookies match on #4, provided msgid 00000001 vs 00000001
May 8 15:24:21 bitch pluto[19962]: | v1 state object #4 found, in STATE_QUICK_R0
May 8 15:24:21 bitch pluto[19962]: | processing connection tunnel1-nat[3] 192.168.10.25
May 8 15:24:21 bitch pluto[19962]: | #4 state_busy:1872 st != NULL && st->st_calculating == FALSE;
May 8 15:24:21 bitch pluto[19962]: | received encrypted packet from 192.168.10.25:1024
May 8 15:24:21 bitch pluto[19962]: | decrypting 416 bytes using algorithm OAKLEY_AES_CBC
May 8 15:24:21 bitch pluto[19962]: | last Phase 1 IV:
May 8 15:24:21 bitch pluto[19962]: | current Phase 1 IV:
May 8 15:24:21 bitch pluto[19962]: | computed Phase 2 IV:
May 8 15:24:21 bitch pluto[19962]: | 47 9e 04 f3 d1 2d 11 2b 5c 04 c9 ee 67 e4 b1 e6
May 8 15:24:21 bitch pluto[19962]: | e2 01 ea 4e
May 8 15:24:21 bitch pluto[19962]: | NSS do_aes_cbc: enter
May 8 15:24:21 bitch pluto[19962]: | NSS do_aes_cbc: exit
May 8 15:24:21 bitch pluto[19962]: | decrypted:
May 8 15:24:21 bitch pluto[19962]: | 35 1f 3a 11 43 c0 b8 5e 17 f5 0f d0 05 fd 96 6a
May 8 15:24:21 bitch pluto[19962]: | 45 09 ea bd 48 6c 1f 3c 0a 00 01 18 00 00 00 01
May 8 15:24:21 bitch pluto[19962]: | 00 00 00 01 02 00 00 38 01 03 04 01 55 86 0d 10
May 8 15:24:21 bitch pluto[19962]: | 00 00 00 2c 01 0c 00 00 80 04 00 04 80 06 01 00
May 8 15:24:21 bitch pluto[19962]: | 80 05 00 02 80 01 00 01 00 02 00 04 00 00 0e 10
May 8 15:24:21 bitch pluto[19962]: | 80 01 00 02 00 02 00 04 00 03 d0 90 02 00 00 38
May 8 15:24:21 bitch pluto[19962]: | 02 03 04 01 55 86 0d 10 00 00 00 2c 01 0c 00 00
May 8 15:24:21 bitch pluto[19962]: | 80 04 00 04 80 06 00 80 80 05 00 02 80 01 00 01
May 8 15:24:21 bitch pluto[19962]: | 00 02 00 04 00 00 0e 10 80 01 00 02 00 02 00 04
May 8 15:24:21 bitch pluto[19962]: | 00 03 d0 90 02 00 00 34 03 03 04 01 55 86 0d 10
May 8 15:24:21 bitch pluto[19962]: | 00 00 00 28 01 03 00 00 80 04 00 04 80 05 00 02
May 8 15:24:21 bitch pluto[19962]: | 80 01 00 01 00 02 00 04 00 00 0e 10 80 01 00 02
May 8 15:24:21 bitch pluto[19962]: | 00 02 00 04 00 03 d0 90 02 00 00 34 04 03 04 01
May 8 15:24:21 bitch pluto[19962]: | 55 86 0d 10 00 00 00 28 01 02 00 00 80 04 00 04
May 8 15:24:21 bitch pluto[19962]: | 80 05 00 02 80 01 00 01 00 02 00 04 00 00 0e 10
May 8 15:24:21 bitch pluto[19962]: | 80 01 00 02 00 02 00 04 00 03 d0 90 00 00 00 34
May 8 15:24:21 bitch pluto[19962]: | 05 03 04 01 55 86 0d 10 00 00 00 28 01 0b 00 00
May 8 15:24:21 bitch pluto[19962]: | 80 04 00 04 80 05 00 02 80 01 00 01 00 02 00 04
May 8 15:24:21 bitch pluto[19962]: | 00 00 0e 10 80 01 00 02 00 02 00 04 00 03 d0 90
May 8 15:24:21 bitch pluto[19962]: | 05 00 00 34 e0 11 2a 0c 97 0d 5e 6c 3c a8 50 43
May 8 15:24:21 bitch pluto[19962]: | 30 65 43 4f e1 e9 8e ec ab eb 99 a7 65 49 cb 34
May 8 15:24:21 bitch pluto[19962]: | 1d aa 2f 86 f1 e8 ea fa 32 ff 2b eb 6d 6b 44 84
May 8 15:24:21 bitch pluto[19962]: | 5c f0 04 ff 05 00 00 0c 01 11 06 a5 c0 a8 08 81
May 8 15:24:21 bitch pluto[19962]: | 15 00 00 0c 01 11 06 a5 c0 a8 0a fe 15 00 00 0c
May 8 15:24:21 bitch pluto[19962]: | 01 00 00 00 c0 a8 08 81 00 00 00 0c 01 00 00 00
May 8 15:24:21 bitch pluto[19962]: | c0 a8 0a fe 00 00 00 00 00 00 00 00 00 00 00 00
May 8 15:24:21 bitch pluto[19962]: | next IV: a5 04 77 9f 17 50 ad 8e 87 ca c8 92 e9 0b ff 9f
May 8 15:24:21 bitch pluto[19962]: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502opt: 0x200030
May 8 15:24:21 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #4: next payload type of ISAKMP Hash Payload has an unknown value: 53
May 8 15:24:21 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #4: malformed payload in packet
May 8 15:24:21 bitch pluto[19962]: | * processed 0 messages from cryptographic helpers
May 8 15:24:21 bitch pluto[19962]: | next event EVENT_NAT_T_KEEPALIVE in 8 seconds
May 8 15:24:21 bitch pluto[19962]: | next event EVENT_NAT_T_KEEPALIVE in 8 seconds
May 8 15:24:29 bitch pluto[19962]: |
May 8 15:24:29 bitch pluto[19962]: | next event EVENT_NAT_T_KEEPALIVE in 0 seconds
May 8 15:24:29 bitch pluto[19962]: | *time to handle event
May 8 15:24:29 bitch pluto[19962]: | handling event EVENT_NAT_T_KEEPALIVE
May 8 15:24:29 bitch pluto[19962]: | event after this is EVENT_PENDING_DDNS in 24 seconds
May 8 15:24:29 bitch pluto[19962]: | processing connection tunnel1-nat[3] 192.168.10.25
May 8 15:24:29 bitch pluto[19962]: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
May 8 15:24:29 bitch pluto[19962]: | processing connection tunnel1-nat[3] 192.168.10.25
May 8 15:24:29 bitch pluto[19962]: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
May 8 15:24:29 bitch pluto[19962]: | processing connection tunnel1-nat[2] 192.168.10.25
May 8 15:24:29 bitch pluto[19962]: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
May 8 15:24:29 bitch pluto[19962]: | processing connection tunnel1-nat[2] 192.168.10.25
May 8 15:24:29 bitch pluto[19962]: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
May 8 15:24:29 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 24 seconds
May 8 15:24:36 bitch pluto[19962]: |
May 8 15:24:36 bitch pluto[19962]: | *received 444 bytes from 192.168.10.25:1024 on eth1 (port=4500)
May 8 15:24:36 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df f0 88 83 b3 05 30 fa ac
May 8 15:24:36 bitch pluto[19962]: | 08 10 20 01 00 00 00 01 00 00 01 bc 59 47 e1 29
May 8 15:24:36 bitch pluto[19962]: | 8f 66 e3 1f 0b 5d 9a 18 08 5a 18 4d 8b e7 ed d1
May 8 15:24:36 bitch pluto[19962]: | d7 72 45 fc 95 f1 e3 28 0b c7 98 e4 40 73 b4 3e
May 8 15:24:36 bitch pluto[19962]: | 8b b8 2a 82 07 bd 0d 93 80 84 5c 7b c3 1a a4 46
May 8 15:24:36 bitch pluto[19962]: | 71 91 eb cd c1 ad 84 8a 52 ed a2 69 7b cc 66 de
May 8 15:24:36 bitch pluto[19962]: | f7 29 d9 99 f8 48 6a 23 a7 e9 73 4a 47 34 de 5e
May 8 15:24:36 bitch pluto[19962]: | 58 85 f8 70 d9 72 ee ed 01 59 50 1a 01 85 af 57
May 8 15:24:36 bitch pluto[19962]: | e1 1b fb 6e a3 ff 41 d9 e5 3d 7d fd 86 5c 62 ef
May 8 15:24:36 bitch pluto[19962]: | 87 a6 1b 1f 8f 72 2d e5 67 fc 59 1a 1d 45 42 fe
May 8 15:24:36 bitch pluto[19962]: | 87 cd 05 6c 3e 39 e3 53 c7 b8 66 34 d6 ce 6f 51
May 8 15:24:36 bitch pluto[19962]: | 58 34 2f 6c 51 07 79 49 60 4b d6 e6 a6 2d a3 9d
May 8 15:24:36 bitch pluto[19962]: | 21 be dc e8 6a cd 64 4a e5 50 41 03 90 83 88 61
May 8 15:24:36 bitch pluto[19962]: | 02 ac 6e f0 f2 e4 09 8a 66 c1 7e 79 50 e9 f6 97
May 8 15:24:36 bitch pluto[19962]: | d8 80 86 2c 9e a7 db 52 44 74 a0 63 af 54 d4 0a
May 8 15:24:36 bitch pluto[19962]: | c5 58 46 13 50 dd 2e f8 31 4a 85 9f 70 19 7d e5
May 8 15:24:36 bitch pluto[19962]: | 89 d4 d4 85 3f da d3 ab 94 76 b5 98 bb 4c b5 ea
May 8 15:24:36 bitch pluto[19962]: | a6 88 65 70 c6 a9 08 87 e6 4e 94 02 db 06 b0 49
May 8 15:24:36 bitch pluto[19962]: | df 68 90 47 aa 88 8a ae bb 1b e3 1c 31 27 3a 31
May 8 15:24:36 bitch pluto[19962]: | 83 c4 7a 0e cd d2 b1 9c 3e 95 66 b9 83 c3 a9 9d
May 8 15:24:36 bitch pluto[19962]: | 30 73 a0 fe fe 87 c2 cf 4b 22 38 27 f2 e4 58 8d
May 8 15:24:36 bitch pluto[19962]: | de 8a 5c c5 99 dc 4b 5f 74 13 1e 9c 6d dd eb 5e
May 8 15:24:36 bitch pluto[19962]: | 8c c5 ca b3 ec 29 9c 32 0a 3a 32 16 aa 45 e1 09
May 8 15:24:36 bitch pluto[19962]: | 4c 5b 6a 20 43 53 fc 9f a6 99 4a 06 e2 de 0c 17
May 8 15:24:36 bitch pluto[19962]: | 2c 23 12 96 17 0e f1 1b ed ad 03 6c ec 90 26 35
May 8 15:24:36 bitch pluto[19962]: | ad 48 18 9e 69 46 e5 69 03 05 d1 c3 08 97 ff 44
May 8 15:24:36 bitch pluto[19962]: | 12 bd 74 c8 27 a9 d2 8e 21 78 eb ea a5 04 77 9f
May 8 15:24:36 bitch pluto[19962]: | 17 50 ad 8e 87 ca c8 92 e9 0b ff 9f
May 8 15:24:36 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:24:36 bitch pluto[19962]: | initiator cookie:
May 8 15:24:36 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:24:36 bitch pluto[19962]: | responder cookie:
May 8 15:24:36 bitch pluto[19962]: | f0 88 83 b3 05 30 fa ac
May 8 15:24:36 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_HASH
May 8 15:24:36 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0 (rfc2407)
May 8 15:24:36 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_QUICK
May 8 15:24:36 bitch pluto[19962]: | flags: ISAKMP_FLAG_v1_ENCRYPTION
May 8 15:24:36 bitch pluto[19962]: | message ID: 00 00 00 01
May 8 15:24:36 bitch pluto[19962]: | length: 444
May 8 15:24:36 bitch pluto[19962]: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32)
May 8 15:24:36 bitch pluto[19962]: | ICOOKIE: 14 d8 b2 ef 4f 94 ba df
May 8 15:24:36 bitch pluto[19962]: | RCOOKIE: f0 88 83 b3 05 30 fa ac
May 8 15:24:36 bitch pluto[19962]: | state hash entry 8
May 8 15:24:36 bitch pluto[19962]: | v1 peer and cookies match on #4, provided msgid 00000001 vs 00000001
May 8 15:24:36 bitch pluto[19962]: | v1 state object #4 found, in STATE_QUICK_R0
May 8 15:24:36 bitch pluto[19962]: | processing connection tunnel1-nat[3] 192.168.10.25
May 8 15:24:36 bitch pluto[19962]: | #4 state_busy:1872 st != NULL && st->st_calculating == FALSE;
May 8 15:24:36 bitch pluto[19962]: | received encrypted packet from 192.168.10.25:1024
May 8 15:24:36 bitch pluto[19962]: | decrypting 416 bytes using algorithm OAKLEY_AES_CBC
May 8 15:24:36 bitch pluto[19962]: | last Phase 1 IV:
May 8 15:24:36 bitch pluto[19962]: | current Phase 1 IV:
May 8 15:24:36 bitch pluto[19962]: | computed Phase 2 IV:
May 8 15:24:36 bitch pluto[19962]: | 47 9e 04 f3 d1 2d 11 2b 5c 04 c9 ee 67 e4 b1 e6
May 8 15:24:36 bitch pluto[19962]: | e2 01 ea 4e
May 8 15:24:36 bitch pluto[19962]: | NSS do_aes_cbc: enter
May 8 15:24:36 bitch pluto[19962]: | NSS do_aes_cbc: exit
May 8 15:24:36 bitch pluto[19962]: | decrypted:
May 8 15:24:36 bitch pluto[19962]: | 35 1f 3a 11 43 c0 b8 5e 17 f5 0f d0 05 fd 96 6a
May 8 15:24:36 bitch pluto[19962]: | 45 09 ea bd 48 6c 1f 3c 0a 00 01 18 00 00 00 01
May 8 15:24:36 bitch pluto[19962]: | 00 00 00 01 02 00 00 38 01 03 04 01 55 86 0d 10
May 8 15:24:36 bitch pluto[19962]: | 00 00 00 2c 01 0c 00 00 80 04 00 04 80 06 01 00
May 8 15:24:36 bitch pluto[19962]: | 80 05 00 02 80 01 00 01 00 02 00 04 00 00 0e 10
May 8 15:24:36 bitch pluto[19962]: | 80 01 00 02 00 02 00 04 00 03 d0 90 02 00 00 38
May 8 15:24:36 bitch pluto[19962]: | 02 03 04 01 55 86 0d 10 00 00 00 2c 01 0c 00 00
May 8 15:24:36 bitch pluto[19962]: | 80 04 00 04 80 06 00 80 80 05 00 02 80 01 00 01
May 8 15:24:36 bitch pluto[19962]: | 00 02 00 04 00 00 0e 10 80 01 00 02 00 02 00 04
May 8 15:24:36 bitch pluto[19962]: | 00 03 d0 90 02 00 00 34 03 03 04 01 55 86 0d 10
May 8 15:24:36 bitch pluto[19962]: | 00 00 00 28 01 03 00 00 80 04 00 04 80 05 00 02
May 8 15:24:36 bitch pluto[19962]: | 80 01 00 01 00 02 00 04 00 00 0e 10 80 01 00 02
May 8 15:24:36 bitch pluto[19962]: | 00 02 00 04 00 03 d0 90 02 00 00 34 04 03 04 01
May 8 15:24:36 bitch pluto[19962]: | 55 86 0d 10 00 00 00 28 01 02 00 00 80 04 00 04
May 8 15:24:36 bitch pluto[19962]: | 80 05 00 02 80 01 00 01 00 02 00 04 00 00 0e 10
May 8 15:24:36 bitch pluto[19962]: | 80 01 00 02 00 02 00 04 00 03 d0 90 00 00 00 34
May 8 15:24:36 bitch pluto[19962]: | 05 03 04 01 55 86 0d 10 00 00 00 28 01 0b 00 00
May 8 15:24:36 bitch pluto[19962]: | 80 04 00 04 80 05 00 02 80 01 00 01 00 02 00 04
May 8 15:24:36 bitch pluto[19962]: | 00 00 0e 10 80 01 00 02 00 02 00 04 00 03 d0 90
May 8 15:24:36 bitch pluto[19962]: | 05 00 00 34 e0 11 2a 0c 97 0d 5e 6c 3c a8 50 43
May 8 15:24:36 bitch pluto[19962]: | 30 65 43 4f e1 e9 8e ec ab eb 99 a7 65 49 cb 34
May 8 15:24:36 bitch pluto[19962]: | 1d aa 2f 86 f1 e8 ea fa 32 ff 2b eb 6d 6b 44 84
May 8 15:24:36 bitch pluto[19962]: | 5c f0 04 ff 05 00 00 0c 01 11 06 a5 c0 a8 08 81
May 8 15:24:36 bitch pluto[19962]: | 15 00 00 0c 01 11 06 a5 c0 a8 0a fe 15 00 00 0c
May 8 15:24:36 bitch pluto[19962]: | 01 00 00 00 c0 a8 08 81 00 00 00 0c 01 00 00 00
May 8 15:24:36 bitch pluto[19962]: | c0 a8 0a fe 00 00 00 00 00 00 00 00 00 00 00 00
May 8 15:24:36 bitch pluto[19962]: | next IV: a5 04 77 9f 17 50 ad 8e 87 ca c8 92 e9 0b ff 9f
May 8 15:24:36 bitch pluto[19962]: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502opt: 0x200030
May 8 15:24:36 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #4: next payload type of ISAKMP Hash Payload has an unknown value: 53
May 8 15:24:36 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #4: malformed payload in packet
May 8 15:24:36 bitch pluto[19962]: | * processed 0 messages from cryptographic helpers
May 8 15:24:36 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 17 seconds
May 8 15:24:36 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 17 seconds
May 8 15:24:39 bitch pluto[19962]: |
May 8 15:24:39 bitch pluto[19962]: | *received kernel message
May 8 15:24:39 bitch pluto[19962]: | netlink_get: XFRM_MSG_EXPIRE message
May 8 15:24:39 bitch pluto[19962]: | * processed 0 messages from cryptographic helpers
May 8 15:24:39 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 14 seconds
May 8 15:24:39 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 14 seconds
May 8 15:24:51 bitch pluto[19962]: |
May 8 15:24:51 bitch pluto[19962]: | *received 444 bytes from 192.168.10.25:1024 on eth1 (port=4500)
May 8 15:24:51 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df f0 88 83 b3 05 30 fa ac
May 8 15:24:51 bitch pluto[19962]: | 08 10 20 01 00 00 00 01 00 00 01 bc 59 47 e1 29
May 8 15:24:51 bitch pluto[19962]: | 8f 66 e3 1f 0b 5d 9a 18 08 5a 18 4d 8b e7 ed d1
May 8 15:24:51 bitch pluto[19962]: | d7 72 45 fc 95 f1 e3 28 0b c7 98 e4 40 73 b4 3e
May 8 15:24:51 bitch pluto[19962]: | 8b b8 2a 82 07 bd 0d 93 80 84 5c 7b c3 1a a4 46
May 8 15:24:51 bitch pluto[19962]: | 71 91 eb cd c1 ad 84 8a 52 ed a2 69 7b cc 66 de
May 8 15:24:51 bitch pluto[19962]: | f7 29 d9 99 f8 48 6a 23 a7 e9 73 4a 47 34 de 5e
May 8 15:24:51 bitch pluto[19962]: | 58 85 f8 70 d9 72 ee ed 01 59 50 1a 01 85 af 57
May 8 15:24:51 bitch pluto[19962]: | e1 1b fb 6e a3 ff 41 d9 e5 3d 7d fd 86 5c 62 ef
May 8 15:24:51 bitch pluto[19962]: | 87 a6 1b 1f 8f 72 2d e5 67 fc 59 1a 1d 45 42 fe
May 8 15:24:51 bitch pluto[19962]: | 87 cd 05 6c 3e 39 e3 53 c7 b8 66 34 d6 ce 6f 51
May 8 15:24:51 bitch pluto[19962]: | 58 34 2f 6c 51 07 79 49 60 4b d6 e6 a6 2d a3 9d
May 8 15:24:51 bitch pluto[19962]: | 21 be dc e8 6a cd 64 4a e5 50 41 03 90 83 88 61
May 8 15:24:51 bitch pluto[19962]: | 02 ac 6e f0 f2 e4 09 8a 66 c1 7e 79 50 e9 f6 97
May 8 15:24:51 bitch pluto[19962]: | d8 80 86 2c 9e a7 db 52 44 74 a0 63 af 54 d4 0a
May 8 15:24:51 bitch pluto[19962]: | c5 58 46 13 50 dd 2e f8 31 4a 85 9f 70 19 7d e5
May 8 15:24:51 bitch pluto[19962]: | 89 d4 d4 85 3f da d3 ab 94 76 b5 98 bb 4c b5 ea
May 8 15:24:51 bitch pluto[19962]: | a6 88 65 70 c6 a9 08 87 e6 4e 94 02 db 06 b0 49
May 8 15:24:51 bitch pluto[19962]: | df 68 90 47 aa 88 8a ae bb 1b e3 1c 31 27 3a 31
May 8 15:24:51 bitch pluto[19962]: | 83 c4 7a 0e cd d2 b1 9c 3e 95 66 b9 83 c3 a9 9d
May 8 15:24:51 bitch pluto[19962]: | 30 73 a0 fe fe 87 c2 cf 4b 22 38 27 f2 e4 58 8d
May 8 15:24:51 bitch pluto[19962]: | de 8a 5c c5 99 dc 4b 5f 74 13 1e 9c 6d dd eb 5e
May 8 15:24:51 bitch pluto[19962]: | 8c c5 ca b3 ec 29 9c 32 0a 3a 32 16 aa 45 e1 09
May 8 15:24:51 bitch pluto[19962]: | 4c 5b 6a 20 43 53 fc 9f a6 99 4a 06 e2 de 0c 17
May 8 15:24:51 bitch pluto[19962]: | 2c 23 12 96 17 0e f1 1b ed ad 03 6c ec 90 26 35
May 8 15:24:51 bitch pluto[19962]: | ad 48 18 9e 69 46 e5 69 03 05 d1 c3 08 97 ff 44
May 8 15:24:51 bitch pluto[19962]: | 12 bd 74 c8 27 a9 d2 8e 21 78 eb ea a5 04 77 9f
May 8 15:24:51 bitch pluto[19962]: | 17 50 ad 8e 87 ca c8 92 e9 0b ff 9f
May 8 15:24:51 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:24:51 bitch pluto[19962]: | initiator cookie:
May 8 15:24:51 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:24:51 bitch pluto[19962]: | responder cookie:
May 8 15:24:51 bitch pluto[19962]: | f0 88 83 b3 05 30 fa ac
May 8 15:24:51 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_HASH
May 8 15:24:51 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0 (rfc2407)
May 8 15:24:51 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_QUICK
May 8 15:24:51 bitch pluto[19962]: | flags: ISAKMP_FLAG_v1_ENCRYPTION
May 8 15:24:51 bitch pluto[19962]: | message ID: 00 00 00 01
May 8 15:24:51 bitch pluto[19962]: | length: 444
May 8 15:24:51 bitch pluto[19962]: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32)
May 8 15:24:51 bitch pluto[19962]: | ICOOKIE: 14 d8 b2 ef 4f 94 ba df
May 8 15:24:51 bitch pluto[19962]: | RCOOKIE: f0 88 83 b3 05 30 fa ac
May 8 15:24:51 bitch pluto[19962]: | state hash entry 8
May 8 15:24:51 bitch pluto[19962]: | v1 peer and cookies match on #4, provided msgid 00000001 vs 00000001
May 8 15:24:51 bitch pluto[19962]: | v1 state object #4 found, in STATE_QUICK_R0
May 8 15:24:51 bitch pluto[19962]: | processing connection tunnel1-nat[3] 192.168.10.25
May 8 15:24:51 bitch pluto[19962]: | #4 state_busy:1872 st != NULL && st->st_calculating == FALSE;
May 8 15:24:51 bitch pluto[19962]: | received encrypted packet from 192.168.10.25:1024
May 8 15:24:51 bitch pluto[19962]: | decrypting 416 bytes using algorithm OAKLEY_AES_CBC
May 8 15:24:51 bitch pluto[19962]: | last Phase 1 IV:
May 8 15:24:51 bitch pluto[19962]: | current Phase 1 IV:
May 8 15:24:51 bitch pluto[19962]: | computed Phase 2 IV:
May 8 15:24:51 bitch pluto[19962]: | 47 9e 04 f3 d1 2d 11 2b 5c 04 c9 ee 67 e4 b1 e6
May 8 15:24:51 bitch pluto[19962]: | e2 01 ea 4e
May 8 15:24:51 bitch pluto[19962]: | NSS do_aes_cbc: enter
May 8 15:24:51 bitch pluto[19962]: | NSS do_aes_cbc: exit
May 8 15:24:51 bitch pluto[19962]: | decrypted:
May 8 15:24:51 bitch pluto[19962]: | 35 1f 3a 11 43 c0 b8 5e 17 f5 0f d0 05 fd 96 6a
May 8 15:24:51 bitch pluto[19962]: | 45 09 ea bd 48 6c 1f 3c 0a 00 01 18 00 00 00 01
May 8 15:24:51 bitch pluto[19962]: | 00 00 00 01 02 00 00 38 01 03 04 01 55 86 0d 10
May 8 15:24:51 bitch pluto[19962]: | 00 00 00 2c 01 0c 00 00 80 04 00 04 80 06 01 00
May 8 15:24:51 bitch pluto[19962]: | 80 05 00 02 80 01 00 01 00 02 00 04 00 00 0e 10
May 8 15:24:51 bitch pluto[19962]: | 80 01 00 02 00 02 00 04 00 03 d0 90 02 00 00 38
May 8 15:24:51 bitch pluto[19962]: | 02 03 04 01 55 86 0d 10 00 00 00 2c 01 0c 00 00
May 8 15:24:51 bitch pluto[19962]: | 80 04 00 04 80 06 00 80 80 05 00 02 80 01 00 01
May 8 15:24:51 bitch pluto[19962]: | 00 02 00 04 00 00 0e 10 80 01 00 02 00 02 00 04
May 8 15:24:51 bitch pluto[19962]: | 00 03 d0 90 02 00 00 34 03 03 04 01 55 86 0d 10
May 8 15:24:51 bitch pluto[19962]: | 00 00 00 28 01 03 00 00 80 04 00 04 80 05 00 02
May 8 15:24:51 bitch pluto[19962]: | 80 01 00 01 00 02 00 04 00 00 0e 10 80 01 00 02
May 8 15:24:51 bitch pluto[19962]: | 00 02 00 04 00 03 d0 90 02 00 00 34 04 03 04 01
May 8 15:24:51 bitch pluto[19962]: | 55 86 0d 10 00 00 00 28 01 02 00 00 80 04 00 04
May 8 15:24:51 bitch pluto[19962]: | 80 05 00 02 80 01 00 01 00 02 00 04 00 00 0e 10
May 8 15:24:51 bitch pluto[19962]: | 80 01 00 02 00 02 00 04 00 03 d0 90 00 00 00 34
May 8 15:24:51 bitch pluto[19962]: | 05 03 04 01 55 86 0d 10 00 00 00 28 01 0b 00 00
May 8 15:24:51 bitch pluto[19962]: | 80 04 00 04 80 05 00 02 80 01 00 01 00 02 00 04
May 8 15:24:51 bitch pluto[19962]: | 00 00 0e 10 80 01 00 02 00 02 00 04 00 03 d0 90
May 8 15:24:51 bitch pluto[19962]: | 05 00 00 34 e0 11 2a 0c 97 0d 5e 6c 3c a8 50 43
May 8 15:24:51 bitch pluto[19962]: | 30 65 43 4f e1 e9 8e ec ab eb 99 a7 65 49 cb 34
May 8 15:24:51 bitch pluto[19962]: | 1d aa 2f 86 f1 e8 ea fa 32 ff 2b eb 6d 6b 44 84
May 8 15:24:51 bitch pluto[19962]: | 5c f0 04 ff 05 00 00 0c 01 11 06 a5 c0 a8 08 81
May 8 15:24:51 bitch pluto[19962]: | 15 00 00 0c 01 11 06 a5 c0 a8 0a fe 15 00 00 0c
May 8 15:24:51 bitch pluto[19962]: | 01 00 00 00 c0 a8 08 81 00 00 00 0c 01 00 00 00
May 8 15:24:51 bitch pluto[19962]: | c0 a8 0a fe 00 00 00 00 00 00 00 00 00 00 00 00
May 8 15:24:51 bitch pluto[19962]: | next IV: a5 04 77 9f 17 50 ad 8e 87 ca c8 92 e9 0b ff 9f
May 8 15:24:51 bitch pluto[19962]: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502opt: 0x200030
May 8 15:24:51 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #4: next payload type of ISAKMP Hash Payload has an unknown value: 53
May 8 15:24:51 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #4: malformed payload in packet
May 8 15:24:51 bitch pluto[19962]: | * processed 0 messages from cryptographic helpers
May 8 15:24:51 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 2 seconds
May 8 15:24:51 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 2 seconds
May 8 15:24:53 bitch pluto[19962]: |
May 8 15:24:53 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 0 seconds
May 8 15:24:53 bitch pluto[19962]: | *time to handle event
May 8 15:24:53 bitch pluto[19962]: | handling event EVENT_PENDING_DDNS
May 8 15:24:53 bitch pluto[19962]: | event after this is EVENT_PENDING_PHASE2 in 0 seconds
May 8 15:24:53 bitch pluto[19962]: | inserting event EVENT_PENDING_DDNS, timeout in 60 seconds
May 8 15:24:53 bitch pluto[19962]: | event added after event EVENT_PENDING_PHASE2
May 8 15:24:53 bitch pluto[19962]: | handling event EVENT_PENDING_PHASE2
May 8 15:24:53 bitch pluto[19962]: | event after this is EVENT_PENDING_DDNS in 60 seconds
May 8 15:24:53 bitch pluto[19962]: | inserting event EVENT_PENDING_PHASE2, timeout in 120 seconds
May 8 15:24:53 bitch pluto[19962]: | event added after event EVENT_PENDING_DDNS
May 8 15:24:53 bitch pluto[19962]: | pending review: connection "tunnel1-nat" was not up, skipped
May 8 15:24:53 bitch pluto[19962]: | pending review: connection "tunnel1-nat" was not up, skipped
May 8 15:24:53 bitch pluto[19962]: | pending review: connection "tunnel1" was not up, skipped
May 8 15:24:53 bitch pluto[19962]: | pending review: connection "tunnel1-nat" was not up, skipped
May 8 15:24:53 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 60 seconds
May 8 15:25:06 bitch pluto[19962]: |
May 8 15:25:06 bitch pluto[19962]: | *received 92 bytes from 192.168.10.25:1024 on eth1 (port=4500)
May 8 15:25:06 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | 08 10 05 01 d8 23 be 34 00 00 00 5c 5d 9e e0 32
May 8 15:25:06 bitch pluto[19962]: | 52 a4 62 64 1b e2 c1 dc 0a 7f 30 ac 6d 2f a3 a1
May 8 15:25:06 bitch pluto[19962]: | 11 d8 40 d1 32 21 5c 38 d6 bb b4 ce 13 7c fd e1
May 8 15:25:06 bitch pluto[19962]: | e8 47 df ea 09 6e e9 ef 79 07 b0 7a 26 00 22 5b
May 8 15:25:06 bitch pluto[19962]: | f0 ff 04 15 15 b5 5d 10 13 3c f7 c7
May 8 15:25:06 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:25:06 bitch pluto[19962]: | initiator cookie:
May 8 15:25:06 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:25:06 bitch pluto[19962]: | responder cookie:
May 8 15:25:06 bitch pluto[19962]: | f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_HASH
May 8 15:25:06 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0 (rfc2407)
May 8 15:25:06 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_INFO
May 8 15:25:06 bitch pluto[19962]: | flags: ISAKMP_FLAG_v1_ENCRYPTION
May 8 15:25:06 bitch pluto[19962]: | message ID: d8 23 be 34
May 8 15:25:06 bitch pluto[19962]: | length: 92
May 8 15:25:06 bitch pluto[19962]: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5)
May 8 15:25:06 bitch pluto[19962]: | ICOOKIE: 14 d8 b2 ef 4f 94 ba df
May 8 15:25:06 bitch pluto[19962]: | RCOOKIE: f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | state hash entry 8
May 8 15:25:06 bitch pluto[19962]: | peer and cookies match on #4, provided msgid 00000000 vs 00000001/00000000
May 8 15:25:06 bitch pluto[19962]: | peer and cookies match on #3, provided msgid 00000000 vs 00000000/00000000
May 8 15:25:06 bitch pluto[19962]: | p15 state object #3 found, in STATE_MAIN_R3
May 8 15:25:06 bitch pluto[19962]: | processing connection tunnel1-nat[3] 192.168.10.25
May 8 15:25:06 bitch pluto[19962]: | last Phase 1 IV: 53 41 2a e1 b8 a2 fc 76 69 fb 40 db ce b2 02 3f
May 8 15:25:06 bitch pluto[19962]: | current Phase 1 IV: 53 41 2a e1 b8 a2 fc 76 69 fb 40 db ce b2 02 3f
May 8 15:25:06 bitch pluto[19962]: | computed Phase 2 IV:
May 8 15:25:06 bitch pluto[19962]: | 50 29 a2 ac 14 60 d7 a6 b7 cc ab f9 77 5b de eb
May 8 15:25:06 bitch pluto[19962]: | 8b 83 d9 d2
May 8 15:25:06 bitch pluto[19962]: | #3 state_busy:1872 st != NULL && st->st_calculating == FALSE;
May 8 15:25:06 bitch pluto[19962]: | received encrypted packet from 192.168.10.25:1024
May 8 15:25:06 bitch pluto[19962]: | decrypting 64 bytes using algorithm OAKLEY_AES_CBC
May 8 15:25:06 bitch pluto[19962]: | NSS do_aes_cbc: enter
May 8 15:25:06 bitch pluto[19962]: | NSS do_aes_cbc: exit
May 8 15:25:06 bitch pluto[19962]: | decrypted:
May 8 15:25:06 bitch pluto[19962]: | 0c 00 00 18 b2 ae 09 20 39 25 03 dd d1 5a e2 a7
May 8 15:25:06 bitch pluto[19962]: | d6 7e c8 9e f0 5f ed e0 00 00 00 1c 00 00 00 01
May 8 15:25:06 bitch pluto[19962]: | 01 10 00 01 14 d8 b2 ef 4f 94 ba df f0 88 83 b3
May 8 15:25:06 bitch pluto[19962]: | 05 30 fa ac 00 00 00 00 00 00 00 00 00 00 00 00
May 8 15:25:06 bitch pluto[19962]: | next IV: 26 00 22 5b f0 ff 04 15 15 b5 5d 10 13 3c f7 c7
May 8 15:25:06 bitch pluto[19962]: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100opt: 0x0
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Hash Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_D
May 8 15:25:06 bitch pluto[19962]: | length: 24
May 8 15:25:06 bitch pluto[19962]: | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0opt: 0x0
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Delete Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_NONE
May 8 15:25:06 bitch pluto[19962]: | length: 28
May 8 15:25:06 bitch pluto[19962]: | DOI: ISAKMP_DOI_IPSEC
May 8 15:25:06 bitch pluto[19962]: | protocol ID: 1
May 8 15:25:06 bitch pluto[19962]: | SPI size: 16
May 8 15:25:06 bitch pluto[19962]: | number of SPIs: 1
May 8 15:25:06 bitch pluto[19962]: | removing 12 bytes of padding
May 8 15:25:06 bitch pluto[19962]: | parsing 8 raw bytes of ISAKMP Delete Payload into iCookie
May 8 15:25:06 bitch pluto[19962]: | iCookie 14 d8 b2 ef 4f 94 ba df
May 8 15:25:06 bitch pluto[19962]: | parsing 8 raw bytes of ISAKMP Delete Payload into rCookie
May 8 15:25:06 bitch pluto[19962]: | rCookie f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | ICOOKIE: 14 d8 b2 ef 4f 94 ba df
May 8 15:25:06 bitch pluto[19962]: | RCOOKIE: f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | state hash entry 8
May 8 15:25:06 bitch pluto[19962]: | v1 peer and cookies match on #4, provided msgid 00000000 vs 00000001
May 8 15:25:06 bitch pluto[19962]: | v1 peer and cookies match on #3, provided msgid 00000000 vs 00000000
May 8 15:25:06 bitch pluto[19962]: | v1 state object #3 found, in STATE_MAIN_R3
May 8 15:25:06 bitch pluto[19962]: | del:
May 8 15:25:06 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #3: received Delete SA payload: self-deleting ISAKMP State #3
May 8 15:25:06 bitch pluto[19962]: | deleting state #3
May 8 15:25:06 bitch pluto[19962]: | **emit ISAKMP Message:
May 8 15:25:06 bitch pluto[19962]: | initiator cookie:
May 8 15:25:06 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:25:06 bitch pluto[19962]: | responder cookie:
May 8 15:25:06 bitch pluto[19962]: | f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_HASH
May 8 15:25:06 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0 (rfc2407)
May 8 15:25:06 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_INFO
May 8 15:25:06 bitch pluto[19962]: | flags: ISAKMP_FLAG_v1_ENCRYPTION
May 8 15:25:06 bitch pluto[19962]: | message ID: 48 68 95 9b
May 8 15:25:06 bitch pluto[19962]: | ***emit ISAKMP Hash Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_D
May 8 15:25:06 bitch pluto[19962]: | emitting 20 zero bytes of HASH(1) into ISAKMP Hash Payload
May 8 15:25:06 bitch pluto[19962]: | emitting length of ISAKMP Hash Payload: 24
May 8 15:25:06 bitch pluto[19962]: | ***emit ISAKMP Delete Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_NONE
May 8 15:25:06 bitch pluto[19962]: | DOI: ISAKMP_DOI_IPSEC
May 8 15:25:06 bitch pluto[19962]: | protocol ID: 1
May 8 15:25:06 bitch pluto[19962]: | SPI size: 16
May 8 15:25:06 bitch pluto[19962]: | number of SPIs: 1
May 8 15:25:06 bitch pluto[19962]: | emitting 16 raw bytes of delete payload into ISAKMP Delete Payload
May 8 15:25:06 bitch pluto[19962]: | delete payload 14 d8 b2 ef 4f 94 ba df f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | emitting length of ISAKMP Delete Payload: 28
May 8 15:25:06 bitch pluto[19962]: | hmac_update data value:
May 8 15:25:06 bitch pluto[19962]: | 48 68 95 9b
May 8 15:25:06 bitch pluto[19962]: | hmac_update: inside if
May 8 15:25:06 bitch pluto[19962]: | hmac_update: after digest
May 8 15:25:06 bitch pluto[19962]: | hmac_update: after assert
May 8 15:25:06 bitch pluto[19962]: | hmac_update data value:
May 8 15:25:06 bitch pluto[19962]: | 00 00 00 1c 00 00 00 01 01 10 00 01 14 d8 b2 ef
May 8 15:25:06 bitch pluto[19962]: | 4f 94 ba df f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | hmac_update: inside if
May 8 15:25:06 bitch pluto[19962]: | hmac_update: after digest
May 8 15:25:06 bitch pluto[19962]: | hmac_update: after assert
May 8 15:25:06 bitch pluto[19962]: | HASH(1) computed:
May 8 15:25:06 bitch pluto[19962]: | 97 ae 28 72 63 15 b8 1d 0f c9 ac 41 f1 8a 1b b6
May 8 15:25:06 bitch pluto[19962]: | e5 39 64 15
May 8 15:25:06 bitch pluto[19962]: | last Phase 1 IV: 53 41 2a e1 b8 a2 fc 76 69 fb 40 db ce b2 02 3f
May 8 15:25:06 bitch pluto[19962]: | current Phase 1 IV: 53 41 2a e1 b8 a2 fc 76 69 fb 40 db ce b2 02 3f
May 8 15:25:06 bitch pluto[19962]: | computed Phase 2 IV:
May 8 15:25:06 bitch pluto[19962]: | 0f 7d 4d 9a 44 c6 9a 97 fe 8c 65 66 42 86 03 b7
May 8 15:25:06 bitch pluto[19962]: | d7 98 e2 ba
May 8 15:25:06 bitch pluto[19962]: | encrypting: 0c 00 00 18 97 ae 28 72 63 15 b8 1d 0f c9 ac 41
May 8 15:25:06 bitch pluto[19962]: | encrypting: f1 8a 1b b6 e5 39 64 15 00 00 00 1c 00 00 00 01
May 8 15:25:06 bitch pluto[19962]: | encrypting: 01 10 00 01 14 d8 b2 ef 4f 94 ba df f0 88 83 b3
May 8 15:25:06 bitch pluto[19962]: | encrypting: 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | IV: 0f 7d 4d 9a 44 c6 9a 97 fe 8c 65 66 42 86 03 b7
May 8 15:25:06 bitch pluto[19962]: | IV: d7 98 e2 ba
May 8 15:25:06 bitch pluto[19962]: | unpadded size is: 52
May 8 15:25:06 bitch pluto[19962]: | emitting 12 zero bytes of encryption padding into ISAKMP Message
May 8 15:25:06 bitch pluto[19962]: | encrypting 64 using OAKLEY_AES_CBC
May 8 15:25:06 bitch pluto[19962]: | NSS do_aes_cbc: enter
May 8 15:25:06 bitch pluto[19962]: | NSS do_aes_cbc: exit
May 8 15:25:06 bitch pluto[19962]: | next IV: 7f e3 14 24 66 ac 28 aa 8a 4f 4f a8 8b 26 a2 3d
May 8 15:25:06 bitch pluto[19962]: | no IKE message padding required
May 8 15:25:06 bitch pluto[19962]: | emitting length of ISAKMP Message: 92
May 8 15:25:06 bitch pluto[19962]: | sending 96 bytes for delete notify through eth1:4500 to 192.168.10.25:1024 (using #3)
May 8 15:25:06 bitch pluto[19962]: | 00 00 00 00 14 d8 b2 ef 4f 94 ba df f0 88 83 b3
May 8 15:25:06 bitch pluto[19962]: | 05 30 fa ac 08 10 05 01 48 68 95 9b 00 00 00 5c
May 8 15:25:06 bitch pluto[19962]: | d9 7a 25 09 81 b8 60 e7 fb a8 ca 9e d5 91 0f ca
May 8 15:25:06 bitch pluto[19962]: | a9 a0 12 86 26 ba 76 cd 45 c5 b2 9e 9f c7 e6 77
May 8 15:25:06 bitch pluto[19962]: | 79 a1 c5 78 f8 71 5f 62 34 bc 04 08 69 49 4e 94
May 8 15:25:06 bitch pluto[19962]: | 7f e3 14 24 66 ac 28 aa 8a 4f 4f a8 8b 26 a2 3d
May 8 15:25:06 bitch pluto[19962]: | deleting event for #3
May 8 15:25:06 bitch pluto[19962]: packet from 192.168.10.25:1024: received and ignored empty informational notification payload
May 8 15:25:06 bitch pluto[19962]: | complete v1 state transition with STF_IGNORE
May 8 15:25:06 bitch pluto[19962]: | * processed 0 messages from cryptographic helpers
May 8 15:25:06 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 47 seconds
May 8 15:25:06 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 47 seconds
May 8 15:25:06 bitch pluto[19962]: |
May 8 15:25:06 bitch pluto[19962]: | *received 408 bytes from 192.168.10.25:1 on eth1 (port=500)
May 8 15:25:06 bitch pluto[19962]: | 06 41 ba f0 fe 82 86 ea 00 00 00 00 00 00 00 00
May 8 15:25:06 bitch pluto[19962]: | 01 10 02 00 00 00 00 00 00 00 01 98 0d 00 00 d4
May 8 15:25:06 bitch pluto[19962]: | 00 00 00 01 00 00 00 01 00 00 00 c8 01 01 00 05
May 8 15:25:06 bitch pluto[19962]: | 03 00 00 28 01 01 00 00 80 01 00 07 80 0e 01 00
May 8 15:25:06 bitch pluto[19962]: | 80 02 00 02 80 04 00 14 80 03 00 01 80 0b 00 01
May 8 15:25:06 bitch pluto[19962]: | 00 0c 00 04 00 00 70 80 03 00 00 28 02 01 00 00
May 8 15:25:06 bitch pluto[19962]: | 80 01 00 07 80 0e 00 80 80 02 00 02 80 04 00 13
May 8 15:25:06 bitch pluto[19962]: | 80 03 00 01 80 0b 00 01 00 0c 00 04 00 00 70 80
May 8 15:25:06 bitch pluto[19962]: | 03 00 00 28 03 01 00 00 80 01 00 07 80 0e 01 00
May 8 15:25:06 bitch pluto[19962]: | 80 02 00 02 80 04 00 0e 80 03 00 01 80 0b 00 01
May 8 15:25:06 bitch pluto[19962]: | 00 0c 00 04 00 00 70 80 03 00 00 24 04 01 00 00
May 8 15:25:06 bitch pluto[19962]: | 80 01 00 05 80 02 00 02 80 04 00 0e 80 03 00 01
May 8 15:25:06 bitch pluto[19962]: | 80 0b 00 01 00 0c 00 04 00 00 70 80 00 00 00 24
May 8 15:25:06 bitch pluto[19962]: | 05 01 00 00 80 01 00 05 80 02 00 02 80 04 00 02
May 8 15:25:06 bitch pluto[19962]: | 80 03 00 01 80 0b 00 01 00 0c 00 04 00 00 70 80
May 8 15:25:06 bitch pluto[19962]: | 0d 00 00 18 01 52 8b bb c0 06 96 12 18 49 ab 9a
May 8 15:25:06 bitch pluto[19962]: | 1c 5b 2a 51 00 00 00 01 0d 00 00 18 1e 2b 51 69
May 8 15:25:06 bitch pluto[19962]: | 05 99 1c 7d 7c 96 fc bf b5 87 e4 61 00 00 00 09
May 8 15:25:06 bitch pluto[19962]: | 0d 00 00 14 4a 13 1c 81 07 03 58 45 5c 57 28 f2
May 8 15:25:06 bitch pluto[19962]: | 0e 95 45 2f 0d 00 00 14 90 cb 80 91 3e bb 69 6e
May 8 15:25:06 bitch pluto[19962]: | 08 63 81 b5 ec 42 7b 1f 0d 00 00 14 40 48 b7 d5
May 8 15:25:06 bitch pluto[19962]: | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 0d 00 00 14
May 8 15:25:06 bitch pluto[19962]: | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be 08 55 f1 20
May 8 15:25:06 bitch pluto[19962]: | 0d 00 00 14 26 24 4d 38 ed db 61 b3 17 2a 36 e3
May 8 15:25:06 bitch pluto[19962]: | d0 cf b8 19 00 00 00 14 e3 a5 96 6a 76 37 9f e7
May 8 15:25:06 bitch pluto[19962]: | 07 22 82 31 e5 ce 86 52
May 8 15:25:06 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:25:06 bitch pluto[19962]: | initiator cookie:
May 8 15:25:06 bitch pluto[19962]: | 06 41 ba f0 fe 82 86 ea
May 8 15:25:06 bitch pluto[19962]: | responder cookie:
May 8 15:25:06 bitch pluto[19962]: | 00 00 00 00 00 00 00 00
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_SA
May 8 15:25:06 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0 (rfc2407)
May 8 15:25:06 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_IDPROT
May 8 15:25:06 bitch pluto[19962]: | flags: none
May 8 15:25:06 bitch pluto[19962]: | message ID: 00 00 00 00
May 8 15:25:06 bitch pluto[19962]: | length: 408
May 8 15:25:06 bitch pluto[19962]: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
May 8 15:25:06 bitch pluto[19962]: | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2opt: 0x2080
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Security Association Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:25:06 bitch pluto[19962]: | length: 212
May 8 15:25:06 bitch pluto[19962]: | DOI: ISAKMP_DOI_IPSEC
May 8 15:25:06 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:25:06 bitch pluto[19962]: | length: 24
May 8 15:25:06 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:25:06 bitch pluto[19962]: | length: 24
May 8 15:25:06 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:25:06 bitch pluto[19962]: | length: 20
May 8 15:25:06 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:25:06 bitch pluto[19962]: | length: 20
May 8 15:25:06 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID) needed: 0x0opt: 0x2080
More information about the Swan
mailing list