[Swan] windows 10 Policy Match Error
Computerisms Corporation
bob at computerisms.ca
Fri Oct 4 16:30:52 UTC 2019
Hi Nels and Paul,
Apologies for the delayed reply, I was overly busy at the moment and
duct taped the immediate issue with some iptables rules and port
forwarding. But need something better and I am back to trying to solve
this now.
I tried setting ikev2 from yes to no, sadly did not change the situation.
Oddly enough I put a brand new setup together about a week ago, with a
brand new laptop, and it connected fine. Yesterday I configured a bunch
of other laptops to connect to that same firewall, and now nothing
connects to it. That causes me to wonder if a windows update that
wasn't installed to begin with is there now on the brand new laptop.
Regardless, I faced this problem with windows7 way back, and I managed
to solve it that time with a post I found on the strong swan list. So
my instinct is telling me I need to find the correct ike=/esp= lines to
fix this problem. I did find a post from strong swan from Oct/Nov 2018:
https://wiki.strongswan.org/issues/2808
But none of those cipher lines worked.
Similarly there are a set of ciphers listed on the libreswan wiki under
the no_proposal_chosen section, and those are not working either.
I am thinking the next task is to go through the debug log and find out
what proposals windows is expecting, and try to construct appropriate
ike=/esp= lines. I found the parts of the man page that explain how to
write the ciphers, but having a hard time translating the log entries
into valid cipher descriptions for the conf file.
Posting the debug log here in case any one is interested in having a look...
Oct 4 09:18:08 firewall pluto[26478]: | *received 632 bytes from
50.117.137.129:500 on enp3s0 (port=500)
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41 00
00 00 00 00 00 00 00
Oct 4 09:18:08 firewall pluto[26478]: | 21 20 22 08 00 00 00 00 00
00 02 78 22 00 00 88
Oct 4 09:18:08 firewall pluto[26478]: | 02 00 00 2c 01 01 00 04 03
00 00 0c 01 00 00 0c
Oct 4 09:18:08 firewall pluto[26478]: | 80 0e 01 00 03 00 00 08 03
00 00 02 03 00 00 08
Oct 4 09:18:08 firewall pluto[26478]: | 02 00 00 02 00 00 00 08 04
00 00 0e 02 00 00 2c
Oct 4 09:18:08 firewall pluto[26478]: | 02 01 00 04 03 00 00 0c 01
00 00 0c 80 0e 01 00
Oct 4 09:18:08 firewall pluto[26478]: | 03 00 00 08 03 00 00 0c 03
00 00 08 02 00 00 05
Oct 4 09:18:08 firewall pluto[26478]: | 00 00 00 08 04 00 00 0e 00
00 00 2c 03 01 00 04
Oct 4 09:18:08 firewall pluto[26478]: | 03 00 00 0c 01 00 00 0c 80
0e 01 00 03 00 00 08
Oct 4 09:18:08 firewall pluto[26478]: | 03 00 00 0d 03 00 00 08 02
00 00 06 00 00 00 08
Oct 4 09:18:08 firewall pluto[26478]: | 04 00 00 0e 28 00 01 08 00
0e 00 00 05 90 27 84
Oct 4 09:18:08 firewall pluto[26478]: | bf 58 71 8c d7 46 fb 21 c4
92 1a 3d 16 f0 1d 08
Oct 4 09:18:08 firewall pluto[26478]: | b8 5c 5f 50 31 01 2e 26 88
ea 23 fb 10 43 aa 5d
Oct 4 09:18:08 firewall pluto[26478]: | f3 cd a5 61 83 b6 05 97 c6
7b b8 f2 9e f4 b5 60
Oct 4 09:18:08 firewall pluto[26478]: | 6b e2 b2 5a c9 35 0e 4f a7
cc 68 99 be 10 80 e2
Oct 4 09:18:08 firewall pluto[26478]: | ef fe 78 68 1d ea 2c fb 98
cc 6f ce e9 57 3c 6e
Oct 4 09:18:08 firewall pluto[26478]: | 77 cb 9f a1 38 67 89 58 cd
8c a2 43 6a 7d 4e aa
Oct 4 09:18:08 firewall pluto[26478]: | 88 17 98 ed 6b db d9 e8 40
a5 00 31 7c 1b d5 f6
Oct 4 09:18:08 firewall pluto[26478]: | 0b cf 50 44 99 f7 3c 55 d4
ff 2e f9 9f 47 53 64
Oct 4 09:18:08 firewall pluto[26478]: | a1 50 56 e8 09 77 4d 24 cb
c5 3c 7d 4d 21 04 10
Oct 4 09:18:08 firewall pluto[26478]: | 97 a0 e4 72 ec 74 14 09 5e
fa 92 4c 07 b7 64 8f
Oct 4 09:18:08 firewall pluto[26478]: | a0 ed 53 1f 80 51 88 cd 99
6e 1f 63 ab 2e 86 68
Oct 4 09:18:08 firewall pluto[26478]: | 5c 3a eb 38 35 37 1a 24 31
09 34 d3 44 9b a8 1f
Oct 4 09:18:08 firewall pluto[26478]: | e6 be 0c 22 65 92 da 0d be
45 5f 0c 31 b9 d4 da
Oct 4 09:18:08 firewall pluto[26478]: | 2d a2 7d e8 70 65 c8 56 5f
72 66 f5 99 fa 97 c6
Oct 4 09:18:08 firewall pluto[26478]: | 0d a9 19 17 8f 6f 87 29 8b
38 2a 3c aa 81 d2 a1
Oct 4 09:18:08 firewall pluto[26478]: | a1 d6 75 cd 04 e8 08 cd 30
ce 56 78 29 00 00 34
Oct 4 09:18:08 firewall pluto[26478]: | 4f e7 b5 24 aa b3 5d 43 43
88 9b 6b c7 da c2 82
Oct 4 09:18:08 firewall pluto[26478]: | 4d 33 d5 1e f6 f7 7f 02 ea
19 b4 a5 8f 66 d8 0a
Oct 4 09:18:08 firewall pluto[26478]: | 96 97 b6 cf ec 5d e2 c6 95
0a 1a 27 2f c4 34 6b
Oct 4 09:18:08 firewall pluto[26478]: | 29 00 00 08 00 00 40 2e 29
00 00 1c 00 00 40 04
Oct 4 09:18:08 firewall pluto[26478]: | 32 ac 3e 3e e6 9e 08 eb 79
2b c3 e9 be 05 3b 5e
Oct 4 09:18:08 firewall pluto[26478]: | 77 30 32 95 2b 00 00 1c 00
00 40 05 f9 80 7a 6b
Oct 4 09:18:08 firewall pluto[26478]: | 58 9b 4c 16 66 82 d9 07 a1
5a 3f 7f d5 a0 39 f8
Oct 4 09:18:08 firewall pluto[26478]: | 2b 00 00 18 1e 2b 51 69 05
99 1c 7d 7c 96 fc bf
Oct 4 09:18:08 firewall pluto[26478]: | b5 87 e4 61 00 00 00 09 2b
00 00 14 fb 1d e3 cd
Oct 4 09:18:08 firewall pluto[26478]: | f3 41 b7 ea 16 b7 e5 be 08
55 f1 20 2b 00 00 14
Oct 4 09:18:08 firewall pluto[26478]: | 26 24 4d 38 ed db 61 b3 17
2a 36 e3 d0 cf b8 19
Oct 4 09:18:08 firewall pluto[26478]: | 00 00 00 18 01 52 8b bb c0
06 96 12 18 49 ab 9a
Oct 4 09:18:08 firewall pluto[26478]: | 1c 5b 2a 51 00 00 00 02
Oct 4 09:18:08 firewall pluto[26478]: | processing: start from
50.117.137.129:500 (in process_md() at demux.c:441)
Oct 4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct 4 09:18:08 firewall pluto[26478]: | initiator cookie:
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41
Oct 4 09:18:08 firewall pluto[26478]: | responder cookie:
Oct 4 09:18:08 firewall pluto[26478]: | 00 00 00 00 00 00 00 00
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2SA (0x21)
Oct 4 09:18:08 firewall pluto[26478]: | ISAKMP version: IKEv2
version 2.0 (rfc4306/rfc5996) (0x20)
Oct 4 09:18:08 firewall pluto[26478]: | exchange type:
ISAKMP_v2_IKE_SA_INIT (0x22)
Oct 4 09:18:08 firewall pluto[26478]: | flags:
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: 0 (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 632 (0x278)
Oct 4 09:18:08 firewall pluto[26478]: | processing version=2.0 packet
with exchange type=ISAKMP_v2_IKE_SA_INIT (34)
Oct 4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request
ISAKMP_v2_IKE_SA_INIT
Oct 4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct 4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object
not found (find_v2_ike_sa_by_initiator_spi)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2SA)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Security
Association Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2KE (0x22)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 136 (0x88)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2SA (len=132)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2KE)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Key Exchange
Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2Ni (0x28)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 264 (0x108)
Oct 4 09:18:08 firewall pluto[26478]: | DH group:
OAKLEY_GROUP_MODP2048 (0xe)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2KE (len=256)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2Ni)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Nonce Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2N (0x29)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 52 (0x34)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2Ni (len=48)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2N)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Notify Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2N (0x29)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | Protocol ID:
PROTO_v2_RESERVED (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | SPI size: 0 (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | Notify Message Type:
v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2N (len=0)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2N)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Notify Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2N (0x29)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 28 (0x1c)
Oct 4 09:18:08 firewall pluto[26478]: | Protocol ID:
PROTO_v2_RESERVED (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | SPI size: 0 (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | Notify Message Type:
v2N_NAT_DETECTION_SOURCE_IP (0x4004)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2N (len=20)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2N)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Notify Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2V (0x2b)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 28 (0x1c)
Oct 4 09:18:08 firewall pluto[26478]: | Protocol ID:
PROTO_v2_RESERVED (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | SPI size: 0 (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | Notify Message Type:
v2N_NAT_DETECTION_DESTINATION_IP (0x4005)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2N (len=20)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2V)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Vendor ID Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2V (0x2b)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 24 (0x18)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2V (len=20)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2V)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Vendor ID Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2V (0x2b)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 20 (0x14)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2V (len=16)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2V)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Vendor ID Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2V (0x2b)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 20 (0x14)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2V (len=16)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2V)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Vendor ID Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 24 (0x18)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2V (len=20)
Oct 4 09:18:08 firewall pluto[26478]: | DDOS disabled and no cookie
sent, continuing
Oct 4 09:18:08 firewall pluto[26478]: | #null state always idle
Oct 4 09:18:08 firewall pluto[26478]: | #0 in state PARENT_R0:
processing SA_INIT request
Oct 4 09:18:08 firewall pluto[26478]: | selected state microcode
Respond to IKE_SA_INIT
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with state
specific processing
Oct 4 09:18:08 firewall pluto[26478]: | calling processor Respond to
IKE_SA_INIT
Oct 4 09:18:08 firewall pluto[26478]: | find_host_connection
me=50.117.146.127:500 him=50.117.137.129:500 policy=ECDSA+IKEV2_ALLOW
Oct 4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing
50.117.146.127:500 to 0.0.0.0:500
Oct 4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing
50.117.146.127:500 to 50.117.137.129:500
Oct 4 09:18:08 firewall pluto[26478]: | find_next_host_connection
policy=ECDSA+IKEV2_ALLOW
Oct 4 09:18:08 firewall pluto[26478]: | found policy =
RSASIG+ENCRYPT+TUNNEL+PFS+DONT_REKEY+IKEV2_ALLOW+IKEV2_ALLOW_NARROWING+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
(rw-ikev2)
Oct 4 09:18:08 firewall pluto[26478]: | find_next_host_connection
returns empty
Oct 4 09:18:08 firewall pluto[26478]: | find_host_connection
me=50.117.146.127:500 him=%any:500 policy=ECDSA+IKEV2_ALLOW
Oct 4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing
50.117.146.127:500 to 50.117.137.129:500
Oct 4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing
50.117.146.127:500 to 0.0.0.0:500
Oct 4 09:18:08 firewall pluto[26478]: | find_next_host_connection
policy=ECDSA+IKEV2_ALLOW
Oct 4 09:18:08 firewall pluto[26478]: | found policy =
RSASIG+ENCRYPT+TUNNEL+PFS+DONT_REKEY+IKEV2_ALLOW+IKEV2_ALLOW_NARROWING+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
(rw-ikev2)
Oct 4 09:18:08 firewall pluto[26478]: | find_next_host_connection
returns empty
Oct 4 09:18:08 firewall pluto[26478]: | initial parent SA message
received on 50.117.146.127:500 but no connection has been authorized
with policy ECDSA+IKEV2_ALLOW
Oct 4 09:18:08 firewall pluto[26478]: | find_host_connection
me=50.117.146.127:500 him=50.117.137.129:500 policy=RSASIG+IKEV2_ALLOW
Oct 4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing
50.117.146.127:500 to 0.0.0.0:500
Oct 4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing
50.117.146.127:500 to 50.117.137.129:500
Oct 4 09:18:08 firewall pluto[26478]: | find_next_host_connection
policy=RSASIG+IKEV2_ALLOW
Oct 4 09:18:08 firewall pluto[26478]: | found policy =
RSASIG+ENCRYPT+TUNNEL+PFS+DONT_REKEY+IKEV2_ALLOW+IKEV2_ALLOW_NARROWING+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
(rw-ikev2)
Oct 4 09:18:08 firewall pluto[26478]: | find_next_host_connection
returns rw-ikev2[1] 50.117.137.129
Oct 4 09:18:08 firewall pluto[26478]: | found connection: rw-ikev2[1]
50.117.137.129 with policy RSASIG+IKEV2_ALLOW
Oct 4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing
50.117.146.127:500 to 50.117.137.129:500
Oct 4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing
50.117.146.127:500 to 0.0.0.0:500
Oct 4 09:18:08 firewall pluto[26478]: | ignoring Vendor ID payload
[Windows 8, 8.1, 10, Server 2012 R2, Server 2016]
Oct 4 09:18:08 firewall pluto[26478]: | ignoring Vendor ID payload
[MS-Negotiation Discovery Capable]
Oct 4 09:18:08 firewall pluto[26478]: | ignoring Vendor ID payload
[Vid-Initial-Contact]
Oct 4 09:18:08 firewall pluto[26478]: | ignoring Vendor ID payload
[Windows KEY_MODS (IKEv2)]
Oct 4 09:18:08 firewall pluto[26478]: | creating state object #3 at
0x55d8599aabf8
Oct 4 09:18:08 firewall pluto[26478]: | State DB: adding state object #3
Oct 4 09:18:08 firewall pluto[26478]: | pstats #3 ikev2.ike started
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: init #3: msgid=0
lastack=4294967295 nextuse=0 lastrecv=4294967295 lastreplied=0
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: IKE #3 UNDEFINED;
initializing no-message msgid=-1; ike.initiator: sent=0->-1 recv=0->-1;
ike.responder: sent=0->-1 recv=0->-1; ike.current_request=0->-1
Oct 4 09:18:08 firewall pluto[26478]: | parent state #3:
UNDEFINED(ignore) => PARENT_R0(half-open IKE SA)
Oct 4 09:18:08 firewall pluto[26478]: | processing: start state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129 (in
initialize_new_state() at ipsec_doi.c:483)
Oct 4 09:18:08 firewall pluto[26478]: | processing: [RE]START state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129 (in
initialize_new_state() at ipsec_doi.c:501)
Oct 4 09:18:08 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3:
processing IKE_SA_INIT request: SA,KE,Ni,N,N,N,V,V,V,V (message arrived
0.001 seconds ago)
Oct 4 09:18:08 firewall pluto[26478]: | using existing local IKE
proposals for connection rw-ikev2 (IKE SA responder matching remote
proposals):
1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519
2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519
3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519
4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519
Oct 4 09:18:08 firewall pluto[26478]: | Comparing remote proposals
against IKE responder 4 local proposals
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 1 type ENCR has
1 transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 1 type PRF has 2
transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 1 type INTEG has
1 transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 1 type DH has 8
transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 1 type ESN has 0
transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 1 transforms:
required: ENCR+PRF+DH; optional: INTEG
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 2 type ENCR has
1 transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 2 type PRF has 2
transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 2 type INTEG has
1 transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 2 type DH has 8
transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 2 type ESN has 0
transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 2 transforms:
required: ENCR+PRF+DH; optional: INTEG
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 3 type ENCR has
1 transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 3 type PRF has 2
transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 3 type INTEG has
2 transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 3 type DH has 8
transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 3 type ESN has 0
transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 3 transforms:
required: ENCR+PRF+INTEG+DH; optional: none
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 4 type ENCR has
1 transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 4 type PRF has 2
transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 4 type INTEG has
2 transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 4 type DH has 8
transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 4 type ESN has 0
transforms
Oct 4 09:18:08 firewall pluto[26478]: | local proposal 4 transforms:
required: ENCR+PRF+INTEG+DH; optional: none
Oct 4 09:18:08 firewall pluto[26478]: | ****parse IKEv2 Proposal
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last proposal:
v2_PROPOSAL_NON_LAST (0x2)
Oct 4 09:18:08 firewall pluto[26478]: | length: 44 (0x2c)
Oct 4 09:18:08 firewall pluto[26478]: | prop #: 1 (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | proto ID:
IKEv2_SEC_PROTO_IKE (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | spi size: 0 (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | # transforms: 4 (0x4)
Oct 4 09:18:08 firewall pluto[26478]: | Comparing remote proposal 1
containing 4 transforms against local proposal [1..4] of 4 local proposals
Oct 4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | length: 12 (0xc)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_ENCR (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID: AES_CBC
(0xc)
Oct 4 09:18:08 firewall pluto[26478]: | ******parse IKEv2 Attribute
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | af+type: AF+IKEv2_KEY_LENGTH
(0x800e)
Oct 4 09:18:08 firewall pluto[26478]: | length/value: 256 (0x100)
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 1 transform 0
(ENCR=AES_CBC_256) matches local proposal 3 type 1 (ENCR) transform 0
Oct 4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_INTEG (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID:
AUTH_HMAC_SHA1_96 (0x2)
Oct 4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_PRF (0x2)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID:
PRF_HMAC_SHA1 (0x2)
Oct 4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_LAST (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_DH (0x4)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID:
OAKLEY_GROUP_MODP2048 (0xe)
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 1 transform 3
(DH=MODP2048) matches local proposal 1 type 4 (DH) transform 0
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 1 transform 3
(DH=MODP2048) matches local proposal 2 type 4 (DH) transform 0
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 1 transform 3
(DH=MODP2048) matches local proposal 3 type 4 (DH) transform 0
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 1 transform 3
(DH=MODP2048) matches local proposal 4 type 4 (DH) transform 0
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 1 proposed
transforms: ENCR+PRF+INTEG+DH; matched: ENCR+DH; unmatched: PRF+INTEG
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 1 does not
match; unmatched remote transforms: PRF+INTEG
Oct 4 09:18:08 firewall pluto[26478]: | ****parse IKEv2 Proposal
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last proposal:
v2_PROPOSAL_NON_LAST (0x2)
Oct 4 09:18:08 firewall pluto[26478]: | length: 44 (0x2c)
Oct 4 09:18:08 firewall pluto[26478]: | prop #: 2 (0x2)
Oct 4 09:18:08 firewall pluto[26478]: | proto ID:
IKEv2_SEC_PROTO_IKE (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | spi size: 0 (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | # transforms: 4 (0x4)
Oct 4 09:18:08 firewall pluto[26478]: | Comparing remote proposal 2
containing 4 transforms against local proposal [1..4] of 4 local proposals
Oct 4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | length: 12 (0xc)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_ENCR (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID: AES_CBC
(0xc)
Oct 4 09:18:08 firewall pluto[26478]: | ******parse IKEv2 Attribute
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | af+type: AF+IKEv2_KEY_LENGTH
(0x800e)
Oct 4 09:18:08 firewall pluto[26478]: | length/value: 256 (0x100)
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 0
(ENCR=AES_CBC_256) matches local proposal 3 type 1 (ENCR) transform 0
Oct 4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_INTEG (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID:
AUTH_HMAC_SHA2_256_128 (0xc)
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 1
(INTEG=HMAC_SHA2_256_128) matches local proposal 3 type 3 (INTEG)
transform 1
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 1
(INTEG=HMAC_SHA2_256_128) matches local proposal 4 type 3 (INTEG)
transform 1
Oct 4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_PRF (0x2)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID:
PRF_HMAC_SHA2_256 (0x5)
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 2
(PRF=HMAC_SHA2_256) matches local proposal 1 type 2 (PRF) transform 1
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 2
(PRF=HMAC_SHA2_256) matches local proposal 2 type 2 (PRF) transform 1
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 2
(PRF=HMAC_SHA2_256) matches local proposal 3 type 2 (PRF) transform 1
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 2
(PRF=HMAC_SHA2_256) matches local proposal 4 type 2 (PRF) transform 1
Oct 4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_LAST (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_DH (0x4)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID:
OAKLEY_GROUP_MODP2048 (0xe)
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 3
(DH=MODP2048) matches local proposal 1 type 4 (DH) transform 0
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 3
(DH=MODP2048) matches local proposal 2 type 4 (DH) transform 0
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 3
(DH=MODP2048) matches local proposal 3 type 4 (DH) transform 0
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 3
(DH=MODP2048) matches local proposal 4 type 4 (DH) transform 0
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 proposed
transforms: ENCR+PRF+INTEG+DH; matched: ENCR+PRF+INTEG+DH; unmatched: none
Oct 4 09:18:08 firewall pluto[26478]: | comparing remote proposal 2
containing ENCR+PRF+INTEG+DH transforms to local proposal 1; required:
ENCR+PRF+DH; optional: INTEG; matched: PRF+DH
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 does not
match local proposal 1; unmatched transforms: ENCR+INTEG; missing
transforms: ENCR
Oct 4 09:18:08 firewall pluto[26478]: | comparing remote proposal 2
containing ENCR+PRF+INTEG+DH transforms to local proposal 2; required:
ENCR+PRF+DH; optional: INTEG; matched: PRF+DH
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 does not
match local proposal 2; unmatched transforms: ENCR+INTEG; missing
transforms: ENCR
Oct 4 09:18:08 firewall pluto[26478]: | comparing remote proposal 2
containing ENCR+PRF+INTEG+DH transforms to local proposal 3; required:
ENCR+PRF+INTEG+DH; optional: none; matched: ENCR+PRF+INTEG+DH
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 2 matches local
proposal 3
Oct 4 09:18:08 firewall pluto[26478]: | ****parse IKEv2 Proposal
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last proposal:
v2_PROPOSAL_LAST (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 44 (0x2c)
Oct 4 09:18:08 firewall pluto[26478]: | prop #: 3 (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | proto ID:
IKEv2_SEC_PROTO_IKE (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | spi size: 0 (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | # transforms: 4 (0x4)
Oct 4 09:18:08 firewall pluto[26478]: | Comparing remote proposal 3
containing 4 transforms against local proposal [1..2] of 4 local proposals
Oct 4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | length: 12 (0xc)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_ENCR (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID: AES_CBC
(0xc)
Oct 4 09:18:08 firewall pluto[26478]: | ******parse IKEv2 Attribute
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | af+type: AF+IKEv2_KEY_LENGTH
(0x800e)
Oct 4 09:18:08 firewall pluto[26478]: | length/value: 256 (0x100)
Oct 4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_INTEG (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID:
AUTH_HMAC_SHA2_384_192 (0xd)
Oct 4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_PRF (0x2)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID:
PRF_HMAC_SHA2_384 (0x6)
Oct 4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_LAST (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_DH (0x4)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID:
OAKLEY_GROUP_MODP2048 (0xe)
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 3 transform 3
(DH=MODP2048) matches local proposal 1 type 4 (DH) transform 0
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 3 transform 3
(DH=MODP2048) matches local proposal 2 type 4 (DH) transform 0
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 3 proposed
transforms: ENCR+PRF+INTEG+DH; matched: DH; unmatched: ENCR+PRF+INTEG
Oct 4 09:18:08 firewall pluto[26478]: | remote proposal 3 does not
match; unmatched remote transforms: ENCR+PRF+INTEG
Oct 4 09:18:08 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3:
proposal
2:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048
chosen from remote proposals
1:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA1_96;PRF=HMAC_SHA1;DH=MODP2048
2:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_256_128;PRF=HMAC_SHA2_256;DH=MODP2048[first-match]
3:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_384_192;PRF=HMAC_SHA2_384;DH=MODP2048
Oct 4 09:18:08 firewall pluto[26478]: | accepted IKE proposal
ikev2_proposal:
2:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048
Oct 4 09:18:08 firewall pluto[26478]: | converting proposal to internal
trans attrs
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: rcookie is zero
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash:
hasher=0x55d8590d06e0(20)
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: icookie= be 61 b8
3c 91 27 58 41
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: rcookie= 00 00 00
00 00 00 00 00
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: ip= 32 75 92 7f
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: port=500
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: hash= f9 80 7a 6b
58 9b 4c 16 66 82 d9 07 a1 5a 3f 7f
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: hash= d5 a0 39 f8
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: rcookie is zero
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash:
hasher=0x55d8590d06e0(20)
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: icookie= be 61 b8
3c 91 27 58 41
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: rcookie= 00 00 00
00 00 00 00 00
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: ip= 32 75 89 81
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: port=500
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: hash= 72 bb 9e 64
40 a4 20 ab 0d bb 2f de 43 af fe b3
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: hash= 13 a8 3a b7
Oct 4 09:18:08 firewall pluto[26478]: | NAT_TRAVERSAL encaps using
auto-detect
Oct 4 09:18:08 firewall pluto[26478]: | NAT_TRAVERSAL this end is NOT
behind NAT
Oct 4 09:18:08 firewall pluto[26478]: | NAT_TRAVERSAL that end is
behind NAT 50.117.137.129
Oct 4 09:18:08 firewall pluto[26478]: | NAT_TRAVERSAL nat-keepalive
enabled 50.117.137.129
Oct 4 09:18:08 firewall pluto[26478]: | adding ikev2_inI1outR1 KE
work-order 3 for state #3
Oct 4 09:18:08 firewall pluto[26478]: | event_schedule: new
EVENT_CRYPTO_TIMEOUT-pe at 0x55d8599c51f8
Oct 4 09:18:08 firewall pluto[26478]: | inserting event
EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #3
Oct 4 09:18:08 firewall pluto[26478]: | libevent_malloc: new
ptr-libevent at 0x55d8599c5268 size 128
Oct 4 09:18:08 firewall pluto[26478]: | libevent_realloc: release
ptr-libevent at 0x55d859983d68
Oct 4 09:18:08 firewall pluto[26478]: | libevent_realloc: new
ptr-libevent at 0x55d8599a21d8 size 128
Oct 4 09:18:08 firewall pluto[26478]: | #3 spent 1.66 milliseconds in
processing: Respond to IKE_SA_INIT
Oct 4 09:18:08 firewall pluto[26478]: | crypto helper 1 resuming
Oct 4 09:18:08 firewall pluto[26478]: | processing: [RE]START state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
complete_v2_state_transition() at ikev2.c:3157)
Oct 4 09:18:08 firewall pluto[26478]: | crypto helper 1 starting
work-order 3 for state #3
Oct 4 09:18:08 firewall pluto[26478]: | #3 complete v2 state transition
from PARENT_R0 to PARENT_R1 with status STF_SUSPEND
Oct 4 09:18:08 firewall pluto[26478]: | crypto helper 1 doing build KE
and nonce (ikev2_inI1outR1 KE); request ID 3
Oct 4 09:18:08 firewall pluto[26478]: | suspending state #3 and saving MD
Oct 4 09:18:08 firewall pluto[26478]: | #3 is busy; has a suspended MD
Oct 4 09:18:08 firewall pluto[26478]: | processing: [RE]START state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
log_stf_suspend() at ikev2.c:3054)
Oct 4 09:18:08 firewall pluto[26478]: | "rw-ikev2"[1] 50.117.137.129 #3
complete v2 state STATE_PARENT_R0 transition with STF_SUSPEND suspended
from complete_v2_state_transition:3220
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop from
50.117.137.129:500 (BACKGROUND) (in process_md() at demux.c:443)
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
process_md() at demux.c:445)
Oct 4 09:18:08 firewall pluto[26478]: | processing: STOP connection
NULL (in process_md() at demux.c:446)
Oct 4 09:18:08 firewall pluto[26478]: | crypto helper 1 finished build
KE and nonce (ikev2_inI1outR1 KE); request ID 3 time elapsed 0.001 seconds
Oct 4 09:18:08 firewall pluto[26478]: | (#3) spent 1.39 milliseconds in
crypto helper computing work-order 3: build KE and nonce
(ikev2_inI1outR1 KE)
Oct 4 09:18:08 firewall pluto[26478]: | crypto helper 1 sending results
from work-order 3 for state #3 to event queue
Oct 4 09:18:08 firewall pluto[26478]: | scheduling now-event sending
helper answer for #3
Oct 4 09:18:08 firewall pluto[26478]: | libevent_malloc: new
ptr-libevent at 0x7f2590007b78 size 128
Oct 4 09:18:08 firewall pluto[26478]: | crypto helper 1 waiting
(nothing to do)
Oct 4 09:18:08 firewall pluto[26478]: | start executing now-event
sending helper answer for #3
Oct 4 09:18:08 firewall pluto[26478]: | processing: start state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
schedule_event_now_cb() at server.c:811)
Oct 4 09:18:08 firewall pluto[26478]: | crypto helper 1 replies to
request ID 3
Oct 4 09:18:08 firewall pluto[26478]: | calling continuation function
0x55d858fe5610
Oct 4 09:18:08 firewall pluto[26478]: | ikev2_parent_inI1outR1_continue
for #3: calculated ke+nonce, sending R1
Oct 4 09:18:08 firewall pluto[26478]: | **emit ISAKMP Message:
Oct 4 09:18:08 firewall pluto[26478]: | initiator cookie:
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41
Oct 4 09:18:08 firewall pluto[26478]: | responder cookie:
Oct 4 09:18:08 firewall pluto[26478]: | e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | ISAKMP version: IKEv2
version 2.0 (rfc4306/rfc5996) (0x20)
Oct 4 09:18:08 firewall pluto[26478]: | exchange type:
ISAKMP_v2_IKE_SA_INIT (0x22)
Oct 4 09:18:08 firewall pluto[26478]: | flags:
ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: 0 (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: saving
message location 'ISAKMP Message'.'next payload type'
Oct 4 09:18:08 firewall pluto[26478]: | Emitting ikev2_proposal ...
Oct 4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Security
Association Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: setting
previous 'ISAKMP Message'.'next payload type' to current IKEv2 Security
Association Payload (33:ISAKMP_NEXT_v2SA)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Security Association Payload'.'next payload type' in
'reply packet'
Oct 4 09:18:08 firewall pluto[26478]: | ****emit IKEv2 Proposal
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last proposal:
v2_PROPOSAL_LAST (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | prop #: 2 (0x2)
Oct 4 09:18:08 firewall pluto[26478]: | proto ID:
IKEv2_SEC_PROTO_IKE (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | spi size: 0 (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | # transforms: 4 (0x4)
Oct 4 09:18:08 firewall pluto[26478]: | last substructure: saving
location 'IKEv2 Security Association Payload'.'IKEv2 Proposal
Substructure Payload'.'last proposal'
Oct 4 09:18:08 firewall pluto[26478]: | *****emit IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_ENCR (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID: AES_CBC
(0xc)
Oct 4 09:18:08 firewall pluto[26478]: | last substructure: saving
location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform
Substructure Payload'.'last transform'
Oct 4 09:18:08 firewall pluto[26478]: | ******emit IKEv2 Attribute
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | af+type: AF+IKEv2_KEY_LENGTH
(0x800e)
Oct 4 09:18:08 firewall pluto[26478]: | length/value: 256 (0x100)
Oct 4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2
Transform Substructure Payload: 12
Oct 4 09:18:08 firewall pluto[26478]: | *****emit IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_PRF (0x2)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID:
PRF_HMAC_SHA2_256 (0x5)
Oct 4 09:18:08 firewall pluto[26478]: | last substructure: checking
'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure
Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | last substructure: saving
location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform
Substructure Payload'.'last transform'
Oct 4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2
Transform Substructure Payload: 8
Oct 4 09:18:08 firewall pluto[26478]: | *****emit IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_INTEG (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID:
AUTH_HMAC_SHA2_256_128 (0xc)
Oct 4 09:18:08 firewall pluto[26478]: | last substructure: checking
'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure
Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | last substructure: saving
location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform
Substructure Payload'.'last transform'
Oct 4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2
Transform Substructure Payload: 8
Oct 4 09:18:08 firewall pluto[26478]: | *****emit IKEv2 Transform
Substructure Payload:
Oct 4 09:18:08 firewall pluto[26478]: | last transform:
v2_TRANSFORM_LAST (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_DH (0x4)
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 transform ID:
OAKLEY_GROUP_MODP2048 (0xe)
Oct 4 09:18:08 firewall pluto[26478]: | last substructure: checking
'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure
Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | last substructure: saving
location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform
Substructure Payload'.'last transform'
Oct 4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2
Transform Substructure Payload: 8
Oct 4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2
Proposal Substructure Payload: 44
Oct 4 09:18:08 firewall pluto[26478]: | last substructure: checking
'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure
Payload'.'last transform' is 0
Oct 4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2
Security Association Payload: 48
Oct 4 09:18:08 firewall pluto[26478]: | last substructure: checking
'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure
Payload'.'last proposal' is 0
Oct 4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Key Exchange Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | DH group:
OAKLEY_GROUP_MODP2048 (0xe)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: setting
previous 'IKEv2 Security Association Payload'.'next payload type' to
current IKEv2 Key Exchange Payload (34:ISAKMP_NEXT_v2KE)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Key Exchange Payload'.'next payload type' in 'reply packet'
Oct 4 09:18:08 firewall pluto[26478]: | emitting 256 raw bytes of ikev2
g^x into IKEv2 Key Exchange Payload
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x 5e ce 5f 6b d9 c9
fd 74 c2 27 bf 7c 8c 1b 59 88
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x 71 7b 00 dc 56 b6
8e 34 3a ec a9 bd a8 01 66 14
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x e5 88 22 5e d0 8a
b1 84 05 7c b1 35 60 ac 9d 0b
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x af 78 95 f8 ae 95
6d 3c a9 1d 0c 11 b9 58 bd 2d
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x d8 5a 00 74 68 71
59 89 e7 d3 00 91 7d a2 f5 67
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x 53 a2 5c 08 3b 90
e9 c1 9e 00 84 90 cf e8 0e 33
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x e3 b5 28 4c 1e 61
3b b4 64 7e 20 f0 18 21 ee 69
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x ca 83 d4 e9 f2 f2
c9 3c 7b 05 7d 6a 2d 41 01 0a
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x ad 0d 9d 13 2c e5
6f 12 a3 85 b0 00 e7 97 65 86
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x 76 02 29 f9 48 29
98 c5 1f 0e 8f 4f 74 33 04 d6
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x 1c 3b d7 50 8c d8
45 32 ce 1c 47 98 08 06 e1 9c
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x e1 65 f6 36 35 ae
d8 da ea 29 2a 99 70 7b d0 94
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x fe 92 04 c4 03 52
c2 a1 44 39 5e ae 9a 85 ac c5
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x df 32 ac e8 b5 d8
1d 28 79 ea 9a 3f 14 cd d0 66
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x de 4a 6a b8 4e 8a
32 e6 68 f3 28 c6 24 f8 f4 de
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 g^x 8b 47 97 62 9e b1
1c 5e 56 ce 8f 59 e0 59 05 d7
Oct 4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 Key
Exchange Payload: 264
Oct 4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Nonce Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2N (0x29)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: ignoring
supplied 'IKEv2 Nonce Payload'.'next payload type' value 41:ISAKMP_NEXT_v2N
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: setting
previous 'IKEv2 Key Exchange Payload'.'next payload type' to current
IKEv2 Nonce Payload (40:ISAKMP_NEXT_v2Ni)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Nonce Payload'.'next payload type' in 'reply packet'
Oct 4 09:18:08 firewall pluto[26478]: | emitting 32 raw bytes of IKEv2
nonce into IKEv2 Nonce Payload
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 nonce 0a c4 cb 9f 75 13
e1 2d c5 1c 7d de 6a 20 fa e9
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2 nonce b9 78 db ef 77 78
78 d4 e9 84 b4 56 8d bc a1 76
Oct 4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 Nonce
Payload: 36
Oct 4 09:18:08 firewall pluto[26478]: | Adding a v2N Payload
Oct 4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Notify Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | Protocol ID:
PROTO_v2_RESERVED (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | SPI size: 0 (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | Notify Message Type:
v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: setting
previous 'IKEv2 Nonce Payload'.'next payload type' to current IKEv2
Notify Payload (41:ISAKMP_NEXT_v2N)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet'
Oct 4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 Notify
Payload: 8
Oct 4 09:18:08 firewall pluto[26478]: | NAT-Traversal support
[enabled] add v2N payloads.
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash:
hasher=0x55d8590d06e0(20)
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: icookie= be 61 b8
3c 91 27 58 41
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: rcookie= e8 c0 ee
b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: ip= 32 75 92 7f
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: port=500
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: hash= 2f 91 a9 17
5b 12 59 18 d7 fc a1 46 ab 15 14 17
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: hash= 4c 92 71 b8
Oct 4 09:18:08 firewall pluto[26478]: | Adding a v2N Payload
Oct 4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Notify Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | Protocol ID:
PROTO_v2_RESERVED (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | SPI size: 0 (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | Notify Message Type:
v2N_NAT_DETECTION_SOURCE_IP (0x4004)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: setting
previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2
Notify Payload (41:ISAKMP_NEXT_v2N)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet'
Oct 4 09:18:08 firewall pluto[26478]: | emitting 20 raw bytes of Notify
data into IKEv2 Notify Payload
Oct 4 09:18:08 firewall pluto[26478]: | Notify data 2f 91 a9 17 5b 12
59 18 d7 fc a1 46 ab 15 14 17
Oct 4 09:18:08 firewall pluto[26478]: | Notify data 4c 92 71 b8
Oct 4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 Notify
Payload: 28
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash:
hasher=0x55d8590d06e0(20)
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: icookie= be 61 b8
3c 91 27 58 41
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: rcookie= e8 c0 ee
b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: ip= 32 75 89 81
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: port=500
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: hash= ff 8d fd a1
76 0d 00 b7 1f d2 2c a6 98 87 7c 01
Oct 4 09:18:08 firewall pluto[26478]: | natd_hash: hash= 60 d7 06 1a
Oct 4 09:18:08 firewall pluto[26478]: | Adding a v2N Payload
Oct 4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Notify Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | Protocol ID:
PROTO_v2_RESERVED (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | SPI size: 0 (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | Notify Message Type:
v2N_NAT_DETECTION_DESTINATION_IP (0x4005)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: setting
previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2
Notify Payload (41:ISAKMP_NEXT_v2N)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet'
Oct 4 09:18:08 firewall pluto[26478]: | emitting 20 raw bytes of Notify
data into IKEv2 Notify Payload
Oct 4 09:18:08 firewall pluto[26478]: | Notify data ff 8d fd a1 76 0d
00 b7 1f d2 2c a6 98 87 7c 01
Oct 4 09:18:08 firewall pluto[26478]: | Notify data 60 d7 06 1a
Oct 4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 Notify
Payload: 28
Oct 4 09:18:08 firewall pluto[26478]: | going to send a certreq
Oct 4 09:18:08 firewall pluto[26478]: | connection->kind is not
CK_PERMANENT (instance), so collect CAs
Oct 4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing
50.117.146.127:500 to 0.0.0.0:500
Oct 4 09:18:08 firewall pluto[26478]: | connection is RW, lookup CA
candidates
Oct 4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Certificate
Request Payload:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | ikev2 cert encoding:
CERT_X509_SIGNATURE (0x4)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: setting
previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2
Certificate Request Payload (38:ISAKMP_NEXT_v2CERTREQ)
Oct 4 09:18:08 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Certificate Request Payload'.'next payload type' in
'reply packet'
Oct 4 09:18:08 firewall pluto[26478]: | located CA cert CN=Planyukon
Certificate Authority,OU=Administrator,O=Planyukon,ST=Yukon,C=CA for CERTREQ
Oct 4 09:18:08 firewall pluto[26478]: | emitting 20 raw bytes of CA
cert public key hash into IKEv2 Certificate Request Payload
Oct 4 09:18:08 firewall pluto[26478]: | CA cert public key hash
Oct 4 09:18:08 firewall pluto[26478]: | 8f 77 c2 1d 60 d5 1d bc 6d
1c a7 28 a9 39 3d 8d
Oct 4 09:18:08 firewall pluto[26478]: | 56 77 6e 7e
Oct 4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2
Certificate Request Payload: 25
Oct 4 09:18:08 firewall pluto[26478]: | emitting length of ISAKMP
Message: 465
Oct 4 09:18:08 firewall pluto[26478]: | processing: [RE]START state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
complete_v2_state_transition() at ikev2.c:3157)
Oct 4 09:18:08 firewall pluto[26478]: | #3 complete v2 state transition
from PARENT_R0 to PARENT_R1 with status STF_OK
Oct 4 09:18:08 firewall pluto[26478]: | IKEv2: transition from state
STATE_PARENT_R0 to state STATE_PARENT_R1
Oct 4 09:18:08 firewall pluto[26478]: | parent state #3:
PARENT_R0(half-open IKE SA) => PARENT_R1(half-open IKE SA)
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: updating counters
for #3 to 0 after switching state
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: 'rw-ikev2' IKE #3
PARENT_R1; message-request msgid=0; initiator { lastack=4294967295
nextuse=0 } responder { lastrecv=4294967295->0 lastreplied=0 }
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: IKE #3 PARENT_R1;
receiving request msgid=0; ike.initiator: sent=-1 recv=-1;
ike.responder: sent=-1 recv=-1->0
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: IKE #3 PARENT_R1;
sending response msgid=0; ike.initiator: sent=-1 recv=-1; ike.responder:
sent=-1->0 recv=0
Oct 4 09:18:08 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3:
STATE_PARENT_R1: received v2I1, sent v2R1 {auth=IKEv2 cipher=AES_CBC_256
integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Oct 4 09:18:08 firewall pluto[26478]: | sending V2 reply packet to
50.117.137.129:500 (from port 500)
Oct 4 09:18:08 firewall pluto[26478]: | sending 465 bytes for
STATE_PARENT_R0 through enp3s0:500 to 50.117.137.129:500 (using #3)
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41 e8
c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | 21 20 22 20 00 00 00 00 00
00 01 d1 22 00 00 30
Oct 4 09:18:08 firewall pluto[26478]: | 00 00 00 2c 02 01 00 04 03
00 00 0c 01 00 00 0c
Oct 4 09:18:08 firewall pluto[26478]: | 80 0e 01 00 03 00 00 08 02
00 00 05 03 00 00 08
Oct 4 09:18:08 firewall pluto[26478]: | 03 00 00 0c 00 00 00 08 04
00 00 0e 28 00 01 08
Oct 4 09:18:08 firewall pluto[26478]: | 00 0e 00 00 5e ce 5f 6b d9
c9 fd 74 c2 27 bf 7c
Oct 4 09:18:08 firewall pluto[26478]: | 8c 1b 59 88 71 7b 00 dc 56
b6 8e 34 3a ec a9 bd
Oct 4 09:18:08 firewall pluto[26478]: | a8 01 66 14 e5 88 22 5e d0
8a b1 84 05 7c b1 35
Oct 4 09:18:08 firewall pluto[26478]: | 60 ac 9d 0b af 78 95 f8 ae
95 6d 3c a9 1d 0c 11
Oct 4 09:18:08 firewall pluto[26478]: | b9 58 bd 2d d8 5a 00 74 68
71 59 89 e7 d3 00 91
Oct 4 09:18:08 firewall pluto[26478]: | 7d a2 f5 67 53 a2 5c 08 3b
90 e9 c1 9e 00 84 90
Oct 4 09:18:08 firewall pluto[26478]: | cf e8 0e 33 e3 b5 28 4c 1e
61 3b b4 64 7e 20 f0
Oct 4 09:18:08 firewall pluto[26478]: | 18 21 ee 69 ca 83 d4 e9 f2
f2 c9 3c 7b 05 7d 6a
Oct 4 09:18:08 firewall pluto[26478]: | 2d 41 01 0a ad 0d 9d 13 2c
e5 6f 12 a3 85 b0 00
Oct 4 09:18:08 firewall pluto[26478]: | e7 97 65 86 76 02 29 f9 48
29 98 c5 1f 0e 8f 4f
Oct 4 09:18:08 firewall pluto[26478]: | 74 33 04 d6 1c 3b d7 50 8c
d8 45 32 ce 1c 47 98
Oct 4 09:18:08 firewall pluto[26478]: | 08 06 e1 9c e1 65 f6 36 35
ae d8 da ea 29 2a 99
Oct 4 09:18:08 firewall pluto[26478]: | 70 7b d0 94 fe 92 04 c4 03
52 c2 a1 44 39 5e ae
Oct 4 09:18:08 firewall pluto[26478]: | 9a 85 ac c5 df 32 ac e8 b5
d8 1d 28 79 ea 9a 3f
Oct 4 09:18:08 firewall pluto[26478]: | 14 cd d0 66 de 4a 6a b8 4e
8a 32 e6 68 f3 28 c6
Oct 4 09:18:08 firewall pluto[26478]: | 24 f8 f4 de 8b 47 97 62 9e
b1 1c 5e 56 ce 8f 59
Oct 4 09:18:08 firewall pluto[26478]: | e0 59 05 d7 29 00 00 24 0a
c4 cb 9f 75 13 e1 2d
Oct 4 09:18:08 firewall pluto[26478]: | c5 1c 7d de 6a 20 fa e9 b9
78 db ef 77 78 78 d4
Oct 4 09:18:08 firewall pluto[26478]: | e9 84 b4 56 8d bc a1 76 29
00 00 08 00 00 40 2e
Oct 4 09:18:08 firewall pluto[26478]: | 29 00 00 1c 00 00 40 04 2f
91 a9 17 5b 12 59 18
Oct 4 09:18:08 firewall pluto[26478]: | d7 fc a1 46 ab 15 14 17 4c
92 71 b8 26 00 00 1c
Oct 4 09:18:08 firewall pluto[26478]: | 00 00 40 05 ff 8d fd a1 76
0d 00 b7 1f d2 2c a6
Oct 4 09:18:08 firewall pluto[26478]: | 98 87 7c 01 60 d7 06 1a 00
00 00 19 04 8f 77 c2
Oct 4 09:18:08 firewall pluto[26478]: | 1d 60 d5 1d bc 6d 1c a7 28
a9 39 3d 8d 56 77 6e
Oct 4 09:18:08 firewall pluto[26478]: | 7e
Oct 4 09:18:08 firewall pluto[26478]: | state #3 requesting
EVENT_CRYPTO_TIMEOUT to be deleted
Oct 4 09:18:08 firewall pluto[26478]: | libevent_free: release
ptr-libevent at 0x55d8599c5268
Oct 4 09:18:08 firewall pluto[26478]: | free_event_entry: release
EVENT_CRYPTO_TIMEOUT-pe at 0x55d8599c51f8
Oct 4 09:18:08 firewall pluto[26478]: | event_schedule: new
EVENT_SO_DISCARD-pe at 0x55d85999dfa8
Oct 4 09:18:08 firewall pluto[26478]: | inserting event
EVENT_SO_DISCARD, timeout in 200 seconds for #3
Oct 4 09:18:08 firewall pluto[26478]: | libevent_malloc: new
ptr-libevent at 0x55d8599c59d8 size 128
Oct 4 09:18:08 firewall pluto[26478]: | #3 spent 1.87 milliseconds in
callback for work-order 3: build KE and nonce (ikev2_inI1outR1 KE)
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
schedule_event_now_cb() at server.c:814)
Oct 4 09:18:08 firewall pluto[26478]: | stop executing now-event
sending helper answer for #3
Oct 4 09:18:08 firewall pluto[26478]: | libevent_free: release
ptr-libevent at 0x7f2590007b78
Oct 4 09:18:08 firewall pluto[26478]: | *received 580 bytes from
50.117.137.129:63837 on enp3s0 (port=4500)
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41 e8
c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | 35 20 23 08 00 00 00 01 00
00 02 44 23 00 02 28
Oct 4 09:18:08 firewall pluto[26478]: | 00 01 00 08 fd 70 ab 24 4d
86 60 24 e0 38 30 a9
Oct 4 09:18:08 firewall pluto[26478]: | 7d 38 e9 9f e1 61 9d ab 16
f6 a5 83 9a 72 65 ca
Oct 4 09:18:08 firewall pluto[26478]: | 1f 5a 1d 34 5d 33 0f e9 e5
c2 17 0c c5 f9 5b c0
Oct 4 09:18:08 firewall pluto[26478]: | a3 81 f5 e5 ff 63 4f f3 8b
01 0e be 6c 0a 3e 24
Oct 4 09:18:08 firewall pluto[26478]: | b7 8f a8 e1 b2 c6 b5 01 d6
7a 5f 8c be 10 8b f2
Oct 4 09:18:08 firewall pluto[26478]: | 31 b6 da 2d ad d3 f1 f4 75
be ae 94 a3 f4 c1 fe
Oct 4 09:18:08 firewall pluto[26478]: | b2 39 dc e9 9e c2 20 70 69
cf b2 7a 45 55 d0 69
Oct 4 09:18:08 firewall pluto[26478]: | 61 56 2a d0 36 7f 9e 10 52
6f 57 2c 42 e7 8c c7
Oct 4 09:18:08 firewall pluto[26478]: | 82 ca 01 b1 6a 83 4e 6d ad
59 65 cb 8e 51 68 00
Oct 4 09:18:08 firewall pluto[26478]: | c5 87 51 00 6b f5 2b 45 fa
7e 3b 11 ce 81 19 d0
Oct 4 09:18:08 firewall pluto[26478]: | 85 26 41 46 91 5a 03 bb 0b
1f b0 da 16 77 93 f7
Oct 4 09:18:08 firewall pluto[26478]: | af dc ce 16 2f ab 1b 3f 08
cb 5f 97 b5 c4 4a 1f
Oct 4 09:18:08 firewall pluto[26478]: | 73 db b1 ff 57 d9 29 48 98
3f f0 43 3b c8 4a 5b
Oct 4 09:18:08 firewall pluto[26478]: | d5 73 a4 80 90 a2 7b cc 58
3c 76 6d e9 69 c2 f4
Oct 4 09:18:08 firewall pluto[26478]: | f1 97 99 7d cc e6 80 2b 52
e0 a4 b1 74 e4 72 b9
Oct 4 09:18:08 firewall pluto[26478]: | 10 0c 61 3f 59 5f 1f c5 4e
65 7c 7f 83 31 c0 0e
Oct 4 09:18:08 firewall pluto[26478]: | 76 fd 85 e1 28 f9 35 12 e2
1d f1 31 29 76 ad d3
Oct 4 09:18:08 firewall pluto[26478]: | 63 fc 29 bb 40 a1 34 0a 90
ff ec fa ea 5a 7d 96
Oct 4 09:18:08 firewall pluto[26478]: | fc 6c 5f 25 26 3c 36 4d 26
52 b4 80 f3 07 99 1b
Oct 4 09:18:08 firewall pluto[26478]: | 49 32 21 81 23 58 04 67 80
81 97 09 08 b0 eb 0e
Oct 4 09:18:08 firewall pluto[26478]: | 89 e7 19 a1 69 b6 44 06 62
6e 03 fe f3 1d e3 b2
Oct 4 09:18:08 firewall pluto[26478]: | cd 89 98 00 11 da 4f 98 b4
7e 29 a4 74 9b 1d e5
Oct 4 09:18:08 firewall pluto[26478]: | 0d 22 fd ff 29 a1 af c2 b8
16 ba c1 33 f9 26 77
Oct 4 09:18:08 firewall pluto[26478]: | 7f d1 b1 25 98 67 42 f9 32
c4 3e 03 13 de 4d 4f
Oct 4 09:18:08 firewall pluto[26478]: | 7c 58 88 65 41 7b 0a aa 67
f0 0e 30 0a a5 de d6
Oct 4 09:18:08 firewall pluto[26478]: | 81 9e 44 aa 0f f6 56 be 0a
85 81 c0 26 ff b6 02
Oct 4 09:18:08 firewall pluto[26478]: | 4d 3f 14 33 8c e8 3c fa b6
27 e0 8e 56 e1 c3 de
Oct 4 09:18:08 firewall pluto[26478]: | df 8e 17 01 d1 9a 8b 1d 10
1e 84 f7 0b 95 af 14
Oct 4 09:18:08 firewall pluto[26478]: | a2 cc e7 8c 1a d4 d6 f3 3e
a1 6b 17 ea cb b0 69
Oct 4 09:18:08 firewall pluto[26478]: | cc e9 b4 7a 04 06 0d 13 fc
3a 7d 49 17 1e 5d 47
Oct 4 09:18:08 firewall pluto[26478]: | 79 4b 1d 35 81 89 0a f6 48
3b 9f 40 28 ef 71 f0
Oct 4 09:18:08 firewall pluto[26478]: | fe 1e de c0 77 36 b1 cb 63
6f 63 84 8b e7 61 d1
Oct 4 09:18:08 firewall pluto[26478]: | 09 8d f5 a9 fc da 44 9f bc
a9 53 68 b4 05 df 01
Oct 4 09:18:08 firewall pluto[26478]: | 59 3b 84 38 8a b7 41 78 e4
18 0c f0 3c 46 ab dd
Oct 4 09:18:08 firewall pluto[26478]: | c8 d0 4b 80
Oct 4 09:18:08 firewall pluto[26478]: | processing: start from
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct 4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct 4 09:18:08 firewall pluto[26478]: | initiator cookie:
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41
Oct 4 09:18:08 firewall pluto[26478]: | responder cookie:
Oct 4 09:18:08 firewall pluto[26478]: | e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2SKF (0x35)
Oct 4 09:18:08 firewall pluto[26478]: | ISAKMP version: IKEv2
version 2.0 (rfc4306/rfc5996) (0x20)
Oct 4 09:18:08 firewall pluto[26478]: | exchange type:
ISAKMP_v2_IKE_AUTH (0x23)
Oct 4 09:18:08 firewall pluto[26478]: | flags:
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: 1 (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | length: 580 (0x244)
Oct 4 09:18:08 firewall pluto[26478]: | processing version=2.0 packet
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct 4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request
ISAKMP_v2_IKE_AUTH
Oct 4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct 4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct 4 09:18:08 firewall pluto[26478]: | found state #3
Oct 4 09:18:08 firewall pluto[26478]: | processing: start state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
ikev2_process_packet() at ikev2.c:1774)
Oct 4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0
md.hdr.isa_msgid 00000001
Oct 4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received
v2I1, sent v2R1
Oct 4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2SKF)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2IDi (0x23)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 552 (0x228)
Oct 4 09:18:08 firewall pluto[26478]: | fragment number: 1 (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | total fragments: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2SKF (len=544)
Oct 4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment
number '1', total number '8', next payload '35'
Oct 4 09:18:08 firewall pluto[26478]: | updated IKE fragment state to
respond using fragments without waiting for re-transmits
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop from
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
process_md() at demux.c:445)
Oct 4 09:18:08 firewall pluto[26478]: | processing: STOP connection
NULL (in process_md() at demux.c:446)
Oct 4 09:18:08 firewall pluto[26478]: | *received 580 bytes from
50.117.137.129:63837 on enp3s0 (port=4500)
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41 e8
c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | 35 20 23 08 00 00 00 01 00
00 02 44 00 00 02 28
Oct 4 09:18:08 firewall pluto[26478]: | 00 02 00 08 92 c4 49 39 b6
cb ac fa ab 3a c8 86
Oct 4 09:18:08 firewall pluto[26478]: | 06 3f 6f 89 00 d1 95 dc 6c
d6 38 5b 6e c1 35 6a
Oct 4 09:18:08 firewall pluto[26478]: | cd 39 34 4d ba d5 56 18 ca
44 a9 b5 96 92 7f ec
Oct 4 09:18:08 firewall pluto[26478]: | 52 51 3a b0 18 da 9f b5 70
b6 b4 e3 8b db bc 5c
Oct 4 09:18:08 firewall pluto[26478]: | bd 61 8b 41 f1 0e 9d 9d fd
1c d4 50 cf f2 37 e9
Oct 4 09:18:08 firewall pluto[26478]: | 5e 59 28 bf 33 50 ea d0 af
5d e2 9c 61 91 e1 47
Oct 4 09:18:08 firewall pluto[26478]: | d6 bf d1 9e 5c 37 84 9e 08
f5 fd ba 09 69 bb e8
Oct 4 09:18:08 firewall pluto[26478]: | 7b 61 cc ad 3c a0 b4 60 38
15 a2 0f eb 68 aa 0f
Oct 4 09:18:08 firewall pluto[26478]: | 27 26 b4 d7 ef c4 eb c4 60
97 00 55 eb 13 5a 1d
Oct 4 09:18:08 firewall pluto[26478]: | ad aa 68 d7 cc e7 65 35 96
95 0f 52 13 90 5f 19
Oct 4 09:18:08 firewall pluto[26478]: | 55 1f d9 1b 72 ae 19 be ea
a4 20 a6 00 1e de 7b
Oct 4 09:18:08 firewall pluto[26478]: | 01 6a 36 3d 16 af 09 7b 39
15 84 7b e6 90 29 3c
Oct 4 09:18:08 firewall pluto[26478]: | bb 86 0b a1 db 39 e2 40 5e
e6 8b d2 1a ef d9 04
Oct 4 09:18:08 firewall pluto[26478]: | 1e 98 04 36 a4 a4 56 52 16
ff 3c 99 41 46 23 53
Oct 4 09:18:08 firewall pluto[26478]: | 9b 6c 68 8e 0b f8 a5 d1 5d
8d 7e 82 00 56 bd df
Oct 4 09:18:08 firewall pluto[26478]: | 6d 69 50 88 2b 2b ef d4 4d
d2 b3 ee 70 e5 23 5d
Oct 4 09:18:08 firewall pluto[26478]: | 41 57 e0 af a6 55 a6 9a 44
5d 0b 0b 7e e2 40 86
Oct 4 09:18:08 firewall pluto[26478]: | 14 cf ef 8e 5d 26 5a 55 1a
be 55 bb df 5c e3 c4
Oct 4 09:18:08 firewall pluto[26478]: | 43 16 a8 ee 93 2e a5 5a b9
5b 4a bc d3 85 0a 81
Oct 4 09:18:08 firewall pluto[26478]: | b4 ba 9a c2 a9 ee ee 85 1a
81 09 94 31 f9 32 13
Oct 4 09:18:08 firewall pluto[26478]: | f1 d2 52 33 2c b3 c5 ad 1e
22 20 bc 68 59 9c 4c
Oct 4 09:18:08 firewall pluto[26478]: | 68 33 52 2b be 64 4b 24 c0
b5 04 28 7a ee a1 4c
Oct 4 09:18:08 firewall pluto[26478]: | 45 f3 28 ab 69 bc d9 d6 39
4b 88 c2 5f cb db da
Oct 4 09:18:08 firewall pluto[26478]: | e4 8f 68 a5 e6 8b e7 6e 1c
5c 60 24 d6 c7 fb 87
Oct 4 09:18:08 firewall pluto[26478]: | 8e 52 e7 9e bd 53 ec 1b 76
80 49 18 3c 3a cc 4a
Oct 4 09:18:08 firewall pluto[26478]: | da 57 0c 46 05 be 0f ae 2c
9e 67 6d 73 62 1a 65
Oct 4 09:18:08 firewall pluto[26478]: | c9 4d ae d6 b3 d3 a4 67 31
a7 d7 f5 8b 6d e3 1e
Oct 4 09:18:08 firewall pluto[26478]: | 5c e3 30 7e 46 3c a4 f4 ce
c3 16 ca f5 a8 f9 49
Oct 4 09:18:08 firewall pluto[26478]: | f4 6a 48 21 d1 93 c9 b6 d1
b0 c4 ab 89 fd 73 85
Oct 4 09:18:08 firewall pluto[26478]: | a3 b0 0a 9d 9b 69 61 70 11
80 d4 53 97 ac 8a 09
Oct 4 09:18:08 firewall pluto[26478]: | e9 09 91 69 18 7c 35 b5 3d
56 48 be 96 01 92 39
Oct 4 09:18:08 firewall pluto[26478]: | df b0 31 ff ce 0e 6c 0e a6
81 ee 1f d9 ba 96 f0
Oct 4 09:18:08 firewall pluto[26478]: | 27 c8 88 79 f2 82 67 3a 21
45 86 16 73 4f 0c 8f
Oct 4 09:18:08 firewall pluto[26478]: | a1 f6 24 72 bb bd 5c 16 7a
95 28 15 cc c9 79 83
Oct 4 09:18:08 firewall pluto[26478]: | b5 c1 f4 29
Oct 4 09:18:08 firewall pluto[26478]: | processing: start from
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct 4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct 4 09:18:08 firewall pluto[26478]: | initiator cookie:
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41
Oct 4 09:18:08 firewall pluto[26478]: | responder cookie:
Oct 4 09:18:08 firewall pluto[26478]: | e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2SKF (0x35)
Oct 4 09:18:08 firewall pluto[26478]: | ISAKMP version: IKEv2
version 2.0 (rfc4306/rfc5996) (0x20)
Oct 4 09:18:08 firewall pluto[26478]: | exchange type:
ISAKMP_v2_IKE_AUTH (0x23)
Oct 4 09:18:08 firewall pluto[26478]: | flags:
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: 1 (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | length: 580 (0x244)
Oct 4 09:18:08 firewall pluto[26478]: | processing version=2.0 packet
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct 4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request
ISAKMP_v2_IKE_AUTH
Oct 4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct 4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct 4 09:18:08 firewall pluto[26478]: | found state #3
Oct 4 09:18:08 firewall pluto[26478]: | processing: start state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
ikev2_process_packet() at ikev2.c:1774)
Oct 4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0
md.hdr.isa_msgid 00000001
Oct 4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received
v2I1, sent v2R1
Oct 4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2SKF)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 552 (0x228)
Oct 4 09:18:08 firewall pluto[26478]: | fragment number: 2 (0x2)
Oct 4 09:18:08 firewall pluto[26478]: | total fragments: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2SKF (len=544)
Oct 4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment
number '2', total number '8', next payload '0'
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop from
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
process_md() at demux.c:445)
Oct 4 09:18:08 firewall pluto[26478]: | processing: STOP connection
NULL (in process_md() at demux.c:446)
Oct 4 09:18:08 firewall pluto[26478]: | *received 580 bytes from
50.117.137.129:63837 on enp3s0 (port=4500)
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41 e8
c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | 35 20 23 08 00 00 00 01 00
00 02 44 00 00 02 28
Oct 4 09:18:08 firewall pluto[26478]: | 00 03 00 08 24 09 5b 12 6f
82 d7 49 70 91 7f 0c
Oct 4 09:18:08 firewall pluto[26478]: | 36 a6 31 b1 3d 19 c0 16 5c
02 e6 64 c8 5e 4b 44
Oct 4 09:18:08 firewall pluto[26478]: | 64 dd b5 21 0f b2 89 9b ff
65 f0 03 2f 90 f4 f8
Oct 4 09:18:08 firewall pluto[26478]: | ff cb aa 9f e2 0a e4 93 09
eb 51 77 38 02 dd 61
Oct 4 09:18:08 firewall pluto[26478]: | 3b 2b 0d 94 c0 16 4c 54 57
80 15 2a 2d 02 91 e0
Oct 4 09:18:08 firewall pluto[26478]: | d8 05 56 c2 3a b8 b2 15 56
f0 04 90 ee e2 7e 47
Oct 4 09:18:08 firewall pluto[26478]: | 91 a1 cc 3e 41 e7 99 9e 2c
56 56 28 aa 4c 46 ca
Oct 4 09:18:08 firewall pluto[26478]: | 58 9d d1 a5 26 91 67 d7 8a
05 be f3 a2 af 41 f8
Oct 4 09:18:08 firewall pluto[26478]: | ca ab f4 fc 24 c3 73 f2 d6
11 52 5e ef b9 1c f5
Oct 4 09:18:08 firewall pluto[26478]: | d2 99 ce 42 f7 f6 3b ad 89
54 55 7d 2a 10 c6 f0
Oct 4 09:18:08 firewall pluto[26478]: | 8c 5c 20 f3 cf ed ed 1f 6b
17 74 d1 c1 a7 a9 58
Oct 4 09:18:08 firewall pluto[26478]: | 93 0c 63 ac 46 de 5a 16 9d
e1 70 47 ea 42 57 40
Oct 4 09:18:08 firewall pluto[26478]: | fc a4 47 66 6b 71 ff eb 93
a2 ad fd ab a3 0b 8a
Oct 4 09:18:08 firewall pluto[26478]: | 2a 7e a6 07 f8 5e 05 ca 26
76 bc 78 c5 ba 8f f4
Oct 4 09:18:08 firewall pluto[26478]: | ea 9b 27 1d 73 77 17 46 9c
06 ca 52 28 35 ab d2
Oct 4 09:18:08 firewall pluto[26478]: | 70 7f 9c 97 6e 0b 9d 38 07
27 0d 80 8c 5a 18 52
Oct 4 09:18:08 firewall pluto[26478]: | df 58 6c a9 19 e3 89 d6 79
71 50 a3 5f ba e3 3e
Oct 4 09:18:08 firewall pluto[26478]: | a6 68 ec 69 49 c5 bc f3 47
6a b6 41 06 71 61 65
Oct 4 09:18:08 firewall pluto[26478]: | b8 8f f4 96 54 0a d0 9c e1
41 79 a8 f1 8c c6 e4
Oct 4 09:18:08 firewall pluto[26478]: | b1 61 1f d8 fe 87 a3 01 a0
27 ff 45 ab 1e a1 c0
Oct 4 09:18:08 firewall pluto[26478]: | d5 c2 5b 9e 06 72 e7 be b2
6e 9a df 39 28 1c 8a
Oct 4 09:18:08 firewall pluto[26478]: | da 13 8c 41 24 1f 0b 21 25
65 27 13 85 bc 84 2a
Oct 4 09:18:08 firewall pluto[26478]: | 89 fe 38 d2 d8 7f 76 80 98
87 dc 9d 2b aa 8a 37
Oct 4 09:18:08 firewall pluto[26478]: | 35 73 41 70 a3 96 90 86 09
49 f8 00 0f a4 66 d7
Oct 4 09:18:08 firewall pluto[26478]: | b2 3d ca 8c e0 a0 7b 00 03
c7 61 2d f3 8b be e4
Oct 4 09:18:08 firewall pluto[26478]: | 5c 20 13 71 af 22 77 a7 25
2b 69 f9 ef 36 1f c9
Oct 4 09:18:08 firewall pluto[26478]: | 36 81 ef f9 4c ca 20 fb 91
3f 17 ef ad db 3e 47
Oct 4 09:18:08 firewall pluto[26478]: | 89 6b ed f0 7c ff 89 a9 eb
40 93 c8 83 09 2a a9
Oct 4 09:18:08 firewall pluto[26478]: | b8 c5 cf a2 a5 35 1d 41 fd
e4 6c 56 d5 5c 00 0f
Oct 4 09:18:08 firewall pluto[26478]: | db 7d e4 20 cd da df 7b 8e
ab ae ee 89 1e db 6b
Oct 4 09:18:08 firewall pluto[26478]: | 4f fe bf ab e8 3a d2 c8 52
9f c2 8f 65 eb 3a 78
Oct 4 09:18:08 firewall pluto[26478]: | b0 e6 c3 03 05 94 d5 37 11
bf 5f 61 0f 1d a3 70
Oct 4 09:18:08 firewall pluto[26478]: | 90 a8 2a 9e ca e7 39 46 63
fe 85 e6 2a ce 7b 86
Oct 4 09:18:08 firewall pluto[26478]: | 44 03 f2 64 0e 45 07 75 b6
dd 2f c1 16 f1 74 77
Oct 4 09:18:08 firewall pluto[26478]: | 88 88 ad 35
Oct 4 09:18:08 firewall pluto[26478]: | processing: start from
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct 4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct 4 09:18:08 firewall pluto[26478]: | initiator cookie:
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41
Oct 4 09:18:08 firewall pluto[26478]: | responder cookie:
Oct 4 09:18:08 firewall pluto[26478]: | e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2SKF (0x35)
Oct 4 09:18:08 firewall pluto[26478]: | ISAKMP version: IKEv2
version 2.0 (rfc4306/rfc5996) (0x20)
Oct 4 09:18:08 firewall pluto[26478]: | exchange type:
ISAKMP_v2_IKE_AUTH (0x23)
Oct 4 09:18:08 firewall pluto[26478]: | flags:
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: 1 (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | length: 580 (0x244)
Oct 4 09:18:08 firewall pluto[26478]: | processing version=2.0 packet
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct 4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request
ISAKMP_v2_IKE_AUTH
Oct 4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct 4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct 4 09:18:08 firewall pluto[26478]: | found state #3
Oct 4 09:18:08 firewall pluto[26478]: | processing: start state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
ikev2_process_packet() at ikev2.c:1774)
Oct 4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0
md.hdr.isa_msgid 00000001
Oct 4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received
v2I1, sent v2R1
Oct 4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2SKF)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 552 (0x228)
Oct 4 09:18:08 firewall pluto[26478]: | fragment number: 3 (0x3)
Oct 4 09:18:08 firewall pluto[26478]: | total fragments: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2SKF (len=544)
Oct 4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment
number '3', total number '8', next payload '0'
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop from
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
process_md() at demux.c:445)
Oct 4 09:18:08 firewall pluto[26478]: | processing: STOP connection
NULL (in process_md() at demux.c:446)
Oct 4 09:18:08 firewall pluto[26478]: | *received 580 bytes from
50.117.137.129:63837 on enp3s0 (port=4500)
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41 e8
c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | 35 20 23 08 00 00 00 01 00
00 02 44 00 00 02 28
Oct 4 09:18:08 firewall pluto[26478]: | 00 04 00 08 b7 3c 36 f6 9d
ec c5 00 e8 fe 3f c4
Oct 4 09:18:08 firewall pluto[26478]: | 47 bf c6 19 ca 5b a8 84 3c
6a 71 a8 fb 43 3c 45
Oct 4 09:18:08 firewall pluto[26478]: | d2 11 7e ff 02 7b 5c 7c 9b
a7 08 54 db 59 46 5c
Oct 4 09:18:08 firewall pluto[26478]: | f1 e8 d1 42 74 ea 26 05 fd
15 99 c6 04 3f 99 83
Oct 4 09:18:08 firewall pluto[26478]: | c2 1c d8 61 cd e1 8b ed c1
bc a7 7c 62 ad b0 82
Oct 4 09:18:08 firewall pluto[26478]: | f1 e6 57 12 7d 9b e8 0f 39
6f a1 6b b1 d9 e9 db
Oct 4 09:18:08 firewall pluto[26478]: | eb 04 ce 35 61 cf 8f 2e 90
43 00 8e 0c 6d 89 1b
Oct 4 09:18:08 firewall pluto[26478]: | 50 90 2f ab 69 26 ed 4b 7e
20 0a 3e 35 02 b9 8c
Oct 4 09:18:08 firewall pluto[26478]: | 84 fa 22 f3 56 6d ab 84 ed
2e 53 38 52 ff fe ed
Oct 4 09:18:08 firewall pluto[26478]: | d0 11 87 fa 0b f1 be d5 74
f0 e5 03 2a 19 47 95
Oct 4 09:18:08 firewall pluto[26478]: | 80 60 57 c5 7e 1c f0 7b 16
a1 70 ce 29 13 00 1f
Oct 4 09:18:08 firewall pluto[26478]: | 72 f8 2c 83 66 92 a6 ee a4
c9 26 be 30 98 05 47
Oct 4 09:18:08 firewall pluto[26478]: | 97 57 fd 47 cf 65 0b 0e 46
59 d0 5c fa ed ab 77
Oct 4 09:18:08 firewall pluto[26478]: | ca f0 7f f3 78 74 90 53 c5
96 1a 60 f5 7a b7 f5
Oct 4 09:18:08 firewall pluto[26478]: | 9b d9 4d 95 0e e9 78 be 71
ba 9e 33 99 33 f7 a0
Oct 4 09:18:08 firewall pluto[26478]: | c6 15 37 6d b6 54 41 4f fa
08 e0 cb 9c 6d 3c ce
Oct 4 09:18:08 firewall pluto[26478]: | ea 42 db 68 4c ce ee 04 ce
db e4 0d ce bb f9 40
Oct 4 09:18:08 firewall pluto[26478]: | db 16 e7 6e 90 75 3e 02 29
d3 94 82 3c 12 45 24
Oct 4 09:18:08 firewall pluto[26478]: | 32 78 44 fe 54 2d fb 4e e7
dd 66 a7 f2 40 44 b5
Oct 4 09:18:08 firewall pluto[26478]: | 8d 57 2a f3 e9 eb 66 50 42
bb e3 0e b8 96 fa 3d
Oct 4 09:18:08 firewall pluto[26478]: | 75 28 e8 9a b8 6f 89 16 65
c0 64 38 11 8f 9b 93
Oct 4 09:18:08 firewall pluto[26478]: | 82 5a 26 1d b9 2e 4e 20 c6
28 18 ad c8 5c d2 c0
Oct 4 09:18:08 firewall pluto[26478]: | bc 80 99 5f 45 fe 40 cf af
41 a0 1c 46 b6 a3 29
Oct 4 09:18:08 firewall pluto[26478]: | 6b 98 2f 2b 17 27 97 51 20
56 25 fe 19 0d d4 14
Oct 4 09:18:08 firewall pluto[26478]: | 4c 63 88 72 d1 45 e1 45 73
02 b2 55 25 17 aa 2c
Oct 4 09:18:08 firewall pluto[26478]: | c2 2d 3b fd d5 35 f2 f3 4a
7f 58 df af fa 8d dd
Oct 4 09:18:08 firewall pluto[26478]: | c0 b0 a9 2c 90 a8 75 3e 55
8e 4b fa d5 fc 2a 22
Oct 4 09:18:08 firewall pluto[26478]: | a2 3b eb 5d e1 f4 d2 c1 c3
ae 63 fa 7d fa 61 b1
Oct 4 09:18:08 firewall pluto[26478]: | 41 b6 91 7b 28 c7 7a 26 75
11 a5 bc 7d 1f 19 25
Oct 4 09:18:08 firewall pluto[26478]: | 2f bb 5b 05 13 5c 66 42 3a
05 f6 16 c5 ef 10 b3
Oct 4 09:18:08 firewall pluto[26478]: | 54 82 64 81 d5 3f d0 6c 6e
54 5f 6d a4 92 e6 79
Oct 4 09:18:08 firewall pluto[26478]: | 38 6f d3 8e f5 13 cf 83 86
dd f7 00 0e f5 60 30
Oct 4 09:18:08 firewall pluto[26478]: | 19 e9 c0 6d 68 af e7 c7 fa
df 27 c0 ca 15 47 d1
Oct 4 09:18:08 firewall pluto[26478]: | 74 0a 38 2e 59 5c 1c fe c7
4a ca 9f 31 10 c0 a6
Oct 4 09:18:08 firewall pluto[26478]: | 33 03 67 7f
Oct 4 09:18:08 firewall pluto[26478]: | processing: start from
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct 4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct 4 09:18:08 firewall pluto[26478]: | initiator cookie:
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41
Oct 4 09:18:08 firewall pluto[26478]: | responder cookie:
Oct 4 09:18:08 firewall pluto[26478]: | e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2SKF (0x35)
Oct 4 09:18:08 firewall pluto[26478]: | ISAKMP version: IKEv2
version 2.0 (rfc4306/rfc5996) (0x20)
Oct 4 09:18:08 firewall pluto[26478]: | exchange type:
ISAKMP_v2_IKE_AUTH (0x23)
Oct 4 09:18:08 firewall pluto[26478]: | flags:
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: 1 (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | length: 580 (0x244)
Oct 4 09:18:08 firewall pluto[26478]: | processing version=2.0 packet
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct 4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request
ISAKMP_v2_IKE_AUTH
Oct 4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct 4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct 4 09:18:08 firewall pluto[26478]: | found state #3
Oct 4 09:18:08 firewall pluto[26478]: | processing: start state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
ikev2_process_packet() at ikev2.c:1774)
Oct 4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0
md.hdr.isa_msgid 00000001
Oct 4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received
v2I1, sent v2R1
Oct 4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2SKF)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 552 (0x228)
Oct 4 09:18:08 firewall pluto[26478]: | fragment number: 4 (0x4)
Oct 4 09:18:08 firewall pluto[26478]: | total fragments: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2SKF (len=544)
Oct 4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment
number '4', total number '8', next payload '0'
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop from
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
process_md() at demux.c:445)
Oct 4 09:18:08 firewall pluto[26478]: | processing: STOP connection
NULL (in process_md() at demux.c:446)
Oct 4 09:18:08 firewall pluto[26478]: | *received 580 bytes from
50.117.137.129:63837 on enp3s0 (port=4500)
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41 e8
c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | 35 20 23 08 00 00 00 01 00
00 02 44 00 00 02 28
Oct 4 09:18:08 firewall pluto[26478]: | 00 05 00 08 fb 37 1b dd 82
24 e3 e0 6a ea e3 57
Oct 4 09:18:08 firewall pluto[26478]: | 17 8b 7c 94 32 af 50 a9 d8
db 60 b1 1c 28 b9 0c
Oct 4 09:18:08 firewall pluto[26478]: | d1 3d 91 e4 82 0b e6 22 84
ff 8e 53 66 51 ef 55
Oct 4 09:18:08 firewall pluto[26478]: | 4f b0 63 97 9c a8 7c 9a 8c
3a ae d2 b7 f9 42 0c
Oct 4 09:18:08 firewall pluto[26478]: | 90 7e 27 8c c8 57 46 0d 54
3b 43 ee a6 6b 1e 00
Oct 4 09:18:08 firewall pluto[26478]: | 97 41 93 3d cf d0 2c 2a 43
d3 ac fb 27 9f f7 79
Oct 4 09:18:08 firewall pluto[26478]: | bf 1d 14 c1 7e 42 8a f8 c7
3b aa e7 54 1d d6 ca
Oct 4 09:18:08 firewall pluto[26478]: | d8 5f de 49 ec 04 ef 32 6e
37 a8 74 17 19 a1 3a
Oct 4 09:18:08 firewall pluto[26478]: | 90 20 11 e2 44 d5 47 30 ff
c0 2f 08 51 86 96 c1
Oct 4 09:18:08 firewall pluto[26478]: | 5c 6d ea 32 c6 83 3d 0b 50
00 60 d9 f7 73 47 06
Oct 4 09:18:08 firewall pluto[26478]: | 73 48 43 12 05 6b 5a 48 7c
d0 1e be 8d 14 39 8b
Oct 4 09:18:08 firewall pluto[26478]: | 78 ff 3a d0 31 74 24 c3 fa
7d fb e3 e1 bf 88 1b
Oct 4 09:18:08 firewall pluto[26478]: | 92 6e 1e 43 a1 2b d0 29 1c
bd d6 a7 d8 02 10 90
Oct 4 09:18:08 firewall pluto[26478]: | 13 5c 00 b1 ab 4c e7 dd 2b
28 36 a2 2f bc 56 6a
Oct 4 09:18:08 firewall pluto[26478]: | d3 d3 af b6 5a 8d 63 87 10
a2 01 28 01 f4 b2 af
Oct 4 09:18:08 firewall pluto[26478]: | 44 df fd de cc 89 8e 87 4f
cf 87 66 40 63 60 c3
Oct 4 09:18:08 firewall pluto[26478]: | a9 f7 b1 9e 70 67 c3 f9 99
03 4f 44 5c 16 96 cf
Oct 4 09:18:08 firewall pluto[26478]: | be 84 4f 64 0b 25 22 df 19
d9 73 59 7f 48 ea 84
Oct 4 09:18:08 firewall pluto[26478]: | dd 08 3e 36 6d d0 3a cb 0c
f8 eb d4 2c 63 11 66
Oct 4 09:18:08 firewall pluto[26478]: | d4 4d 69 ef 7b fa e8 c5 f7
26 b5 f6 f0 46 48 b5
Oct 4 09:18:08 firewall pluto[26478]: | 9e 45 e3 64 0a 83 30 99 39
f5 e4 3b 1d 32 24 7c
Oct 4 09:18:08 firewall pluto[26478]: | f4 24 77 bc 2d 95 5a 23 b8
79 cf a2 2b 98 b6 14
Oct 4 09:18:08 firewall pluto[26478]: | ea a0 d3 cd 17 df b0 f5 38
98 b7 d5 79 6b b2 62
Oct 4 09:18:08 firewall pluto[26478]: | 1c bd 18 d2 75 48 4d 91 f7
8c 53 be f5 09 f8 5b
Oct 4 09:18:08 firewall pluto[26478]: | 71 4b 50 81 cb 43 58 92 4e
08 26 f5 cf 73 77 93
Oct 4 09:18:08 firewall pluto[26478]: | dc 21 f7 a2 b6 08 2e dc e4
66 c2 c1 c3 cc 4f b8
Oct 4 09:18:08 firewall pluto[26478]: | 36 9d a5 f6 cd 99 ef 96 a3
61 6a 6e 0b 11 ac 99
Oct 4 09:18:08 firewall pluto[26478]: | c0 53 a5 f7 09 7d cb 45 84
19 d5 e1 4c 69 f1 6a
Oct 4 09:18:08 firewall pluto[26478]: | 6e 42 90 63 e1 e9 95 81 14
8c 81 24 a3 b3 0a fd
Oct 4 09:18:08 firewall pluto[26478]: | 41 04 ee 23 d7 50 26 c2 e0
34 3a 7c 64 bb 66 86
Oct 4 09:18:08 firewall pluto[26478]: | fc ad 31 b2 b8 fe c3 d5 9f
0e 14 35 39 31 58 e8
Oct 4 09:18:08 firewall pluto[26478]: | de f4 e9 ba 4e af ef 14 22
2d 07 ca ff 55 07 e7
Oct 4 09:18:08 firewall pluto[26478]: | d2 d5 6c f6 c4 03 c7 01 ff
33 99 7b 51 b2 5e fe
Oct 4 09:18:08 firewall pluto[26478]: | e9 1b c9 af 35 b2 dc 11 7e
30 11 77 26 df 9f d7
Oct 4 09:18:08 firewall pluto[26478]: | 69 4a 32 3c
Oct 4 09:18:08 firewall pluto[26478]: | processing: start from
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct 4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct 4 09:18:08 firewall pluto[26478]: | initiator cookie:
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41
Oct 4 09:18:08 firewall pluto[26478]: | responder cookie:
Oct 4 09:18:08 firewall pluto[26478]: | e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2SKF (0x35)
Oct 4 09:18:08 firewall pluto[26478]: | ISAKMP version: IKEv2
version 2.0 (rfc4306/rfc5996) (0x20)
Oct 4 09:18:08 firewall pluto[26478]: | exchange type:
ISAKMP_v2_IKE_AUTH (0x23)
Oct 4 09:18:08 firewall pluto[26478]: | flags:
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: 1 (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | length: 580 (0x244)
Oct 4 09:18:08 firewall pluto[26478]: | processing version=2.0 packet
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct 4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request
ISAKMP_v2_IKE_AUTH
Oct 4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct 4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct 4 09:18:08 firewall pluto[26478]: | found state #3
Oct 4 09:18:08 firewall pluto[26478]: | processing: start state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
ikev2_process_packet() at ikev2.c:1774)
Oct 4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0
md.hdr.isa_msgid 00000001
Oct 4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received
v2I1, sent v2R1
Oct 4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2SKF)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 552 (0x228)
Oct 4 09:18:08 firewall pluto[26478]: | fragment number: 5 (0x5)
Oct 4 09:18:08 firewall pluto[26478]: | total fragments: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2SKF (len=544)
Oct 4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment
number '5', total number '8', next payload '0'
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop from
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
process_md() at demux.c:445)
Oct 4 09:18:08 firewall pluto[26478]: | processing: STOP connection
NULL (in process_md() at demux.c:446)
Oct 4 09:18:08 firewall pluto[26478]: | *received 580 bytes from
50.117.137.129:63837 on enp3s0 (port=4500)
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41 e8
c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | 35 20 23 08 00 00 00 01 00
00 02 44 00 00 02 28
Oct 4 09:18:08 firewall pluto[26478]: | 00 06 00 08 36 7b 86 fe 11
2c 2d 01 7c c1 04 4e
Oct 4 09:18:08 firewall pluto[26478]: | 1d 40 c0 18 b5 7f 64 fe 56
57 fe f7 9c 15 9b cb
Oct 4 09:18:08 firewall pluto[26478]: | ee 68 4c 44 19 95 52 91 0c
af e8 26 a7 f9 8e 39
Oct 4 09:18:08 firewall pluto[26478]: | 98 c6 30 52 85 b7 60 2e 83
97 4d 32 b8 43 9d e8
Oct 4 09:18:08 firewall pluto[26478]: | 62 f8 f7 d8 2f 2a 52 60 75
e1 04 ae b8 79 6d 17
Oct 4 09:18:08 firewall pluto[26478]: | 97 9e e6 58 31 67 30 e8 85
63 a6 6f 07 42 b7 1f
Oct 4 09:18:08 firewall pluto[26478]: | 0e b9 ee b5 28 1c bf dc ad
bb 3f ed b4 b9 75 c6
Oct 4 09:18:08 firewall pluto[26478]: | b2 ea 8c a1 39 1e d3 11 b9
a9 3d df 58 e0 70 99
Oct 4 09:18:08 firewall pluto[26478]: | 20 13 a0 23 0e 19 0d 83 55
8e 8e be 39 c6 62 6a
Oct 4 09:18:08 firewall pluto[26478]: | 79 ee 6b 0e 9e 17 ca dd 86
47 44 fe 70 b2 f2 f3
Oct 4 09:18:08 firewall pluto[26478]: | 4f 24 00 24 44 ec 4b 38 c2
ea b1 e3 5f d4 7c 2e
Oct 4 09:18:08 firewall pluto[26478]: | 96 70 5b 99 e8 cc 42 d4 06
bb cd d8 77 b2 cd 5c
Oct 4 09:18:08 firewall pluto[26478]: | df c6 e5 b4 c4 8e 73 2b 4b
ac bb 14 08 4d 66 3c
Oct 4 09:18:08 firewall pluto[26478]: | 70 c4 08 35 a9 e6 fb 03 15
81 5e 12 b0 22 25 1b
Oct 4 09:18:08 firewall pluto[26478]: | ac 4b 1c 36 05 13 15 3b 47
e0 63 49 47 60 ff 9d
Oct 4 09:18:08 firewall pluto[26478]: | b9 b1 47 69 53 ae c8 ca f1
dd 51 05 18 5f 8d ad
Oct 4 09:18:08 firewall pluto[26478]: | 33 b8 1c 60 12 f2 07 5f bc
68 3c 5a cd b5 83 c4
Oct 4 09:18:08 firewall pluto[26478]: | ca bd 33 b5 e2 35 59 db 6d
5e 89 6d f7 5c e2 f1
Oct 4 09:18:08 firewall pluto[26478]: | bb cd 1b b6 ed dd 0a 0a e9
f7 a4 d6 ab 89 e8 ae
Oct 4 09:18:08 firewall pluto[26478]: | 93 2f 13 ae e0 f7 ed 4e fd
c7 43 54 ff 92 dc 9b
Oct 4 09:18:08 firewall pluto[26478]: | f1 30 fd cd e0 fc f1 85 22
4d 6c 7c 18 57 82 e7
Oct 4 09:18:08 firewall pluto[26478]: | eb 45 2f 03 d6 49 84 30 df
fe 99 01 3c e3 30 29
Oct 4 09:18:08 firewall pluto[26478]: | 2b 41 3f 14 e0 12 2a d3 84
03 41 eb ae f0 42 7e
Oct 4 09:18:08 firewall pluto[26478]: | 34 8f 48 f3 cd 43 e1 07 0c
08 b0 fb db 15 6b d3
Oct 4 09:18:08 firewall pluto[26478]: | d3 ae 16 b1 ec 8c 6f 60 d9
17 81 55 1e 1c f3 a6
Oct 4 09:18:08 firewall pluto[26478]: | dc df 49 23 e7 2f d9 45 fe
aa ea 7b e7 fd a4 32
Oct 4 09:18:08 firewall pluto[26478]: | cb dd e3 ac d8 39 83 a8 df
24 52 0e 55 0a d1 a1
Oct 4 09:18:08 firewall pluto[26478]: | d8 92 f5 cd bc 11 f9 d8 31
70 68 65 36 02 0f 51
Oct 4 09:18:08 firewall pluto[26478]: | 77 03 bf 91 5b 09 ef cf 0e
66 ba ea c3 2f 5d 10
Oct 4 09:18:08 firewall pluto[26478]: | ca e9 af 5d 5e 6a 03 2b 3a
a9 d8 c0 4b 33 0a ae
Oct 4 09:18:08 firewall pluto[26478]: | 23 37 8c ee 52 bc 15 14 c9
12 b6 0a 86 9a 84 b8
Oct 4 09:18:08 firewall pluto[26478]: | 93 eb 8c af 4f 0f eb 4f fe
37 71 db 79 ed 96 b8
Oct 4 09:18:08 firewall pluto[26478]: | e4 0f 65 f6 69 10 b4 91 fd
83 e4 29 1b 16 b0 b1
Oct 4 09:18:08 firewall pluto[26478]: | 02 49 91 5f d6 7d 49 02 2c
98 b4 e9 79 7d cb 7c
Oct 4 09:18:08 firewall pluto[26478]: | 4a 5a 5c b4
Oct 4 09:18:08 firewall pluto[26478]: | processing: start from
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct 4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct 4 09:18:08 firewall pluto[26478]: | initiator cookie:
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41
Oct 4 09:18:08 firewall pluto[26478]: | responder cookie:
Oct 4 09:18:08 firewall pluto[26478]: | e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2SKF (0x35)
Oct 4 09:18:08 firewall pluto[26478]: | ISAKMP version: IKEv2
version 2.0 (rfc4306/rfc5996) (0x20)
Oct 4 09:18:08 firewall pluto[26478]: | exchange type:
ISAKMP_v2_IKE_AUTH (0x23)
Oct 4 09:18:08 firewall pluto[26478]: | flags:
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: 1 (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | length: 580 (0x244)
Oct 4 09:18:08 firewall pluto[26478]: | processing version=2.0 packet
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct 4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request
ISAKMP_v2_IKE_AUTH
Oct 4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct 4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct 4 09:18:08 firewall pluto[26478]: | found state #3
Oct 4 09:18:08 firewall pluto[26478]: | processing: start state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
ikev2_process_packet() at ikev2.c:1774)
Oct 4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0
md.hdr.isa_msgid 00000001
Oct 4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received
v2I1, sent v2R1
Oct 4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2SKF)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 552 (0x228)
Oct 4 09:18:08 firewall pluto[26478]: | fragment number: 6 (0x6)
Oct 4 09:18:08 firewall pluto[26478]: | total fragments: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2SKF (len=544)
Oct 4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment
number '6', total number '8', next payload '0'
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop from
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
process_md() at demux.c:445)
Oct 4 09:18:08 firewall pluto[26478]: | processing: STOP connection
NULL (in process_md() at demux.c:446)
Oct 4 09:18:08 firewall pluto[26478]: | *received 580 bytes from
50.117.137.129:63837 on enp3s0 (port=4500)
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41 e8
c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | 35 20 23 08 00 00 00 01 00
00 02 44 00 00 02 28
Oct 4 09:18:08 firewall pluto[26478]: | 00 07 00 08 67 c5 f6 7a 52
06 ea e2 a8 9c 88 4f
Oct 4 09:18:08 firewall pluto[26478]: | ed bb 71 44 ae 42 1d f4 24
48 36 2a 0b 3f 7b 61
Oct 4 09:18:08 firewall pluto[26478]: | 59 c6 a5 98 15 46 8a 02 14
7b 48 3d 04 5e d7 fc
Oct 4 09:18:08 firewall pluto[26478]: | 14 81 d4 b6 9f 01 81 64 56
ad 13 d7 d8 40 a1 63
Oct 4 09:18:08 firewall pluto[26478]: | 46 db 54 04 42 54 85 f4 4c
19 ba 80 9c a8 7c e0
Oct 4 09:18:08 firewall pluto[26478]: | b2 af 14 99 a4 a9 89 cb ab
92 40 3f 44 13 5a b9
Oct 4 09:18:08 firewall pluto[26478]: | 5c c2 0b f1 8a a5 62 c9 e2
2d e1 46 31 54 a3 7d
Oct 4 09:18:08 firewall pluto[26478]: | 6f a5 e9 8a db b2 51 14 8b
f8 29 88 7d 14 49 6b
Oct 4 09:18:08 firewall pluto[26478]: | 5c 32 64 e3 7d 9e de 64 ff
c1 f6 e4 e3 ae 48 ac
Oct 4 09:18:08 firewall pluto[26478]: | 1e c4 58 4e 03 a8 dd 91 dd
f0 35 93 46 23 f3 99
Oct 4 09:18:08 firewall pluto[26478]: | b4 8e c1 80 95 98 c1 c8 06
cd fd 3c 42 e2 11 a0
Oct 4 09:18:08 firewall pluto[26478]: | 9f f2 ff 61 d5 ee 77 6f 7e
bb 14 00 6d a5 21 fc
Oct 4 09:18:08 firewall pluto[26478]: | b9 e5 34 66 41 74 01 20 5b
c4 c3 a5 fa d8 14 7b
Oct 4 09:18:08 firewall pluto[26478]: | b0 2c 5b 63 22 cf ad d9 ca
dd 96 43 76 19 f4 75
Oct 4 09:18:08 firewall pluto[26478]: | 6a ba 1b 0b 38 d5 3a 13 5e
0d a8 25 3d 5a 73 76
Oct 4 09:18:08 firewall pluto[26478]: | fb c7 87 d5 f3 82 3d 8d 7e
62 32 a8 80 40 a3 b3
Oct 4 09:18:08 firewall pluto[26478]: | f0 6e 16 f0 3a 97 c3 e6 28
64 e8 68 11 3a 25 d7
Oct 4 09:18:08 firewall pluto[26478]: | 93 98 bd 57 b9 71 71 b2 d7
c8 e6 60 43 aa c3 c3
Oct 4 09:18:08 firewall pluto[26478]: | f5 22 c0 13 12 12 ea 85 ec
e4 41 a2 b6 ca 8d 58
Oct 4 09:18:08 firewall pluto[26478]: | 36 cf c0 2a 12 e4 b7 e4 ce
da 3a 0b 60 5f 2c 12
Oct 4 09:18:08 firewall pluto[26478]: | 6c 5d 3b ff 20 08 a0 b3 9c
d1 55 0c 1f e6 8d 1a
Oct 4 09:18:08 firewall pluto[26478]: | c2 c2 23 9c a4 9e 77 71 23
68 a1 9d 11 04 e8 77
Oct 4 09:18:08 firewall pluto[26478]: | 38 5b 0a 96 17 f5 e6 f8 c9
6f 23 5d 2e 06 6e db
Oct 4 09:18:08 firewall pluto[26478]: | a0 6c 51 7b 38 8e f8 ef 34
66 8d 1b 4c 1c 1b 35
Oct 4 09:18:08 firewall pluto[26478]: | d2 1d a8 8d b6 00 a0 af d4
6f 24 93 f5 7e e4 1c
Oct 4 09:18:08 firewall pluto[26478]: | 7e 1d ed ea 4f 95 16 7c df
33 10 4a 64 d4 56 d1
Oct 4 09:18:08 firewall pluto[26478]: | 7c 7d 9e ce df 98 39 6d 22
6f 33 cf 20 66 0a fd
Oct 4 09:18:08 firewall pluto[26478]: | f9 d7 a3 7f 9a e3 d0 cf 91
9b 43 ee 4c c8 34 5d
Oct 4 09:18:08 firewall pluto[26478]: | 20 3e 26 52 6c 11 81 85 83
41 7c b2 79 23 a5 71
Oct 4 09:18:08 firewall pluto[26478]: | 52 a6 22 95 c0 2b 44 d7 12
16 da 86 b3 bd 13 8d
Oct 4 09:18:08 firewall pluto[26478]: | 33 f1 67 6b 18 f8 38 75 0b
d0 ba fc a7 13 a5 38
Oct 4 09:18:08 firewall pluto[26478]: | bf 06 b7 f5 3b bc 8e ba a1
f2 a4 7b 8e 2a 0c d2
Oct 4 09:18:08 firewall pluto[26478]: | 1c ce 69 11 0b 35 3b aa ff
79 51 e1 0f 84 8a 68
Oct 4 09:18:08 firewall pluto[26478]: | 73 1a da 4e 44 1c 2b ef 6c
51 56 65 39 a1 9f a5
Oct 4 09:18:08 firewall pluto[26478]: | 00 a2 38 98
Oct 4 09:18:08 firewall pluto[26478]: | processing: start from
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct 4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct 4 09:18:08 firewall pluto[26478]: | initiator cookie:
Oct 4 09:18:08 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41
Oct 4 09:18:08 firewall pluto[26478]: | responder cookie:
Oct 4 09:18:08 firewall pluto[26478]: | e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2SKF (0x35)
Oct 4 09:18:08 firewall pluto[26478]: | ISAKMP version: IKEv2
version 2.0 (rfc4306/rfc5996) (0x20)
Oct 4 09:18:08 firewall pluto[26478]: | exchange type:
ISAKMP_v2_IKE_AUTH (0x23)
Oct 4 09:18:08 firewall pluto[26478]: | flags:
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | Message ID: 1 (0x1)
Oct 4 09:18:08 firewall pluto[26478]: | length: 580 (0x244)
Oct 4 09:18:08 firewall pluto[26478]: | processing version=2.0 packet
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct 4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request
ISAKMP_v2_IKE_AUTH
Oct 4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct 4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct 4 09:18:08 firewall pluto[26478]: | found state #3
Oct 4 09:18:08 firewall pluto[26478]: | processing: start state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
ikev2_process_packet() at ikev2.c:1774)
Oct 4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 idle
Oct 4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0
md.hdr.isa_msgid 00000001
Oct 4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received
v2I1, sent v2R1
Oct 4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct 4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2SKF)
Oct 4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct 4 09:18:08 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:08 firewall pluto[26478]: | length: 552 (0x228)
Oct 4 09:18:08 firewall pluto[26478]: | fragment number: 7 (0x7)
Oct 4 09:18:08 firewall pluto[26478]: | total fragments: 8 (0x8)
Oct 4 09:18:08 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2SKF (len=544)
Oct 4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment
number '7', total number '8', next payload '0'
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop from
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct 4 09:18:08 firewall pluto[26478]: | processing: stop state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
process_md() at demux.c:445)
Oct 4 09:18:08 firewall pluto[26478]: | processing: STOP connection
NULL (in process_md() at demux.c:446)
Oct 4 09:18:09 firewall pluto[26478]: | *received 468 bytes from
50.117.137.129:63837 on enp3s0 (port=4500)
Oct 4 09:18:09 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41 e8
c0 ee b0 3e 42 de 7e
Oct 4 09:18:09 firewall pluto[26478]: | 35 20 23 08 00 00 00 01 00
00 01 d4 00 00 01 b8
Oct 4 09:18:09 firewall pluto[26478]: | 00 08 00 08 58 8c 07 d8 fe
0e 96 c1 64 b3 e7 b5
Oct 4 09:18:09 firewall pluto[26478]: | fa 37 1b 20 69 82 16 72 19
8b e8 29 f0 b3 95 64
Oct 4 09:18:09 firewall pluto[26478]: | 0a 2f bf 6d 13 d3 f1 23 ee
be 24 18 30 70 90 d7
Oct 4 09:18:09 firewall pluto[26478]: | 20 ea 56 b5 8a 92 6a 4a 07
7e 3d f4 9d 6d 76 0a
Oct 4 09:18:09 firewall pluto[26478]: | da e2 e0 a6 03 b8 b6 b3 d9
8e 91 f3 41 c3 94 7d
Oct 4 09:18:09 firewall pluto[26478]: | 7b 05 90 dc 8f 29 2e f7 b6
cd 85 61 ee 97 b7 04
Oct 4 09:18:09 firewall pluto[26478]: | 84 0b f4 7a d3 19 0c 2c 96
c6 a4 ee a5 69 36 b2
Oct 4 09:18:09 firewall pluto[26478]: | e8 c6 74 98 11 1d 4d 3b 84
f2 6e a0 0a f8 86 1b
Oct 4 09:18:09 firewall pluto[26478]: | b3 ca 26 71 8d 57 df 86 50
02 6d c7 9f 14 a5 73
Oct 4 09:18:09 firewall pluto[26478]: | 04 c0 6e 81 db ab 71 40 01
4e 4d f4 d4 4f 08 c0
Oct 4 09:18:09 firewall pluto[26478]: | cc e8 2e 57 26 88 88 57 ce
75 d5 1b f5 c5 de a9
Oct 4 09:18:09 firewall pluto[26478]: | 8b 20 ca 4c 33 cc 22 c6 07
51 7f 01 11 90 d0 f8
Oct 4 09:18:09 firewall pluto[26478]: | 4c 6d 75 1e f5 23 9c 84 dc
33 76 3b 48 4e 7d 0b
Oct 4 09:18:09 firewall pluto[26478]: | 91 04 84 57 fe 5c 3d 8d b5
cd 93 21 24 9f 3f 5e
Oct 4 09:18:09 firewall pluto[26478]: | a0 5a bb d3 72 df d3 51 f8
ce a9 15 96 e7 3b 75
Oct 4 09:18:09 firewall pluto[26478]: | cf 77 03 dd 26 5a 4a 6f 52
2f b2 b0 c7 9a fd 71
Oct 4 09:18:09 firewall pluto[26478]: | e0 a1 d8 e2 66 7c 35 26 2c
0a 32 e7 a4 35 2d ce
Oct 4 09:18:09 firewall pluto[26478]: | c7 f8 f5 39 3d fa 24 b2 fc
b8 83 74 f5 b4 90 e5
Oct 4 09:18:09 firewall pluto[26478]: | d9 e8 6f 38 f7 38 64 a6 1c
d6 74 6a 2b ad 35 31
Oct 4 09:18:09 firewall pluto[26478]: | bb 98 ae d7 74 15 08 7e 08
b0 1c 7e 75 f4 23 16
Oct 4 09:18:09 firewall pluto[26478]: | ce fe 22 b6 a1 6d 71 b8 42
38 c5 64 f0 a7 73 20
Oct 4 09:18:09 firewall pluto[26478]: | 8d 99 fa c1 92 e3 40 8c 07
c4 96 10 7b 79 ed d9
Oct 4 09:18:09 firewall pluto[26478]: | 1d 9d 71 4b b0 29 0e 85 b3
93 42 de bc 45 8e 33
Oct 4 09:18:09 firewall pluto[26478]: | ff 44 43 65 71 5a 06 d9 81
dd 60 65 6d 10 3e 71
Oct 4 09:18:09 firewall pluto[26478]: | bf 4a 11 e1 c3 32 96 a4 62
15 92 11 e1 2c d8 3b
Oct 4 09:18:09 firewall pluto[26478]: | 2a 88 b9 d8 fe e2 c1 ed 72
13 a2 b2 46 cf 90 5c
Oct 4 09:18:09 firewall pluto[26478]: | 09 56 83 68 5d f7 ff 27 5b
3e 3f 9c 31 49 fa 5b
Oct 4 09:18:09 firewall pluto[26478]: | 5e 6d 5c 9c
Oct 4 09:18:09 firewall pluto[26478]: | processing: start from
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct 4 09:18:09 firewall pluto[26478]: | **parse ISAKMP Message:
Oct 4 09:18:09 firewall pluto[26478]: | initiator cookie:
Oct 4 09:18:09 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41
Oct 4 09:18:09 firewall pluto[26478]: | responder cookie:
Oct 4 09:18:09 firewall pluto[26478]: | e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2SKF (0x35)
Oct 4 09:18:09 firewall pluto[26478]: | ISAKMP version: IKEv2
version 2.0 (rfc4306/rfc5996) (0x20)
Oct 4 09:18:09 firewall pluto[26478]: | exchange type:
ISAKMP_v2_IKE_AUTH (0x23)
Oct 4 09:18:09 firewall pluto[26478]: | flags:
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct 4 09:18:09 firewall pluto[26478]: | Message ID: 1 (0x1)
Oct 4 09:18:09 firewall pluto[26478]: | length: 468 (0x1d4)
Oct 4 09:18:09 firewall pluto[26478]: | processing version=2.0 packet
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct 4 09:18:09 firewall pluto[26478]: | I am receiving an IKEv2 Request
ISAKMP_v2_IKE_AUTH
Oct 4 09:18:09 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct 4 09:18:09 firewall pluto[26478]: | State DB: IKEv2 state object #3
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct 4 09:18:09 firewall pluto[26478]: | found state #3
Oct 4 09:18:09 firewall pluto[26478]: | processing: start state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
ikev2_process_packet() at ikev2.c:1774)
Oct 4 09:18:09 firewall pluto[26478]: | #3 is idle
Oct 4 09:18:09 firewall pluto[26478]: | #3 idle
Oct 4 09:18:09 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0
md.hdr.isa_msgid 00000001
Oct 4 09:18:09 firewall pluto[26478]: | #3 in state PARENT_R1: received
v2I1, sent v2R1
Oct 4 09:18:09 firewall pluto[26478]: | Unpacking clear payload for
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct 4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2SKF)
Oct 4 09:18:09 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | length: 440 (0x1b8)
Oct 4 09:18:09 firewall pluto[26478]: | fragment number: 8 (0x8)
Oct 4 09:18:09 firewall pluto[26478]: | total fragments: 8 (0x8)
Oct 4 09:18:09 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2SKF (len=432)
Oct 4 09:18:09 firewall pluto[26478]: | received IKE encrypted fragment
number '8', total number '8', next payload '0'
Oct 4 09:18:09 firewall pluto[26478]: | selected state microcode
Responder: process IKE_AUTH request (no SKEYSEED)
Oct 4 09:18:09 firewall pluto[26478]: | Now let's proceed with state
specific processing
Oct 4 09:18:09 firewall pluto[26478]: | calling processor Responder:
process IKE_AUTH request (no SKEYSEED)
Oct 4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3:
processing encrypted IKE_AUTH request: SKF (message arrived 0 seconds ago)
Oct 4 09:18:09 firewall pluto[26478]: | ikev2 parent inI2outR2:
calculating g^{xy} in order to decrypt I2
Oct 4 09:18:09 firewall pluto[26478]: | offloading IKEv2 SKEYSEED using
prf=HMAC_SHA2_256 integ=HMAC_SHA2_256_128 cipherkey=AES_CBC
Oct 4 09:18:09 firewall pluto[26478]: | adding ikev2_inI2outR2 KE
work-order 4 for state #3
Oct 4 09:18:09 firewall pluto[26478]: | state #3 requesting
EVENT_SO_DISCARD to be deleted
Oct 4 09:18:09 firewall pluto[26478]: | libevent_free: release
ptr-libevent at 0x55d8599c59d8
Oct 4 09:18:09 firewall pluto[26478]: | free_event_entry: release
EVENT_SO_DISCARD-pe at 0x55d85999dfa8
Oct 4 09:18:09 firewall pluto[26478]: | event_schedule: new
EVENT_CRYPTO_TIMEOUT-pe at 0x55d8599c5b88
Oct 4 09:18:09 firewall pluto[26478]: | inserting event
EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #3
Oct 4 09:18:09 firewall pluto[26478]: | libevent_malloc: new
ptr-libevent at 0x55d8599c5bf8 size 128
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 0.1 milliseconds in
processing: Responder: process IKE_AUTH request (no SKEYSEED)
Oct 4 09:18:09 firewall pluto[26478]: | crypto helper 0 resuming
Oct 4 09:18:09 firewall pluto[26478]: | processing: [RE]START state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
complete_v2_state_transition() at ikev2.c:3157)
Oct 4 09:18:09 firewall pluto[26478]: | crypto helper 0 starting
work-order 4 for state #3
Oct 4 09:18:09 firewall pluto[26478]: | #3 complete v2 state transition
from PARENT_R1 to PARENT_R1 with status STF_SUSPEND
Oct 4 09:18:09 firewall pluto[26478]: | crypto helper 0 doing compute
dh (V2) (ikev2_inI2outR2 KE); request ID 4
Oct 4 09:18:09 firewall pluto[26478]: | suspending state #3 and saving MD
Oct 4 09:18:09 firewall pluto[26478]: | #3 is busy; has a suspended MD
Oct 4 09:18:09 firewall pluto[26478]: | processing: [RE]START state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
log_stf_suspend() at ikev2.c:3054)
Oct 4 09:18:09 firewall pluto[26478]: | "rw-ikev2"[1] 50.117.137.129 #3
complete v2 state STATE_PARENT_R1 transition with STF_SUSPEND suspended
from complete_v2_state_transition:3220
Oct 4 09:18:09 firewall pluto[26478]: | processing: stop from
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct 4 09:18:09 firewall pluto[26478]: | processing: stop state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
process_md() at demux.c:445)
Oct 4 09:18:09 firewall pluto[26478]: | processing: STOP connection
NULL (in process_md() at demux.c:446)
Oct 4 09:18:09 firewall pluto[26478]: | calculating skeyseed using
prf=sha2_256 integ=sha2_256 cipherkey-size=32 salt-size=0
Oct 4 09:18:09 firewall pluto[26478]: | crypto helper 0 finished
compute dh (V2) (ikev2_inI2outR2 KE); request ID 4 time elapsed 0.002
seconds
Oct 4 09:18:09 firewall pluto[26478]: | (#3) spent 2.36 milliseconds in
crypto helper computing work-order 4: compute dh (V2) (ikev2_inI2outR2 KE)
Oct 4 09:18:09 firewall pluto[26478]: | crypto helper 0 sending results
from work-order 4 for state #3 to event queue
Oct 4 09:18:09 firewall pluto[26478]: | scheduling now-event sending
helper answer for #3
Oct 4 09:18:09 firewall pluto[26478]: | libevent_malloc: new
ptr-libevent at 0x7f258801c268 size 128
Oct 4 09:18:09 firewall pluto[26478]: | crypto helper 0 waiting
(nothing to do)
Oct 4 09:18:09 firewall pluto[26478]: | start executing now-event
sending helper answer for #3
Oct 4 09:18:09 firewall pluto[26478]: | processing: start state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in
schedule_event_now_cb() at server.c:811)
Oct 4 09:18:09 firewall pluto[26478]: | crypto helper 0 replies to
request ID 4
Oct 4 09:18:09 firewall pluto[26478]: | calling continuation function
0x55d858fe4430
Oct 4 09:18:09 firewall pluto[26478]: | ikev2_parent_inI2outR2_continue
for #3: calculating g^{xy}, sending R2
Oct 4 09:18:09 firewall pluto[26478]: | #3 in state PARENT_R1: received
v2I1, sent v2R1
Oct 4 09:18:09 firewall pluto[26478]: | already have all fragments,
skipping fragment collection
Oct 4 09:18:09 firewall pluto[26478]: | already have all fragments,
skipping fragment collection
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: be 61 b8 3c 91
27 58 41 e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 35 20 23 08 00
00 00 01 00 00 02 44 23 00 02 28
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 00 01 00 08 fd
70 ab 24 4d 86 60 24 e0 38 30 a9
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 7d 38 e9 9f e1
61 9d ab 16 f6 a5 83 9a 72 65 ca
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 1f 5a 1d 34 5d
33 0f e9 e5 c2 17 0c c5 f9 5b c0
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: a3 81 f5 e5 ff
63 4f f3 8b 01 0e be 6c 0a 3e 24
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b7 8f a8 e1 b2
c6 b5 01 d6 7a 5f 8c be 10 8b f2
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 31 b6 da 2d ad
d3 f1 f4 75 be ae 94 a3 f4 c1 fe
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b2 39 dc e9 9e
c2 20 70 69 cf b2 7a 45 55 d0 69
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 61 56 2a d0 36
7f 9e 10 52 6f 57 2c 42 e7 8c c7
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 82 ca 01 b1 6a
83 4e 6d ad 59 65 cb 8e 51 68 00
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: c5 87 51 00 6b
f5 2b 45 fa 7e 3b 11 ce 81 19 d0
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 85 26 41 46 91
5a 03 bb 0b 1f b0 da 16 77 93 f7
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: af dc ce 16 2f
ab 1b 3f 08 cb 5f 97 b5 c4 4a 1f
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 73 db b1 ff 57
d9 29 48 98 3f f0 43 3b c8 4a 5b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d5 73 a4 80 90
a2 7b cc 58 3c 76 6d e9 69 c2 f4
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: f1 97 99 7d cc
e6 80 2b 52 e0 a4 b1 74 e4 72 b9
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 10 0c 61 3f 59
5f 1f c5 4e 65 7c 7f 83 31 c0 0e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 76 fd 85 e1 28
f9 35 12 e2 1d f1 31 29 76 ad d3
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 63 fc 29 bb 40
a1 34 0a 90 ff ec fa ea 5a 7d 96
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: fc 6c 5f 25 26
3c 36 4d 26 52 b4 80 f3 07 99 1b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 49 32 21 81 23
58 04 67 80 81 97 09 08 b0 eb 0e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 89 e7 19 a1 69
b6 44 06 62 6e 03 fe f3 1d e3 b2
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: cd 89 98 00 11
da 4f 98 b4 7e 29 a4 74 9b 1d e5
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 0d 22 fd ff 29
a1 af c2 b8 16 ba c1 33 f9 26 77
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 7f d1 b1 25 98
67 42 f9 32 c4 3e 03 13 de 4d 4f
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 7c 58 88 65 41
7b 0a aa 67 f0 0e 30 0a a5 de d6
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 81 9e 44 aa 0f
f6 56 be 0a 85 81 c0 26 ff b6 02
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 4d 3f 14 33 8c
e8 3c fa b6 27 e0 8e 56 e1 c3 de
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: df 8e 17 01 d1
9a 8b 1d 10 1e 84 f7 0b 95 af 14
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: a2 cc e7 8c 1a
d4 d6 f3 3e a1 6b 17 ea cb b0 69
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: cc e9 b4 7a 04
06 0d 13 fc 3a 7d 49 17 1e 5d 47
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 79 4b 1d 35 81
89 0a f6 48 3b 9f 40 28 ef 71 f0
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: fe 1e de c0 77
36 b1 cb 63 6f 63 84 8b e7 61 d1
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 09 8d f5 a9 fc
da 44 9f bc a9 53 68 b4 05 df 01
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 59 3b 84 38
Oct 4 09:18:09 firewall pluto[26478]: | calculated auth: 8a b7 41 78
e4 18 0c f0 3c 46 ab dd c8 d0 4b 80
Oct 4 09:18:09 firewall pluto[26478]: | provided auth: 8a b7 41 78
e4 18 0c f0 3c 46 ab dd c8 d0 4b 80
Oct 4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: be 61 b8 3c 91
27 58 41 e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 35 20 23 08 00
00 00 01 00 00 02 44 00 00 02 28
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 00 02 00 08 92
c4 49 39 b6 cb ac fa ab 3a c8 86
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 06 3f 6f 89 00
d1 95 dc 6c d6 38 5b 6e c1 35 6a
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: cd 39 34 4d ba
d5 56 18 ca 44 a9 b5 96 92 7f ec
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 52 51 3a b0 18
da 9f b5 70 b6 b4 e3 8b db bc 5c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: bd 61 8b 41 f1
0e 9d 9d fd 1c d4 50 cf f2 37 e9
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 5e 59 28 bf 33
50 ea d0 af 5d e2 9c 61 91 e1 47
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d6 bf d1 9e 5c
37 84 9e 08 f5 fd ba 09 69 bb e8
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 7b 61 cc ad 3c
a0 b4 60 38 15 a2 0f eb 68 aa 0f
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 27 26 b4 d7 ef
c4 eb c4 60 97 00 55 eb 13 5a 1d
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ad aa 68 d7 cc
e7 65 35 96 95 0f 52 13 90 5f 19
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 55 1f d9 1b 72
ae 19 be ea a4 20 a6 00 1e de 7b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 01 6a 36 3d 16
af 09 7b 39 15 84 7b e6 90 29 3c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: bb 86 0b a1 db
39 e2 40 5e e6 8b d2 1a ef d9 04
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 1e 98 04 36 a4
a4 56 52 16 ff 3c 99 41 46 23 53
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 9b 6c 68 8e 0b
f8 a5 d1 5d 8d 7e 82 00 56 bd df
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 6d 69 50 88 2b
2b ef d4 4d d2 b3 ee 70 e5 23 5d
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 41 57 e0 af a6
55 a6 9a 44 5d 0b 0b 7e e2 40 86
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 14 cf ef 8e 5d
26 5a 55 1a be 55 bb df 5c e3 c4
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 43 16 a8 ee 93
2e a5 5a b9 5b 4a bc d3 85 0a 81
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b4 ba 9a c2 a9
ee ee 85 1a 81 09 94 31 f9 32 13
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: f1 d2 52 33 2c
b3 c5 ad 1e 22 20 bc 68 59 9c 4c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 68 33 52 2b be
64 4b 24 c0 b5 04 28 7a ee a1 4c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 45 f3 28 ab 69
bc d9 d6 39 4b 88 c2 5f cb db da
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: e4 8f 68 a5 e6
8b e7 6e 1c 5c 60 24 d6 c7 fb 87
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 8e 52 e7 9e bd
53 ec 1b 76 80 49 18 3c 3a cc 4a
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: da 57 0c 46 05
be 0f ae 2c 9e 67 6d 73 62 1a 65
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: c9 4d ae d6 b3
d3 a4 67 31 a7 d7 f5 8b 6d e3 1e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 5c e3 30 7e 46
3c a4 f4 ce c3 16 ca f5 a8 f9 49
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: f4 6a 48 21 d1
93 c9 b6 d1 b0 c4 ab 89 fd 73 85
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: a3 b0 0a 9d 9b
69 61 70 11 80 d4 53 97 ac 8a 09
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: e9 09 91 69 18
7c 35 b5 3d 56 48 be 96 01 92 39
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: df b0 31 ff ce
0e 6c 0e a6 81 ee 1f d9 ba 96 f0
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 27 c8 88 79 f2
82 67 3a 21 45 86 16 73 4f 0c 8f
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: a1 f6 24 72
Oct 4 09:18:09 firewall pluto[26478]: | calculated auth: bb bd 5c 16
7a 95 28 15 cc c9 79 83 b5 c1 f4 29
Oct 4 09:18:09 firewall pluto[26478]: | provided auth: bb bd 5c 16
7a 95 28 15 cc c9 79 83 b5 c1 f4 29
Oct 4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: be 61 b8 3c 91
27 58 41 e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 35 20 23 08 00
00 00 01 00 00 02 44 00 00 02 28
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 00 03 00 08 24
09 5b 12 6f 82 d7 49 70 91 7f 0c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 36 a6 31 b1 3d
19 c0 16 5c 02 e6 64 c8 5e 4b 44
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 64 dd b5 21 0f
b2 89 9b ff 65 f0 03 2f 90 f4 f8
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ff cb aa 9f e2
0a e4 93 09 eb 51 77 38 02 dd 61
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 3b 2b 0d 94 c0
16 4c 54 57 80 15 2a 2d 02 91 e0
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d8 05 56 c2 3a
b8 b2 15 56 f0 04 90 ee e2 7e 47
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 91 a1 cc 3e 41
e7 99 9e 2c 56 56 28 aa 4c 46 ca
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 58 9d d1 a5 26
91 67 d7 8a 05 be f3 a2 af 41 f8
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ca ab f4 fc 24
c3 73 f2 d6 11 52 5e ef b9 1c f5
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d2 99 ce 42 f7
f6 3b ad 89 54 55 7d 2a 10 c6 f0
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 8c 5c 20 f3 cf
ed ed 1f 6b 17 74 d1 c1 a7 a9 58
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 93 0c 63 ac 46
de 5a 16 9d e1 70 47 ea 42 57 40
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: fc a4 47 66 6b
71 ff eb 93 a2 ad fd ab a3 0b 8a
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 2a 7e a6 07 f8
5e 05 ca 26 76 bc 78 c5 ba 8f f4
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ea 9b 27 1d 73
77 17 46 9c 06 ca 52 28 35 ab d2
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 70 7f 9c 97 6e
0b 9d 38 07 27 0d 80 8c 5a 18 52
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: df 58 6c a9 19
e3 89 d6 79 71 50 a3 5f ba e3 3e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: a6 68 ec 69 49
c5 bc f3 47 6a b6 41 06 71 61 65
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b8 8f f4 96 54
0a d0 9c e1 41 79 a8 f1 8c c6 e4
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b1 61 1f d8 fe
87 a3 01 a0 27 ff 45 ab 1e a1 c0
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d5 c2 5b 9e 06
72 e7 be b2 6e 9a df 39 28 1c 8a
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: da 13 8c 41 24
1f 0b 21 25 65 27 13 85 bc 84 2a
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 89 fe 38 d2 d8
7f 76 80 98 87 dc 9d 2b aa 8a 37
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 35 73 41 70 a3
96 90 86 09 49 f8 00 0f a4 66 d7
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b2 3d ca 8c e0
a0 7b 00 03 c7 61 2d f3 8b be e4
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 5c 20 13 71 af
22 77 a7 25 2b 69 f9 ef 36 1f c9
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 36 81 ef f9 4c
ca 20 fb 91 3f 17 ef ad db 3e 47
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 89 6b ed f0 7c
ff 89 a9 eb 40 93 c8 83 09 2a a9
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b8 c5 cf a2 a5
35 1d 41 fd e4 6c 56 d5 5c 00 0f
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: db 7d e4 20 cd
da df 7b 8e ab ae ee 89 1e db 6b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 4f fe bf ab e8
3a d2 c8 52 9f c2 8f 65 eb 3a 78
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b0 e6 c3 03 05
94 d5 37 11 bf 5f 61 0f 1d a3 70
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 90 a8 2a 9e ca
e7 39 46 63 fe 85 e6 2a ce 7b 86
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 44 03 f2 64
Oct 4 09:18:09 firewall pluto[26478]: | calculated auth: 0e 45 07 75
b6 dd 2f c1 16 f1 74 77 88 88 ad 35
Oct 4 09:18:09 firewall pluto[26478]: | provided auth: 0e 45 07 75
b6 dd 2f c1 16 f1 74 77 88 88 ad 35
Oct 4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: be 61 b8 3c 91
27 58 41 e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 35 20 23 08 00
00 00 01 00 00 02 44 00 00 02 28
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 00 04 00 08 b7
3c 36 f6 9d ec c5 00 e8 fe 3f c4
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 47 bf c6 19 ca
5b a8 84 3c 6a 71 a8 fb 43 3c 45
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d2 11 7e ff 02
7b 5c 7c 9b a7 08 54 db 59 46 5c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: f1 e8 d1 42 74
ea 26 05 fd 15 99 c6 04 3f 99 83
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: c2 1c d8 61 cd
e1 8b ed c1 bc a7 7c 62 ad b0 82
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: f1 e6 57 12 7d
9b e8 0f 39 6f a1 6b b1 d9 e9 db
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: eb 04 ce 35 61
cf 8f 2e 90 43 00 8e 0c 6d 89 1b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 50 90 2f ab 69
26 ed 4b 7e 20 0a 3e 35 02 b9 8c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 84 fa 22 f3 56
6d ab 84 ed 2e 53 38 52 ff fe ed
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d0 11 87 fa 0b
f1 be d5 74 f0 e5 03 2a 19 47 95
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 80 60 57 c5 7e
1c f0 7b 16 a1 70 ce 29 13 00 1f
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 72 f8 2c 83 66
92 a6 ee a4 c9 26 be 30 98 05 47
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 97 57 fd 47 cf
65 0b 0e 46 59 d0 5c fa ed ab 77
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ca f0 7f f3 78
74 90 53 c5 96 1a 60 f5 7a b7 f5
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 9b d9 4d 95 0e
e9 78 be 71 ba 9e 33 99 33 f7 a0
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: c6 15 37 6d b6
54 41 4f fa 08 e0 cb 9c 6d 3c ce
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ea 42 db 68 4c
ce ee 04 ce db e4 0d ce bb f9 40
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: db 16 e7 6e 90
75 3e 02 29 d3 94 82 3c 12 45 24
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 32 78 44 fe 54
2d fb 4e e7 dd 66 a7 f2 40 44 b5
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 8d 57 2a f3 e9
eb 66 50 42 bb e3 0e b8 96 fa 3d
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 75 28 e8 9a b8
6f 89 16 65 c0 64 38 11 8f 9b 93
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 82 5a 26 1d b9
2e 4e 20 c6 28 18 ad c8 5c d2 c0
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: bc 80 99 5f 45
fe 40 cf af 41 a0 1c 46 b6 a3 29
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 6b 98 2f 2b 17
27 97 51 20 56 25 fe 19 0d d4 14
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 4c 63 88 72 d1
45 e1 45 73 02 b2 55 25 17 aa 2c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: c2 2d 3b fd d5
35 f2 f3 4a 7f 58 df af fa 8d dd
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: c0 b0 a9 2c 90
a8 75 3e 55 8e 4b fa d5 fc 2a 22
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: a2 3b eb 5d e1
f4 d2 c1 c3 ae 63 fa 7d fa 61 b1
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 41 b6 91 7b 28
c7 7a 26 75 11 a5 bc 7d 1f 19 25
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 2f bb 5b 05 13
5c 66 42 3a 05 f6 16 c5 ef 10 b3
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 54 82 64 81 d5
3f d0 6c 6e 54 5f 6d a4 92 e6 79
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 38 6f d3 8e f5
13 cf 83 86 dd f7 00 0e f5 60 30
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 19 e9 c0 6d 68
af e7 c7 fa df 27 c0 ca 15 47 d1
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 74 0a 38 2e
Oct 4 09:18:09 firewall pluto[26478]: | calculated auth: 59 5c 1c fe
c7 4a ca 9f 31 10 c0 a6 33 03 67 7f
Oct 4 09:18:09 firewall pluto[26478]: | provided auth: 59 5c 1c fe
c7 4a ca 9f 31 10 c0 a6 33 03 67 7f
Oct 4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: be 61 b8 3c 91
27 58 41 e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 35 20 23 08 00
00 00 01 00 00 02 44 00 00 02 28
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 00 05 00 08 fb
37 1b dd 82 24 e3 e0 6a ea e3 57
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 17 8b 7c 94 32
af 50 a9 d8 db 60 b1 1c 28 b9 0c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d1 3d 91 e4 82
0b e6 22 84 ff 8e 53 66 51 ef 55
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 4f b0 63 97 9c
a8 7c 9a 8c 3a ae d2 b7 f9 42 0c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 90 7e 27 8c c8
57 46 0d 54 3b 43 ee a6 6b 1e 00
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 97 41 93 3d cf
d0 2c 2a 43 d3 ac fb 27 9f f7 79
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: bf 1d 14 c1 7e
42 8a f8 c7 3b aa e7 54 1d d6 ca
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d8 5f de 49 ec
04 ef 32 6e 37 a8 74 17 19 a1 3a
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 90 20 11 e2 44
d5 47 30 ff c0 2f 08 51 86 96 c1
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 5c 6d ea 32 c6
83 3d 0b 50 00 60 d9 f7 73 47 06
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 73 48 43 12 05
6b 5a 48 7c d0 1e be 8d 14 39 8b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 78 ff 3a d0 31
74 24 c3 fa 7d fb e3 e1 bf 88 1b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 92 6e 1e 43 a1
2b d0 29 1c bd d6 a7 d8 02 10 90
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 13 5c 00 b1 ab
4c e7 dd 2b 28 36 a2 2f bc 56 6a
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d3 d3 af b6 5a
8d 63 87 10 a2 01 28 01 f4 b2 af
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 44 df fd de cc
89 8e 87 4f cf 87 66 40 63 60 c3
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: a9 f7 b1 9e 70
67 c3 f9 99 03 4f 44 5c 16 96 cf
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: be 84 4f 64 0b
25 22 df 19 d9 73 59 7f 48 ea 84
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: dd 08 3e 36 6d
d0 3a cb 0c f8 eb d4 2c 63 11 66
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d4 4d 69 ef 7b
fa e8 c5 f7 26 b5 f6 f0 46 48 b5
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 9e 45 e3 64 0a
83 30 99 39 f5 e4 3b 1d 32 24 7c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: f4 24 77 bc 2d
95 5a 23 b8 79 cf a2 2b 98 b6 14
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ea a0 d3 cd 17
df b0 f5 38 98 b7 d5 79 6b b2 62
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 1c bd 18 d2 75
48 4d 91 f7 8c 53 be f5 09 f8 5b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 71 4b 50 81 cb
43 58 92 4e 08 26 f5 cf 73 77 93
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: dc 21 f7 a2 b6
08 2e dc e4 66 c2 c1 c3 cc 4f b8
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 36 9d a5 f6 cd
99 ef 96 a3 61 6a 6e 0b 11 ac 99
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: c0 53 a5 f7 09
7d cb 45 84 19 d5 e1 4c 69 f1 6a
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 6e 42 90 63 e1
e9 95 81 14 8c 81 24 a3 b3 0a fd
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 41 04 ee 23 d7
50 26 c2 e0 34 3a 7c 64 bb 66 86
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: fc ad 31 b2 b8
fe c3 d5 9f 0e 14 35 39 31 58 e8
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: de f4 e9 ba 4e
af ef 14 22 2d 07 ca ff 55 07 e7
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d2 d5 6c f6 c4
03 c7 01 ff 33 99 7b 51 b2 5e fe
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: e9 1b c9 af
Oct 4 09:18:09 firewall pluto[26478]: | calculated auth: 35 b2 dc 11
7e 30 11 77 26 df 9f d7 69 4a 32 3c
Oct 4 09:18:09 firewall pluto[26478]: | provided auth: 35 b2 dc 11
7e 30 11 77 26 df 9f d7 69 4a 32 3c
Oct 4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: be 61 b8 3c 91
27 58 41 e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 35 20 23 08 00
00 00 01 00 00 02 44 00 00 02 28
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 00 06 00 08 36
7b 86 fe 11 2c 2d 01 7c c1 04 4e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 1d 40 c0 18 b5
7f 64 fe 56 57 fe f7 9c 15 9b cb
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ee 68 4c 44 19
95 52 91 0c af e8 26 a7 f9 8e 39
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 98 c6 30 52 85
b7 60 2e 83 97 4d 32 b8 43 9d e8
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 62 f8 f7 d8 2f
2a 52 60 75 e1 04 ae b8 79 6d 17
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 97 9e e6 58 31
67 30 e8 85 63 a6 6f 07 42 b7 1f
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 0e b9 ee b5 28
1c bf dc ad bb 3f ed b4 b9 75 c6
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b2 ea 8c a1 39
1e d3 11 b9 a9 3d df 58 e0 70 99
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 20 13 a0 23 0e
19 0d 83 55 8e 8e be 39 c6 62 6a
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 79 ee 6b 0e 9e
17 ca dd 86 47 44 fe 70 b2 f2 f3
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 4f 24 00 24 44
ec 4b 38 c2 ea b1 e3 5f d4 7c 2e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 96 70 5b 99 e8
cc 42 d4 06 bb cd d8 77 b2 cd 5c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: df c6 e5 b4 c4
8e 73 2b 4b ac bb 14 08 4d 66 3c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 70 c4 08 35 a9
e6 fb 03 15 81 5e 12 b0 22 25 1b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ac 4b 1c 36 05
13 15 3b 47 e0 63 49 47 60 ff 9d
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b9 b1 47 69 53
ae c8 ca f1 dd 51 05 18 5f 8d ad
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 33 b8 1c 60 12
f2 07 5f bc 68 3c 5a cd b5 83 c4
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ca bd 33 b5 e2
35 59 db 6d 5e 89 6d f7 5c e2 f1
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: bb cd 1b b6 ed
dd 0a 0a e9 f7 a4 d6 ab 89 e8 ae
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 93 2f 13 ae e0
f7 ed 4e fd c7 43 54 ff 92 dc 9b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: f1 30 fd cd e0
fc f1 85 22 4d 6c 7c 18 57 82 e7
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: eb 45 2f 03 d6
49 84 30 df fe 99 01 3c e3 30 29
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 2b 41 3f 14 e0
12 2a d3 84 03 41 eb ae f0 42 7e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 34 8f 48 f3 cd
43 e1 07 0c 08 b0 fb db 15 6b d3
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d3 ae 16 b1 ec
8c 6f 60 d9 17 81 55 1e 1c f3 a6
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: dc df 49 23 e7
2f d9 45 fe aa ea 7b e7 fd a4 32
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: cb dd e3 ac d8
39 83 a8 df 24 52 0e 55 0a d1 a1
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d8 92 f5 cd bc
11 f9 d8 31 70 68 65 36 02 0f 51
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 77 03 bf 91 5b
09 ef cf 0e 66 ba ea c3 2f 5d 10
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ca e9 af 5d 5e
6a 03 2b 3a a9 d8 c0 4b 33 0a ae
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 23 37 8c ee 52
bc 15 14 c9 12 b6 0a 86 9a 84 b8
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 93 eb 8c af 4f
0f eb 4f fe 37 71 db 79 ed 96 b8
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: e4 0f 65 f6 69
10 b4 91 fd 83 e4 29 1b 16 b0 b1
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 02 49 91 5f
Oct 4 09:18:09 firewall pluto[26478]: | calculated auth: d6 7d 49 02
2c 98 b4 e9 79 7d cb 7c 4a 5a 5c b4
Oct 4 09:18:09 firewall pluto[26478]: | provided auth: d6 7d 49 02
2c 98 b4 e9 79 7d cb 7c 4a 5a 5c b4
Oct 4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: be 61 b8 3c 91
27 58 41 e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 35 20 23 08 00
00 00 01 00 00 02 44 00 00 02 28
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 00 07 00 08 67
c5 f6 7a 52 06 ea e2 a8 9c 88 4f
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ed bb 71 44 ae
42 1d f4 24 48 36 2a 0b 3f 7b 61
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 59 c6 a5 98 15
46 8a 02 14 7b 48 3d 04 5e d7 fc
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 14 81 d4 b6 9f
01 81 64 56 ad 13 d7 d8 40 a1 63
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 46 db 54 04 42
54 85 f4 4c 19 ba 80 9c a8 7c e0
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b2 af 14 99 a4
a9 89 cb ab 92 40 3f 44 13 5a b9
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 5c c2 0b f1 8a
a5 62 c9 e2 2d e1 46 31 54 a3 7d
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 6f a5 e9 8a db
b2 51 14 8b f8 29 88 7d 14 49 6b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 5c 32 64 e3 7d
9e de 64 ff c1 f6 e4 e3 ae 48 ac
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 1e c4 58 4e 03
a8 dd 91 dd f0 35 93 46 23 f3 99
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b4 8e c1 80 95
98 c1 c8 06 cd fd 3c 42 e2 11 a0
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 9f f2 ff 61 d5
ee 77 6f 7e bb 14 00 6d a5 21 fc
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b9 e5 34 66 41
74 01 20 5b c4 c3 a5 fa d8 14 7b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b0 2c 5b 63 22
cf ad d9 ca dd 96 43 76 19 f4 75
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 6a ba 1b 0b 38
d5 3a 13 5e 0d a8 25 3d 5a 73 76
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: fb c7 87 d5 f3
82 3d 8d 7e 62 32 a8 80 40 a3 b3
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: f0 6e 16 f0 3a
97 c3 e6 28 64 e8 68 11 3a 25 d7
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 93 98 bd 57 b9
71 71 b2 d7 c8 e6 60 43 aa c3 c3
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: f5 22 c0 13 12
12 ea 85 ec e4 41 a2 b6 ca 8d 58
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 36 cf c0 2a 12
e4 b7 e4 ce da 3a 0b 60 5f 2c 12
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 6c 5d 3b ff 20
08 a0 b3 9c d1 55 0c 1f e6 8d 1a
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: c2 c2 23 9c a4
9e 77 71 23 68 a1 9d 11 04 e8 77
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 38 5b 0a 96 17
f5 e6 f8 c9 6f 23 5d 2e 06 6e db
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: a0 6c 51 7b 38
8e f8 ef 34 66 8d 1b 4c 1c 1b 35
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d2 1d a8 8d b6
00 a0 af d4 6f 24 93 f5 7e e4 1c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 7e 1d ed ea 4f
95 16 7c df 33 10 4a 64 d4 56 d1
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 7c 7d 9e ce df
98 39 6d 22 6f 33 cf 20 66 0a fd
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: f9 d7 a3 7f 9a
e3 d0 cf 91 9b 43 ee 4c c8 34 5d
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 20 3e 26 52 6c
11 81 85 83 41 7c b2 79 23 a5 71
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 52 a6 22 95 c0
2b 44 d7 12 16 da 86 b3 bd 13 8d
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 33 f1 67 6b 18
f8 38 75 0b d0 ba fc a7 13 a5 38
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: bf 06 b7 f5 3b
bc 8e ba a1 f2 a4 7b 8e 2a 0c d2
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 1c ce 69 11 0b
35 3b aa ff 79 51 e1 0f 84 8a 68
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 73 1a da 4e
Oct 4 09:18:09 firewall pluto[26478]: | calculated auth: 44 1c 2b ef
6c 51 56 65 39 a1 9f a5 00 a2 38 98
Oct 4 09:18:09 firewall pluto[26478]: | provided auth: 44 1c 2b ef
6c 51 56 65 39 a1 9f a5 00 a2 38 98
Oct 4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: be 61 b8 3c 91
27 58 41 e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 35 20 23 08 00
00 00 01 00 00 01 d4 00 00 01 b8
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 00 08 00 08 58
8c 07 d8 fe 0e 96 c1 64 b3 e7 b5
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: fa 37 1b 20 69
82 16 72 19 8b e8 29 f0 b3 95 64
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 0a 2f bf 6d 13
d3 f1 23 ee be 24 18 30 70 90 d7
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 20 ea 56 b5 8a
92 6a 4a 07 7e 3d f4 9d 6d 76 0a
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: da e2 e0 a6 03
b8 b6 b3 d9 8e 91 f3 41 c3 94 7d
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 7b 05 90 dc 8f
29 2e f7 b6 cd 85 61 ee 97 b7 04
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 84 0b f4 7a d3
19 0c 2c 96 c6 a4 ee a5 69 36 b2
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: e8 c6 74 98 11
1d 4d 3b 84 f2 6e a0 0a f8 86 1b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: b3 ca 26 71 8d
57 df 86 50 02 6d c7 9f 14 a5 73
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 04 c0 6e 81 db
ab 71 40 01 4e 4d f4 d4 4f 08 c0
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: cc e8 2e 57 26
88 88 57 ce 75 d5 1b f5 c5 de a9
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 8b 20 ca 4c 33
cc 22 c6 07 51 7f 01 11 90 d0 f8
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 4c 6d 75 1e f5
23 9c 84 dc 33 76 3b 48 4e 7d 0b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 91 04 84 57 fe
5c 3d 8d b5 cd 93 21 24 9f 3f 5e
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: a0 5a bb d3 72
df d3 51 f8 ce a9 15 96 e7 3b 75
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: cf 77 03 dd 26
5a 4a 6f 52 2f b2 b0 c7 9a fd 71
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: e0 a1 d8 e2 66
7c 35 26 2c 0a 32 e7 a4 35 2d ce
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: c7 f8 f5 39 3d
fa 24 b2 fc b8 83 74 f5 b4 90 e5
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: d9 e8 6f 38 f7
38 64 a6 1c d6 74 6a 2b ad 35 31
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: bb 98 ae d7 74
15 08 7e 08 b0 1c 7e 75 f4 23 16
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ce fe 22 b6 a1
6d 71 b8 42 38 c5 64 f0 a7 73 20
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 8d 99 fa c1 92
e3 40 8c 07 c4 96 10 7b 79 ed d9
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 1d 9d 71 4b b0
29 0e 85 b3 93 42 de bc 45 8e 33
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: ff 44 43 65 71
5a 06 d9 81 dd 60 65 6d 10 3e 71
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: bf 4a 11 e1 c3
32 96 a4 62 15 92 11 e1 2c d8 3b
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 2a 88 b9 d8 fe
e2 c1 ed 72 13 a2 b2 46 cf 90 5c
Oct 4 09:18:09 firewall pluto[26478]: | data for hmac: 09 56 83 68
Oct 4 09:18:09 firewall pluto[26478]: | calculated auth: 5d f7 ff 27
5b 3e 3f 9c 31 49 fa 5b 5e 6d 5c 9c
Oct 4 09:18:09 firewall pluto[26478]: | provided auth: 5d f7 ff 27
5b 3e 3f 9c 31 49 fa 5b 5e 6d 5c 9c
Oct 4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct 4 09:18:09 firewall pluto[26478]: | #3 ikev2 ISAKMP_v2_IKE_AUTH
decrypt success
Oct 4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2IDi)
Oct 4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Identification -
Initiator - Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2CERT (0x25)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | length: 106 (0x6a)
Oct 4 09:18:09 firewall pluto[26478]: | ID type: ID_DER_ASN1_DN (0x9)
Oct 4 09:18:09 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2IDi (len=98)
Oct 4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2CERT)
Oct 4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Certificate Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2CERTREQ (0x26)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | length: 1587 (0x633)
Oct 4 09:18:09 firewall pluto[26478]: | ikev2 cert encoding:
CERT_X509_SIGNATURE (0x4)
Oct 4 09:18:09 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2CERT (len=1582)
Oct 4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2CERTREQ)
Oct 4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Certificate
Request Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2AUTH (0x27)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | length: 1405 (0x57d)
Oct 4 09:18:09 firewall pluto[26478]: | ikev2 cert encoding:
CERT_X509_SIGNATURE (0x4)
Oct 4 09:18:09 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2CERTREQ (len=1400)
Oct 4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2AUTH)
Oct 4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Authentication
Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2N (0x29)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | length: 520 (0x208)
Oct 4 09:18:09 firewall pluto[26478]: | auth method: IKEv2_AUTH_RSA
(0x1)
Oct 4 09:18:09 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2AUTH (len=512)
Oct 4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2N)
Oct 4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Notify Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2CP (0x2f)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:09 firewall pluto[26478]: | Protocol ID:
PROTO_v2_RESERVED (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | SPI size: 0 (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | Notify Message Type:
v2N_MOBIKE_SUPPORTED (0x400c)
Oct 4 09:18:09 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2N (len=0)
Oct 4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2CP)
Oct 4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Configuration
Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2SA (0x21)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | length: 36 (0x24)
Oct 4 09:18:09 firewall pluto[26478]: | ikev2_cfg_type:
IKEv2_CP_CFG_REQUEST (0x1)
Oct 4 09:18:09 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2CP (len=28)
Oct 4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2SA)
Oct 4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Security
Association Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2TSi (0x2c)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | length: 80 (0x50)
Oct 4 09:18:09 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2SA (len=76)
Oct 4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2TSi)
Oct 4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Traffic Selector
- Initiator - Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2TSr (0x2d)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | length: 64 (0x40)
Oct 4 09:18:09 firewall pluto[26478]: | number of TS: 2 (0x2)
Oct 4 09:18:09 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2TSi (len=56)
Oct 4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload
(ISAKMP_NEXT_v2TSr)
Oct 4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Traffic Selector
- Responder - Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | length: 64 (0x40)
Oct 4 09:18:09 firewall pluto[26478]: | number of TS: 2 (0x2)
Oct 4 09:18:09 firewall pluto[26478]: | processing payload:
ISAKMP_NEXT_v2TSr (len=56)
Oct 4 09:18:09 firewall pluto[26478]: | selected state microcode
Responder: process IKE_AUTH request
Oct 4 09:18:09 firewall pluto[26478]: | Now let's proceed with state
specific processing
Oct 4 09:18:09 firewall pluto[26478]: | calling processor Responder:
process IKE_AUTH request
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 2.78 milliseconds
Oct 4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3:
processing decrypted IKE_AUTH request:
SK{IDi,CERT,CERTREQ,AUTH,N,CP,SA,TSi,TSr}
Oct 4 09:18:09 firewall pluto[26478]: | global one-shot timer
EVENT_FREE_ROOT_CERTS scheduled in 300 seconds
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 0.0137
milliseconds in find_and_verify_certs() calling get_root_certs()
Oct 4 09:18:09 firewall pluto[26478]: | checking for known CERT payloads
Oct 4 09:18:09 firewall pluto[26478]: | saving certificate of type
'X509_SIGNATURE'
Oct 4 09:18:09 firewall pluto[26478]: | decoded cert: CN=Heidi
Hansen,OU=Network Admin,O=Planyukon,ST=Yukon,C=CA
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 0.0714
milliseconds in find_and_verify_certs() calling decode_cert_payloads()
Oct 4 09:18:09 firewall pluto[26478]: | cert_issuer_has_current_crl:
looking for a CRL issued by CN=Planyukon Certificate
Authority,OU=Administrator,O=Planyukon,ST=Yukon,C=CA
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 0.146
milliseconds in find_and_verify_certs() calling crl_update_check()
Oct 4 09:18:09 firewall pluto[26478]: | missing or expired CRL
Oct 4 09:18:09 firewall pluto[26478]: | crl_strict: 0, ocsp: 0,
ocsp_strict: 0, ocsp_post: 0
Oct 4 09:18:09 firewall pluto[26478]: | verify_end_cert trying profile
IPsec
Oct 4 09:18:09 firewall pluto[26478]: | certificate is valid (profile
IPsec)
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 0.624
milliseconds in find_and_verify_certs() calling verify_end_cert()
Oct 4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3:
certificate verified OK: CN=Heidi Hansen,OU=Network
Admin,O=Planyukon,ST=Yukon,C=CA
Oct 4 09:18:09 firewall pluto[26478]: | get_pluto_gn_from_nss_cert:
allocated pluto_gn 0x55d8599c58b8
Oct 4 09:18:09 firewall pluto[26478]: | get_pluto_gn_from_nss_cert:
allocated pluto_gn 0x55d85997c3e8
Oct 4 09:18:09 firewall pluto[26478]: | unreference key: 0x55d8599c5318
C=CA, ST=Yukon, O=Planyukon, OU=Network Admin, CN=Heidi Hansen cnt 1--
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 0.271
milliseconds in decode_certs() calling add_pubkey_from_nss_cert()
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 1.21 milliseconds
in decode_certs()
Oct 4 09:18:09 firewall pluto[26478]: | DER ASN1 DN: 30 60 31 0b 30
09 06 03 55 04 06 13 02 43 41 31
Oct 4 09:18:09 firewall pluto[26478]: | DER ASN1 DN: 0e 30 0c 06 03
55 04 08 13 05 59 75 6b 6f 6e 31
Oct 4 09:18:09 firewall pluto[26478]: | DER ASN1 DN: 12 30 10 06 03
55 04 0a 13 09 50 6c 61 6e 79 75
Oct 4 09:18:09 firewall pluto[26478]: | DER ASN1 DN: 6b 6f 6e 31 16
30 14 06 03 55 04 0b 13 0d 4e 65
Oct 4 09:18:09 firewall pluto[26478]: | DER ASN1 DN: 74 77 6f 72 6b
20 41 64 6d 69 6e 31 15 30 13 06
Oct 4 09:18:09 firewall pluto[26478]: | DER ASN1 DN: 03 55 04 03 13
0c 48 65 69 64 69 20 48 61 6e 73
Oct 4 09:18:09 firewall pluto[26478]: | DER ASN1 DN: 65 6e
Oct 4 09:18:09 firewall pluto[26478]: | ID_DER_ASN1_DN 'C=CA, ST=Yukon,
O=Planyukon, OU=Network Admin, CN=Heidi Hansen' needs further ID
comparison against 'C=CA, ST=Yukon, O=Planyukon, OU=Network Admin,
CN=Heidi Hansen'
Oct 4 09:18:09 firewall pluto[26478]: | ID_DER_ASN1_DN 'C=CA, ST=Yukon,
O=Planyukon, OU=Network Admin, CN=Heidi Hansen' matched our ID
Oct 4 09:18:09 firewall pluto[26478]: | X509: CERT and ID matches
current connection
Oct 4 09:18:09 firewall pluto[26478]: | CERT_X509_SIGNATURE CR:
Oct 4 09:18:09 firewall pluto[26478]: | 00 c2 5f 57 cf 93 14 0f 46
3f 95 71 0a 5c c9 de
Oct 4 09:18:09 firewall pluto[26478]: | 2f 19 53 f9 3b bc 57 4b 0f
12 ca 3d 85 a8 2d 7c
Oct 4 09:18:09 firewall pluto[26478]: | d4 d5 bd 52 48 e6 76 7c b0
80 52 3d c1 b8 f9 67
Oct 4 09:18:09 firewall pluto[26478]: | 17 c3 09 a9 67 b0 df 9c 51
8d 42 22 30 a4 e6 4f
Oct 4 09:18:09 firewall pluto[26478]: | de 76 8a fc ed 5a 90 84 28
30 46 79 2c 29 15 70
Oct 4 09:18:09 firewall pluto[26478]: | 0e ac 82 60 40 56 27 97 e5
25 13 fc 2a e1 0a 53
Oct 4 09:18:09 firewall pluto[26478]: | 95 59 e4 a4 8f 77 c2 1d 60
d5 1d bc 6d 1c a7 28
Oct 4 09:18:09 firewall pluto[26478]: | a9 39 3d 8d 56 77 6e 7e ca
b9 ce 6f 46 e7 71 3b
Oct 4 09:18:09 firewall pluto[26478]: | 27 9c d2 87 20 f7 ea a0 be
37 34 3c dd bc bd 86
Oct 4 09:18:09 firewall pluto[26478]: | 9c 3f 07 ed 40 e3 1b 08 ef
ce c4 d1 88 cd 3b 15
Oct 4 09:18:09 firewall pluto[26478]: | 50 64 27 15 75 01 55 0c ff
e7 e7 83 4d 59 28 d7
Oct 4 09:18:09 firewall pluto[26478]: | 26 88 fe df 57 2a 11 53 24
9d 4d 9d 75 36 8d 8e
Oct 4 09:18:09 firewall pluto[26478]: | 1e 29 72 83 ae 34 d4 95 13
e6 dd b7 8c 73 81 82
Oct 4 09:18:09 firewall pluto[26478]: | 72 64 86 31 57 9a 29 a5 a1
66 d7 39 a8 f0 65 9a
Oct 4 09:18:09 firewall pluto[26478]: | 6f 92 97 40 5b a5 3c 03 38
d2 6d c1 a3 9a 99 b3
Oct 4 09:18:09 firewall pluto[26478]: | 4a 5c 75 22 aa 46 bf a4 08
9d 39 97 4e bd b4 a3
Oct 4 09:18:09 firewall pluto[26478]: | 60 f7 a0 1d 5c b8 69 fe 8d
ef c1 ed 66 27 ee b2
Oct 4 09:18:09 firewall pluto[26478]: | 12 0f 72 1b b8 0a 0e 04 ef
c5 6a f5 7c be 16 74
Oct 4 09:18:09 firewall pluto[26478]: | 8d f4 d5 8d 83 ee f4 40 85
f5 46 9e 6a 47 a2 67
Oct 4 09:18:09 firewall pluto[26478]: | c9 2e 2f 19 68 8b 9b 86 61
66 95 ed c1 2c 13 00
Oct 4 09:18:09 firewall pluto[26478]: | 01 f0 33 4c 1a a1 d9 ee 5b
7b a9 de 43 bc 02 7d
Oct 4 09:18:09 firewall pluto[26478]: | 57 09 33 fb 51 66 12 08 df
49 0f 93 7a 99 04 45
Oct 4 09:18:09 firewall pluto[26478]: | 13 69 83 a0 5b 1a 6d dc d4
db a1 08 19 d7 87 41
Oct 4 09:18:09 firewall pluto[26478]: | 28 49 22 00 b4 4d f8 48 68
2d 18 25 a6 6e c6 3a
Oct 4 09:18:09 firewall pluto[26478]: | b2 43 f4 dc 2c e3 ab 4a 37
a4 8d a5 4d 5c 5a 4f
Oct 4 09:18:09 firewall pluto[26478]: | 73 40 27 51 00 36 b4 b5 78
70 91 ce f4 42 22 58
Oct 4 09:18:09 firewall pluto[26478]: | 3d 44 79 71 79 79 0a cb c7
52 81 1e e8 c9 6c 67
Oct 4 09:18:09 firewall pluto[26478]: | 8e e7 be db 5c 75 97 2e 83
31 7e 62 85 42 53 d6
Oct 4 09:18:09 firewall pluto[26478]: | d7 78 31 90 ec 91 90 56 e9
91 b9 e3 53 a0 12 47
Oct 4 09:18:09 firewall pluto[26478]: | dd d5 27 8e 5b e8 e6 50 5d
bf 29 fc 71 98 44 b9
Oct 4 09:18:09 firewall pluto[26478]: | 88 a9 5a ef c0 84 fc 13 74
41 6b b1 63 32 c2 cf
Oct 4 09:18:09 firewall pluto[26478]: | 92 59 bb 3b f9 27 b6 1b 0a
37 f3 c3 1a fa 17 ec
Oct 4 09:18:09 firewall pluto[26478]: | 2d 46 17 16 12 9d 0c 0e 34
4f 30 2d 25 69 31 91
Oct 4 09:18:09 firewall pluto[26478]: | ea f7 73 5c ab f5 86 8d 37
82 40 ec 3e df 29 0c
Oct 4 09:18:09 firewall pluto[26478]: | c1 f5 cc 73 2c eb 3d 24 e1
7e 52 da bd 27 e2 f0
Oct 4 09:18:09 firewall pluto[26478]: | 09 b1 9c 76 dc 1b d6 fc 82
b0 56 47 1c 51 93 cf
Oct 4 09:18:09 firewall pluto[26478]: | ee 95 d0 02 7c 32 d4 85 fd
89 0a 66 b5 97 ce 86
Oct 4 09:18:09 firewall pluto[26478]: | f4 d5 26 a9 21 07 e8 3e af
7e b9 98 4d 39 87 bf
Oct 4 09:18:09 firewall pluto[26478]: | 02 fa c1 f8 fa f0 6a cb 09
e6 c1 3f 64 1d f8 d5
Oct 4 09:18:09 firewall pluto[26478]: | 0e 23 31 c2 29 b2 50 cb 32
f5 6d f5 5c 8e 00 fa
Oct 4 09:18:09 firewall pluto[26478]: | ab 76 88 f4 e5 e1 38 c9 e9
50 17 cd cd b3 18 17
Oct 4 09:18:09 firewall pluto[26478]: | b3 3e 8c f5 da ed 64 74 14
9c 14 3c ab dd 99 a9
Oct 4 09:18:09 firewall pluto[26478]: | bd 5b 28 4d 8b 3c c9 d8 c0
7a 98 68 8d 89 fb ab
Oct 4 09:18:09 firewall pluto[26478]: | 05 64 0c 11 7d aa 7d 65 b8
ca cc 4e a8 e3 02 96
Oct 4 09:18:09 firewall pluto[26478]: | 70 a6 8b 57 eb ec ef cc 29
4e 91 74 9a d4 92 38
Oct 4 09:18:09 firewall pluto[26478]: | f7 93 19 ef df c1 f5 20 fb
ac 85 55 2c f2 d2 8f
Oct 4 09:18:09 firewall pluto[26478]: | 5a b9 ca 0b 30 a4 e6 4f de
76 8a fc ed 5a 90 84
Oct 4 09:18:09 firewall pluto[26478]: | 28 30 46 79 2c 29 15 70 48
e6 68 f9 2b d2 b2 95
Oct 4 09:18:09 firewall pluto[26478]: | d7 47 d8 23 20 10 4f 33 98
90 9f d4 c4 30 28 c5
Oct 4 09:18:09 firewall pluto[26478]: | d3 e3 08 0c 10 44 8b 2c 77
ba 24 53 97 60 bb f9
Oct 4 09:18:09 firewall pluto[26478]: | 69 c4 27 db 59 69 68 18 47
e2 52 17 0a e0 e5 7f
Oct 4 09:18:09 firewall pluto[26478]: | ab 9d ef 0f ba 42 b0 81 88
53 88 1d 86 63 bd 4c
Oct 4 09:18:09 firewall pluto[26478]: | c0 5e 08 fe ea 6e bb 77 87
db d4 5f b0 92 8d 4e
Oct 4 09:18:09 firewall pluto[26478]: | 1d f8 15 67 e7 f2 ab af d6
2b 67 75 6e 58 4e 33
Oct 4 09:18:09 firewall pluto[26478]: | 75 bd 57 f6 d5 42 1b 16 01
c2 d8 c0 f5 3a 9f 6e
Oct 4 09:18:09 firewall pluto[26478]: | 4a 81 0c de f0 c0 90 0f 19
06 42 31 35 a2 a2 8d
Oct 4 09:18:09 firewall pluto[26478]: | d3 44 fd 08 d5 2e 13 c1 ab
e3 49 da e8 b4 95 94
Oct 4 09:18:09 firewall pluto[26478]: | ef 7c 38 43 60 64 66 bd 59
79 12 de 61 75 d6 6f
Oct 4 09:18:09 firewall pluto[26478]: | c4 23 b7 77 13 74 c7 96 de
6f 88 72 6c ca bd 7d
Oct 4 09:18:09 firewall pluto[26478]: | b4 7e 94 a5 75 99 01 b6 a7
df d4 5d 1c 09 1c cc
Oct 4 09:18:09 firewall pluto[26478]: | 6a 47 a2 67 c9 2e 2f 19 68
8b 9b 86 61 66 95 ed
Oct 4 09:18:09 firewall pluto[26478]: | c1 2c 13 00 42 32 b6 16 fa
04 fd fe 5d 4b 7a c3
Oct 4 09:18:09 firewall pluto[26478]: | fd f7 4c 40 1d 5a 43 af 1a
21 b4 95 2b 62 93 ce
Oct 4 09:18:09 firewall pluto[26478]: | 18 b3 65 ec 9c 0e 93 4c b3
81 e6 d4 a5 06 8a 78
Oct 4 09:18:09 firewall pluto[26478]: | cf 84 bd 74 32 dd 58 f9 65
eb 3a 55 e7 c7 80 dc
Oct 4 09:18:09 firewall pluto[26478]: | e2 7f 7b d8 77 d5 df 9e 0a
3f 9e b4 cb 0e 2e a9
Oct 4 09:18:09 firewall pluto[26478]: | ef db 69 77 5f f3 24 6c 8f
91 24 af 9b 5f 3e b0
Oct 4 09:18:09 firewall pluto[26478]: | 34 6a f4 2d 5c a8 5d cc 83
31 7e 62 85 42 53 d6
Oct 4 09:18:09 firewall pluto[26478]: | d7 78 31 90 ec 91 90 56 e9
91 b9 e3 3e 22 d4 2c
Oct 4 09:18:09 firewall pluto[26478]: | 1f 02 44 b8 04 10 65 61 7c
c7 6b ae da 87 29 9c
Oct 4 09:18:09 firewall pluto[26478]: | 55 e4 81 d1 11 80 be d8 89
b9 08 a3 31 f9 a1 24
Oct 4 09:18:09 firewall pluto[26478]: | 09 16 b9 70 b1 81 08 1a 19
a4 c0 94 1f fa e8 95
Oct 4 09:18:09 firewall pluto[26478]: | 28 c1 24 c9 9b 34 ac c7 21
0f 2c 89 f7 c4 cd 5d
Oct 4 09:18:09 firewall pluto[26478]: | 1b 82 5e 38 d6 c6 59 3b a6
93 75 ae 23 4b 71 25
Oct 4 09:18:09 firewall pluto[26478]: | 56 13 e1 30 dd e3 42 69 c9
cc 30 d4 6f 08 41 e0
Oct 4 09:18:09 firewall pluto[26478]: | 00 ad d9 a3 f6 79 f6 6e 74
a9 7f 33 3d 81 17 d7
Oct 4 09:18:09 firewall pluto[26478]: | 4c cf 33 de bb c2 3e 29 0b
b3 28 77 1d ad 3e a2
Oct 4 09:18:09 firewall pluto[26478]: | 4d bd f4 23 bd 06 b0 3d b0
19 89 e7 ef fb 4a af
Oct 4 09:18:09 firewall pluto[26478]: | cb 14 8f 58 46 39 76 22 41
50 e1 ba c8 95 13 68
Oct 4 09:18:09 firewall pluto[26478]: | 01 97 28 0a 2c 55 c3 fc d3
90 f5 3a 05 3b c9 fb
Oct 4 09:18:09 firewall pluto[26478]: | ee e5 9f 1e 2a a5 44 c3 cb
25 43 a6 9a 5b d4 6a
Oct 4 09:18:09 firewall pluto[26478]: | 25 bc bb 8e 90 2f 82 a3 7c
47 97 01 1e 0f 4b a5
Oct 4 09:18:09 firewall pluto[26478]: | af 13 13 c2 11 13 47 ea 7c
32 d4 85 fd 89 0a 66
Oct 4 09:18:09 firewall pluto[26478]: | b5 97 ce 86 f4 d5 26 a9 21
07 e8 3e 68 33 0e 61
Oct 4 09:18:09 firewall pluto[26478]: | 35 85 21 59 29 83 a3 c8 d2
d2 e1 40 6e 7a b3 c1
Oct 4 09:18:09 firewall pluto[26478]: | 9c a9 8d 00 af 74 0d dd 81
80 d2 13 45 a5 8b 8f
Oct 4 09:18:09 firewall pluto[26478]: | 2e 94 38 d6 4f 9c 7d 21 79
9c ad 0e d8 b9 0c 57
Oct 4 09:18:09 firewall pluto[26478]: | 9f 1a 02 99 e7 90 f3 87
Oct 4 09:18:09 firewall pluto[26478]: | cert blob content is not
binary ASN.1
Oct 4 09:18:09 firewall pluto[26478]: | refine_host_connection for
IKEv2: starting with "rw-ikev2"[1] 50.117.137.129
Oct 4 09:18:09 firewall pluto[26478]: | trusted_ca_nss: trustee A =
'C=CA, ST=Yukon, O=Planyukon, OU=Administrator, CN=Planyukon Certificate
Authority'
Oct 4 09:18:09 firewall pluto[26478]: | trusted_ca_nss: trustor B =
'C=CA, ST=Yukon, O=Planyukon, OU=Administrator, CN=Planyukon Certificate
Authority'
Oct 4 09:18:09 firewall pluto[26478]: | refine_host_connection: happy
with starting point: "rw-ikev2"[1] 50.117.137.129
Oct 4 09:18:09 firewall pluto[26478]: | The remote did not specify an
IDr and our current connection is good enough
Oct 4 09:18:09 firewall pluto[26478]: | offered CA: 'C=CA, ST=Yukon,
O=Planyukon, OU=Administrator, CN=Planyukon Certificate Authority'
Oct 4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3:
IKEv2 mode peer ID is ID_DER_ASN1_DN: 'C=CA, ST=Yukon, O=Planyukon,
OU=Network Admin, CN=Heidi Hansen'
Oct 4 09:18:09 firewall pluto[26478]: | received v2N_MOBIKE_SUPPORTED
while it did not sent
Oct 4 09:18:09 firewall pluto[26478]: | received CERTREQ payload; going
to decode it
Oct 4 09:18:09 firewall pluto[26478]: | CERT_X509_SIGNATURE CR:
Oct 4 09:18:09 firewall pluto[26478]: | 00 c2 5f 57 cf 93 14 0f 46
3f 95 71 0a 5c c9 de
Oct 4 09:18:09 firewall pluto[26478]: | 2f 19 53 f9 3b bc 57 4b 0f
12 ca 3d 85 a8 2d 7c
Oct 4 09:18:09 firewall pluto[26478]: | d4 d5 bd 52 48 e6 76 7c b0
80 52 3d c1 b8 f9 67
Oct 4 09:18:09 firewall pluto[26478]: | 17 c3 09 a9 67 b0 df 9c 51
8d 42 22 30 a4 e6 4f
Oct 4 09:18:09 firewall pluto[26478]: | de 76 8a fc ed 5a 90 84 28
30 46 79 2c 29 15 70
Oct 4 09:18:09 firewall pluto[26478]: | 0e ac 82 60 40 56 27 97 e5
25 13 fc 2a e1 0a 53
Oct 4 09:18:09 firewall pluto[26478]: | 95 59 e4 a4 8f 77 c2 1d 60
d5 1d bc 6d 1c a7 28
Oct 4 09:18:09 firewall pluto[26478]: | a9 39 3d 8d 56 77 6e 7e ca
b9 ce 6f 46 e7 71 3b
Oct 4 09:18:09 firewall pluto[26478]: | 27 9c d2 87 20 f7 ea a0 be
37 34 3c dd bc bd 86
Oct 4 09:18:09 firewall pluto[26478]: | 9c 3f 07 ed 40 e3 1b 08 ef
ce c4 d1 88 cd 3b 15
Oct 4 09:18:09 firewall pluto[26478]: | 50 64 27 15 75 01 55 0c ff
e7 e7 83 4d 59 28 d7
Oct 4 09:18:09 firewall pluto[26478]: | 26 88 fe df 57 2a 11 53 24
9d 4d 9d 75 36 8d 8e
Oct 4 09:18:09 firewall pluto[26478]: | 1e 29 72 83 ae 34 d4 95 13
e6 dd b7 8c 73 81 82
Oct 4 09:18:09 firewall pluto[26478]: | 72 64 86 31 57 9a 29 a5 a1
66 d7 39 a8 f0 65 9a
Oct 4 09:18:09 firewall pluto[26478]: | 6f 92 97 40 5b a5 3c 03 38
d2 6d c1 a3 9a 99 b3
Oct 4 09:18:09 firewall pluto[26478]: | 4a 5c 75 22 aa 46 bf a4 08
9d 39 97 4e bd b4 a3
Oct 4 09:18:09 firewall pluto[26478]: | 60 f7 a0 1d 5c b8 69 fe 8d
ef c1 ed 66 27 ee b2
Oct 4 09:18:09 firewall pluto[26478]: | 12 0f 72 1b b8 0a 0e 04 ef
c5 6a f5 7c be 16 74
Oct 4 09:18:09 firewall pluto[26478]: | 8d f4 d5 8d 83 ee f4 40 85
f5 46 9e 6a 47 a2 67
Oct 4 09:18:09 firewall pluto[26478]: | c9 2e 2f 19 68 8b 9b 86 61
66 95 ed c1 2c 13 00
Oct 4 09:18:09 firewall pluto[26478]: | 01 f0 33 4c 1a a1 d9 ee 5b
7b a9 de 43 bc 02 7d
Oct 4 09:18:09 firewall pluto[26478]: | 57 09 33 fb 51 66 12 08 df
49 0f 93 7a 99 04 45
Oct 4 09:18:09 firewall pluto[26478]: | 13 69 83 a0 5b 1a 6d dc d4
db a1 08 19 d7 87 41
Oct 4 09:18:09 firewall pluto[26478]: | 28 49 22 00 b4 4d f8 48 68
2d 18 25 a6 6e c6 3a
Oct 4 09:18:09 firewall pluto[26478]: | b2 43 f4 dc 2c e3 ab 4a 37
a4 8d a5 4d 5c 5a 4f
Oct 4 09:18:09 firewall pluto[26478]: | 73 40 27 51 00 36 b4 b5 78
70 91 ce f4 42 22 58
Oct 4 09:18:09 firewall pluto[26478]: | 3d 44 79 71 79 79 0a cb c7
52 81 1e e8 c9 6c 67
Oct 4 09:18:09 firewall pluto[26478]: | 8e e7 be db 5c 75 97 2e 83
31 7e 62 85 42 53 d6
Oct 4 09:18:09 firewall pluto[26478]: | d7 78 31 90 ec 91 90 56 e9
91 b9 e3 53 a0 12 47
Oct 4 09:18:09 firewall pluto[26478]: | dd d5 27 8e 5b e8 e6 50 5d
bf 29 fc 71 98 44 b9
Oct 4 09:18:09 firewall pluto[26478]: | 88 a9 5a ef c0 84 fc 13 74
41 6b b1 63 32 c2 cf
Oct 4 09:18:09 firewall pluto[26478]: | 92 59 bb 3b f9 27 b6 1b 0a
37 f3 c3 1a fa 17 ec
Oct 4 09:18:09 firewall pluto[26478]: | 2d 46 17 16 12 9d 0c 0e 34
4f 30 2d 25 69 31 91
Oct 4 09:18:09 firewall pluto[26478]: | ea f7 73 5c ab f5 86 8d 37
82 40 ec 3e df 29 0c
Oct 4 09:18:09 firewall pluto[26478]: | c1 f5 cc 73 2c eb 3d 24 e1
7e 52 da bd 27 e2 f0
Oct 4 09:18:09 firewall pluto[26478]: | 09 b1 9c 76 dc 1b d6 fc 82
b0 56 47 1c 51 93 cf
Oct 4 09:18:09 firewall pluto[26478]: | ee 95 d0 02 7c 32 d4 85 fd
89 0a 66 b5 97 ce 86
Oct 4 09:18:09 firewall pluto[26478]: | f4 d5 26 a9 21 07 e8 3e af
7e b9 98 4d 39 87 bf
Oct 4 09:18:09 firewall pluto[26478]: | 02 fa c1 f8 fa f0 6a cb 09
e6 c1 3f 64 1d f8 d5
Oct 4 09:18:09 firewall pluto[26478]: | 0e 23 31 c2 29 b2 50 cb 32
f5 6d f5 5c 8e 00 fa
Oct 4 09:18:09 firewall pluto[26478]: | ab 76 88 f4 e5 e1 38 c9 e9
50 17 cd cd b3 18 17
Oct 4 09:18:09 firewall pluto[26478]: | b3 3e 8c f5 da ed 64 74 14
9c 14 3c ab dd 99 a9
Oct 4 09:18:09 firewall pluto[26478]: | bd 5b 28 4d 8b 3c c9 d8 c0
7a 98 68 8d 89 fb ab
Oct 4 09:18:09 firewall pluto[26478]: | 05 64 0c 11 7d aa 7d 65 b8
ca cc 4e a8 e3 02 96
Oct 4 09:18:09 firewall pluto[26478]: | 70 a6 8b 57 eb ec ef cc 29
4e 91 74 9a d4 92 38
Oct 4 09:18:09 firewall pluto[26478]: | f7 93 19 ef df c1 f5 20 fb
ac 85 55 2c f2 d2 8f
Oct 4 09:18:09 firewall pluto[26478]: | 5a b9 ca 0b 30 a4 e6 4f de
76 8a fc ed 5a 90 84
Oct 4 09:18:09 firewall pluto[26478]: | 28 30 46 79 2c 29 15 70 48
e6 68 f9 2b d2 b2 95
Oct 4 09:18:09 firewall pluto[26478]: | d7 47 d8 23 20 10 4f 33 98
90 9f d4 c4 30 28 c5
Oct 4 09:18:09 firewall pluto[26478]: | d3 e3 08 0c 10 44 8b 2c 77
ba 24 53 97 60 bb f9
Oct 4 09:18:09 firewall pluto[26478]: | 69 c4 27 db 59 69 68 18 47
e2 52 17 0a e0 e5 7f
Oct 4 09:18:09 firewall pluto[26478]: | ab 9d ef 0f ba 42 b0 81 88
53 88 1d 86 63 bd 4c
Oct 4 09:18:09 firewall pluto[26478]: | c0 5e 08 fe ea 6e bb 77 87
db d4 5f b0 92 8d 4e
Oct 4 09:18:09 firewall pluto[26478]: | 1d f8 15 67 e7 f2 ab af d6
2b 67 75 6e 58 4e 33
Oct 4 09:18:09 firewall pluto[26478]: | 75 bd 57 f6 d5 42 1b 16 01
c2 d8 c0 f5 3a 9f 6e
Oct 4 09:18:09 firewall pluto[26478]: | 4a 81 0c de f0 c0 90 0f 19
06 42 31 35 a2 a2 8d
Oct 4 09:18:09 firewall pluto[26478]: | d3 44 fd 08 d5 2e 13 c1 ab
e3 49 da e8 b4 95 94
Oct 4 09:18:09 firewall pluto[26478]: | ef 7c 38 43 60 64 66 bd 59
79 12 de 61 75 d6 6f
Oct 4 09:18:09 firewall pluto[26478]: | c4 23 b7 77 13 74 c7 96 de
6f 88 72 6c ca bd 7d
Oct 4 09:18:09 firewall pluto[26478]: | b4 7e 94 a5 75 99 01 b6 a7
df d4 5d 1c 09 1c cc
Oct 4 09:18:09 firewall pluto[26478]: | 6a 47 a2 67 c9 2e 2f 19 68
8b 9b 86 61 66 95 ed
Oct 4 09:18:09 firewall pluto[26478]: | c1 2c 13 00 42 32 b6 16 fa
04 fd fe 5d 4b 7a c3
Oct 4 09:18:09 firewall pluto[26478]: | fd f7 4c 40 1d 5a 43 af 1a
21 b4 95 2b 62 93 ce
Oct 4 09:18:09 firewall pluto[26478]: | 18 b3 65 ec 9c 0e 93 4c b3
81 e6 d4 a5 06 8a 78
Oct 4 09:18:09 firewall pluto[26478]: | cf 84 bd 74 32 dd 58 f9 65
eb 3a 55 e7 c7 80 dc
Oct 4 09:18:09 firewall pluto[26478]: | e2 7f 7b d8 77 d5 df 9e 0a
3f 9e b4 cb 0e 2e a9
Oct 4 09:18:09 firewall pluto[26478]: | ef db 69 77 5f f3 24 6c 8f
91 24 af 9b 5f 3e b0
Oct 4 09:18:09 firewall pluto[26478]: | 34 6a f4 2d 5c a8 5d cc 83
31 7e 62 85 42 53 d6
Oct 4 09:18:09 firewall pluto[26478]: | d7 78 31 90 ec 91 90 56 e9
91 b9 e3 3e 22 d4 2c
Oct 4 09:18:09 firewall pluto[26478]: | 1f 02 44 b8 04 10 65 61 7c
c7 6b ae da 87 29 9c
Oct 4 09:18:09 firewall pluto[26478]: | 55 e4 81 d1 11 80 be d8 89
b9 08 a3 31 f9 a1 24
Oct 4 09:18:09 firewall pluto[26478]: | 09 16 b9 70 b1 81 08 1a 19
a4 c0 94 1f fa e8 95
Oct 4 09:18:09 firewall pluto[26478]: | 28 c1 24 c9 9b 34 ac c7 21
0f 2c 89 f7 c4 cd 5d
Oct 4 09:18:09 firewall pluto[26478]: | 1b 82 5e 38 d6 c6 59 3b a6
93 75 ae 23 4b 71 25
Oct 4 09:18:09 firewall pluto[26478]: | 56 13 e1 30 dd e3 42 69 c9
cc 30 d4 6f 08 41 e0
Oct 4 09:18:09 firewall pluto[26478]: | 00 ad d9 a3 f6 79 f6 6e 74
a9 7f 33 3d 81 17 d7
Oct 4 09:18:09 firewall pluto[26478]: | 4c cf 33 de bb c2 3e 29 0b
b3 28 77 1d ad 3e a2
Oct 4 09:18:09 firewall pluto[26478]: | 4d bd f4 23 bd 06 b0 3d b0
19 89 e7 ef fb 4a af
Oct 4 09:18:09 firewall pluto[26478]: | cb 14 8f 58 46 39 76 22 41
50 e1 ba c8 95 13 68
Oct 4 09:18:09 firewall pluto[26478]: | 01 97 28 0a 2c 55 c3 fc d3
90 f5 3a 05 3b c9 fb
Oct 4 09:18:09 firewall pluto[26478]: | ee e5 9f 1e 2a a5 44 c3 cb
25 43 a6 9a 5b d4 6a
Oct 4 09:18:09 firewall pluto[26478]: | 25 bc bb 8e 90 2f 82 a3 7c
47 97 01 1e 0f 4b a5
Oct 4 09:18:09 firewall pluto[26478]: | af 13 13 c2 11 13 47 ea 7c
32 d4 85 fd 89 0a 66
Oct 4 09:18:09 firewall pluto[26478]: | b5 97 ce 86 f4 d5 26 a9 21
07 e8 3e 68 33 0e 61
Oct 4 09:18:09 firewall pluto[26478]: | 35 85 21 59 29 83 a3 c8 d2
d2 e1 40 6e 7a b3 c1
Oct 4 09:18:09 firewall pluto[26478]: | 9c a9 8d 00 af 74 0d dd 81
80 d2 13 45 a5 8b 8f
Oct 4 09:18:09 firewall pluto[26478]: | 2e 94 38 d6 4f 9c 7d 21 79
9c ad 0e d8 b9 0c 57
Oct 4 09:18:09 firewall pluto[26478]: | 9f 1a 02 99 e7 90 f3 87
Oct 4 09:18:09 firewall pluto[26478]: | cert blob content is not
binary ASN.1
Oct 4 09:18:09 firewall pluto[26478]: | verifying AUTH payload
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 1.37 milliseconds
Oct 4 09:18:09 firewall pluto[26478]: | required RSA CA is 'C=CA,
ST=Yukon, O=Planyukon, OU=Administrator, CN=Planyukon Certificate Authority'
Oct 4 09:18:09 firewall pluto[26478]: | checking RSA keyid 'C=CA,
ST=Yukon, O=Planyukon, OU=Network Admin, CN=Heidi Hansen' for match with
'C=CA, ST=Yukon, O=Planyukon, OU=Network Admin, CN=Heidi Hansen'
Oct 4 09:18:09 firewall pluto[26478]: | trusted_ca_nss: trustee A =
'C=CA, ST=Yukon, O=Planyukon, OU=Administrator, CN=Planyukon Certificate
Authority'
Oct 4 09:18:09 firewall pluto[26478]: | trusted_ca_nss: trustor B =
'C=CA, ST=Yukon, O=Planyukon, OU=Administrator, CN=Planyukon Certificate
Authority'
Oct 4 09:18:09 firewall pluto[26478]: | key issuer CA is 'C=CA,
ST=Yukon, O=Planyukon, OU=Administrator, CN=Planyukon Certificate Authority'
Oct 4 09:18:09 firewall pluto[26478]: | an RSA Sig check passed with
*AwEAAaOut [remote certificates]
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 0.372
milliseconds in try_all_RSA_keys() trying a pubkey
Oct 4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3:
Authenticated using RSA
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 0.487 milliseconds
in ikev2_verify_rsa_hash()
Oct 4 09:18:09 firewall pluto[26478]: | parent state #3:
PARENT_R1(half-open IKE SA) => PARENT_R2(established IKE SA)
Oct 4 09:18:09 firewall pluto[26478]: | #3 will expire in 3600 seconds
(policy doesn't allow re-key)
Oct 4 09:18:09 firewall pluto[26478]: | state #3 requesting
EVENT_CRYPTO_TIMEOUT to be deleted
Oct 4 09:18:09 firewall pluto[26478]: | libevent_free: release
ptr-libevent at 0x55d8599c5bf8
Oct 4 09:18:09 firewall pluto[26478]: | free_event_entry: release
EVENT_CRYPTO_TIMEOUT-pe at 0x55d8599c5b88
Oct 4 09:18:09 firewall pluto[26478]: | event_schedule: new
EVENT_SA_EXPIRE-pe at 0x55d8599c4868
Oct 4 09:18:09 firewall pluto[26478]: | inserting event
EVENT_SA_EXPIRE, timeout in 3600 seconds for #3
Oct 4 09:18:09 firewall pluto[26478]: | libevent_malloc: new
ptr-libevent at 0x55d8599b6b28 size 128
Oct 4 09:18:09 firewall pluto[26478]: | pstats #3 ikev2.ike established
Oct 4 09:18:09 firewall pluto[26478]: | **emit ISAKMP Message:
Oct 4 09:18:09 firewall pluto[26478]: | initiator cookie:
Oct 4 09:18:09 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41
Oct 4 09:18:09 firewall pluto[26478]: | responder cookie:
Oct 4 09:18:09 firewall pluto[26478]: | e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_NONE (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | ISAKMP version: IKEv2
version 2.0 (rfc4306/rfc5996) (0x20)
Oct 4 09:18:09 firewall pluto[26478]: | exchange type:
ISAKMP_v2_IKE_AUTH (0x23)
Oct 4 09:18:09 firewall pluto[26478]: | flags:
ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
Oct 4 09:18:09 firewall pluto[26478]: | Message ID: 1 (0x1)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: saving
message location 'ISAKMP Message'.'next payload type'
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 CERT: send a certificate?
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 CERT: OK to send a
certificate (always)
Oct 4 09:18:09 firewall pluto[26478]: | ***emit IKEv2 Encryption Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: setting
previous 'ISAKMP Message'.'next payload type' to current IKEv2
Encryption Payload (46:ISAKMP_NEXT_v2SK)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Encryption Payload'.'next payload type' in 'reply packet'
Oct 4 09:18:09 firewall pluto[26478]: | emitting 16 zero bytes of IV
into IKEv2 Encryption Payload
Oct 4 09:18:09 firewall pluto[26478]: | Initiator child policy is
compress=no, NOT sending v2N_IPCOMP_SUPPORTED
Oct 4 09:18:09 firewall pluto[26478]: | ****emit IKEv2 Identification -
Responder - Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | ID type: ID_FQDN (0x2)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: setting
previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2
Identification - Responder - Payload (36:ISAKMP_NEXT_v2IDr)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Identification - Responder - Payload'.'next payload
type' in 'reply packet'
Oct 4 09:18:09 firewall pluto[26478]: | emitting 21 raw bytes of my
identity into IKEv2 Identification - Responder - Payload
Oct 4 09:18:09 firewall pluto[26478]: | my identity 66 69 72 65 77 61
6c 6c 2e 70 6c 61 6e 79 75 6b
Oct 4 09:18:09 firewall pluto[26478]: | my identity 6f 6e 2e 63 61
Oct 4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2
Identification - Responder - Payload: 29
Oct 4 09:18:09 firewall pluto[26478]: | assembled IDr payload
Oct 4 09:18:09 firewall pluto[26478]: | Sending [CERT] of certificate:
E=bob at computerisms.ca,CN=firewall.planyukon.ca,OU=Administrator,O=Planyukon,ST=Yukon,C=CA
Oct 4 09:18:09 firewall pluto[26478]: | ****emit IKEv2 Certificate Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | ikev2 cert encoding:
CERT_X509_SIGNATURE (0x4)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: setting
previous 'IKEv2 Identification - Responder - Payload'.'next payload
type' to current IKEv2 Certificate Payload (37:ISAKMP_NEXT_v2CERT)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Certificate Payload'.'next payload type' in 'reply packet'
Oct 4 09:18:09 firewall pluto[26478]: | emitting 1652 raw bytes of CERT
into IKEv2 Certificate Payload
Oct 4 09:18:09 firewall pluto[26478]: | CERT 30 82 06 70 30 82 04 58
a0 03 02 01 02 02 14 2f
Oct 4 09:18:09 firewall pluto[26478]: | CERT 07 7a 4c f0 e2 ee fe f8
68 6f 6d 68 07 26 c0 40
Oct 4 09:18:09 firewall pluto[26478]: | CERT 68 4a bc 30 0d 06 09 2a
86 48 86 f7 0d 01 01 05
Oct 4 09:18:09 firewall pluto[26478]: | CERT 05 00 30 73 31 0b 30 09
06 03 55 04 06 13 02 43
Oct 4 09:18:09 firewall pluto[26478]: | CERT 41 31 0e 30 0c 06 03 55
04 08 13 05 59 75 6b 6f
Oct 4 09:18:09 firewall pluto[26478]: | CERT 6e 31 12 30 10 06 03 55
04 0a 13 09 50 6c 61 6e
Oct 4 09:18:09 firewall pluto[26478]: | CERT 79 75 6b 6f 6e 31 16 30
14 06 03 55 04 0b 13 0d
Oct 4 09:18:09 firewall pluto[26478]: | CERT 41 64 6d 69 6e 69 73 74
72 61 74 6f 72 31 28 30
Oct 4 09:18:09 firewall pluto[26478]: | CERT 26 06 03 55 04 03 13 1f
50 6c 61 6e 79 75 6b 6f
Oct 4 09:18:09 firewall pluto[26478]: | CERT 6e 20 43 65 72 74 69 66
69 63 61 74 65 20 41 75
Oct 4 09:18:09 firewall pluto[26478]: | CERT 74 68 6f 72 69 74 79 30
1e 17 0d 31 39 30 38 32
Oct 4 09:18:09 firewall pluto[26478]: | CERT 31 30 34 34 30 35 31 5a
17 0d 32 39 30 38 31 38
Oct 4 09:18:09 firewall pluto[26478]: | CERT 30 34 34 30 35 31 5a 30
81 8d 31 0b 30 09 06 03
Oct 4 09:18:09 firewall pluto[26478]: | CERT 55 04 06 13 02 43 41 31
0e 30 0c 06 03 55 04 08
Oct 4 09:18:09 firewall pluto[26478]: | CERT 13 05 59 75 6b 6f 6e 31
12 30 10 06 03 55 04 0a
Oct 4 09:18:09 firewall pluto[26478]: | CERT 13 09 50 6c 61 6e 79 75
6b 6f 6e 31 16 30 14 06
Oct 4 09:18:09 firewall pluto[26478]: | CERT 03 55 04 0b 13 0d 41 64
6d 69 6e 69 73 74 72 61
Oct 4 09:18:09 firewall pluto[26478]: | CERT 74 6f 72 31 1e 30 1c 06
03 55 04 03 13 15 66 69
Oct 4 09:18:09 firewall pluto[26478]: | CERT 72 65 77 61 6c 6c 2e 70
6c 61 6e 79 75 6b 6f 6e
Oct 4 09:18:09 firewall pluto[26478]: | CERT 2e 63 61 31 22 30 20 06
09 2a 86 48 86 f7 0d 01
Oct 4 09:18:09 firewall pluto[26478]: | CERT 09 01 16 13 62 6f 62 40
63 6f 6d 70 75 74 65 72
Oct 4 09:18:09 firewall pluto[26478]: | CERT 69 73 6d 73 2e 63 61 30
82 02 22 30 0d 06 09 2a
Oct 4 09:18:09 firewall pluto[26478]: | CERT 86 48 86 f7 0d 01 01 01
05 00 03 82 02 0f 00 30
Oct 4 09:18:09 firewall pluto[26478]: | CERT 82 02 0a 02 82 02 01 00
b3 d6 9c 4f 1c aa 52 fa
Oct 4 09:18:09 firewall pluto[26478]: | CERT d9 e9 e1 e3 38 1c c8 6d
27 e9 8b ee 59 72 c1 30
Oct 4 09:18:09 firewall pluto[26478]: | CERT dd cc 4e cc 2d 72 3e d9
51 75 0b 87 80 16 6d 5e
Oct 4 09:18:09 firewall pluto[26478]: | CERT dc ad 03 eb 86 d5 50 b9
10 c8 09 d6 ff 95 f1 e5
Oct 4 09:18:09 firewall pluto[26478]: | CERT ea 18 76 65 7e 3d 6c 52
82 72 26 94 1a 0d 9b 3e
Oct 4 09:18:09 firewall pluto[26478]: | CERT 6f 27 b9 0b 19 cd 00 73
3d 08 4d 63 58 eb ec 0a
Oct 4 09:18:09 firewall pluto[26478]: | CERT 60 c3 2f c9 d3 5e f5 de
dc 38 9c 68 93 d8 95 dc
Oct 4 09:18:09 firewall pluto[26478]: | CERT 94 06 6b 6e 97 b9 2d a3
68 e7 84 80 9a 74 22 b9
Oct 4 09:18:09 firewall pluto[26478]: | CERT c7 94 af c6 31 51 59 c2
9f 11 5d f5 41 1b 62 78
Oct 4 09:18:09 firewall pluto[26478]: | CERT e2 51 da 5b 08 4a cb 04
b9 c6 d5 12 25 d0 54 97
Oct 4 09:18:09 firewall pluto[26478]: | CERT bf 75 95 62 6e e8 91 11
ea b7 4f ed cb 4b 84 af
Oct 4 09:18:09 firewall pluto[26478]: | CERT cf 4f f6 fe ff 89 ce 72
33 02 b1 92 ff 8c 23 f2
Oct 4 09:18:09 firewall pluto[26478]: | CERT 1e 33 f4 b3 0c fc 1c a3
1d 65 76 c3 58 62 8a da
Oct 4 09:18:09 firewall pluto[26478]: | CERT 70 cb 08 15 0e a6 09 af
c4 74 84 13 7c 29 48 4a
Oct 4 09:18:09 firewall pluto[26478]: | CERT fe 3d 3c 22 b9 82 2f ce
cf 26 ba 6a c9 36 1a 34
Oct 4 09:18:09 firewall pluto[26478]: | CERT 9c 1f 3c 43 f8 6d f8 ec
34 ad ab 9b d6 48 ed 67
Oct 4 09:18:09 firewall pluto[26478]: | CERT a5 c6 f9 3e d8 af 26 a6
21 3c e9 69 b8 95 50 0e
Oct 4 09:18:09 firewall pluto[26478]: | CERT 8e 6d 95 fb e0 b8 c1 0a
6f a4 ee eb d7 05 0d 7f
Oct 4 09:18:09 firewall pluto[26478]: | CERT 91 3d 87 ae 64 12 09 7e
7e 32 fb 68 ca 59 74 ac
Oct 4 09:18:09 firewall pluto[26478]: | CERT 20 d7 49 4e 24 d2 cf 03
85 9d 10 5d 85 13 2a 1b
Oct 4 09:18:09 firewall pluto[26478]: | CERT e9 1f 3f 51 65 be 93 b7
4b 57 e8 b7 5c ac a5 42
Oct 4 09:18:09 firewall pluto[26478]: | CERT 98 cb 66 8b 9e ef 45 06
1f 73 67 79 ef 2f 09 7a
Oct 4 09:18:09 firewall pluto[26478]: | CERT 98 98 7b 8a 79 82 16 aa
ec 45 85 44 da c8 b3 69
Oct 4 09:18:09 firewall pluto[26478]: | CERT 5e 05 b9 21 ef e6 85 9f
78 50 a5 4e f3 e9 02 18
Oct 4 09:18:09 firewall pluto[26478]: | CERT dd 33 59 9d bc 52 3b 99
f2 d2 10 b9 04 7e 89 fa
Oct 4 09:18:09 firewall pluto[26478]: | CERT f2 9d ae 07 85 24 28 33
18 f6 84 fe c4 75 87 b1
Oct 4 09:18:09 firewall pluto[26478]: | CERT af 61 39 43 d9 fa e2 32
ee b0 ba df 01 21 d8 dd
Oct 4 09:18:09 firewall pluto[26478]: | CERT 46 e2 b0 bb ab 67 63 e1
90 21 30 f0 a0 ba 69 66
Oct 4 09:18:09 firewall pluto[26478]: | CERT 6a ee fa 0b a0 bb e2 e8
3e 02 63 ff f9 42 66 5c
Oct 4 09:18:09 firewall pluto[26478]: | CERT 60 de 50 ee 20 1c 2d 47
91 dd 87 e1 5e e0 50 35
Oct 4 09:18:09 firewall pluto[26478]: | CERT df 17 a2 17 ec 55 46 60
3f d4 35 f2 50 a6 b5 2f
Oct 4 09:18:09 firewall pluto[26478]: | CERT 13 15 53 34 97 8b 70 94
9e c2 b2 cc 1d 46 9c e5
Oct 4 09:18:09 firewall pluto[26478]: | CERT b5 f2 bc a1 c6 e3 77 29
02 03 01 00 01 a3 81 e0
Oct 4 09:18:09 firewall pluto[26478]: | CERT 30 81 dd 30 09 06 03 55
1d 13 04 02 30 00 30 1d
Oct 4 09:18:09 firewall pluto[26478]: | CERT 06 03 55 1d 0e 04 16 04
14 2d 70 5f 7a 94 95 51
Oct 4 09:18:09 firewall pluto[26478]: | CERT 2e 71 80 5f 11 b2 6d 07
70 59 ad 19 b1 30 1f 06
Oct 4 09:18:09 firewall pluto[26478]: | CERT 03 55 1d 23 04 18 30 16
80 14 58 46 ff be 1e 7c
Oct 4 09:18:09 firewall pluto[26478]: | CERT c5 3c 97 24 9b 56 06 16
f9 a5 0f 20 13 f4 30 4c
Oct 4 09:18:09 firewall pluto[26478]: | CERT 06 03 55 1d 1f 04 45 30
43 30 41 a0 3f a0 3d 86
Oct 4 09:18:09 firewall pluto[26478]: | CERT 3b 68 74 74 70 3a 2f 2f
63 72 6c 2e 70 6c 61 6e
Oct 4 09:18:09 firewall pluto[26478]: | CERT 79 75 6b 6f 6e 2e 63 61
2f 50 6c 61 6e 79 75 6b
Oct 4 09:18:09 firewall pluto[26478]: | CERT 6f 6e 2e 43 65 72 74 69
66 69 63 61 74 65 2e 41
Oct 4 09:18:09 firewall pluto[26478]: | CERT 75 74 68 6f 72 69 74 79
2e 63 72 6c 30 20 06 03
Oct 4 09:18:09 firewall pluto[26478]: | CERT 55 1d 11 04 19 30 17 82
15 66 69 72 65 77 61 6c
Oct 4 09:18:09 firewall pluto[26478]: | CERT 6c 2e 70 6c 61 6e 79 75
6b 6f 6e 2e 63 61 30 13
Oct 4 09:18:09 firewall pluto[26478]: | CERT 06 03 55 1d 25 04 0c 30
0a 06 08 2b 06 01 05 05
Oct 4 09:18:09 firewall pluto[26478]: | CERT 07 03 01 30 0b 06 03 55
1d 0f 04 04 03 02 01 e6
Oct 4 09:18:09 firewall pluto[26478]: | CERT 30 0d 06 09 2a 86 48 86
f7 0d 01 01 05 05 00 03
Oct 4 09:18:09 firewall pluto[26478]: | CERT 82 02 01 00 a0 1f 51 9c
08 da 38 de 88 64 a2 0a
Oct 4 09:18:09 firewall pluto[26478]: | CERT 09 70 e4 ca b6 1e 62 f7
b0 92 9b c3 7e fd 89 e4
Oct 4 09:18:09 firewall pluto[26478]: | CERT 63 da 75 ac 74 ba 11 58
a3 a4 a5 74 3a 19 a1 9c
Oct 4 09:18:09 firewall pluto[26478]: | CERT 68 10 28 6d 14 ff 15 e8
bd ae ad dd 44 80 37 d6
Oct 4 09:18:09 firewall pluto[26478]: | CERT fd 1a d9 c5 ee 0d 90 56
f6 21 d8 1d 3b eb 7b 27
Oct 4 09:18:09 firewall pluto[26478]: | CERT e2 1f 7a df 07 04 f9 28
f6 da d7 f5 fe 4e 64 f0
Oct 4 09:18:09 firewall pluto[26478]: | CERT b2 59 aa be 63 f0 67 3f
2a 7d b4 14 f9 4a 7f c7
Oct 4 09:18:09 firewall pluto[26478]: | CERT b0 62 ca 05 66 73 c2 c9
b1 c3 d8 b8 46 de 6c 6a
Oct 4 09:18:09 firewall pluto[26478]: | CERT 27 d0 ea 21 50 d7 7e 98
ff 74 55 c3 2a e8 93 f5
Oct 4 09:18:09 firewall pluto[26478]: | CERT 7f ec 4c dc ff c8 06 33
06 01 34 ee d9 cd 7c 08
Oct 4 09:18:09 firewall pluto[26478]: | CERT 70 5d cd 05 8d 36 8f 9a
35 f6 7d 0a 71 9b 6f d2
Oct 4 09:18:09 firewall pluto[26478]: | CERT db 0c b6 bc 14 42 1e b3
c0 d2 13 b6 a7 be cc e6
Oct 4 09:18:09 firewall pluto[26478]: | CERT e4 ce ee 68 55 34 47 4f
a3 8c 0d b8 c7 17 e9 9b
Oct 4 09:18:09 firewall pluto[26478]: | CERT d7 9d b0 d7 71 71 39 e3
5b 39 b4 8c be 8b 44 6d
Oct 4 09:18:09 firewall pluto[26478]: | CERT 1e 67 60 9c 20 d3 60 8e
ce e8 c3 6b d7 3a e1 b5
Oct 4 09:18:09 firewall pluto[26478]: | CERT 24 06 4a 70 8c ea be 27
0c 4b 94 df f9 67 e6 f8
Oct 4 09:18:09 firewall pluto[26478]: | CERT 67 8e d8 fd 2e e5 95 73
97 6f 2d 6f 33 1c 56 21
Oct 4 09:18:09 firewall pluto[26478]: | CERT a1 2b a3 53 c5 e0 0a 16
63 3b 85 41 1d 1f 0f 1a
Oct 4 09:18:09 firewall pluto[26478]: | CERT 3a 90 1a 7c ee 1f 68 b8
f4 e6 d6 3f c2 4c 2d 95
Oct 4 09:18:09 firewall pluto[26478]: | CERT 94 15 00 ce 40 41 c1 7e
ec 9d 0b a3 04 60 10 e5
Oct 4 09:18:09 firewall pluto[26478]: | CERT ce 77 3b 25 04 66 d4 1b
53 75 4a 52 1d 12 36 02
Oct 4 09:18:09 firewall pluto[26478]: | CERT 4f f2 68 0c 86 37 0a 7a
8b 1e f1 1b 79 a3 e2 55
Oct 4 09:18:09 firewall pluto[26478]: | CERT 08 b4 b3 97 0f 0c 8b 69
10 ee 2f 0e 7c a9 9e 9e
Oct 4 09:18:09 firewall pluto[26478]: | CERT f8 29 6d e6 65 2e 51 ae
64 ab 15 e1 ed 66 f3 4e
Oct 4 09:18:09 firewall pluto[26478]: | CERT e8 1b fd 95 34 2e 99 42
0f c9 e1 d5 35 24 3e 0a
Oct 4 09:18:09 firewall pluto[26478]: | CERT 07 4c 80 3f 31 b4 1e f6
a1 e2 88 a0 b4 aa 49 ae
Oct 4 09:18:09 firewall pluto[26478]: | CERT 6c 90 33 9d 8a 8f 0b b6
df d2 35 b5 73 72 d6 44
Oct 4 09:18:09 firewall pluto[26478]: | CERT be 6b 68 d2 5f 03 e2 2b
3e 29 0e e0 2a ca f0 ff
Oct 4 09:18:09 firewall pluto[26478]: | CERT 4b c9 6d 92 d3 63 dd 5b
a3 a2 64 d1 f4 97 be 01
Oct 4 09:18:09 firewall pluto[26478]: | CERT f2 c1 8f d3 6c b7 28 f9
fa 89 1f 45 bc 96 46 41
Oct 4 09:18:09 firewall pluto[26478]: | CERT 3e 3d a9 4a 29 28 72 55
07 c7 28 49 a8 a8 90 3c
Oct 4 09:18:09 firewall pluto[26478]: | CERT 95 ab 30 0a 42 71 e1 a9
05 2c ba 15 e8 fc 7b 6a
Oct 4 09:18:09 firewall pluto[26478]: | CERT 27 13 96 8d
Oct 4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2
Certificate Payload: 1657
Oct 4 09:18:09 firewall pluto[26478]: | CHILD SA proposals received
Oct 4 09:18:09 firewall pluto[26478]: | going to assemble AUTH payload
Oct 4 09:18:09 firewall pluto[26478]: | ****emit IKEv2 Authentication
Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2CP (0x2f)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | auth method: IKEv2_AUTH_RSA
(0x1)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: ignoring
supplied 'IKEv2 Authentication Payload'.'next payload type' value
47:ISAKMP_NEXT_v2CP
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: setting
previous 'IKEv2 Certificate Payload'.'next payload type' to current
IKEv2 Authentication Payload (39:ISAKMP_NEXT_v2AUTH)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Authentication Payload'.'next payload type' in 'reply
packet'
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 1.19 milliseconds
Oct 4 09:18:09 firewall pluto[26478]: | started looking for secret for
@firewall.planyukon.ca->C=CA, ST=Yukon, O=Planyukon, OU=Network Admin,
CN=Heidi Hansen of kind PKK_RSA
Oct 4 09:18:09 firewall pluto[26478]: | searching for certificate
PKK_RSA:AwEAAbPWn vs PKK_RSA:AwEAAbPWn
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 22.6
milliseconds in ikev2_calculate_rsa_hash() calling sign_hash_RSA()
Oct 4 09:18:09 firewall pluto[26478]: | emitting 512 raw bytes of rsa
signature into IKEv2 Authentication Payload
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 72 74 d3 af c2
ae c6 95 2f 8b 31 0f 36 21 2c 17
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 75 bb 1b 56 1c
1e 8b 1d 81 43 d0 b3 06 1f 33 be
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 1a 74 d0 4b 85
1a 65 c7 65 a2 b1 e9 11 36 f2 0d
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 8e b2 c2 ab 6e
26 2c 9b 0b ec 05 43 9a 3c 87 9c
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 4f ba 6f de 03
56 98 e0 82 28 bc e1 86 6a 0e 69
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 37 db b4 bc 07
51 9e c7 86 e9 4f 0c 01 40 12 95
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature f5 73 ab 7f 4c
0f 56 2a ef e3 58 28 68 5c 40 82
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 6f 86 1d b2 1c
ce f6 0a 03 b6 a1 e0 80 bf 14 52
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 6d c7 dc 17 9c
21 45 2b ee c5 e2 a9 2d 02 1d 51
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature ca 1c 62 dc c6
af 22 a2 cc ec 8f 88 fd bb 48 73
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature cc 55 3e 9c 80
a9 31 0c 50 c2 8c 30 34 a2 2f 8e
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 4d 70 6c 4d dc
ee 26 eb d6 b8 7e bc 8a 24 75 d6
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature b1 b7 74 7e c5
3e 4b 42 85 58 01 1e 62 21 2a bc
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 55 fe 98 3d 3e
42 a4 2b 5a 86 d2 8b d8 81 42 fd
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature a0 6b 13 d9 15
54 aa 7a 2f 59 4c 6b 10 e3 8a 11
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 45 75 73 bb e4
5e c9 29 1a 44 f8 49 bb c4 ae fd
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 46 6f ea 29 51
ff 50 46 51 74 1a d8 7f 39 5d 67
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 9c e5 19 86 30
dd 2f 79 f1 f3 b5 41 aa 59 b7 72
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature a3 3a 3c 5f 61
f1 7e 18 0e 6f 03 84 d3 34 95 f9
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 92 37 93 cb 22
c0 70 65 29 7f 67 94 d3 56 b1 a6
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 6c 13 d2 84 fc
f5 4a 9b 14 4f 29 ca c4 c4 c0 19
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature bb 9f 79 b1 cf
f1 59 17 4f c4 3a 3e cd 23 2c 11
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature db 71 b9 05 bd
b9 9d ed e4 68 6c 9b ff ed 52 39
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 48 48 a3 10 c6
0c 34 23 3c 92 b4 d2 01 83 6d 3e
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 86 84 d1 30 25
4d 1d af 05 34 1c fd 99 cb 95 9d
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature c3 90 3a 7d 0a
1b ef e1 f1 fa 0b d3 b7 1d 4e 0a
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature d9 b1 71 dc ad
23 e5 9c e5 6e 02 5e 8d f8 18 84
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 5c 22 82 4f 13
4f 0f 3e 9f 0d af c5 b1 5a 61 89
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 4b 36 15 3c 1e
db 1f f6 15 59 94 0a 96 ea 0c 13
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 3a d5 f5 f8 49
7a a4 a6 e7 a5 57 a0 97 eb e4 ef
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 16 5f bc de c1
29 dd 7e c0 fd c0 d2 8a 9b 7e c2
Oct 4 09:18:09 firewall pluto[26478]: | rsa signature 7b c0 cc 6b 06
30 d1 bf 38 d4 a2 9d 8c 61 e1 e3
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 23.1 milliseconds
in ikev2_calculate_rsa_hash()
Oct 4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2
Authentication Payload: 520
Oct 4 09:18:09 firewall pluto[26478]: | request lease from addresspool
10.25.0.2-10.25.0.19 reference count 2 thatid '' that.client.addr 10.25.0.2
Oct 4 09:18:09 firewall pluto[26478]: | addresspool can share this lease
Oct 4 09:18:09 firewall pluto[26478]: | in share_lease: found a
lingering addresspool lease 10.25.0.2 refcnt 2 for 'C=CA, ST=Yukon,
O=Planyukon, OU=Network Admin, CN=Heidi Hansen'
Oct 4 09:18:09 firewall pluto[26478]: | re-use lease 10.25.0.2 from
addresspool 10.25.0.2-10.25.0.19 to that.client.addr 10.25.0.2 thatid
'C=CA, ST=Yukon, O=Planyukon, OU=Network Admin, CN=Heidi Hansen'
Oct 4 09:18:09 firewall pluto[26478]: | creating state object #4 at
0x55d8599c7288
Oct 4 09:18:09 firewall pluto[26478]: | State DB: adding state object #4
Oct 4 09:18:09 firewall pluto[26478]: | pstats #4 ikev2.child started
Oct 4 09:18:09 firewall pluto[26478]: | duplicating state object #3
"rw-ikev2"[1] 50.117.137.129 as #4 for IPSEC SA
Oct 4 09:18:09 firewall pluto[26478]: | Send Configuration Payload reply
Oct 4 09:18:09 firewall pluto[26478]: | ****emit IKEv2 Configuration
Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2SA (0x21)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | ikev2_cfg_type:
IKEv2_CP_CFG_REPLY (0x2)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: ignoring
supplied 'IKEv2 Configuration Payload'.'next payload type' value
33:ISAKMP_NEXT_v2SA
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: setting
previous 'IKEv2 Authentication Payload'.'next payload type' to current
IKEv2 Configuration Payload (47:ISAKMP_NEXT_v2CP)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Configuration Payload'.'next payload type' in 'reply packet'
Oct 4 09:18:09 firewall pluto[26478]: | *****emit IKEv2 Configuration
Payload Attribute:
Oct 4 09:18:09 firewall pluto[26478]: | Attribute Type:
IKEv2_INTERNAL_IP4_ADDRESS (0x1)
Oct 4 09:18:09 firewall pluto[26478]: | emitting 4 raw bytes of
Internal IP Address into IKEv2 Configuration Payload Attribute
Oct 4 09:18:09 firewall pluto[26478]: | Internal IP Address 0a 19 00 02
Oct 4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2
Configuration Payload Attribute: 4
Oct 4 09:18:09 firewall pluto[26478]: | *****emit IKEv2 Configuration
Payload Attribute:
Oct 4 09:18:09 firewall pluto[26478]: | Attribute Type:
IKEv2_INTERNAL_IP4_DNS (0x3)
Oct 4 09:18:09 firewall pluto[26478]: | emitting 4 raw bytes of IP4_DNS
into IKEv2 Configuration Payload Attribute
Oct 4 09:18:09 firewall pluto[26478]: | IP4_DNS c0 a8 7e 0d
Oct 4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2
Configuration Payload Attribute: 4
Oct 4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2
Configuration Payload: 24
Oct 4 09:18:09 firewall pluto[26478]: | using existing local ESP/AH
proposals for rw-ikev2 (IKE_AUTH responder matching remote ESP/AH
proposals): 1:ESP:ENCR=AES_GCM_C_256;INTEG=NONE;ESN=DISABLED
2:ESP:ENCR=AES_GCM_C_128;INTEG=NONE;ESN=DISABLED
3:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;ESN=DISABLED
4:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;ESN=DISABLED
5:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA1_96;ESN=DISABLED
Oct 4 09:18:09 firewall pluto[26478]: | Comparing remote proposals
against IKE_AUTH responder matching remote ESP/AH proposals 5 local
proposals
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 1 type ENCR has
1 transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 1 type PRF has 0
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 1 type INTEG has
1 transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 1 type DH has 0
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 1 type ESN has 1
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 1 transforms:
required: ENCR+ESN; optional: INTEG
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 2 type ENCR has
1 transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 2 type PRF has 0
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 2 type INTEG has
1 transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 2 type DH has 0
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 2 type ESN has 1
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 2 transforms:
required: ENCR+ESN; optional: INTEG
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 3 type ENCR has
1 transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 3 type PRF has 0
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 3 type INTEG has
2 transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 3 type DH has 0
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 3 type ESN has 1
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 3 transforms:
required: ENCR+INTEG+ESN; optional: none
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 4 type ENCR has
1 transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 4 type PRF has 0
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 4 type INTEG has
2 transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 4 type DH has 0
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 4 type ESN has 1
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 4 transforms:
required: ENCR+INTEG+ESN; optional: none
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 5 type ENCR has
1 transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 5 type PRF has 0
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 5 type INTEG has
1 transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 5 type DH has 0
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 5 type ESN has 1
transforms
Oct 4 09:18:09 firewall pluto[26478]: | local proposal 5 transforms:
required: ENCR+INTEG+ESN; optional: none
Oct 4 09:18:09 firewall pluto[26478]: | ***parse IKEv2 Proposal
Substructure Payload:
Oct 4 09:18:09 firewall pluto[26478]: | last proposal:
v2_PROPOSAL_NON_LAST (0x2)
Oct 4 09:18:09 firewall pluto[26478]: | length: 40 (0x28)
Oct 4 09:18:09 firewall pluto[26478]: | prop #: 1 (0x1)
Oct 4 09:18:09 firewall pluto[26478]: | proto ID:
IKEv2_SEC_PROTO_ESP (0x3)
Oct 4 09:18:09 firewall pluto[26478]: | spi size: 4 (0x4)
Oct 4 09:18:09 firewall pluto[26478]: | # transforms: 3 (0x3)
Oct 4 09:18:09 firewall pluto[26478]: | parsing 4 raw bytes of IKEv2
Proposal Substructure Payload into remote SPI
Oct 4 09:18:09 firewall pluto[26478]: | remote SPI 57 ae 03 4e
Oct 4 09:18:09 firewall pluto[26478]: | Comparing remote proposal 1
containing 3 transforms against local proposal [1..5] of 5 local proposals
Oct 4 09:18:09 firewall pluto[26478]: | ****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:09 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:09 firewall pluto[26478]: | length: 12 (0xc)
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_ENCR (0x1)
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 transform ID: AES_CBC
(0xc)
Oct 4 09:18:09 firewall pluto[26478]: | *****parse IKEv2 Attribute
Substructure Payload:
Oct 4 09:18:09 firewall pluto[26478]: | af+type: AF+IKEv2_KEY_LENGTH
(0x800e)
Oct 4 09:18:09 firewall pluto[26478]: | length/value: 256 (0x100)
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 0
(ENCR=AES_CBC_256) matches local proposal 3 type 1 (ENCR) transform 0
Oct 4 09:18:09 firewall pluto[26478]: | ****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:09 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:09 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_INTEG (0x3)
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 transform ID:
AUTH_HMAC_SHA1_96 (0x2)
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 1
(INTEG=HMAC_SHA1_96) matches local proposal 5 type 3 (INTEG) transform 0
Oct 4 09:18:09 firewall pluto[26478]: | ****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:09 firewall pluto[26478]: | last transform:
v2_TRANSFORM_LAST (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_ESN (0x5)
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 transform ID:
ESN_DISABLED (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 2
(ESN=DISABLED) matches local proposal 1 type 5 (ESN) transform 0
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 2
(ESN=DISABLED) matches local proposal 2 type 5 (ESN) transform 0
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 2
(ESN=DISABLED) matches local proposal 3 type 5 (ESN) transform 0
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 2
(ESN=DISABLED) matches local proposal 4 type 5 (ESN) transform 0
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 2
(ESN=DISABLED) matches local proposal 5 type 5 (ESN) transform 0
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 1 proposed
transforms: ENCR+INTEG+ESN; matched: ENCR+INTEG+ESN; unmatched: none
Oct 4 09:18:09 firewall pluto[26478]: | comparing remote proposal 1
containing ENCR+INTEG+ESN transforms to local proposal 1; required:
ENCR+ESN; optional: INTEG; matched: ESN
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 1 does not
match local proposal 1; unmatched transforms: ENCR+INTEG; missing
transforms: ENCR
Oct 4 09:18:09 firewall pluto[26478]: | comparing remote proposal 1
containing ENCR+INTEG+ESN transforms to local proposal 2; required:
ENCR+ESN; optional: INTEG; matched: ESN
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 1 does not
match local proposal 2; unmatched transforms: ENCR+INTEG; missing
transforms: ENCR
Oct 4 09:18:09 firewall pluto[26478]: | comparing remote proposal 1
containing ENCR+INTEG+ESN transforms to local proposal 3; required:
ENCR+INTEG+ESN; optional: none; matched: ENCR+ESN
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 1 does not
match local proposal 3; unmatched transforms: INTEG; missing transforms:
INTEG
Oct 4 09:18:09 firewall pluto[26478]: | comparing remote proposal 1
containing ENCR+INTEG+ESN transforms to local proposal 4; required:
ENCR+INTEG+ESN; optional: none; matched: ESN
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 1 does not
match local proposal 4; unmatched transforms: ENCR+INTEG; missing
transforms: ENCR+INTEG
Oct 4 09:18:09 firewall pluto[26478]: | comparing remote proposal 1
containing ENCR+INTEG+ESN transforms to local proposal 5; required:
ENCR+INTEG+ESN; optional: none; matched: INTEG+ESN
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 1 does not
match local proposal 5; unmatched transforms: ENCR; missing transforms: ENCR
Oct 4 09:18:09 firewall pluto[26478]: | Remote proposal 1 matches no
local proposals
Oct 4 09:18:09 firewall pluto[26478]: | ***parse IKEv2 Proposal
Substructure Payload:
Oct 4 09:18:09 firewall pluto[26478]: | last proposal:
v2_PROPOSAL_LAST (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | length: 36 (0x24)
Oct 4 09:18:09 firewall pluto[26478]: | prop #: 2 (0x2)
Oct 4 09:18:09 firewall pluto[26478]: | proto ID:
IKEv2_SEC_PROTO_ESP (0x3)
Oct 4 09:18:09 firewall pluto[26478]: | spi size: 4 (0x4)
Oct 4 09:18:09 firewall pluto[26478]: | # transforms: 3 (0x3)
Oct 4 09:18:09 firewall pluto[26478]: | parsing 4 raw bytes of IKEv2
Proposal Substructure Payload into remote SPI
Oct 4 09:18:09 firewall pluto[26478]: | remote SPI 57 ae 03 4e
Oct 4 09:18:09 firewall pluto[26478]: | Comparing remote proposal 2
containing 3 transforms against local proposal [1..5] of 5 local proposals
Oct 4 09:18:09 firewall pluto[26478]: | ****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:09 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:09 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_ENCR (0x1)
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 transform ID: 3DES (0x3)
Oct 4 09:18:09 firewall pluto[26478]: | ****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:09 firewall pluto[26478]: | last transform:
v2_TRANSFORM_NON_LAST (0x3)
Oct 4 09:18:09 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_INTEG (0x3)
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 transform ID:
AUTH_HMAC_SHA1_96 (0x2)
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 2 transform 1
(INTEG=HMAC_SHA1_96) matches local proposal 5 type 3 (INTEG) transform 0
Oct 4 09:18:09 firewall pluto[26478]: | ****parse IKEv2 Transform
Substructure Payload:
Oct 4 09:18:09 firewall pluto[26478]: | last transform:
v2_TRANSFORM_LAST (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | length: 8 (0x8)
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 transform type:
TRANS_TYPE_ESN (0x5)
Oct 4 09:18:09 firewall pluto[26478]: | IKEv2 transform ID:
ESN_DISABLED (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 2 transform 2
(ESN=DISABLED) matches local proposal 1 type 5 (ESN) transform 0
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 2 transform 2
(ESN=DISABLED) matches local proposal 2 type 5 (ESN) transform 0
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 2 transform 2
(ESN=DISABLED) matches local proposal 3 type 5 (ESN) transform 0
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 2 transform 2
(ESN=DISABLED) matches local proposal 4 type 5 (ESN) transform 0
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 2 transform 2
(ESN=DISABLED) matches local proposal 5 type 5 (ESN) transform 0
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 2 proposed
transforms: ENCR+INTEG+ESN; matched: INTEG+ESN; unmatched: ENCR
Oct 4 09:18:09 firewall pluto[26478]: | remote proposal 2 does not
match; unmatched remote transforms: ENCR
Oct 4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3:
no local proposal matches remote proposals
1:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA1_96;ESN=DISABLED
2:ESP:ENCR=3DES;INTEG=HMAC_SHA1_96;ESN=DISABLED
Oct 4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3:
IKE_AUTH responder matching remote ESP/AH proposals failed, responder SA
processing returned STF_FAIL+v2N_NO_PROPOSAL_CHOSEN
Oct 4 09:18:09 firewall pluto[26478]: | ikev2_child_sa_respond returned
STF_FAIL+v2N_NO_PROPOSAL_CHOSEN
Oct 4 09:18:09 firewall pluto[26478]: |
ikev2_parent_inI2outR2_continue_tail returned
STF_FAIL+v2N_NO_PROPOSAL_CHOSEN
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 1.3 milliseconds
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 28.7 milliseconds in
processing: Responder: process IKE_AUTH request
Oct 4 09:18:09 firewall pluto[26478]: | processing: suspend state #3
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:63837 (in
complete_v2_state_transition() at ikev2.c:3157)
Oct 4 09:18:09 firewall pluto[26478]: | processing: start state #4
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:63837 (in
complete_v2_state_transition() at ikev2.c:3157)
Oct 4 09:18:09 firewall pluto[26478]: | #4 complete v2 state transition
from UNDEFINED md.from_state=PARENT_R1 svm.state=PARENT_R1 to V2_IPSEC_R
with status STF_FAIL+v2N_NO_PROPOSAL_CHOSEN
Oct 4 09:18:09 firewall pluto[26478]: | sending a notification reply
Oct 4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #4:
responding to IKE_AUTH message (ID 1) from 50.117.137.129:63837 with
encrypted notification NO_PROPOSAL_CHOSEN
Oct 4 09:18:09 firewall pluto[26478]: | Opening output PBS encrypted
notification
Oct 4 09:18:09 firewall pluto[26478]: | **emit ISAKMP Message:
Oct 4 09:18:09 firewall pluto[26478]: | initiator cookie:
Oct 4 09:18:09 firewall pluto[26478]: | be 61 b8 3c 91 27 58 41
Oct 4 09:18:09 firewall pluto[26478]: | responder cookie:
Oct 4 09:18:09 firewall pluto[26478]: | e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_NONE (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | ISAKMP version: IKEv2
version 2.0 (rfc4306/rfc5996) (0x20)
Oct 4 09:18:09 firewall pluto[26478]: | exchange type:
ISAKMP_v2_IKE_AUTH (0x23)
Oct 4 09:18:09 firewall pluto[26478]: | flags:
ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
Oct 4 09:18:09 firewall pluto[26478]: | Message ID: 1 (0x1)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: saving
message location 'ISAKMP Message'.'next payload type'
Oct 4 09:18:09 firewall pluto[26478]: | ***emit IKEv2 Encryption Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: setting
previous 'ISAKMP Message'.'next payload type' to current IKEv2
Encryption Payload (46:ISAKMP_NEXT_v2SK)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Encryption Payload'.'next payload type' in 'encrypted
notification'
Oct 4 09:18:09 firewall pluto[26478]: | emitting 16 zero bytes of IV
into IKEv2 Encryption Payload
Oct 4 09:18:09 firewall pluto[26478]: | Adding a v2N Payload
Oct 4 09:18:09 firewall pluto[26478]: | ****emit IKEv2 Notify Payload:
Oct 4 09:18:09 firewall pluto[26478]: | next payload type:
ISAKMP_NEXT_v2NONE (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | flags: none (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | Protocol ID:
PROTO_v2_RESERVED (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | SPI size: 0 (0x0)
Oct 4 09:18:09 firewall pluto[26478]: | Notify Message Type:
v2N_NO_PROPOSAL_CHOSEN (0xe)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: setting
previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2
Notify Payload (41:ISAKMP_NEXT_v2N)
Oct 4 09:18:09 firewall pluto[26478]: | next payload chain: saving
location 'IKEv2 Notify Payload'.'next payload type' in 'encrypted
notification'
Oct 4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2 Notify
Payload: 8
Oct 4 09:18:09 firewall pluto[26478]: | adding 8 bytes of padding
(including 1 byte padding-length)
Oct 4 09:18:09 firewall pluto[26478]: | emitting 1 0x00 repeated bytes
of padding and length into IKEv2 Encryption Payload
Oct 4 09:18:09 firewall pluto[26478]: | emitting 1 0x01 repeated bytes
of padding and length into IKEv2 Encryption Payload
Oct 4 09:18:09 firewall pluto[26478]: | emitting 1 0x02 repeated bytes
of padding and length into IKEv2 Encryption Payload
Oct 4 09:18:09 firewall pluto[26478]: | emitting 1 0x03 repeated bytes
of padding and length into IKEv2 Encryption Payload
Oct 4 09:18:09 firewall pluto[26478]: | emitting 1 0x04 repeated bytes
of padding and length into IKEv2 Encryption Payload
Oct 4 09:18:09 firewall pluto[26478]: | emitting 1 0x05 repeated bytes
of padding and length into IKEv2 Encryption Payload
Oct 4 09:18:09 firewall pluto[26478]: | emitting 1 0x06 repeated bytes
of padding and length into IKEv2 Encryption Payload
Oct 4 09:18:09 firewall pluto[26478]: | emitting 1 0x07 repeated bytes
of padding and length into IKEv2 Encryption Payload
Oct 4 09:18:09 firewall pluto[26478]: | emitting 16 zero bytes of
length of truncated HMAC/KEY into IKEv2 Encryption Payload
Oct 4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2
Encryption Payload: 52
Oct 4 09:18:09 firewall pluto[26478]: | emitting length of ISAKMP
Message: 80
Oct 4 09:18:09 firewall pluto[26478]: | data being hmac: be 61 b8 3c
91 27 58 41 e8 c0 ee b0 3e 42 de 7e
Oct 4 09:18:09 firewall pluto[26478]: | data being hmac: 2e 20 23 20
00 00 00 01 00 00 00 50 29 00 00 34
Oct 4 09:18:09 firewall pluto[26478]: | data being hmac: db 2e 32 f7
06 1d ce da 2e b1 23 79 a2 03 1f 06
Oct 4 09:18:09 firewall pluto[26478]: | data being hmac: 04 91 7d 66
8b 0d d0 74 e5 f0 42 dd 60 79 f8 46
Oct 4 09:18:09 firewall pluto[26478]: | out calculated auth:
Oct 4 09:18:09 firewall pluto[26478]: | 3e 67 79 e9 d1 1b 40 39 4a
10 62 00 dd ca a7 86
Oct 4 09:18:09 firewall pluto[26478]: | sending 84 bytes for v2 notify
through enp3s0:4500 to 50.117.137.129:63837 (using #3)
Oct 4 09:18:09 firewall pluto[26478]: | 00 00 00 00 be 61 b8 3c 91
27 58 41 e8 c0 ee b0
Oct 4 09:18:09 firewall pluto[26478]: | 3e 42 de 7e 2e 20 23 20 00
00 00 01 00 00 00 50
Oct 4 09:18:09 firewall pluto[26478]: | 29 00 00 34 db 2e 32 f7 06
1d ce da 2e b1 23 79
Oct 4 09:18:09 firewall pluto[26478]: | a2 03 1f 06 04 91 7d 66 8b
0d d0 74 e5 f0 42 dd
Oct 4 09:18:09 firewall pluto[26478]: | 60 79 f8 46 3e 67 79 e9 d1
1b 40 39 4a 10 62 00
Oct 4 09:18:09 firewall pluto[26478]: | dd ca a7 86
Oct 4 09:18:09 firewall pluto[26478]: | forcing #4 to a discard event
Oct 4 09:18:09 firewall pluto[26478]: | event_schedule: new
EVENT_SO_DISCARD-pe at 0x55d8599a1168
Oct 4 09:18:09 firewall pluto[26478]: | inserting event
EVENT_SO_DISCARD, timeout in 200 seconds for #4
Oct 4 09:18:09 firewall pluto[26478]: | libevent_malloc: new
ptr-libevent at 0x55d8599c6ff8 size 128
Oct 4 09:18:09 firewall pluto[26478]: | state transition function for
STATE_UNDEFINED failed: v2N_NO_PROPOSAL_CHOSEN
Oct 4 09:18:09 firewall pluto[26478]: | #3 spent 32.2 milliseconds in
callback for work-order 4: compute dh (V2) (ikev2_inI2outR2 KE)
Oct 4 09:18:09 firewall pluto[26478]: | processing: stop state #4
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:63837 (in
schedule_event_now_cb() at server.c:814)
Oct 4 09:18:09 firewall pluto[26478]: | stop executing now-event
sending helper answer for #3
Oct 4 09:18:09 firewall pluto[26478]: | libevent_free: release
ptr-libevent at 0x7f258801c268
On 2019-09-12 11:56 a.m., Nels Lindquist wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 2019/09/09 11:19 p.m., Computerisms Corporation wrote:
>> Greetings Gurus,
>>
>> Having updated a good number of my firewalls to debian bullseye
>> and libreswan 3.29, seemed reasonable to continue the quest.
>
> What version were you upgrading from? Was it older than 3.28?
>
>> Then I came across one that has had me stumped for a while now.
>>
>> Windows 10 gives policy match error, and libreswan logs gives a
>> no-proposal-chosen error. I found and read lots of stuff that is
>> pretty much all just details to this entry on the wiki:
>>
>> https://libreswan.org/wiki/FAQ#Microsoft_Windows_connection_attempts_fail_with_NO_POROPOSAL_CHOSEN
>>
>> I have tried the registry entry, I have tried the ike= and esp=
>> entries, as well as some entries that have worked in the past for
>> me.
>>
>> Have tried removing libreswan entirely and recompiling and
>> reinstalling, just in case a sun spot did something during the
>> initial install.
>>
>> Wondering if any one has any other suggestions as to what the
>> hiccup might be?
>
> After upgrading from an older version of libreswan I experienced
> similar problems with Windows.
>
> I noted the following in CHANGES from the v3.28 release:
>
>> * IKE: Change default connection from IKEv1 to IKEv2 [Paul]
>
> I then included an "ikev2=no" directive in my Windows-related
> configurations, and everything started working for me again.
>
> - ----
> Nels Lindquist
> <nlindq at maei.ca>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
>
> iEYEARECAAYFAl16lM8ACgkQh6z5POoOLgTpBgCfeAMo0ml+Gs/aebVaDcGkPQFF
> NkcAoIjMu3HBSQRUYFfa21lMKQW8hgbU
> =V4Pq
> -----END PGP SIGNATURE-----
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
>
More information about the Swan
mailing list