[Swan] windows 10 Policy Match Error

Computerisms Corporation bob at computerisms.ca
Fri Oct 4 16:30:52 UTC 2019


Hi Nels and Paul,

Apologies for the delayed reply, I was overly busy at the moment and 
duct taped the immediate issue with some iptables rules and port 
forwarding.  But need something better and I am back to trying to solve 
this now.

I tried setting ikev2 from yes to no, sadly did not change the situation.

Oddly enough I put a brand new setup together about a week ago, with a 
brand new laptop, and it connected fine.  Yesterday I configured a bunch 
of other laptops to connect to that same firewall, and now nothing 
connects to it.  That causes me to wonder if a windows update that 
wasn't installed to begin with is there now on the brand new laptop.

Regardless, I faced this problem with windows7 way back, and I managed 
to solve it that time with a post I found on the strong swan list.  So 
my instinct is telling me I need to find the correct ike=/esp= lines to 
fix this problem.  I did find a post from strong swan from Oct/Nov 2018:

https://wiki.strongswan.org/issues/2808

But none of those cipher lines worked.

Similarly there are a set of ciphers listed on the libreswan wiki under 
the no_proposal_chosen section, and those are not working either.

I am thinking the next task is to go through the debug log and find out 
what proposals windows is expecting, and try to construct appropriate 
ike=/esp= lines.  I found the parts of the man page that explain how to 
write the ciphers, but having a hard time translating the log entries 
into valid cipher descriptions for the conf file.

Posting the debug log here in case any one is interested in having a look...





Oct  4 09:18:08 firewall pluto[26478]: | *received 632 bytes from 
50.117.137.129:500 on enp3s0 (port=500)
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41  00 
00 00 00  00 00 00 00
Oct  4 09:18:08 firewall pluto[26478]: |   21 20 22 08  00 00 00 00  00 
00 02 78  22 00 00 88
Oct  4 09:18:08 firewall pluto[26478]: |   02 00 00 2c  01 01 00 04  03 
00 00 0c  01 00 00 0c
Oct  4 09:18:08 firewall pluto[26478]: |   80 0e 01 00  03 00 00 08  03 
00 00 02  03 00 00 08
Oct  4 09:18:08 firewall pluto[26478]: |   02 00 00 02  00 00 00 08  04 
00 00 0e  02 00 00 2c
Oct  4 09:18:08 firewall pluto[26478]: |   02 01 00 04  03 00 00 0c  01 
00 00 0c  80 0e 01 00
Oct  4 09:18:08 firewall pluto[26478]: |   03 00 00 08  03 00 00 0c  03 
00 00 08  02 00 00 05
Oct  4 09:18:08 firewall pluto[26478]: |   00 00 00 08  04 00 00 0e  00 
00 00 2c  03 01 00 04
Oct  4 09:18:08 firewall pluto[26478]: |   03 00 00 0c  01 00 00 0c  80 
0e 01 00  03 00 00 08
Oct  4 09:18:08 firewall pluto[26478]: |   03 00 00 0d  03 00 00 08  02 
00 00 06  00 00 00 08
Oct  4 09:18:08 firewall pluto[26478]: |   04 00 00 0e  28 00 01 08  00 
0e 00 00  05 90 27 84
Oct  4 09:18:08 firewall pluto[26478]: |   bf 58 71 8c  d7 46 fb 21  c4 
92 1a 3d  16 f0 1d 08
Oct  4 09:18:08 firewall pluto[26478]: |   b8 5c 5f 50  31 01 2e 26  88 
ea 23 fb  10 43 aa 5d
Oct  4 09:18:08 firewall pluto[26478]: |   f3 cd a5 61  83 b6 05 97  c6 
7b b8 f2  9e f4 b5 60
Oct  4 09:18:08 firewall pluto[26478]: |   6b e2 b2 5a  c9 35 0e 4f  a7 
cc 68 99  be 10 80 e2
Oct  4 09:18:08 firewall pluto[26478]: |   ef fe 78 68  1d ea 2c fb  98 
cc 6f ce  e9 57 3c 6e
Oct  4 09:18:08 firewall pluto[26478]: |   77 cb 9f a1  38 67 89 58  cd 
8c a2 43  6a 7d 4e aa
Oct  4 09:18:08 firewall pluto[26478]: |   88 17 98 ed  6b db d9 e8  40 
a5 00 31  7c 1b d5 f6
Oct  4 09:18:08 firewall pluto[26478]: |   0b cf 50 44  99 f7 3c 55  d4 
ff 2e f9  9f 47 53 64
Oct  4 09:18:08 firewall pluto[26478]: |   a1 50 56 e8  09 77 4d 24  cb 
c5 3c 7d  4d 21 04 10
Oct  4 09:18:08 firewall pluto[26478]: |   97 a0 e4 72  ec 74 14 09  5e 
fa 92 4c  07 b7 64 8f
Oct  4 09:18:08 firewall pluto[26478]: |   a0 ed 53 1f  80 51 88 cd  99 
6e 1f 63  ab 2e 86 68
Oct  4 09:18:08 firewall pluto[26478]: |   5c 3a eb 38  35 37 1a 24  31 
09 34 d3  44 9b a8 1f
Oct  4 09:18:08 firewall pluto[26478]: |   e6 be 0c 22  65 92 da 0d  be 
45 5f 0c  31 b9 d4 da
Oct  4 09:18:08 firewall pluto[26478]: |   2d a2 7d e8  70 65 c8 56  5f 
72 66 f5  99 fa 97 c6
Oct  4 09:18:08 firewall pluto[26478]: |   0d a9 19 17  8f 6f 87 29  8b 
38 2a 3c  aa 81 d2 a1
Oct  4 09:18:08 firewall pluto[26478]: |   a1 d6 75 cd  04 e8 08 cd  30 
ce 56 78  29 00 00 34
Oct  4 09:18:08 firewall pluto[26478]: |   4f e7 b5 24  aa b3 5d 43  43 
88 9b 6b  c7 da c2 82
Oct  4 09:18:08 firewall pluto[26478]: |   4d 33 d5 1e  f6 f7 7f 02  ea 
19 b4 a5  8f 66 d8 0a
Oct  4 09:18:08 firewall pluto[26478]: |   96 97 b6 cf  ec 5d e2 c6  95 
0a 1a 27  2f c4 34 6b
Oct  4 09:18:08 firewall pluto[26478]: |   29 00 00 08  00 00 40 2e  29 
00 00 1c  00 00 40 04
Oct  4 09:18:08 firewall pluto[26478]: |   32 ac 3e 3e  e6 9e 08 eb  79 
2b c3 e9  be 05 3b 5e
Oct  4 09:18:08 firewall pluto[26478]: |   77 30 32 95  2b 00 00 1c  00 
00 40 05  f9 80 7a 6b
Oct  4 09:18:08 firewall pluto[26478]: |   58 9b 4c 16  66 82 d9 07  a1 
5a 3f 7f  d5 a0 39 f8
Oct  4 09:18:08 firewall pluto[26478]: |   2b 00 00 18  1e 2b 51 69  05 
99 1c 7d  7c 96 fc bf
Oct  4 09:18:08 firewall pluto[26478]: |   b5 87 e4 61  00 00 00 09  2b 
00 00 14  fb 1d e3 cd
Oct  4 09:18:08 firewall pluto[26478]: |   f3 41 b7 ea  16 b7 e5 be  08 
55 f1 20  2b 00 00 14
Oct  4 09:18:08 firewall pluto[26478]: |   26 24 4d 38  ed db 61 b3  17 
2a 36 e3  d0 cf b8 19
Oct  4 09:18:08 firewall pluto[26478]: |   00 00 00 18  01 52 8b bb  c0 
06 96 12  18 49 ab 9a
Oct  4 09:18:08 firewall pluto[26478]: |   1c 5b 2a 51  00 00 00 02
Oct  4 09:18:08 firewall pluto[26478]: | processing: start from 
50.117.137.129:500 (in process_md() at demux.c:441)
Oct  4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct  4 09:18:08 firewall pluto[26478]: |    initiator cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41
Oct  4 09:18:08 firewall pluto[26478]: |    responder cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   00 00 00 00  00 00 00 00
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2SA (0x21)
Oct  4 09:18:08 firewall pluto[26478]: |    ISAKMP version: IKEv2 
version 2.0 (rfc4306/rfc5996) (0x20)
Oct  4 09:18:08 firewall pluto[26478]: |    exchange type: 
ISAKMP_v2_IKE_SA_INIT (0x22)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: 
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    Message ID: 0 (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 632 (0x278)
Oct  4 09:18:08 firewall pluto[26478]: |  processing version=2.0 packet 
with exchange type=ISAKMP_v2_IKE_SA_INIT (34)
Oct  4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request 
ISAKMP_v2_IKE_SA_INIT
Oct  4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct  4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object 
not found (find_v2_ike_sa_by_initiator_spi)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2SA)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Security 
Association Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2KE (0x22)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 136 (0x88)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2SA (len=132)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2KE)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Key Exchange 
Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2Ni (0x28)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 264 (0x108)
Oct  4 09:18:08 firewall pluto[26478]: |    DH group: 
OAKLEY_GROUP_MODP2048 (0xe)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2KE (len=256)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2Ni)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Nonce Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2N (0x29)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 52 (0x34)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2Ni (len=48)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2N)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Notify Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2N (0x29)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    Protocol ID: 
PROTO_v2_RESERVED (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    SPI size: 0 (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    Notify Message Type: 
v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2N (len=0)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2N)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Notify Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2N (0x29)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 28 (0x1c)
Oct  4 09:18:08 firewall pluto[26478]: |    Protocol ID: 
PROTO_v2_RESERVED (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    SPI size: 0 (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    Notify Message Type: 
v2N_NAT_DETECTION_SOURCE_IP (0x4004)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2N (len=20)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2N)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Notify Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2V (0x2b)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 28 (0x1c)
Oct  4 09:18:08 firewall pluto[26478]: |    Protocol ID: 
PROTO_v2_RESERVED (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    SPI size: 0 (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    Notify Message Type: 
v2N_NAT_DETECTION_DESTINATION_IP (0x4005)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2N (len=20)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2V)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Vendor ID Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2V (0x2b)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 24 (0x18)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2V (len=20)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2V)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Vendor ID Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2V (0x2b)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 20 (0x14)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2V (len=16)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2V)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Vendor ID Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2V (0x2b)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 20 (0x14)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2V (len=16)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2V)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Vendor ID Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 24 (0x18)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2V (len=20)
Oct  4 09:18:08 firewall pluto[26478]: | DDOS disabled and no cookie 
sent, continuing
Oct  4 09:18:08 firewall pluto[26478]: | #null state always idle
Oct  4 09:18:08 firewall pluto[26478]: | #0 in state PARENT_R0: 
processing SA_INIT request
Oct  4 09:18:08 firewall pluto[26478]: | selected state microcode 
Respond to IKE_SA_INIT
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with state 
specific processing
Oct  4 09:18:08 firewall pluto[26478]: | calling processor Respond to 
IKE_SA_INIT
Oct  4 09:18:08 firewall pluto[26478]: | find_host_connection 
me=50.117.146.127:500 him=50.117.137.129:500 policy=ECDSA+IKEV2_ALLOW
Oct  4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing 
50.117.146.127:500 to 0.0.0.0:500
Oct  4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing 
50.117.146.127:500 to 50.117.137.129:500
Oct  4 09:18:08 firewall pluto[26478]: | find_next_host_connection 
policy=ECDSA+IKEV2_ALLOW
Oct  4 09:18:08 firewall pluto[26478]: | found policy = 
RSASIG+ENCRYPT+TUNNEL+PFS+DONT_REKEY+IKEV2_ALLOW+IKEV2_ALLOW_NARROWING+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO 
(rw-ikev2)
Oct  4 09:18:08 firewall pluto[26478]: | find_next_host_connection 
returns empty
Oct  4 09:18:08 firewall pluto[26478]: | find_host_connection 
me=50.117.146.127:500 him=%any:500 policy=ECDSA+IKEV2_ALLOW
Oct  4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing 
50.117.146.127:500 to 50.117.137.129:500
Oct  4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing 
50.117.146.127:500 to 0.0.0.0:500
Oct  4 09:18:08 firewall pluto[26478]: | find_next_host_connection 
policy=ECDSA+IKEV2_ALLOW
Oct  4 09:18:08 firewall pluto[26478]: | found policy = 
RSASIG+ENCRYPT+TUNNEL+PFS+DONT_REKEY+IKEV2_ALLOW+IKEV2_ALLOW_NARROWING+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO 
(rw-ikev2)
Oct  4 09:18:08 firewall pluto[26478]: | find_next_host_connection 
returns empty
Oct  4 09:18:08 firewall pluto[26478]: | initial parent SA message 
received on 50.117.146.127:500 but no connection has been authorized 
with policy ECDSA+IKEV2_ALLOW
Oct  4 09:18:08 firewall pluto[26478]: | find_host_connection 
me=50.117.146.127:500 him=50.117.137.129:500 policy=RSASIG+IKEV2_ALLOW
Oct  4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing 
50.117.146.127:500 to 0.0.0.0:500
Oct  4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing 
50.117.146.127:500 to 50.117.137.129:500
Oct  4 09:18:08 firewall pluto[26478]: | find_next_host_connection 
policy=RSASIG+IKEV2_ALLOW
Oct  4 09:18:08 firewall pluto[26478]: | found policy = 
RSASIG+ENCRYPT+TUNNEL+PFS+DONT_REKEY+IKEV2_ALLOW+IKEV2_ALLOW_NARROWING+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO 
(rw-ikev2)
Oct  4 09:18:08 firewall pluto[26478]: | find_next_host_connection 
returns rw-ikev2[1] 50.117.137.129
Oct  4 09:18:08 firewall pluto[26478]: | found connection: rw-ikev2[1] 
50.117.137.129 with policy RSASIG+IKEV2_ALLOW
Oct  4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing 
50.117.146.127:500 to 50.117.137.129:500
Oct  4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing 
50.117.146.127:500 to 0.0.0.0:500
Oct  4 09:18:08 firewall pluto[26478]: | ignoring Vendor ID payload 
[Windows 8, 8.1, 10, Server 2012 R2, Server 2016]
Oct  4 09:18:08 firewall pluto[26478]: | ignoring Vendor ID payload 
[MS-Negotiation Discovery Capable]
Oct  4 09:18:08 firewall pluto[26478]: | ignoring Vendor ID payload 
[Vid-Initial-Contact]
Oct  4 09:18:08 firewall pluto[26478]: | ignoring Vendor ID payload 
[Windows KEY_MODS (IKEv2)]
Oct  4 09:18:08 firewall pluto[26478]: | creating state object #3 at 
0x55d8599aabf8
Oct  4 09:18:08 firewall pluto[26478]: | State DB: adding state object #3
Oct  4 09:18:08 firewall pluto[26478]: | pstats #3 ikev2.ike started
Oct  4 09:18:08 firewall pluto[26478]: | Message ID: init #3: msgid=0 
lastack=4294967295 nextuse=0 lastrecv=4294967295 lastreplied=0
Oct  4 09:18:08 firewall pluto[26478]: | Message ID: IKE #3 UNDEFINED; 
initializing no-message msgid=-1; ike.initiator: sent=0->-1 recv=0->-1; 
ike.responder: sent=0->-1 recv=0->-1; ike.current_request=0->-1
Oct  4 09:18:08 firewall pluto[26478]: | parent state #3: 
UNDEFINED(ignore) => PARENT_R0(half-open IKE SA)
Oct  4 09:18:08 firewall pluto[26478]: | processing: start state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129 (in 
initialize_new_state() at ipsec_doi.c:483)
Oct  4 09:18:08 firewall pluto[26478]: | processing: [RE]START state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129 (in 
initialize_new_state() at ipsec_doi.c:501)
Oct  4 09:18:08 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3: 
processing IKE_SA_INIT request: SA,KE,Ni,N,N,N,V,V,V,V (message arrived 
0.001 seconds ago)
Oct  4 09:18:08 firewall pluto[26478]: | using existing local IKE 
proposals for connection rw-ikev2 (IKE SA responder matching remote 
proposals): 
1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 
2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 
3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519 
4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256,ECP_384,ECP_521,CURVE25519
Oct  4 09:18:08 firewall pluto[26478]: | Comparing remote proposals 
against IKE responder 4 local proposals
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 1 type ENCR has 
1 transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 1 type PRF has 2 
transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 1 type INTEG has 
1 transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 1 type DH has 8 
transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 1 type ESN has 0 
transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 1 transforms: 
required: ENCR+PRF+DH; optional: INTEG
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 2 type ENCR has 
1 transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 2 type PRF has 2 
transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 2 type INTEG has 
1 transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 2 type DH has 8 
transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 2 type ESN has 0 
transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 2 transforms: 
required: ENCR+PRF+DH; optional: INTEG
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 3 type ENCR has 
1 transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 3 type PRF has 2 
transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 3 type INTEG has 
2 transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 3 type DH has 8 
transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 3 type ESN has 0 
transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 3 transforms: 
required: ENCR+PRF+INTEG+DH; optional: none
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 4 type ENCR has 
1 transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 4 type PRF has 2 
transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 4 type INTEG has 
2 transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 4 type DH has 8 
transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 4 type ESN has 0 
transforms
Oct  4 09:18:08 firewall pluto[26478]: | local proposal 4 transforms: 
required: ENCR+PRF+INTEG+DH; optional: none
Oct  4 09:18:08 firewall pluto[26478]: | ****parse IKEv2 Proposal 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last proposal: 
v2_PROPOSAL_NON_LAST (0x2)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 44 (0x2c)
Oct  4 09:18:08 firewall pluto[26478]: |    prop #: 1 (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    proto ID: 
IKEv2_SEC_PROTO_IKE (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    spi size: 0 (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    # transforms: 4 (0x4)
Oct  4 09:18:08 firewall pluto[26478]: | Comparing remote proposal 1 
containing 4 transforms against local proposal [1..4] of 4 local proposals
Oct  4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 12 (0xc)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_ENCR (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: AES_CBC 
(0xc)
Oct  4 09:18:08 firewall pluto[26478]: | ******parse IKEv2 Attribute 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    af+type: AF+IKEv2_KEY_LENGTH 
(0x800e)
Oct  4 09:18:08 firewall pluto[26478]: |    length/value: 256 (0x100)
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 1 transform 0 
(ENCR=AES_CBC_256) matches local proposal 3 type 1 (ENCR) transform 0
Oct  4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_INTEG (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: 
AUTH_HMAC_SHA1_96 (0x2)
Oct  4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_PRF (0x2)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: 
PRF_HMAC_SHA1 (0x2)
Oct  4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_LAST (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_DH (0x4)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: 
OAKLEY_GROUP_MODP2048 (0xe)
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 1 transform 3 
(DH=MODP2048) matches local proposal 1 type 4 (DH) transform 0
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 1 transform 3 
(DH=MODP2048) matches local proposal 2 type 4 (DH) transform 0
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 1 transform 3 
(DH=MODP2048) matches local proposal 3 type 4 (DH) transform 0
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 1 transform 3 
(DH=MODP2048) matches local proposal 4 type 4 (DH) transform 0
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 1 proposed 
transforms: ENCR+PRF+INTEG+DH; matched: ENCR+DH; unmatched: PRF+INTEG
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 1 does not 
match; unmatched remote transforms: PRF+INTEG
Oct  4 09:18:08 firewall pluto[26478]: | ****parse IKEv2 Proposal 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last proposal: 
v2_PROPOSAL_NON_LAST (0x2)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 44 (0x2c)
Oct  4 09:18:08 firewall pluto[26478]: |    prop #: 2 (0x2)
Oct  4 09:18:08 firewall pluto[26478]: |    proto ID: 
IKEv2_SEC_PROTO_IKE (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    spi size: 0 (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    # transforms: 4 (0x4)
Oct  4 09:18:08 firewall pluto[26478]: | Comparing remote proposal 2 
containing 4 transforms against local proposal [1..4] of 4 local proposals
Oct  4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 12 (0xc)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_ENCR (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: AES_CBC 
(0xc)
Oct  4 09:18:08 firewall pluto[26478]: | ******parse IKEv2 Attribute 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    af+type: AF+IKEv2_KEY_LENGTH 
(0x800e)
Oct  4 09:18:08 firewall pluto[26478]: |    length/value: 256 (0x100)
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 0 
(ENCR=AES_CBC_256) matches local proposal 3 type 1 (ENCR) transform 0
Oct  4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_INTEG (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: 
AUTH_HMAC_SHA2_256_128 (0xc)
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 1 
(INTEG=HMAC_SHA2_256_128) matches local proposal 3 type 3 (INTEG) 
transform 1
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 1 
(INTEG=HMAC_SHA2_256_128) matches local proposal 4 type 3 (INTEG) 
transform 1
Oct  4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_PRF (0x2)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: 
PRF_HMAC_SHA2_256 (0x5)
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 2 
(PRF=HMAC_SHA2_256) matches local proposal 1 type 2 (PRF) transform 1
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 2 
(PRF=HMAC_SHA2_256) matches local proposal 2 type 2 (PRF) transform 1
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 2 
(PRF=HMAC_SHA2_256) matches local proposal 3 type 2 (PRF) transform 1
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 2 
(PRF=HMAC_SHA2_256) matches local proposal 4 type 2 (PRF) transform 1
Oct  4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_LAST (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_DH (0x4)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: 
OAKLEY_GROUP_MODP2048 (0xe)
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 3 
(DH=MODP2048) matches local proposal 1 type 4 (DH) transform 0
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 3 
(DH=MODP2048) matches local proposal 2 type 4 (DH) transform 0
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 3 
(DH=MODP2048) matches local proposal 3 type 4 (DH) transform 0
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 transform 3 
(DH=MODP2048) matches local proposal 4 type 4 (DH) transform 0
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 proposed 
transforms: ENCR+PRF+INTEG+DH; matched: ENCR+PRF+INTEG+DH; unmatched: none
Oct  4 09:18:08 firewall pluto[26478]: | comparing remote proposal 2 
containing ENCR+PRF+INTEG+DH transforms to local proposal 1; required: 
ENCR+PRF+DH; optional: INTEG; matched: PRF+DH
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 does not 
match local proposal 1; unmatched transforms: ENCR+INTEG; missing 
transforms: ENCR
Oct  4 09:18:08 firewall pluto[26478]: | comparing remote proposal 2 
containing ENCR+PRF+INTEG+DH transforms to local proposal 2; required: 
ENCR+PRF+DH; optional: INTEG; matched: PRF+DH
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 does not 
match local proposal 2; unmatched transforms: ENCR+INTEG; missing 
transforms: ENCR
Oct  4 09:18:08 firewall pluto[26478]: | comparing remote proposal 2 
containing ENCR+PRF+INTEG+DH transforms to local proposal 3; required: 
ENCR+PRF+INTEG+DH; optional: none; matched: ENCR+PRF+INTEG+DH
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 2 matches local 
proposal 3
Oct  4 09:18:08 firewall pluto[26478]: | ****parse IKEv2 Proposal 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last proposal: 
v2_PROPOSAL_LAST (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 44 (0x2c)
Oct  4 09:18:08 firewall pluto[26478]: |    prop #: 3 (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    proto ID: 
IKEv2_SEC_PROTO_IKE (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    spi size: 0 (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    # transforms: 4 (0x4)
Oct  4 09:18:08 firewall pluto[26478]: | Comparing remote proposal 3 
containing 4 transforms against local proposal [1..2] of 4 local proposals
Oct  4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 12 (0xc)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_ENCR (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: AES_CBC 
(0xc)
Oct  4 09:18:08 firewall pluto[26478]: | ******parse IKEv2 Attribute 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    af+type: AF+IKEv2_KEY_LENGTH 
(0x800e)
Oct  4 09:18:08 firewall pluto[26478]: |    length/value: 256 (0x100)
Oct  4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_INTEG (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: 
AUTH_HMAC_SHA2_384_192 (0xd)
Oct  4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_PRF (0x2)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: 
PRF_HMAC_SHA2_384 (0x6)
Oct  4 09:18:08 firewall pluto[26478]: | *****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_LAST (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_DH (0x4)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: 
OAKLEY_GROUP_MODP2048 (0xe)
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 3 transform 3 
(DH=MODP2048) matches local proposal 1 type 4 (DH) transform 0
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 3 transform 3 
(DH=MODP2048) matches local proposal 2 type 4 (DH) transform 0
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 3 proposed 
transforms: ENCR+PRF+INTEG+DH; matched: DH; unmatched: ENCR+PRF+INTEG
Oct  4 09:18:08 firewall pluto[26478]: | remote proposal 3 does not 
match; unmatched remote transforms: ENCR+PRF+INTEG
Oct  4 09:18:08 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3: 
proposal 
2:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048 
chosen from remote proposals 
1:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA1_96;PRF=HMAC_SHA1;DH=MODP2048 
2:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_256_128;PRF=HMAC_SHA2_256;DH=MODP2048[first-match] 
3:IKE:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_384_192;PRF=HMAC_SHA2_384;DH=MODP2048
Oct  4 09:18:08 firewall pluto[26478]: | accepted IKE proposal 
ikev2_proposal: 
2:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048
Oct  4 09:18:08 firewall pluto[26478]: | converting proposal to internal 
trans attrs
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: rcookie is zero
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: 
hasher=0x55d8590d06e0(20)
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: icookie=  be 61 b8 
3c  91 27 58 41
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: rcookie=  00 00 00 
00  00 00 00 00
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: ip=  32 75 92 7f
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: port=500
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: hash=  f9 80 7a 6b 
58 9b 4c 16  66 82 d9 07  a1 5a 3f 7f
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: hash=  d5 a0 39 f8
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: rcookie is zero
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: 
hasher=0x55d8590d06e0(20)
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: icookie=  be 61 b8 
3c  91 27 58 41
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: rcookie=  00 00 00 
00  00 00 00 00
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: ip=  32 75 89 81
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: port=500
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: hash=  72 bb 9e 64 
40 a4 20 ab  0d bb 2f de  43 af fe b3
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: hash=  13 a8 3a b7
Oct  4 09:18:08 firewall pluto[26478]: | NAT_TRAVERSAL encaps using 
auto-detect
Oct  4 09:18:08 firewall pluto[26478]: | NAT_TRAVERSAL this end is NOT 
behind NAT
Oct  4 09:18:08 firewall pluto[26478]: | NAT_TRAVERSAL that end is 
behind NAT 50.117.137.129
Oct  4 09:18:08 firewall pluto[26478]: | NAT_TRAVERSAL nat-keepalive 
enabled 50.117.137.129
Oct  4 09:18:08 firewall pluto[26478]: | adding ikev2_inI1outR1 KE 
work-order 3 for state #3
Oct  4 09:18:08 firewall pluto[26478]: | event_schedule: new 
EVENT_CRYPTO_TIMEOUT-pe at 0x55d8599c51f8
Oct  4 09:18:08 firewall pluto[26478]: | inserting event 
EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #3
Oct  4 09:18:08 firewall pluto[26478]: | libevent_malloc: new 
ptr-libevent at 0x55d8599c5268 size 128
Oct  4 09:18:08 firewall pluto[26478]: | libevent_realloc: release 
ptr-libevent at 0x55d859983d68
Oct  4 09:18:08 firewall pluto[26478]: | libevent_realloc: new 
ptr-libevent at 0x55d8599a21d8 size 128
Oct  4 09:18:08 firewall pluto[26478]: | #3 spent 1.66 milliseconds in 
processing: Respond to IKE_SA_INIT
Oct  4 09:18:08 firewall pluto[26478]: | crypto helper 1 resuming
Oct  4 09:18:08 firewall pluto[26478]: | processing: [RE]START state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
complete_v2_state_transition() at ikev2.c:3157)
Oct  4 09:18:08 firewall pluto[26478]: | crypto helper 1 starting 
work-order 3 for state #3
Oct  4 09:18:08 firewall pluto[26478]: | #3 complete v2 state transition 
from PARENT_R0 to PARENT_R1 with status STF_SUSPEND
Oct  4 09:18:08 firewall pluto[26478]: | crypto helper 1 doing build KE 
and nonce (ikev2_inI1outR1 KE); request ID 3
Oct  4 09:18:08 firewall pluto[26478]: | suspending state #3 and saving MD
Oct  4 09:18:08 firewall pluto[26478]: | #3 is busy; has a suspended MD
Oct  4 09:18:08 firewall pluto[26478]: | processing: [RE]START state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
log_stf_suspend() at ikev2.c:3054)
Oct  4 09:18:08 firewall pluto[26478]: | "rw-ikev2"[1] 50.117.137.129 #3 
complete v2 state STATE_PARENT_R0 transition with STF_SUSPEND suspended 
from complete_v2_state_transition:3220
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop from 
50.117.137.129:500 (BACKGROUND) (in process_md() at demux.c:443)
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
process_md() at demux.c:445)
Oct  4 09:18:08 firewall pluto[26478]: | processing: STOP connection 
NULL (in process_md() at demux.c:446)
Oct  4 09:18:08 firewall pluto[26478]: | crypto helper 1 finished build 
KE and nonce (ikev2_inI1outR1 KE); request ID 3 time elapsed 0.001 seconds
Oct  4 09:18:08 firewall pluto[26478]: | (#3) spent 1.39 milliseconds in 
crypto helper computing work-order 3: build KE and nonce 
(ikev2_inI1outR1 KE)
Oct  4 09:18:08 firewall pluto[26478]: | crypto helper 1 sending results 
from work-order 3 for state #3 to event queue
Oct  4 09:18:08 firewall pluto[26478]: | scheduling now-event sending 
helper answer for #3
Oct  4 09:18:08 firewall pluto[26478]: | libevent_malloc: new 
ptr-libevent at 0x7f2590007b78 size 128
Oct  4 09:18:08 firewall pluto[26478]: | crypto helper 1 waiting 
(nothing to do)
Oct  4 09:18:08 firewall pluto[26478]: | start executing now-event 
sending helper answer for #3
Oct  4 09:18:08 firewall pluto[26478]: | processing: start state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
schedule_event_now_cb() at server.c:811)
Oct  4 09:18:08 firewall pluto[26478]: | crypto helper 1 replies to 
request ID 3
Oct  4 09:18:08 firewall pluto[26478]: | calling continuation function 
0x55d858fe5610
Oct  4 09:18:08 firewall pluto[26478]: | ikev2_parent_inI1outR1_continue 
for #3: calculated ke+nonce, sending R1
Oct  4 09:18:08 firewall pluto[26478]: | **emit ISAKMP Message:
Oct  4 09:18:08 firewall pluto[26478]: |    initiator cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41
Oct  4 09:18:08 firewall pluto[26478]: |    responder cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    ISAKMP version: IKEv2 
version 2.0 (rfc4306/rfc5996) (0x20)
Oct  4 09:18:08 firewall pluto[26478]: |    exchange type: 
ISAKMP_v2_IKE_SA_INIT (0x22)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: 
ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
Oct  4 09:18:08 firewall pluto[26478]: |    Message ID: 0 (0x0)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: saving 
message location 'ISAKMP Message'.'next payload type'
Oct  4 09:18:08 firewall pluto[26478]: | Emitting ikev2_proposal ...
Oct  4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Security 
Association Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: setting 
previous 'ISAKMP Message'.'next payload type' to current IKEv2 Security 
Association Payload (33:ISAKMP_NEXT_v2SA)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Security Association Payload'.'next payload type' in 
'reply packet'
Oct  4 09:18:08 firewall pluto[26478]: | ****emit IKEv2 Proposal 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last proposal: 
v2_PROPOSAL_LAST (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    prop #: 2 (0x2)
Oct  4 09:18:08 firewall pluto[26478]: |    proto ID: 
IKEv2_SEC_PROTO_IKE (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    spi size: 0 (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    # transforms: 4 (0x4)
Oct  4 09:18:08 firewall pluto[26478]: | last substructure: saving 
location 'IKEv2 Security Association Payload'.'IKEv2 Proposal 
Substructure Payload'.'last proposal'
Oct  4 09:18:08 firewall pluto[26478]: | *****emit IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_ENCR (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: AES_CBC 
(0xc)
Oct  4 09:18:08 firewall pluto[26478]: | last substructure: saving 
location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform 
Substructure Payload'.'last transform'
Oct  4 09:18:08 firewall pluto[26478]: | ******emit IKEv2 Attribute 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    af+type: AF+IKEv2_KEY_LENGTH 
(0x800e)
Oct  4 09:18:08 firewall pluto[26478]: |    length/value: 256 (0x100)
Oct  4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 
Transform Substructure Payload: 12
Oct  4 09:18:08 firewall pluto[26478]: | *****emit IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_PRF (0x2)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: 
PRF_HMAC_SHA2_256 (0x5)
Oct  4 09:18:08 firewall pluto[26478]: | last substructure: checking 
'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure 
Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: | last substructure: saving 
location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform 
Substructure Payload'.'last transform'
Oct  4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 
Transform Substructure Payload: 8
Oct  4 09:18:08 firewall pluto[26478]: | *****emit IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_INTEG (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: 
AUTH_HMAC_SHA2_256_128 (0xc)
Oct  4 09:18:08 firewall pluto[26478]: | last substructure: checking 
'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure 
Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: | last substructure: saving 
location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform 
Substructure Payload'.'last transform'
Oct  4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 
Transform Substructure Payload: 8
Oct  4 09:18:08 firewall pluto[26478]: | *****emit IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_LAST (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_DH (0x4)
Oct  4 09:18:08 firewall pluto[26478]: |    IKEv2 transform ID: 
OAKLEY_GROUP_MODP2048 (0xe)
Oct  4 09:18:08 firewall pluto[26478]: | last substructure: checking 
'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure 
Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:08 firewall pluto[26478]: | last substructure: saving 
location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform 
Substructure Payload'.'last transform'
Oct  4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 
Transform Substructure Payload: 8
Oct  4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 
Proposal Substructure Payload: 44
Oct  4 09:18:08 firewall pluto[26478]: | last substructure: checking 
'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure 
Payload'.'last transform' is 0
Oct  4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 
Security Association Payload: 48
Oct  4 09:18:08 firewall pluto[26478]: | last substructure: checking 
'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure 
Payload'.'last proposal' is 0
Oct  4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Key Exchange Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    DH group: 
OAKLEY_GROUP_MODP2048 (0xe)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: setting 
previous 'IKEv2 Security Association Payload'.'next payload type' to 
current IKEv2 Key Exchange Payload (34:ISAKMP_NEXT_v2KE)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Key Exchange Payload'.'next payload type' in 'reply packet'
Oct  4 09:18:08 firewall pluto[26478]: | emitting 256 raw bytes of ikev2 
g^x into IKEv2 Key Exchange Payload
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  5e ce 5f 6b  d9 c9 
fd 74  c2 27 bf 7c  8c 1b 59 88
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  71 7b 00 dc  56 b6 
8e 34  3a ec a9 bd  a8 01 66 14
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  e5 88 22 5e  d0 8a 
b1 84  05 7c b1 35  60 ac 9d 0b
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  af 78 95 f8  ae 95 
6d 3c  a9 1d 0c 11  b9 58 bd 2d
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  d8 5a 00 74  68 71 
59 89  e7 d3 00 91  7d a2 f5 67
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  53 a2 5c 08  3b 90 
e9 c1  9e 00 84 90  cf e8 0e 33
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  e3 b5 28 4c  1e 61 
3b b4  64 7e 20 f0  18 21 ee 69
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  ca 83 d4 e9  f2 f2 
c9 3c  7b 05 7d 6a  2d 41 01 0a
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  ad 0d 9d 13  2c e5 
6f 12  a3 85 b0 00  e7 97 65 86
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  76 02 29 f9  48 29 
98 c5  1f 0e 8f 4f  74 33 04 d6
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  1c 3b d7 50  8c d8 
45 32  ce 1c 47 98  08 06 e1 9c
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  e1 65 f6 36  35 ae 
d8 da  ea 29 2a 99  70 7b d0 94
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  fe 92 04 c4  03 52 
c2 a1  44 39 5e ae  9a 85 ac c5
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  df 32 ac e8  b5 d8 
1d 28  79 ea 9a 3f  14 cd d0 66
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  de 4a 6a b8  4e 8a 
32 e6  68 f3 28 c6  24 f8 f4 de
Oct  4 09:18:08 firewall pluto[26478]: | ikev2 g^x  8b 47 97 62  9e b1 
1c 5e  56 ce 8f 59  e0 59 05 d7
Oct  4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 Key 
Exchange Payload: 264
Oct  4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Nonce Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2N (0x29)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: ignoring 
supplied 'IKEv2 Nonce Payload'.'next payload type' value 41:ISAKMP_NEXT_v2N
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: setting 
previous 'IKEv2 Key Exchange Payload'.'next payload type' to current 
IKEv2 Nonce Payload (40:ISAKMP_NEXT_v2Ni)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Nonce Payload'.'next payload type' in 'reply packet'
Oct  4 09:18:08 firewall pluto[26478]: | emitting 32 raw bytes of IKEv2 
nonce into IKEv2 Nonce Payload
Oct  4 09:18:08 firewall pluto[26478]: | IKEv2 nonce  0a c4 cb 9f  75 13 
e1 2d  c5 1c 7d de  6a 20 fa e9
Oct  4 09:18:08 firewall pluto[26478]: | IKEv2 nonce  b9 78 db ef  77 78 
78 d4  e9 84 b4 56  8d bc a1 76
Oct  4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 Nonce 
Payload: 36
Oct  4 09:18:08 firewall pluto[26478]: | Adding a v2N Payload
Oct  4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Notify Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    Protocol ID: 
PROTO_v2_RESERVED (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    SPI size: 0 (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    Notify Message Type: 
v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: setting 
previous 'IKEv2 Nonce Payload'.'next payload type' to current IKEv2 
Notify Payload (41:ISAKMP_NEXT_v2N)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet'
Oct  4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 Notify 
Payload: 8
Oct  4 09:18:08 firewall pluto[26478]: |  NAT-Traversal support 
[enabled] add v2N payloads.
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: 
hasher=0x55d8590d06e0(20)
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: icookie=  be 61 b8 
3c  91 27 58 41
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: rcookie=  e8 c0 ee 
b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: ip=  32 75 92 7f
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: port=500
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: hash=  2f 91 a9 17 
5b 12 59 18  d7 fc a1 46  ab 15 14 17
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: hash=  4c 92 71 b8
Oct  4 09:18:08 firewall pluto[26478]: | Adding a v2N Payload
Oct  4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Notify Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    Protocol ID: 
PROTO_v2_RESERVED (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    SPI size: 0 (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    Notify Message Type: 
v2N_NAT_DETECTION_SOURCE_IP (0x4004)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: setting 
previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 
Notify Payload (41:ISAKMP_NEXT_v2N)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet'
Oct  4 09:18:08 firewall pluto[26478]: | emitting 20 raw bytes of Notify 
data into IKEv2 Notify Payload
Oct  4 09:18:08 firewall pluto[26478]: | Notify data  2f 91 a9 17  5b 12 
59 18  d7 fc a1 46  ab 15 14 17
Oct  4 09:18:08 firewall pluto[26478]: | Notify data  4c 92 71 b8
Oct  4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 Notify 
Payload: 28
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: 
hasher=0x55d8590d06e0(20)
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: icookie=  be 61 b8 
3c  91 27 58 41
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: rcookie=  e8 c0 ee 
b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: ip=  32 75 89 81
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: port=500
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: hash=  ff 8d fd a1 
76 0d 00 b7  1f d2 2c a6  98 87 7c 01
Oct  4 09:18:08 firewall pluto[26478]: | natd_hash: hash=  60 d7 06 1a
Oct  4 09:18:08 firewall pluto[26478]: | Adding a v2N Payload
Oct  4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Notify Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    Protocol ID: 
PROTO_v2_RESERVED (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    SPI size: 0 (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    Notify Message Type: 
v2N_NAT_DETECTION_DESTINATION_IP (0x4005)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: setting 
previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 
Notify Payload (41:ISAKMP_NEXT_v2N)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet'
Oct  4 09:18:08 firewall pluto[26478]: | emitting 20 raw bytes of Notify 
data into IKEv2 Notify Payload
Oct  4 09:18:08 firewall pluto[26478]: | Notify data  ff 8d fd a1  76 0d 
00 b7  1f d2 2c a6  98 87 7c 01
Oct  4 09:18:08 firewall pluto[26478]: | Notify data  60 d7 06 1a
Oct  4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 Notify 
Payload: 28
Oct  4 09:18:08 firewall pluto[26478]: | going to send a certreq
Oct  4 09:18:08 firewall pluto[26478]: | connection->kind is not 
CK_PERMANENT (instance), so collect CAs
Oct  4 09:18:08 firewall pluto[26478]: | find_host_pair: comparing 
50.117.146.127:500 to 0.0.0.0:500
Oct  4 09:18:08 firewall pluto[26478]: | connection is RW, lookup CA 
candidates
Oct  4 09:18:08 firewall pluto[26478]: | ***emit IKEv2 Certificate 
Request Payload:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    ikev2 cert encoding: 
CERT_X509_SIGNATURE (0x4)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: setting 
previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 
Certificate Request Payload (38:ISAKMP_NEXT_v2CERTREQ)
Oct  4 09:18:08 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Certificate Request Payload'.'next payload type' in 
'reply packet'
Oct  4 09:18:08 firewall pluto[26478]: | located CA cert CN=Planyukon 
Certificate Authority,OU=Administrator,O=Planyukon,ST=Yukon,C=CA for CERTREQ
Oct  4 09:18:08 firewall pluto[26478]: | emitting 20 raw bytes of CA 
cert public key hash into IKEv2 Certificate Request Payload
Oct  4 09:18:08 firewall pluto[26478]: | CA cert public key hash
Oct  4 09:18:08 firewall pluto[26478]: |   8f 77 c2 1d  60 d5 1d bc  6d 
1c a7 28  a9 39 3d 8d
Oct  4 09:18:08 firewall pluto[26478]: |   56 77 6e 7e
Oct  4 09:18:08 firewall pluto[26478]: | emitting length of IKEv2 
Certificate Request Payload: 25
Oct  4 09:18:08 firewall pluto[26478]: | emitting length of ISAKMP 
Message: 465
Oct  4 09:18:08 firewall pluto[26478]: | processing: [RE]START state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
complete_v2_state_transition() at ikev2.c:3157)
Oct  4 09:18:08 firewall pluto[26478]: | #3 complete v2 state transition 
from PARENT_R0 to PARENT_R1 with status STF_OK
Oct  4 09:18:08 firewall pluto[26478]: | IKEv2: transition from state 
STATE_PARENT_R0 to state STATE_PARENT_R1
Oct  4 09:18:08 firewall pluto[26478]: | parent state #3: 
PARENT_R0(half-open IKE SA) => PARENT_R1(half-open IKE SA)
Oct  4 09:18:08 firewall pluto[26478]: | Message ID: updating counters 
for #3 to 0 after switching state
Oct  4 09:18:08 firewall pluto[26478]: | Message ID: 'rw-ikev2' IKE #3 
PARENT_R1; message-request msgid=0; initiator { lastack=4294967295 
nextuse=0 } responder { lastrecv=4294967295->0 lastreplied=0 }
Oct  4 09:18:08 firewall pluto[26478]: | Message ID: IKE #3 PARENT_R1; 
receiving request msgid=0; ike.initiator: sent=-1 recv=-1; 
ike.responder: sent=-1 recv=-1->0
Oct  4 09:18:08 firewall pluto[26478]: | Message ID: IKE #3 PARENT_R1; 
sending response msgid=0; ike.initiator: sent=-1 recv=-1; ike.responder: 
sent=-1->0 recv=0
Oct  4 09:18:08 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3: 
STATE_PARENT_R1: received v2I1, sent v2R1 {auth=IKEv2 cipher=AES_CBC_256 
integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Oct  4 09:18:08 firewall pluto[26478]: | sending V2 reply packet to 
50.117.137.129:500 (from port 500)
Oct  4 09:18:08 firewall pluto[26478]: | sending 465 bytes for 
STATE_PARENT_R0 through enp3s0:500 to 50.117.137.129:500 (using #3)
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41  e8 
c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |   21 20 22 20  00 00 00 00  00 
00 01 d1  22 00 00 30
Oct  4 09:18:08 firewall pluto[26478]: |   00 00 00 2c  02 01 00 04  03 
00 00 0c  01 00 00 0c
Oct  4 09:18:08 firewall pluto[26478]: |   80 0e 01 00  03 00 00 08  02 
00 00 05  03 00 00 08
Oct  4 09:18:08 firewall pluto[26478]: |   03 00 00 0c  00 00 00 08  04 
00 00 0e  28 00 01 08
Oct  4 09:18:08 firewall pluto[26478]: |   00 0e 00 00  5e ce 5f 6b  d9 
c9 fd 74  c2 27 bf 7c
Oct  4 09:18:08 firewall pluto[26478]: |   8c 1b 59 88  71 7b 00 dc  56 
b6 8e 34  3a ec a9 bd
Oct  4 09:18:08 firewall pluto[26478]: |   a8 01 66 14  e5 88 22 5e  d0 
8a b1 84  05 7c b1 35
Oct  4 09:18:08 firewall pluto[26478]: |   60 ac 9d 0b  af 78 95 f8  ae 
95 6d 3c  a9 1d 0c 11
Oct  4 09:18:08 firewall pluto[26478]: |   b9 58 bd 2d  d8 5a 00 74  68 
71 59 89  e7 d3 00 91
Oct  4 09:18:08 firewall pluto[26478]: |   7d a2 f5 67  53 a2 5c 08  3b 
90 e9 c1  9e 00 84 90
Oct  4 09:18:08 firewall pluto[26478]: |   cf e8 0e 33  e3 b5 28 4c  1e 
61 3b b4  64 7e 20 f0
Oct  4 09:18:08 firewall pluto[26478]: |   18 21 ee 69  ca 83 d4 e9  f2 
f2 c9 3c  7b 05 7d 6a
Oct  4 09:18:08 firewall pluto[26478]: |   2d 41 01 0a  ad 0d 9d 13  2c 
e5 6f 12  a3 85 b0 00
Oct  4 09:18:08 firewall pluto[26478]: |   e7 97 65 86  76 02 29 f9  48 
29 98 c5  1f 0e 8f 4f
Oct  4 09:18:08 firewall pluto[26478]: |   74 33 04 d6  1c 3b d7 50  8c 
d8 45 32  ce 1c 47 98
Oct  4 09:18:08 firewall pluto[26478]: |   08 06 e1 9c  e1 65 f6 36  35 
ae d8 da  ea 29 2a 99
Oct  4 09:18:08 firewall pluto[26478]: |   70 7b d0 94  fe 92 04 c4  03 
52 c2 a1  44 39 5e ae
Oct  4 09:18:08 firewall pluto[26478]: |   9a 85 ac c5  df 32 ac e8  b5 
d8 1d 28  79 ea 9a 3f
Oct  4 09:18:08 firewall pluto[26478]: |   14 cd d0 66  de 4a 6a b8  4e 
8a 32 e6  68 f3 28 c6
Oct  4 09:18:08 firewall pluto[26478]: |   24 f8 f4 de  8b 47 97 62  9e 
b1 1c 5e  56 ce 8f 59
Oct  4 09:18:08 firewall pluto[26478]: |   e0 59 05 d7  29 00 00 24  0a 
c4 cb 9f  75 13 e1 2d
Oct  4 09:18:08 firewall pluto[26478]: |   c5 1c 7d de  6a 20 fa e9  b9 
78 db ef  77 78 78 d4
Oct  4 09:18:08 firewall pluto[26478]: |   e9 84 b4 56  8d bc a1 76  29 
00 00 08  00 00 40 2e
Oct  4 09:18:08 firewall pluto[26478]: |   29 00 00 1c  00 00 40 04  2f 
91 a9 17  5b 12 59 18
Oct  4 09:18:08 firewall pluto[26478]: |   d7 fc a1 46  ab 15 14 17  4c 
92 71 b8  26 00 00 1c
Oct  4 09:18:08 firewall pluto[26478]: |   00 00 40 05  ff 8d fd a1  76 
0d 00 b7  1f d2 2c a6
Oct  4 09:18:08 firewall pluto[26478]: |   98 87 7c 01  60 d7 06 1a  00 
00 00 19  04 8f 77 c2
Oct  4 09:18:08 firewall pluto[26478]: |   1d 60 d5 1d  bc 6d 1c a7  28 
a9 39 3d  8d 56 77 6e
Oct  4 09:18:08 firewall pluto[26478]: |   7e
Oct  4 09:18:08 firewall pluto[26478]: | state #3 requesting 
EVENT_CRYPTO_TIMEOUT to be deleted
Oct  4 09:18:08 firewall pluto[26478]: | libevent_free: release 
ptr-libevent at 0x55d8599c5268
Oct  4 09:18:08 firewall pluto[26478]: | free_event_entry: release 
EVENT_CRYPTO_TIMEOUT-pe at 0x55d8599c51f8
Oct  4 09:18:08 firewall pluto[26478]: | event_schedule: new 
EVENT_SO_DISCARD-pe at 0x55d85999dfa8
Oct  4 09:18:08 firewall pluto[26478]: | inserting event 
EVENT_SO_DISCARD, timeout in 200 seconds for #3
Oct  4 09:18:08 firewall pluto[26478]: | libevent_malloc: new 
ptr-libevent at 0x55d8599c59d8 size 128
Oct  4 09:18:08 firewall pluto[26478]: | #3 spent 1.87 milliseconds in 
callback for work-order 3: build KE and nonce (ikev2_inI1outR1 KE)
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
schedule_event_now_cb() at server.c:814)
Oct  4 09:18:08 firewall pluto[26478]: | stop executing now-event 
sending helper answer for #3
Oct  4 09:18:08 firewall pluto[26478]: | libevent_free: release 
ptr-libevent at 0x7f2590007b78
Oct  4 09:18:08 firewall pluto[26478]: | *received 580 bytes from 
50.117.137.129:63837 on enp3s0 (port=4500)
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41  e8 
c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |   35 20 23 08  00 00 00 01  00 
00 02 44  23 00 02 28
Oct  4 09:18:08 firewall pluto[26478]: |   00 01 00 08  fd 70 ab 24  4d 
86 60 24  e0 38 30 a9
Oct  4 09:18:08 firewall pluto[26478]: |   7d 38 e9 9f  e1 61 9d ab  16 
f6 a5 83  9a 72 65 ca
Oct  4 09:18:08 firewall pluto[26478]: |   1f 5a 1d 34  5d 33 0f e9  e5 
c2 17 0c  c5 f9 5b c0
Oct  4 09:18:08 firewall pluto[26478]: |   a3 81 f5 e5  ff 63 4f f3  8b 
01 0e be  6c 0a 3e 24
Oct  4 09:18:08 firewall pluto[26478]: |   b7 8f a8 e1  b2 c6 b5 01  d6 
7a 5f 8c  be 10 8b f2
Oct  4 09:18:08 firewall pluto[26478]: |   31 b6 da 2d  ad d3 f1 f4  75 
be ae 94  a3 f4 c1 fe
Oct  4 09:18:08 firewall pluto[26478]: |   b2 39 dc e9  9e c2 20 70  69 
cf b2 7a  45 55 d0 69
Oct  4 09:18:08 firewall pluto[26478]: |   61 56 2a d0  36 7f 9e 10  52 
6f 57 2c  42 e7 8c c7
Oct  4 09:18:08 firewall pluto[26478]: |   82 ca 01 b1  6a 83 4e 6d  ad 
59 65 cb  8e 51 68 00
Oct  4 09:18:08 firewall pluto[26478]: |   c5 87 51 00  6b f5 2b 45  fa 
7e 3b 11  ce 81 19 d0
Oct  4 09:18:08 firewall pluto[26478]: |   85 26 41 46  91 5a 03 bb  0b 
1f b0 da  16 77 93 f7
Oct  4 09:18:08 firewall pluto[26478]: |   af dc ce 16  2f ab 1b 3f  08 
cb 5f 97  b5 c4 4a 1f
Oct  4 09:18:08 firewall pluto[26478]: |   73 db b1 ff  57 d9 29 48  98 
3f f0 43  3b c8 4a 5b
Oct  4 09:18:08 firewall pluto[26478]: |   d5 73 a4 80  90 a2 7b cc  58 
3c 76 6d  e9 69 c2 f4
Oct  4 09:18:08 firewall pluto[26478]: |   f1 97 99 7d  cc e6 80 2b  52 
e0 a4 b1  74 e4 72 b9
Oct  4 09:18:08 firewall pluto[26478]: |   10 0c 61 3f  59 5f 1f c5  4e 
65 7c 7f  83 31 c0 0e
Oct  4 09:18:08 firewall pluto[26478]: |   76 fd 85 e1  28 f9 35 12  e2 
1d f1 31  29 76 ad d3
Oct  4 09:18:08 firewall pluto[26478]: |   63 fc 29 bb  40 a1 34 0a  90 
ff ec fa  ea 5a 7d 96
Oct  4 09:18:08 firewall pluto[26478]: |   fc 6c 5f 25  26 3c 36 4d  26 
52 b4 80  f3 07 99 1b
Oct  4 09:18:08 firewall pluto[26478]: |   49 32 21 81  23 58 04 67  80 
81 97 09  08 b0 eb 0e
Oct  4 09:18:08 firewall pluto[26478]: |   89 e7 19 a1  69 b6 44 06  62 
6e 03 fe  f3 1d e3 b2
Oct  4 09:18:08 firewall pluto[26478]: |   cd 89 98 00  11 da 4f 98  b4 
7e 29 a4  74 9b 1d e5
Oct  4 09:18:08 firewall pluto[26478]: |   0d 22 fd ff  29 a1 af c2  b8 
16 ba c1  33 f9 26 77
Oct  4 09:18:08 firewall pluto[26478]: |   7f d1 b1 25  98 67 42 f9  32 
c4 3e 03  13 de 4d 4f
Oct  4 09:18:08 firewall pluto[26478]: |   7c 58 88 65  41 7b 0a aa  67 
f0 0e 30  0a a5 de d6
Oct  4 09:18:08 firewall pluto[26478]: |   81 9e 44 aa  0f f6 56 be  0a 
85 81 c0  26 ff b6 02
Oct  4 09:18:08 firewall pluto[26478]: |   4d 3f 14 33  8c e8 3c fa  b6 
27 e0 8e  56 e1 c3 de
Oct  4 09:18:08 firewall pluto[26478]: |   df 8e 17 01  d1 9a 8b 1d  10 
1e 84 f7  0b 95 af 14
Oct  4 09:18:08 firewall pluto[26478]: |   a2 cc e7 8c  1a d4 d6 f3  3e 
a1 6b 17  ea cb b0 69
Oct  4 09:18:08 firewall pluto[26478]: |   cc e9 b4 7a  04 06 0d 13  fc 
3a 7d 49  17 1e 5d 47
Oct  4 09:18:08 firewall pluto[26478]: |   79 4b 1d 35  81 89 0a f6  48 
3b 9f 40  28 ef 71 f0
Oct  4 09:18:08 firewall pluto[26478]: |   fe 1e de c0  77 36 b1 cb  63 
6f 63 84  8b e7 61 d1
Oct  4 09:18:08 firewall pluto[26478]: |   09 8d f5 a9  fc da 44 9f  bc 
a9 53 68  b4 05 df 01
Oct  4 09:18:08 firewall pluto[26478]: |   59 3b 84 38  8a b7 41 78  e4 
18 0c f0  3c 46 ab dd
Oct  4 09:18:08 firewall pluto[26478]: |   c8 d0 4b 80
Oct  4 09:18:08 firewall pluto[26478]: | processing: start from 
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct  4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct  4 09:18:08 firewall pluto[26478]: |    initiator cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41
Oct  4 09:18:08 firewall pluto[26478]: |    responder cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2SKF (0x35)
Oct  4 09:18:08 firewall pluto[26478]: |    ISAKMP version: IKEv2 
version 2.0 (rfc4306/rfc5996) (0x20)
Oct  4 09:18:08 firewall pluto[26478]: |    exchange type: 
ISAKMP_v2_IKE_AUTH (0x23)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: 
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    Message ID: 1 (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 580 (0x244)
Oct  4 09:18:08 firewall pluto[26478]: |  processing version=2.0 packet 
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct  4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request 
ISAKMP_v2_IKE_AUTH
Oct  4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct  4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3 
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct  4 09:18:08 firewall pluto[26478]: | found state #3
Oct  4 09:18:08 firewall pluto[26478]: | processing: start state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
ikev2_process_packet() at ikev2.c:1774)
Oct  4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0 
md.hdr.isa_msgid 00000001
Oct  4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received 
v2I1, sent v2R1
Oct  4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for 
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2SKF)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2IDi (0x23)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 552 (0x228)
Oct  4 09:18:08 firewall pluto[26478]: |    fragment number: 1 (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    total fragments: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2SKF (len=544)
Oct  4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment 
number '1', total number '8', next payload '35'
Oct  4 09:18:08 firewall pluto[26478]: |  updated IKE fragment state to 
respond using fragments without waiting for re-transmits
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop from 
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
process_md() at demux.c:445)
Oct  4 09:18:08 firewall pluto[26478]: | processing: STOP connection 
NULL (in process_md() at demux.c:446)
Oct  4 09:18:08 firewall pluto[26478]: | *received 580 bytes from 
50.117.137.129:63837 on enp3s0 (port=4500)
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41  e8 
c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |   35 20 23 08  00 00 00 01  00 
00 02 44  00 00 02 28
Oct  4 09:18:08 firewall pluto[26478]: |   00 02 00 08  92 c4 49 39  b6 
cb ac fa  ab 3a c8 86
Oct  4 09:18:08 firewall pluto[26478]: |   06 3f 6f 89  00 d1 95 dc  6c 
d6 38 5b  6e c1 35 6a
Oct  4 09:18:08 firewall pluto[26478]: |   cd 39 34 4d  ba d5 56 18  ca 
44 a9 b5  96 92 7f ec
Oct  4 09:18:08 firewall pluto[26478]: |   52 51 3a b0  18 da 9f b5  70 
b6 b4 e3  8b db bc 5c
Oct  4 09:18:08 firewall pluto[26478]: |   bd 61 8b 41  f1 0e 9d 9d  fd 
1c d4 50  cf f2 37 e9
Oct  4 09:18:08 firewall pluto[26478]: |   5e 59 28 bf  33 50 ea d0  af 
5d e2 9c  61 91 e1 47
Oct  4 09:18:08 firewall pluto[26478]: |   d6 bf d1 9e  5c 37 84 9e  08 
f5 fd ba  09 69 bb e8
Oct  4 09:18:08 firewall pluto[26478]: |   7b 61 cc ad  3c a0 b4 60  38 
15 a2 0f  eb 68 aa 0f
Oct  4 09:18:08 firewall pluto[26478]: |   27 26 b4 d7  ef c4 eb c4  60 
97 00 55  eb 13 5a 1d
Oct  4 09:18:08 firewall pluto[26478]: |   ad aa 68 d7  cc e7 65 35  96 
95 0f 52  13 90 5f 19
Oct  4 09:18:08 firewall pluto[26478]: |   55 1f d9 1b  72 ae 19 be  ea 
a4 20 a6  00 1e de 7b
Oct  4 09:18:08 firewall pluto[26478]: |   01 6a 36 3d  16 af 09 7b  39 
15 84 7b  e6 90 29 3c
Oct  4 09:18:08 firewall pluto[26478]: |   bb 86 0b a1  db 39 e2 40  5e 
e6 8b d2  1a ef d9 04
Oct  4 09:18:08 firewall pluto[26478]: |   1e 98 04 36  a4 a4 56 52  16 
ff 3c 99  41 46 23 53
Oct  4 09:18:08 firewall pluto[26478]: |   9b 6c 68 8e  0b f8 a5 d1  5d 
8d 7e 82  00 56 bd df
Oct  4 09:18:08 firewall pluto[26478]: |   6d 69 50 88  2b 2b ef d4  4d 
d2 b3 ee  70 e5 23 5d
Oct  4 09:18:08 firewall pluto[26478]: |   41 57 e0 af  a6 55 a6 9a  44 
5d 0b 0b  7e e2 40 86
Oct  4 09:18:08 firewall pluto[26478]: |   14 cf ef 8e  5d 26 5a 55  1a 
be 55 bb  df 5c e3 c4
Oct  4 09:18:08 firewall pluto[26478]: |   43 16 a8 ee  93 2e a5 5a  b9 
5b 4a bc  d3 85 0a 81
Oct  4 09:18:08 firewall pluto[26478]: |   b4 ba 9a c2  a9 ee ee 85  1a 
81 09 94  31 f9 32 13
Oct  4 09:18:08 firewall pluto[26478]: |   f1 d2 52 33  2c b3 c5 ad  1e 
22 20 bc  68 59 9c 4c
Oct  4 09:18:08 firewall pluto[26478]: |   68 33 52 2b  be 64 4b 24  c0 
b5 04 28  7a ee a1 4c
Oct  4 09:18:08 firewall pluto[26478]: |   45 f3 28 ab  69 bc d9 d6  39 
4b 88 c2  5f cb db da
Oct  4 09:18:08 firewall pluto[26478]: |   e4 8f 68 a5  e6 8b e7 6e  1c 
5c 60 24  d6 c7 fb 87
Oct  4 09:18:08 firewall pluto[26478]: |   8e 52 e7 9e  bd 53 ec 1b  76 
80 49 18  3c 3a cc 4a
Oct  4 09:18:08 firewall pluto[26478]: |   da 57 0c 46  05 be 0f ae  2c 
9e 67 6d  73 62 1a 65
Oct  4 09:18:08 firewall pluto[26478]: |   c9 4d ae d6  b3 d3 a4 67  31 
a7 d7 f5  8b 6d e3 1e
Oct  4 09:18:08 firewall pluto[26478]: |   5c e3 30 7e  46 3c a4 f4  ce 
c3 16 ca  f5 a8 f9 49
Oct  4 09:18:08 firewall pluto[26478]: |   f4 6a 48 21  d1 93 c9 b6  d1 
b0 c4 ab  89 fd 73 85
Oct  4 09:18:08 firewall pluto[26478]: |   a3 b0 0a 9d  9b 69 61 70  11 
80 d4 53  97 ac 8a 09
Oct  4 09:18:08 firewall pluto[26478]: |   e9 09 91 69  18 7c 35 b5  3d 
56 48 be  96 01 92 39
Oct  4 09:18:08 firewall pluto[26478]: |   df b0 31 ff  ce 0e 6c 0e  a6 
81 ee 1f  d9 ba 96 f0
Oct  4 09:18:08 firewall pluto[26478]: |   27 c8 88 79  f2 82 67 3a  21 
45 86 16  73 4f 0c 8f
Oct  4 09:18:08 firewall pluto[26478]: |   a1 f6 24 72  bb bd 5c 16  7a 
95 28 15  cc c9 79 83
Oct  4 09:18:08 firewall pluto[26478]: |   b5 c1 f4 29
Oct  4 09:18:08 firewall pluto[26478]: | processing: start from 
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct  4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct  4 09:18:08 firewall pluto[26478]: |    initiator cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41
Oct  4 09:18:08 firewall pluto[26478]: |    responder cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2SKF (0x35)
Oct  4 09:18:08 firewall pluto[26478]: |    ISAKMP version: IKEv2 
version 2.0 (rfc4306/rfc5996) (0x20)
Oct  4 09:18:08 firewall pluto[26478]: |    exchange type: 
ISAKMP_v2_IKE_AUTH (0x23)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: 
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    Message ID: 1 (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 580 (0x244)
Oct  4 09:18:08 firewall pluto[26478]: |  processing version=2.0 packet 
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct  4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request 
ISAKMP_v2_IKE_AUTH
Oct  4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct  4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3 
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct  4 09:18:08 firewall pluto[26478]: | found state #3
Oct  4 09:18:08 firewall pluto[26478]: | processing: start state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
ikev2_process_packet() at ikev2.c:1774)
Oct  4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0 
md.hdr.isa_msgid 00000001
Oct  4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received 
v2I1, sent v2R1
Oct  4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for 
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2SKF)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 552 (0x228)
Oct  4 09:18:08 firewall pluto[26478]: |    fragment number: 2 (0x2)
Oct  4 09:18:08 firewall pluto[26478]: |    total fragments: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2SKF (len=544)
Oct  4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment 
number '2', total number '8', next payload '0'
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop from 
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
process_md() at demux.c:445)
Oct  4 09:18:08 firewall pluto[26478]: | processing: STOP connection 
NULL (in process_md() at demux.c:446)
Oct  4 09:18:08 firewall pluto[26478]: | *received 580 bytes from 
50.117.137.129:63837 on enp3s0 (port=4500)
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41  e8 
c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |   35 20 23 08  00 00 00 01  00 
00 02 44  00 00 02 28
Oct  4 09:18:08 firewall pluto[26478]: |   00 03 00 08  24 09 5b 12  6f 
82 d7 49  70 91 7f 0c
Oct  4 09:18:08 firewall pluto[26478]: |   36 a6 31 b1  3d 19 c0 16  5c 
02 e6 64  c8 5e 4b 44
Oct  4 09:18:08 firewall pluto[26478]: |   64 dd b5 21  0f b2 89 9b  ff 
65 f0 03  2f 90 f4 f8
Oct  4 09:18:08 firewall pluto[26478]: |   ff cb aa 9f  e2 0a e4 93  09 
eb 51 77  38 02 dd 61
Oct  4 09:18:08 firewall pluto[26478]: |   3b 2b 0d 94  c0 16 4c 54  57 
80 15 2a  2d 02 91 e0
Oct  4 09:18:08 firewall pluto[26478]: |   d8 05 56 c2  3a b8 b2 15  56 
f0 04 90  ee e2 7e 47
Oct  4 09:18:08 firewall pluto[26478]: |   91 a1 cc 3e  41 e7 99 9e  2c 
56 56 28  aa 4c 46 ca
Oct  4 09:18:08 firewall pluto[26478]: |   58 9d d1 a5  26 91 67 d7  8a 
05 be f3  a2 af 41 f8
Oct  4 09:18:08 firewall pluto[26478]: |   ca ab f4 fc  24 c3 73 f2  d6 
11 52 5e  ef b9 1c f5
Oct  4 09:18:08 firewall pluto[26478]: |   d2 99 ce 42  f7 f6 3b ad  89 
54 55 7d  2a 10 c6 f0
Oct  4 09:18:08 firewall pluto[26478]: |   8c 5c 20 f3  cf ed ed 1f  6b 
17 74 d1  c1 a7 a9 58
Oct  4 09:18:08 firewall pluto[26478]: |   93 0c 63 ac  46 de 5a 16  9d 
e1 70 47  ea 42 57 40
Oct  4 09:18:08 firewall pluto[26478]: |   fc a4 47 66  6b 71 ff eb  93 
a2 ad fd  ab a3 0b 8a
Oct  4 09:18:08 firewall pluto[26478]: |   2a 7e a6 07  f8 5e 05 ca  26 
76 bc 78  c5 ba 8f f4
Oct  4 09:18:08 firewall pluto[26478]: |   ea 9b 27 1d  73 77 17 46  9c 
06 ca 52  28 35 ab d2
Oct  4 09:18:08 firewall pluto[26478]: |   70 7f 9c 97  6e 0b 9d 38  07 
27 0d 80  8c 5a 18 52
Oct  4 09:18:08 firewall pluto[26478]: |   df 58 6c a9  19 e3 89 d6  79 
71 50 a3  5f ba e3 3e
Oct  4 09:18:08 firewall pluto[26478]: |   a6 68 ec 69  49 c5 bc f3  47 
6a b6 41  06 71 61 65
Oct  4 09:18:08 firewall pluto[26478]: |   b8 8f f4 96  54 0a d0 9c  e1 
41 79 a8  f1 8c c6 e4
Oct  4 09:18:08 firewall pluto[26478]: |   b1 61 1f d8  fe 87 a3 01  a0 
27 ff 45  ab 1e a1 c0
Oct  4 09:18:08 firewall pluto[26478]: |   d5 c2 5b 9e  06 72 e7 be  b2 
6e 9a df  39 28 1c 8a
Oct  4 09:18:08 firewall pluto[26478]: |   da 13 8c 41  24 1f 0b 21  25 
65 27 13  85 bc 84 2a
Oct  4 09:18:08 firewall pluto[26478]: |   89 fe 38 d2  d8 7f 76 80  98 
87 dc 9d  2b aa 8a 37
Oct  4 09:18:08 firewall pluto[26478]: |   35 73 41 70  a3 96 90 86  09 
49 f8 00  0f a4 66 d7
Oct  4 09:18:08 firewall pluto[26478]: |   b2 3d ca 8c  e0 a0 7b 00  03 
c7 61 2d  f3 8b be e4
Oct  4 09:18:08 firewall pluto[26478]: |   5c 20 13 71  af 22 77 a7  25 
2b 69 f9  ef 36 1f c9
Oct  4 09:18:08 firewall pluto[26478]: |   36 81 ef f9  4c ca 20 fb  91 
3f 17 ef  ad db 3e 47
Oct  4 09:18:08 firewall pluto[26478]: |   89 6b ed f0  7c ff 89 a9  eb 
40 93 c8  83 09 2a a9
Oct  4 09:18:08 firewall pluto[26478]: |   b8 c5 cf a2  a5 35 1d 41  fd 
e4 6c 56  d5 5c 00 0f
Oct  4 09:18:08 firewall pluto[26478]: |   db 7d e4 20  cd da df 7b  8e 
ab ae ee  89 1e db 6b
Oct  4 09:18:08 firewall pluto[26478]: |   4f fe bf ab  e8 3a d2 c8  52 
9f c2 8f  65 eb 3a 78
Oct  4 09:18:08 firewall pluto[26478]: |   b0 e6 c3 03  05 94 d5 37  11 
bf 5f 61  0f 1d a3 70
Oct  4 09:18:08 firewall pluto[26478]: |   90 a8 2a 9e  ca e7 39 46  63 
fe 85 e6  2a ce 7b 86
Oct  4 09:18:08 firewall pluto[26478]: |   44 03 f2 64  0e 45 07 75  b6 
dd 2f c1  16 f1 74 77
Oct  4 09:18:08 firewall pluto[26478]: |   88 88 ad 35
Oct  4 09:18:08 firewall pluto[26478]: | processing: start from 
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct  4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct  4 09:18:08 firewall pluto[26478]: |    initiator cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41
Oct  4 09:18:08 firewall pluto[26478]: |    responder cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2SKF (0x35)
Oct  4 09:18:08 firewall pluto[26478]: |    ISAKMP version: IKEv2 
version 2.0 (rfc4306/rfc5996) (0x20)
Oct  4 09:18:08 firewall pluto[26478]: |    exchange type: 
ISAKMP_v2_IKE_AUTH (0x23)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: 
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    Message ID: 1 (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 580 (0x244)
Oct  4 09:18:08 firewall pluto[26478]: |  processing version=2.0 packet 
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct  4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request 
ISAKMP_v2_IKE_AUTH
Oct  4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct  4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3 
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct  4 09:18:08 firewall pluto[26478]: | found state #3
Oct  4 09:18:08 firewall pluto[26478]: | processing: start state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
ikev2_process_packet() at ikev2.c:1774)
Oct  4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0 
md.hdr.isa_msgid 00000001
Oct  4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received 
v2I1, sent v2R1
Oct  4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for 
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2SKF)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 552 (0x228)
Oct  4 09:18:08 firewall pluto[26478]: |    fragment number: 3 (0x3)
Oct  4 09:18:08 firewall pluto[26478]: |    total fragments: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2SKF (len=544)
Oct  4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment 
number '3', total number '8', next payload '0'
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop from 
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
process_md() at demux.c:445)
Oct  4 09:18:08 firewall pluto[26478]: | processing: STOP connection 
NULL (in process_md() at demux.c:446)
Oct  4 09:18:08 firewall pluto[26478]: | *received 580 bytes from 
50.117.137.129:63837 on enp3s0 (port=4500)
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41  e8 
c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |   35 20 23 08  00 00 00 01  00 
00 02 44  00 00 02 28
Oct  4 09:18:08 firewall pluto[26478]: |   00 04 00 08  b7 3c 36 f6  9d 
ec c5 00  e8 fe 3f c4
Oct  4 09:18:08 firewall pluto[26478]: |   47 bf c6 19  ca 5b a8 84  3c 
6a 71 a8  fb 43 3c 45
Oct  4 09:18:08 firewall pluto[26478]: |   d2 11 7e ff  02 7b 5c 7c  9b 
a7 08 54  db 59 46 5c
Oct  4 09:18:08 firewall pluto[26478]: |   f1 e8 d1 42  74 ea 26 05  fd 
15 99 c6  04 3f 99 83
Oct  4 09:18:08 firewall pluto[26478]: |   c2 1c d8 61  cd e1 8b ed  c1 
bc a7 7c  62 ad b0 82
Oct  4 09:18:08 firewall pluto[26478]: |   f1 e6 57 12  7d 9b e8 0f  39 
6f a1 6b  b1 d9 e9 db
Oct  4 09:18:08 firewall pluto[26478]: |   eb 04 ce 35  61 cf 8f 2e  90 
43 00 8e  0c 6d 89 1b
Oct  4 09:18:08 firewall pluto[26478]: |   50 90 2f ab  69 26 ed 4b  7e 
20 0a 3e  35 02 b9 8c
Oct  4 09:18:08 firewall pluto[26478]: |   84 fa 22 f3  56 6d ab 84  ed 
2e 53 38  52 ff fe ed
Oct  4 09:18:08 firewall pluto[26478]: |   d0 11 87 fa  0b f1 be d5  74 
f0 e5 03  2a 19 47 95
Oct  4 09:18:08 firewall pluto[26478]: |   80 60 57 c5  7e 1c f0 7b  16 
a1 70 ce  29 13 00 1f
Oct  4 09:18:08 firewall pluto[26478]: |   72 f8 2c 83  66 92 a6 ee  a4 
c9 26 be  30 98 05 47
Oct  4 09:18:08 firewall pluto[26478]: |   97 57 fd 47  cf 65 0b 0e  46 
59 d0 5c  fa ed ab 77
Oct  4 09:18:08 firewall pluto[26478]: |   ca f0 7f f3  78 74 90 53  c5 
96 1a 60  f5 7a b7 f5
Oct  4 09:18:08 firewall pluto[26478]: |   9b d9 4d 95  0e e9 78 be  71 
ba 9e 33  99 33 f7 a0
Oct  4 09:18:08 firewall pluto[26478]: |   c6 15 37 6d  b6 54 41 4f  fa 
08 e0 cb  9c 6d 3c ce
Oct  4 09:18:08 firewall pluto[26478]: |   ea 42 db 68  4c ce ee 04  ce 
db e4 0d  ce bb f9 40
Oct  4 09:18:08 firewall pluto[26478]: |   db 16 e7 6e  90 75 3e 02  29 
d3 94 82  3c 12 45 24
Oct  4 09:18:08 firewall pluto[26478]: |   32 78 44 fe  54 2d fb 4e  e7 
dd 66 a7  f2 40 44 b5
Oct  4 09:18:08 firewall pluto[26478]: |   8d 57 2a f3  e9 eb 66 50  42 
bb e3 0e  b8 96 fa 3d
Oct  4 09:18:08 firewall pluto[26478]: |   75 28 e8 9a  b8 6f 89 16  65 
c0 64 38  11 8f 9b 93
Oct  4 09:18:08 firewall pluto[26478]: |   82 5a 26 1d  b9 2e 4e 20  c6 
28 18 ad  c8 5c d2 c0
Oct  4 09:18:08 firewall pluto[26478]: |   bc 80 99 5f  45 fe 40 cf  af 
41 a0 1c  46 b6 a3 29
Oct  4 09:18:08 firewall pluto[26478]: |   6b 98 2f 2b  17 27 97 51  20 
56 25 fe  19 0d d4 14
Oct  4 09:18:08 firewall pluto[26478]: |   4c 63 88 72  d1 45 e1 45  73 
02 b2 55  25 17 aa 2c
Oct  4 09:18:08 firewall pluto[26478]: |   c2 2d 3b fd  d5 35 f2 f3  4a 
7f 58 df  af fa 8d dd
Oct  4 09:18:08 firewall pluto[26478]: |   c0 b0 a9 2c  90 a8 75 3e  55 
8e 4b fa  d5 fc 2a 22
Oct  4 09:18:08 firewall pluto[26478]: |   a2 3b eb 5d  e1 f4 d2 c1  c3 
ae 63 fa  7d fa 61 b1
Oct  4 09:18:08 firewall pluto[26478]: |   41 b6 91 7b  28 c7 7a 26  75 
11 a5 bc  7d 1f 19 25
Oct  4 09:18:08 firewall pluto[26478]: |   2f bb 5b 05  13 5c 66 42  3a 
05 f6 16  c5 ef 10 b3
Oct  4 09:18:08 firewall pluto[26478]: |   54 82 64 81  d5 3f d0 6c  6e 
54 5f 6d  a4 92 e6 79
Oct  4 09:18:08 firewall pluto[26478]: |   38 6f d3 8e  f5 13 cf 83  86 
dd f7 00  0e f5 60 30
Oct  4 09:18:08 firewall pluto[26478]: |   19 e9 c0 6d  68 af e7 c7  fa 
df 27 c0  ca 15 47 d1
Oct  4 09:18:08 firewall pluto[26478]: |   74 0a 38 2e  59 5c 1c fe  c7 
4a ca 9f  31 10 c0 a6
Oct  4 09:18:08 firewall pluto[26478]: |   33 03 67 7f
Oct  4 09:18:08 firewall pluto[26478]: | processing: start from 
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct  4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct  4 09:18:08 firewall pluto[26478]: |    initiator cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41
Oct  4 09:18:08 firewall pluto[26478]: |    responder cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2SKF (0x35)
Oct  4 09:18:08 firewall pluto[26478]: |    ISAKMP version: IKEv2 
version 2.0 (rfc4306/rfc5996) (0x20)
Oct  4 09:18:08 firewall pluto[26478]: |    exchange type: 
ISAKMP_v2_IKE_AUTH (0x23)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: 
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    Message ID: 1 (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 580 (0x244)
Oct  4 09:18:08 firewall pluto[26478]: |  processing version=2.0 packet 
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct  4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request 
ISAKMP_v2_IKE_AUTH
Oct  4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct  4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3 
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct  4 09:18:08 firewall pluto[26478]: | found state #3
Oct  4 09:18:08 firewall pluto[26478]: | processing: start state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
ikev2_process_packet() at ikev2.c:1774)
Oct  4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0 
md.hdr.isa_msgid 00000001
Oct  4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received 
v2I1, sent v2R1
Oct  4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for 
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2SKF)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 552 (0x228)
Oct  4 09:18:08 firewall pluto[26478]: |    fragment number: 4 (0x4)
Oct  4 09:18:08 firewall pluto[26478]: |    total fragments: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2SKF (len=544)
Oct  4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment 
number '4', total number '8', next payload '0'
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop from 
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
process_md() at demux.c:445)
Oct  4 09:18:08 firewall pluto[26478]: | processing: STOP connection 
NULL (in process_md() at demux.c:446)
Oct  4 09:18:08 firewall pluto[26478]: | *received 580 bytes from 
50.117.137.129:63837 on enp3s0 (port=4500)
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41  e8 
c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |   35 20 23 08  00 00 00 01  00 
00 02 44  00 00 02 28
Oct  4 09:18:08 firewall pluto[26478]: |   00 05 00 08  fb 37 1b dd  82 
24 e3 e0  6a ea e3 57
Oct  4 09:18:08 firewall pluto[26478]: |   17 8b 7c 94  32 af 50 a9  d8 
db 60 b1  1c 28 b9 0c
Oct  4 09:18:08 firewall pluto[26478]: |   d1 3d 91 e4  82 0b e6 22  84 
ff 8e 53  66 51 ef 55
Oct  4 09:18:08 firewall pluto[26478]: |   4f b0 63 97  9c a8 7c 9a  8c 
3a ae d2  b7 f9 42 0c
Oct  4 09:18:08 firewall pluto[26478]: |   90 7e 27 8c  c8 57 46 0d  54 
3b 43 ee  a6 6b 1e 00
Oct  4 09:18:08 firewall pluto[26478]: |   97 41 93 3d  cf d0 2c 2a  43 
d3 ac fb  27 9f f7 79
Oct  4 09:18:08 firewall pluto[26478]: |   bf 1d 14 c1  7e 42 8a f8  c7 
3b aa e7  54 1d d6 ca
Oct  4 09:18:08 firewall pluto[26478]: |   d8 5f de 49  ec 04 ef 32  6e 
37 a8 74  17 19 a1 3a
Oct  4 09:18:08 firewall pluto[26478]: |   90 20 11 e2  44 d5 47 30  ff 
c0 2f 08  51 86 96 c1
Oct  4 09:18:08 firewall pluto[26478]: |   5c 6d ea 32  c6 83 3d 0b  50 
00 60 d9  f7 73 47 06
Oct  4 09:18:08 firewall pluto[26478]: |   73 48 43 12  05 6b 5a 48  7c 
d0 1e be  8d 14 39 8b
Oct  4 09:18:08 firewall pluto[26478]: |   78 ff 3a d0  31 74 24 c3  fa 
7d fb e3  e1 bf 88 1b
Oct  4 09:18:08 firewall pluto[26478]: |   92 6e 1e 43  a1 2b d0 29  1c 
bd d6 a7  d8 02 10 90
Oct  4 09:18:08 firewall pluto[26478]: |   13 5c 00 b1  ab 4c e7 dd  2b 
28 36 a2  2f bc 56 6a
Oct  4 09:18:08 firewall pluto[26478]: |   d3 d3 af b6  5a 8d 63 87  10 
a2 01 28  01 f4 b2 af
Oct  4 09:18:08 firewall pluto[26478]: |   44 df fd de  cc 89 8e 87  4f 
cf 87 66  40 63 60 c3
Oct  4 09:18:08 firewall pluto[26478]: |   a9 f7 b1 9e  70 67 c3 f9  99 
03 4f 44  5c 16 96 cf
Oct  4 09:18:08 firewall pluto[26478]: |   be 84 4f 64  0b 25 22 df  19 
d9 73 59  7f 48 ea 84
Oct  4 09:18:08 firewall pluto[26478]: |   dd 08 3e 36  6d d0 3a cb  0c 
f8 eb d4  2c 63 11 66
Oct  4 09:18:08 firewall pluto[26478]: |   d4 4d 69 ef  7b fa e8 c5  f7 
26 b5 f6  f0 46 48 b5
Oct  4 09:18:08 firewall pluto[26478]: |   9e 45 e3 64  0a 83 30 99  39 
f5 e4 3b  1d 32 24 7c
Oct  4 09:18:08 firewall pluto[26478]: |   f4 24 77 bc  2d 95 5a 23  b8 
79 cf a2  2b 98 b6 14
Oct  4 09:18:08 firewall pluto[26478]: |   ea a0 d3 cd  17 df b0 f5  38 
98 b7 d5  79 6b b2 62
Oct  4 09:18:08 firewall pluto[26478]: |   1c bd 18 d2  75 48 4d 91  f7 
8c 53 be  f5 09 f8 5b
Oct  4 09:18:08 firewall pluto[26478]: |   71 4b 50 81  cb 43 58 92  4e 
08 26 f5  cf 73 77 93
Oct  4 09:18:08 firewall pluto[26478]: |   dc 21 f7 a2  b6 08 2e dc  e4 
66 c2 c1  c3 cc 4f b8
Oct  4 09:18:08 firewall pluto[26478]: |   36 9d a5 f6  cd 99 ef 96  a3 
61 6a 6e  0b 11 ac 99
Oct  4 09:18:08 firewall pluto[26478]: |   c0 53 a5 f7  09 7d cb 45  84 
19 d5 e1  4c 69 f1 6a
Oct  4 09:18:08 firewall pluto[26478]: |   6e 42 90 63  e1 e9 95 81  14 
8c 81 24  a3 b3 0a fd
Oct  4 09:18:08 firewall pluto[26478]: |   41 04 ee 23  d7 50 26 c2  e0 
34 3a 7c  64 bb 66 86
Oct  4 09:18:08 firewall pluto[26478]: |   fc ad 31 b2  b8 fe c3 d5  9f 
0e 14 35  39 31 58 e8
Oct  4 09:18:08 firewall pluto[26478]: |   de f4 e9 ba  4e af ef 14  22 
2d 07 ca  ff 55 07 e7
Oct  4 09:18:08 firewall pluto[26478]: |   d2 d5 6c f6  c4 03 c7 01  ff 
33 99 7b  51 b2 5e fe
Oct  4 09:18:08 firewall pluto[26478]: |   e9 1b c9 af  35 b2 dc 11  7e 
30 11 77  26 df 9f d7
Oct  4 09:18:08 firewall pluto[26478]: |   69 4a 32 3c
Oct  4 09:18:08 firewall pluto[26478]: | processing: start from 
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct  4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct  4 09:18:08 firewall pluto[26478]: |    initiator cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41
Oct  4 09:18:08 firewall pluto[26478]: |    responder cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2SKF (0x35)
Oct  4 09:18:08 firewall pluto[26478]: |    ISAKMP version: IKEv2 
version 2.0 (rfc4306/rfc5996) (0x20)
Oct  4 09:18:08 firewall pluto[26478]: |    exchange type: 
ISAKMP_v2_IKE_AUTH (0x23)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: 
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    Message ID: 1 (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 580 (0x244)
Oct  4 09:18:08 firewall pluto[26478]: |  processing version=2.0 packet 
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct  4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request 
ISAKMP_v2_IKE_AUTH
Oct  4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct  4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3 
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct  4 09:18:08 firewall pluto[26478]: | found state #3
Oct  4 09:18:08 firewall pluto[26478]: | processing: start state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
ikev2_process_packet() at ikev2.c:1774)
Oct  4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0 
md.hdr.isa_msgid 00000001
Oct  4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received 
v2I1, sent v2R1
Oct  4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for 
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2SKF)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 552 (0x228)
Oct  4 09:18:08 firewall pluto[26478]: |    fragment number: 5 (0x5)
Oct  4 09:18:08 firewall pluto[26478]: |    total fragments: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2SKF (len=544)
Oct  4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment 
number '5', total number '8', next payload '0'
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop from 
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
process_md() at demux.c:445)
Oct  4 09:18:08 firewall pluto[26478]: | processing: STOP connection 
NULL (in process_md() at demux.c:446)
Oct  4 09:18:08 firewall pluto[26478]: | *received 580 bytes from 
50.117.137.129:63837 on enp3s0 (port=4500)
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41  e8 
c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |   35 20 23 08  00 00 00 01  00 
00 02 44  00 00 02 28
Oct  4 09:18:08 firewall pluto[26478]: |   00 06 00 08  36 7b 86 fe  11 
2c 2d 01  7c c1 04 4e
Oct  4 09:18:08 firewall pluto[26478]: |   1d 40 c0 18  b5 7f 64 fe  56 
57 fe f7  9c 15 9b cb
Oct  4 09:18:08 firewall pluto[26478]: |   ee 68 4c 44  19 95 52 91  0c 
af e8 26  a7 f9 8e 39
Oct  4 09:18:08 firewall pluto[26478]: |   98 c6 30 52  85 b7 60 2e  83 
97 4d 32  b8 43 9d e8
Oct  4 09:18:08 firewall pluto[26478]: |   62 f8 f7 d8  2f 2a 52 60  75 
e1 04 ae  b8 79 6d 17
Oct  4 09:18:08 firewall pluto[26478]: |   97 9e e6 58  31 67 30 e8  85 
63 a6 6f  07 42 b7 1f
Oct  4 09:18:08 firewall pluto[26478]: |   0e b9 ee b5  28 1c bf dc  ad 
bb 3f ed  b4 b9 75 c6
Oct  4 09:18:08 firewall pluto[26478]: |   b2 ea 8c a1  39 1e d3 11  b9 
a9 3d df  58 e0 70 99
Oct  4 09:18:08 firewall pluto[26478]: |   20 13 a0 23  0e 19 0d 83  55 
8e 8e be  39 c6 62 6a
Oct  4 09:18:08 firewall pluto[26478]: |   79 ee 6b 0e  9e 17 ca dd  86 
47 44 fe  70 b2 f2 f3
Oct  4 09:18:08 firewall pluto[26478]: |   4f 24 00 24  44 ec 4b 38  c2 
ea b1 e3  5f d4 7c 2e
Oct  4 09:18:08 firewall pluto[26478]: |   96 70 5b 99  e8 cc 42 d4  06 
bb cd d8  77 b2 cd 5c
Oct  4 09:18:08 firewall pluto[26478]: |   df c6 e5 b4  c4 8e 73 2b  4b 
ac bb 14  08 4d 66 3c
Oct  4 09:18:08 firewall pluto[26478]: |   70 c4 08 35  a9 e6 fb 03  15 
81 5e 12  b0 22 25 1b
Oct  4 09:18:08 firewall pluto[26478]: |   ac 4b 1c 36  05 13 15 3b  47 
e0 63 49  47 60 ff 9d
Oct  4 09:18:08 firewall pluto[26478]: |   b9 b1 47 69  53 ae c8 ca  f1 
dd 51 05  18 5f 8d ad
Oct  4 09:18:08 firewall pluto[26478]: |   33 b8 1c 60  12 f2 07 5f  bc 
68 3c 5a  cd b5 83 c4
Oct  4 09:18:08 firewall pluto[26478]: |   ca bd 33 b5  e2 35 59 db  6d 
5e 89 6d  f7 5c e2 f1
Oct  4 09:18:08 firewall pluto[26478]: |   bb cd 1b b6  ed dd 0a 0a  e9 
f7 a4 d6  ab 89 e8 ae
Oct  4 09:18:08 firewall pluto[26478]: |   93 2f 13 ae  e0 f7 ed 4e  fd 
c7 43 54  ff 92 dc 9b
Oct  4 09:18:08 firewall pluto[26478]: |   f1 30 fd cd  e0 fc f1 85  22 
4d 6c 7c  18 57 82 e7
Oct  4 09:18:08 firewall pluto[26478]: |   eb 45 2f 03  d6 49 84 30  df 
fe 99 01  3c e3 30 29
Oct  4 09:18:08 firewall pluto[26478]: |   2b 41 3f 14  e0 12 2a d3  84 
03 41 eb  ae f0 42 7e
Oct  4 09:18:08 firewall pluto[26478]: |   34 8f 48 f3  cd 43 e1 07  0c 
08 b0 fb  db 15 6b d3
Oct  4 09:18:08 firewall pluto[26478]: |   d3 ae 16 b1  ec 8c 6f 60  d9 
17 81 55  1e 1c f3 a6
Oct  4 09:18:08 firewall pluto[26478]: |   dc df 49 23  e7 2f d9 45  fe 
aa ea 7b  e7 fd a4 32
Oct  4 09:18:08 firewall pluto[26478]: |   cb dd e3 ac  d8 39 83 a8  df 
24 52 0e  55 0a d1 a1
Oct  4 09:18:08 firewall pluto[26478]: |   d8 92 f5 cd  bc 11 f9 d8  31 
70 68 65  36 02 0f 51
Oct  4 09:18:08 firewall pluto[26478]: |   77 03 bf 91  5b 09 ef cf  0e 
66 ba ea  c3 2f 5d 10
Oct  4 09:18:08 firewall pluto[26478]: |   ca e9 af 5d  5e 6a 03 2b  3a 
a9 d8 c0  4b 33 0a ae
Oct  4 09:18:08 firewall pluto[26478]: |   23 37 8c ee  52 bc 15 14  c9 
12 b6 0a  86 9a 84 b8
Oct  4 09:18:08 firewall pluto[26478]: |   93 eb 8c af  4f 0f eb 4f  fe 
37 71 db  79 ed 96 b8
Oct  4 09:18:08 firewall pluto[26478]: |   e4 0f 65 f6  69 10 b4 91  fd 
83 e4 29  1b 16 b0 b1
Oct  4 09:18:08 firewall pluto[26478]: |   02 49 91 5f  d6 7d 49 02  2c 
98 b4 e9  79 7d cb 7c
Oct  4 09:18:08 firewall pluto[26478]: |   4a 5a 5c b4
Oct  4 09:18:08 firewall pluto[26478]: | processing: start from 
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct  4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct  4 09:18:08 firewall pluto[26478]: |    initiator cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41
Oct  4 09:18:08 firewall pluto[26478]: |    responder cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2SKF (0x35)
Oct  4 09:18:08 firewall pluto[26478]: |    ISAKMP version: IKEv2 
version 2.0 (rfc4306/rfc5996) (0x20)
Oct  4 09:18:08 firewall pluto[26478]: |    exchange type: 
ISAKMP_v2_IKE_AUTH (0x23)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: 
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    Message ID: 1 (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 580 (0x244)
Oct  4 09:18:08 firewall pluto[26478]: |  processing version=2.0 packet 
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct  4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request 
ISAKMP_v2_IKE_AUTH
Oct  4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct  4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3 
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct  4 09:18:08 firewall pluto[26478]: | found state #3
Oct  4 09:18:08 firewall pluto[26478]: | processing: start state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
ikev2_process_packet() at ikev2.c:1774)
Oct  4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0 
md.hdr.isa_msgid 00000001
Oct  4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received 
v2I1, sent v2R1
Oct  4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for 
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2SKF)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 552 (0x228)
Oct  4 09:18:08 firewall pluto[26478]: |    fragment number: 6 (0x6)
Oct  4 09:18:08 firewall pluto[26478]: |    total fragments: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2SKF (len=544)
Oct  4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment 
number '6', total number '8', next payload '0'
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop from 
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
process_md() at demux.c:445)
Oct  4 09:18:08 firewall pluto[26478]: | processing: STOP connection 
NULL (in process_md() at demux.c:446)
Oct  4 09:18:08 firewall pluto[26478]: | *received 580 bytes from 
50.117.137.129:63837 on enp3s0 (port=4500)
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41  e8 
c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |   35 20 23 08  00 00 00 01  00 
00 02 44  00 00 02 28
Oct  4 09:18:08 firewall pluto[26478]: |   00 07 00 08  67 c5 f6 7a  52 
06 ea e2  a8 9c 88 4f
Oct  4 09:18:08 firewall pluto[26478]: |   ed bb 71 44  ae 42 1d f4  24 
48 36 2a  0b 3f 7b 61
Oct  4 09:18:08 firewall pluto[26478]: |   59 c6 a5 98  15 46 8a 02  14 
7b 48 3d  04 5e d7 fc
Oct  4 09:18:08 firewall pluto[26478]: |   14 81 d4 b6  9f 01 81 64  56 
ad 13 d7  d8 40 a1 63
Oct  4 09:18:08 firewall pluto[26478]: |   46 db 54 04  42 54 85 f4  4c 
19 ba 80  9c a8 7c e0
Oct  4 09:18:08 firewall pluto[26478]: |   b2 af 14 99  a4 a9 89 cb  ab 
92 40 3f  44 13 5a b9
Oct  4 09:18:08 firewall pluto[26478]: |   5c c2 0b f1  8a a5 62 c9  e2 
2d e1 46  31 54 a3 7d
Oct  4 09:18:08 firewall pluto[26478]: |   6f a5 e9 8a  db b2 51 14  8b 
f8 29 88  7d 14 49 6b
Oct  4 09:18:08 firewall pluto[26478]: |   5c 32 64 e3  7d 9e de 64  ff 
c1 f6 e4  e3 ae 48 ac
Oct  4 09:18:08 firewall pluto[26478]: |   1e c4 58 4e  03 a8 dd 91  dd 
f0 35 93  46 23 f3 99
Oct  4 09:18:08 firewall pluto[26478]: |   b4 8e c1 80  95 98 c1 c8  06 
cd fd 3c  42 e2 11 a0
Oct  4 09:18:08 firewall pluto[26478]: |   9f f2 ff 61  d5 ee 77 6f  7e 
bb 14 00  6d a5 21 fc
Oct  4 09:18:08 firewall pluto[26478]: |   b9 e5 34 66  41 74 01 20  5b 
c4 c3 a5  fa d8 14 7b
Oct  4 09:18:08 firewall pluto[26478]: |   b0 2c 5b 63  22 cf ad d9  ca 
dd 96 43  76 19 f4 75
Oct  4 09:18:08 firewall pluto[26478]: |   6a ba 1b 0b  38 d5 3a 13  5e 
0d a8 25  3d 5a 73 76
Oct  4 09:18:08 firewall pluto[26478]: |   fb c7 87 d5  f3 82 3d 8d  7e 
62 32 a8  80 40 a3 b3
Oct  4 09:18:08 firewall pluto[26478]: |   f0 6e 16 f0  3a 97 c3 e6  28 
64 e8 68  11 3a 25 d7
Oct  4 09:18:08 firewall pluto[26478]: |   93 98 bd 57  b9 71 71 b2  d7 
c8 e6 60  43 aa c3 c3
Oct  4 09:18:08 firewall pluto[26478]: |   f5 22 c0 13  12 12 ea 85  ec 
e4 41 a2  b6 ca 8d 58
Oct  4 09:18:08 firewall pluto[26478]: |   36 cf c0 2a  12 e4 b7 e4  ce 
da 3a 0b  60 5f 2c 12
Oct  4 09:18:08 firewall pluto[26478]: |   6c 5d 3b ff  20 08 a0 b3  9c 
d1 55 0c  1f e6 8d 1a
Oct  4 09:18:08 firewall pluto[26478]: |   c2 c2 23 9c  a4 9e 77 71  23 
68 a1 9d  11 04 e8 77
Oct  4 09:18:08 firewall pluto[26478]: |   38 5b 0a 96  17 f5 e6 f8  c9 
6f 23 5d  2e 06 6e db
Oct  4 09:18:08 firewall pluto[26478]: |   a0 6c 51 7b  38 8e f8 ef  34 
66 8d 1b  4c 1c 1b 35
Oct  4 09:18:08 firewall pluto[26478]: |   d2 1d a8 8d  b6 00 a0 af  d4 
6f 24 93  f5 7e e4 1c
Oct  4 09:18:08 firewall pluto[26478]: |   7e 1d ed ea  4f 95 16 7c  df 
33 10 4a  64 d4 56 d1
Oct  4 09:18:08 firewall pluto[26478]: |   7c 7d 9e ce  df 98 39 6d  22 
6f 33 cf  20 66 0a fd
Oct  4 09:18:08 firewall pluto[26478]: |   f9 d7 a3 7f  9a e3 d0 cf  91 
9b 43 ee  4c c8 34 5d
Oct  4 09:18:08 firewall pluto[26478]: |   20 3e 26 52  6c 11 81 85  83 
41 7c b2  79 23 a5 71
Oct  4 09:18:08 firewall pluto[26478]: |   52 a6 22 95  c0 2b 44 d7  12 
16 da 86  b3 bd 13 8d
Oct  4 09:18:08 firewall pluto[26478]: |   33 f1 67 6b  18 f8 38 75  0b 
d0 ba fc  a7 13 a5 38
Oct  4 09:18:08 firewall pluto[26478]: |   bf 06 b7 f5  3b bc 8e ba  a1 
f2 a4 7b  8e 2a 0c d2
Oct  4 09:18:08 firewall pluto[26478]: |   1c ce 69 11  0b 35 3b aa  ff 
79 51 e1  0f 84 8a 68
Oct  4 09:18:08 firewall pluto[26478]: |   73 1a da 4e  44 1c 2b ef  6c 
51 56 65  39 a1 9f a5
Oct  4 09:18:08 firewall pluto[26478]: |   00 a2 38 98
Oct  4 09:18:08 firewall pluto[26478]: | processing: start from 
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct  4 09:18:08 firewall pluto[26478]: | **parse ISAKMP Message:
Oct  4 09:18:08 firewall pluto[26478]: |    initiator cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41
Oct  4 09:18:08 firewall pluto[26478]: |    responder cookie:
Oct  4 09:18:08 firewall pluto[26478]: |   e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2SKF (0x35)
Oct  4 09:18:08 firewall pluto[26478]: |    ISAKMP version: IKEv2 
version 2.0 (rfc4306/rfc5996) (0x20)
Oct  4 09:18:08 firewall pluto[26478]: |    exchange type: 
ISAKMP_v2_IKE_AUTH (0x23)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: 
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct  4 09:18:08 firewall pluto[26478]: |    Message ID: 1 (0x1)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 580 (0x244)
Oct  4 09:18:08 firewall pluto[26478]: |  processing version=2.0 packet 
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct  4 09:18:08 firewall pluto[26478]: | I am receiving an IKEv2 Request 
ISAKMP_v2_IKE_AUTH
Oct  4 09:18:08 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct  4 09:18:08 firewall pluto[26478]: | State DB: IKEv2 state object #3 
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct  4 09:18:08 firewall pluto[26478]: | found state #3
Oct  4 09:18:08 firewall pluto[26478]: | processing: start state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
ikev2_process_packet() at ikev2.c:1774)
Oct  4 09:18:08 firewall pluto[26478]: | #3 is idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 idle
Oct  4 09:18:08 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0 
md.hdr.isa_msgid 00000001
Oct  4 09:18:08 firewall pluto[26478]: | #3 in state PARENT_R1: received 
v2I1, sent v2R1
Oct  4 09:18:08 firewall pluto[26478]: | Unpacking clear payload for 
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct  4 09:18:08 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2SKF)
Oct  4 09:18:08 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct  4 09:18:08 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:08 firewall pluto[26478]: |    length: 552 (0x228)
Oct  4 09:18:08 firewall pluto[26478]: |    fragment number: 7 (0x7)
Oct  4 09:18:08 firewall pluto[26478]: |    total fragments: 8 (0x8)
Oct  4 09:18:08 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2SKF (len=544)
Oct  4 09:18:08 firewall pluto[26478]: | received IKE encrypted fragment 
number '7', total number '8', next payload '0'
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop from 
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct  4 09:18:08 firewall pluto[26478]: | processing: stop state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
process_md() at demux.c:445)
Oct  4 09:18:08 firewall pluto[26478]: | processing: STOP connection 
NULL (in process_md() at demux.c:446)
Oct  4 09:18:09 firewall pluto[26478]: | *received 468 bytes from 
50.117.137.129:63837 on enp3s0 (port=4500)
Oct  4 09:18:09 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41  e8 
c0 ee b0  3e 42 de 7e
Oct  4 09:18:09 firewall pluto[26478]: |   35 20 23 08  00 00 00 01  00 
00 01 d4  00 00 01 b8
Oct  4 09:18:09 firewall pluto[26478]: |   00 08 00 08  58 8c 07 d8  fe 
0e 96 c1  64 b3 e7 b5
Oct  4 09:18:09 firewall pluto[26478]: |   fa 37 1b 20  69 82 16 72  19 
8b e8 29  f0 b3 95 64
Oct  4 09:18:09 firewall pluto[26478]: |   0a 2f bf 6d  13 d3 f1 23  ee 
be 24 18  30 70 90 d7
Oct  4 09:18:09 firewall pluto[26478]: |   20 ea 56 b5  8a 92 6a 4a  07 
7e 3d f4  9d 6d 76 0a
Oct  4 09:18:09 firewall pluto[26478]: |   da e2 e0 a6  03 b8 b6 b3  d9 
8e 91 f3  41 c3 94 7d
Oct  4 09:18:09 firewall pluto[26478]: |   7b 05 90 dc  8f 29 2e f7  b6 
cd 85 61  ee 97 b7 04
Oct  4 09:18:09 firewall pluto[26478]: |   84 0b f4 7a  d3 19 0c 2c  96 
c6 a4 ee  a5 69 36 b2
Oct  4 09:18:09 firewall pluto[26478]: |   e8 c6 74 98  11 1d 4d 3b  84 
f2 6e a0  0a f8 86 1b
Oct  4 09:18:09 firewall pluto[26478]: |   b3 ca 26 71  8d 57 df 86  50 
02 6d c7  9f 14 a5 73
Oct  4 09:18:09 firewall pluto[26478]: |   04 c0 6e 81  db ab 71 40  01 
4e 4d f4  d4 4f 08 c0
Oct  4 09:18:09 firewall pluto[26478]: |   cc e8 2e 57  26 88 88 57  ce 
75 d5 1b  f5 c5 de a9
Oct  4 09:18:09 firewall pluto[26478]: |   8b 20 ca 4c  33 cc 22 c6  07 
51 7f 01  11 90 d0 f8
Oct  4 09:18:09 firewall pluto[26478]: |   4c 6d 75 1e  f5 23 9c 84  dc 
33 76 3b  48 4e 7d 0b
Oct  4 09:18:09 firewall pluto[26478]: |   91 04 84 57  fe 5c 3d 8d  b5 
cd 93 21  24 9f 3f 5e
Oct  4 09:18:09 firewall pluto[26478]: |   a0 5a bb d3  72 df d3 51  f8 
ce a9 15  96 e7 3b 75
Oct  4 09:18:09 firewall pluto[26478]: |   cf 77 03 dd  26 5a 4a 6f  52 
2f b2 b0  c7 9a fd 71
Oct  4 09:18:09 firewall pluto[26478]: |   e0 a1 d8 e2  66 7c 35 26  2c 
0a 32 e7  a4 35 2d ce
Oct  4 09:18:09 firewall pluto[26478]: |   c7 f8 f5 39  3d fa 24 b2  fc 
b8 83 74  f5 b4 90 e5
Oct  4 09:18:09 firewall pluto[26478]: |   d9 e8 6f 38  f7 38 64 a6  1c 
d6 74 6a  2b ad 35 31
Oct  4 09:18:09 firewall pluto[26478]: |   bb 98 ae d7  74 15 08 7e  08 
b0 1c 7e  75 f4 23 16
Oct  4 09:18:09 firewall pluto[26478]: |   ce fe 22 b6  a1 6d 71 b8  42 
38 c5 64  f0 a7 73 20
Oct  4 09:18:09 firewall pluto[26478]: |   8d 99 fa c1  92 e3 40 8c  07 
c4 96 10  7b 79 ed d9
Oct  4 09:18:09 firewall pluto[26478]: |   1d 9d 71 4b  b0 29 0e 85  b3 
93 42 de  bc 45 8e 33
Oct  4 09:18:09 firewall pluto[26478]: |   ff 44 43 65  71 5a 06 d9  81 
dd 60 65  6d 10 3e 71
Oct  4 09:18:09 firewall pluto[26478]: |   bf 4a 11 e1  c3 32 96 a4  62 
15 92 11  e1 2c d8 3b
Oct  4 09:18:09 firewall pluto[26478]: |   2a 88 b9 d8  fe e2 c1 ed  72 
13 a2 b2  46 cf 90 5c
Oct  4 09:18:09 firewall pluto[26478]: |   09 56 83 68  5d f7 ff 27  5b 
3e 3f 9c  31 49 fa 5b
Oct  4 09:18:09 firewall pluto[26478]: |   5e 6d 5c 9c
Oct  4 09:18:09 firewall pluto[26478]: | processing: start from 
50.117.137.129:63837 (in process_md() at demux.c:441)
Oct  4 09:18:09 firewall pluto[26478]: | **parse ISAKMP Message:
Oct  4 09:18:09 firewall pluto[26478]: |    initiator cookie:
Oct  4 09:18:09 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41
Oct  4 09:18:09 firewall pluto[26478]: |    responder cookie:
Oct  4 09:18:09 firewall pluto[26478]: |   e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2SKF (0x35)
Oct  4 09:18:09 firewall pluto[26478]: |    ISAKMP version: IKEv2 
version 2.0 (rfc4306/rfc5996) (0x20)
Oct  4 09:18:09 firewall pluto[26478]: |    exchange type: 
ISAKMP_v2_IKE_AUTH (0x23)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: 
ISAKMP_FLAG_v2_IKE_INIT (0x8)
Oct  4 09:18:09 firewall pluto[26478]: |    Message ID: 1 (0x1)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 468 (0x1d4)
Oct  4 09:18:09 firewall pluto[26478]: |  processing version=2.0 packet 
with exchange type=ISAKMP_v2_IKE_AUTH (35)
Oct  4 09:18:09 firewall pluto[26478]: | I am receiving an IKEv2 Request 
ISAKMP_v2_IKE_AUTH
Oct  4 09:18:09 firewall pluto[26478]: | I am the IKE SA Original Responder
Oct  4 09:18:09 firewall pluto[26478]: | State DB: IKEv2 state object #3 
found, in STATE_PARENT_R1 (find_v2_ike_sa)
Oct  4 09:18:09 firewall pluto[26478]: | found state #3
Oct  4 09:18:09 firewall pluto[26478]: | processing: start state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
ikev2_process_packet() at ikev2.c:1774)
Oct  4 09:18:09 firewall pluto[26478]: | #3 is idle
Oct  4 09:18:09 firewall pluto[26478]: | #3 idle
Oct  4 09:18:09 firewall pluto[26478]: | #3 st.st_msgid_lastrecv 0 
md.hdr.isa_msgid 00000001
Oct  4 09:18:09 firewall pluto[26478]: | #3 in state PARENT_R1: received 
v2I1, sent v2R1
Oct  4 09:18:09 firewall pluto[26478]: | Unpacking clear payload for 
svm: Responder: process IKE_AUTH request (no SKEYSEED)
Oct  4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2SKF)
Oct  4 09:18:09 firewall pluto[26478]: | ***parse IKEv2 Encrypted Fragment:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 440 (0x1b8)
Oct  4 09:18:09 firewall pluto[26478]: |    fragment number: 8 (0x8)
Oct  4 09:18:09 firewall pluto[26478]: |    total fragments: 8 (0x8)
Oct  4 09:18:09 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2SKF (len=432)
Oct  4 09:18:09 firewall pluto[26478]: | received IKE encrypted fragment 
number '8', total number '8', next payload '0'
Oct  4 09:18:09 firewall pluto[26478]: | selected state microcode 
Responder: process IKE_AUTH request (no SKEYSEED)
Oct  4 09:18:09 firewall pluto[26478]: | Now let's proceed with state 
specific processing
Oct  4 09:18:09 firewall pluto[26478]: | calling processor Responder: 
process IKE_AUTH request (no SKEYSEED)
Oct  4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3: 
processing encrypted IKE_AUTH request: SKF (message arrived 0 seconds ago)
Oct  4 09:18:09 firewall pluto[26478]: | ikev2 parent inI2outR2: 
calculating g^{xy} in order to decrypt I2
Oct  4 09:18:09 firewall pluto[26478]: | offloading IKEv2 SKEYSEED using 
prf=HMAC_SHA2_256 integ=HMAC_SHA2_256_128 cipherkey=AES_CBC
Oct  4 09:18:09 firewall pluto[26478]: | adding ikev2_inI2outR2 KE 
work-order 4 for state #3
Oct  4 09:18:09 firewall pluto[26478]: | state #3 requesting 
EVENT_SO_DISCARD to be deleted
Oct  4 09:18:09 firewall pluto[26478]: | libevent_free: release 
ptr-libevent at 0x55d8599c59d8
Oct  4 09:18:09 firewall pluto[26478]: | free_event_entry: release 
EVENT_SO_DISCARD-pe at 0x55d85999dfa8
Oct  4 09:18:09 firewall pluto[26478]: | event_schedule: new 
EVENT_CRYPTO_TIMEOUT-pe at 0x55d8599c5b88
Oct  4 09:18:09 firewall pluto[26478]: | inserting event 
EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #3
Oct  4 09:18:09 firewall pluto[26478]: | libevent_malloc: new 
ptr-libevent at 0x55d8599c5bf8 size 128
Oct  4 09:18:09 firewall pluto[26478]: | #3 spent 0.1 milliseconds in 
processing: Responder: process IKE_AUTH request (no SKEYSEED)
Oct  4 09:18:09 firewall pluto[26478]: | crypto helper 0 resuming
Oct  4 09:18:09 firewall pluto[26478]: | processing: [RE]START state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
complete_v2_state_transition() at ikev2.c:3157)
Oct  4 09:18:09 firewall pluto[26478]: | crypto helper 0 starting 
work-order 4 for state #3
Oct  4 09:18:09 firewall pluto[26478]: | #3 complete v2 state transition 
from PARENT_R1 to PARENT_R1 with status STF_SUSPEND
Oct  4 09:18:09 firewall pluto[26478]: | crypto helper 0 doing compute 
dh (V2) (ikev2_inI2outR2 KE); request ID 4
Oct  4 09:18:09 firewall pluto[26478]: | suspending state #3 and saving MD
Oct  4 09:18:09 firewall pluto[26478]: | #3 is busy; has a suspended MD
Oct  4 09:18:09 firewall pluto[26478]: | processing: [RE]START state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
log_stf_suspend() at ikev2.c:3054)
Oct  4 09:18:09 firewall pluto[26478]: | "rw-ikev2"[1] 50.117.137.129 #3 
complete v2 state STATE_PARENT_R1 transition with STF_SUSPEND suspended 
from complete_v2_state_transition:3220
Oct  4 09:18:09 firewall pluto[26478]: | processing: stop from 
50.117.137.129:63837 (BACKGROUND) (in process_md() at demux.c:443)
Oct  4 09:18:09 firewall pluto[26478]: | processing: stop state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
process_md() at demux.c:445)
Oct  4 09:18:09 firewall pluto[26478]: | processing: STOP connection 
NULL (in process_md() at demux.c:446)
Oct  4 09:18:09 firewall pluto[26478]: | calculating skeyseed using 
prf=sha2_256 integ=sha2_256 cipherkey-size=32 salt-size=0
Oct  4 09:18:09 firewall pluto[26478]: | crypto helper 0 finished 
compute dh (V2) (ikev2_inI2outR2 KE); request ID 4 time elapsed 0.002 
seconds
Oct  4 09:18:09 firewall pluto[26478]: | (#3) spent 2.36 milliseconds in 
crypto helper computing work-order 4: compute dh (V2) (ikev2_inI2outR2 KE)
Oct  4 09:18:09 firewall pluto[26478]: | crypto helper 0 sending results 
from work-order 4 for state #3 to event queue
Oct  4 09:18:09 firewall pluto[26478]: | scheduling now-event sending 
helper answer for #3
Oct  4 09:18:09 firewall pluto[26478]: | libevent_malloc: new 
ptr-libevent at 0x7f258801c268 size 128
Oct  4 09:18:09 firewall pluto[26478]: | crypto helper 0 waiting 
(nothing to do)
Oct  4 09:18:09 firewall pluto[26478]: | start executing now-event 
sending helper answer for #3
Oct  4 09:18:09 firewall pluto[26478]: | processing: start state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:500 (in 
schedule_event_now_cb() at server.c:811)
Oct  4 09:18:09 firewall pluto[26478]: | crypto helper 0 replies to 
request ID 4
Oct  4 09:18:09 firewall pluto[26478]: | calling continuation function 
0x55d858fe4430
Oct  4 09:18:09 firewall pluto[26478]: | ikev2_parent_inI2outR2_continue 
for #3: calculating g^{xy}, sending R2
Oct  4 09:18:09 firewall pluto[26478]: | #3 in state PARENT_R1: received 
v2I1, sent v2R1
Oct  4 09:18:09 firewall pluto[26478]: | already have all fragments, 
skipping fragment collection
Oct  4 09:18:09 firewall pluto[26478]: | already have all fragments, 
skipping fragment collection
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  be 61 b8 3c  91 
27 58 41  e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  35 20 23 08  00 
00 00 01  00 00 02 44  23 00 02 28
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  00 01 00 08  fd 
70 ab 24  4d 86 60 24  e0 38 30 a9
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  7d 38 e9 9f  e1 
61 9d ab  16 f6 a5 83  9a 72 65 ca
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  1f 5a 1d 34  5d 
33 0f e9  e5 c2 17 0c  c5 f9 5b c0
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  a3 81 f5 e5  ff 
63 4f f3  8b 01 0e be  6c 0a 3e 24
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b7 8f a8 e1  b2 
c6 b5 01  d6 7a 5f 8c  be 10 8b f2
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  31 b6 da 2d  ad 
d3 f1 f4  75 be ae 94  a3 f4 c1 fe
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b2 39 dc e9  9e 
c2 20 70  69 cf b2 7a  45 55 d0 69
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  61 56 2a d0  36 
7f 9e 10  52 6f 57 2c  42 e7 8c c7
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  82 ca 01 b1  6a 
83 4e 6d  ad 59 65 cb  8e 51 68 00
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  c5 87 51 00  6b 
f5 2b 45  fa 7e 3b 11  ce 81 19 d0
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  85 26 41 46  91 
5a 03 bb  0b 1f b0 da  16 77 93 f7
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  af dc ce 16  2f 
ab 1b 3f  08 cb 5f 97  b5 c4 4a 1f
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  73 db b1 ff  57 
d9 29 48  98 3f f0 43  3b c8 4a 5b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d5 73 a4 80  90 
a2 7b cc  58 3c 76 6d  e9 69 c2 f4
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  f1 97 99 7d  cc 
e6 80 2b  52 e0 a4 b1  74 e4 72 b9
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  10 0c 61 3f  59 
5f 1f c5  4e 65 7c 7f  83 31 c0 0e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  76 fd 85 e1  28 
f9 35 12  e2 1d f1 31  29 76 ad d3
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  63 fc 29 bb  40 
a1 34 0a  90 ff ec fa  ea 5a 7d 96
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  fc 6c 5f 25  26 
3c 36 4d  26 52 b4 80  f3 07 99 1b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  49 32 21 81  23 
58 04 67  80 81 97 09  08 b0 eb 0e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  89 e7 19 a1  69 
b6 44 06  62 6e 03 fe  f3 1d e3 b2
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  cd 89 98 00  11 
da 4f 98  b4 7e 29 a4  74 9b 1d e5
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  0d 22 fd ff  29 
a1 af c2  b8 16 ba c1  33 f9 26 77
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  7f d1 b1 25  98 
67 42 f9  32 c4 3e 03  13 de 4d 4f
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  7c 58 88 65  41 
7b 0a aa  67 f0 0e 30  0a a5 de d6
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  81 9e 44 aa  0f 
f6 56 be  0a 85 81 c0  26 ff b6 02
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  4d 3f 14 33  8c 
e8 3c fa  b6 27 e0 8e  56 e1 c3 de
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  df 8e 17 01  d1 
9a 8b 1d  10 1e 84 f7  0b 95 af 14
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  a2 cc e7 8c  1a 
d4 d6 f3  3e a1 6b 17  ea cb b0 69
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  cc e9 b4 7a  04 
06 0d 13  fc 3a 7d 49  17 1e 5d 47
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  79 4b 1d 35  81 
89 0a f6  48 3b 9f 40  28 ef 71 f0
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  fe 1e de c0  77 
36 b1 cb  63 6f 63 84  8b e7 61 d1
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  09 8d f5 a9  fc 
da 44 9f  bc a9 53 68  b4 05 df 01
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  59 3b 84 38
Oct  4 09:18:09 firewall pluto[26478]: | calculated auth:  8a b7 41 78 
e4 18 0c f0  3c 46 ab dd  c8 d0 4b 80
Oct  4 09:18:09 firewall pluto[26478]: |   provided auth:  8a b7 41 78 
e4 18 0c f0  3c 46 ab dd  c8 d0 4b 80
Oct  4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  be 61 b8 3c  91 
27 58 41  e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  35 20 23 08  00 
00 00 01  00 00 02 44  00 00 02 28
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  00 02 00 08  92 
c4 49 39  b6 cb ac fa  ab 3a c8 86
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  06 3f 6f 89  00 
d1 95 dc  6c d6 38 5b  6e c1 35 6a
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  cd 39 34 4d  ba 
d5 56 18  ca 44 a9 b5  96 92 7f ec
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  52 51 3a b0  18 
da 9f b5  70 b6 b4 e3  8b db bc 5c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  bd 61 8b 41  f1 
0e 9d 9d  fd 1c d4 50  cf f2 37 e9
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  5e 59 28 bf  33 
50 ea d0  af 5d e2 9c  61 91 e1 47
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d6 bf d1 9e  5c 
37 84 9e  08 f5 fd ba  09 69 bb e8
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  7b 61 cc ad  3c 
a0 b4 60  38 15 a2 0f  eb 68 aa 0f
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  27 26 b4 d7  ef 
c4 eb c4  60 97 00 55  eb 13 5a 1d
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ad aa 68 d7  cc 
e7 65 35  96 95 0f 52  13 90 5f 19
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  55 1f d9 1b  72 
ae 19 be  ea a4 20 a6  00 1e de 7b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  01 6a 36 3d  16 
af 09 7b  39 15 84 7b  e6 90 29 3c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  bb 86 0b a1  db 
39 e2 40  5e e6 8b d2  1a ef d9 04
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  1e 98 04 36  a4 
a4 56 52  16 ff 3c 99  41 46 23 53
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  9b 6c 68 8e  0b 
f8 a5 d1  5d 8d 7e 82  00 56 bd df
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  6d 69 50 88  2b 
2b ef d4  4d d2 b3 ee  70 e5 23 5d
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  41 57 e0 af  a6 
55 a6 9a  44 5d 0b 0b  7e e2 40 86
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  14 cf ef 8e  5d 
26 5a 55  1a be 55 bb  df 5c e3 c4
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  43 16 a8 ee  93 
2e a5 5a  b9 5b 4a bc  d3 85 0a 81
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b4 ba 9a c2  a9 
ee ee 85  1a 81 09 94  31 f9 32 13
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  f1 d2 52 33  2c 
b3 c5 ad  1e 22 20 bc  68 59 9c 4c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  68 33 52 2b  be 
64 4b 24  c0 b5 04 28  7a ee a1 4c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  45 f3 28 ab  69 
bc d9 d6  39 4b 88 c2  5f cb db da
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  e4 8f 68 a5  e6 
8b e7 6e  1c 5c 60 24  d6 c7 fb 87
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  8e 52 e7 9e  bd 
53 ec 1b  76 80 49 18  3c 3a cc 4a
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  da 57 0c 46  05 
be 0f ae  2c 9e 67 6d  73 62 1a 65
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  c9 4d ae d6  b3 
d3 a4 67  31 a7 d7 f5  8b 6d e3 1e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  5c e3 30 7e  46 
3c a4 f4  ce c3 16 ca  f5 a8 f9 49
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  f4 6a 48 21  d1 
93 c9 b6  d1 b0 c4 ab  89 fd 73 85
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  a3 b0 0a 9d  9b 
69 61 70  11 80 d4 53  97 ac 8a 09
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  e9 09 91 69  18 
7c 35 b5  3d 56 48 be  96 01 92 39
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  df b0 31 ff  ce 
0e 6c 0e  a6 81 ee 1f  d9 ba 96 f0
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  27 c8 88 79  f2 
82 67 3a  21 45 86 16  73 4f 0c 8f
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  a1 f6 24 72
Oct  4 09:18:09 firewall pluto[26478]: | calculated auth:  bb bd 5c 16 
7a 95 28 15  cc c9 79 83  b5 c1 f4 29
Oct  4 09:18:09 firewall pluto[26478]: |   provided auth:  bb bd 5c 16 
7a 95 28 15  cc c9 79 83  b5 c1 f4 29
Oct  4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  be 61 b8 3c  91 
27 58 41  e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  35 20 23 08  00 
00 00 01  00 00 02 44  00 00 02 28
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  00 03 00 08  24 
09 5b 12  6f 82 d7 49  70 91 7f 0c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  36 a6 31 b1  3d 
19 c0 16  5c 02 e6 64  c8 5e 4b 44
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  64 dd b5 21  0f 
b2 89 9b  ff 65 f0 03  2f 90 f4 f8
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ff cb aa 9f  e2 
0a e4 93  09 eb 51 77  38 02 dd 61
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  3b 2b 0d 94  c0 
16 4c 54  57 80 15 2a  2d 02 91 e0
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d8 05 56 c2  3a 
b8 b2 15  56 f0 04 90  ee e2 7e 47
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  91 a1 cc 3e  41 
e7 99 9e  2c 56 56 28  aa 4c 46 ca
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  58 9d d1 a5  26 
91 67 d7  8a 05 be f3  a2 af 41 f8
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ca ab f4 fc  24 
c3 73 f2  d6 11 52 5e  ef b9 1c f5
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d2 99 ce 42  f7 
f6 3b ad  89 54 55 7d  2a 10 c6 f0
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  8c 5c 20 f3  cf 
ed ed 1f  6b 17 74 d1  c1 a7 a9 58
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  93 0c 63 ac  46 
de 5a 16  9d e1 70 47  ea 42 57 40
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  fc a4 47 66  6b 
71 ff eb  93 a2 ad fd  ab a3 0b 8a
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  2a 7e a6 07  f8 
5e 05 ca  26 76 bc 78  c5 ba 8f f4
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ea 9b 27 1d  73 
77 17 46  9c 06 ca 52  28 35 ab d2
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  70 7f 9c 97  6e 
0b 9d 38  07 27 0d 80  8c 5a 18 52
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  df 58 6c a9  19 
e3 89 d6  79 71 50 a3  5f ba e3 3e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  a6 68 ec 69  49 
c5 bc f3  47 6a b6 41  06 71 61 65
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b8 8f f4 96  54 
0a d0 9c  e1 41 79 a8  f1 8c c6 e4
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b1 61 1f d8  fe 
87 a3 01  a0 27 ff 45  ab 1e a1 c0
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d5 c2 5b 9e  06 
72 e7 be  b2 6e 9a df  39 28 1c 8a
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  da 13 8c 41  24 
1f 0b 21  25 65 27 13  85 bc 84 2a
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  89 fe 38 d2  d8 
7f 76 80  98 87 dc 9d  2b aa 8a 37
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  35 73 41 70  a3 
96 90 86  09 49 f8 00  0f a4 66 d7
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b2 3d ca 8c  e0 
a0 7b 00  03 c7 61 2d  f3 8b be e4
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  5c 20 13 71  af 
22 77 a7  25 2b 69 f9  ef 36 1f c9
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  36 81 ef f9  4c 
ca 20 fb  91 3f 17 ef  ad db 3e 47
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  89 6b ed f0  7c 
ff 89 a9  eb 40 93 c8  83 09 2a a9
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b8 c5 cf a2  a5 
35 1d 41  fd e4 6c 56  d5 5c 00 0f
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  db 7d e4 20  cd 
da df 7b  8e ab ae ee  89 1e db 6b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  4f fe bf ab  e8 
3a d2 c8  52 9f c2 8f  65 eb 3a 78
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b0 e6 c3 03  05 
94 d5 37  11 bf 5f 61  0f 1d a3 70
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  90 a8 2a 9e  ca 
e7 39 46  63 fe 85 e6  2a ce 7b 86
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  44 03 f2 64
Oct  4 09:18:09 firewall pluto[26478]: | calculated auth:  0e 45 07 75 
b6 dd 2f c1  16 f1 74 77  88 88 ad 35
Oct  4 09:18:09 firewall pluto[26478]: |   provided auth:  0e 45 07 75 
b6 dd 2f c1  16 f1 74 77  88 88 ad 35
Oct  4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  be 61 b8 3c  91 
27 58 41  e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  35 20 23 08  00 
00 00 01  00 00 02 44  00 00 02 28
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  00 04 00 08  b7 
3c 36 f6  9d ec c5 00  e8 fe 3f c4
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  47 bf c6 19  ca 
5b a8 84  3c 6a 71 a8  fb 43 3c 45
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d2 11 7e ff  02 
7b 5c 7c  9b a7 08 54  db 59 46 5c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  f1 e8 d1 42  74 
ea 26 05  fd 15 99 c6  04 3f 99 83
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  c2 1c d8 61  cd 
e1 8b ed  c1 bc a7 7c  62 ad b0 82
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  f1 e6 57 12  7d 
9b e8 0f  39 6f a1 6b  b1 d9 e9 db
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  eb 04 ce 35  61 
cf 8f 2e  90 43 00 8e  0c 6d 89 1b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  50 90 2f ab  69 
26 ed 4b  7e 20 0a 3e  35 02 b9 8c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  84 fa 22 f3  56 
6d ab 84  ed 2e 53 38  52 ff fe ed
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d0 11 87 fa  0b 
f1 be d5  74 f0 e5 03  2a 19 47 95
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  80 60 57 c5  7e 
1c f0 7b  16 a1 70 ce  29 13 00 1f
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  72 f8 2c 83  66 
92 a6 ee  a4 c9 26 be  30 98 05 47
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  97 57 fd 47  cf 
65 0b 0e  46 59 d0 5c  fa ed ab 77
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ca f0 7f f3  78 
74 90 53  c5 96 1a 60  f5 7a b7 f5
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  9b d9 4d 95  0e 
e9 78 be  71 ba 9e 33  99 33 f7 a0
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  c6 15 37 6d  b6 
54 41 4f  fa 08 e0 cb  9c 6d 3c ce
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ea 42 db 68  4c 
ce ee 04  ce db e4 0d  ce bb f9 40
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  db 16 e7 6e  90 
75 3e 02  29 d3 94 82  3c 12 45 24
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  32 78 44 fe  54 
2d fb 4e  e7 dd 66 a7  f2 40 44 b5
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  8d 57 2a f3  e9 
eb 66 50  42 bb e3 0e  b8 96 fa 3d
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  75 28 e8 9a  b8 
6f 89 16  65 c0 64 38  11 8f 9b 93
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  82 5a 26 1d  b9 
2e 4e 20  c6 28 18 ad  c8 5c d2 c0
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  bc 80 99 5f  45 
fe 40 cf  af 41 a0 1c  46 b6 a3 29
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  6b 98 2f 2b  17 
27 97 51  20 56 25 fe  19 0d d4 14
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  4c 63 88 72  d1 
45 e1 45  73 02 b2 55  25 17 aa 2c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  c2 2d 3b fd  d5 
35 f2 f3  4a 7f 58 df  af fa 8d dd
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  c0 b0 a9 2c  90 
a8 75 3e  55 8e 4b fa  d5 fc 2a 22
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  a2 3b eb 5d  e1 
f4 d2 c1  c3 ae 63 fa  7d fa 61 b1
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  41 b6 91 7b  28 
c7 7a 26  75 11 a5 bc  7d 1f 19 25
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  2f bb 5b 05  13 
5c 66 42  3a 05 f6 16  c5 ef 10 b3
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  54 82 64 81  d5 
3f d0 6c  6e 54 5f 6d  a4 92 e6 79
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  38 6f d3 8e  f5 
13 cf 83  86 dd f7 00  0e f5 60 30
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  19 e9 c0 6d  68 
af e7 c7  fa df 27 c0  ca 15 47 d1
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  74 0a 38 2e
Oct  4 09:18:09 firewall pluto[26478]: | calculated auth:  59 5c 1c fe 
c7 4a ca 9f  31 10 c0 a6  33 03 67 7f
Oct  4 09:18:09 firewall pluto[26478]: |   provided auth:  59 5c 1c fe 
c7 4a ca 9f  31 10 c0 a6  33 03 67 7f
Oct  4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  be 61 b8 3c  91 
27 58 41  e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  35 20 23 08  00 
00 00 01  00 00 02 44  00 00 02 28
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  00 05 00 08  fb 
37 1b dd  82 24 e3 e0  6a ea e3 57
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  17 8b 7c 94  32 
af 50 a9  d8 db 60 b1  1c 28 b9 0c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d1 3d 91 e4  82 
0b e6 22  84 ff 8e 53  66 51 ef 55
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  4f b0 63 97  9c 
a8 7c 9a  8c 3a ae d2  b7 f9 42 0c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  90 7e 27 8c  c8 
57 46 0d  54 3b 43 ee  a6 6b 1e 00
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  97 41 93 3d  cf 
d0 2c 2a  43 d3 ac fb  27 9f f7 79
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  bf 1d 14 c1  7e 
42 8a f8  c7 3b aa e7  54 1d d6 ca
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d8 5f de 49  ec 
04 ef 32  6e 37 a8 74  17 19 a1 3a
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  90 20 11 e2  44 
d5 47 30  ff c0 2f 08  51 86 96 c1
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  5c 6d ea 32  c6 
83 3d 0b  50 00 60 d9  f7 73 47 06
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  73 48 43 12  05 
6b 5a 48  7c d0 1e be  8d 14 39 8b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  78 ff 3a d0  31 
74 24 c3  fa 7d fb e3  e1 bf 88 1b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  92 6e 1e 43  a1 
2b d0 29  1c bd d6 a7  d8 02 10 90
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  13 5c 00 b1  ab 
4c e7 dd  2b 28 36 a2  2f bc 56 6a
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d3 d3 af b6  5a 
8d 63 87  10 a2 01 28  01 f4 b2 af
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  44 df fd de  cc 
89 8e 87  4f cf 87 66  40 63 60 c3
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  a9 f7 b1 9e  70 
67 c3 f9  99 03 4f 44  5c 16 96 cf
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  be 84 4f 64  0b 
25 22 df  19 d9 73 59  7f 48 ea 84
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  dd 08 3e 36  6d 
d0 3a cb  0c f8 eb d4  2c 63 11 66
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d4 4d 69 ef  7b 
fa e8 c5  f7 26 b5 f6  f0 46 48 b5
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  9e 45 e3 64  0a 
83 30 99  39 f5 e4 3b  1d 32 24 7c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  f4 24 77 bc  2d 
95 5a 23  b8 79 cf a2  2b 98 b6 14
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ea a0 d3 cd  17 
df b0 f5  38 98 b7 d5  79 6b b2 62
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  1c bd 18 d2  75 
48 4d 91  f7 8c 53 be  f5 09 f8 5b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  71 4b 50 81  cb 
43 58 92  4e 08 26 f5  cf 73 77 93
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  dc 21 f7 a2  b6 
08 2e dc  e4 66 c2 c1  c3 cc 4f b8
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  36 9d a5 f6  cd 
99 ef 96  a3 61 6a 6e  0b 11 ac 99
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  c0 53 a5 f7  09 
7d cb 45  84 19 d5 e1  4c 69 f1 6a
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  6e 42 90 63  e1 
e9 95 81  14 8c 81 24  a3 b3 0a fd
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  41 04 ee 23  d7 
50 26 c2  e0 34 3a 7c  64 bb 66 86
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  fc ad 31 b2  b8 
fe c3 d5  9f 0e 14 35  39 31 58 e8
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  de f4 e9 ba  4e 
af ef 14  22 2d 07 ca  ff 55 07 e7
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d2 d5 6c f6  c4 
03 c7 01  ff 33 99 7b  51 b2 5e fe
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  e9 1b c9 af
Oct  4 09:18:09 firewall pluto[26478]: | calculated auth:  35 b2 dc 11 
7e 30 11 77  26 df 9f d7  69 4a 32 3c
Oct  4 09:18:09 firewall pluto[26478]: |   provided auth:  35 b2 dc 11 
7e 30 11 77  26 df 9f d7  69 4a 32 3c
Oct  4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  be 61 b8 3c  91 
27 58 41  e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  35 20 23 08  00 
00 00 01  00 00 02 44  00 00 02 28
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  00 06 00 08  36 
7b 86 fe  11 2c 2d 01  7c c1 04 4e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  1d 40 c0 18  b5 
7f 64 fe  56 57 fe f7  9c 15 9b cb
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ee 68 4c 44  19 
95 52 91  0c af e8 26  a7 f9 8e 39
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  98 c6 30 52  85 
b7 60 2e  83 97 4d 32  b8 43 9d e8
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  62 f8 f7 d8  2f 
2a 52 60  75 e1 04 ae  b8 79 6d 17
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  97 9e e6 58  31 
67 30 e8  85 63 a6 6f  07 42 b7 1f
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  0e b9 ee b5  28 
1c bf dc  ad bb 3f ed  b4 b9 75 c6
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b2 ea 8c a1  39 
1e d3 11  b9 a9 3d df  58 e0 70 99
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  20 13 a0 23  0e 
19 0d 83  55 8e 8e be  39 c6 62 6a
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  79 ee 6b 0e  9e 
17 ca dd  86 47 44 fe  70 b2 f2 f3
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  4f 24 00 24  44 
ec 4b 38  c2 ea b1 e3  5f d4 7c 2e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  96 70 5b 99  e8 
cc 42 d4  06 bb cd d8  77 b2 cd 5c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  df c6 e5 b4  c4 
8e 73 2b  4b ac bb 14  08 4d 66 3c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  70 c4 08 35  a9 
e6 fb 03  15 81 5e 12  b0 22 25 1b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ac 4b 1c 36  05 
13 15 3b  47 e0 63 49  47 60 ff 9d
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b9 b1 47 69  53 
ae c8 ca  f1 dd 51 05  18 5f 8d ad
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  33 b8 1c 60  12 
f2 07 5f  bc 68 3c 5a  cd b5 83 c4
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ca bd 33 b5  e2 
35 59 db  6d 5e 89 6d  f7 5c e2 f1
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  bb cd 1b b6  ed 
dd 0a 0a  e9 f7 a4 d6  ab 89 e8 ae
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  93 2f 13 ae  e0 
f7 ed 4e  fd c7 43 54  ff 92 dc 9b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  f1 30 fd cd  e0 
fc f1 85  22 4d 6c 7c  18 57 82 e7
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  eb 45 2f 03  d6 
49 84 30  df fe 99 01  3c e3 30 29
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  2b 41 3f 14  e0 
12 2a d3  84 03 41 eb  ae f0 42 7e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  34 8f 48 f3  cd 
43 e1 07  0c 08 b0 fb  db 15 6b d3
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d3 ae 16 b1  ec 
8c 6f 60  d9 17 81 55  1e 1c f3 a6
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  dc df 49 23  e7 
2f d9 45  fe aa ea 7b  e7 fd a4 32
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  cb dd e3 ac  d8 
39 83 a8  df 24 52 0e  55 0a d1 a1
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d8 92 f5 cd  bc 
11 f9 d8  31 70 68 65  36 02 0f 51
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  77 03 bf 91  5b 
09 ef cf  0e 66 ba ea  c3 2f 5d 10
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ca e9 af 5d  5e 
6a 03 2b  3a a9 d8 c0  4b 33 0a ae
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  23 37 8c ee  52 
bc 15 14  c9 12 b6 0a  86 9a 84 b8
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  93 eb 8c af  4f 
0f eb 4f  fe 37 71 db  79 ed 96 b8
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  e4 0f 65 f6  69 
10 b4 91  fd 83 e4 29  1b 16 b0 b1
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  02 49 91 5f
Oct  4 09:18:09 firewall pluto[26478]: | calculated auth:  d6 7d 49 02 
2c 98 b4 e9  79 7d cb 7c  4a 5a 5c b4
Oct  4 09:18:09 firewall pluto[26478]: |   provided auth:  d6 7d 49 02 
2c 98 b4 e9  79 7d cb 7c  4a 5a 5c b4
Oct  4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  be 61 b8 3c  91 
27 58 41  e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  35 20 23 08  00 
00 00 01  00 00 02 44  00 00 02 28
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  00 07 00 08  67 
c5 f6 7a  52 06 ea e2  a8 9c 88 4f
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ed bb 71 44  ae 
42 1d f4  24 48 36 2a  0b 3f 7b 61
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  59 c6 a5 98  15 
46 8a 02  14 7b 48 3d  04 5e d7 fc
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  14 81 d4 b6  9f 
01 81 64  56 ad 13 d7  d8 40 a1 63
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  46 db 54 04  42 
54 85 f4  4c 19 ba 80  9c a8 7c e0
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b2 af 14 99  a4 
a9 89 cb  ab 92 40 3f  44 13 5a b9
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  5c c2 0b f1  8a 
a5 62 c9  e2 2d e1 46  31 54 a3 7d
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  6f a5 e9 8a  db 
b2 51 14  8b f8 29 88  7d 14 49 6b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  5c 32 64 e3  7d 
9e de 64  ff c1 f6 e4  e3 ae 48 ac
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  1e c4 58 4e  03 
a8 dd 91  dd f0 35 93  46 23 f3 99
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b4 8e c1 80  95 
98 c1 c8  06 cd fd 3c  42 e2 11 a0
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  9f f2 ff 61  d5 
ee 77 6f  7e bb 14 00  6d a5 21 fc
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b9 e5 34 66  41 
74 01 20  5b c4 c3 a5  fa d8 14 7b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b0 2c 5b 63  22 
cf ad d9  ca dd 96 43  76 19 f4 75
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  6a ba 1b 0b  38 
d5 3a 13  5e 0d a8 25  3d 5a 73 76
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  fb c7 87 d5  f3 
82 3d 8d  7e 62 32 a8  80 40 a3 b3
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  f0 6e 16 f0  3a 
97 c3 e6  28 64 e8 68  11 3a 25 d7
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  93 98 bd 57  b9 
71 71 b2  d7 c8 e6 60  43 aa c3 c3
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  f5 22 c0 13  12 
12 ea 85  ec e4 41 a2  b6 ca 8d 58
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  36 cf c0 2a  12 
e4 b7 e4  ce da 3a 0b  60 5f 2c 12
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  6c 5d 3b ff  20 
08 a0 b3  9c d1 55 0c  1f e6 8d 1a
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  c2 c2 23 9c  a4 
9e 77 71  23 68 a1 9d  11 04 e8 77
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  38 5b 0a 96  17 
f5 e6 f8  c9 6f 23 5d  2e 06 6e db
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  a0 6c 51 7b  38 
8e f8 ef  34 66 8d 1b  4c 1c 1b 35
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d2 1d a8 8d  b6 
00 a0 af  d4 6f 24 93  f5 7e e4 1c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  7e 1d ed ea  4f 
95 16 7c  df 33 10 4a  64 d4 56 d1
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  7c 7d 9e ce  df 
98 39 6d  22 6f 33 cf  20 66 0a fd
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  f9 d7 a3 7f  9a 
e3 d0 cf  91 9b 43 ee  4c c8 34 5d
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  20 3e 26 52  6c 
11 81 85  83 41 7c b2  79 23 a5 71
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  52 a6 22 95  c0 
2b 44 d7  12 16 da 86  b3 bd 13 8d
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  33 f1 67 6b  18 
f8 38 75  0b d0 ba fc  a7 13 a5 38
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  bf 06 b7 f5  3b 
bc 8e ba  a1 f2 a4 7b  8e 2a 0c d2
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  1c ce 69 11  0b 
35 3b aa  ff 79 51 e1  0f 84 8a 68
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  73 1a da 4e
Oct  4 09:18:09 firewall pluto[26478]: | calculated auth:  44 1c 2b ef 
6c 51 56 65  39 a1 9f a5  00 a2 38 98
Oct  4 09:18:09 firewall pluto[26478]: |   provided auth:  44 1c 2b ef 
6c 51 56 65  39 a1 9f a5  00 a2 38 98
Oct  4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  be 61 b8 3c  91 
27 58 41  e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  35 20 23 08  00 
00 00 01  00 00 01 d4  00 00 01 b8
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  00 08 00 08  58 
8c 07 d8  fe 0e 96 c1  64 b3 e7 b5
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  fa 37 1b 20  69 
82 16 72  19 8b e8 29  f0 b3 95 64
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  0a 2f bf 6d  13 
d3 f1 23  ee be 24 18  30 70 90 d7
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  20 ea 56 b5  8a 
92 6a 4a  07 7e 3d f4  9d 6d 76 0a
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  da e2 e0 a6  03 
b8 b6 b3  d9 8e 91 f3  41 c3 94 7d
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  7b 05 90 dc  8f 
29 2e f7  b6 cd 85 61  ee 97 b7 04
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  84 0b f4 7a  d3 
19 0c 2c  96 c6 a4 ee  a5 69 36 b2
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  e8 c6 74 98  11 
1d 4d 3b  84 f2 6e a0  0a f8 86 1b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  b3 ca 26 71  8d 
57 df 86  50 02 6d c7  9f 14 a5 73
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  04 c0 6e 81  db 
ab 71 40  01 4e 4d f4  d4 4f 08 c0
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  cc e8 2e 57  26 
88 88 57  ce 75 d5 1b  f5 c5 de a9
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  8b 20 ca 4c  33 
cc 22 c6  07 51 7f 01  11 90 d0 f8
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  4c 6d 75 1e  f5 
23 9c 84  dc 33 76 3b  48 4e 7d 0b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  91 04 84 57  fe 
5c 3d 8d  b5 cd 93 21  24 9f 3f 5e
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  a0 5a bb d3  72 
df d3 51  f8 ce a9 15  96 e7 3b 75
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  cf 77 03 dd  26 
5a 4a 6f  52 2f b2 b0  c7 9a fd 71
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  e0 a1 d8 e2  66 
7c 35 26  2c 0a 32 e7  a4 35 2d ce
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  c7 f8 f5 39  3d 
fa 24 b2  fc b8 83 74  f5 b4 90 e5
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  d9 e8 6f 38  f7 
38 64 a6  1c d6 74 6a  2b ad 35 31
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  bb 98 ae d7  74 
15 08 7e  08 b0 1c 7e  75 f4 23 16
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ce fe 22 b6  a1 
6d 71 b8  42 38 c5 64  f0 a7 73 20
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  8d 99 fa c1  92 
e3 40 8c  07 c4 96 10  7b 79 ed d9
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  1d 9d 71 4b  b0 
29 0e 85  b3 93 42 de  bc 45 8e 33
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  ff 44 43 65  71 
5a 06 d9  81 dd 60 65  6d 10 3e 71
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  bf 4a 11 e1  c3 
32 96 a4  62 15 92 11  e1 2c d8 3b
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  2a 88 b9 d8  fe 
e2 c1 ed  72 13 a2 b2  46 cf 90 5c
Oct  4 09:18:09 firewall pluto[26478]: | data for hmac:  09 56 83 68
Oct  4 09:18:09 firewall pluto[26478]: | calculated auth:  5d f7 ff 27 
5b 3e 3f 9c  31 49 fa 5b  5e 6d 5c 9c
Oct  4 09:18:09 firewall pluto[26478]: |   provided auth:  5d f7 ff 27 
5b 3e 3f 9c  31 49 fa 5b  5e 6d 5c 9c
Oct  4 09:18:09 firewall pluto[26478]: | authenticator matched
Oct  4 09:18:09 firewall pluto[26478]: | #3 ikev2 ISAKMP_v2_IKE_AUTH 
decrypt success
Oct  4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2IDi)
Oct  4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Identification - 
Initiator - Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2CERT (0x25)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 106 (0x6a)
Oct  4 09:18:09 firewall pluto[26478]: |    ID type: ID_DER_ASN1_DN (0x9)
Oct  4 09:18:09 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2IDi (len=98)
Oct  4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2CERT)
Oct  4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Certificate Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2CERTREQ (0x26)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 1587 (0x633)
Oct  4 09:18:09 firewall pluto[26478]: |    ikev2 cert encoding: 
CERT_X509_SIGNATURE (0x4)
Oct  4 09:18:09 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2CERT (len=1582)
Oct  4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2CERTREQ)
Oct  4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Certificate 
Request Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2AUTH (0x27)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 1405 (0x57d)
Oct  4 09:18:09 firewall pluto[26478]: |    ikev2 cert encoding: 
CERT_X509_SIGNATURE (0x4)
Oct  4 09:18:09 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2CERTREQ (len=1400)
Oct  4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2AUTH)
Oct  4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Authentication 
Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2N (0x29)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 520 (0x208)
Oct  4 09:18:09 firewall pluto[26478]: |    auth method: IKEv2_AUTH_RSA 
(0x1)
Oct  4 09:18:09 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2AUTH (len=512)
Oct  4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2N)
Oct  4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Notify Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2CP (0x2f)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:09 firewall pluto[26478]: |    Protocol ID: 
PROTO_v2_RESERVED (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    SPI size: 0 (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    Notify Message Type: 
v2N_MOBIKE_SUPPORTED (0x400c)
Oct  4 09:18:09 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2N (len=0)
Oct  4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2CP)
Oct  4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Configuration 
Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2SA (0x21)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 36 (0x24)
Oct  4 09:18:09 firewall pluto[26478]: |    ikev2_cfg_type: 
IKEv2_CP_CFG_REQUEST (0x1)
Oct  4 09:18:09 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2CP (len=28)
Oct  4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2SA)
Oct  4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Security 
Association Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2TSi (0x2c)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 80 (0x50)
Oct  4 09:18:09 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2SA (len=76)
Oct  4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2TSi)
Oct  4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Traffic Selector 
- Initiator - Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2TSr (0x2d)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 64 (0x40)
Oct  4 09:18:09 firewall pluto[26478]: |    number of TS: 2 (0x2)
Oct  4 09:18:09 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2TSi (len=56)
Oct  4 09:18:09 firewall pluto[26478]: | Now let's proceed with payload 
(ISAKMP_NEXT_v2TSr)
Oct  4 09:18:09 firewall pluto[26478]: | **parse IKEv2 Traffic Selector 
- Responder - Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 64 (0x40)
Oct  4 09:18:09 firewall pluto[26478]: |    number of TS: 2 (0x2)
Oct  4 09:18:09 firewall pluto[26478]: | processing payload: 
ISAKMP_NEXT_v2TSr (len=56)
Oct  4 09:18:09 firewall pluto[26478]: | selected state microcode 
Responder: process IKE_AUTH request
Oct  4 09:18:09 firewall pluto[26478]: | Now let's proceed with state 
specific processing
Oct  4 09:18:09 firewall pluto[26478]: | calling processor Responder: 
process IKE_AUTH request
Oct  4 09:18:09 firewall pluto[26478]: |   #3 spent 2.78 milliseconds
Oct  4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3: 
processing decrypted IKE_AUTH request: 
SK{IDi,CERT,CERTREQ,AUTH,N,CP,SA,TSi,TSr}
Oct  4 09:18:09 firewall pluto[26478]: | global one-shot timer 
EVENT_FREE_ROOT_CERTS scheduled in 300 seconds
Oct  4 09:18:09 firewall pluto[26478]: |       #3 spent 0.0137 
milliseconds in find_and_verify_certs() calling get_root_certs()
Oct  4 09:18:09 firewall pluto[26478]: | checking for known CERT payloads
Oct  4 09:18:09 firewall pluto[26478]: | saving certificate of type 
'X509_SIGNATURE'
Oct  4 09:18:09 firewall pluto[26478]: | decoded cert: CN=Heidi 
Hansen,OU=Network Admin,O=Planyukon,ST=Yukon,C=CA
Oct  4 09:18:09 firewall pluto[26478]: |       #3 spent 0.0714 
milliseconds in find_and_verify_certs() calling decode_cert_payloads()
Oct  4 09:18:09 firewall pluto[26478]: | cert_issuer_has_current_crl: 
looking for a CRL issued by CN=Planyukon Certificate 
Authority,OU=Administrator,O=Planyukon,ST=Yukon,C=CA
Oct  4 09:18:09 firewall pluto[26478]: |       #3 spent 0.146 
milliseconds in find_and_verify_certs() calling crl_update_check()
Oct  4 09:18:09 firewall pluto[26478]: | missing or expired CRL
Oct  4 09:18:09 firewall pluto[26478]: | crl_strict: 0, ocsp: 0, 
ocsp_strict: 0, ocsp_post: 0
Oct  4 09:18:09 firewall pluto[26478]: | verify_end_cert trying profile 
IPsec
Oct  4 09:18:09 firewall pluto[26478]: | certificate is valid (profile 
IPsec)
Oct  4 09:18:09 firewall pluto[26478]: |       #3 spent 0.624 
milliseconds in find_and_verify_certs() calling verify_end_cert()
Oct  4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3: 
certificate verified OK: CN=Heidi Hansen,OU=Network 
Admin,O=Planyukon,ST=Yukon,C=CA
Oct  4 09:18:09 firewall pluto[26478]: | get_pluto_gn_from_nss_cert: 
allocated pluto_gn 0x55d8599c58b8
Oct  4 09:18:09 firewall pluto[26478]: | get_pluto_gn_from_nss_cert: 
allocated pluto_gn 0x55d85997c3e8
Oct  4 09:18:09 firewall pluto[26478]: | unreference key: 0x55d8599c5318 
C=CA, ST=Yukon, O=Planyukon, OU=Network Admin, CN=Heidi Hansen cnt 1--
Oct  4 09:18:09 firewall pluto[26478]: |       #3 spent 0.271 
milliseconds in decode_certs() calling add_pubkey_from_nss_cert()
Oct  4 09:18:09 firewall pluto[26478]: |     #3 spent 1.21 milliseconds 
in decode_certs()
Oct  4 09:18:09 firewall pluto[26478]: | DER ASN1 DN:  30 60 31 0b  30 
09 06 03  55 04 06 13  02 43 41 31
Oct  4 09:18:09 firewall pluto[26478]: | DER ASN1 DN:  0e 30 0c 06  03 
55 04 08  13 05 59 75  6b 6f 6e 31
Oct  4 09:18:09 firewall pluto[26478]: | DER ASN1 DN:  12 30 10 06  03 
55 04 0a  13 09 50 6c  61 6e 79 75
Oct  4 09:18:09 firewall pluto[26478]: | DER ASN1 DN:  6b 6f 6e 31  16 
30 14 06  03 55 04 0b  13 0d 4e 65
Oct  4 09:18:09 firewall pluto[26478]: | DER ASN1 DN:  74 77 6f 72  6b 
20 41 64  6d 69 6e 31  15 30 13 06
Oct  4 09:18:09 firewall pluto[26478]: | DER ASN1 DN:  03 55 04 03  13 
0c 48 65  69 64 69 20  48 61 6e 73
Oct  4 09:18:09 firewall pluto[26478]: | DER ASN1 DN:  65 6e
Oct  4 09:18:09 firewall pluto[26478]: | ID_DER_ASN1_DN 'C=CA, ST=Yukon, 
O=Planyukon, OU=Network Admin, CN=Heidi Hansen' needs further ID 
comparison against 'C=CA, ST=Yukon, O=Planyukon, OU=Network Admin, 
CN=Heidi Hansen'
Oct  4 09:18:09 firewall pluto[26478]: | ID_DER_ASN1_DN 'C=CA, ST=Yukon, 
O=Planyukon, OU=Network Admin, CN=Heidi Hansen' matched our ID
Oct  4 09:18:09 firewall pluto[26478]: | X509: CERT and ID matches 
current connection
Oct  4 09:18:09 firewall pluto[26478]: | CERT_X509_SIGNATURE CR:
Oct  4 09:18:09 firewall pluto[26478]: |   00 c2 5f 57  cf 93 14 0f  46 
3f 95 71  0a 5c c9 de
Oct  4 09:18:09 firewall pluto[26478]: |   2f 19 53 f9  3b bc 57 4b  0f 
12 ca 3d  85 a8 2d 7c
Oct  4 09:18:09 firewall pluto[26478]: |   d4 d5 bd 52  48 e6 76 7c  b0 
80 52 3d  c1 b8 f9 67
Oct  4 09:18:09 firewall pluto[26478]: |   17 c3 09 a9  67 b0 df 9c  51 
8d 42 22  30 a4 e6 4f
Oct  4 09:18:09 firewall pluto[26478]: |   de 76 8a fc  ed 5a 90 84  28 
30 46 79  2c 29 15 70
Oct  4 09:18:09 firewall pluto[26478]: |   0e ac 82 60  40 56 27 97  e5 
25 13 fc  2a e1 0a 53
Oct  4 09:18:09 firewall pluto[26478]: |   95 59 e4 a4  8f 77 c2 1d  60 
d5 1d bc  6d 1c a7 28
Oct  4 09:18:09 firewall pluto[26478]: |   a9 39 3d 8d  56 77 6e 7e  ca 
b9 ce 6f  46 e7 71 3b
Oct  4 09:18:09 firewall pluto[26478]: |   27 9c d2 87  20 f7 ea a0  be 
37 34 3c  dd bc bd 86
Oct  4 09:18:09 firewall pluto[26478]: |   9c 3f 07 ed  40 e3 1b 08  ef 
ce c4 d1  88 cd 3b 15
Oct  4 09:18:09 firewall pluto[26478]: |   50 64 27 15  75 01 55 0c  ff 
e7 e7 83  4d 59 28 d7
Oct  4 09:18:09 firewall pluto[26478]: |   26 88 fe df  57 2a 11 53  24 
9d 4d 9d  75 36 8d 8e
Oct  4 09:18:09 firewall pluto[26478]: |   1e 29 72 83  ae 34 d4 95  13 
e6 dd b7  8c 73 81 82
Oct  4 09:18:09 firewall pluto[26478]: |   72 64 86 31  57 9a 29 a5  a1 
66 d7 39  a8 f0 65 9a
Oct  4 09:18:09 firewall pluto[26478]: |   6f 92 97 40  5b a5 3c 03  38 
d2 6d c1  a3 9a 99 b3
Oct  4 09:18:09 firewall pluto[26478]: |   4a 5c 75 22  aa 46 bf a4  08 
9d 39 97  4e bd b4 a3
Oct  4 09:18:09 firewall pluto[26478]: |   60 f7 a0 1d  5c b8 69 fe  8d 
ef c1 ed  66 27 ee b2
Oct  4 09:18:09 firewall pluto[26478]: |   12 0f 72 1b  b8 0a 0e 04  ef 
c5 6a f5  7c be 16 74
Oct  4 09:18:09 firewall pluto[26478]: |   8d f4 d5 8d  83 ee f4 40  85 
f5 46 9e  6a 47 a2 67
Oct  4 09:18:09 firewall pluto[26478]: |   c9 2e 2f 19  68 8b 9b 86  61 
66 95 ed  c1 2c 13 00
Oct  4 09:18:09 firewall pluto[26478]: |   01 f0 33 4c  1a a1 d9 ee  5b 
7b a9 de  43 bc 02 7d
Oct  4 09:18:09 firewall pluto[26478]: |   57 09 33 fb  51 66 12 08  df 
49 0f 93  7a 99 04 45
Oct  4 09:18:09 firewall pluto[26478]: |   13 69 83 a0  5b 1a 6d dc  d4 
db a1 08  19 d7 87 41
Oct  4 09:18:09 firewall pluto[26478]: |   28 49 22 00  b4 4d f8 48  68 
2d 18 25  a6 6e c6 3a
Oct  4 09:18:09 firewall pluto[26478]: |   b2 43 f4 dc  2c e3 ab 4a  37 
a4 8d a5  4d 5c 5a 4f
Oct  4 09:18:09 firewall pluto[26478]: |   73 40 27 51  00 36 b4 b5  78 
70 91 ce  f4 42 22 58
Oct  4 09:18:09 firewall pluto[26478]: |   3d 44 79 71  79 79 0a cb  c7 
52 81 1e  e8 c9 6c 67
Oct  4 09:18:09 firewall pluto[26478]: |   8e e7 be db  5c 75 97 2e  83 
31 7e 62  85 42 53 d6
Oct  4 09:18:09 firewall pluto[26478]: |   d7 78 31 90  ec 91 90 56  e9 
91 b9 e3  53 a0 12 47
Oct  4 09:18:09 firewall pluto[26478]: |   dd d5 27 8e  5b e8 e6 50  5d 
bf 29 fc  71 98 44 b9
Oct  4 09:18:09 firewall pluto[26478]: |   88 a9 5a ef  c0 84 fc 13  74 
41 6b b1  63 32 c2 cf
Oct  4 09:18:09 firewall pluto[26478]: |   92 59 bb 3b  f9 27 b6 1b  0a 
37 f3 c3  1a fa 17 ec
Oct  4 09:18:09 firewall pluto[26478]: |   2d 46 17 16  12 9d 0c 0e  34 
4f 30 2d  25 69 31 91
Oct  4 09:18:09 firewall pluto[26478]: |   ea f7 73 5c  ab f5 86 8d  37 
82 40 ec  3e df 29 0c
Oct  4 09:18:09 firewall pluto[26478]: |   c1 f5 cc 73  2c eb 3d 24  e1 
7e 52 da  bd 27 e2 f0
Oct  4 09:18:09 firewall pluto[26478]: |   09 b1 9c 76  dc 1b d6 fc  82 
b0 56 47  1c 51 93 cf
Oct  4 09:18:09 firewall pluto[26478]: |   ee 95 d0 02  7c 32 d4 85  fd 
89 0a 66  b5 97 ce 86
Oct  4 09:18:09 firewall pluto[26478]: |   f4 d5 26 a9  21 07 e8 3e  af 
7e b9 98  4d 39 87 bf
Oct  4 09:18:09 firewall pluto[26478]: |   02 fa c1 f8  fa f0 6a cb  09 
e6 c1 3f  64 1d f8 d5
Oct  4 09:18:09 firewall pluto[26478]: |   0e 23 31 c2  29 b2 50 cb  32 
f5 6d f5  5c 8e 00 fa
Oct  4 09:18:09 firewall pluto[26478]: |   ab 76 88 f4  e5 e1 38 c9  e9 
50 17 cd  cd b3 18 17
Oct  4 09:18:09 firewall pluto[26478]: |   b3 3e 8c f5  da ed 64 74  14 
9c 14 3c  ab dd 99 a9
Oct  4 09:18:09 firewall pluto[26478]: |   bd 5b 28 4d  8b 3c c9 d8  c0 
7a 98 68  8d 89 fb ab
Oct  4 09:18:09 firewall pluto[26478]: |   05 64 0c 11  7d aa 7d 65  b8 
ca cc 4e  a8 e3 02 96
Oct  4 09:18:09 firewall pluto[26478]: |   70 a6 8b 57  eb ec ef cc  29 
4e 91 74  9a d4 92 38
Oct  4 09:18:09 firewall pluto[26478]: |   f7 93 19 ef  df c1 f5 20  fb 
ac 85 55  2c f2 d2 8f
Oct  4 09:18:09 firewall pluto[26478]: |   5a b9 ca 0b  30 a4 e6 4f  de 
76 8a fc  ed 5a 90 84
Oct  4 09:18:09 firewall pluto[26478]: |   28 30 46 79  2c 29 15 70  48 
e6 68 f9  2b d2 b2 95
Oct  4 09:18:09 firewall pluto[26478]: |   d7 47 d8 23  20 10 4f 33  98 
90 9f d4  c4 30 28 c5
Oct  4 09:18:09 firewall pluto[26478]: |   d3 e3 08 0c  10 44 8b 2c  77 
ba 24 53  97 60 bb f9
Oct  4 09:18:09 firewall pluto[26478]: |   69 c4 27 db  59 69 68 18  47 
e2 52 17  0a e0 e5 7f
Oct  4 09:18:09 firewall pluto[26478]: |   ab 9d ef 0f  ba 42 b0 81  88 
53 88 1d  86 63 bd 4c
Oct  4 09:18:09 firewall pluto[26478]: |   c0 5e 08 fe  ea 6e bb 77  87 
db d4 5f  b0 92 8d 4e
Oct  4 09:18:09 firewall pluto[26478]: |   1d f8 15 67  e7 f2 ab af  d6 
2b 67 75  6e 58 4e 33
Oct  4 09:18:09 firewall pluto[26478]: |   75 bd 57 f6  d5 42 1b 16  01 
c2 d8 c0  f5 3a 9f 6e
Oct  4 09:18:09 firewall pluto[26478]: |   4a 81 0c de  f0 c0 90 0f  19 
06 42 31  35 a2 a2 8d
Oct  4 09:18:09 firewall pluto[26478]: |   d3 44 fd 08  d5 2e 13 c1  ab 
e3 49 da  e8 b4 95 94
Oct  4 09:18:09 firewall pluto[26478]: |   ef 7c 38 43  60 64 66 bd  59 
79 12 de  61 75 d6 6f
Oct  4 09:18:09 firewall pluto[26478]: |   c4 23 b7 77  13 74 c7 96  de 
6f 88 72  6c ca bd 7d
Oct  4 09:18:09 firewall pluto[26478]: |   b4 7e 94 a5  75 99 01 b6  a7 
df d4 5d  1c 09 1c cc
Oct  4 09:18:09 firewall pluto[26478]: |   6a 47 a2 67  c9 2e 2f 19  68 
8b 9b 86  61 66 95 ed
Oct  4 09:18:09 firewall pluto[26478]: |   c1 2c 13 00  42 32 b6 16  fa 
04 fd fe  5d 4b 7a c3
Oct  4 09:18:09 firewall pluto[26478]: |   fd f7 4c 40  1d 5a 43 af  1a 
21 b4 95  2b 62 93 ce
Oct  4 09:18:09 firewall pluto[26478]: |   18 b3 65 ec  9c 0e 93 4c  b3 
81 e6 d4  a5 06 8a 78
Oct  4 09:18:09 firewall pluto[26478]: |   cf 84 bd 74  32 dd 58 f9  65 
eb 3a 55  e7 c7 80 dc
Oct  4 09:18:09 firewall pluto[26478]: |   e2 7f 7b d8  77 d5 df 9e  0a 
3f 9e b4  cb 0e 2e a9
Oct  4 09:18:09 firewall pluto[26478]: |   ef db 69 77  5f f3 24 6c  8f 
91 24 af  9b 5f 3e b0
Oct  4 09:18:09 firewall pluto[26478]: |   34 6a f4 2d  5c a8 5d cc  83 
31 7e 62  85 42 53 d6
Oct  4 09:18:09 firewall pluto[26478]: |   d7 78 31 90  ec 91 90 56  e9 
91 b9 e3  3e 22 d4 2c
Oct  4 09:18:09 firewall pluto[26478]: |   1f 02 44 b8  04 10 65 61  7c 
c7 6b ae  da 87 29 9c
Oct  4 09:18:09 firewall pluto[26478]: |   55 e4 81 d1  11 80 be d8  89 
b9 08 a3  31 f9 a1 24
Oct  4 09:18:09 firewall pluto[26478]: |   09 16 b9 70  b1 81 08 1a  19 
a4 c0 94  1f fa e8 95
Oct  4 09:18:09 firewall pluto[26478]: |   28 c1 24 c9  9b 34 ac c7  21 
0f 2c 89  f7 c4 cd 5d
Oct  4 09:18:09 firewall pluto[26478]: |   1b 82 5e 38  d6 c6 59 3b  a6 
93 75 ae  23 4b 71 25
Oct  4 09:18:09 firewall pluto[26478]: |   56 13 e1 30  dd e3 42 69  c9 
cc 30 d4  6f 08 41 e0
Oct  4 09:18:09 firewall pluto[26478]: |   00 ad d9 a3  f6 79 f6 6e  74 
a9 7f 33  3d 81 17 d7
Oct  4 09:18:09 firewall pluto[26478]: |   4c cf 33 de  bb c2 3e 29  0b 
b3 28 77  1d ad 3e a2
Oct  4 09:18:09 firewall pluto[26478]: |   4d bd f4 23  bd 06 b0 3d  b0 
19 89 e7  ef fb 4a af
Oct  4 09:18:09 firewall pluto[26478]: |   cb 14 8f 58  46 39 76 22  41 
50 e1 ba  c8 95 13 68
Oct  4 09:18:09 firewall pluto[26478]: |   01 97 28 0a  2c 55 c3 fc  d3 
90 f5 3a  05 3b c9 fb
Oct  4 09:18:09 firewall pluto[26478]: |   ee e5 9f 1e  2a a5 44 c3  cb 
25 43 a6  9a 5b d4 6a
Oct  4 09:18:09 firewall pluto[26478]: |   25 bc bb 8e  90 2f 82 a3  7c 
47 97 01  1e 0f 4b a5
Oct  4 09:18:09 firewall pluto[26478]: |   af 13 13 c2  11 13 47 ea  7c 
32 d4 85  fd 89 0a 66
Oct  4 09:18:09 firewall pluto[26478]: |   b5 97 ce 86  f4 d5 26 a9  21 
07 e8 3e  68 33 0e 61
Oct  4 09:18:09 firewall pluto[26478]: |   35 85 21 59  29 83 a3 c8  d2 
d2 e1 40  6e 7a b3 c1
Oct  4 09:18:09 firewall pluto[26478]: |   9c a9 8d 00  af 74 0d dd  81 
80 d2 13  45 a5 8b 8f
Oct  4 09:18:09 firewall pluto[26478]: |   2e 94 38 d6  4f 9c 7d 21  79 
9c ad 0e  d8 b9 0c 57
Oct  4 09:18:09 firewall pluto[26478]: |   9f 1a 02 99  e7 90 f3 87
Oct  4 09:18:09 firewall pluto[26478]: |   cert blob content is not 
binary ASN.1
Oct  4 09:18:09 firewall pluto[26478]: | refine_host_connection for 
IKEv2: starting with "rw-ikev2"[1] 50.117.137.129
Oct  4 09:18:09 firewall pluto[26478]: | trusted_ca_nss: trustee A = 
'C=CA, ST=Yukon, O=Planyukon, OU=Administrator, CN=Planyukon Certificate 
Authority'
Oct  4 09:18:09 firewall pluto[26478]: | trusted_ca_nss: trustor B = 
'C=CA, ST=Yukon, O=Planyukon, OU=Administrator, CN=Planyukon Certificate 
Authority'
Oct  4 09:18:09 firewall pluto[26478]: | refine_host_connection: happy 
with starting point: "rw-ikev2"[1] 50.117.137.129
Oct  4 09:18:09 firewall pluto[26478]: | The remote did not specify an 
IDr and our current connection is good enough
Oct  4 09:18:09 firewall pluto[26478]: | offered CA: 'C=CA, ST=Yukon, 
O=Planyukon, OU=Administrator, CN=Planyukon Certificate Authority'
Oct  4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3: 
IKEv2 mode peer ID is ID_DER_ASN1_DN: 'C=CA, ST=Yukon, O=Planyukon, 
OU=Network Admin, CN=Heidi Hansen'
Oct  4 09:18:09 firewall pluto[26478]: | received v2N_MOBIKE_SUPPORTED 
while it did not sent
Oct  4 09:18:09 firewall pluto[26478]: | received CERTREQ payload; going 
to decode it
Oct  4 09:18:09 firewall pluto[26478]: | CERT_X509_SIGNATURE CR:
Oct  4 09:18:09 firewall pluto[26478]: |   00 c2 5f 57  cf 93 14 0f  46 
3f 95 71  0a 5c c9 de
Oct  4 09:18:09 firewall pluto[26478]: |   2f 19 53 f9  3b bc 57 4b  0f 
12 ca 3d  85 a8 2d 7c
Oct  4 09:18:09 firewall pluto[26478]: |   d4 d5 bd 52  48 e6 76 7c  b0 
80 52 3d  c1 b8 f9 67
Oct  4 09:18:09 firewall pluto[26478]: |   17 c3 09 a9  67 b0 df 9c  51 
8d 42 22  30 a4 e6 4f
Oct  4 09:18:09 firewall pluto[26478]: |   de 76 8a fc  ed 5a 90 84  28 
30 46 79  2c 29 15 70
Oct  4 09:18:09 firewall pluto[26478]: |   0e ac 82 60  40 56 27 97  e5 
25 13 fc  2a e1 0a 53
Oct  4 09:18:09 firewall pluto[26478]: |   95 59 e4 a4  8f 77 c2 1d  60 
d5 1d bc  6d 1c a7 28
Oct  4 09:18:09 firewall pluto[26478]: |   a9 39 3d 8d  56 77 6e 7e  ca 
b9 ce 6f  46 e7 71 3b
Oct  4 09:18:09 firewall pluto[26478]: |   27 9c d2 87  20 f7 ea a0  be 
37 34 3c  dd bc bd 86
Oct  4 09:18:09 firewall pluto[26478]: |   9c 3f 07 ed  40 e3 1b 08  ef 
ce c4 d1  88 cd 3b 15
Oct  4 09:18:09 firewall pluto[26478]: |   50 64 27 15  75 01 55 0c  ff 
e7 e7 83  4d 59 28 d7
Oct  4 09:18:09 firewall pluto[26478]: |   26 88 fe df  57 2a 11 53  24 
9d 4d 9d  75 36 8d 8e
Oct  4 09:18:09 firewall pluto[26478]: |   1e 29 72 83  ae 34 d4 95  13 
e6 dd b7  8c 73 81 82
Oct  4 09:18:09 firewall pluto[26478]: |   72 64 86 31  57 9a 29 a5  a1 
66 d7 39  a8 f0 65 9a
Oct  4 09:18:09 firewall pluto[26478]: |   6f 92 97 40  5b a5 3c 03  38 
d2 6d c1  a3 9a 99 b3
Oct  4 09:18:09 firewall pluto[26478]: |   4a 5c 75 22  aa 46 bf a4  08 
9d 39 97  4e bd b4 a3
Oct  4 09:18:09 firewall pluto[26478]: |   60 f7 a0 1d  5c b8 69 fe  8d 
ef c1 ed  66 27 ee b2
Oct  4 09:18:09 firewall pluto[26478]: |   12 0f 72 1b  b8 0a 0e 04  ef 
c5 6a f5  7c be 16 74
Oct  4 09:18:09 firewall pluto[26478]: |   8d f4 d5 8d  83 ee f4 40  85 
f5 46 9e  6a 47 a2 67
Oct  4 09:18:09 firewall pluto[26478]: |   c9 2e 2f 19  68 8b 9b 86  61 
66 95 ed  c1 2c 13 00
Oct  4 09:18:09 firewall pluto[26478]: |   01 f0 33 4c  1a a1 d9 ee  5b 
7b a9 de  43 bc 02 7d
Oct  4 09:18:09 firewall pluto[26478]: |   57 09 33 fb  51 66 12 08  df 
49 0f 93  7a 99 04 45
Oct  4 09:18:09 firewall pluto[26478]: |   13 69 83 a0  5b 1a 6d dc  d4 
db a1 08  19 d7 87 41
Oct  4 09:18:09 firewall pluto[26478]: |   28 49 22 00  b4 4d f8 48  68 
2d 18 25  a6 6e c6 3a
Oct  4 09:18:09 firewall pluto[26478]: |   b2 43 f4 dc  2c e3 ab 4a  37 
a4 8d a5  4d 5c 5a 4f
Oct  4 09:18:09 firewall pluto[26478]: |   73 40 27 51  00 36 b4 b5  78 
70 91 ce  f4 42 22 58
Oct  4 09:18:09 firewall pluto[26478]: |   3d 44 79 71  79 79 0a cb  c7 
52 81 1e  e8 c9 6c 67
Oct  4 09:18:09 firewall pluto[26478]: |   8e e7 be db  5c 75 97 2e  83 
31 7e 62  85 42 53 d6
Oct  4 09:18:09 firewall pluto[26478]: |   d7 78 31 90  ec 91 90 56  e9 
91 b9 e3  53 a0 12 47
Oct  4 09:18:09 firewall pluto[26478]: |   dd d5 27 8e  5b e8 e6 50  5d 
bf 29 fc  71 98 44 b9
Oct  4 09:18:09 firewall pluto[26478]: |   88 a9 5a ef  c0 84 fc 13  74 
41 6b b1  63 32 c2 cf
Oct  4 09:18:09 firewall pluto[26478]: |   92 59 bb 3b  f9 27 b6 1b  0a 
37 f3 c3  1a fa 17 ec
Oct  4 09:18:09 firewall pluto[26478]: |   2d 46 17 16  12 9d 0c 0e  34 
4f 30 2d  25 69 31 91
Oct  4 09:18:09 firewall pluto[26478]: |   ea f7 73 5c  ab f5 86 8d  37 
82 40 ec  3e df 29 0c
Oct  4 09:18:09 firewall pluto[26478]: |   c1 f5 cc 73  2c eb 3d 24  e1 
7e 52 da  bd 27 e2 f0
Oct  4 09:18:09 firewall pluto[26478]: |   09 b1 9c 76  dc 1b d6 fc  82 
b0 56 47  1c 51 93 cf
Oct  4 09:18:09 firewall pluto[26478]: |   ee 95 d0 02  7c 32 d4 85  fd 
89 0a 66  b5 97 ce 86
Oct  4 09:18:09 firewall pluto[26478]: |   f4 d5 26 a9  21 07 e8 3e  af 
7e b9 98  4d 39 87 bf
Oct  4 09:18:09 firewall pluto[26478]: |   02 fa c1 f8  fa f0 6a cb  09 
e6 c1 3f  64 1d f8 d5
Oct  4 09:18:09 firewall pluto[26478]: |   0e 23 31 c2  29 b2 50 cb  32 
f5 6d f5  5c 8e 00 fa
Oct  4 09:18:09 firewall pluto[26478]: |   ab 76 88 f4  e5 e1 38 c9  e9 
50 17 cd  cd b3 18 17
Oct  4 09:18:09 firewall pluto[26478]: |   b3 3e 8c f5  da ed 64 74  14 
9c 14 3c  ab dd 99 a9
Oct  4 09:18:09 firewall pluto[26478]: |   bd 5b 28 4d  8b 3c c9 d8  c0 
7a 98 68  8d 89 fb ab
Oct  4 09:18:09 firewall pluto[26478]: |   05 64 0c 11  7d aa 7d 65  b8 
ca cc 4e  a8 e3 02 96
Oct  4 09:18:09 firewall pluto[26478]: |   70 a6 8b 57  eb ec ef cc  29 
4e 91 74  9a d4 92 38
Oct  4 09:18:09 firewall pluto[26478]: |   f7 93 19 ef  df c1 f5 20  fb 
ac 85 55  2c f2 d2 8f
Oct  4 09:18:09 firewall pluto[26478]: |   5a b9 ca 0b  30 a4 e6 4f  de 
76 8a fc  ed 5a 90 84
Oct  4 09:18:09 firewall pluto[26478]: |   28 30 46 79  2c 29 15 70  48 
e6 68 f9  2b d2 b2 95
Oct  4 09:18:09 firewall pluto[26478]: |   d7 47 d8 23  20 10 4f 33  98 
90 9f d4  c4 30 28 c5
Oct  4 09:18:09 firewall pluto[26478]: |   d3 e3 08 0c  10 44 8b 2c  77 
ba 24 53  97 60 bb f9
Oct  4 09:18:09 firewall pluto[26478]: |   69 c4 27 db  59 69 68 18  47 
e2 52 17  0a e0 e5 7f
Oct  4 09:18:09 firewall pluto[26478]: |   ab 9d ef 0f  ba 42 b0 81  88 
53 88 1d  86 63 bd 4c
Oct  4 09:18:09 firewall pluto[26478]: |   c0 5e 08 fe  ea 6e bb 77  87 
db d4 5f  b0 92 8d 4e
Oct  4 09:18:09 firewall pluto[26478]: |   1d f8 15 67  e7 f2 ab af  d6 
2b 67 75  6e 58 4e 33
Oct  4 09:18:09 firewall pluto[26478]: |   75 bd 57 f6  d5 42 1b 16  01 
c2 d8 c0  f5 3a 9f 6e
Oct  4 09:18:09 firewall pluto[26478]: |   4a 81 0c de  f0 c0 90 0f  19 
06 42 31  35 a2 a2 8d
Oct  4 09:18:09 firewall pluto[26478]: |   d3 44 fd 08  d5 2e 13 c1  ab 
e3 49 da  e8 b4 95 94
Oct  4 09:18:09 firewall pluto[26478]: |   ef 7c 38 43  60 64 66 bd  59 
79 12 de  61 75 d6 6f
Oct  4 09:18:09 firewall pluto[26478]: |   c4 23 b7 77  13 74 c7 96  de 
6f 88 72  6c ca bd 7d
Oct  4 09:18:09 firewall pluto[26478]: |   b4 7e 94 a5  75 99 01 b6  a7 
df d4 5d  1c 09 1c cc
Oct  4 09:18:09 firewall pluto[26478]: |   6a 47 a2 67  c9 2e 2f 19  68 
8b 9b 86  61 66 95 ed
Oct  4 09:18:09 firewall pluto[26478]: |   c1 2c 13 00  42 32 b6 16  fa 
04 fd fe  5d 4b 7a c3
Oct  4 09:18:09 firewall pluto[26478]: |   fd f7 4c 40  1d 5a 43 af  1a 
21 b4 95  2b 62 93 ce
Oct  4 09:18:09 firewall pluto[26478]: |   18 b3 65 ec  9c 0e 93 4c  b3 
81 e6 d4  a5 06 8a 78
Oct  4 09:18:09 firewall pluto[26478]: |   cf 84 bd 74  32 dd 58 f9  65 
eb 3a 55  e7 c7 80 dc
Oct  4 09:18:09 firewall pluto[26478]: |   e2 7f 7b d8  77 d5 df 9e  0a 
3f 9e b4  cb 0e 2e a9
Oct  4 09:18:09 firewall pluto[26478]: |   ef db 69 77  5f f3 24 6c  8f 
91 24 af  9b 5f 3e b0
Oct  4 09:18:09 firewall pluto[26478]: |   34 6a f4 2d  5c a8 5d cc  83 
31 7e 62  85 42 53 d6
Oct  4 09:18:09 firewall pluto[26478]: |   d7 78 31 90  ec 91 90 56  e9 
91 b9 e3  3e 22 d4 2c
Oct  4 09:18:09 firewall pluto[26478]: |   1f 02 44 b8  04 10 65 61  7c 
c7 6b ae  da 87 29 9c
Oct  4 09:18:09 firewall pluto[26478]: |   55 e4 81 d1  11 80 be d8  89 
b9 08 a3  31 f9 a1 24
Oct  4 09:18:09 firewall pluto[26478]: |   09 16 b9 70  b1 81 08 1a  19 
a4 c0 94  1f fa e8 95
Oct  4 09:18:09 firewall pluto[26478]: |   28 c1 24 c9  9b 34 ac c7  21 
0f 2c 89  f7 c4 cd 5d
Oct  4 09:18:09 firewall pluto[26478]: |   1b 82 5e 38  d6 c6 59 3b  a6 
93 75 ae  23 4b 71 25
Oct  4 09:18:09 firewall pluto[26478]: |   56 13 e1 30  dd e3 42 69  c9 
cc 30 d4  6f 08 41 e0
Oct  4 09:18:09 firewall pluto[26478]: |   00 ad d9 a3  f6 79 f6 6e  74 
a9 7f 33  3d 81 17 d7
Oct  4 09:18:09 firewall pluto[26478]: |   4c cf 33 de  bb c2 3e 29  0b 
b3 28 77  1d ad 3e a2
Oct  4 09:18:09 firewall pluto[26478]: |   4d bd f4 23  bd 06 b0 3d  b0 
19 89 e7  ef fb 4a af
Oct  4 09:18:09 firewall pluto[26478]: |   cb 14 8f 58  46 39 76 22  41 
50 e1 ba  c8 95 13 68
Oct  4 09:18:09 firewall pluto[26478]: |   01 97 28 0a  2c 55 c3 fc  d3 
90 f5 3a  05 3b c9 fb
Oct  4 09:18:09 firewall pluto[26478]: |   ee e5 9f 1e  2a a5 44 c3  cb 
25 43 a6  9a 5b d4 6a
Oct  4 09:18:09 firewall pluto[26478]: |   25 bc bb 8e  90 2f 82 a3  7c 
47 97 01  1e 0f 4b a5
Oct  4 09:18:09 firewall pluto[26478]: |   af 13 13 c2  11 13 47 ea  7c 
32 d4 85  fd 89 0a 66
Oct  4 09:18:09 firewall pluto[26478]: |   b5 97 ce 86  f4 d5 26 a9  21 
07 e8 3e  68 33 0e 61
Oct  4 09:18:09 firewall pluto[26478]: |   35 85 21 59  29 83 a3 c8  d2 
d2 e1 40  6e 7a b3 c1
Oct  4 09:18:09 firewall pluto[26478]: |   9c a9 8d 00  af 74 0d dd  81 
80 d2 13  45 a5 8b 8f
Oct  4 09:18:09 firewall pluto[26478]: |   2e 94 38 d6  4f 9c 7d 21  79 
9c ad 0e  d8 b9 0c 57
Oct  4 09:18:09 firewall pluto[26478]: |   9f 1a 02 99  e7 90 f3 87
Oct  4 09:18:09 firewall pluto[26478]: |   cert blob content is not 
binary ASN.1
Oct  4 09:18:09 firewall pluto[26478]: | verifying AUTH payload
Oct  4 09:18:09 firewall pluto[26478]: |     #3 spent 1.37 milliseconds
Oct  4 09:18:09 firewall pluto[26478]: | required RSA CA is 'C=CA, 
ST=Yukon, O=Planyukon, OU=Administrator, CN=Planyukon Certificate Authority'
Oct  4 09:18:09 firewall pluto[26478]: | checking RSA keyid 'C=CA, 
ST=Yukon, O=Planyukon, OU=Network Admin, CN=Heidi Hansen' for match with 
'C=CA, ST=Yukon, O=Planyukon, OU=Network Admin, CN=Heidi Hansen'
Oct  4 09:18:09 firewall pluto[26478]: | trusted_ca_nss: trustee A = 
'C=CA, ST=Yukon, O=Planyukon, OU=Administrator, CN=Planyukon Certificate 
Authority'
Oct  4 09:18:09 firewall pluto[26478]: | trusted_ca_nss: trustor B = 
'C=CA, ST=Yukon, O=Planyukon, OU=Administrator, CN=Planyukon Certificate 
Authority'
Oct  4 09:18:09 firewall pluto[26478]: | key issuer CA is 'C=CA, 
ST=Yukon, O=Planyukon, OU=Administrator, CN=Planyukon Certificate Authority'
Oct  4 09:18:09 firewall pluto[26478]: | an RSA Sig check passed with 
*AwEAAaOut [remote certificates]
Oct  4 09:18:09 firewall pluto[26478]: |       #3 spent 0.372 
milliseconds in try_all_RSA_keys() trying a pubkey
Oct  4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3: 
Authenticated using RSA
Oct  4 09:18:09 firewall pluto[26478]: |     #3 spent 0.487 milliseconds 
in ikev2_verify_rsa_hash()
Oct  4 09:18:09 firewall pluto[26478]: | parent state #3: 
PARENT_R1(half-open IKE SA) => PARENT_R2(established IKE SA)
Oct  4 09:18:09 firewall pluto[26478]: | #3 will expire in 3600 seconds 
(policy doesn't allow re-key)
Oct  4 09:18:09 firewall pluto[26478]: | state #3 requesting 
EVENT_CRYPTO_TIMEOUT to be deleted
Oct  4 09:18:09 firewall pluto[26478]: | libevent_free: release 
ptr-libevent at 0x55d8599c5bf8
Oct  4 09:18:09 firewall pluto[26478]: | free_event_entry: release 
EVENT_CRYPTO_TIMEOUT-pe at 0x55d8599c5b88
Oct  4 09:18:09 firewall pluto[26478]: | event_schedule: new 
EVENT_SA_EXPIRE-pe at 0x55d8599c4868
Oct  4 09:18:09 firewall pluto[26478]: | inserting event 
EVENT_SA_EXPIRE, timeout in 3600 seconds for #3
Oct  4 09:18:09 firewall pluto[26478]: | libevent_malloc: new 
ptr-libevent at 0x55d8599b6b28 size 128
Oct  4 09:18:09 firewall pluto[26478]: | pstats #3 ikev2.ike established
Oct  4 09:18:09 firewall pluto[26478]: | **emit ISAKMP Message:
Oct  4 09:18:09 firewall pluto[26478]: |    initiator cookie:
Oct  4 09:18:09 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41
Oct  4 09:18:09 firewall pluto[26478]: |    responder cookie:
Oct  4 09:18:09 firewall pluto[26478]: |   e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_NONE (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    ISAKMP version: IKEv2 
version 2.0 (rfc4306/rfc5996) (0x20)
Oct  4 09:18:09 firewall pluto[26478]: |    exchange type: 
ISAKMP_v2_IKE_AUTH (0x23)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: 
ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
Oct  4 09:18:09 firewall pluto[26478]: |    Message ID: 1 (0x1)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: saving 
message location 'ISAKMP Message'.'next payload type'
Oct  4 09:18:09 firewall pluto[26478]: | IKEv2 CERT: send a certificate?
Oct  4 09:18:09 firewall pluto[26478]: | IKEv2 CERT: OK to send a 
certificate (always)
Oct  4 09:18:09 firewall pluto[26478]: | ***emit IKEv2 Encryption Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: setting 
previous 'ISAKMP Message'.'next payload type' to current IKEv2 
Encryption Payload (46:ISAKMP_NEXT_v2SK)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Encryption Payload'.'next payload type' in 'reply packet'
Oct  4 09:18:09 firewall pluto[26478]: | emitting 16 zero bytes of IV 
into IKEv2 Encryption Payload
Oct  4 09:18:09 firewall pluto[26478]: | Initiator child policy is 
compress=no, NOT sending v2N_IPCOMP_SUPPORTED
Oct  4 09:18:09 firewall pluto[26478]: | ****emit IKEv2 Identification - 
Responder - Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    ID type: ID_FQDN (0x2)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: setting 
previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2 
Identification - Responder - Payload (36:ISAKMP_NEXT_v2IDr)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Identification - Responder - Payload'.'next payload 
type' in 'reply packet'
Oct  4 09:18:09 firewall pluto[26478]: | emitting 21 raw bytes of my 
identity into IKEv2 Identification - Responder - Payload
Oct  4 09:18:09 firewall pluto[26478]: | my identity  66 69 72 65  77 61 
6c 6c  2e 70 6c 61  6e 79 75 6b
Oct  4 09:18:09 firewall pluto[26478]: | my identity  6f 6e 2e 63  61
Oct  4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2 
Identification - Responder - Payload: 29
Oct  4 09:18:09 firewall pluto[26478]: | assembled IDr payload
Oct  4 09:18:09 firewall pluto[26478]: | Sending [CERT] of certificate: 
E=bob at computerisms.ca,CN=firewall.planyukon.ca,OU=Administrator,O=Planyukon,ST=Yukon,C=CA
Oct  4 09:18:09 firewall pluto[26478]: | ****emit IKEv2 Certificate Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    ikev2 cert encoding: 
CERT_X509_SIGNATURE (0x4)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: setting 
previous 'IKEv2 Identification - Responder - Payload'.'next payload 
type' to current IKEv2 Certificate Payload (37:ISAKMP_NEXT_v2CERT)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Certificate Payload'.'next payload type' in 'reply packet'
Oct  4 09:18:09 firewall pluto[26478]: | emitting 1652 raw bytes of CERT 
into IKEv2 Certificate Payload
Oct  4 09:18:09 firewall pluto[26478]: | CERT  30 82 06 70  30 82 04 58 
a0 03 02 01  02 02 14 2f
Oct  4 09:18:09 firewall pluto[26478]: | CERT  07 7a 4c f0  e2 ee fe f8 
68 6f 6d 68  07 26 c0 40
Oct  4 09:18:09 firewall pluto[26478]: | CERT  68 4a bc 30  0d 06 09 2a 
86 48 86 f7  0d 01 01 05
Oct  4 09:18:09 firewall pluto[26478]: | CERT  05 00 30 73  31 0b 30 09 
06 03 55 04  06 13 02 43
Oct  4 09:18:09 firewall pluto[26478]: | CERT  41 31 0e 30  0c 06 03 55 
04 08 13 05  59 75 6b 6f
Oct  4 09:18:09 firewall pluto[26478]: | CERT  6e 31 12 30  10 06 03 55 
04 0a 13 09  50 6c 61 6e
Oct  4 09:18:09 firewall pluto[26478]: | CERT  79 75 6b 6f  6e 31 16 30 
14 06 03 55  04 0b 13 0d
Oct  4 09:18:09 firewall pluto[26478]: | CERT  41 64 6d 69  6e 69 73 74 
72 61 74 6f  72 31 28 30
Oct  4 09:18:09 firewall pluto[26478]: | CERT  26 06 03 55  04 03 13 1f 
50 6c 61 6e  79 75 6b 6f
Oct  4 09:18:09 firewall pluto[26478]: | CERT  6e 20 43 65  72 74 69 66 
69 63 61 74  65 20 41 75
Oct  4 09:18:09 firewall pluto[26478]: | CERT  74 68 6f 72  69 74 79 30 
1e 17 0d 31  39 30 38 32
Oct  4 09:18:09 firewall pluto[26478]: | CERT  31 30 34 34  30 35 31 5a 
17 0d 32 39  30 38 31 38
Oct  4 09:18:09 firewall pluto[26478]: | CERT  30 34 34 30  35 31 5a 30 
81 8d 31 0b  30 09 06 03
Oct  4 09:18:09 firewall pluto[26478]: | CERT  55 04 06 13  02 43 41 31 
0e 30 0c 06  03 55 04 08
Oct  4 09:18:09 firewall pluto[26478]: | CERT  13 05 59 75  6b 6f 6e 31 
12 30 10 06  03 55 04 0a
Oct  4 09:18:09 firewall pluto[26478]: | CERT  13 09 50 6c  61 6e 79 75 
6b 6f 6e 31  16 30 14 06
Oct  4 09:18:09 firewall pluto[26478]: | CERT  03 55 04 0b  13 0d 41 64 
6d 69 6e 69  73 74 72 61
Oct  4 09:18:09 firewall pluto[26478]: | CERT  74 6f 72 31  1e 30 1c 06 
03 55 04 03  13 15 66 69
Oct  4 09:18:09 firewall pluto[26478]: | CERT  72 65 77 61  6c 6c 2e 70 
6c 61 6e 79  75 6b 6f 6e
Oct  4 09:18:09 firewall pluto[26478]: | CERT  2e 63 61 31  22 30 20 06 
09 2a 86 48  86 f7 0d 01
Oct  4 09:18:09 firewall pluto[26478]: | CERT  09 01 16 13  62 6f 62 40 
63 6f 6d 70  75 74 65 72
Oct  4 09:18:09 firewall pluto[26478]: | CERT  69 73 6d 73  2e 63 61 30 
82 02 22 30  0d 06 09 2a
Oct  4 09:18:09 firewall pluto[26478]: | CERT  86 48 86 f7  0d 01 01 01 
05 00 03 82  02 0f 00 30
Oct  4 09:18:09 firewall pluto[26478]: | CERT  82 02 0a 02  82 02 01 00 
b3 d6 9c 4f  1c aa 52 fa
Oct  4 09:18:09 firewall pluto[26478]: | CERT  d9 e9 e1 e3  38 1c c8 6d 
27 e9 8b ee  59 72 c1 30
Oct  4 09:18:09 firewall pluto[26478]: | CERT  dd cc 4e cc  2d 72 3e d9 
51 75 0b 87  80 16 6d 5e
Oct  4 09:18:09 firewall pluto[26478]: | CERT  dc ad 03 eb  86 d5 50 b9 
10 c8 09 d6  ff 95 f1 e5
Oct  4 09:18:09 firewall pluto[26478]: | CERT  ea 18 76 65  7e 3d 6c 52 
82 72 26 94  1a 0d 9b 3e
Oct  4 09:18:09 firewall pluto[26478]: | CERT  6f 27 b9 0b  19 cd 00 73 
3d 08 4d 63  58 eb ec 0a
Oct  4 09:18:09 firewall pluto[26478]: | CERT  60 c3 2f c9  d3 5e f5 de 
dc 38 9c 68  93 d8 95 dc
Oct  4 09:18:09 firewall pluto[26478]: | CERT  94 06 6b 6e  97 b9 2d a3 
68 e7 84 80  9a 74 22 b9
Oct  4 09:18:09 firewall pluto[26478]: | CERT  c7 94 af c6  31 51 59 c2 
9f 11 5d f5  41 1b 62 78
Oct  4 09:18:09 firewall pluto[26478]: | CERT  e2 51 da 5b  08 4a cb 04 
b9 c6 d5 12  25 d0 54 97
Oct  4 09:18:09 firewall pluto[26478]: | CERT  bf 75 95 62  6e e8 91 11 
ea b7 4f ed  cb 4b 84 af
Oct  4 09:18:09 firewall pluto[26478]: | CERT  cf 4f f6 fe  ff 89 ce 72 
33 02 b1 92  ff 8c 23 f2
Oct  4 09:18:09 firewall pluto[26478]: | CERT  1e 33 f4 b3  0c fc 1c a3 
1d 65 76 c3  58 62 8a da
Oct  4 09:18:09 firewall pluto[26478]: | CERT  70 cb 08 15  0e a6 09 af 
c4 74 84 13  7c 29 48 4a
Oct  4 09:18:09 firewall pluto[26478]: | CERT  fe 3d 3c 22  b9 82 2f ce 
cf 26 ba 6a  c9 36 1a 34
Oct  4 09:18:09 firewall pluto[26478]: | CERT  9c 1f 3c 43  f8 6d f8 ec 
34 ad ab 9b  d6 48 ed 67
Oct  4 09:18:09 firewall pluto[26478]: | CERT  a5 c6 f9 3e  d8 af 26 a6 
21 3c e9 69  b8 95 50 0e
Oct  4 09:18:09 firewall pluto[26478]: | CERT  8e 6d 95 fb  e0 b8 c1 0a 
6f a4 ee eb  d7 05 0d 7f
Oct  4 09:18:09 firewall pluto[26478]: | CERT  91 3d 87 ae  64 12 09 7e 
7e 32 fb 68  ca 59 74 ac
Oct  4 09:18:09 firewall pluto[26478]: | CERT  20 d7 49 4e  24 d2 cf 03 
85 9d 10 5d  85 13 2a 1b
Oct  4 09:18:09 firewall pluto[26478]: | CERT  e9 1f 3f 51  65 be 93 b7 
4b 57 e8 b7  5c ac a5 42
Oct  4 09:18:09 firewall pluto[26478]: | CERT  98 cb 66 8b  9e ef 45 06 
1f 73 67 79  ef 2f 09 7a
Oct  4 09:18:09 firewall pluto[26478]: | CERT  98 98 7b 8a  79 82 16 aa 
ec 45 85 44  da c8 b3 69
Oct  4 09:18:09 firewall pluto[26478]: | CERT  5e 05 b9 21  ef e6 85 9f 
78 50 a5 4e  f3 e9 02 18
Oct  4 09:18:09 firewall pluto[26478]: | CERT  dd 33 59 9d  bc 52 3b 99 
f2 d2 10 b9  04 7e 89 fa
Oct  4 09:18:09 firewall pluto[26478]: | CERT  f2 9d ae 07  85 24 28 33 
18 f6 84 fe  c4 75 87 b1
Oct  4 09:18:09 firewall pluto[26478]: | CERT  af 61 39 43  d9 fa e2 32 
ee b0 ba df  01 21 d8 dd
Oct  4 09:18:09 firewall pluto[26478]: | CERT  46 e2 b0 bb  ab 67 63 e1 
90 21 30 f0  a0 ba 69 66
Oct  4 09:18:09 firewall pluto[26478]: | CERT  6a ee fa 0b  a0 bb e2 e8 
3e 02 63 ff  f9 42 66 5c
Oct  4 09:18:09 firewall pluto[26478]: | CERT  60 de 50 ee  20 1c 2d 47 
91 dd 87 e1  5e e0 50 35
Oct  4 09:18:09 firewall pluto[26478]: | CERT  df 17 a2 17  ec 55 46 60 
3f d4 35 f2  50 a6 b5 2f
Oct  4 09:18:09 firewall pluto[26478]: | CERT  13 15 53 34  97 8b 70 94 
9e c2 b2 cc  1d 46 9c e5
Oct  4 09:18:09 firewall pluto[26478]: | CERT  b5 f2 bc a1  c6 e3 77 29 
02 03 01 00  01 a3 81 e0
Oct  4 09:18:09 firewall pluto[26478]: | CERT  30 81 dd 30  09 06 03 55 
1d 13 04 02  30 00 30 1d
Oct  4 09:18:09 firewall pluto[26478]: | CERT  06 03 55 1d  0e 04 16 04 
14 2d 70 5f  7a 94 95 51
Oct  4 09:18:09 firewall pluto[26478]: | CERT  2e 71 80 5f  11 b2 6d 07 
70 59 ad 19  b1 30 1f 06
Oct  4 09:18:09 firewall pluto[26478]: | CERT  03 55 1d 23  04 18 30 16 
80 14 58 46  ff be 1e 7c
Oct  4 09:18:09 firewall pluto[26478]: | CERT  c5 3c 97 24  9b 56 06 16 
f9 a5 0f 20  13 f4 30 4c
Oct  4 09:18:09 firewall pluto[26478]: | CERT  06 03 55 1d  1f 04 45 30 
43 30 41 a0  3f a0 3d 86
Oct  4 09:18:09 firewall pluto[26478]: | CERT  3b 68 74 74  70 3a 2f 2f 
63 72 6c 2e  70 6c 61 6e
Oct  4 09:18:09 firewall pluto[26478]: | CERT  79 75 6b 6f  6e 2e 63 61 
2f 50 6c 61  6e 79 75 6b
Oct  4 09:18:09 firewall pluto[26478]: | CERT  6f 6e 2e 43  65 72 74 69 
66 69 63 61  74 65 2e 41
Oct  4 09:18:09 firewall pluto[26478]: | CERT  75 74 68 6f  72 69 74 79 
2e 63 72 6c  30 20 06 03
Oct  4 09:18:09 firewall pluto[26478]: | CERT  55 1d 11 04  19 30 17 82 
15 66 69 72  65 77 61 6c
Oct  4 09:18:09 firewall pluto[26478]: | CERT  6c 2e 70 6c  61 6e 79 75 
6b 6f 6e 2e  63 61 30 13
Oct  4 09:18:09 firewall pluto[26478]: | CERT  06 03 55 1d  25 04 0c 30 
0a 06 08 2b  06 01 05 05
Oct  4 09:18:09 firewall pluto[26478]: | CERT  07 03 01 30  0b 06 03 55 
1d 0f 04 04  03 02 01 e6
Oct  4 09:18:09 firewall pluto[26478]: | CERT  30 0d 06 09  2a 86 48 86 
f7 0d 01 01  05 05 00 03
Oct  4 09:18:09 firewall pluto[26478]: | CERT  82 02 01 00  a0 1f 51 9c 
08 da 38 de  88 64 a2 0a
Oct  4 09:18:09 firewall pluto[26478]: | CERT  09 70 e4 ca  b6 1e 62 f7 
b0 92 9b c3  7e fd 89 e4
Oct  4 09:18:09 firewall pluto[26478]: | CERT  63 da 75 ac  74 ba 11 58 
a3 a4 a5 74  3a 19 a1 9c
Oct  4 09:18:09 firewall pluto[26478]: | CERT  68 10 28 6d  14 ff 15 e8 
bd ae ad dd  44 80 37 d6
Oct  4 09:18:09 firewall pluto[26478]: | CERT  fd 1a d9 c5  ee 0d 90 56 
f6 21 d8 1d  3b eb 7b 27
Oct  4 09:18:09 firewall pluto[26478]: | CERT  e2 1f 7a df  07 04 f9 28 
f6 da d7 f5  fe 4e 64 f0
Oct  4 09:18:09 firewall pluto[26478]: | CERT  b2 59 aa be  63 f0 67 3f 
2a 7d b4 14  f9 4a 7f c7
Oct  4 09:18:09 firewall pluto[26478]: | CERT  b0 62 ca 05  66 73 c2 c9 
b1 c3 d8 b8  46 de 6c 6a
Oct  4 09:18:09 firewall pluto[26478]: | CERT  27 d0 ea 21  50 d7 7e 98 
ff 74 55 c3  2a e8 93 f5
Oct  4 09:18:09 firewall pluto[26478]: | CERT  7f ec 4c dc  ff c8 06 33 
06 01 34 ee  d9 cd 7c 08
Oct  4 09:18:09 firewall pluto[26478]: | CERT  70 5d cd 05  8d 36 8f 9a 
35 f6 7d 0a  71 9b 6f d2
Oct  4 09:18:09 firewall pluto[26478]: | CERT  db 0c b6 bc  14 42 1e b3 
c0 d2 13 b6  a7 be cc e6
Oct  4 09:18:09 firewall pluto[26478]: | CERT  e4 ce ee 68  55 34 47 4f 
a3 8c 0d b8  c7 17 e9 9b
Oct  4 09:18:09 firewall pluto[26478]: | CERT  d7 9d b0 d7  71 71 39 e3 
5b 39 b4 8c  be 8b 44 6d
Oct  4 09:18:09 firewall pluto[26478]: | CERT  1e 67 60 9c  20 d3 60 8e 
ce e8 c3 6b  d7 3a e1 b5
Oct  4 09:18:09 firewall pluto[26478]: | CERT  24 06 4a 70  8c ea be 27 
0c 4b 94 df  f9 67 e6 f8
Oct  4 09:18:09 firewall pluto[26478]: | CERT  67 8e d8 fd  2e e5 95 73 
97 6f 2d 6f  33 1c 56 21
Oct  4 09:18:09 firewall pluto[26478]: | CERT  a1 2b a3 53  c5 e0 0a 16 
63 3b 85 41  1d 1f 0f 1a
Oct  4 09:18:09 firewall pluto[26478]: | CERT  3a 90 1a 7c  ee 1f 68 b8 
f4 e6 d6 3f  c2 4c 2d 95
Oct  4 09:18:09 firewall pluto[26478]: | CERT  94 15 00 ce  40 41 c1 7e 
ec 9d 0b a3  04 60 10 e5
Oct  4 09:18:09 firewall pluto[26478]: | CERT  ce 77 3b 25  04 66 d4 1b 
53 75 4a 52  1d 12 36 02
Oct  4 09:18:09 firewall pluto[26478]: | CERT  4f f2 68 0c  86 37 0a 7a 
8b 1e f1 1b  79 a3 e2 55
Oct  4 09:18:09 firewall pluto[26478]: | CERT  08 b4 b3 97  0f 0c 8b 69 
10 ee 2f 0e  7c a9 9e 9e
Oct  4 09:18:09 firewall pluto[26478]: | CERT  f8 29 6d e6  65 2e 51 ae 
64 ab 15 e1  ed 66 f3 4e
Oct  4 09:18:09 firewall pluto[26478]: | CERT  e8 1b fd 95  34 2e 99 42 
0f c9 e1 d5  35 24 3e 0a
Oct  4 09:18:09 firewall pluto[26478]: | CERT  07 4c 80 3f  31 b4 1e f6 
a1 e2 88 a0  b4 aa 49 ae
Oct  4 09:18:09 firewall pluto[26478]: | CERT  6c 90 33 9d  8a 8f 0b b6 
df d2 35 b5  73 72 d6 44
Oct  4 09:18:09 firewall pluto[26478]: | CERT  be 6b 68 d2  5f 03 e2 2b 
3e 29 0e e0  2a ca f0 ff
Oct  4 09:18:09 firewall pluto[26478]: | CERT  4b c9 6d 92  d3 63 dd 5b 
a3 a2 64 d1  f4 97 be 01
Oct  4 09:18:09 firewall pluto[26478]: | CERT  f2 c1 8f d3  6c b7 28 f9 
fa 89 1f 45  bc 96 46 41
Oct  4 09:18:09 firewall pluto[26478]: | CERT  3e 3d a9 4a  29 28 72 55 
07 c7 28 49  a8 a8 90 3c
Oct  4 09:18:09 firewall pluto[26478]: | CERT  95 ab 30 0a  42 71 e1 a9 
05 2c ba 15  e8 fc 7b 6a
Oct  4 09:18:09 firewall pluto[26478]: | CERT  27 13 96 8d
Oct  4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2 
Certificate Payload: 1657
Oct  4 09:18:09 firewall pluto[26478]: | CHILD SA proposals received
Oct  4 09:18:09 firewall pluto[26478]: | going to assemble AUTH payload
Oct  4 09:18:09 firewall pluto[26478]: | ****emit IKEv2 Authentication 
Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2CP (0x2f)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    auth method: IKEv2_AUTH_RSA 
(0x1)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: ignoring 
supplied 'IKEv2 Authentication Payload'.'next payload type' value 
47:ISAKMP_NEXT_v2CP
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: setting 
previous 'IKEv2 Certificate Payload'.'next payload type' to current 
IKEv2 Authentication Payload (39:ISAKMP_NEXT_v2AUTH)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Authentication Payload'.'next payload type' in 'reply 
packet'
Oct  4 09:18:09 firewall pluto[26478]: |     #3 spent 1.19 milliseconds
Oct  4 09:18:09 firewall pluto[26478]: | started looking for secret for 
@firewall.planyukon.ca->C=CA, ST=Yukon, O=Planyukon, OU=Network Admin, 
CN=Heidi Hansen of kind PKK_RSA
Oct  4 09:18:09 firewall pluto[26478]: | searching for certificate 
PKK_RSA:AwEAAbPWn vs PKK_RSA:AwEAAbPWn
Oct  4 09:18:09 firewall pluto[26478]: |       #3 spent 22.6 
milliseconds in ikev2_calculate_rsa_hash() calling sign_hash_RSA()
Oct  4 09:18:09 firewall pluto[26478]: | emitting 512 raw bytes of rsa 
signature into IKEv2 Authentication Payload
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  72 74 d3 af  c2 
ae c6 95  2f 8b 31 0f  36 21 2c 17
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  75 bb 1b 56  1c 
1e 8b 1d  81 43 d0 b3  06 1f 33 be
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  1a 74 d0 4b  85 
1a 65 c7  65 a2 b1 e9  11 36 f2 0d
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  8e b2 c2 ab  6e 
26 2c 9b  0b ec 05 43  9a 3c 87 9c
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  4f ba 6f de  03 
56 98 e0  82 28 bc e1  86 6a 0e 69
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  37 db b4 bc  07 
51 9e c7  86 e9 4f 0c  01 40 12 95
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  f5 73 ab 7f  4c 
0f 56 2a  ef e3 58 28  68 5c 40 82
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  6f 86 1d b2  1c 
ce f6 0a  03 b6 a1 e0  80 bf 14 52
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  6d c7 dc 17  9c 
21 45 2b  ee c5 e2 a9  2d 02 1d 51
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  ca 1c 62 dc  c6 
af 22 a2  cc ec 8f 88  fd bb 48 73
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  cc 55 3e 9c  80 
a9 31 0c  50 c2 8c 30  34 a2 2f 8e
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  4d 70 6c 4d  dc 
ee 26 eb  d6 b8 7e bc  8a 24 75 d6
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  b1 b7 74 7e  c5 
3e 4b 42  85 58 01 1e  62 21 2a bc
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  55 fe 98 3d  3e 
42 a4 2b  5a 86 d2 8b  d8 81 42 fd
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  a0 6b 13 d9  15 
54 aa 7a  2f 59 4c 6b  10 e3 8a 11
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  45 75 73 bb  e4 
5e c9 29  1a 44 f8 49  bb c4 ae fd
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  46 6f ea 29  51 
ff 50 46  51 74 1a d8  7f 39 5d 67
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  9c e5 19 86  30 
dd 2f 79  f1 f3 b5 41  aa 59 b7 72
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  a3 3a 3c 5f  61 
f1 7e 18  0e 6f 03 84  d3 34 95 f9
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  92 37 93 cb  22 
c0 70 65  29 7f 67 94  d3 56 b1 a6
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  6c 13 d2 84  fc 
f5 4a 9b  14 4f 29 ca  c4 c4 c0 19
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  bb 9f 79 b1  cf 
f1 59 17  4f c4 3a 3e  cd 23 2c 11
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  db 71 b9 05  bd 
b9 9d ed  e4 68 6c 9b  ff ed 52 39
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  48 48 a3 10  c6 
0c 34 23  3c 92 b4 d2  01 83 6d 3e
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  86 84 d1 30  25 
4d 1d af  05 34 1c fd  99 cb 95 9d
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  c3 90 3a 7d  0a 
1b ef e1  f1 fa 0b d3  b7 1d 4e 0a
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  d9 b1 71 dc  ad 
23 e5 9c  e5 6e 02 5e  8d f8 18 84
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  5c 22 82 4f  13 
4f 0f 3e  9f 0d af c5  b1 5a 61 89
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  4b 36 15 3c  1e 
db 1f f6  15 59 94 0a  96 ea 0c 13
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  3a d5 f5 f8  49 
7a a4 a6  e7 a5 57 a0  97 eb e4 ef
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  16 5f bc de  c1 
29 dd 7e  c0 fd c0 d2  8a 9b 7e c2
Oct  4 09:18:09 firewall pluto[26478]: | rsa signature  7b c0 cc 6b  06 
30 d1 bf  38 d4 a2 9d  8c 61 e1 e3
Oct  4 09:18:09 firewall pluto[26478]: |     #3 spent 23.1 milliseconds 
in ikev2_calculate_rsa_hash()
Oct  4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2 
Authentication Payload: 520
Oct  4 09:18:09 firewall pluto[26478]: | request lease from addresspool 
10.25.0.2-10.25.0.19 reference count 2 thatid '' that.client.addr 10.25.0.2
Oct  4 09:18:09 firewall pluto[26478]: | addresspool can share this lease
Oct  4 09:18:09 firewall pluto[26478]: | in share_lease: found a 
lingering addresspool lease 10.25.0.2 refcnt 2 for 'C=CA, ST=Yukon, 
O=Planyukon, OU=Network Admin, CN=Heidi Hansen'
Oct  4 09:18:09 firewall pluto[26478]: | re-use lease 10.25.0.2 from 
addresspool 10.25.0.2-10.25.0.19 to that.client.addr 10.25.0.2 thatid 
'C=CA, ST=Yukon, O=Planyukon, OU=Network Admin, CN=Heidi Hansen'
Oct  4 09:18:09 firewall pluto[26478]: | creating state object #4 at 
0x55d8599c7288
Oct  4 09:18:09 firewall pluto[26478]: | State DB: adding state object #4
Oct  4 09:18:09 firewall pluto[26478]: | pstats #4 ikev2.child started
Oct  4 09:18:09 firewall pluto[26478]: | duplicating state object #3 
"rw-ikev2"[1] 50.117.137.129 as #4 for IPSEC SA
Oct  4 09:18:09 firewall pluto[26478]: | Send Configuration Payload reply
Oct  4 09:18:09 firewall pluto[26478]: | ****emit IKEv2 Configuration 
Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2SA (0x21)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    ikev2_cfg_type: 
IKEv2_CP_CFG_REPLY (0x2)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: ignoring 
supplied 'IKEv2 Configuration Payload'.'next payload type' value 
33:ISAKMP_NEXT_v2SA
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: setting 
previous 'IKEv2 Authentication Payload'.'next payload type' to current 
IKEv2 Configuration Payload (47:ISAKMP_NEXT_v2CP)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Configuration Payload'.'next payload type' in 'reply packet'
Oct  4 09:18:09 firewall pluto[26478]: | *****emit IKEv2 Configuration 
Payload Attribute:
Oct  4 09:18:09 firewall pluto[26478]: |    Attribute Type: 
IKEv2_INTERNAL_IP4_ADDRESS (0x1)
Oct  4 09:18:09 firewall pluto[26478]: | emitting 4 raw bytes of 
Internal IP Address into IKEv2 Configuration Payload Attribute
Oct  4 09:18:09 firewall pluto[26478]: | Internal IP Address  0a 19 00 02
Oct  4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2 
Configuration Payload Attribute: 4
Oct  4 09:18:09 firewall pluto[26478]: | *****emit IKEv2 Configuration 
Payload Attribute:
Oct  4 09:18:09 firewall pluto[26478]: |    Attribute Type: 
IKEv2_INTERNAL_IP4_DNS (0x3)
Oct  4 09:18:09 firewall pluto[26478]: | emitting 4 raw bytes of IP4_DNS 
into IKEv2 Configuration Payload Attribute
Oct  4 09:18:09 firewall pluto[26478]: | IP4_DNS  c0 a8 7e 0d
Oct  4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2 
Configuration Payload Attribute: 4
Oct  4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2 
Configuration Payload: 24
Oct  4 09:18:09 firewall pluto[26478]: | using existing local ESP/AH 
proposals for rw-ikev2 (IKE_AUTH responder matching remote ESP/AH 
proposals): 1:ESP:ENCR=AES_GCM_C_256;INTEG=NONE;ESN=DISABLED 
2:ESP:ENCR=AES_GCM_C_128;INTEG=NONE;ESN=DISABLED 
3:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;ESN=DISABLED 
4:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;ESN=DISABLED 
5:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA1_96;ESN=DISABLED
Oct  4 09:18:09 firewall pluto[26478]: | Comparing remote proposals 
against IKE_AUTH responder matching remote ESP/AH proposals 5 local 
proposals
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 1 type ENCR has 
1 transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 1 type PRF has 0 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 1 type INTEG has 
1 transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 1 type DH has 0 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 1 type ESN has 1 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 1 transforms: 
required: ENCR+ESN; optional: INTEG
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 2 type ENCR has 
1 transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 2 type PRF has 0 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 2 type INTEG has 
1 transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 2 type DH has 0 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 2 type ESN has 1 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 2 transforms: 
required: ENCR+ESN; optional: INTEG
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 3 type ENCR has 
1 transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 3 type PRF has 0 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 3 type INTEG has 
2 transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 3 type DH has 0 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 3 type ESN has 1 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 3 transforms: 
required: ENCR+INTEG+ESN; optional: none
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 4 type ENCR has 
1 transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 4 type PRF has 0 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 4 type INTEG has 
2 transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 4 type DH has 0 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 4 type ESN has 1 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 4 transforms: 
required: ENCR+INTEG+ESN; optional: none
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 5 type ENCR has 
1 transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 5 type PRF has 0 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 5 type INTEG has 
1 transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 5 type DH has 0 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 5 type ESN has 1 
transforms
Oct  4 09:18:09 firewall pluto[26478]: | local proposal 5 transforms: 
required: ENCR+INTEG+ESN; optional: none
Oct  4 09:18:09 firewall pluto[26478]: | ***parse IKEv2 Proposal 
Substructure Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    last proposal: 
v2_PROPOSAL_NON_LAST (0x2)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 40 (0x28)
Oct  4 09:18:09 firewall pluto[26478]: |    prop #: 1 (0x1)
Oct  4 09:18:09 firewall pluto[26478]: |    proto ID: 
IKEv2_SEC_PROTO_ESP (0x3)
Oct  4 09:18:09 firewall pluto[26478]: |    spi size: 4 (0x4)
Oct  4 09:18:09 firewall pluto[26478]: |    # transforms: 3 (0x3)
Oct  4 09:18:09 firewall pluto[26478]: | parsing 4 raw bytes of IKEv2 
Proposal Substructure Payload into remote SPI
Oct  4 09:18:09 firewall pluto[26478]: | remote SPI  57 ae 03 4e
Oct  4 09:18:09 firewall pluto[26478]: | Comparing remote proposal 1 
containing 3 transforms against local proposal [1..5] of 5 local proposals
Oct  4 09:18:09 firewall pluto[26478]: | ****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 12 (0xc)
Oct  4 09:18:09 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_ENCR (0x1)
Oct  4 09:18:09 firewall pluto[26478]: |    IKEv2 transform ID: AES_CBC 
(0xc)
Oct  4 09:18:09 firewall pluto[26478]: | *****parse IKEv2 Attribute 
Substructure Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    af+type: AF+IKEv2_KEY_LENGTH 
(0x800e)
Oct  4 09:18:09 firewall pluto[26478]: |    length/value: 256 (0x100)
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 0 
(ENCR=AES_CBC_256) matches local proposal 3 type 1 (ENCR) transform 0
Oct  4 09:18:09 firewall pluto[26478]: | ****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:09 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_INTEG (0x3)
Oct  4 09:18:09 firewall pluto[26478]: |    IKEv2 transform ID: 
AUTH_HMAC_SHA1_96 (0x2)
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 1 
(INTEG=HMAC_SHA1_96) matches local proposal 5 type 3 (INTEG) transform 0
Oct  4 09:18:09 firewall pluto[26478]: | ****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_LAST (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:09 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_ESN (0x5)
Oct  4 09:18:09 firewall pluto[26478]: |    IKEv2 transform ID: 
ESN_DISABLED (0x0)
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 2 
(ESN=DISABLED) matches local proposal 1 type 5 (ESN) transform 0
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 2 
(ESN=DISABLED) matches local proposal 2 type 5 (ESN) transform 0
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 2 
(ESN=DISABLED) matches local proposal 3 type 5 (ESN) transform 0
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 2 
(ESN=DISABLED) matches local proposal 4 type 5 (ESN) transform 0
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 1 transform 2 
(ESN=DISABLED) matches local proposal 5 type 5 (ESN) transform 0
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 1 proposed 
transforms: ENCR+INTEG+ESN; matched: ENCR+INTEG+ESN; unmatched: none
Oct  4 09:18:09 firewall pluto[26478]: | comparing remote proposal 1 
containing ENCR+INTEG+ESN transforms to local proposal 1; required: 
ENCR+ESN; optional: INTEG; matched: ESN
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 1 does not 
match local proposal 1; unmatched transforms: ENCR+INTEG; missing 
transforms: ENCR
Oct  4 09:18:09 firewall pluto[26478]: | comparing remote proposal 1 
containing ENCR+INTEG+ESN transforms to local proposal 2; required: 
ENCR+ESN; optional: INTEG; matched: ESN
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 1 does not 
match local proposal 2; unmatched transforms: ENCR+INTEG; missing 
transforms: ENCR
Oct  4 09:18:09 firewall pluto[26478]: | comparing remote proposal 1 
containing ENCR+INTEG+ESN transforms to local proposal 3; required: 
ENCR+INTEG+ESN; optional: none; matched: ENCR+ESN
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 1 does not 
match local proposal 3; unmatched transforms: INTEG; missing transforms: 
INTEG
Oct  4 09:18:09 firewall pluto[26478]: | comparing remote proposal 1 
containing ENCR+INTEG+ESN transforms to local proposal 4; required: 
ENCR+INTEG+ESN; optional: none; matched: ESN
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 1 does not 
match local proposal 4; unmatched transforms: ENCR+INTEG; missing 
transforms: ENCR+INTEG
Oct  4 09:18:09 firewall pluto[26478]: | comparing remote proposal 1 
containing ENCR+INTEG+ESN transforms to local proposal 5; required: 
ENCR+INTEG+ESN; optional: none; matched: INTEG+ESN
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 1 does not 
match local proposal 5; unmatched transforms: ENCR; missing transforms: ENCR
Oct  4 09:18:09 firewall pluto[26478]: | Remote proposal 1 matches no 
local proposals
Oct  4 09:18:09 firewall pluto[26478]: | ***parse IKEv2 Proposal 
Substructure Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    last proposal: 
v2_PROPOSAL_LAST (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 36 (0x24)
Oct  4 09:18:09 firewall pluto[26478]: |    prop #: 2 (0x2)
Oct  4 09:18:09 firewall pluto[26478]: |    proto ID: 
IKEv2_SEC_PROTO_ESP (0x3)
Oct  4 09:18:09 firewall pluto[26478]: |    spi size: 4 (0x4)
Oct  4 09:18:09 firewall pluto[26478]: |    # transforms: 3 (0x3)
Oct  4 09:18:09 firewall pluto[26478]: | parsing 4 raw bytes of IKEv2 
Proposal Substructure Payload into remote SPI
Oct  4 09:18:09 firewall pluto[26478]: | remote SPI  57 ae 03 4e
Oct  4 09:18:09 firewall pluto[26478]: | Comparing remote proposal 2 
containing 3 transforms against local proposal [1..5] of 5 local proposals
Oct  4 09:18:09 firewall pluto[26478]: | ****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:09 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_ENCR (0x1)
Oct  4 09:18:09 firewall pluto[26478]: |    IKEv2 transform ID: 3DES (0x3)
Oct  4 09:18:09 firewall pluto[26478]: | ****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_NON_LAST (0x3)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:09 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_INTEG (0x3)
Oct  4 09:18:09 firewall pluto[26478]: |    IKEv2 transform ID: 
AUTH_HMAC_SHA1_96 (0x2)
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 2 transform 1 
(INTEG=HMAC_SHA1_96) matches local proposal 5 type 3 (INTEG) transform 0
Oct  4 09:18:09 firewall pluto[26478]: | ****parse IKEv2 Transform 
Substructure Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    last transform: 
v2_TRANSFORM_LAST (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    length: 8 (0x8)
Oct  4 09:18:09 firewall pluto[26478]: |    IKEv2 transform type: 
TRANS_TYPE_ESN (0x5)
Oct  4 09:18:09 firewall pluto[26478]: |    IKEv2 transform ID: 
ESN_DISABLED (0x0)
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 2 transform 2 
(ESN=DISABLED) matches local proposal 1 type 5 (ESN) transform 0
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 2 transform 2 
(ESN=DISABLED) matches local proposal 2 type 5 (ESN) transform 0
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 2 transform 2 
(ESN=DISABLED) matches local proposal 3 type 5 (ESN) transform 0
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 2 transform 2 
(ESN=DISABLED) matches local proposal 4 type 5 (ESN) transform 0
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 2 transform 2 
(ESN=DISABLED) matches local proposal 5 type 5 (ESN) transform 0
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 2 proposed 
transforms: ENCR+INTEG+ESN; matched: INTEG+ESN; unmatched: ENCR
Oct  4 09:18:09 firewall pluto[26478]: | remote proposal 2 does not 
match; unmatched remote transforms: ENCR
Oct  4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3: 
no local proposal matches remote proposals 
1:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA1_96;ESN=DISABLED 
2:ESP:ENCR=3DES;INTEG=HMAC_SHA1_96;ESN=DISABLED
Oct  4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #3: 
IKE_AUTH responder matching remote ESP/AH proposals failed, responder SA 
processing returned STF_FAIL+v2N_NO_PROPOSAL_CHOSEN
Oct  4 09:18:09 firewall pluto[26478]: | ikev2_child_sa_respond returned 
STF_FAIL+v2N_NO_PROPOSAL_CHOSEN
Oct  4 09:18:09 firewall pluto[26478]: | 
ikev2_parent_inI2outR2_continue_tail returned 
STF_FAIL+v2N_NO_PROPOSAL_CHOSEN
Oct  4 09:18:09 firewall pluto[26478]: |     #3 spent 1.3 milliseconds
Oct  4 09:18:09 firewall pluto[26478]: |   #3 spent 28.7 milliseconds in 
processing: Responder: process IKE_AUTH request
Oct  4 09:18:09 firewall pluto[26478]: | processing: suspend state #3 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:63837 (in 
complete_v2_state_transition() at ikev2.c:3157)
Oct  4 09:18:09 firewall pluto[26478]: | processing: start state #4 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:63837 (in 
complete_v2_state_transition() at ikev2.c:3157)
Oct  4 09:18:09 firewall pluto[26478]: | #4 complete v2 state transition 
from UNDEFINED md.from_state=PARENT_R1 svm.state=PARENT_R1 to V2_IPSEC_R 
with status STF_FAIL+v2N_NO_PROPOSAL_CHOSEN
Oct  4 09:18:09 firewall pluto[26478]: | sending a notification reply
Oct  4 09:18:09 firewall pluto[26478]: "rw-ikev2"[1] 50.117.137.129 #4: 
responding to IKE_AUTH message (ID 1) from 50.117.137.129:63837 with 
encrypted notification NO_PROPOSAL_CHOSEN
Oct  4 09:18:09 firewall pluto[26478]: | Opening output PBS encrypted 
notification
Oct  4 09:18:09 firewall pluto[26478]: | **emit ISAKMP Message:
Oct  4 09:18:09 firewall pluto[26478]: |    initiator cookie:
Oct  4 09:18:09 firewall pluto[26478]: |   be 61 b8 3c  91 27 58 41
Oct  4 09:18:09 firewall pluto[26478]: |    responder cookie:
Oct  4 09:18:09 firewall pluto[26478]: |   e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_NONE (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    ISAKMP version: IKEv2 
version 2.0 (rfc4306/rfc5996) (0x20)
Oct  4 09:18:09 firewall pluto[26478]: |    exchange type: 
ISAKMP_v2_IKE_AUTH (0x23)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: 
ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
Oct  4 09:18:09 firewall pluto[26478]: |    Message ID: 1 (0x1)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: saving 
message location 'ISAKMP Message'.'next payload type'
Oct  4 09:18:09 firewall pluto[26478]: | ***emit IKEv2 Encryption Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: setting 
previous 'ISAKMP Message'.'next payload type' to current IKEv2 
Encryption Payload (46:ISAKMP_NEXT_v2SK)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Encryption Payload'.'next payload type' in 'encrypted 
notification'
Oct  4 09:18:09 firewall pluto[26478]: | emitting 16 zero bytes of IV 
into IKEv2 Encryption Payload
Oct  4 09:18:09 firewall pluto[26478]: | Adding a v2N Payload
Oct  4 09:18:09 firewall pluto[26478]: | ****emit IKEv2 Notify Payload:
Oct  4 09:18:09 firewall pluto[26478]: |    next payload type: 
ISAKMP_NEXT_v2NONE (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    flags: none (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    Protocol ID: 
PROTO_v2_RESERVED (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    SPI size: 0 (0x0)
Oct  4 09:18:09 firewall pluto[26478]: |    Notify Message Type: 
v2N_NO_PROPOSAL_CHOSEN (0xe)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: setting 
previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2 
Notify Payload (41:ISAKMP_NEXT_v2N)
Oct  4 09:18:09 firewall pluto[26478]: | next payload chain: saving 
location 'IKEv2 Notify Payload'.'next payload type' in 'encrypted 
notification'
Oct  4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2 Notify 
Payload: 8
Oct  4 09:18:09 firewall pluto[26478]: | adding 8 bytes of padding 
(including 1 byte padding-length)
Oct  4 09:18:09 firewall pluto[26478]: | emitting 1 0x00 repeated bytes 
of padding and length into IKEv2 Encryption Payload
Oct  4 09:18:09 firewall pluto[26478]: | emitting 1 0x01 repeated bytes 
of padding and length into IKEv2 Encryption Payload
Oct  4 09:18:09 firewall pluto[26478]: | emitting 1 0x02 repeated bytes 
of padding and length into IKEv2 Encryption Payload
Oct  4 09:18:09 firewall pluto[26478]: | emitting 1 0x03 repeated bytes 
of padding and length into IKEv2 Encryption Payload
Oct  4 09:18:09 firewall pluto[26478]: | emitting 1 0x04 repeated bytes 
of padding and length into IKEv2 Encryption Payload
Oct  4 09:18:09 firewall pluto[26478]: | emitting 1 0x05 repeated bytes 
of padding and length into IKEv2 Encryption Payload
Oct  4 09:18:09 firewall pluto[26478]: | emitting 1 0x06 repeated bytes 
of padding and length into IKEv2 Encryption Payload
Oct  4 09:18:09 firewall pluto[26478]: | emitting 1 0x07 repeated bytes 
of padding and length into IKEv2 Encryption Payload
Oct  4 09:18:09 firewall pluto[26478]: | emitting 16 zero bytes of 
length of truncated HMAC/KEY into IKEv2 Encryption Payload
Oct  4 09:18:09 firewall pluto[26478]: | emitting length of IKEv2 
Encryption Payload: 52
Oct  4 09:18:09 firewall pluto[26478]: | emitting length of ISAKMP 
Message: 80
Oct  4 09:18:09 firewall pluto[26478]: | data being hmac:  be 61 b8 3c 
91 27 58 41  e8 c0 ee b0  3e 42 de 7e
Oct  4 09:18:09 firewall pluto[26478]: | data being hmac:  2e 20 23 20 
00 00 00 01  00 00 00 50  29 00 00 34
Oct  4 09:18:09 firewall pluto[26478]: | data being hmac:  db 2e 32 f7 
06 1d ce da  2e b1 23 79  a2 03 1f 06
Oct  4 09:18:09 firewall pluto[26478]: | data being hmac:  04 91 7d 66 
8b 0d d0 74  e5 f0 42 dd  60 79 f8 46
Oct  4 09:18:09 firewall pluto[26478]: | out calculated auth:
Oct  4 09:18:09 firewall pluto[26478]: |   3e 67 79 e9  d1 1b 40 39  4a 
10 62 00  dd ca a7 86
Oct  4 09:18:09 firewall pluto[26478]: | sending 84 bytes for v2 notify 
through enp3s0:4500 to 50.117.137.129:63837 (using #3)
Oct  4 09:18:09 firewall pluto[26478]: |   00 00 00 00  be 61 b8 3c  91 
27 58 41  e8 c0 ee b0
Oct  4 09:18:09 firewall pluto[26478]: |   3e 42 de 7e  2e 20 23 20  00 
00 00 01  00 00 00 50
Oct  4 09:18:09 firewall pluto[26478]: |   29 00 00 34  db 2e 32 f7  06 
1d ce da  2e b1 23 79
Oct  4 09:18:09 firewall pluto[26478]: |   a2 03 1f 06  04 91 7d 66  8b 
0d d0 74  e5 f0 42 dd
Oct  4 09:18:09 firewall pluto[26478]: |   60 79 f8 46  3e 67 79 e9  d1 
1b 40 39  4a 10 62 00
Oct  4 09:18:09 firewall pluto[26478]: |   dd ca a7 86
Oct  4 09:18:09 firewall pluto[26478]: | forcing #4 to a discard event
Oct  4 09:18:09 firewall pluto[26478]: | event_schedule: new 
EVENT_SO_DISCARD-pe at 0x55d8599a1168
Oct  4 09:18:09 firewall pluto[26478]: | inserting event 
EVENT_SO_DISCARD, timeout in 200 seconds for #4
Oct  4 09:18:09 firewall pluto[26478]: | libevent_malloc: new 
ptr-libevent at 0x55d8599c6ff8 size 128
Oct  4 09:18:09 firewall pluto[26478]: | state transition function for 
STATE_UNDEFINED failed: v2N_NO_PROPOSAL_CHOSEN
Oct  4 09:18:09 firewall pluto[26478]: | #3 spent 32.2 milliseconds in 
callback for work-order 4: compute dh (V2) (ikev2_inI2outR2 KE)
Oct  4 09:18:09 firewall pluto[26478]: | processing: stop state #4 
connection "rw-ikev2"[1] 50.117.137.129 50.117.137.129:63837 (in 
schedule_event_now_cb() at server.c:814)
Oct  4 09:18:09 firewall pluto[26478]: | stop executing now-event 
sending helper answer for #3
Oct  4 09:18:09 firewall pluto[26478]: | libevent_free: release 
ptr-libevent at 0x7f258801c268



On 2019-09-12 11:56 a.m., Nels Lindquist wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 2019/09/09 11:19 p.m., Computerisms Corporation wrote:
>> Greetings Gurus,
>>
>> Having updated a good number of my firewalls to debian bullseye
>> and libreswan 3.29, seemed reasonable to continue the quest.
> 
> What version were you upgrading from?  Was it older than 3.28?
> 
>> Then I came across one that has had me stumped for a while now.
>>
>> Windows 10 gives policy match error, and libreswan logs gives a
>> no-proposal-chosen error.  I found and read lots of stuff that is
>> pretty much all just details to this entry on the wiki:
>>
>> https://libreswan.org/wiki/FAQ#Microsoft_Windows_connection_attempts_fail_with_NO_POROPOSAL_CHOSEN
>>
>>   I have tried the registry entry, I have tried the ike= and esp=
>> entries, as well as some entries that have worked in the past for
>> me.
>>
>> Have tried removing libreswan entirely and recompiling and
>> reinstalling, just in case a sun spot did something during the
>> initial install.
>>
>> Wondering if any one has any other suggestions as to what the
>> hiccup might be?
> 
> After upgrading from an older version of libreswan I experienced
> similar problems with Windows.
> 
> I noted the following in CHANGES from the v3.28 release:
> 
>> * IKE: Change default connection from IKEv1 to IKEv2 [Paul]
> 
> I then included an "ikev2=no" directive in my Windows-related
> configurations, and everything started working for me again.
> 
> - ----
> Nels Lindquist
> <nlindq at maei.ca>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
> 
> iEYEARECAAYFAl16lM8ACgkQh6z5POoOLgTpBgCfeAMo0ml+Gs/aebVaDcGkPQFF
> NkcAoIjMu3HBSQRUYFfa21lMKQW8hgbU
> =V4Pq
> -----END PGP SIGNATURE-----
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
> 


More information about the Swan mailing list