[Swan] no (wildcard) connection has been configured with policy PSK+AGGRESSIVE+IKEV1_ALLOW
1one.w01f
dev.1one.w01f at gmail.com
Sun Mar 13 15:28:57 EET 2022
In case it'd be useful, here's the entirty of the libreswan log:
Mar 13 16:19:04.307781: NSS DB directory: sql:/var/lib/ipsec/nss
Mar 13 16:19:04.307880: Initializing NSS
Mar 13 16:19:04.307888: Opening NSS database
"sql:/var/lib/ipsec/nss" read-only
Mar 13 16:19:04.309730: NSS initialized
Mar 13 16:19:04.309744: NSS crypto library initialized
Mar 13 16:19:04.309748: FIPS HMAC integrity support [disabled]
Mar 13 16:19:04.309842: libcap-ng support [enabled]
Mar 13 16:19:04.309852: Linux audit support [enabled]
Mar 13 16:19:04.309865: Linux audit activated
Mar 13 16:19:04.309870: Starting Pluto (Libreswan Version 3.29
XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec
profile) DNSSEC SYSTEMD_WATCHDOG LABELED_IPSEC LIBCAP_NG LINUX_AUDIT
XAUTH_PAM NETWORKMANAGER CURL(non-NSS) LDAP(non-NSS)) pid:49078
Mar 13 16:19:04.309874: core dump dir: /run/pluto
Mar 13 16:19:04.309877: secrets file: /etc/ipsec.secrets
Mar 13 16:19:04.309880: leak-detective enabled
Mar 13 16:19:04.309883: NSS crypto [enabled]
Mar 13 16:19:04.309886: XAUTH PAM support [enabled]
Mar 13 16:19:04.309935: | libevent is using pluto's memory allocator
Mar 13 16:19:04.309944: Initializing libevent in pthreads mode:
headers: 2.1.11-stable (2010b00); library: 2.1.11-stable (2010b00)
Mar 13 16:19:04.309950: | libevent_malloc: new
ptr-libevent at 0x5562e6fd6e38 size 40
Mar 13 16:19:04.309954: | libevent_malloc: new
ptr-libevent at 0x5562e6fd68c8 size 40
Mar 13 16:19:04.309957: | libevent_malloc: new
ptr-libevent at 0x5562e6fd6fe8 size 40
Mar 13 16:19:04.309961: | creating event base
Mar 13 16:19:04.309964: | libevent_malloc: new
ptr-libevent at 0x5562e6fd8258 size 56
Mar 13 16:19:04.309968: | libevent_malloc: new
ptr-libevent at 0x5562e6ffa3e8 size 664
Mar 13 16:19:04.309980: | libevent_malloc: new
ptr-libevent at 0x5562e6ffa6b8 size 24
Mar 13 16:19:04.309985: | libevent_malloc: new
ptr-libevent at 0x5562e6ffa708 size 384
Mar 13 16:19:04.309998: | libevent_malloc: new
ptr-libevent at 0x5562e6ff9f98 size 16
Mar 13 16:19:04.310003: | libevent_malloc: new
ptr-libevent at 0x5562e6fd9648 size 40
Mar 13 16:19:04.310006: | libevent_malloc: new
ptr-libevent at 0x5562e6fd6f58 size 48
Mar 13 16:19:04.310013: | libevent_realloc: new
ptr-libevent at 0x5562e6fdafa8 size 256
Mar 13 16:19:04.310017: | libevent_malloc: new
ptr-libevent at 0x5562e6ffa8b8 size 16
Mar 13 16:19:04.310024: | libevent_free: release
ptr-libevent at 0x5562e6fd8258
Mar 13 16:19:04.310028: | libevent initialized
Mar 13 16:19:04.310043: | init_nat_traversal() initialized with
keep_alive=0s
Mar 13 16:19:04.310048: NAT-Traversal support [enabled]
Mar 13 16:19:04.310052: | global one-shot timer
EVENT_NAT_T_KEEPALIVE initialized
Mar 13 16:19:04.310062: | global one-shot timer
EVENT_FREE_ROOT_CERTS initialized
Mar 13 16:19:04.310066: | libevent_realloc: new
ptr-libevent at 0x5562e6fd7d18 size 64
Mar 13 16:19:04.310071: | global periodic timer EVENT_REINIT_SECRET
enabled with interval of 3600 seconds
Mar 13 16:19:04.310110: | global one-shot timer EVENT_REVIVE_CONNS
initialized
Mar 13 16:19:04.310114: | global periodic timer EVENT_PENDING_DDNS
enabled with interval of 60 seconds
Mar 13 16:19:04.310118: | global periodic timer EVENT_PENDING_PHASE2
enabled with interval of 120 seconds
Mar 13 16:19:04.310135: Encryption algorithms:
Mar 13 16:19:04.310144: AES_CCM_16 IKEv1: ESP
IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c
Mar 13 16:19:04.310149: AES_CCM_12 IKEv1: ESP
IKEv2: ESP FIPS {256,192,*128} aes_ccm_b
Mar 13 16:19:04.310153: AES_CCM_8 IKEv1: ESP
IKEv2: ESP FIPS {256,192,*128} aes_ccm_a
Mar 13 16:19:04.310157: 3DES_CBC IKEv1: IKE ESP
IKEv2: IKE ESP FIPS [*192] 3des
Mar 13 16:19:04.310160: CAMELLIA_CTR IKEv1: ESP
IKEv2: ESP {256,192,*128}
Mar 13 16:19:04.310164: CAMELLIA_CBC IKEv1: IKE ESP
IKEv2: IKE ESP {256,192,*128} camellia
Mar 13 16:19:04.310168: AES_GCM_16 IKEv1: ESP
IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c
Mar 13 16:19:04.310172: AES_GCM_12 IKEv1: ESP
IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b
Mar 13 16:19:04.310184: AES_GCM_8 IKEv1: ESP
IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a
Mar 13 16:19:04.310188: AES_CTR IKEv1: IKE ESP
IKEv2: IKE ESP FIPS {256,192,*128} aesctr
Mar 13 16:19:04.310193: AES_CBC IKEv1: IKE ESP
IKEv2: IKE ESP FIPS {256,192,*128} aes
Mar 13 16:19:04.310196: SERPENT_CBC IKEv1: IKE ESP
IKEv2: IKE ESP {256,192,*128} serpent
Mar 13 16:19:04.310200: TWOFISH_CBC IKEv1: IKE ESP
IKEv2: IKE ESP {256,192,*128} twofish
Mar 13 16:19:04.310204: TWOFISH_SSH IKEv1: IKE
IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh
Mar 13 16:19:04.310208: NULL_AUTH_AES_GMAC IKEv1: ESP
IKEv2: ESP FIPS {256,192,*128} aes_gmac
Mar 13 16:19:04.310212: NULL IKEv1: ESP
IKEv2: ESP []
Mar 13 16:19:04.310216: CHACHA20_POLY1305 IKEv1:
IKEv2: IKE ESP [*256] chacha20poly1305
Mar 13 16:19:04.310221: Hash algorithms:
Mar 13 16:19:04.310225: MD5 IKEv1: IKE
IKEv2:
Mar 13 16:19:04.310228: SHA1 IKEv1: IKE
IKEv2: FIPS sha
Mar 13 16:19:04.310232: SHA2_256 IKEv1: IKE
IKEv2: FIPS sha2, sha256
Mar 13 16:19:04.310235: SHA2_384 IKEv1: IKE
IKEv2: FIPS sha384
Mar 13 16:19:04.310238: SHA2_512 IKEv1: IKE
IKEv2: FIPS sha512
Mar 13 16:19:04.310245: PRF algorithms:
Mar 13 16:19:04.310249: HMAC_MD5 IKEv1: IKE
IKEv2: IKE md5
Mar 13 16:19:04.310252: HMAC_SHA1 IKEv1: IKE
IKEv2: IKE FIPS sha, sha1
Mar 13 16:19:04.310256: HMAC_SHA2_256 IKEv1: IKE
IKEv2: IKE FIPS sha2, sha256, sha2_256
Mar 13 16:19:04.310259: HMAC_SHA2_384 IKEv1: IKE
IKEv2: IKE FIPS sha384, sha2_384
Mar 13 16:19:04.310263: HMAC_SHA2_512 IKEv1: IKE
IKEv2: IKE FIPS sha512, sha2_512
Mar 13 16:19:04.310266: AES_XCBC IKEv1: IKEv2:
IKE aes128_xcbc
Mar 13 16:19:04.310277: Integrity algorithms:
Mar 13 16:19:04.310281: HMAC_MD5_96 IKEv1: IKE ESP AH
IKEv2: IKE ESP AH md5, hmac_md5
Mar 13 16:19:04.310285: HMAC_SHA1_96 IKEv1: IKE ESP AH
IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1
Mar 13 16:19:04.310288: HMAC_SHA2_512_256 IKEv1: IKE ESP AH
IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512
Mar 13 16:19:04.310292: HMAC_SHA2_384_192 IKEv1: IKE ESP AH
IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384
Mar 13 16:19:04.310296: HMAC_SHA2_256_128 IKEv1: IKE ESP AH
IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128,
hmac_sha2_256
Mar 13 16:19:04.310299: HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH
IKEv2: AH
Mar 13 16:19:04.310302: AES_XCBC_96 IKEv1: ESP AH
IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96
Mar 13 16:19:04.310306: AES_CMAC_96 IKEv1: ESP AH
IKEv2: ESP AH FIPS aes_cmac
Mar 13 16:19:04.310309: NONE IKEv1: ESP
IKEv2: IKE ESP FIPS null
Mar 13 16:19:04.310317: DH algorithms:
Mar 13 16:19:04.310320: NONE IKEv1: IKEv2: IKE ESP AH
FIPS null, dh0
Mar 13 16:19:04.310324: MODP1024 IKEv1: IKE ESP AH
IKEv2: IKE ESP AH dh2
Mar 13 16:19:04.310327: MODP1536 IKEv1: IKE ESP AH
IKEv2: IKE ESP AH dh5
Mar 13 16:19:04.310331: MODP2048 IKEv1: IKE ESP AH
IKEv2: IKE ESP AH FIPS dh14
Mar 13 16:19:04.310334: MODP3072 IKEv1: IKE ESP AH
IKEv2: IKE ESP AH FIPS dh15
Mar 13 16:19:04.310338: MODP4096 IKEv1: IKE ESP AH
IKEv2: IKE ESP AH FIPS dh16
Mar 13 16:19:04.310345: MODP6144 IKEv1: IKE ESP AH
IKEv2: IKE ESP AH FIPS dh17
Mar 13 16:19:04.310349: MODP8192 IKEv1: IKE ESP AH
IKEv2: IKE ESP AH FIPS dh18
Mar 13 16:19:04.310352: DH19 IKEv1: IKE
IKEv2: IKE ESP AH FIPS ecp_256, ecp256
Mar 13 16:19:04.310356: DH20 IKEv1: IKE
IKEv2: IKE ESP AH FIPS ecp_384, ecp384
Mar 13 16:19:04.310359: DH21 IKEv1: IKE
IKEv2: IKE ESP AH FIPS ecp_521, ecp521
Mar 13 16:19:04.310363: DH31 IKEv1: IKE
IKEv2: IKE ESP AH curve25519
Mar 13 16:19:04.312005: 8 CPU cores online
Mar 13 16:19:04.312014: starting up 7 crypto helpers
Mar 13 16:19:04.312055: started thread for crypto helper 0
Mar 13 16:19:04.312082: started thread for crypto helper 1
Mar 13 16:19:04.312102: | starting up helper thread 0
Mar 13 16:19:04.312121: seccomp security for crypto helper not supported
Mar 13 16:19:04.312112: started thread for crypto helper 2
Mar 13 16:19:04.312129: | status value returned by setting the
priority of this thread (crypto helper 0) 22
Mar 13 16:19:04.312141: | crypto helper 0 waiting (nothing to do)
Mar 13 16:19:04.312128: | starting up helper thread 1
Mar 13 16:19:04.312154: | starting up helper thread 2
Mar 13 16:19:04.312172: seccomp security for crypto helper not supported
Mar 13 16:19:04.312178: | status value returned by setting the
priority of this thread (crypto helper 2) 22
Mar 13 16:19:04.312182: | crypto helper 2 waiting (nothing to do)
Mar 13 16:19:04.312204: | starting up helper thread 3
Mar 13 16:19:04.312158: seccomp security for crypto helper not supported
Mar 13 16:19:04.312220: seccomp security for crypto helper not supported
Mar 13 16:19:04.312234: | status value returned by setting the
priority of this thread (crypto helper 1) 22
Mar 13 16:19:04.312251: | crypto helper 1 waiting (nothing to do)
Mar 13 16:19:04.312246: | status value returned by setting the
priority of this thread (crypto helper 3) 22
Mar 13 16:19:04.312163: started thread for crypto helper 3
Mar 13 16:19:04.312310: started thread for crypto helper 4
Mar 13 16:19:04.312266: | crypto helper 3 waiting (nothing to do)
Mar 13 16:19:04.312340: started thread for crypto helper 5
Mar 13 16:19:04.312358: | starting up helper thread 4
Mar 13 16:19:04.312372: seccomp security for crypto helper not supported
Mar 13 16:19:04.312379: | status value returned by setting the
priority of this thread (crypto helper 4) 22
Mar 13 16:19:04.312383: | starting up helper thread 5
Mar 13 16:19:04.312398: seccomp security for crypto helper not supported
Mar 13 16:19:04.312405: | status value returned by setting the
priority of this thread (crypto helper 5) 22
Mar 13 16:19:04.312417: | starting up helper thread 6
Mar 13 16:19:04.312430: seccomp security for crypto helper not supported
Mar 13 16:19:04.312435: | status value returned by setting the
priority of this thread (crypto helper 6) 22
Mar 13 16:19:04.312386: | crypto helper 4 waiting (nothing to do)
Mar 13 16:19:04.312374: started thread for crypto helper 6
Mar 13 16:19:04.312473: | checking IKEv1 state table
Mar 13 16:19:04.312480: | MAIN_R0: category: half-open IKE SA
flags: 0:
Mar 13 16:19:04.312484: | -> MAIN_R1 EVENT_SO_DISCARD
Mar 13 16:19:04.312488: | MAIN_I1: category: half-open IKE SA
flags: 0:
Mar 13 16:19:04.312491: | -> MAIN_I2 EVENT_RETRANSMIT
Mar 13 16:19:04.312495: | MAIN_R1: category: open IKE SA flags: 200:
Mar 13 16:19:04.312498: | -> MAIN_R2 EVENT_RETRANSMIT
Mar 13 16:19:04.312500: | crypto helper 5 waiting (nothing to do)
Mar 13 16:19:04.312501: | -> UNDEFINED EVENT_RETRANSMIT
Mar 13 16:19:04.312522: | crypto helper 6 waiting (nothing to do)
Mar 13 16:19:04.312527: | -> UNDEFINED EVENT_RETRANSMIT
Mar 13 16:19:04.312540: | MAIN_I2: category: open IKE SA flags: 0:
Mar 13 16:19:04.312544: | -> MAIN_I3 EVENT_RETRANSMIT
Mar 13 16:19:04.312547: | -> UNDEFINED EVENT_RETRANSMIT
Mar 13 16:19:04.312550: | -> UNDEFINED EVENT_RETRANSMIT
Mar 13 16:19:04.312553: | MAIN_R2: category: open IKE SA flags: 0:
Mar 13 16:19:04.312562: | -> MAIN_R3 EVENT_SA_REPLACE
Mar 13 16:19:04.312566: | -> MAIN_R3 EVENT_SA_REPLACE
Mar 13 16:19:04.312569: | -> UNDEFINED EVENT_SA_REPLACE
Mar 13 16:19:04.312572: | MAIN_I3: category: open IKE SA flags: 0:
Mar 13 16:19:04.312575: | -> MAIN_I4 EVENT_SA_REPLACE
Mar 13 16:19:04.312579: | -> MAIN_I4 EVENT_SA_REPLACE
Mar 13 16:19:04.312582: | -> UNDEFINED EVENT_SA_REPLACE
Mar 13 16:19:04.312585: | MAIN_R3: category: established IKE SA
flags: 200:
Mar 13 16:19:04.312588: | -> UNDEFINED EVENT_NULL
Mar 13 16:19:04.312592: | MAIN_I4: category: established IKE SA
flags: 0:
Mar 13 16:19:04.312595: | -> UNDEFINED EVENT_NULL
Mar 13 16:19:04.312598: | AGGR_R0: category: half-open IKE SA
flags: 0:
Mar 13 16:19:04.312601: | -> AGGR_R1 EVENT_SO_DISCARD
Mar 13 16:19:04.312605: | AGGR_I1: category: half-open IKE SA
flags: 0:
Mar 13 16:19:04.312608: | -> AGGR_I2 EVENT_SA_REPLACE
Mar 13 16:19:04.312611: | -> AGGR_I2 EVENT_SA_REPLACE
Mar 13 16:19:04.312614: | AGGR_R1: category: open IKE SA flags: 200:
Mar 13 16:19:04.312617: | -> AGGR_R2 EVENT_SA_REPLACE
Mar 13 16:19:04.312620: | -> AGGR_R2 EVENT_SA_REPLACE
Mar 13 16:19:04.312624: | AGGR_I2: category: established IKE SA
flags: 200:
Mar 13 16:19:04.312627: | -> UNDEFINED EVENT_NULL
Mar 13 16:19:04.312630: | AGGR_R2: category: established IKE SA
flags: 0:
Mar 13 16:19:04.312633: | -> UNDEFINED EVENT_NULL
Mar 13 16:19:04.312636: | QUICK_R0: category: established CHILD SA
flags: 0:
Mar 13 16:19:04.312640: | -> QUICK_R1 EVENT_RETRANSMIT
Mar 13 16:19:04.312643: | QUICK_I1: category: established CHILD SA
flags: 0:
Mar 13 16:19:04.312646: | -> QUICK_I2 EVENT_SA_REPLACE
Mar 13 16:19:04.312650: | QUICK_R1: category: established CHILD SA
flags: 0:
Mar 13 16:19:04.312653: | -> QUICK_R2 EVENT_SA_REPLACE
Mar 13 16:19:04.312656: | QUICK_I2: category: established CHILD SA
flags: 200:
Mar 13 16:19:04.312659: | -> UNDEFINED EVENT_NULL
Mar 13 16:19:04.312662: | QUICK_R2: category: established CHILD SA
flags: 0:
Mar 13 16:19:04.312666: | -> UNDEFINED EVENT_NULL
Mar 13 16:19:04.312669: | INFO: category: informational flags: 0:
Mar 13 16:19:04.312672: | -> UNDEFINED EVENT_NULL
Mar 13 16:19:04.312675: | INFO_PROTECTED: category: informational
flags: 0:
Mar 13 16:19:04.312678: | -> UNDEFINED EVENT_NULL
Mar 13 16:19:04.312682: | XAUTH_R0: category: established IKE SA
flags: 0:
Mar 13 16:19:04.312685: | -> XAUTH_R1 EVENT_NULL
Mar 13 16:19:04.312688: | XAUTH_R1: category: established IKE SA
flags: 0:
Mar 13 16:19:04.312691: | -> MAIN_R3 EVENT_SA_REPLACE
Mar 13 16:19:04.312695: | MODE_CFG_R0: category: informational
flags: 0:
Mar 13 16:19:04.312698: | -> MODE_CFG_R1 EVENT_SA_REPLACE
Mar 13 16:19:04.312701: | MODE_CFG_R1: category: established IKE
SA flags: 0:
Mar 13 16:19:04.312704: | -> MODE_CFG_R2 EVENT_SA_REPLACE
Mar 13 16:19:04.312708: | MODE_CFG_R2: category: established IKE
SA flags: 0:
Mar 13 16:19:04.312711: | -> UNDEFINED EVENT_NULL
Mar 13 16:19:04.312714: | MODE_CFG_I1: category: established IKE
SA flags: 0:
Mar 13 16:19:04.312717: | -> MAIN_I4 EVENT_SA_REPLACE
Mar 13 16:19:04.312721: | XAUTH_I0: category: established IKE SA
flags: 0:
Mar 13 16:19:04.312724: | -> XAUTH_I1 EVENT_RETRANSMIT
Mar 13 16:19:04.312727: | XAUTH_I1: category: established IKE SA
flags: 0:
Mar 13 16:19:04.312730: | -> MAIN_I4 EVENT_RETRANSMIT
Mar 13 16:19:04.312737: | checking IKEv2 state table
Mar 13 16:19:04.312743: | PARENT_I0: category: ignore flags: 0:
Mar 13 16:19:04.312746: | -> PARENT_I1 EVENT_RETRANSMIT
send-request (initiate IKE_SA_INIT)
Mar 13 16:19:04.312750: | PARENT_I1: category: half-open IKE SA
flags: 0:
Mar 13 16:19:04.312754: | -> PARENT_I1 EVENT_RETAIN send-request
(Initiator: process SA_INIT reply notification)
Mar 13 16:19:04.312757: | -> PARENT_I2 EVENT_RETRANSMIT
send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH)
Mar 13 16:19:04.312761: | PARENT_I2: category: open IKE SA flags: 0:
Mar 13 16:19:04.312768: | -> PARENT_I2 EVENT_NULL (Initiator:
process INVALID_SYNTAX AUTH notification)
Mar 13 16:19:04.312771: | -> PARENT_I2 EVENT_NULL (Initiator:
process AUTHENTICATION_FAILED AUTH notification)
Mar 13 16:19:04.312775: | -> PARENT_I2 EVENT_NULL (Initiator:
process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification)
Mar 13 16:19:04.312778: | -> V2_IPSEC_I EVENT_SA_REPLACE
(Initiator: process IKE_AUTH response)
Mar 13 16:19:04.312782: | -> PARENT_I2 EVENT_NULL (IKE SA:
process IKE_AUTH response containing unknown notification)
Mar 13 16:19:04.312785: | PARENT_I3: category: established IKE SA
flags: 0:
Mar 13 16:19:04.312789: | -> PARENT_I3 EVENT_RETAIN (I3:
Informational Request)
Mar 13 16:19:04.312792: | -> PARENT_I3 EVENT_RETAIN (I3:
Informational Response)
Mar 13 16:19:04.312795: | -> PARENT_I3 EVENT_RETAIN (I3:
INFORMATIONAL Request)
Mar 13 16:19:04.312798: | -> PARENT_I3 EVENT_RETAIN (I3:
INFORMATIONAL Response)
Mar 13 16:19:04.312802: | PARENT_R1: category: half-open IKE SA
flags: 0:
Mar 13 16:19:04.312805: | -> PARENT_R1 EVENT_SA_REPLACE
send-request (Responder: process IKE_AUTH request (no SKEYSEED))
Mar 13 16:19:04.312809: | -> V2_IPSEC_R EVENT_SA_REPLACE
send-request (Responder: process IKE_AUTH request)
Mar 13 16:19:04.312812: | PARENT_R2: category: established IKE SA
flags: 0:
Mar 13 16:19:04.312816: | -> PARENT_R2 EVENT_RETAIN (R2: process
Informational Request)
Mar 13 16:19:04.312819: | -> PARENT_R2 EVENT_RETAIN (R2: process
Informational Response)
Mar 13 16:19:04.312822: | -> PARENT_R2 EVENT_RETAIN (R2: process
INFORMATIONAL Request)
Mar 13 16:19:04.312825: | -> PARENT_R2 EVENT_RETAIN (R2: process
INFORMATIONAL Response)
Mar 13 16:19:04.312829: | V2_CREATE_I0: category: established IKE
SA flags: 0:
Mar 13 16:19:04.312832: | -> V2_CREATE_I EVENT_RETRANSMIT
send-request (Initiate CREATE_CHILD_SA IPsec SA)
Mar 13 16:19:04.312836: | V2_CREATE_I: category: established IKE
SA flags: 0:
Mar 13 16:19:04.312839: | -> V2_IPSEC_I EVENT_SA_REPLACE
(Process CREATE_CHILD_SA IPsec SA Response)
Mar 13 16:19:04.312843: | V2_REKEY_IKE_I0: category: established
IKE SA flags: 0:
Mar 13 16:19:04.312846: | -> V2_REKEY_IKE_I EVENT_RETRANSMIT
send-request (Initiate CREATE_CHILD_SA IKE Rekey)
Mar 13 16:19:04.312850: | V2_REKEY_IKE_I: category: established
IKE SA flags: 0:
Mar 13 16:19:04.312853: | -> PARENT_I3 EVENT_SA_REPLACE (Process
CREATE_CHILD_SA IKE Rekey Response)
Mar 13 16:19:04.312857: | V2_REKEY_CHILD_I0: category: established
IKE SA flags: 0:
Mar 13 16:19:04.312860: | -> V2_REKEY_CHILD_I EVENT_RETRANSMIT
send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA)
Mar 13 16:19:04.312864: | V2_REKEY_CHILD_I: category: established
IKE SA flags: 0: <none>
Mar 13 16:19:04.312867: | V2_CREATE_R: category: established IKE
SA flags: 0:
Mar 13 16:19:04.312871: | -> V2_IPSEC_R EVENT_SA_REPLACE
send-request (Respond to CREATE_CHILD_SA IPsec SA Request)
Mar 13 16:19:04.312874: | V2_REKEY_IKE_R: category: established
IKE SA flags: 0:
Mar 13 16:19:04.312878: | -> PARENT_R2 EVENT_SA_REPLACE
send-request (Respond to CREATE_CHILD_SA IKE Rekey)
Mar 13 16:19:04.312881: | V2_REKEY_CHILD_R: category: established
IKE SA flags: 0: <none>
Mar 13 16:19:04.312885: | V2_IPSEC_I: category: established CHILD
SA flags: 0: <none>
Mar 13 16:19:04.312888: | V2_IPSEC_R: category: established CHILD
SA flags: 0: <none>
Mar 13 16:19:04.312892: | IKESA_DEL: category: established IKE SA
flags: 0:
Mar 13 16:19:04.312895: | -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL:
process INFORMATIONAL)
Mar 13 16:19:04.312899: | CHILDSA_DEL: category: informational
flags: 0: <none>
Mar 13 16:19:04.312902: | PARENT_R0: category: half-open IKE SA
flags: 0:
Mar 13 16:19:04.312905: | -> PARENT_R1 EVENT_SO_DISCARD
send-request (Respond to IKE_SA_INIT)
Mar 13 16:19:04.312916: Using Linux XFRM/NETKEY IPsec interface code
on 5.13.0-35-generic
Mar 13 16:19:04.312946: | Hard-wiring algorithms
Mar 13 16:19:04.312951: | adding AES_CCM_16 to kernel algorithm db
Mar 13 16:19:04.312958: | adding AES_CCM_12 to kernel algorithm db
Mar 13 16:19:04.312962: | adding AES_CCM_8 to kernel algorithm db
Mar 13 16:19:04.312965: | adding 3DES_CBC to kernel algorithm db
Mar 13 16:19:04.312969: | adding CAMELLIA_CBC to kernel algorithm db
Mar 13 16:19:04.312972: | adding AES_GCM_16 to kernel algorithm db
Mar 13 16:19:04.312975: | adding AES_GCM_12 to kernel algorithm db
Mar 13 16:19:04.312979: | adding AES_GCM_8 to kernel algorithm db
Mar 13 16:19:04.312982: | adding AES_CTR to kernel algorithm db
Mar 13 16:19:04.312985: | adding AES_CBC to kernel algorithm db
Mar 13 16:19:04.312988: | adding SERPENT_CBC to kernel algorithm db
Mar 13 16:19:04.312992: | adding TWOFISH_CBC to kernel algorithm db
Mar 13 16:19:04.312995: | adding NULL_AUTH_AES_GMAC to kernel
algorithm db
Mar 13 16:19:04.312998: | adding NULL to kernel algorithm db
Mar 13 16:19:04.313002: | adding CHACHA20_POLY1305 to kernel
algorithm db
Mar 13 16:19:04.313005: | adding HMAC_MD5_96 to kernel algorithm db
Mar 13 16:19:04.313009: | adding HMAC_SHA1_96 to kernel algorithm db
Mar 13 16:19:04.313012: | adding HMAC_SHA2_512_256 to kernel
algorithm db
Mar 13 16:19:04.313015: | adding HMAC_SHA2_384_192 to kernel
algorithm db
Mar 13 16:19:04.313019: | adding HMAC_SHA2_256_128 to kernel
algorithm db
Mar 13 16:19:04.313022: | adding HMAC_SHA2_256_TRUNCBUG to kernel
algorithm db
Mar 13 16:19:04.313025: | adding AES_XCBC_96 to kernel algorithm db
Mar 13 16:19:04.313028: | adding AES_CMAC_96 to kernel algorithm db
Mar 13 16:19:04.313032: | adding NONE to kernel algorithm db
Mar 13 16:19:04.313097: | global periodic timer EVENT_SHUNT_SCAN
enabled with interval of 20 seconds
Mar 13 16:19:04.313103: | setup kernel fd callback
Mar 13 16:19:04.313108: | pluto_event_add: new
KERNEL_XRM_FD-pe at 0x5562e6fd81e8
Mar 13 16:19:04.313112: | libevent_malloc: new
ptr-libevent at 0x5562e6fe33a8 size 128
Mar 13 16:19:04.313116: | libevent_malloc: new
ptr-libevent at 0x5562e6fffab8 size 16
Mar 13 16:19:04.313123: | pluto_event_add: new
KERNEL_ROUTE_FD-pe at 0x5562e6fd7098
Mar 13 16:19:04.313127: | libevent_malloc: new
ptr-libevent at 0x5562e6fe36a8 size 128
Mar 13 16:19:04.313130: | libevent_malloc: new
ptr-libevent at 0x5562e6fffa78 size 16
Mar 13 16:19:04.313303: | global one-shot timer EVENT_CHECK_CRLS
initialized
Mar 13 16:19:04.313309: selinux support is NOT enabled.
Mar 13 16:19:04.313327: systemd watchdog for ipsec service
configured with timeout of 200000000 usecs
Mar 13 16:19:04.313332: watchdog: sending probes every 100 secs
Mar 13 16:19:04.313335: | pluto_sd: executing action action:
start(2), status 0
Mar 13 16:19:04.313367: | global periodic timer EVENT_SD_WATCHDOG
enabled with interval of 100 seconds
Mar 13 16:19:04.314533: | unbound context created - setting debug
level to 5
Mar 13 16:19:04.314572: | /etc/hosts lookups activated
Mar 13 16:19:04.314591: | /etc/resolv.conf usage activated
Mar 13 16:19:04.314646: | outgoing-port-avoid set 0-65535
Mar 13 16:19:04.314672: | outgoing-port-permit set 32768-60999
Mar 13 16:19:04.314676: | Loading dnssec root key
from:/usr/share/dns/root.key
Mar 13 16:19:04.314680: | No additional dnssec trust anchors defined
via dnssec-trusted= option
Mar 13 16:19:04.314684: | Setting up events, loop start
Mar 13 16:19:04.314688: | pluto_event_add: new
PLUTO_CTL_FD-pe at 0x5562e6fd7188
Mar 13 16:19:04.314692: | libevent_malloc: new
ptr-libevent at 0x5562e700aac8 size 128
Mar 13 16:19:04.314696: | libevent_malloc: new
ptr-libevent at 0x5562e700c9e8 size 16
Mar 13 16:19:04.314704: | libevent_realloc: new
ptr-libevent at 0x5562e700e138 size 256
Mar 13 16:19:04.314709: | libevent_malloc: new
ptr-libevent at 0x5562e700e268 size 8
Mar 13 16:19:04.314713: | libevent_realloc: new
ptr-libevent at 0x5562e6fd94a8 size 144
Mar 13 16:19:04.314716: | libevent_malloc: new
ptr-libevent at 0x5562e6f77ef8 size 152
Mar 13 16:19:04.314721: | libevent_malloc: new
ptr-libevent at 0x5562e700e2a8 size 16
Mar 13 16:19:04.314727: | signal event handler PLUTO_SIGCHLD installed
Mar 13 16:19:04.314731: | libevent_malloc: new
ptr-libevent at 0x5562e700e2e8 size 8
Mar 13 16:19:04.314741: | libevent_malloc: new
ptr-libevent at 0x5562e6f77d28 size 152
Mar 13 16:19:04.314745: | signal event handler PLUTO_SIGTERM installed
Mar 13 16:19:04.314749: | libevent_malloc: new
ptr-libevent at 0x5562e700e328 size 8
Mar 13 16:19:04.314752: | libevent_malloc: new
ptr-libevent at 0x5562e6f75a98 size 152
Mar 13 16:19:04.314756: | signal event handler PLUTO_SIGHUP installed
Mar 13 16:19:04.315143: | created addconn helper (pid:49086) using
fork+execve
Mar 13 16:19:04.315165: | forked child 49086
Mar 13 16:19:04.315183: seccomp security not supported
Mar 13 16:19:04.319073: | accept(whackctlfd, (struct sockaddr
*)&whackaddr, &whackaddrlen) -> fd at 14 (in whack_handle() at
rcv_whack.c:717)
Mar 13 16:19:04.319115: | Added new connection xauth-psk with policy
PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+AGGRESSIVE+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
Mar 13 16:19:04.319125: | counting wild cards for
<server.address.redacted> is 0
Mar 13 16:19:04.319130: | counting wild cards for (none) is 15
Mar 13 16:19:04.319135: | add new addresspool to global pools
10.231.247.10-10.231.247.254 size 245 ptr 0x5562e700ea08
Mar 13 16:19:04.319141: | based upon policy, the connection is a
template.
Mar 13 16:19:04.319145: | reference addresspool of conn xauth-psk[0]
kind CK_TEMPLATE refcnt 0
Mar 13 16:19:04.319149: added connection description "xauth-psk"
Mar 13 16:19:04.319161: | ike_life: 3600s; ipsec_life: 28800s;
rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window:
32; policy:
PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+AGGRESSIVE+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
Mar 13 16:19:04.319172: |
0.0.0.0/0===<server.address.redacted><<server.address.redacted>>[MS+XS+S=C]...%any[+MC+XC+S=C]
Mar 13 16:19:04.319181: | close_any(fd at 14) (in whack_process() at
rcv_whack.c:698)
Mar 13 16:19:04.319260: | accept(whackctlfd, (struct sockaddr
*)&whackaddr, &whackaddrlen) -> fd at 14 (in whack_handle() at
rcv_whack.c:717)
Mar 13 16:19:04.319282: | pluto_sd: executing action action:
reloading(4), status 0
Mar 13 16:19:04.319318: listening for IKE messages
Mar 13 16:19:04.319370: | Inspecting interface lo
Mar 13 16:19:04.319383: | found lo with address 127.0.0.1
Mar 13 16:19:04.319393: | Inspecting interface enp0s31f6
Mar 13 16:19:04.319404: | found enp0s31f6 with address 192.168.0.56
Mar 13 16:19:04.319411: | Inspecting interface vipnet
Mar 13 16:19:04.319419: | found vipnet with address
<server.address.redacted>
Mar 13 16:19:04.319424: | Inspecting interface ap0
Mar 13 16:19:04.319431: | found ap0 with address 192.168.12.1
Mar 13 16:19:04.319489: Kernel supports NIC esp-hw-offload
Mar 13 16:19:04.319510: adding interface ap0/ap0 (esp-hw-offload=no)
192.168.12.1:500
Mar 13 16:19:04.319541: | NAT-Traversal: Trying sockopt style NAT-T
Mar 13 16:19:04.319573: | NAT-Traversal: ESPINUDP(2) setup succeeded
for sockopt style NAT-T family IPv4
Mar 13 16:19:04.319584: adding interface ap0/ap0 192.168.12.1:4500
Mar 13 16:19:04.319612: Kernel supports NIC esp-hw-offload
Mar 13 16:19:04.319628: adding interface vipnet/vipnet
(esp-hw-offload=no) <server.address.redacted>:500
Mar 13 16:19:04.319654: | NAT-Traversal: Trying sockopt style NAT-T
Mar 13 16:19:04.319664: | NAT-Traversal: ESPINUDP(2) setup succeeded
for sockopt style NAT-T family IPv4
Mar 13 16:19:04.319671: adding interface vipnet/vipnet
<server.address.redacted>:4500
Mar 13 16:19:04.319700: Kernel supports NIC esp-hw-offload
Mar 13 16:19:04.319716: adding interface enp0s31f6/enp0s31f6
(esp-hw-offload=no) 192.168.0.56:500
Mar 13 16:19:04.319746: | NAT-Traversal: Trying sockopt style NAT-T
Mar 13 16:19:04.319756: | NAT-Traversal: ESPINUDP(2) setup succeeded
for sockopt style NAT-T family IPv4
Mar 13 16:19:04.319765: adding interface enp0s31f6/enp0s31f6
192.168.0.56:4500
Mar 13 16:19:04.319793: Kernel supports NIC esp-hw-offload
Mar 13 16:19:04.319810: adding interface lo/lo (esp-hw-offload=no)
127.0.0.1:500
Mar 13 16:19:04.319836: | NAT-Traversal: Trying sockopt style NAT-T
Mar 13 16:19:04.319846: | NAT-Traversal: ESPINUDP(2) setup succeeded
for sockopt style NAT-T family IPv4
Mar 13 16:19:04.319854: adding interface lo/lo 127.0.0.1:4500
Mar 13 16:19:04.319904: | found lo with address
0000:0000:0000:0000:0000:0000:0000:0001
Mar 13 16:19:04.319920: | sorting 1 interfaces
Mar 13 16:19:04.319943: Kernel supports NIC esp-hw-offload
Mar 13 16:19:04.319955: adding interface lo/lo (esp-hw-offload=no)
::1:500
Mar 13 16:19:04.319966: | connect_to_host_pair:
<server.address.redacted>:500 0.0.0.0:500 -> hp:none
Mar 13 16:19:04.319971: | pluto_event_add: new ethX-pe at 0x5562e6fe2be8
Mar 13 16:19:04.319978: | libevent_malloc: new
ptr-libevent at 0x5562e7007208 size 128
Mar 13 16:19:04.319983: | libevent_malloc: new
ptr-libevent at 0x5562e700f028 size 16
Mar 13 16:19:04.319992: | setup callback for interface lo:500 fd 23
Mar 13 16:19:04.319997: | pluto_event_add: new ethX-pe at 0x5562e700f068
Mar 13 16:19:04.320000: | libevent_malloc: new
ptr-libevent at 0x5562e6fe37a8 size 128
Mar 13 16:19:04.320004: | libevent_malloc: new
ptr-libevent at 0x5562e700f0d8 size 16
Mar 13 16:19:04.320010: | setup callback for interface lo:4500 fd 22
Mar 13 16:19:04.320014: | pluto_event_add: new ethX-pe at 0x5562e700f188
Mar 13 16:19:04.320018: | libevent_malloc: new
ptr-libevent at 0x5562e6fe39a8 size 128
Mar 13 16:19:04.320022: | libevent_malloc: new
ptr-libevent at 0x5562e700f1f8 size 16
Mar 13 16:19:04.320027: | setup callback for interface lo:500 fd 21
Mar 13 16:19:04.320031: | pluto_event_add: new ethX-pe at 0x5562e700f238
Mar 13 16:19:04.320035: | libevent_malloc: new
ptr-libevent at 0x5562e6fe38a8 size 128
Mar 13 16:19:04.320038: | libevent_malloc: new
ptr-libevent at 0x5562e700f2a8 size 16
Mar 13 16:19:04.320044: | setup callback for interface
enp0s31f6:4500 fd 20
Mar 13 16:19:04.320048: | pluto_event_add: new ethX-pe at 0x5562e700f2e8
Mar 13 16:19:04.320052: | libevent_malloc: new
ptr-libevent at 0x5562e6fe35a8 size 128
Mar 13 16:19:04.320055: | libevent_malloc: new
ptr-libevent at 0x5562e700f358 size 16
Mar 13 16:19:04.320061: | setup callback for interface enp0s31f6:500
fd 19
Mar 13 16:19:04.320065: | pluto_event_add: new ethX-pe at 0x5562e700f398
Mar 13 16:19:04.320069: | libevent_malloc: new
ptr-libevent at 0x5562e6fe34a8 size 128
Mar 13 16:19:04.320072: | libevent_malloc: new
ptr-libevent at 0x5562e700f408 size 16
Mar 13 16:19:04.320078: | setup callback for interface vipnet:4500 fd 18
Mar 13 16:19:04.320082: | pluto_event_add: new ethX-pe at 0x5562e700f448
Mar 13 16:19:04.320086: | libevent_malloc: new
ptr-libevent at 0x5562e700f4b8 size 128
Mar 13 16:19:04.320089: | libevent_malloc: new
ptr-libevent at 0x5562e700f568 size 16
Mar 13 16:19:04.320095: | setup callback for interface vipnet:500 fd 17
Mar 13 16:19:04.320099: | pluto_event_add: new ethX-pe at 0x5562e700f5a8
Mar 13 16:19:04.320103: | libevent_malloc: new
ptr-libevent at 0x5562e700f618 size 128
Mar 13 16:19:04.320106: | libevent_malloc: new
ptr-libevent at 0x5562e700f6c8 size 16
Mar 13 16:19:04.320112: | setup callback for interface ap0:4500 fd 16
Mar 13 16:19:04.320116: | pluto_event_add: new ethX-pe at 0x5562e700f708
Mar 13 16:19:04.320120: | libevent_malloc: new
ptr-libevent at 0x5562e700f778 size 128
Mar 13 16:19:04.320123: | libevent_malloc: new
ptr-libevent at 0x5562e700f828 size 16
Mar 13 16:19:04.320129: | setup callback for interface ap0:500 fd 15
Mar 13 16:19:04.320134: | certs and keys locked by
'free_preshared_secrets'
Mar 13 16:19:04.320137: | certs and keys unlocked by
'free_preshared_secrets'
Mar 13 16:19:04.320158: loading secrets from "/etc/ipsec.secrets"
Mar 13 16:19:04.320172: | Processing PSK at line 2: passed
Mar 13 16:19:04.320177: | certs and keys locked by 'process_secret'
Mar 13 16:19:04.320181: | certs and keys unlocked by 'process_secret'
Mar 13 16:19:04.320187: | pluto_sd: executing action action:
ready(5), status 0
Mar 13 16:19:04.320217: | close_any(fd at 14) (in whack_process() at
rcv_whack.c:698)
Mar 13 16:19:04.320474: | signal PLUTO_SIGCHLD event
Mar 13 16:19:04.320497: | waitpid returned pid 49086 (exited with
status 0)
Mar 13 16:19:04.320502: | reaped addconn helper child (status 0)
Mar 13 16:19:04.320509: | waitpid returned ECHILD (no child
processes left)
Mar 13 16:19:24.318063: | global timer EVENT_SHUNT_SCAN event
Mar 13 16:19:24.318156: | expiring aged bare shunts from shunt table
Mar 13 16:19:32.344184: | *received 572 bytes from
192.168.12.87:1500 on vipnet (port=500)
Mar 13 16:19:32.344281: | 57 48 80 5f c5 27 ac fc 00 00 00 00
00 00 00 00
Mar 13 16:19:32.344301: | 01 10 04 00 00 00 00 00 00 00 02 3c
04 00 00 9c
Mar 13 16:19:32.344314: | 00 00 00 01 00 00 00 01 00 00 00 90
01 01 00 04
Mar 13 16:19:32.344326: | 03 00 00 24 01 01 00 00 80 0b 00 01
80 0c 70 80
Mar 13 16:19:32.344338: | 80 01 00 07 80 0e 00 80 80 03 00 01
80 02 00 02
Mar 13 16:19:32.344349: | 80 04 00 05 03 00 00 24 02 01 00 00
80 0b 00 01
Mar 13 16:19:32.344360: | 80 0c 70 80 80 01 00 07 80 0e 00 80
80 03 00 01
Mar 13 16:19:32.344373: | 80 02 00 01 80 04 00 05 03 00 00 20
03 01 00 00
Mar 13 16:19:32.344385: | 80 0b 00 01 80 0c 70 80 80 01 00 05
80 03 00 01
Mar 13 16:19:32.344397: | 80 02 00 02 80 04 00 05 00 00 00 20
04 01 00 00
Mar 13 16:19:32.344409: | 80 0b 00 01 80 0c 70 80 80 01 00 05
80 03 00 01
Mar 13 16:19:32.344420: | 80 02 00 01 80 04 00 05 0a 00 00 c4
18 2d 4a ed
Mar 13 16:19:32.344432: | 66 95 82 88 2f 04 59 3a fa ac e7 6f
56 9a 0c 9b
Mar 13 16:19:32.344443: | 97 d4 17 97 67 6c 3f c7 73 f3 40 79
99 fb 94 95
Mar 13 16:19:32.344454: | 34 30 40 b4 89 7a 7d bd 01 84 a0 4c
ef 11 80 79
Mar 13 16:19:32.344466: | 70 f5 78 62 b8 41 b3 a4 dc 96 57 2e
8b 26 53 cb
Mar 13 16:19:32.344477: | c7 b6 60 d7 a4 de 7d 48 31 3c 78 96
33 19 37 c6
Mar 13 16:19:32.344488: | e3 0b 82 4e 5b 7b ef 62 03 7c 3b 90
f1 37 50 8a
Mar 13 16:19:32.344500: | 36 3f 79 e4 1f d2 21 bf 84 ee 8c 87
41 9e cf 62
Mar 13 16:19:32.344511: | 47 0d 0f ea f4 ab 5e 02 46 0b 06 b4
a8 57 df 00
Mar 13 16:19:32.344522: | e9 8a 13 ea 28 66 5f b3 94 31 84 5b
1b 2e 68 8c
Mar 13 16:19:32.344533: | 5c f6 3c 1d 45 73 d5 98 a1 e7 9d 8f
ed f3 a2 7c
Mar 13 16:19:32.344545: | 74 f8 50 d0 da a1 cb fb 5d d5 9e a1
68 b1 9b 8f
Mar 13 16:19:32.344556: | 32 ee 4d 06 f0 ed 57 a6 41 69 10 fa
05 00 00 14
Mar 13 16:19:32.344567: | d6 4d 10 18 17 77 3c c0 42 08 04 8d
93 f4 dd d7
Mar 13 16:19:32.344579: | 0d 00 00 0c 01 11 05 dc c0 a8 0c 57
0d 00 00 14
Mar 13 16:19:32.344590: | 4a 13 1c 81 07 03 58 45 5c 57 28 f2
0e 95 45 2f
Mar 13 16:19:32.344601: | 0d 00 00 14 cd 60 46 43 35 df 21 f8
7c fd b2 fc
Mar 13 16:19:32.344612: | 68 b6 a4 48 0d 00 00 14 90 cb 80 91
3e bb 69 6e
Mar 13 16:19:32.344624: | 08 63 81 b5 ec 42 7b 1f 0d 00 00 14
44 85 15 2d
Mar 13 16:19:32.344635: | 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
0d 00 00 14
Mar 13 16:19:32.344646: | 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2
74 cc 01 00
Mar 13 16:19:32.344658: | 0d 00 00 14 af ca d7 13 68 a1 f1 c9
6b 86 96 fc
Mar 13 16:19:32.344669: | 77 57 01 00 0d 00 00 14 4c 53 42 7b
6d 46 5d 1b
Mar 13 16:19:32.344680: | 33 7b b7 55 a3 7a 7f ef 00 00 00 14
b4 f0 1c a9
Mar 13 16:19:32.344691: | 51 e9 da 8d 0b af bb d3 4a d3 04 4e
Mar 13 16:19:32.344712: | processing: start from 192.168.12.87:1500
(in process_md() at demux.c:441)
Mar 13 16:19:32.344728: | **parse ISAKMP Message:
Mar 13 16:19:32.344742: | initiator cookie:
Mar 13 16:19:32.344753: | 57 48 80 5f c5 27 ac fc
Mar 13 16:19:32.344765: | responder cookie:
Mar 13 16:19:32.344776: | 00 00 00 00 00 00 00 00
Mar 13 16:19:32.344790: | next payload type: ISAKMP_NEXT_SA (0x1)
Mar 13 16:19:32.344803: | ISAKMP version: ISAKMP Version 1.0
(rfc2407) (0x10)
Mar 13 16:19:32.344815: | exchange type: ISAKMP_XCHG_AGGR (0x4)
Mar 13 16:19:32.344838: | flags: none (0x0)
Mar 13 16:19:32.344852: | Message ID: 0 (0x0)
Mar 13 16:19:32.344864: | length: 572 (0x23c)
Mar 13 16:19:32.344878: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_AGGR (4)
Mar 13 16:19:32.344893: | State DB: IKEv1 state object not found
(find_state_ikev1_init)
Mar 13 16:19:32.344906: | #null state always idle
Mar 13 16:19:32.344920: | got payload 0x2 (ISAKMP_NEXT_SA) needed:
0x432 opt: 0x102000
Mar 13 16:19:32.344933: | ***parse ISAKMP Security Association Payload:
Mar 13 16:19:32.344946: | next payload type: ISAKMP_NEXT_KE (0x4)
Mar 13 16:19:32.344979: | length: 156 (0x9c)
Mar 13 16:19:32.344993: | DOI: ISAKMP_DOI_IPSEC (0x1)
Mar 13 16:19:32.345006: | got payload 0x10 (ISAKMP_NEXT_KE) needed:
0x430 opt: 0x102000
Mar 13 16:19:32.345018: | ***parse ISAKMP Key Exchange Payload:
Mar 13 16:19:32.345030: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Mar 13 16:19:32.345042: | length: 196 (0xc4)
Mar 13 16:19:32.345054: | got payload 0x400 (ISAKMP_NEXT_NONCE)
needed: 0x420 opt: 0x102000
Mar 13 16:19:32.345066: | ***parse ISAKMP Nonce Payload:
Mar 13 16:19:32.345078: | next payload type: ISAKMP_NEXT_ID (0x5)
Mar 13 16:19:32.345089: | length: 20 (0x14)
Mar 13 16:19:32.345102: | got payload 0x20 (ISAKMP_NEXT_ID) needed:
0x20 opt: 0x102000
Mar 13 16:19:32.345114: | ***parse ISAKMP Identification Payload:
Mar 13 16:19:32.345125: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:32.345137: | length: 12 (0xc)
Mar 13 16:19:32.345149: | ID type: ID_IPV4_ADDR (0x1)
Mar 13 16:19:32.345160: | DOI specific A: 17 (0x11)
Mar 13 16:19:32.345172: | DOI specific B: 1500 (0x5dc)
Mar 13 16:19:32.345184: | obj: c0 a8 0c 57
Mar 13 16:19:32.345197: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:32.345209: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:32.345220: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:32.345232: | length: 20 (0x14)
Mar 13 16:19:32.345244: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:32.345256: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:32.345267: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:32.345278: | length: 20 (0x14)
Mar 13 16:19:32.345290: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:32.345301: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:32.345313: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:32.345324: | length: 20 (0x14)
Mar 13 16:19:32.345336: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:32.345347: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:32.345359: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:32.345370: | length: 20 (0x14)
Mar 13 16:19:32.345382: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:32.345393: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:32.345405: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:32.345416: | length: 20 (0x14)
Mar 13 16:19:32.345428: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:32.345439: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:32.345451: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:32.345462: | length: 20 (0x14)
Mar 13 16:19:32.345474: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:32.345485: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:32.345497: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:32.345508: | length: 20 (0x14)
Mar 13 16:19:32.345520: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:32.345531: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:32.345543: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:32.345554: | length: 20 (0x14)
Mar 13 16:19:32.345571: | quirks.qnat_traversal_vid set to=117 [RFC
3947]
Mar 13 16:19:32.345585: | received Vendor ID payload [RFC 3947]
Mar 13 16:19:32.345599: | Ignoring older NAT-T Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
Mar 13 16:19:32.345612: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
Mar 13 16:19:32.345626: | Ignoring older NAT-T Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
Mar 13 16:19:32.345667: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
Mar 13 16:19:32.345685: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
Mar 13 16:19:32.345699: | received Vendor ID payload [Cisco-Unity]
Mar 13 16:19:32.345713: | received Vendor ID payload [Dead Peer
Detection]
Mar 13 16:19:32.345734: packet from 192.168.12.87:1500: ignoring
unknown Vendor ID payload [4c53427b6d465d1b337bb755a37a7fef]
Mar 13 16:19:32.345769: packet from 192.168.12.87:1500: ignoring
unknown Vendor ID payload [b4f01ca951e9da8d0bafbbd34ad3044e]
Mar 13 16:19:32.345784: | ****parse IPsec DOI SIT:
Mar 13 16:19:32.345798: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Mar 13 16:19:32.345811: | ****parse ISAKMP Proposal Payload:
Mar 13 16:19:32.345823: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:32.345835: | length: 144 (0x90)
Mar 13 16:19:32.345847: | proposal number: 1 (0x1)
Mar 13 16:19:32.345859: | protocol ID: PROTO_ISAKMP (0x1)
Mar 13 16:19:32.345870: | SPI size: 0 (0x0)
Mar 13 16:19:32.345882: | number of transforms: 4 (0x4)
Mar 13 16:19:32.345894: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:32.345906: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:32.345917: | length: 36 (0x24)
Mar 13 16:19:32.345929: | ISAKMP transform number: 1 (0x1)
Mar 13 16:19:32.345941: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:32.345953: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.345967: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:32.345978: | length/value: 1 (0x1)
Mar 13 16:19:32.345990: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346002: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:32.346015: | length/value: 28800 (0x7080)
Mar 13 16:19:32.346026: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346038: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:32.346050: | length/value: 7 (0x7)
Mar 13 16:19:32.346061: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346073: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Mar 13 16:19:32.346084: | length/value: 128 (0x80)
Mar 13 16:19:32.346096: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346108: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:32.346119: | length/value: 1 (0x1)
Mar 13 16:19:32.346131: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346143: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:32.346154: | length/value: 2 (0x2)
Mar 13 16:19:32.346165: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346177: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:32.346188: | length/value: 5 (0x5)
Mar 13 16:19:32.346200: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:32.346212: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:32.346224: | length: 36 (0x24)
Mar 13 16:19:32.346235: | ISAKMP transform number: 2 (0x2)
Mar 13 16:19:32.346247: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:32.346258: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346270: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:32.346282: | length/value: 1 (0x1)
Mar 13 16:19:32.346293: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346305: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:32.346317: | length/value: 28800 (0x7080)
Mar 13 16:19:32.346328: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346340: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:32.346351: | length/value: 7 (0x7)
Mar 13 16:19:32.346363: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346374: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Mar 13 16:19:32.346386: | length/value: 128 (0x80)
Mar 13 16:19:32.346397: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346409: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:32.346420: | length/value: 1 (0x1)
Mar 13 16:19:32.346432: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346444: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:32.346455: | length/value: 1 (0x1)
Mar 13 16:19:32.346466: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346478: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:32.346489: | length/value: 5 (0x5)
Mar 13 16:19:32.346501: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:32.346525: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:32.346537: | length: 32 (0x20)
Mar 13 16:19:32.346549: | ISAKMP transform number: 3 (0x3)
Mar 13 16:19:32.346560: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:32.346572: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346584: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:32.346595: | length/value: 1 (0x1)
Mar 13 16:19:32.346607: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346619: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:32.346630: | length/value: 28800 (0x7080)
Mar 13 16:19:32.346642: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346653: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:32.346665: | length/value: 5 (0x5)
Mar 13 16:19:32.346676: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346688: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:32.346699: | length/value: 1 (0x1)
Mar 13 16:19:32.346711: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346722: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:32.346734: | length/value: 2 (0x2)
Mar 13 16:19:32.346745: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346757: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:32.346768: | length/value: 5 (0x5)
Mar 13 16:19:32.346780: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:32.346792: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:32.346803: | length: 32 (0x20)
Mar 13 16:19:32.346815: | ISAKMP transform number: 4 (0x4)
Mar 13 16:19:32.346826: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:32.346838: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346849: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:32.346861: | length/value: 1 (0x1)
Mar 13 16:19:32.346872: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346884: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:32.346896: | length/value: 28800 (0x7080)
Mar 13 16:19:32.346907: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346919: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:32.346930: | length/value: 5 (0x5)
Mar 13 16:19:32.346942: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346954: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:32.346965: | length/value: 1 (0x1)
Mar 13 16:19:32.346976: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.346988: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:32.346999: | length/value: 1 (0x1)
Mar 13 16:19:32.347011: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:32.347023: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:32.347034: | length/value: 5 (0x5)
Mar 13 16:19:32.347055: | find_host_connection
me=<server.address.redacted>:500 him=192.168.12.87:1500
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:32.347073: | find_host_pair: comparing
<server.address.redacted>:500 to 0.0.0.0:500
Mar 13 16:19:32.347087: | find_next_host_connection
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:32.347100: | find_next_host_connection returns empty
Mar 13 16:19:32.347116: | find_host_connection
me=<server.address.redacted>:500 him=%any:1500
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:32.347132: | find_host_pair: comparing
<server.address.redacted>:500 to 0.0.0.0:500
Mar 13 16:19:32.347144: | find_next_host_connection
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:32.347160: | found policy =
PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+AGGRESSIVE+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
(xauth-psk)
Mar 13 16:19:32.347172: | find_next_host_connection returns empty
Mar 13 16:19:32.347189: packet from 192.168.12.87:1500: initial
Aggressive Mode message from 192.168.12.87 but no (wildcard)
connection has been configured with policy PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:32.347203: | complete v1 state transition with STF_IGNORE
Mar 13 16:19:32.347220: | processing: stop from 192.168.12.87:1500
(in process_md() at demux.c:443)
Mar 13 16:19:32.347247: | processing: STOP state #0 (in process_md()
at demux.c:445)
Mar 13 16:19:32.347261: | processing: STOP connection NULL (in
process_md() at demux.c:446)
Mar 13 16:19:35.334677: | *received 572 bytes from
192.168.12.87:1500 on vipnet (port=500)
Mar 13 16:19:35.334708: | 57 48 80 5f c5 27 ac fc 00 00 00 00
00 00 00 00
Mar 13 16:19:35.334715: | 01 10 04 00 00 00 00 00 00 00 02 3c
04 00 00 9c
Mar 13 16:19:35.334719: | 00 00 00 01 00 00 00 01 00 00 00 90
01 01 00 04
Mar 13 16:19:35.334724: | 03 00 00 24 01 01 00 00 80 0b 00 01
80 0c 70 80
Mar 13 16:19:35.334728: | 80 01 00 07 80 0e 00 80 80 03 00 01
80 02 00 02
Mar 13 16:19:35.334733: | 80 04 00 05 03 00 00 24 02 01 00 00
80 0b 00 01
Mar 13 16:19:35.334737: | 80 0c 70 80 80 01 00 07 80 0e 00 80
80 03 00 01
Mar 13 16:19:35.334742: | 80 02 00 01 80 04 00 05 03 00 00 20
03 01 00 00
Mar 13 16:19:35.334746: | 80 0b 00 01 80 0c 70 80 80 01 00 05
80 03 00 01
Mar 13 16:19:35.334749: | 80 02 00 02 80 04 00 05 00 00 00 20
04 01 00 00
Mar 13 16:19:35.334752: | 80 0b 00 01 80 0c 70 80 80 01 00 05
80 03 00 01
Mar 13 16:19:35.334755: | 80 02 00 01 80 04 00 05 0a 00 00 c4
18 2d 4a ed
Mar 13 16:19:35.334758: | 66 95 82 88 2f 04 59 3a fa ac e7 6f
56 9a 0c 9b
Mar 13 16:19:35.334761: | 97 d4 17 97 67 6c 3f c7 73 f3 40 79
99 fb 94 95
Mar 13 16:19:35.334764: | 34 30 40 b4 89 7a 7d bd 01 84 a0 4c
ef 11 80 79
Mar 13 16:19:35.334767: | 70 f5 78 62 b8 41 b3 a4 dc 96 57 2e
8b 26 53 cb
Mar 13 16:19:35.334769: | c7 b6 60 d7 a4 de 7d 48 31 3c 78 96
33 19 37 c6
Mar 13 16:19:35.334772: | e3 0b 82 4e 5b 7b ef 62 03 7c 3b 90
f1 37 50 8a
Mar 13 16:19:35.334775: | 36 3f 79 e4 1f d2 21 bf 84 ee 8c 87
41 9e cf 62
Mar 13 16:19:35.334778: | 47 0d 0f ea f4 ab 5e 02 46 0b 06 b4
a8 57 df 00
Mar 13 16:19:35.334781: | e9 8a 13 ea 28 66 5f b3 94 31 84 5b
1b 2e 68 8c
Mar 13 16:19:35.334784: | 5c f6 3c 1d 45 73 d5 98 a1 e7 9d 8f
ed f3 a2 7c
Mar 13 16:19:35.334787: | 74 f8 50 d0 da a1 cb fb 5d d5 9e a1
68 b1 9b 8f
Mar 13 16:19:35.334789: | 32 ee 4d 06 f0 ed 57 a6 41 69 10 fa
05 00 00 14
Mar 13 16:19:35.334792: | d6 4d 10 18 17 77 3c c0 42 08 04 8d
93 f4 dd d7
Mar 13 16:19:35.334795: | 0d 00 00 0c 01 11 05 dc c0 a8 0c 57
0d 00 00 14
Mar 13 16:19:35.334798: | 4a 13 1c 81 07 03 58 45 5c 57 28 f2
0e 95 45 2f
Mar 13 16:19:35.334801: | 0d 00 00 14 cd 60 46 43 35 df 21 f8
7c fd b2 fc
Mar 13 16:19:35.334804: | 68 b6 a4 48 0d 00 00 14 90 cb 80 91
3e bb 69 6e
Mar 13 16:19:35.334807: | 08 63 81 b5 ec 42 7b 1f 0d 00 00 14
44 85 15 2d
Mar 13 16:19:35.334809: | 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
0d 00 00 14
Mar 13 16:19:35.334812: | 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2
74 cc 01 00
Mar 13 16:19:35.334815: | 0d 00 00 14 af ca d7 13 68 a1 f1 c9
6b 86 96 fc
Mar 13 16:19:35.334818: | 77 57 01 00 0d 00 00 14 4c 53 42 7b
6d 46 5d 1b
Mar 13 16:19:35.334821: | 33 7b b7 55 a3 7a 7f ef 00 00 00 14
b4 f0 1c a9
Mar 13 16:19:35.334824: | 51 e9 da 8d 0b af bb d3 4a d3 04 4e
Mar 13 16:19:35.334829: | processing: start from 192.168.12.87:1500
(in process_md() at demux.c:441)
Mar 13 16:19:35.334834: | **parse ISAKMP Message:
Mar 13 16:19:35.334837: | initiator cookie:
Mar 13 16:19:35.334840: | 57 48 80 5f c5 27 ac fc
Mar 13 16:19:35.334843: | responder cookie:
Mar 13 16:19:35.334846: | 00 00 00 00 00 00 00 00
Mar 13 16:19:35.334850: | next payload type: ISAKMP_NEXT_SA (0x1)
Mar 13 16:19:35.334853: | ISAKMP version: ISAKMP Version 1.0
(rfc2407) (0x10)
Mar 13 16:19:35.334857: | exchange type: ISAKMP_XCHG_AGGR (0x4)
Mar 13 16:19:35.334860: | flags: none (0x0)
Mar 13 16:19:35.334863: | Message ID: 0 (0x0)
Mar 13 16:19:35.334866: | length: 572 (0x23c)
Mar 13 16:19:35.334870: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_AGGR (4)
Mar 13 16:19:35.334874: | State DB: IKEv1 state object not found
(find_state_ikev1_init)
Mar 13 16:19:35.334877: | #null state always idle
Mar 13 16:19:35.334882: | got payload 0x2 (ISAKMP_NEXT_SA) needed:
0x432 opt: 0x102000
Mar 13 16:19:35.334895: | ***parse ISAKMP Security Association Payload:
Mar 13 16:19:35.334898: | next payload type: ISAKMP_NEXT_KE (0x4)
Mar 13 16:19:35.334901: | length: 156 (0x9c)
Mar 13 16:19:35.334904: | DOI: ISAKMP_DOI_IPSEC (0x1)
Mar 13 16:19:35.334908: | got payload 0x10 (ISAKMP_NEXT_KE) needed:
0x430 opt: 0x102000
Mar 13 16:19:35.334911: | ***parse ISAKMP Key Exchange Payload:
Mar 13 16:19:35.334914: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Mar 13 16:19:35.334917: | length: 196 (0xc4)
Mar 13 16:19:35.334920: | got payload 0x400 (ISAKMP_NEXT_NONCE)
needed: 0x420 opt: 0x102000
Mar 13 16:19:35.334924: | ***parse ISAKMP Nonce Payload:
Mar 13 16:19:35.334927: | next payload type: ISAKMP_NEXT_ID (0x5)
Mar 13 16:19:35.334930: | length: 20 (0x14)
Mar 13 16:19:35.334933: | got payload 0x20 (ISAKMP_NEXT_ID) needed:
0x20 opt: 0x102000
Mar 13 16:19:35.334936: | ***parse ISAKMP Identification Payload:
Mar 13 16:19:35.334939: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:35.334943: | length: 12 (0xc)
Mar 13 16:19:35.334948: | ID type: ID_IPV4_ADDR (0x1)
Mar 13 16:19:35.334953: | DOI specific A: 17 (0x11)
Mar 13 16:19:35.334958: | DOI specific B: 1500 (0x5dc)
Mar 13 16:19:35.334963: | obj: c0 a8 0c 57
Mar 13 16:19:35.334968: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:35.334974: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:35.334979: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:35.334984: | length: 20 (0x14)
Mar 13 16:19:35.334989: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:35.334994: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:35.335000: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:35.335004: | length: 20 (0x14)
Mar 13 16:19:35.335009: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:35.335015: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:35.335020: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:35.335025: | length: 20 (0x14)
Mar 13 16:19:35.335029: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:35.335049: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:35.335054: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:35.335059: | length: 20 (0x14)
Mar 13 16:19:35.335064: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:35.335069: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:35.335073: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:35.335078: | length: 20 (0x14)
Mar 13 16:19:35.335097: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:35.335101: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:35.335106: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:35.335111: | length: 20 (0x14)
Mar 13 16:19:35.335115: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:35.335120: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:35.335125: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:35.335129: | length: 20 (0x14)
Mar 13 16:19:35.335135: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:35.335139: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:35.335144: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:35.335149: | length: 20 (0x14)
Mar 13 16:19:35.335157: | quirks.qnat_traversal_vid set to=117 [RFC
3947]
Mar 13 16:19:35.335163: | received Vendor ID payload [RFC 3947]
Mar 13 16:19:35.335170: | Ignoring older NAT-T Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
Mar 13 16:19:35.335176: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
Mar 13 16:19:35.335182: | Ignoring older NAT-T Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
Mar 13 16:19:35.335187: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
Mar 13 16:19:35.335192: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
Mar 13 16:19:35.335198: | received Vendor ID payload [Cisco-Unity]
Mar 13 16:19:35.335211: | received Vendor ID payload [Dead Peer
Detection]
Mar 13 16:19:35.335222: packet from 192.168.12.87:1500: ignoring
unknown Vendor ID payload [4c53427b6d465d1b337bb755a37a7fef]
Mar 13 16:19:35.335234: packet from 192.168.12.87:1500: ignoring
unknown Vendor ID payload [b4f01ca951e9da8d0bafbbd34ad3044e]
Mar 13 16:19:35.335245: | ****parse IPsec DOI SIT:
Mar 13 16:19:35.335252: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Mar 13 16:19:35.335258: | ****parse ISAKMP Proposal Payload:
Mar 13 16:19:35.335263: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:35.335269: | length: 144 (0x90)
Mar 13 16:19:35.335275: | proposal number: 1 (0x1)
Mar 13 16:19:35.335280: | protocol ID: PROTO_ISAKMP (0x1)
Mar 13 16:19:35.335284: | SPI size: 0 (0x0)
Mar 13 16:19:35.335289: | number of transforms: 4 (0x4)
Mar 13 16:19:35.335295: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:35.335301: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:35.335306: | length: 36 (0x24)
Mar 13 16:19:35.335312: | ISAKMP transform number: 1 (0x1)
Mar 13 16:19:35.335318: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:35.335325: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335331: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:35.335337: | length/value: 1 (0x1)
Mar 13 16:19:35.335343: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335350: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:35.335356: | length/value: 28800 (0x7080)
Mar 13 16:19:35.335362: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335366: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:35.335369: | length/value: 7 (0x7)
Mar 13 16:19:35.335372: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335375: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Mar 13 16:19:35.335378: | length/value: 128 (0x80)
Mar 13 16:19:35.335381: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335384: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:35.335387: | length/value: 1 (0x1)
Mar 13 16:19:35.335390: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335393: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:35.335396: | length/value: 2 (0x2)
Mar 13 16:19:35.335399: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335402: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:35.335405: | length/value: 5 (0x5)
Mar 13 16:19:35.335408: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:35.335411: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:35.335414: | length: 36 (0x24)
Mar 13 16:19:35.335417: | ISAKMP transform number: 2 (0x2)
Mar 13 16:19:35.335420: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:35.335424: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335427: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:35.335430: | length/value: 1 (0x1)
Mar 13 16:19:35.335432: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335436: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:35.335439: | length/value: 28800 (0x7080)
Mar 13 16:19:35.335442: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335445: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:35.335448: | length/value: 7 (0x7)
Mar 13 16:19:35.335451: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335454: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Mar 13 16:19:35.335457: | length/value: 128 (0x80)
Mar 13 16:19:35.335460: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335463: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:35.335466: | length/value: 1 (0x1)
Mar 13 16:19:35.335469: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335472: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:35.335475: | length/value: 1 (0x1)
Mar 13 16:19:35.335478: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335481: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:35.335489: | length/value: 5 (0x5)
Mar 13 16:19:35.335493: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:35.335496: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:35.335499: | length: 32 (0x20)
Mar 13 16:19:35.335502: | ISAKMP transform number: 3 (0x3)
Mar 13 16:19:35.335505: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:35.335508: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335512: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:35.335515: | length/value: 1 (0x1)
Mar 13 16:19:35.335517: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335521: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:35.335524: | length/value: 28800 (0x7080)
Mar 13 16:19:35.335526: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335530: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:35.335532: | length/value: 5 (0x5)
Mar 13 16:19:35.335536: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335539: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:35.335542: | length/value: 1 (0x1)
Mar 13 16:19:35.335545: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335548: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:35.335551: | length/value: 2 (0x2)
Mar 13 16:19:35.335554: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335558: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:35.335560: | length/value: 5 (0x5)
Mar 13 16:19:35.335563: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:35.335567: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:35.335570: | length: 32 (0x20)
Mar 13 16:19:35.335573: | ISAKMP transform number: 4 (0x4)
Mar 13 16:19:35.335576: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:35.335579: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335582: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:35.335585: | length/value: 1 (0x1)
Mar 13 16:19:35.335588: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335591: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:35.335594: | length/value: 28800 (0x7080)
Mar 13 16:19:35.335597: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335600: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:35.335603: | length/value: 5 (0x5)
Mar 13 16:19:35.335606: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335609: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:35.335612: | length/value: 1 (0x1)
Mar 13 16:19:35.335615: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335619: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:35.335622: | length/value: 1 (0x1)
Mar 13 16:19:35.335625: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:35.335628: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:35.335631: | length/value: 5 (0x5)
Mar 13 16:19:35.335637: | find_host_connection
me=<server.address.redacted>:500 him=192.168.12.87:1500
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:35.335642: | find_host_pair: comparing
<server.address.redacted>:500 to 0.0.0.0:500
Mar 13 16:19:35.335646: | find_next_host_connection
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:35.335650: | find_next_host_connection returns empty
Mar 13 16:19:35.335654: | find_host_connection
me=<server.address.redacted>:500 him=%any:1500
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:35.335658: | find_host_pair: comparing
<server.address.redacted>:500 to 0.0.0.0:500
Mar 13 16:19:35.335662: | find_next_host_connection
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:35.335666: | found policy =
PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+AGGRESSIVE+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
(xauth-psk)
Mar 13 16:19:35.335670: | find_next_host_connection returns empty
Mar 13 16:19:35.335674: packet from 192.168.12.87:1500: initial
Aggressive Mode message from 192.168.12.87 but no (wildcard)
connection has been configured with policy PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:35.335678: | complete v1 state transition with STF_IGNORE
Mar 13 16:19:35.335687: | processing: stop from 192.168.12.87:1500
(in process_md() at demux.c:443)
Mar 13 16:19:35.335692: | processing: STOP state #0 (in process_md()
at demux.c:445)
Mar 13 16:19:35.335696: | processing: STOP connection NULL (in
process_md() at demux.c:446)
Mar 13 16:19:38.338037: | *received 572 bytes from
192.168.12.87:1500 on vipnet (port=500)
Mar 13 16:19:38.338127: | 57 48 80 5f c5 27 ac fc 00 00 00 00
00 00 00 00
Mar 13 16:19:38.338155: | 01 10 04 00 00 00 00 00 00 00 02 3c
04 00 00 9c
Mar 13 16:19:38.338176: | 00 00 00 01 00 00 00 01 00 00 00 90
01 01 00 04
Mar 13 16:19:38.338192: | 03 00 00 24 01 01 00 00 80 0b 00 01
80 0c 70 80
Mar 13 16:19:38.338213: | 80 01 00 07 80 0e 00 80 80 03 00 01
80 02 00 02
Mar 13 16:19:38.338231: | 80 04 00 05 03 00 00 24 02 01 00 00
80 0b 00 01
Mar 13 16:19:38.338250: | 80 0c 70 80 80 01 00 07 80 0e 00 80
80 03 00 01
Mar 13 16:19:38.338265: | 80 02 00 01 80 04 00 05 03 00 00 20
03 01 00 00
Mar 13 16:19:38.338276: | 80 0b 00 01 80 0c 70 80 80 01 00 05
80 03 00 01
Mar 13 16:19:38.338288: | 80 02 00 02 80 04 00 05 00 00 00 20
04 01 00 00
Mar 13 16:19:38.338299: | 80 0b 00 01 80 0c 70 80 80 01 00 05
80 03 00 01
Mar 13 16:19:38.338310: | 80 02 00 01 80 04 00 05 0a 00 00 c4
18 2d 4a ed
Mar 13 16:19:38.338322: | 66 95 82 88 2f 04 59 3a fa ac e7 6f
56 9a 0c 9b
Mar 13 16:19:38.338333: | 97 d4 17 97 67 6c 3f c7 73 f3 40 79
99 fb 94 95
Mar 13 16:19:38.338344: | 34 30 40 b4 89 7a 7d bd 01 84 a0 4c
ef 11 80 79
Mar 13 16:19:38.338356: | 70 f5 78 62 b8 41 b3 a4 dc 96 57 2e
8b 26 53 cb
Mar 13 16:19:38.338367: | c7 b6 60 d7 a4 de 7d 48 31 3c 78 96
33 19 37 c6
Mar 13 16:19:38.338378: | e3 0b 82 4e 5b 7b ef 62 03 7c 3b 90
f1 37 50 8a
Mar 13 16:19:38.338389: | 36 3f 79 e4 1f d2 21 bf 84 ee 8c 87
41 9e cf 62
Mar 13 16:19:38.338401: | 47 0d 0f ea f4 ab 5e 02 46 0b 06 b4
a8 57 df 00
Mar 13 16:19:38.338412: | e9 8a 13 ea 28 66 5f b3 94 31 84 5b
1b 2e 68 8c
Mar 13 16:19:38.338423: | 5c f6 3c 1d 45 73 d5 98 a1 e7 9d 8f
ed f3 a2 7c
Mar 13 16:19:38.338434: | 74 f8 50 d0 da a1 cb fb 5d d5 9e a1
68 b1 9b 8f
Mar 13 16:19:38.338446: | 32 ee 4d 06 f0 ed 57 a6 41 69 10 fa
05 00 00 14
Mar 13 16:19:38.338457: | d6 4d 10 18 17 77 3c c0 42 08 04 8d
93 f4 dd d7
Mar 13 16:19:38.338468: | 0d 00 00 0c 01 11 05 dc c0 a8 0c 57
0d 00 00 14
Mar 13 16:19:38.338479: | 4a 13 1c 81 07 03 58 45 5c 57 28 f2
0e 95 45 2f
Mar 13 16:19:38.338491: | 0d 00 00 14 cd 60 46 43 35 df 21 f8
7c fd b2 fc
Mar 13 16:19:38.338502: | 68 b6 a4 48 0d 00 00 14 90 cb 80 91
3e bb 69 6e
Mar 13 16:19:38.338513: | 08 63 81 b5 ec 42 7b 1f 0d 00 00 14
44 85 15 2d
Mar 13 16:19:38.338524: | 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
0d 00 00 14
Mar 13 16:19:38.338535: | 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2
74 cc 01 00
Mar 13 16:19:38.338547: | 0d 00 00 14 af ca d7 13 68 a1 f1 c9
6b 86 96 fc
Mar 13 16:19:38.338558: | 77 57 01 00 0d 00 00 14 4c 53 42 7b
6d 46 5d 1b
Mar 13 16:19:38.338569: | 33 7b b7 55 a3 7a 7f ef 00 00 00 14
b4 f0 1c a9
Mar 13 16:19:38.338581: | 51 e9 da 8d 0b af bb d3 4a d3 04 4e
Mar 13 16:19:38.338601: | processing: start from 192.168.12.87:1500
(in process_md() at demux.c:441)
Mar 13 16:19:38.338618: | **parse ISAKMP Message:
Mar 13 16:19:38.338631: | initiator cookie:
Mar 13 16:19:38.338643: | 57 48 80 5f c5 27 ac fc
Mar 13 16:19:38.338654: | responder cookie:
Mar 13 16:19:38.338665: | 00 00 00 00 00 00 00 00
Mar 13 16:19:38.338679: | next payload type: ISAKMP_NEXT_SA (0x1)
Mar 13 16:19:38.338692: | ISAKMP version: ISAKMP Version 1.0
(rfc2407) (0x10)
Mar 13 16:19:38.338705: | exchange type: ISAKMP_XCHG_AGGR (0x4)
Mar 13 16:19:38.338717: | flags: none (0x0)
Mar 13 16:19:38.338729: | Message ID: 0 (0x0)
Mar 13 16:19:38.338741: | length: 572 (0x23c)
Mar 13 16:19:38.338755: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_AGGR (4)
Mar 13 16:19:38.338770: | State DB: IKEv1 state object not found
(find_state_ikev1_init)
Mar 13 16:19:38.338809: | #null state always idle
Mar 13 16:19:38.338826: | got payload 0x2 (ISAKMP_NEXT_SA) needed:
0x432 opt: 0x102000
Mar 13 16:19:38.338840: | ***parse ISAKMP Security Association Payload:
Mar 13 16:19:38.338852: | next payload type: ISAKMP_NEXT_KE (0x4)
Mar 13 16:19:38.338864: | length: 156 (0x9c)
Mar 13 16:19:38.338876: | DOI: ISAKMP_DOI_IPSEC (0x1)
Mar 13 16:19:38.338889: | got payload 0x10 (ISAKMP_NEXT_KE) needed:
0x430 opt: 0x102000
Mar 13 16:19:38.338901: | ***parse ISAKMP Key Exchange Payload:
Mar 13 16:19:38.338913: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Mar 13 16:19:38.338925: | length: 196 (0xc4)
Mar 13 16:19:38.338938: | got payload 0x400 (ISAKMP_NEXT_NONCE)
needed: 0x420 opt: 0x102000
Mar 13 16:19:38.338949: | ***parse ISAKMP Nonce Payload:
Mar 13 16:19:38.338961: | next payload type: ISAKMP_NEXT_ID (0x5)
Mar 13 16:19:38.338972: | length: 20 (0x14)
Mar 13 16:19:38.338985: | got payload 0x20 (ISAKMP_NEXT_ID) needed:
0x20 opt: 0x102000
Mar 13 16:19:38.338997: | ***parse ISAKMP Identification Payload:
Mar 13 16:19:38.339009: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:38.339021: | length: 12 (0xc)
Mar 13 16:19:38.339033: | ID type: ID_IPV4_ADDR (0x1)
Mar 13 16:19:38.339045: | DOI specific A: 17 (0x11)
Mar 13 16:19:38.339056: | DOI specific B: 1500 (0x5dc)
Mar 13 16:19:38.339068: | obj: c0 a8 0c 57
Mar 13 16:19:38.339081: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:38.339092: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:38.339104: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:38.339115: | length: 20 (0x14)
Mar 13 16:19:38.339127: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:38.339139: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:38.339150: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:38.339162: | length: 20 (0x14)
Mar 13 16:19:38.339174: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:38.339185: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:38.339196: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:38.339207: | length: 20 (0x14)
Mar 13 16:19:38.339220: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:38.339231: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:38.339242: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:38.339253: | length: 20 (0x14)
Mar 13 16:19:38.339265: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:38.339277: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:38.339288: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:38.339299: | length: 20 (0x14)
Mar 13 16:19:38.339311: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:38.339323: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:38.339334: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:38.339345: | length: 20 (0x14)
Mar 13 16:19:38.339357: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:38.339369: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:38.339380: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:38.339391: | length: 20 (0x14)
Mar 13 16:19:38.339403: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:38.339415: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:38.339426: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:38.339437: | length: 20 (0x14)
Mar 13 16:19:38.339454: | quirks.qnat_traversal_vid set to=117 [RFC
3947]
Mar 13 16:19:38.339468: | received Vendor ID payload [RFC 3947]
Mar 13 16:19:38.339482: | Ignoring older NAT-T Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
Mar 13 16:19:38.339495: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
Mar 13 16:19:38.339508: | Ignoring older NAT-T Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
Mar 13 16:19:38.339521: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
Mar 13 16:19:38.339547: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
Mar 13 16:19:38.339561: | received Vendor ID payload [Cisco-Unity]
Mar 13 16:19:38.339575: | received Vendor ID payload [Dead Peer
Detection]
Mar 13 16:19:38.339597: packet from 192.168.12.87:1500: ignoring
unknown Vendor ID payload [4c53427b6d465d1b337bb755a37a7fef]
Mar 13 16:19:38.339616: packet from 192.168.12.87:1500: ignoring
unknown Vendor ID payload [b4f01ca951e9da8d0bafbbd34ad3044e]
Mar 13 16:19:38.339630: | ****parse IPsec DOI SIT:
Mar 13 16:19:38.339644: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Mar 13 16:19:38.339657: | ****parse ISAKMP Proposal Payload:
Mar 13 16:19:38.339668: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:38.339680: | length: 144 (0x90)
Mar 13 16:19:38.339692: | proposal number: 1 (0x1)
Mar 13 16:19:38.339704: | protocol ID: PROTO_ISAKMP (0x1)
Mar 13 16:19:38.339715: | SPI size: 0 (0x0)
Mar 13 16:19:38.339727: | number of transforms: 4 (0x4)
Mar 13 16:19:38.339739: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:38.339751: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:38.339763: | length: 36 (0x24)
Mar 13 16:19:38.339774: | ISAKMP transform number: 1 (0x1)
Mar 13 16:19:38.339786: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:38.339798: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.339811: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:38.339823: | length/value: 1 (0x1)
Mar 13 16:19:38.339835: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.339847: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:38.339859: | length/value: 28800 (0x7080)
Mar 13 16:19:38.339870: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.339882: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:38.339894: | length/value: 7 (0x7)
Mar 13 16:19:38.339905: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.339917: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Mar 13 16:19:38.339929: | length/value: 128 (0x80)
Mar 13 16:19:38.339940: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.339952: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:38.339963: | length/value: 1 (0x1)
Mar 13 16:19:38.339975: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.339987: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:38.339998: | length/value: 2 (0x2)
Mar 13 16:19:38.340010: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340021: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:38.340033: | length/value: 5 (0x5)
Mar 13 16:19:38.340045: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:38.340056: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:38.340068: | length: 36 (0x24)
Mar 13 16:19:38.340079: | ISAKMP transform number: 2 (0x2)
Mar 13 16:19:38.340091: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:38.340102: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340114: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:38.340126: | length/value: 1 (0x1)
Mar 13 16:19:38.340137: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340149: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:38.340161: | length/value: 28800 (0x7080)
Mar 13 16:19:38.340172: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340184: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:38.340195: | length/value: 7 (0x7)
Mar 13 16:19:38.340206: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340218: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Mar 13 16:19:38.340230: | length/value: 128 (0x80)
Mar 13 16:19:38.340241: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340253: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:38.340264: | length/value: 1 (0x1)
Mar 13 16:19:38.340276: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340288: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:38.340299: | length/value: 1 (0x1)
Mar 13 16:19:38.340321: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340334: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:38.340346: | length/value: 5 (0x5)
Mar 13 16:19:38.340357: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:38.340369: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:38.340381: | length: 32 (0x20)
Mar 13 16:19:38.340392: | ISAKMP transform number: 3 (0x3)
Mar 13 16:19:38.340404: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:38.340415: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340427: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:38.340438: | length/value: 1 (0x1)
Mar 13 16:19:38.340450: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340462: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:38.340473: | length/value: 28800 (0x7080)
Mar 13 16:19:38.340485: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340497: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:38.340508: | length/value: 5 (0x5)
Mar 13 16:19:38.340519: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340531: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:38.340542: | length/value: 1 (0x1)
Mar 13 16:19:38.340554: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340566: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:38.340577: | length/value: 2 (0x2)
Mar 13 16:19:38.340588: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340600: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:38.340611: | length/value: 5 (0x5)
Mar 13 16:19:38.340623: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:38.340635: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:38.340646: | length: 32 (0x20)
Mar 13 16:19:38.340658: | ISAKMP transform number: 4 (0x4)
Mar 13 16:19:38.340669: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:38.340681: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340692: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:38.340704: | length/value: 1 (0x1)
Mar 13 16:19:38.340715: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340727: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:38.340738: | length/value: 28800 (0x7080)
Mar 13 16:19:38.340750: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340761: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:38.340773: | length/value: 5 (0x5)
Mar 13 16:19:38.340784: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340796: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:38.340807: | length/value: 1 (0x1)
Mar 13 16:19:38.340818: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340830: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:38.340841: | length/value: 1 (0x1)
Mar 13 16:19:38.340853: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:38.340864: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:38.340876: | length/value: 5 (0x5)
Mar 13 16:19:38.340897: | find_host_connection
me=<server.address.redacted>:500 him=192.168.12.87:1500
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:38.340915: | find_host_pair: comparing
<server.address.redacted>:500 to 0.0.0.0:500
Mar 13 16:19:38.340929: | find_next_host_connection
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:38.340941: | find_next_host_connection returns empty
Mar 13 16:19:38.340957: | find_host_connection
me=<server.address.redacted>:500 him=%any:1500
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:38.340973: | find_host_pair: comparing
<server.address.redacted>:500 to 0.0.0.0:500
Mar 13 16:19:38.340986: | find_next_host_connection
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:38.341001: | found policy =
PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+AGGRESSIVE+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
(xauth-psk)
Mar 13 16:19:38.341013: | find_next_host_connection returns empty
Mar 13 16:19:38.341031: packet from 192.168.12.87:1500: initial
Aggressive Mode message from 192.168.12.87 but no (wildcard)
connection has been configured with policy PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:38.341055: | complete v1 state transition with STF_IGNORE
Mar 13 16:19:38.341073: | processing: stop from 192.168.12.87:1500
(in process_md() at demux.c:443)
Mar 13 16:19:38.341089: | processing: STOP state #0 (in process_md()
at demux.c:445)
Mar 13 16:19:38.341103: | processing: STOP connection NULL (in
process_md() at demux.c:446)
Mar 13 16:19:41.361058: | *received 572 bytes from
192.168.12.87:1500 on vipnet (port=500)
Mar 13 16:19:41.361141: | 57 48 80 5f c5 27 ac fc 00 00 00 00
00 00 00 00
Mar 13 16:19:41.361168: | 01 10 04 00 00 00 00 00 00 00 02 3c
04 00 00 9c
Mar 13 16:19:41.361189: | 00 00 00 01 00 00 00 01 00 00 00 90
01 01 00 04
Mar 13 16:19:41.361207: | 03 00 00 24 01 01 00 00 80 0b 00 01
80 0c 70 80
Mar 13 16:19:41.361228: | 80 01 00 07 80 0e 00 80 80 03 00 01
80 02 00 02
Mar 13 16:19:41.361246: | 80 04 00 05 03 00 00 24 02 01 00 00
80 0b 00 01
Mar 13 16:19:41.361267: | 80 0c 70 80 80 01 00 07 80 0e 00 80
80 03 00 01
Mar 13 16:19:41.361280: | 80 02 00 01 80 04 00 05 03 00 00 20
03 01 00 00
Mar 13 16:19:41.361291: | 80 0b 00 01 80 0c 70 80 80 01 00 05
80 03 00 01
Mar 13 16:19:41.361302: | 80 02 00 02 80 04 00 05 00 00 00 20
04 01 00 00
Mar 13 16:19:41.361314: | 80 0b 00 01 80 0c 70 80 80 01 00 05
80 03 00 01
Mar 13 16:19:41.361325: | 80 02 00 01 80 04 00 05 0a 00 00 c4
18 2d 4a ed
Mar 13 16:19:41.361336: | 66 95 82 88 2f 04 59 3a fa ac e7 6f
56 9a 0c 9b
Mar 13 16:19:41.361347: | 97 d4 17 97 67 6c 3f c7 73 f3 40 79
99 fb 94 95
Mar 13 16:19:41.361359: | 34 30 40 b4 89 7a 7d bd 01 84 a0 4c
ef 11 80 79
Mar 13 16:19:41.361370: | 70 f5 78 62 b8 41 b3 a4 dc 96 57 2e
8b 26 53 cb
Mar 13 16:19:41.361381: | c7 b6 60 d7 a4 de 7d 48 31 3c 78 96
33 19 37 c6
Mar 13 16:19:41.361392: | e3 0b 82 4e 5b 7b ef 62 03 7c 3b 90
f1 37 50 8a
Mar 13 16:19:41.361403: | 36 3f 79 e4 1f d2 21 bf 84 ee 8c 87
41 9e cf 62
Mar 13 16:19:41.361414: | 47 0d 0f ea f4 ab 5e 02 46 0b 06 b4
a8 57 df 00
Mar 13 16:19:41.361426: | e9 8a 13 ea 28 66 5f b3 94 31 84 5b
1b 2e 68 8c
Mar 13 16:19:41.361437: | 5c f6 3c 1d 45 73 d5 98 a1 e7 9d 8f
ed f3 a2 7c
Mar 13 16:19:41.361448: | 74 f8 50 d0 da a1 cb fb 5d d5 9e a1
68 b1 9b 8f
Mar 13 16:19:41.361459: | 32 ee 4d 06 f0 ed 57 a6 41 69 10 fa
05 00 00 14
Mar 13 16:19:41.361470: | d6 4d 10 18 17 77 3c c0 42 08 04 8d
93 f4 dd d7
Mar 13 16:19:41.361481: | 0d 00 00 0c 01 11 05 dc c0 a8 0c 57
0d 00 00 14
Mar 13 16:19:41.361492: | 4a 13 1c 81 07 03 58 45 5c 57 28 f2
0e 95 45 2f
Mar 13 16:19:41.361504: | 0d 00 00 14 cd 60 46 43 35 df 21 f8
7c fd b2 fc
Mar 13 16:19:41.361515: | 68 b6 a4 48 0d 00 00 14 90 cb 80 91
3e bb 69 6e
Mar 13 16:19:41.361526: | 08 63 81 b5 ec 42 7b 1f 0d 00 00 14
44 85 15 2d
Mar 13 16:19:41.361537: | 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
0d 00 00 14
Mar 13 16:19:41.361548: | 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2
74 cc 01 00
Mar 13 16:19:41.361559: | 0d 00 00 14 af ca d7 13 68 a1 f1 c9
6b 86 96 fc
Mar 13 16:19:41.361571: | 77 57 01 00 0d 00 00 14 4c 53 42 7b
6d 46 5d 1b
Mar 13 16:19:41.361582: | 33 7b b7 55 a3 7a 7f ef 00 00 00 14
b4 f0 1c a9
Mar 13 16:19:41.361593: | 51 e9 da 8d 0b af bb d3 4a d3 04 4e
Mar 13 16:19:41.361614: | processing: start from 192.168.12.87:1500
(in process_md() at demux.c:441)
Mar 13 16:19:41.361630: | **parse ISAKMP Message:
Mar 13 16:19:41.361673: | initiator cookie:
Mar 13 16:19:41.361686: | 57 48 80 5f c5 27 ac fc
Mar 13 16:19:41.361697: | responder cookie:
Mar 13 16:19:41.361708: | 00 00 00 00 00 00 00 00
Mar 13 16:19:41.361722: | next payload type: ISAKMP_NEXT_SA (0x1)
Mar 13 16:19:41.361736: | ISAKMP version: ISAKMP Version 1.0
(rfc2407) (0x10)
Mar 13 16:19:41.361748: | exchange type: ISAKMP_XCHG_AGGR (0x4)
Mar 13 16:19:41.361761: | flags: none (0x0)
Mar 13 16:19:41.361772: | Message ID: 0 (0x0)
Mar 13 16:19:41.361785: | length: 572 (0x23c)
Mar 13 16:19:41.361825: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_AGGR (4)
Mar 13 16:19:41.361842: | State DB: IKEv1 state object not found
(find_state_ikev1_init)
Mar 13 16:19:41.361855: | #null state always idle
Mar 13 16:19:41.361870: | got payload 0x2 (ISAKMP_NEXT_SA) needed:
0x432 opt: 0x102000
Mar 13 16:19:41.361883: | ***parse ISAKMP Security Association Payload:
Mar 13 16:19:41.361896: | next payload type: ISAKMP_NEXT_KE (0x4)
Mar 13 16:19:41.361908: | length: 156 (0x9c)
Mar 13 16:19:41.361920: | DOI: ISAKMP_DOI_IPSEC (0x1)
Mar 13 16:19:41.361933: | got payload 0x10 (ISAKMP_NEXT_KE) needed:
0x430 opt: 0x102000
Mar 13 16:19:41.361945: | ***parse ISAKMP Key Exchange Payload:
Mar 13 16:19:41.361956: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Mar 13 16:19:41.361968: | length: 196 (0xc4)
Mar 13 16:19:41.361980: | got payload 0x400 (ISAKMP_NEXT_NONCE)
needed: 0x420 opt: 0x102000
Mar 13 16:19:41.361992: | ***parse ISAKMP Nonce Payload:
Mar 13 16:19:41.362004: | next payload type: ISAKMP_NEXT_ID (0x5)
Mar 13 16:19:41.362015: | length: 20 (0x14)
Mar 13 16:19:41.362028: | got payload 0x20 (ISAKMP_NEXT_ID) needed:
0x20 opt: 0x102000
Mar 13 16:19:41.362040: | ***parse ISAKMP Identification Payload:
Mar 13 16:19:41.362052: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:41.362063: | length: 12 (0xc)
Mar 13 16:19:41.362075: | ID type: ID_IPV4_ADDR (0x1)
Mar 13 16:19:41.362087: | DOI specific A: 17 (0x11)
Mar 13 16:19:41.362099: | DOI specific B: 1500 (0x5dc)
Mar 13 16:19:41.362110: | obj: c0 a8 0c 57
Mar 13 16:19:41.362123: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:41.362135: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:41.362146: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:41.362158: | length: 20 (0x14)
Mar 13 16:19:41.362170: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:41.362182: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:41.362193: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:41.362204: | length: 20 (0x14)
Mar 13 16:19:41.362216: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:41.362228: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:41.362239: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:41.362250: | length: 20 (0x14)
Mar 13 16:19:41.362262: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:41.362274: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:41.362285: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:41.362296: | length: 20 (0x14)
Mar 13 16:19:41.362309: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:41.362320: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:41.362331: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:41.362343: | length: 20 (0x14)
Mar 13 16:19:41.362355: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:41.362366: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:41.362378: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:41.362389: | length: 20 (0x14)
Mar 13 16:19:41.362401: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:41.362412: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:41.362424: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:41.362435: | length: 20 (0x14)
Mar 13 16:19:41.362447: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:41.362458: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:41.362470: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:41.362481: | length: 20 (0x14)
Mar 13 16:19:41.362498: | quirks.qnat_traversal_vid set to=117 [RFC
3947]
Mar 13 16:19:41.362512: | received Vendor ID payload [RFC 3947]
Mar 13 16:19:41.362526: | Ignoring older NAT-T Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
Mar 13 16:19:41.362539: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
Mar 13 16:19:41.362553: | Ignoring older NAT-T Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
Mar 13 16:19:41.362579: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
Mar 13 16:19:41.362593: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
Mar 13 16:19:41.362607: | received Vendor ID payload [Cisco-Unity]
Mar 13 16:19:41.362621: | received Vendor ID payload [Dead Peer
Detection]
Mar 13 16:19:41.362643: packet from 192.168.12.87:1500: ignoring
unknown Vendor ID payload [4c53427b6d465d1b337bb755a37a7fef]
Mar 13 16:19:41.362663: packet from 192.168.12.87:1500: ignoring
unknown Vendor ID payload [b4f01ca951e9da8d0bafbbd34ad3044e]
Mar 13 16:19:41.362677: | ****parse IPsec DOI SIT:
Mar 13 16:19:41.362690: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Mar 13 16:19:41.362703: | ****parse ISAKMP Proposal Payload:
Mar 13 16:19:41.362715: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:41.362727: | length: 144 (0x90)
Mar 13 16:19:41.362739: | proposal number: 1 (0x1)
Mar 13 16:19:41.362751: | protocol ID: PROTO_ISAKMP (0x1)
Mar 13 16:19:41.362762: | SPI size: 0 (0x0)
Mar 13 16:19:41.362774: | number of transforms: 4 (0x4)
Mar 13 16:19:41.362786: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:41.362798: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:41.362810: | length: 36 (0x24)
Mar 13 16:19:41.362821: | ISAKMP transform number: 1 (0x1)
Mar 13 16:19:41.362833: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:41.362846: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.362858: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:41.362870: | length/value: 1 (0x1)
Mar 13 16:19:41.362882: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.362894: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:41.362906: | length/value: 28800 (0x7080)
Mar 13 16:19:41.362917: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.362929: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:41.362941: | length/value: 7 (0x7)
Mar 13 16:19:41.362952: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.362965: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Mar 13 16:19:41.362976: | length/value: 128 (0x80)
Mar 13 16:19:41.362987: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.362999: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:41.363010: | length/value: 1 (0x1)
Mar 13 16:19:41.363022: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363034: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:41.363045: | length/value: 2 (0x2)
Mar 13 16:19:41.363056: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363068: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:41.363079: | length/value: 5 (0x5)
Mar 13 16:19:41.363091: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:41.363103: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:41.363115: | length: 36 (0x24)
Mar 13 16:19:41.363126: | ISAKMP transform number: 2 (0x2)
Mar 13 16:19:41.363138: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:41.363149: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363161: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:41.363173: | length/value: 1 (0x1)
Mar 13 16:19:41.363184: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363196: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:41.363208: | length/value: 28800 (0x7080)
Mar 13 16:19:41.363219: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363231: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:41.363242: | length/value: 7 (0x7)
Mar 13 16:19:41.363254: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363266: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Mar 13 16:19:41.363277: | length/value: 128 (0x80)
Mar 13 16:19:41.363288: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363300: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:41.363312: | length/value: 1 (0x1)
Mar 13 16:19:41.363335: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363348: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:41.363359: | length/value: 1 (0x1)
Mar 13 16:19:41.363371: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363382: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:41.363394: | length/value: 5 (0x5)
Mar 13 16:19:41.363405: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:41.363417: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:41.363428: | length: 32 (0x20)
Mar 13 16:19:41.363440: | ISAKMP transform number: 3 (0x3)
Mar 13 16:19:41.363451: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:41.363463: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363475: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:41.363486: | length/value: 1 (0x1)
Mar 13 16:19:41.363497: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363509: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:41.363521: | length/value: 28800 (0x7080)
Mar 13 16:19:41.363532: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363544: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:41.363555: | length/value: 5 (0x5)
Mar 13 16:19:41.363567: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363579: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:41.363590: | length/value: 1 (0x1)
Mar 13 16:19:41.363601: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363613: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:41.363624: | length/value: 2 (0x2)
Mar 13 16:19:41.363636: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363648: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:41.363659: | length/value: 5 (0x5)
Mar 13 16:19:41.363671: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:41.363682: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:41.363694: | length: 32 (0x20)
Mar 13 16:19:41.363705: | ISAKMP transform number: 4 (0x4)
Mar 13 16:19:41.363717: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:41.363728: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363740: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:41.363751: | length/value: 1 (0x1)
Mar 13 16:19:41.363763: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363775: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:41.363786: | length/value: 28800 (0x7080)
Mar 13 16:19:41.363798: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363809: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:41.363821: | length/value: 5 (0x5)
Mar 13 16:19:41.363832: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363844: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:41.363855: | length/value: 1 (0x1)
Mar 13 16:19:41.363867: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363879: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:41.363890: | length/value: 1 (0x1)
Mar 13 16:19:41.363901: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:41.363913: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:41.363924: | length/value: 5 (0x5)
Mar 13 16:19:41.363945: | find_host_connection
me=<server.address.redacted>:500 him=192.168.12.87:1500
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:41.363963: | find_host_pair: comparing
<server.address.redacted>:500 to 0.0.0.0:500
Mar 13 16:19:41.363977: | find_next_host_connection
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:41.363989: | find_next_host_connection returns empty
Mar 13 16:19:41.364005: | find_host_connection
me=<server.address.redacted>:500 him=%any:1500
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:41.364021: | find_host_pair: comparing
<server.address.redacted>:500 to 0.0.0.0:500
Mar 13 16:19:41.364034: | find_next_host_connection
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:41.364050: | found policy =
PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+AGGRESSIVE+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
(xauth-psk)
Mar 13 16:19:41.364073: | find_next_host_connection returns empty
Mar 13 16:19:41.364091: packet from 192.168.12.87:1500: initial
Aggressive Mode message from 192.168.12.87 but no (wildcard)
connection has been configured with policy PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:41.364105: | complete v1 state transition with STF_IGNORE
Mar 13 16:19:41.364122: | processing: stop from 192.168.12.87:1500
(in process_md() at demux.c:443)
Mar 13 16:19:41.364137: | processing: STOP state #0 (in process_md()
at demux.c:445)
Mar 13 16:19:41.364151: | processing: STOP connection NULL (in
process_md() at demux.c:446)
Mar 13 16:19:44.315325: | global timer EVENT_SHUNT_SCAN event
Mar 13 16:19:44.315420: | expiring aged bare shunts from shunt table
Mar 13 16:19:44.367097: | *received 572 bytes from
192.168.12.87:1500 on vipnet (port=500)
Mar 13 16:19:44.367171: | 57 48 80 5f c5 27 ac fc 00 00 00 00
00 00 00 00
Mar 13 16:19:44.367196: | 01 10 04 00 00 00 00 00 00 00 02 3c
04 00 00 9c
Mar 13 16:19:44.367216: | 00 00 00 01 00 00 00 01 00 00 00 90
01 01 00 04
Mar 13 16:19:44.367229: | 03 00 00 24 01 01 00 00 80 0b 00 01
80 0c 70 80
Mar 13 16:19:44.367240: | 80 01 00 07 80 0e 00 80 80 03 00 01
80 02 00 02
Mar 13 16:19:44.367252: | 80 04 00 05 03 00 00 24 02 01 00 00
80 0b 00 01
Mar 13 16:19:44.367264: | 80 0c 70 80 80 01 00 07 80 0e 00 80
80 03 00 01
Mar 13 16:19:44.367275: | 80 02 00 01 80 04 00 05 03 00 00 20
03 01 00 00
Mar 13 16:19:44.367287: | 80 0b 00 01 80 0c 70 80 80 01 00 05
80 03 00 01
Mar 13 16:19:44.367298: | 80 02 00 02 80 04 00 05 00 00 00 20
04 01 00 00
Mar 13 16:19:44.367309: | 80 0b 00 01 80 0c 70 80 80 01 00 05
80 03 00 01
Mar 13 16:19:44.367321: | 80 02 00 01 80 04 00 05 0a 00 00 c4
18 2d 4a ed
Mar 13 16:19:44.367332: | 66 95 82 88 2f 04 59 3a fa ac e7 6f
56 9a 0c 9b
Mar 13 16:19:44.367344: | 97 d4 17 97 67 6c 3f c7 73 f3 40 79
99 fb 94 95
Mar 13 16:19:44.367355: | 34 30 40 b4 89 7a 7d bd 01 84 a0 4c
ef 11 80 79
Mar 13 16:19:44.367367: | 70 f5 78 62 b8 41 b3 a4 dc 96 57 2e
8b 26 53 cb
Mar 13 16:19:44.367378: | c7 b6 60 d7 a4 de 7d 48 31 3c 78 96
33 19 37 c6
Mar 13 16:19:44.367390: | e3 0b 82 4e 5b 7b ef 62 03 7c 3b 90
f1 37 50 8a
Mar 13 16:19:44.367401: | 36 3f 79 e4 1f d2 21 bf 84 ee 8c 87
41 9e cf 62
Mar 13 16:19:44.367413: | 47 0d 0f ea f4 ab 5e 02 46 0b 06 b4
a8 57 df 00
Mar 13 16:19:44.367424: | e9 8a 13 ea 28 66 5f b3 94 31 84 5b
1b 2e 68 8c
Mar 13 16:19:44.367435: | 5c f6 3c 1d 45 73 d5 98 a1 e7 9d 8f
ed f3 a2 7c
Mar 13 16:19:44.367447: | 74 f8 50 d0 da a1 cb fb 5d d5 9e a1
68 b1 9b 8f
Mar 13 16:19:44.367458: | 32 ee 4d 06 f0 ed 57 a6 41 69 10 fa
05 00 00 14
Mar 13 16:19:44.367470: | d6 4d 10 18 17 77 3c c0 42 08 04 8d
93 f4 dd d7
Mar 13 16:19:44.367481: | 0d 00 00 0c 01 11 05 dc c0 a8 0c 57
0d 00 00 14
Mar 13 16:19:44.367492: | 4a 13 1c 81 07 03 58 45 5c 57 28 f2
0e 95 45 2f
Mar 13 16:19:44.367504: | 0d 00 00 14 cd 60 46 43 35 df 21 f8
7c fd b2 fc
Mar 13 16:19:44.367515: | 68 b6 a4 48 0d 00 00 14 90 cb 80 91
3e bb 69 6e
Mar 13 16:19:44.367527: | 08 63 81 b5 ec 42 7b 1f 0d 00 00 14
44 85 15 2d
Mar 13 16:19:44.367538: | 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
0d 00 00 14
Mar 13 16:19:44.367550: | 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2
74 cc 01 00
Mar 13 16:19:44.367561: | 0d 00 00 14 af ca d7 13 68 a1 f1 c9
6b 86 96 fc
Mar 13 16:19:44.367572: | 77 57 01 00 0d 00 00 14 4c 53 42 7b
6d 46 5d 1b
Mar 13 16:19:44.367584: | 33 7b b7 55 a3 7a 7f ef 00 00 00 14
b4 f0 1c a9
Mar 13 16:19:44.367595: | 51 e9 da 8d 0b af bb d3 4a d3 04 4e
Mar 13 16:19:44.367615: | processing: start from 192.168.12.87:1500
(in process_md() at demux.c:441)
Mar 13 16:19:44.367631: | **parse ISAKMP Message:
Mar 13 16:19:44.367645: | initiator cookie:
Mar 13 16:19:44.367656: | 57 48 80 5f c5 27 ac fc
Mar 13 16:19:44.367668: | responder cookie:
Mar 13 16:19:44.367679: | 00 00 00 00 00 00 00 00
Mar 13 16:19:44.367693: | next payload type: ISAKMP_NEXT_SA (0x1)
Mar 13 16:19:44.367737: | ISAKMP version: ISAKMP Version 1.0
(rfc2407) (0x10)
Mar 13 16:19:44.367752: | exchange type: ISAKMP_XCHG_AGGR (0x4)
Mar 13 16:19:44.367765: | flags: none (0x0)
Mar 13 16:19:44.367777: | Message ID: 0 (0x0)
Mar 13 16:19:44.367789: | length: 572 (0x23c)
Mar 13 16:19:44.367803: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_AGGR (4)
Mar 13 16:19:44.367819: | State DB: IKEv1 state object not found
(find_state_ikev1_init)
Mar 13 16:19:44.367831: | #null state always idle
Mar 13 16:19:44.367846: | got payload 0x2 (ISAKMP_NEXT_SA) needed:
0x432 opt: 0x102000
Mar 13 16:19:44.367859: | ***parse ISAKMP Security Association Payload:
Mar 13 16:19:44.367872: | next payload type: ISAKMP_NEXT_KE (0x4)
Mar 13 16:19:44.367884: | length: 156 (0x9c)
Mar 13 16:19:44.367896: | DOI: ISAKMP_DOI_IPSEC (0x1)
Mar 13 16:19:44.367909: | got payload 0x10 (ISAKMP_NEXT_KE) needed:
0x430 opt: 0x102000
Mar 13 16:19:44.367922: | ***parse ISAKMP Key Exchange Payload:
Mar 13 16:19:44.367934: | next payload type: ISAKMP_NEXT_NONCE (0xa)
Mar 13 16:19:44.367945: | length: 196 (0xc4)
Mar 13 16:19:44.367958: | got payload 0x400 (ISAKMP_NEXT_NONCE)
needed: 0x420 opt: 0x102000
Mar 13 16:19:44.367970: | ***parse ISAKMP Nonce Payload:
Mar 13 16:19:44.367982: | next payload type: ISAKMP_NEXT_ID (0x5)
Mar 13 16:19:44.367993: | length: 20 (0x14)
Mar 13 16:19:44.368006: | got payload 0x20 (ISAKMP_NEXT_ID) needed:
0x20 opt: 0x102000
Mar 13 16:19:44.368018: | ***parse ISAKMP Identification Payload:
Mar 13 16:19:44.368030: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:44.368041: | length: 12 (0xc)
Mar 13 16:19:44.368053: | ID type: ID_IPV4_ADDR (0x1)
Mar 13 16:19:44.368065: | DOI specific A: 17 (0x11)
Mar 13 16:19:44.368077: | DOI specific B: 1500 (0x5dc)
Mar 13 16:19:44.368089: | obj: c0 a8 0c 57
Mar 13 16:19:44.368102: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:44.368114: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:44.368125: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:44.368137: | length: 20 (0x14)
Mar 13 16:19:44.368149: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:44.368160: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:44.368172: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:44.368183: | length: 20 (0x14)
Mar 13 16:19:44.368195: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:44.368207: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:44.368218: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:44.368229: | length: 20 (0x14)
Mar 13 16:19:44.368242: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:44.368253: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:44.368265: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:44.368276: | length: 20 (0x14)
Mar 13 16:19:44.368289: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:44.368300: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:44.368312: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:44.368323: | length: 20 (0x14)
Mar 13 16:19:44.368335: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:44.368347: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:44.368358: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:44.368369: | length: 20 (0x14)
Mar 13 16:19:44.368382: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:44.368393: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:44.368405: | next payload type: ISAKMP_NEXT_VID (0xd)
Mar 13 16:19:44.368416: | length: 20 (0x14)
Mar 13 16:19:44.368428: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0 opt: 0x102000
Mar 13 16:19:44.368440: | ***parse ISAKMP Vendor ID Payload:
Mar 13 16:19:44.368451: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:44.368463: | length: 20 (0x14)
Mar 13 16:19:44.368480: | quirks.qnat_traversal_vid set to=117 [RFC
3947]
Mar 13 16:19:44.368507: | received Vendor ID payload [RFC 3947]
Mar 13 16:19:44.368523: | Ignoring older NAT-T Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
Mar 13 16:19:44.368536: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
Mar 13 16:19:44.368550: | Ignoring older NAT-T Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
Mar 13 16:19:44.368562: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
Mar 13 16:19:44.368576: | ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
Mar 13 16:19:44.368590: | received Vendor ID payload [Cisco-Unity]
Mar 13 16:19:44.368604: | received Vendor ID payload [Dead Peer
Detection]
Mar 13 16:19:44.368626: packet from 192.168.12.87:1500: ignoring
unknown Vendor ID payload [4c53427b6d465d1b337bb755a37a7fef]
Mar 13 16:19:44.368646: packet from 192.168.12.87:1500: ignoring
unknown Vendor ID payload [b4f01ca951e9da8d0bafbbd34ad3044e]
Mar 13 16:19:44.368660: | ****parse IPsec DOI SIT:
Mar 13 16:19:44.368674: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Mar 13 16:19:44.368687: | ****parse ISAKMP Proposal Payload:
Mar 13 16:19:44.368699: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:44.368711: | length: 144 (0x90)
Mar 13 16:19:44.368723: | proposal number: 1 (0x1)
Mar 13 16:19:44.368736: | protocol ID: PROTO_ISAKMP (0x1)
Mar 13 16:19:44.368747: | SPI size: 0 (0x0)
Mar 13 16:19:44.368759: | number of transforms: 4 (0x4)
Mar 13 16:19:44.368772: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:44.368784: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:44.368795: | length: 36 (0x24)
Mar 13 16:19:44.368807: | ISAKMP transform number: 1 (0x1)
Mar 13 16:19:44.368819: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:44.368832: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.368845: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:44.368857: | length/value: 1 (0x1)
Mar 13 16:19:44.368869: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.368881: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:44.368893: | length/value: 28800 (0x7080)
Mar 13 16:19:44.368905: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.368918: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:44.368929: | length/value: 7 (0x7)
Mar 13 16:19:44.368941: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.368953: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Mar 13 16:19:44.368964: | length/value: 128 (0x80)
Mar 13 16:19:44.368976: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.368988: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:44.368999: | length/value: 1 (0x1)
Mar 13 16:19:44.369011: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369023: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:44.369035: | length/value: 2 (0x2)
Mar 13 16:19:44.369046: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369058: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:44.369069: | length/value: 5 (0x5)
Mar 13 16:19:44.369081: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:44.369093: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:44.369105: | length: 36 (0x24)
Mar 13 16:19:44.369117: | ISAKMP transform number: 2 (0x2)
Mar 13 16:19:44.369129: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:44.369140: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369152: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:44.369164: | length/value: 1 (0x1)
Mar 13 16:19:44.369175: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369187: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:44.369199: | length/value: 28800 (0x7080)
Mar 13 16:19:44.369211: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369223: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:44.369234: | length/value: 7 (0x7)
Mar 13 16:19:44.369246: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369258: | af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Mar 13 16:19:44.369283: | length/value: 128 (0x80)
Mar 13 16:19:44.369296: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369308: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:44.369320: | length/value: 1 (0x1)
Mar 13 16:19:44.369331: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369343: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:44.369355: | length/value: 1 (0x1)
Mar 13 16:19:44.369366: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369378: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:44.369390: | length/value: 5 (0x5)
Mar 13 16:19:44.369402: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:44.369413: | next payload type: ISAKMP_NEXT_T (0x3)
Mar 13 16:19:44.369425: | length: 32 (0x20)
Mar 13 16:19:44.369437: | ISAKMP transform number: 3 (0x3)
Mar 13 16:19:44.369449: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:44.369460: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369472: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:44.369484: | length/value: 1 (0x1)
Mar 13 16:19:44.369495: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369508: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:44.369519: | length/value: 28800 (0x7080)
Mar 13 16:19:44.369531: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369543: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:44.369554: | length/value: 5 (0x5)
Mar 13 16:19:44.369566: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369578: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:44.369589: | length/value: 1 (0x1)
Mar 13 16:19:44.369601: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369613: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:44.369624: | length/value: 2 (0x2)
Mar 13 16:19:44.369666: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369680: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:44.369694: | length/value: 5 (0x5)
Mar 13 16:19:44.369706: | *****parse ISAKMP Transform Payload (ISAKMP):
Mar 13 16:19:44.369718: | next payload type: ISAKMP_NEXT_NONE (0x0)
Mar 13 16:19:44.369729: | length: 32 (0x20)
Mar 13 16:19:44.369741: | ISAKMP transform number: 4 (0x4)
Mar 13 16:19:44.369753: | ISAKMP transform ID: KEY_IKE (0x1)
Mar 13 16:19:44.369764: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369776: | af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Mar 13 16:19:44.369788: | length/value: 1 (0x1)
Mar 13 16:19:44.369799: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369811: | af+type: AF+OAKLEY_LIFE_DURATION
(variable length) (0x800c)
Mar 13 16:19:44.369823: | length/value: 28800 (0x7080)
Mar 13 16:19:44.369834: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369846: | af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM
(0x8001)
Mar 13 16:19:44.369858: | length/value: 5 (0x5)
Mar 13 16:19:44.369869: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369881: | af+type:
AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Mar 13 16:19:44.369892: | length/value: 1 (0x1)
Mar 13 16:19:44.369904: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369916: | af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Mar 13 16:19:44.369927: | length/value: 1 (0x1)
Mar 13 16:19:44.369939: | ******parse ISAKMP Oakley attribute:
Mar 13 16:19:44.369951: | af+type: AF+OAKLEY_GROUP_DESCRIPTION
(0x8004)
Mar 13 16:19:44.369962: | length/value: 5 (0x5)
Mar 13 16:19:44.369984: | find_host_connection
me=<server.address.redacted>:500 him=192.168.12.87:1500
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:44.370002: | find_host_pair: comparing
<server.address.redacted>:500 to 0.0.0.0:500
Mar 13 16:19:44.370016: | find_next_host_connection
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:44.370029: | find_next_host_connection returns empty
Mar 13 16:19:44.370045: | find_host_connection
me=<server.address.redacted>:500 him=%any:1500
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:44.370061: | find_host_pair: comparing
<server.address.redacted>:500 to 0.0.0.0:500
Mar 13 16:19:44.370087: | find_next_host_connection
policy=PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:44.370105: | found policy =
PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+AGGRESSIVE+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
(xauth-psk)
Mar 13 16:19:44.370117: | find_next_host_connection returns empty
Mar 13 16:19:44.370135: packet from 192.168.12.87:1500: initial
Aggressive Mode message from 192.168.12.87 but no (wildcard)
connection has been configured with policy PSK+AGGRESSIVE+IKEV1_ALLOW
Mar 13 16:19:44.370148: | complete v1 state transition with STF_IGNORE
Mar 13 16:19:44.370166: | processing: stop from 192.168.12.87:1500
(in process_md() at demux.c:443)
Mar 13 16:19:44.370182: | processing: STOP state #0 (in process_md()
at demux.c:445)
Mar 13 16:19:44.370196: | processing: STOP connection NULL (in
process_md() at demux.c:446)
Thanks.
Cheers,
Wolf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20220313/f45982a3/attachment-0001.htm>
More information about the Swan
mailing list