Hi, On 12/29/13, Matt Carlson <[email protected]> wrote: > Hello, > > I'm trying to get my iPhone with iOS 7.0.4 to connect to my OpenBSD > VPN server. If I understand the problem correctly, it's unable to > negotiate phase 2. I'd welcome any pointers.
I'm somewhat curious, about this. Can you verify if this is only an issue when AES cipher is used? --patrick > Below, I've provided the output of uname, rc.conf.local, ipsec.conf, > messages, isakmpd.pcap. I changed a couple IP addresses and FQDNs > (e.g. 10.a.b.c) and I removed some line from /var/log/messages and > replaced them with "<snip>", since this is already fairly long. > > I welcome any suggestions/recommendations. > > Thanks, > > Matt > > # uname -a > OpenBSD carbon.my.domain 5.4 GENERIC#37 i386 > # cat /etc/rc.conf.local > > > ipsec=YES > isakmpd_flags="-Kv" > ftpproxy_flags="" > ntpd_flags= > pppd_flags="" > route6d_flags="" > named_flags="" > # grep -v ^# /etc/ipsec.conf > > > ike passive esp transport \ > proto udp \ > from any to any port 1701 \ > main auth "hmac-sha1" enc "aes" group modp1024 \ > quick auth "hmac-sha1" enc "aes-256" \ > psk "1" > # cat /var/log/messages > <snip> > Dec 29 16:31:23 carbon named[6427]: starting BIND 9.4.2-P2 > Dec 29 16:31:24 carbon named[6427]: command channel listening on > 127.0.0.1#953 > Dec 29 16:31:24 carbon named[6427]: command channel listening on ::1#953 > Dec 29 16:31:24 carbon named[6427]: running > Dec 29 16:31:26 carbon isakmpd[595]: isakmpd: starting > Dec 29 16:31:29 carbon npppd[22659]: Starting npppd pid=22659 version=5.0.0 > Dec 29 16:31:30 carbon isakmpd[28467]: log_packet_init: starting IKE packet > capture to file "/var/run/isakmpd.pcap" > Dec 29 16:31:30 carbon npppd[22659]: Load configuration > from='/etc/npppd/npppd.conf' successfully. > <snip> > Dec 29 16:32:58 carbon isakmpd[28467]: isakmpd: phase 1 done (as > responder): initiator id 10.a.b.c, responder id 69.g.h.i, src: 69.g.h.i > dst: 166.d.e.f > Dec 29 16:32:59 carbon isakmpd[28467]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 10.a.b.c, responder id 69.g.h.i > Dec 29 16:32:59 carbon isakmpd[28467]: dropped message from 166.d.e.f port > 48970 due to notification type INVALID_ID_INFORMATION > Dec 29 16:33:02 carbon isakmpd[28467]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 10.a.b.c, responder id 69.g.h.i > Dec 29 16:33:02 carbon isakmpd[28467]: dropped message from 166.d.e.f port > 48970 due to notification type INVALID_ID_INFORMATION > Dec 29 16:33:06 carbon isakmpd[28467]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 10.a.b.c, responder id 69.g.h.i > Dec 29 16:33:06 carbon isakmpd[28467]: dropped message from 166.d.e.f port > 48970 due to notification type INVALID_ID_INFORMATION > Dec 29 16:33:09 carbon isakmpd[28467]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 10.a.b.c, responder id 69.g.h.i > Dec 29 16:33:09 carbon isakmpd[28467]: dropped message from 166.d.e.f port > 48970 due to notification type INVALID_ID_INFORMATION > Dec 29 16:33:12 carbon isakmpd[28467]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 10.a.b.c, responder id 69.g.h.i > Dec 29 16:33:12 carbon isakmpd[28467]: dropped message from 166.d.e.f port > 48970 due to notification type INVALID_ID_INFORMATION > Dec 29 16:33:16 carbon isakmpd[28467]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 10.a.b.c, responder id 69.g.h.i > Dec 29 16:33:16 carbon isakmpd[28467]: dropped message from 166.d.e.f port > 48970 due to notification type INVALID_ID_INFORMATION > Dec 29 16:33:19 carbon isakmpd[28467]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 10.a.b.c, responder id 69.g.h.i > Dec 29 16:33:19 carbon isakmpd[28467]: dropped message from 166.d.e.f port > 48970 due to notification type INVALID_ID_INFORMATION > Dec 29 16:33:22 carbon isakmpd[28467]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 10.a.b.c, responder id 69.g.h.i > Dec 29 16:33:22 carbon isakmpd[28467]: dropped message from 166.d.e.f port > 48970 due to notification type INVALID_ID_INFORMATION > Dec 29 16:33:25 carbon isakmpd[28467]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 10.a.b.c, responder id 69.g.h.i > Dec 29 16:33:25 carbon isakmpd[28467]: dropped message from 166.d.e.f port > 48970 due to notification type INVALID_ID_INFORMATION > Dec 29 16:33:29 carbon isakmpd[28467]: responder_recv_HASH_SA_NONCE: peer > proposed invalid phase 2 IDs: initiator id 10.a.b.c, responder id 69.g.h.i > Dec 29 16:33:29 carbon isakmpd[28467]: dropped message from 166.d.e.f port > 48970 due to notification type INVALID_ID_INFORMATION > Dec 29 16:33:29 carbon isakmpd[28467]: isakmpd: Peer 166.d.e.f made us > delete live SA peer-default for proto 1, initiator id: 10.a.b.c, responder > id: 69.g.h.i > # tcpdump -vvr /var/run/isakmpd.pcap > tcpdump: WARNING: snaplen raised from 116 to 65536 > 16:32:57.256488 mobile-166-d-e-f.mycingular.net.6885 > > c-69.g.h.i.hsd1.va.comcast.net.isakmp: [udp sum ok] isakmp v1.0 exchange > ID_PROT > cookie: 84d030732a69f98e->0000000000000000 msgid: 00000000 len: 500 > payload: SA len: 228 DOI: 1(IPSEC) situation: IDENTITY_ONLY > payload: PROPOSAL len: 216 proposal: 1 proto: ISAKMP spisz: 0 > xforms: 6 > payload: TRANSFORM len: 36 > transform: 1 ID: ISAKMP > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCRYPTION_ALGORITHM = AES_CBC > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_METHOD = PRE_SHARED > attribute HASH_ALGORITHM = SHA > attribute GROUP_DESCRIPTION = MODP_1024 > payload: TRANSFORM len: 36 > transform: 2 ID: ISAKMP > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCRYPTION_ALGORITHM = AES_CBC > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_METHOD = PRE_SHARED > attribute HASH_ALGORITHM = MD5 > attribute GROUP_DESCRIPTION = MODP_1024 > payload: TRANSFORM len: 36 > transform: 3 ID: ISAKMP > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCRYPTION_ALGORITHM = AES_CBC > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_METHOD = PRE_SHARED > attribute HASH_ALGORITHM = SHA > attribute GROUP_DESCRIPTION = MODP_1024 > payload: TRANSFORM len: 36 > transform: 4 ID: ISAKMP > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCRYPTION_ALGORITHM = AES_CBC > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_METHOD = PRE_SHARED > attribute HASH_ALGORITHM = MD5 > attribute GROUP_DESCRIPTION = MODP_1024 > payload: TRANSFORM len: 32 > transform: 5 ID: ISAKMP > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCRYPTION_ALGORITHM = 3DES_CBC > attribute AUTHENTICATION_METHOD = PRE_SHARED > attribute HASH_ALGORITHM = SHA > attribute GROUP_DESCRIPTION = MODP_1024 > payload: TRANSFORM len: 32 > transform: 6 ID: ISAKMP > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCRYPTION_ALGORITHM = 3DES_CBC > attribute AUTHENTICATION_METHOD = PRE_SHARED > attribute HASH_ALGORITHM = MD5 > attribute GROUP_DESCRIPTION = MODP_1024 > payload: VENDOR len: 20 (supports NAT-T, RFC 3947) > payload: VENDOR len: 20 > payload: VENDOR len: 20 (supports v8 NAT-T, > draft-ietf-ipsec-nat-t-ike-08) > payload: VENDOR len: 20 (supports v7 NAT-T, > draft-ietf-ipsec-nat-t-ike-07) > payload: VENDOR len: 20 (supports v6 NAT-T, > draft-ietf-ipsec-nat-t-ike-06) > payload: VENDOR len: 20 (supports v5 NAT-T, > draft-ietf-ipsec-nat-t-ike-05) > payload: VENDOR len: 20 (supports v4 NAT-T, > draft-ietf-ipsec-nat-t-ike-04) > payload: VENDOR len: 20 (supports v3 NAT-T, > draft-ietf-ipsec-nat-t-ike-03) > payload: VENDOR len: 20 (supports v2 NAT-T, > draft-ietf-ipsec-nat-t-ike-02\n) > payload: VENDOR len: 20 (supports v2 NAT-T, > draft-ietf-ipsec-nat-t-ike-02) > payload: VENDOR len: 24 > payload: VENDOR len: 20 (supports DPD v1.0) [ttl 0] (id 1, len 528) > 16:32:57.296055 c-69.g.h.i.hsd1.va.comcast.net.isakmp > > mobile-166-d-e-f.mycingular.net.6885: [udp sum ok] isakmp v1.0 exchange > ID_PROT > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 00000000 len: 184 > payload: SA len: 56 DOI: 1(IPSEC) situation: IDENTITY_ONLY > payload: PROPOSAL len: 44 proposal: 1 proto: ISAKMP spisz: 0 > xforms: 1 > payload: TRANSFORM len: 36 > transform: 1 ID: ISAKMP > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCRYPTION_ALGORITHM = AES_CBC > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_METHOD = PRE_SHARED > attribute HASH_ALGORITHM = SHA > attribute GROUP_DESCRIPTION = MODP_1024 > payload: VENDOR len: 20 > payload: VENDOR len: 20 (supports v2 NAT-T, > draft-ietf-ipsec-nat-t-ike-02) > payload: VENDOR len: 20 (supports v3 NAT-T, > draft-ietf-ipsec-nat-t-ike-03) > payload: VENDOR len: 20 (supports NAT-T, RFC 3947) > payload: VENDOR len: 20 (supports DPD v1.0) [ttl 0] (id 1, len 212) > 16:32:57.678761 mobile-166-d-e-f.mycingular.net.6885 > > c-69.g.h.i.hsd1.va.comcast.net.isakmp: [udp sum ok] isakmp v1.0 exchange > ID_PROT > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 00000000 len: 228 > payload: KEY_EXCH len: 132 > payload: NONCE len: 20 > payload: NAT-D len: 24 > payload: NAT-D len: 24 [ttl 0] (id 1, len 256) > 16:32:57.966716 c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t > > mobile-166-d-e-f.mycingular.net.ipsec-nat-t: [bad udp cksum 106!] udpencap: > isakmp v1.0 exchange ID_PROT > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 00000000 len: 228 > payload: KEY_EXCH len: 132 > payload: NONCE len: 20 > payload: NAT-D len: 24 > payload: NAT-D len: 24 [ttl 0] (id 1, len 260) > 16:32:58.266134 mobile-166-d-e-f.mycingular.net.ipsec-nat-t > > c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t: [bad udp cksum 2c49!] udpencap: > isakmp v1.0 exchange ID_PROT > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 00000000 len: 108 > payload: ID len: 12 proto: 17 port: 500 type: IPV4_ADDR = 10.a.b.c > payload: HASH len: 24 > payload: NOTIFICATION len: 28 > notification: INITIAL CONTACT > (84d030732a69f98e->98940ba9c6c26124) [ttl 0] (id 1, len 140) > 16:32:58.267729 c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t > > mobile-166-d-e-f.mycingular.net.ipsec-nat-t: [udp sum ok] udpencap: isakmp > v1.0 exchange ID_PROT > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 00000000 len: 92 > payload: ID len: 12 type: IPV4_ADDR = 69.g.h.i > payload: HASH len: 24 > payload: NOTIFICATION len: 28 > notification: INITIAL CONTACT > (84d030732a69f98e->98940ba9c6c26124) [ttl 0] (id 1, len 124) > 16:32:59.439147 mobile-166-d-e-f.mycingular.net.48970 > > c-69.g.h.i.hsd1.va.comcast.net.isakmp: [udp sum ok] isakmp v1.0 exchange > QUICK_MODE > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 190351df len: 316 > payload: HASH len: 24 > payload: SA len: 184 DOI: 1(IPSEC) situation: IDENTITY_ONLY > payload: PROPOSAL len: 172 proposal: 1 proto: IPSEC_ESP spisz: > 4 xforms: 6 SPI: 0x0b74cd40 > payload: TRANSFORM len: 28 > transform: 1 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 2 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 28 > transform: 3 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 4 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 24 > transform: 5 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 24 > transform: 6 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: NONCE len: 20 > payload: ID len: 12 proto: 17 port: 50704 type: IPV4_ADDR = > 10.a.b.c > payload: ID len: 12 proto: 17 port: 1701 type: IPV4_ADDR = 69.g.h.i > payload: NAT-OA len: 12 type: IPV4_ADDR = 10.a.b.c > payload: NAT-OA len: 12 type: IPV4_ADDR = 69.g.h.i [ttl 0] (id 1, > len 344) > 16:32:59.444066 c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t > > mobile-166-d-e-f.mycingular.net.48970: [bad udp cksum ac00!] udpencap: > isakmp v1.0 exchange INFO > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 9f61bae0 len: 64 > payload: HASH len: 24 > payload: NOTIFICATION len: 12 > notification: INVALID ID INFORMATION [ttl 0] (id 1, len 96) > 16:33:02.976844 mobile-166-d-e-f.mycingular.net.ipsec-nat-t > > c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t: [bad udp cksum 140d!] udpencap: > isakmp v1.0 exchange QUICK_MODE > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 190351df len: 316 > payload: HASH len: 24 > payload: SA len: 184 DOI: 1(IPSEC) situation: IDENTITY_ONLY > payload: PROPOSAL len: 172 proposal: 1 proto: IPSEC_ESP spisz: > 4 xforms: 6 SPI: 0x0b74cd40 > payload: TRANSFORM len: 28 > transform: 1 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 2 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 28 > transform: 3 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 4 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 24 > transform: 5 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 24 > transform: 6 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: NONCE len: 20 > payload: ID len: 12 proto: 17 port: 50704 type: IPV4_ADDR = > 10.a.b.c > payload: ID len: 12 proto: 17 port: 1701 type: IPV4_ADDR = 69.g.h.i > payload: NAT-OA len: 12 type: IPV4_ADDR = 10.a.b.c > payload: NAT-OA len: 12 type: IPV4_ADDR = 69.g.h.i [ttl 0] (id 1, > len 348) > 16:33:02.981128 c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t > > mobile-166-d-e-f.mycingular.net.48970: [bad udp cksum ac00!] udpencap: > isakmp v1.0 exchange INFO > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 489f0371 len: 64 > payload: HASH len: 24 > payload: NOTIFICATION len: 12 > notification: INVALID ID INFORMATION [ttl 0] (id 1, len 96) > 16:33:06.353340 mobile-166-d-e-f.mycingular.net.ipsec-nat-t > > c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t: [bad udp cksum 140d!] udpencap: > isakmp v1.0 exchange QUICK_MODE > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 190351df len: 316 > payload: HASH len: 24 > payload: SA len: 184 DOI: 1(IPSEC) situation: IDENTITY_ONLY > payload: PROPOSAL len: 172 proposal: 1 proto: IPSEC_ESP spisz: > 4 xforms: 6 SPI: 0x0b74cd40 > payload: TRANSFORM len: 28 > transform: 1 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 2 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 28 > transform: 3 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 4 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 24 > transform: 5 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 24 > transform: 6 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: NONCE len: 20 > payload: ID len: 12 proto: 17 port: 50704 type: IPV4_ADDR = > 10.a.b.c > payload: ID len: 12 proto: 17 port: 1701 type: IPV4_ADDR = 69.g.h.i > payload: NAT-OA len: 12 type: IPV4_ADDR = 10.a.b.c > payload: NAT-OA len: 12 type: IPV4_ADDR = 69.g.h.i [ttl 0] (id 1, > len 348) > 16:33:06.357579 c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t > > mobile-166-d-e-f.mycingular.net.48970: [bad udp cksum ac00!] udpencap: > isakmp v1.0 exchange INFO > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 679aa03a len: 64 > payload: HASH len: 24 > payload: NOTIFICATION len: 12 > notification: INVALID ID INFORMATION [ttl 0] (id 1, len 96) > 16:33:09.609379 mobile-166-d-e-f.mycingular.net.ipsec-nat-t > > c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t: [bad udp cksum 140d!] udpencap: > isakmp v1.0 exchange QUICK_MODE > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 190351df len: 316 > payload: HASH len: 24 > payload: SA len: 184 DOI: 1(IPSEC) situation: IDENTITY_ONLY > payload: PROPOSAL len: 172 proposal: 1 proto: IPSEC_ESP spisz: > 4 xforms: 6 SPI: 0x0b74cd40 > payload: TRANSFORM len: 28 > transform: 1 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 2 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 28 > transform: 3 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 4 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 24 > transform: 5 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 24 > transform: 6 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: NONCE len: 20 > payload: ID len: 12 proto: 17 port: 50704 type: IPV4_ADDR = > 10.a.b.c > payload: ID len: 12 proto: 17 port: 1701 type: IPV4_ADDR = 69.g.h.i > payload: NAT-OA len: 12 type: IPV4_ADDR = 10.a.b.c > payload: NAT-OA len: 12 type: IPV4_ADDR = 69.g.h.i [ttl 0] (id 1, > len 348) > 16:33:09.613541 c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t > > mobile-166-d-e-f.mycingular.net.48970: [bad udp cksum ac00!] udpencap: > isakmp v1.0 exchange INFO > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 60990d49 len: 64 > payload: HASH len: 24 > payload: NOTIFICATION len: 12 > notification: INVALID ID INFORMATION [ttl 0] (id 1, len 96) > 16:33:12.865575 mobile-166-d-e-f.mycingular.net.ipsec-nat-t > > c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t: [bad udp cksum 140d!] udpencap: > isakmp v1.0 exchange QUICK_MODE > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 190351df len: 316 > payload: HASH len: 24 > payload: SA len: 184 DOI: 1(IPSEC) situation: IDENTITY_ONLY > payload: PROPOSAL len: 172 proposal: 1 proto: IPSEC_ESP spisz: > 4 xforms: 6 SPI: 0x0b74cd40 > payload: TRANSFORM len: 28 > transform: 1 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 2 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 28 > transform: 3 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 4 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 24 > transform: 5 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 24 > transform: 6 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: NONCE len: 20 > payload: ID len: 12 proto: 17 port: 50704 type: IPV4_ADDR = > 10.a.b.c > payload: ID len: 12 proto: 17 port: 1701 type: IPV4_ADDR = 69.g.h.i > payload: NAT-OA len: 12 type: IPV4_ADDR = 10.a.b.c > payload: NAT-OA len: 12 type: IPV4_ADDR = 69.g.h.i [ttl 0] (id 1, > len 348) > 16:33:12.870080 c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t > > mobile-166-d-e-f.mycingular.net.48970: [bad udp cksum ac00!] udpencap: > isakmp v1.0 exchange INFO > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 9f82cd9b len: 64 > payload: HASH len: 24 > payload: NOTIFICATION len: 12 > notification: INVALID ID INFORMATION [ttl 0] (id 1, len 96) > 16:33:16.121934 mobile-166-d-e-f.mycingular.net.ipsec-nat-t > > c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t: [bad udp cksum 140d!] udpencap: > isakmp v1.0 exchange QUICK_MODE > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 190351df len: 316 > payload: HASH len: 24 > payload: SA len: 184 DOI: 1(IPSEC) situation: IDENTITY_ONLY > payload: PROPOSAL len: 172 proposal: 1 proto: IPSEC_ESP spisz: > 4 xforms: 6 SPI: 0x0b74cd40 > payload: TRANSFORM len: 28 > transform: 1 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 2 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 28 > transform: 3 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 4 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 24 > transform: 5 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 24 > transform: 6 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: NONCE len: 20 > payload: ID len: 12 proto: 17 port: 50704 type: IPV4_ADDR = > 10.a.b.c > payload: ID len: 12 proto: 17 port: 1701 type: IPV4_ADDR = 69.g.h.i > payload: NAT-OA len: 12 type: IPV4_ADDR = 10.a.b.c > payload: NAT-OA len: 12 type: IPV4_ADDR = 69.g.h.i [ttl 0] (id 1, > len 348) > 16:33:16.126215 c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t > > mobile-166-d-e-f.mycingular.net.48970: [bad udp cksum ac00!] udpencap: > isakmp v1.0 exchange INFO > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 2c7fd4b9 len: 64 > payload: HASH len: 24 > payload: NOTIFICATION len: 12 > notification: INVALID ID INFORMATION [ttl 0] (id 1, len 96) > 16:33:19.377589 mobile-166-d-e-f.mycingular.net.ipsec-nat-t > > c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t: [bad udp cksum 140d!] udpencap: > isakmp v1.0 exchange QUICK_MODE > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 190351df len: 316 > payload: HASH len: 24 > payload: SA len: 184 DOI: 1(IPSEC) situation: IDENTITY_ONLY > payload: PROPOSAL len: 172 proposal: 1 proto: IPSEC_ESP spisz: > 4 xforms: 6 SPI: 0x0b74cd40 > payload: TRANSFORM len: 28 > transform: 1 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 2 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 28 > transform: 3 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 4 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 24 > transform: 5 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 24 > transform: 6 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: NONCE len: 20 > payload: ID len: 12 proto: 17 port: 50704 type: IPV4_ADDR = > 10.a.b.c > payload: ID len: 12 proto: 17 port: 1701 type: IPV4_ADDR = 69.g.h.i > payload: NAT-OA len: 12 type: IPV4_ADDR = 10.a.b.c > payload: NAT-OA len: 12 type: IPV4_ADDR = 69.g.h.i [ttl 0] (id 1, > len 348) > 16:33:19.381866 c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t > > mobile-166-d-e-f.mycingular.net.48970: [bad udp cksum ac00!] udpencap: > isakmp v1.0 exchange INFO > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: e011b5fc len: 64 > payload: HASH len: 24 > payload: NOTIFICATION len: 12 > notification: INVALID ID INFORMATION [ttl 0] (id 1, len 96) > 16:33:22.674335 mobile-166-d-e-f.mycingular.net.ipsec-nat-t > > c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t: [bad udp cksum 140d!] udpencap: > isakmp v1.0 exchange QUICK_MODE > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 190351df len: 316 > payload: HASH len: 24 > payload: SA len: 184 DOI: 1(IPSEC) situation: IDENTITY_ONLY > payload: PROPOSAL len: 172 proposal: 1 proto: IPSEC_ESP spisz: > 4 xforms: 6 SPI: 0x0b74cd40 > payload: TRANSFORM len: 28 > transform: 1 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 2 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 28 > transform: 3 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 4 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 24 > transform: 5 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 24 > transform: 6 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: NONCE len: 20 > payload: ID len: 12 proto: 17 port: 50704 type: IPV4_ADDR = > 10.a.b.c > payload: ID len: 12 proto: 17 port: 1701 type: IPV4_ADDR = 69.g.h.i > payload: NAT-OA len: 12 type: IPV4_ADDR = 10.a.b.c > payload: NAT-OA len: 12 type: IPV4_ADDR = 69.g.h.i [ttl 0] (id 1, > len 348) > 16:33:22.678820 c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t > > mobile-166-d-e-f.mycingular.net.48970: [bad udp cksum ac00!] udpencap: > isakmp v1.0 exchange INFO > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 9d04263c len: 64 > payload: HASH len: 24 > payload: NOTIFICATION len: 12 > notification: INVALID ID INFORMATION [ttl 0] (id 1, len 96) > 16:33:25.970635 mobile-166-d-e-f.mycingular.net.ipsec-nat-t > > c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t: [bad udp cksum 140d!] udpencap: > isakmp v1.0 exchange QUICK_MODE > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 190351df len: 316 > payload: HASH len: 24 > payload: SA len: 184 DOI: 1(IPSEC) situation: IDENTITY_ONLY > payload: PROPOSAL len: 172 proposal: 1 proto: IPSEC_ESP spisz: > 4 xforms: 6 SPI: 0x0b74cd40 > payload: TRANSFORM len: 28 > transform: 1 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 2 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 28 > transform: 3 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 4 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 24 > transform: 5 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 24 > transform: 6 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: NONCE len: 20 > payload: ID len: 12 proto: 17 port: 50704 type: IPV4_ADDR = > 10.a.b.c > payload: ID len: 12 proto: 17 port: 1701 type: IPV4_ADDR = 69.g.h.i > payload: NAT-OA len: 12 type: IPV4_ADDR = 10.a.b.c > payload: NAT-OA len: 12 type: IPV4_ADDR = 69.g.h.i [ttl 0] (id 1, > len 348) > 16:33:25.974879 c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t > > mobile-166-d-e-f.mycingular.net.48970: [bad udp cksum ac00!] udpencap: > isakmp v1.0 exchange INFO > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 5e245aa2 len: 64 > payload: HASH len: 24 > payload: NOTIFICATION len: 12 > notification: INVALID ID INFORMATION [ttl 0] (id 1, len 96) > 16:33:29.228060 mobile-166-d-e-f.mycingular.net.ipsec-nat-t > > c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t: [bad udp cksum 140d!] udpencap: > isakmp v1.0 exchange QUICK_MODE > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 190351df len: 316 > payload: HASH len: 24 > payload: SA len: 184 DOI: 1(IPSEC) situation: IDENTITY_ONLY > payload: PROPOSAL len: 172 proposal: 1 proto: IPSEC_ESP spisz: > 4 xforms: 6 SPI: 0x0b74cd40 > payload: TRANSFORM len: 28 > transform: 1 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 2 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 256 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 28 > transform: 3 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 28 > transform: 4 ID: AES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute KEY_LENGTH = 128 > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: TRANSFORM len: 24 > transform: 5 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_SHA > payload: TRANSFORM len: 24 > transform: 6 ID: 3DES > attribute LIFE_TYPE = SECONDS > attribute LIFE_DURATION = 3600 > attribute ENCAPSULATION_MODE = UDP_ENCAP_TRANSPORT > attribute AUTHENTICATION_ALGORITHM = HMAC_MD5 > payload: NONCE len: 20 > payload: ID len: 12 proto: 17 port: 50704 type: IPV4_ADDR = > 10.a.b.c > payload: ID len: 12 proto: 17 port: 1701 type: IPV4_ADDR = 69.g.h.i > payload: NAT-OA len: 12 type: IPV4_ADDR = 10.a.b.c > payload: NAT-OA len: 12 type: IPV4_ADDR = 69.g.h.i [ttl 0] (id 1, > len 348) > 16:33:29.232423 c-69.g.h.i.hsd1.va.comcast.net.ipsec-nat-t > > mobile-166-d-e-f.mycingular.net.48970: [bad udp cksum ac00!] udpencap: > isakmp v1.0 exchange INFO > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: 668a3b0d len: 64 > payload: HASH len: 24 > payload: NOTIFICATION len: 12 > notification: INVALID ID INFORMATION [ttl 0] (id 1, len 96) > 16:33:29.669958 mobile-166-d-e-f.mycingular.net.48970 > > c-69.g.h.i.hsd1.va.comcast.net.isakmp: [udp sum ok] isakmp v1.0 exchange > INFO > cookie: 84d030732a69f98e->98940ba9c6c26124 msgid: a5a4d6fa len: 92 > payload: HASH len: 24 > payload: DELETE len: 28 DOI: 1(IPSEC) proto: ISAKMP nspis: 1 > cookie: 84d030732a69f98e->98940ba9c6c26124 [ttl 0] (id 1, len > 120)
