Hi,
Not sure if this apply to me, i saw this same error in my log, "cannot
install eroute -- it is in use for "tunnel2-nat", when behind NAT i
tried to connect simultaneous users with windows and l2tp/ipsec
I've installed libreswan 3.12.
Is this setup possible?
For openswan i found this
https://lists.openswan.org/pipermail/users/2014-July/023037.html , but
not sure if this apply to libreswan as well....
****
My lab scenario to simulate a nat connection is very simple, two virtual
machines using wm on a debian box and them connect to the remote ipsec
server:
WM host win8.1 [192.168.8.131]
----
----
[192.168.8.1] HOST [192.168.10.25] ------- [192.168.10.254] SERVER
--- -
WM host win8.1 [192.168.8.129]
Attach my configuration and the respective log files when try to connect.
peer_one_connected.log.txt => peer one connected
peer_two_fail_simultaneous_con.log.txt => peer two fail to connect
Thanks for the help.
regards,
António
On 12/16/2014 02:11 AM, Paul Wouters wrote:
On Fri, 12 Dec 2014, Elison Niven wrote:
Subject: [Swan] Error ”cannot install eroute” when rekey/reconnect
from the
same IP (for L2TP)
Is this fixed now ?
https://lists.openswan.org/pipermail/users/2010-April/018685.html
I changed this test case:
https://github.com/libreswan/libreswan/tree/master/testing/pluto/l2tp-02-netkey
to simulate your scenario using:
ipsec auto --up north-east-l2tp
echo "c server" > /var/run/xl2tpd/l2tp-control
sleep 5
ipsec look
: ==== cut ====
cat /tmp/xl2tpd.log
: ==== tuc ====
ping -c 4 -n 192.0.2.254
# testing passthrough plaintext
echo quit | nc 192.0.2.254 22
ip addr show dev ppp0
sleep 5
echo "d server" > /var/run/xl2tpd/l2tp-control
ipsec auto --down north-east-l2tp
sleep 5
ipsec auto --up north-east-l2tp
echo "c server" > /var/run/xl2tpd/l2tp-control
sleep 5
ipsec look
echo done
This worked fine. Both the first IPsec and PPP and the second IPsec and
PPP came up successfully. Since it uses RSA, I then modified it to use
PSK. But it still worked.
Is there a chance you can try and test this with libreswan-3.12 ?
Paul
I'm not sure if that fully reproduced your
connection from behind NAT? This connection used RSA, not PSK.
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
--
---
António Silva
# /etc/ipsec.conf - Openswan IPsec configuration file
# RCSID $Id: ipsec.conf.in,v 1.15.2.4 2006/07/11 16:17:53 paul Exp $
# This file: /usr/share/doc/openswan/ipsec.conf-sample
#
# Manual: ipsec.conf.5
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
plutodebug=all
plutorestartoncrash=false
dumpdir=/tmp
nat_traversal=yes
interfaces=%none
protostack=netkey
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
fragicmp=no
# Add connections here
## remote
conn tunnel1-nat
rightsubnet=vhost:%priv
also=tunnel1
conn tunnel1
pfs=no
type=transport
auto=add
auth=esp
authby=secret
keyingtries=3
rekey=no
ikelifetime=8h
keylife=1h
left=192.168.10.254
leftprotoport=17/%any
leftid=192.168.10.254
leftupdown=/opt/commsmundi/scripts/ipsec_monitor.php
right=%any
rightprotoport=17/%any
rightid=%any
rightupdown=/opt/commsmundi/scripts/ipsec_monitor.php
dpddelay=30
dpdtimeout=120
dpdaction=hold
# sample VPN connections, see /etc/ipsec.d/examples/
#Disable Opportunistic Encryption [ remove file include not supported any more ]
conn block
auto=ignore
conn private
auto=ignore
conn private-or-clear
auto=ignore
conn clear-or-private
auto=ignore
conn clear
auto=ignore
conn packetdefault
auto=ignore
May 8 15:22:53 bitch pluto[16274]: |
May 8 15:22:53 bitch pluto[16274]: | *received whack message
May 8 15:22:53 bitch pluto[16274]: shutting down
May 8 15:22:53 bitch pluto[16274]: | certs and keys locked by
'free_preshared_secrets'
May 8 15:22:53 bitch pluto[16274]: forgetting secrets
May 8 15:22:53 bitch pluto[16274]: | certs and keys unlocked by
'free_preshard_secrets'
May 8 15:22:53 bitch pluto[16274]: | processing connection tunnel1-nat[3]
192.168.10.25
May 8 15:22:53 bitch pluto[16274]: "tunnel1-nat"[3] 192.168.10.25: deleting
connection "tunnel1-nat" instance with peer 192.168.10.25 {isakmp=#0/ipsec=#0}
May 8 15:22:53 bitch pluto[16274]: | processing connection tunnel1-nat
May 8 15:22:53 bitch pluto[16274]: "tunnel1-nat" #4: deleting state
(STATE_QUICK_R0)
May 8 15:22:53 bitch pluto[16274]: | deleting state #4
May 8 15:22:53 bitch pluto[16274]: | deleting event for #4
May 8 15:22:53 bitch pluto[16274]: | ICOOKIE: b4 c5 a7 e5 d0 f7 4d bd
May 8 15:22:53 bitch pluto[16274]: | RCOOKIE: fa 87 f6 77 e3 c5 64 49
May 8 15:22:53 bitch pluto[16274]: | state hash entry 19
May 8 15:22:53 bitch pluto[16274]: | processing connection tunnel1-nat
May 8 15:22:53 bitch pluto[16274]: "tunnel1-nat" #5: deleting state
(STATE_MAIN_R1)
May 8 15:22:53 bitch pluto[16274]: | deleting state #5
May 8 15:22:53 bitch pluto[16274]: | deleting event for #5
May 8 15:22:53 bitch pluto[16274]: | ICOOKIE: 0a 4d c3 3e 00 03 74 cf
May 8 15:22:53 bitch pluto[16274]: | RCOOKIE: 4b fb f6 8a 10 b3 31 74
May 8 15:22:53 bitch pluto[16274]: | state hash entry 30
May 8 15:22:53 bitch pluto[16274]: | processing connection tunnel1
May 8 15:22:53 bitch pluto[16274]: "tunnel1": deleting connection
May 8 15:22:53 bitch pluto[16274]: | processing connection tunnel1-nat
May 8 15:22:53 bitch pluto[16274]: "tunnel1-nat": deleting connection
May 8 15:22:53 bitch pluto[16274]: | crl fetch request list locked by
'free_crl_fetch'
May 8 15:22:53 bitch pluto[16274]: | crl fetch request list unlocked by
'free_crl_fetch'
May 8 15:22:53 bitch pluto[16274]: | authcert list locked by 'free_authcerts'
May 8 15:22:53 bitch pluto[16274]: | authcert list unlocked by 'free_authcerts'
May 8 15:22:53 bitch pluto[16274]: | crl list locked by 'free_crls'
May 8 15:22:53 bitch pluto[16274]: | crl list unlocked by 'free_crls'
May 8 15:22:53 bitch pluto[16274]: shutting down interface lo/lo 127.0.0.1:4500
May 8 15:22:53 bitch pluto[16274]: shutting down interface lo/lo 127.0.0.1:500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth0/eth0
10.10.0.1:4500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth0/eth0
10.10.0.1:500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth1/eth1
192.168.10.254:4500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth1/eth1
192.168.10.254:500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth1/eth1
192.168.11.254:4500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth1/eth1
192.168.11.254:500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth2/eth2
192.168.3.254:4500
May 8 15:22:53 bitch pluto[16274]: shutting down interface eth2/eth2
192.168.3.254:500
May 8 15:22:53 bitch ipsec__plutorun: pluto killed by SIGTERM, terminating
without restart
May 8 15:22:53 bitch ipsec__plutorun: Starting Pluto subsystem...
May 8 15:22:53 bitch pluto[19962]: nss directory plutomain: /etc/ipsec.d
May 8 15:22:53 bitch pluto[19962]: NSS Initialized
May 8 15:22:53 bitch pluto[19962]: libcap-ng support [disabled]
May 8 15:22:53 bitch pluto[19962]: FIPS HMAC integrity support [disabled]
May 8 15:22:53 bitch pluto[19962]: Linux audit support [disabled]
May 8 15:22:53 bitch pluto[19962]: Starting Pluto (Libreswan Version 3.12
XFRM(netkey) KLIPS NSS DNSSEC XAUTH_PAM NETWORKMANAGER KLIPS_MAST CURL(non-NSS)
LDAP(non-NSS)) pid:19962
May 8 15:22:53 bitch pluto[19962]: core dump dir: /tmp
May 8 15:22:53 bitch pluto[19962]: secrets file: /etc/ipsec.secrets
May 8 15:22:53 bitch pluto[19962]: leak-detective disabled
May 8 15:22:53 bitch pluto[19962]: SAref support [disabled]: Protocol not
available
May 8 15:22:53 bitch pluto[19962]: SAbind support [disabled]: Protocol not
available
May 8 15:22:53 bitch pluto[19962]: NSS crypto [enabled]
May 8 15:22:53 bitch pluto[19962]: XAUTH PAM support [enabled]
May 8 15:22:53 bitch pluto[19962]: NAT-Traversal support [enabled]
May 8 15:22:53 bitch pluto[19962]: | inserting event EVENT_REINIT_SECRET,
timeout in 3600 seconds
May 8 15:22:53 bitch pluto[19962]: | event added at head of queue
May 8 15:22:53 bitch pluto[19962]: | inserting event EVENT_PENDING_DDNS,
timeout in 60 seconds
May 8 15:22:53 bitch pluto[19962]: | event added at head of queue
May 8 15:22:53 bitch pluto[19962]: | inserting event EVENT_PENDING_PHASE2,
timeout in 120 seconds
May 8 15:22:53 bitch pluto[19962]: | event added after event EVENT_PENDING_DDNS
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating
OAKLEY_TWOFISH_CBC_SSH: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating
OAKLEY_TWOFISH_CBC: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating
OAKLEY_SERPENT_CBC: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating
OAKLEY_AES_CBC: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating
DISABLED-OAKLEY_AES_CTR: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_hash(): Activating
DISABLED-OAKLEY_AES_XCBC: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating
DISABLED-OAKLEY_CAMELLIA_CBC: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating
OAKLEY_CAMELLIA_CTR: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_512: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_384: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_hash(): Activating
OAKLEY_SHA2_256: Ok
May 8 15:22:53 bitch pluto[19962]: starting up 3 crypto helpers
May 8 15:22:53 bitch pluto[19962]: started thread for crypto helper 0 (master
fd 6)
May 8 15:22:53 bitch pluto[19962]: started thread for crypto helper 1 (master
fd 8)
May 8 15:22:53 bitch pluto[19962]: | status value returned by setting the
priority of this thread (crypto helper 1) 0
May 8 15:22:53 bitch pluto[19962]: | crypto helper 1 waiting on fd 9
May 8 15:22:53 bitch pluto[19962]: | status value returned by setting the
priority of this thread (crypto helper 2) 0
May 8 15:22:53 bitch pluto[19962]: | crypto helper 2 waiting on fd 11
May 8 15:22:53 bitch pluto[19962]: | status value returned by setting the
priority of this thread (crypto helper 0) 0
May 8 15:22:53 bitch pluto[19962]: | crypto helper 0 waiting on fd 7
May 8 15:22:53 bitch pluto[19962]: started thread for crypto helper 2 (master
fd 10)
May 8 15:22:53 bitch pluto[19962]: Using Linux XFRM/NETKEY IPsec interface
code on 3.10.58
May 8 15:22:53 bitch pluto[19962]: | process 19962 listening for PF_KEY_V2 on
file descriptor 15
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_init()
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=18(ESP_AES_GCM_A)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=19(ESP_AES_GCM_B)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=20(ESP_AES_GCM_C)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=14(ESP_AES_CCM_A)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=15(ESP_AES_CCM_B)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=16(ESP_AES_CCM_C)
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating
aes_ccm_8: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating
aes_ccm_12: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating
aes_ccm_16: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating
aes_gcm_8: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating
aes_gcm_12: Ok
May 8 15:22:53 bitch pluto[19962]: ike_alg_register_enc(): Activating
aes_gcm_16: Ok
May 8 15:22:53 bitch pluto[19962]: | Registered AEAD AES CCM/GCM algorithms
May 8 15:22:53 bitch pluto[19962]: | finish_pfkey_msg: K_SADB_REGISTER message
1 for AH
May 8 15:22:53 bitch pluto[19962]: | 02 07 00 02 02 00 00 00 01 00 00 00
fa 4d 00 00
May 8 15:22:53 bitch pluto[19962]: | pfkey_get: K_SADB_REGISTER message 1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: sadb_msg_len=22 sadb_supported_len=72
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14,
alg_id=251(ESP_KAME_NULL)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[0], exttype=14, satype=2, alg_id=251, alg_ivlen=0,
alg_minbits=0, alg_maxbits=0, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14,
alg_id=2(ESP_DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[1], exttype=14, satype=2, alg_id=2, alg_ivlen=0,
alg_minbits=128, alg_maxbits=128, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14,
alg_id=3(ESP_3DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[2], exttype=14, satype=2, alg_id=3, alg_ivlen=0,
alg_minbits=160, alg_maxbits=160, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14,
alg_id=5(ESP_IDEA)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[3], exttype=14, satype=2, alg_id=5, alg_ivlen=0,
alg_minbits=256, alg_maxbits=256, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14,
alg_id=6(ESP_CAST)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[4], exttype=14, satype=2, alg_id=6, alg_ivlen=0,
alg_minbits=384, alg_maxbits=384, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14,
alg_id=7(ESP_BLOWFISH)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[5], exttype=14, satype=2, alg_id=7, alg_ivlen=0,
alg_minbits=512, alg_maxbits=512, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14,
alg_id=8(ESP_3IDEA)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[6], exttype=14, satype=2, alg_id=8, alg_ivlen=0,
alg_minbits=160, alg_maxbits=160, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=14,
alg_id=9(ESP_DES_IV32)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[7], exttype=14, satype=2, alg_id=9, alg_ivlen=0,
alg_minbits=128, alg_maxbits=128, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: sadb_msg_len=22 sadb_supported_len=88
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15,
alg_id=11(ESP_NULL)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,11) fails because alg
combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[8], exttype=15, satype=2, alg_id=11, alg_ivlen=0,
alg_minbits=0, alg_maxbits=0, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15,
alg_id=2(ESP_DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,2) fails because alg
combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[9], exttype=15, satype=2, alg_id=2, alg_ivlen=8,
alg_minbits=64, alg_maxbits=64, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15,
alg_id=3(ESP_3DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,3) fails because alg
combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[10], exttype=15, satype=2, alg_id=3, alg_ivlen=8,
alg_minbits=192, alg_maxbits=192, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15,
alg_id=6(ESP_CAST)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,6) fails because alg
combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[11], exttype=15, satype=2, alg_id=6, alg_ivlen=8,
alg_minbits=40, alg_maxbits=128, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15,
alg_id=7(ESP_BLOWFISH)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,7) fails because alg
combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[12], exttype=15, satype=2, alg_id=7, alg_ivlen=8,
alg_minbits=40, alg_maxbits=448, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15,
alg_id=12(ESP_AES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,12) fails because alg
combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[13], exttype=15, satype=2, alg_id=12, alg_ivlen=8,
alg_minbits=128, alg_maxbits=256, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15,
alg_id=252(ESP_SERPENT)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,252) fails because
alg combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[14], exttype=15, satype=2, alg_id=252, alg_ivlen=8,
alg_minbits=128, alg_maxbits=256, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15,
alg_id=22(ESP_CAMELLIA)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,22) fails because alg
combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[15], exttype=15, satype=2, alg_id=22, alg_ivlen=8,
alg_minbits=128, alg_maxbits=256, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15,
alg_id=253(ESP_TWOFISH)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,253) fails because
alg combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[16], exttype=15, satype=2, alg_id=253, alg_ivlen=8,
alg_minbits=128, alg_maxbits=256, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=2, exttype=15,
alg_id=13(ESP_AES_CTR)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(2,15,13) fails because alg
combo is invalid
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_AH: alg[17], exttype=15, satype=2, alg_id=13, alg_ivlen=8,
alg_minbits=160, alg_maxbits=288, res=0, ret=-1
May 8 15:22:53 bitch pluto[19962]: | AH registered with kernel.
May 8 15:22:53 bitch pluto[19962]: | finish_pfkey_msg: K_SADB_REGISTER message
2 for ESP
May 8 15:22:53 bitch pluto[19962]: | 02 07 00 03 02 00 00 00 02 00 00 00
fa 4d 00 00
May 8 15:22:53 bitch pluto[19962]: | pfkey_get: K_SADB_REGISTER message 2
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: sadb_msg_len=22 sadb_supported_len=72
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14,
alg_id=251(ESP_KAME_NULL)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already
setup satype=3, exttype=14, alg_id=251
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[0], exttype=14, satype=3, alg_id=251, alg_ivlen=0,
alg_minbits=0, alg_maxbits=0, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14,
alg_id=2(ESP_DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already
setup satype=3, exttype=14, alg_id=2
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[1], exttype=14, satype=3, alg_id=2, alg_ivlen=0,
alg_minbits=128, alg_maxbits=128, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14,
alg_id=3(ESP_3DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already
setup satype=3, exttype=14, alg_id=3
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[2], exttype=14, satype=3, alg_id=3, alg_ivlen=0,
alg_minbits=160, alg_maxbits=160, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14,
alg_id=5(ESP_IDEA)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already
setup satype=3, exttype=14, alg_id=5
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[3], exttype=14, satype=3, alg_id=5, alg_ivlen=0,
alg_minbits=256, alg_maxbits=256, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14,
alg_id=6(ESP_CAST)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already
setup satype=3, exttype=14, alg_id=6
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[4], exttype=14, satype=3, alg_id=6, alg_ivlen=0,
alg_minbits=384, alg_maxbits=384, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14,
alg_id=7(ESP_BLOWFISH)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already
setup satype=3, exttype=14, alg_id=7
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[5], exttype=14, satype=3, alg_id=7, alg_ivlen=0,
alg_minbits=512, alg_maxbits=512, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14,
alg_id=8(ESP_3IDEA)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already
setup satype=3, exttype=14, alg_id=8
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[6], exttype=14, satype=3, alg_id=8, alg_ivlen=0,
alg_minbits=160, alg_maxbits=160, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=14,
alg_id=9(ESP_DES_IV32)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): discarding already
setup satype=3, exttype=14, alg_id=9
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[7], exttype=14, satype=3, alg_id=9, alg_ivlen=0,
alg_minbits=128, alg_maxbits=128, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: sadb_msg_len=22 sadb_supported_len=88
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=11(ESP_NULL)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[8], exttype=15, satype=3, alg_id=11, alg_ivlen=0,
alg_minbits=0, alg_maxbits=0, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=2(ESP_DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): Ignoring
alg_id=2(ESP_DES) - too weak
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[9], exttype=15, satype=3, alg_id=2, alg_ivlen=8,
alg_minbits=64, alg_maxbits=64, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=3(ESP_3DES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[10], exttype=15, satype=3, alg_id=3, alg_ivlen=8,
alg_minbits=192, alg_maxbits=192, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=6(ESP_CAST)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[11], exttype=15, satype=3, alg_id=6, alg_ivlen=8,
alg_minbits=40, alg_maxbits=128, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=7(ESP_BLOWFISH)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): Ignoring
alg_id=7(ESP_BLOWFISH) - too weak
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[12], exttype=15, satype=3, alg_id=7, alg_ivlen=8,
alg_minbits=40, alg_maxbits=448, res=0, ret=0
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=12(ESP_AES)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[13], exttype=15, satype=3, alg_id=12, alg_ivlen=8,
alg_minbits=128, alg_maxbits=256, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=252(ESP_SERPENT)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[14], exttype=15, satype=3, alg_id=252, alg_ivlen=8,
alg_minbits=128, alg_maxbits=256, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=22(ESP_CAMELLIA)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[15], exttype=15, satype=3, alg_id=22, alg_ivlen=8,
alg_minbits=128, alg_maxbits=256, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=253(ESP_TWOFISH)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[16], exttype=15, satype=3, alg_id=253, alg_ivlen=8,
alg_minbits=128, alg_maxbits=256, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_add(): satype=3, exttype=15,
alg_id=13(ESP_AES_CTR)
May 8 15:22:53 bitch pluto[19962]: | kernel_alg_register_pfkey():
SADB_SATYPE_ESP: alg[17], exttype=15, satype=3, alg_id=13, alg_ivlen=8,
alg_minbits=160, alg_maxbits=288, res=0, ret=1
May 8 15:22:53 bitch pluto[19962]: | ESP registered with kernel.
May 8 15:22:53 bitch pluto[19962]: | finish_pfkey_msg: K_SADB_REGISTER message
3 for IPCOMP
May 8 15:22:53 bitch pluto[19962]: | 02 07 00 09 02 00 00 00 03 00 00 00
fa 4d 00 00
May 8 15:22:53 bitch pluto[19962]: | pfkey_get: K_SADB_REGISTER message 3
May 8 15:22:53 bitch pluto[19962]: | IPCOMP registered with kernel.
May 8 15:22:53 bitch pluto[19962]: | Registered AH, ESP and IPCOMP
May 8 15:22:53 bitch pluto[19962]: | Changed path to directory
'/etc/ipsec.d/cacerts'
May 8 15:22:53 bitch pluto[19962]: | Changing to directory '/etc/ipsec.d/crls'
May 8 15:22:53 bitch pluto[19962]: | inserting event EVENT_LOG_DAILY, timeout
in 31027 seconds
May 8 15:22:53 bitch pluto[19962]: | event added after event
EVENT_REINIT_SECRET
May 8 15:22:53 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 60
seconds
May 8 15:22:54 bitch pluto[20012]: | calling addconn helper using execve
May 8 15:22:54 bitch pluto[19962]: |
May 8 15:22:54 bitch pluto[19962]: | *received whack message
May 8 15:22:54 bitch pluto[19962]: | find_host_pair_conn
(check_connection_end): 192.168.10.254:500 %any:500 -> hp:none
May 8 15:22:54 bitch pluto[19962]: | Added new connection tunnel1-nat with
policy PSK+ENCRYPT+DONT_REKEY+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW
May 8 15:22:54 bitch pluto[19962]: | counting wild cards for 192.168.10.254 is 0
May 8 15:22:54 bitch pluto[19962]: | counting wild cards for (none) is 15
May 8 15:22:54 bitch pluto[19962]: | based upon policy, the connection is a
template.
May 8 15:22:54 bitch pluto[19962]: added connection description "tunnel1-nat"
May 8 15:22:54 bitch pluto[19962]: |
%any:17/%any...192.168.10.254<192.168.10.254>:17/%any===vhost:?
May 8 15:22:54 bitch pluto[19962]: | ike_life: 28800s; ipsec_life: 3600s;
rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3; policy:
PSK+ENCRYPT+DONT_REKEY+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW
May 8 15:22:54 bitch pluto[19962]: | * processed 0 messages from cryptographic
helpers
May 8 15:22:54 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 59
seconds
May 8 15:22:54 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 59
seconds
May 8 15:22:54 bitch pluto[19962]: |
May 8 15:22:54 bitch pluto[19962]: | *received whack message
May 8 15:22:54 bitch pluto[19962]: | find_host_pair_conn
(check_connection_end): 192.168.10.254:500 %any:500 -> hp:none
May 8 15:22:54 bitch pluto[19962]: | Added new connection tunnel1 with policy
PSK+ENCRYPT+DONT_REKEY+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW
May 8 15:22:54 bitch pluto[19962]: | counting wild cards for 192.168.10.254 is 0
May 8 15:22:54 bitch pluto[19962]: | counting wild cards for (none) is 15
May 8 15:22:54 bitch pluto[19962]: | based upon policy, the connection is a
template.
May 8 15:22:54 bitch pluto[19962]: added connection description "tunnel1"
May 8 15:22:54 bitch pluto[19962]: |
%any:17/%any...192.168.10.254<192.168.10.254>:17/%any
May 8 15:22:54 bitch pluto[19962]: | ike_life: 28800s; ipsec_life: 3600s;
rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3; policy:
PSK+ENCRYPT+DONT_REKEY+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW
May 8 15:22:54 bitch pluto[19962]: | * processed 0 messages from cryptographic
helpers
May 8 15:22:54 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 59
seconds
May 8 15:22:54 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 59
seconds
May 8 15:22:54 bitch pluto[19962]: |
May 8 15:22:54 bitch pluto[19962]: | *received whack message
May 8 15:22:54 bitch pluto[19962]: listening for IKE messages
May 8 15:23:28 bitch pluto[19962]: |
May 8 15:23:28 bitch pluto[19962]: | *received 408 bytes from
192.168.10.25:500 on eth1 (port=500)
May 8 15:23:28 bitch pluto[19962]: | 3d 46 1f e3 1f 2f 33 ad 00 00 00 00
00 00 00 00
May 8 15:23:28 bitch pluto[19962]: | 01 10 02 00 00 00 00 00 00 00 01 98
0d 00 00 d4
May 8 15:23:28 bitch pluto[19962]: | 00 00 00 01 00 00 00 01 00 00 00 c8
01 01 00 05
May 8 15:23:28 bitch pluto[19962]: | 03 00 00 28 01 01 00 00 80 01 00 07
80 0e 01 00
May 8 15:23:28 bitch pluto[19962]: | 80 02 00 02 80 04 00 14 80 03 00 01
80 0b 00 01
May 8 15:23:28 bitch pluto[19962]: | 00 0c 00 04 00 00 70 80 03 00 00 28
02 01 00 00
May 8 15:23:28 bitch pluto[19962]: | 80 01 00 07 80 0e 00 80 80 02 00 02
80 04 00 13
May 8 15:23:28 bitch pluto[19962]: | 80 03 00 01 80 0b 00 01 00 0c 00 04
00 00 70 80
May 8 15:23:28 bitch pluto[19962]: | 03 00 00 28 03 01 00 00 80 01 00 07
80 0e 01 00
May 8 15:23:28 bitch pluto[19962]: | 80 02 00 02 80 04 00 0e 80 03 00 01
80 0b 00 01
May 8 15:23:28 bitch pluto[19962]: | 00 0c 00 04 00 00 70 80 03 00 00 24
04 01 00 00
May 8 15:23:28 bitch pluto[19962]: | 80 01 00 05 80 02 00 02 80 04 00 0e
80 03 00 01
May 8 15:23:28 bitch pluto[19962]: | 80 0b 00 01 00 0c 00 04 00 00 70 80
00 00 00 24
May 8 15:23:28 bitch pluto[19962]: | 05 01 00 00 80 01 00 05 80 02 00 02
80 04 00 02
May 8 15:23:28 bitch pluto[19962]: | 80 03 00 01 80 0b 00 01 00 0c 00 04
00 00 70 80
May 8 15:23:28 bitch pluto[19962]: | 0d 00 00 18 01 52 8b bb c0 06 96 12
18 49 ab 9a
May 8 15:23:28 bitch pluto[19962]: | 1c 5b 2a 51 00 00 00 01 0d 00 00 18
1e 2b 51 69
May 8 15:23:28 bitch pluto[19962]: | 05 99 1c 7d 7c 96 fc bf b5 87 e4 61
00 00 00 09
May 8 15:23:28 bitch pluto[19962]: | 0d 00 00 14 4a 13 1c 81 07 03 58 45
5c 57 28 f2
May 8 15:23:28 bitch pluto[19962]: | 0e 95 45 2f 0d 00 00 14 90 cb 80 91
3e bb 69 6e
May 8 15:23:28 bitch pluto[19962]: | 08 63 81 b5 ec 42 7b 1f 0d 00 00 14
40 48 b7 d5
May 8 15:23:28 bitch pluto[19962]: | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3
0d 00 00 14
May 8 15:23:28 bitch pluto[19962]: | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be
08 55 f1 20
May 8 15:23:28 bitch pluto[19962]: | 0d 00 00 14 26 24 4d 38 ed db 61 b3
17 2a 36 e3
May 8 15:23:28 bitch pluto[19962]: | d0 cf b8 19 00 00 00 14 e3 a5 96 6a
76 37 9f e7
May 8 15:23:28 bitch pluto[19962]: | 07 22 82 31 e5 ce 86 52
May 8 15:23:28 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:23:28 bitch pluto[19962]: | initiator cookie:
May 8 15:23:28 bitch pluto[19962]: | 3d 46 1f e3 1f 2f 33 ad
May 8 15:23:28 bitch pluto[19962]: | responder cookie:
May 8 15:23:28 bitch pluto[19962]: | 00 00 00 00 00 00 00 00
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_SA
May 8 15:23:28 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
May 8 15:23:28 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_IDPROT
May 8 15:23:28 bitch pluto[19962]: | flags: none
May 8 15:23:28 bitch pluto[19962]: | message ID: 00 00 00 00
May 8 15:23:28 bitch pluto[19962]: | length: 408
May 8 15:23:28 bitch pluto[19962]: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_IDPROT (2)
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2 (ISAKMP_NEXT_SA) needed:
0x2opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Security Association
Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 212
May 8 15:23:28 bitch pluto[19962]: | DOI: ISAKMP_DOI_IPSEC
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 24
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 24
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 20
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 20
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 20
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 20
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:23:28 bitch pluto[19962]: | length: 20
May 8 15:23:28 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:23:28 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_NONE
May 8 15:23:28 bitch pluto[19962]: | length: 20
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: ignoring
unknown Vendor ID payload [01528bbbc00696121849ab9a1c5b2a5100000001]
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: ignoring
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000009]
May 8 15:23:28 bitch pluto[19962]: | quirks.qnat_traversal_vid set to=83
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: received
Vendor ID payload [RFC 3947]
May 8 15:23:28 bitch pluto[19962]: | Ignoring older NAT-T Vendor ID paylad
[draft-ietf-ipsec-nat-t-ike-02_n]
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: ignoring
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: received
Vendor ID payload [FRAGMENTATION]
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: ignoring
Vendor ID payload [MS-Negotiation Discovery Capable]
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: ignoring
Vendor ID payload [Vid-Initial-Contact]
May 8 15:23:28 bitch pluto[19962]: packet from 192.168.10.25:500: ignoring
Vendor ID payload [IKE CGA version 1]
May 8 15:23:28 bitch pluto[19962]: | find_host_connection
me=192.168.10.254:500 him=192.168.10.25:500 policy=none
May 8 15:23:28 bitch pluto[19962]: | find_host_pair: comparing to
192.168.10.254:500 0.0.0.0:500
May 8 15:23:28 bitch pluto[19962]: | find_host_pair_conn
(find_host_connection): 192.168.10.254:500 192.168.10.25:500 -> hp:none
May 8 15:23:28 bitch pluto[19962]: | searching for connection with policy =
none
May 8 15:23:28 bitch pluto[19962]: | find_host_connection returns empty
May 8 15:23:28 bitch pluto[19962]: | ****parse IPsec DOI SIT:
May 8 15:23:28 bitch pluto[19962]: | IPsec DOI SIT: SIT_IDENTITY_ONLY
May 8 15:23:28 bitch pluto[19962]: | ****parse ISAKMP Proposal Payload:
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_NONE
May 8 15:23:28 bitch pluto[19962]: | length: 200
May 8 15:23:28 bitch pluto[19962]: | proposal number: 1
May 8 15:23:28 bitch pluto[19962]: | protocol ID: PROTO_ISAKMP
May 8 15:23:28 bitch pluto[19962]: | SPI size: 0
May 8 15:23:28 bitch pluto[19962]: | number of transforms: 5
May 8 15:23:28 bitch pluto[19962]: | *****parse ISAKMP Transform Payload
(ISAKMP):
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:23:28 bitch pluto[19962]: | length: 40
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform number: 1
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 7
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_KEY_LENGTH
May 8 15:23:28 bitch pluto[19962]: | length/value: 256
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 2
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:23:28 bitch pluto[19962]: | length/value: 20
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_TYPE
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_DURATION
(variable length)
May 8 15:23:28 bitch pluto[19962]: | length/value: 4
May 8 15:23:28 bitch pluto[19962]: | *****parse ISAKMP Transform Payload
(ISAKMP):
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:23:28 bitch pluto[19962]: | length: 40
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform number: 2
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 7
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_KEY_LENGTH
May 8 15:23:28 bitch pluto[19962]: | length/value: 128
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 2
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:23:28 bitch pluto[19962]: | length/value: 19
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_TYPE
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_DURATION
(variable length)
May 8 15:23:28 bitch pluto[19962]: | length/value: 4
May 8 15:23:28 bitch pluto[19962]: | *****parse ISAKMP Transform Payload
(ISAKMP):
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:23:28 bitch pluto[19962]: | length: 40
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform number: 3
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 7
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_KEY_LENGTH
May 8 15:23:28 bitch pluto[19962]: | length/value: 256
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 2
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:23:28 bitch pluto[19962]: | length/value: 14
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_TYPE
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_DURATION
(variable length)
May 8 15:23:28 bitch pluto[19962]: | length/value: 4
May 8 15:23:28 bitch pluto[19962]: | *****parse ISAKMP Transform Payload
(ISAKMP):
May 8 15:23:28 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:23:28 bitch pluto[19962]: | length: 36
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform number: 4
May 8 15:23:28 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 5
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:23:28 bitch pluto[19962]: | length/value: 2
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:23:28 bitch pluto[19962]: | length/value: 14
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:28 bitch pluto[19962]: | af+type: OAKLEY_LIFE_TYPE
May 8 15:23:28 bitch pluto[19962]: | length/value: 1
May 8 15:23:28 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:23:48 bitch pluto[19962]: |
May 8 15:23:48 bitch pluto[19962]: | next event EVENT_NAT_T_KEEPALIVE in 0
seconds
May 8 15:23:48 bitch pluto[19962]: | *time to handle event
May 8 15:23:48 bitch pluto[19962]: | handling event EVENT_NAT_T_KEEPALIVE
May 8 15:23:48 bitch pluto[19962]: | event after this is EVENT_PENDING_DDNS in
5 seconds
May 8 15:23:48 bitch pluto[19962]: | processing connection tunnel1-nat[2]
192.168.10.25
May 8 15:23:48 bitch pluto[19962]: | Sending of NAT-T KEEP-ALIVE enabled by
per-conn configuration (nat_keepalive=yes)
May 8 15:23:48 bitch pluto[19962]: | processing connection tunnel1-nat[2]
192.168.10.25
May 8 15:23:48 bitch pluto[19962]: | Sending of NAT-T KEEP-ALIVE enabled by
per-conn configuration (nat_keepalive=yes)
May 8 15:23:48 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 5 seconds
May 8 15:24:09 bitch pluto[19962]: |
May 8 15:24:09 bitch pluto[19962]: | *received 408 bytes from 192.168.10.25:1
on eth1 (port=500)
May 8 15:24:09 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df 00 00 00 00
00 00 00 00
May 8 15:24:09 bitch pluto[19962]: | 01 10 02 00 00 00 00 00 00 00 01 98
0d 00 00 d4
May 8 15:24:09 bitch pluto[19962]: | 00 00 00 01 00 00 00 01 00 00 00 c8
01 01 00 05
May 8 15:24:09 bitch pluto[19962]: | 03 00 00 28 01 01 00 00 80 01 00 07
80 0e 01 00
May 8 15:24:09 bitch pluto[19962]: | 80 02 00 02 80 04 00 14 80 03 00 01
80 0b 00 01
May 8 15:24:09 bitch pluto[19962]: | 00 0c 00 04 00 00 70 80 03 00 00 28
02 01 00 00
May 8 15:24:09 bitch pluto[19962]: | 80 01 00 07 80 0e 00 80 80 02 00 02
80 04 00 13
May 8 15:24:09 bitch pluto[19962]: | 80 03 00 01 80 0b 00 01 00 0c 00 04
00 00 70 80
May 8 15:24:09 bitch pluto[19962]: | 03 00 00 28 03 01 00 00 80 01 00 07
80 0e 01 00
May 8 15:24:09 bitch pluto[19962]: | 80 02 00 02 80 04 00 0e 80 03 00 01
80 0b 00 01
May 8 15:24:09 bitch pluto[19962]: | 00 0c 00 04 00 00 70 80 03 00 00 24
04 01 00 00
May 8 15:24:09 bitch pluto[19962]: | 80 01 00 05 80 02 00 02 80 04 00 0e
80 03 00 01
May 8 15:24:09 bitch pluto[19962]: | 80 0b 00 01 00 0c 00 04 00 00 70 80
00 00 00 24
May 8 15:24:09 bitch pluto[19962]: | 05 01 00 00 80 01 00 05 80 02 00 02
80 04 00 02
May 8 15:24:09 bitch pluto[19962]: | 80 03 00 01 80 0b 00 01 00 0c 00 04
00 00 70 80
May 8 15:24:09 bitch pluto[19962]: | 0d 00 00 18 01 52 8b bb c0 06 96 12
18 49 ab 9a
May 8 15:24:09 bitch pluto[19962]: | 1c 5b 2a 51 00 00 00 01 0d 00 00 18
1e 2b 51 69
May 8 15:24:09 bitch pluto[19962]: | 05 99 1c 7d 7c 96 fc bf b5 87 e4 61
00 00 00 09
May 8 15:24:09 bitch pluto[19962]: | 0d 00 00 14 4a 13 1c 81 07 03 58 45
5c 57 28 f2
May 8 15:24:09 bitch pluto[19962]: | 0e 95 45 2f 0d 00 00 14 90 cb 80 91
3e bb 69 6e
May 8 15:24:09 bitch pluto[19962]: | 08 63 81 b5 ec 42 7b 1f 0d 00 00 14
40 48 b7 d5
May 8 15:24:09 bitch pluto[19962]: | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3
0d 00 00 14
May 8 15:24:09 bitch pluto[19962]: | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be
08 55 f1 20
May 8 15:24:09 bitch pluto[19962]: | 0d 00 00 14 26 24 4d 38 ed db 61 b3
17 2a 36 e3
May 8 15:24:09 bitch pluto[19962]: | d0 cf b8 19 00 00 00 14 e3 a5 96 6a
76 37 9f e7
May 8 15:24:09 bitch pluto[19962]: | 07 22 82 31 e5 ce 86 52
May 8 15:24:09 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:24:09 bitch pluto[19962]: | initiator cookie:
May 8 15:24:09 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:24:09 bitch pluto[19962]: | responder cookie:
May 8 15:24:09 bitch pluto[19962]: | 00 00 00 00 00 00 00 00
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_SA
May 8 15:24:09 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
May 8 15:24:09 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_IDPROT
May 8 15:24:09 bitch pluto[19962]: | flags: none
May 8 15:24:09 bitch pluto[19962]: | message ID: 00 00 00 00
May 8 15:24:09 bitch pluto[19962]: | length: 408
May 8 15:24:09 bitch pluto[19962]: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_IDPROT (2)
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2 (ISAKMP_NEXT_SA) needed:
0x2opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Security Association
Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 212
May 8 15:24:09 bitch pluto[19962]: | DOI: ISAKMP_DOI_IPSEC
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 24
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 24
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 20
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 20
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 20
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 20
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | length: 20
May 8 15:24:09 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:24:09 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_NONE
May 8 15:24:09 bitch pluto[19962]: | length: 20
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: ignoring
unknown Vendor ID payload [01528bbbc00696121849ab9a1c5b2a5100000001]
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: ignoring
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000009]
May 8 15:24:09 bitch pluto[19962]: | quirks.qnat_traversal_vid set to=83
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: received
Vendor ID payload [RFC 3947]
May 8 15:24:09 bitch pluto[19962]: | Ignoring older NAT-T Vendor ID paylad
[draft-ietf-ipsec-nat-t-ike-02_n]
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: ignoring
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: received
Vendor ID payload [FRAGMENTATION]
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: ignoring
Vendor ID payload [MS-Negotiation Discovery Capable]
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: ignoring
Vendor ID payload [Vid-Initial-Contact]
May 8 15:24:09 bitch pluto[19962]: packet from 192.168.10.25:1: ignoring
Vendor ID payload [IKE CGA version 1]
May 8 15:24:09 bitch pluto[19962]: | find_host_connection
me=192.168.10.254:500 him=192.168.10.25:1 policy=none
May 8 15:24:09 bitch pluto[19962]: | find_host_pair: comparing to
192.168.10.254:500 0.0.0.0:500
May 8 15:24:09 bitch pluto[19962]: | find_host_pair: comparing to
192.168.10.254:500 192.168.10.25:500
May 8 15:24:09 bitch pluto[19962]: | find_host_pair_conn
(find_host_connection): 192.168.10.254:500 192.168.10.25:1 -> hp:tunnel1-nat
May 8 15:24:09 bitch pluto[19962]: | searching for connection with policy =
none
May 8 15:24:09 bitch pluto[19962]: | found policy =
PSK+ENCRYPT+DONT_REKEY+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW (tunnel1-nat)
May 8 15:24:09 bitch pluto[19962]: | find_host_connection returns tunnel1-nat
May 8 15:24:09 bitch pluto[19962]: | creating state object #3 at 0x7f4b99acae40
May 8 15:24:09 bitch pluto[19962]: | processing connection tunnel1-nat[2]
192.168.10.25
May 8 15:24:09 bitch pluto[19962]: | ICOOKIE: 14 d8 b2 ef 4f 94 ba df
May 8 15:24:09 bitch pluto[19962]: | RCOOKIE: f0 88 83 b3 05 30 fa ac
May 8 15:24:09 bitch pluto[19962]: | state hash entry 8
May 8 15:24:09 bitch pluto[19962]: | inserting state object #3
May 8 15:24:09 bitch pluto[19962]: | inserting event EVENT_SO_DISCARD, timeout
in 0 seconds for #3
May 8 15:24:09 bitch pluto[19962]: | event added at head of queue
May 8 15:24:09 bitch pluto[19962]: | sender checking NAT-t: enabled and 83
May 8 15:24:09 bitch pluto[19962]: | returning NAT-T method
NAT_TRAVERSAL_METHOD_IETF_RFC
May 8 15:24:09 bitch pluto[19962]: "tunnel1-nat"[2] 192.168.10.25 #3: enabling
possible NAT-traversal with method RFC 3947 (NAT-Traversal)
May 8 15:24:09 bitch pluto[19962]: "tunnel1-nat"[2] 192.168.10.25 #3:
responding to Main Mode from unknown peer 192.168.10.25
May 8 15:24:09 bitch pluto[19962]: | **emit ISAKMP Message:
May 8 15:24:09 bitch pluto[19962]: | initiator cookie:
May 8 15:24:09 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:24:09 bitch pluto[19962]: | responder cookie:
May 8 15:24:09 bitch pluto[19962]: | f0 88 83 b3 05 30 fa ac
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_SA
May 8 15:24:09 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
May 8 15:24:09 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_IDPROT
May 8 15:24:09 bitch pluto[19962]: | flags: none
May 8 15:24:09 bitch pluto[19962]: | message ID: 00 00 00 00
May 8 15:24:09 bitch pluto[19962]: | nat-t detected, sending nat-t VID
May 8 15:24:09 bitch pluto[19962]: | ***emit ISAKMP Security Association
Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:24:09 bitch pluto[19962]: | DOI: ISAKMP_DOI_IPSEC
May 8 15:24:09 bitch pluto[19962]: | ****parse IPsec DOI SIT:
May 8 15:24:09 bitch pluto[19962]: | IPsec DOI SIT: SIT_IDENTITY_ONLY
May 8 15:24:09 bitch pluto[19962]: | ****parse ISAKMP Proposal Payload:
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_NONE
May 8 15:24:09 bitch pluto[19962]: | length: 200
May 8 15:24:09 bitch pluto[19962]: | proposal number: 1
May 8 15:24:09 bitch pluto[19962]: | protocol ID: PROTO_ISAKMP
May 8 15:24:09 bitch pluto[19962]: | SPI size: 0
May 8 15:24:09 bitch pluto[19962]: | number of transforms: 5
May 8 15:24:09 bitch pluto[19962]: | *****parse ISAKMP Transform Payload
(ISAKMP):
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:24:09 bitch pluto[19962]: | length: 40
May 8 15:24:09 bitch pluto[19962]: | ISAKMP transform number: 1
May 8 15:24:09 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:24:09 bitch pluto[19962]: | length/value: 7
May 8 15:24:09 bitch pluto[19962]: | [7 is OAKLEY_AES_CBC]
May 8 15:24:09 bitch pluto[19962]: | ike_alg_enc_ok(ealg=7,key_len=0):
blocksize=16, keyminlen=128, keydeflen=128, keymaxlen=256, ret=1
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_KEY_LENGTH
May 8 15:24:09 bitch pluto[19962]: | length/value: 256
May 8 15:24:09 bitch pluto[19962]: | ike_alg_enc_ok(ealg=7,key_len=256):
blocksize=16, keyminlen=128, keydeflen=128, keymaxlen=256, ret=1
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:24:09 bitch pluto[19962]: | length/value: 2
May 8 15:24:09 bitch pluto[19962]: | [2 is OAKLEY_SHA1]
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:24:09 bitch pluto[19962]: | length/value: 20
May 8 15:24:09 bitch pluto[19962]: | [20 is OAKLEY_GROUP_ECP_384]
May 8 15:24:09 bitch pluto[19962]: "tunnel1-nat"[2] 192.168.10.25 #3:
OAKLEY_GROUP 20 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
May 8 15:24:09 bitch pluto[19962]: | *****parse ISAKMP Transform Payload
(ISAKMP):
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:24:09 bitch pluto[19962]: | length: 40
May 8 15:24:09 bitch pluto[19962]: | ISAKMP transform number: 2
May 8 15:24:09 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:24:09 bitch pluto[19962]: | length/value: 7
May 8 15:24:09 bitch pluto[19962]: | [7 is OAKLEY_AES_CBC]
May 8 15:24:09 bitch pluto[19962]: | ike_alg_enc_ok(ealg=7,key_len=0):
blocksize=16, keyminlen=128, keydeflen=128, keymaxlen=256, ret=1
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_KEY_LENGTH
May 8 15:24:09 bitch pluto[19962]: | length/value: 128
May 8 15:24:09 bitch pluto[19962]: | ike_alg_enc_ok(ealg=7,key_len=128):
blocksize=16, keyminlen=128, keydeflen=128, keymaxlen=256, ret=1
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:24:09 bitch pluto[19962]: | length/value: 2
May 8 15:24:09 bitch pluto[19962]: | [2 is OAKLEY_SHA1]
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:24:09 bitch pluto[19962]: | length/value: 19
May 8 15:24:09 bitch pluto[19962]: | [19 is OAKLEY_GROUP_ECP_256]
May 8 15:24:09 bitch pluto[19962]: "tunnel1-nat"[2] 192.168.10.25 #3:
OAKLEY_GROUP 19 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
May 8 15:24:09 bitch pluto[19962]: | *****parse ISAKMP Transform Payload
(ISAKMP):
May 8 15:24:09 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_T
May 8 15:24:09 bitch pluto[19962]: | length: 40
May 8 15:24:09 bitch pluto[19962]: | ISAKMP transform number: 3
May 8 15:24:09 bitch pluto[19962]: | ISAKMP transform ID: KEY_IKE
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_ENCRYPTION_ALGORITHM
May 8 15:24:09 bitch pluto[19962]: | length/value: 7
May 8 15:24:09 bitch pluto[19962]: | [7 is OAKLEY_AES_CBC]
May 8 15:24:09 bitch pluto[19962]: | ike_alg_enc_ok(ealg=7,key_len=0):
blocksize=16, keyminlen=128, keydeflen=128, keymaxlen=256, ret=1
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_KEY_LENGTH
May 8 15:24:09 bitch pluto[19962]: | length/value: 256
May 8 15:24:09 bitch pluto[19962]: | ike_alg_enc_ok(ealg=7,key_len=256):
blocksize=16, keyminlen=128, keydeflen=128, keymaxlen=256, ret=1
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_HASH_ALGORITHM
May 8 15:24:09 bitch pluto[19962]: | length/value: 2
May 8 15:24:09 bitch pluto[19962]: | [2 is OAKLEY_SHA1]
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_GROUP_DESCRIPTION
May 8 15:24:09 bitch pluto[19962]: | length/value: 14
May 8 15:24:09 bitch pluto[19962]: | [14 is OAKLEY_GROUP_MODP2048]
May 8 15:24:09 bitch pluto[19962]: | ******parse ISAKMP Oakley attribute:
May 8 15:24:09 bitch pluto[19962]: | af+type: OAKLEY_AUTHENTICATION_METHOD
May 8 15:24:09 bitch pluto[19962]: | length/value: 1
May 8 15:24:21 bitch pluto[19962]: |
May 8 15:24:21 bitch pluto[19962]: | *received 444 bytes from
192.168.10.25:1024 on eth1 (port=4500)
May 8 15:24:21 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df f0 88 83 b3
05 30 fa ac
May 8 15:24:21 bitch pluto[19962]: | 08 10 20 01 00 00 00 01 00 00 01 bc
59 47 e1 29
May 8 15:24:21 bitch pluto[19962]: | 8f 66 e3 1f 0b 5d 9a 18 08 5a 18 4d
8b e7 ed d1
May 8 15:24:21 bitch pluto[19962]: | d7 72 45 fc 95 f1 e3 28 0b c7 98 e4
40 73 b4 3e
May 8 15:24:21 bitch pluto[19962]: | 8b b8 2a 82 07 bd 0d 93 80 84 5c 7b
c3 1a a4 46
May 8 15:24:21 bitch pluto[19962]: | 71 91 eb cd c1 ad 84 8a 52 ed a2 69
7b cc 66 de
May 8 15:24:21 bitch pluto[19962]: | f7 29 d9 99 f8 48 6a 23 a7 e9 73 4a
47 34 de 5e
May 8 15:24:21 bitch pluto[19962]: | 58 85 f8 70 d9 72 ee ed 01 59 50 1a
01 85 af 57
May 8 15:24:21 bitch pluto[19962]: | e1 1b fb 6e a3 ff 41 d9 e5 3d 7d fd
86 5c 62 ef
May 8 15:24:21 bitch pluto[19962]: | 87 a6 1b 1f 8f 72 2d e5 67 fc 59 1a
1d 45 42 fe
May 8 15:24:21 bitch pluto[19962]: | 87 cd 05 6c 3e 39 e3 53 c7 b8 66 34
d6 ce 6f 51
May 8 15:24:21 bitch pluto[19962]: | 58 34 2f 6c 51 07 79 49 60 4b d6 e6
a6 2d a3 9d
May 8 15:24:21 bitch pluto[19962]: | 21 be dc e8 6a cd 64 4a e5 50 41 03
90 83 88 61
May 8 15:24:21 bitch pluto[19962]: | 02 ac 6e f0 f2 e4 09 8a 66 c1 7e 79
50 e9 f6 97
May 8 15:24:21 bitch pluto[19962]: | d8 80 86 2c 9e a7 db 52 44 74 a0 63
af 54 d4 0a
May 8 15:24:21 bitch pluto[19962]: | c5 58 46 13 50 dd 2e f8 31 4a 85 9f
70 19 7d e5
May 8 15:24:21 bitch pluto[19962]: | 89 d4 d4 85 3f da d3 ab 94 76 b5 98
bb 4c b5 ea
May 8 15:24:21 bitch pluto[19962]: | a6 88 65 70 c6 a9 08 87 e6 4e 94 02
db 06 b0 49
May 8 15:24:21 bitch pluto[19962]: | df 68 90 47 aa 88 8a ae bb 1b e3 1c
31 27 3a 31
May 8 15:24:21 bitch pluto[19962]: | 83 c4 7a 0e cd d2 b1 9c 3e 95 66 b9
83 c3 a9 9d
May 8 15:24:21 bitch pluto[19962]: | 30 73 a0 fe fe 87 c2 cf 4b 22 38 27
f2 e4 58 8d
May 8 15:24:21 bitch pluto[19962]: | de 8a 5c c5 99 dc 4b 5f 74 13 1e 9c
6d dd eb 5e
May 8 15:24:21 bitch pluto[19962]: | 8c c5 ca b3 ec 29 9c 32 0a 3a 32 16
aa 45 e1 09
May 8 15:24:21 bitch pluto[19962]: | 4c 5b 6a 20 43 53 fc 9f a6 99 4a 06
e2 de 0c 17
May 8 15:24:21 bitch pluto[19962]: | 2c 23 12 96 17 0e f1 1b ed ad 03 6c
ec 90 26 35
May 8 15:24:21 bitch pluto[19962]: | ad 48 18 9e 69 46 e5 69 03 05 d1 c3
08 97 ff 44
May 8 15:24:21 bitch pluto[19962]: | 12 bd 74 c8 27 a9 d2 8e 21 78 eb ea
a5 04 77 9f
May 8 15:24:21 bitch pluto[19962]: | 17 50 ad 8e 87 ca c8 92 e9 0b ff 9f
May 8 15:24:21 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:24:21 bitch pluto[19962]: | initiator cookie:
May 8 15:24:21 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:24:21 bitch pluto[19962]: | responder cookie:
May 8 15:24:21 bitch pluto[19962]: | f0 88 83 b3 05 30 fa ac
May 8 15:24:21 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_HASH
May 8 15:24:21 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
May 8 15:24:21 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_QUICK
May 8 15:24:21 bitch pluto[19962]: | flags: ISAKMP_FLAG_v1_ENCRYPTION
May 8 15:24:21 bitch pluto[19962]: | message ID: 00 00 00 01
May 8 15:24:21 bitch pluto[19962]: | length: 444
May 8 15:24:21 bitch pluto[19962]: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_QUICK (32)
May 8 15:24:21 bitch pluto[19962]: | ICOOKIE: 14 d8 b2 ef 4f 94 ba df
May 8 15:24:21 bitch pluto[19962]: | RCOOKIE: f0 88 83 b3 05 30 fa ac
May 8 15:24:21 bitch pluto[19962]: | state hash entry 8
May 8 15:24:21 bitch pluto[19962]: | v1 peer and cookies match on #4, provided
msgid 00000001 vs 00000001
May 8 15:24:21 bitch pluto[19962]: | v1 state object #4 found, in
STATE_QUICK_R0
May 8 15:24:21 bitch pluto[19962]: | processing connection tunnel1-nat[3]
192.168.10.25
May 8 15:24:21 bitch pluto[19962]: | #4 state_busy:1872 st != NULL &&
st->st_calculating == FALSE;
May 8 15:24:21 bitch pluto[19962]: | received encrypted packet from
192.168.10.25:1024
May 8 15:24:21 bitch pluto[19962]: | decrypting 416 bytes using algorithm
OAKLEY_AES_CBC
May 8 15:24:21 bitch pluto[19962]: | last Phase 1 IV:
May 8 15:24:21 bitch pluto[19962]: | current Phase 1 IV:
May 8 15:24:21 bitch pluto[19962]: | computed Phase 2 IV:
May 8 15:24:21 bitch pluto[19962]: | 47 9e 04 f3 d1 2d 11 2b 5c 04 c9 ee
67 e4 b1 e6
May 8 15:24:21 bitch pluto[19962]: | e2 01 ea 4e
May 8 15:24:21 bitch pluto[19962]: | NSS do_aes_cbc: enter
May 8 15:24:21 bitch pluto[19962]: | NSS do_aes_cbc: exit
May 8 15:24:21 bitch pluto[19962]: | decrypted:
May 8 15:24:21 bitch pluto[19962]: | 35 1f 3a 11 43 c0 b8 5e 17 f5 0f d0
05 fd 96 6a
May 8 15:24:21 bitch pluto[19962]: | 45 09 ea bd 48 6c 1f 3c 0a 00 01 18
00 00 00 01
May 8 15:24:21 bitch pluto[19962]: | 00 00 00 01 02 00 00 38 01 03 04 01
55 86 0d 10
May 8 15:24:21 bitch pluto[19962]: | 00 00 00 2c 01 0c 00 00 80 04 00 04
80 06 01 00
May 8 15:24:21 bitch pluto[19962]: | 80 05 00 02 80 01 00 01 00 02 00 04
00 00 0e 10
May 8 15:24:21 bitch pluto[19962]: | 80 01 00 02 00 02 00 04 00 03 d0 90
02 00 00 38
May 8 15:24:21 bitch pluto[19962]: | 02 03 04 01 55 86 0d 10 00 00 00 2c
01 0c 00 00
May 8 15:24:21 bitch pluto[19962]: | 80 04 00 04 80 06 00 80 80 05 00 02
80 01 00 01
May 8 15:24:21 bitch pluto[19962]: | 00 02 00 04 00 00 0e 10 80 01 00 02
00 02 00 04
May 8 15:24:21 bitch pluto[19962]: | 00 03 d0 90 02 00 00 34 03 03 04 01
55 86 0d 10
May 8 15:24:21 bitch pluto[19962]: | 00 00 00 28 01 03 00 00 80 04 00 04
80 05 00 02
May 8 15:24:21 bitch pluto[19962]: | 80 01 00 01 00 02 00 04 00 00 0e 10
80 01 00 02
May 8 15:24:21 bitch pluto[19962]: | 00 02 00 04 00 03 d0 90 02 00 00 34
04 03 04 01
May 8 15:24:21 bitch pluto[19962]: | 55 86 0d 10 00 00 00 28 01 02 00 00
80 04 00 04
May 8 15:24:21 bitch pluto[19962]: | 80 05 00 02 80 01 00 01 00 02 00 04
00 00 0e 10
May 8 15:24:21 bitch pluto[19962]: | 80 01 00 02 00 02 00 04 00 03 d0 90
00 00 00 34
May 8 15:24:21 bitch pluto[19962]: | 05 03 04 01 55 86 0d 10 00 00 00 28
01 0b 00 00
May 8 15:24:21 bitch pluto[19962]: | 80 04 00 04 80 05 00 02 80 01 00 01
00 02 00 04
May 8 15:24:21 bitch pluto[19962]: | 00 00 0e 10 80 01 00 02 00 02 00 04
00 03 d0 90
May 8 15:24:21 bitch pluto[19962]: | 05 00 00 34 e0 11 2a 0c 97 0d 5e 6c
3c a8 50 43
May 8 15:24:21 bitch pluto[19962]: | 30 65 43 4f e1 e9 8e ec ab eb 99 a7
65 49 cb 34
May 8 15:24:21 bitch pluto[19962]: | 1d aa 2f 86 f1 e8 ea fa 32 ff 2b eb
6d 6b 44 84
May 8 15:24:21 bitch pluto[19962]: | 5c f0 04 ff 05 00 00 0c 01 11 06 a5
c0 a8 08 81
May 8 15:24:21 bitch pluto[19962]: | 15 00 00 0c 01 11 06 a5 c0 a8 0a fe
15 00 00 0c
May 8 15:24:21 bitch pluto[19962]: | 01 00 00 00 c0 a8 08 81 00 00 00 0c
01 00 00 00
May 8 15:24:21 bitch pluto[19962]: | c0 a8 0a fe 00 00 00 00 00 00 00 00
00 00 00 00
May 8 15:24:21 bitch pluto[19962]: | next IV: a5 04 77 9f 17 50 ad 8e 87 ca
c8 92 e9 0b ff 9f
May 8 15:24:21 bitch pluto[19962]: | got payload 0x100 (ISAKMP_NEXT_HASH)
needed: 0x502opt: 0x200030
May 8 15:24:21 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #4: next
payload type of ISAKMP Hash Payload has an unknown value: 53
May 8 15:24:21 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #4:
malformed payload in packet
May 8 15:24:21 bitch pluto[19962]: | * processed 0 messages from cryptographic
helpers
May 8 15:24:21 bitch pluto[19962]: | next event EVENT_NAT_T_KEEPALIVE in 8
seconds
May 8 15:24:21 bitch pluto[19962]: | next event EVENT_NAT_T_KEEPALIVE in 8
seconds
May 8 15:24:29 bitch pluto[19962]: |
May 8 15:24:29 bitch pluto[19962]: | next event EVENT_NAT_T_KEEPALIVE in 0
seconds
May 8 15:24:29 bitch pluto[19962]: | *time to handle event
May 8 15:24:29 bitch pluto[19962]: | handling event EVENT_NAT_T_KEEPALIVE
May 8 15:24:29 bitch pluto[19962]: | event after this is EVENT_PENDING_DDNS in
24 seconds
May 8 15:24:29 bitch pluto[19962]: | processing connection tunnel1-nat[3]
192.168.10.25
May 8 15:24:29 bitch pluto[19962]: | Sending of NAT-T KEEP-ALIVE enabled by
per-conn configuration (nat_keepalive=yes)
May 8 15:24:29 bitch pluto[19962]: | processing connection tunnel1-nat[3]
192.168.10.25
May 8 15:24:29 bitch pluto[19962]: | Sending of NAT-T KEEP-ALIVE enabled by
per-conn configuration (nat_keepalive=yes)
May 8 15:24:29 bitch pluto[19962]: | processing connection tunnel1-nat[2]
192.168.10.25
May 8 15:24:29 bitch pluto[19962]: | Sending of NAT-T KEEP-ALIVE enabled by
per-conn configuration (nat_keepalive=yes)
May 8 15:24:29 bitch pluto[19962]: | processing connection tunnel1-nat[2]
192.168.10.25
May 8 15:24:29 bitch pluto[19962]: | Sending of NAT-T KEEP-ALIVE enabled by
per-conn configuration (nat_keepalive=yes)
May 8 15:24:29 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 24
seconds
May 8 15:24:36 bitch pluto[19962]: |
May 8 15:24:36 bitch pluto[19962]: | *received 444 bytes from
192.168.10.25:1024 on eth1 (port=4500)
May 8 15:24:36 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df f0 88 83 b3
05 30 fa ac
May 8 15:24:36 bitch pluto[19962]: | 08 10 20 01 00 00 00 01 00 00 01 bc
59 47 e1 29
May 8 15:24:36 bitch pluto[19962]: | 8f 66 e3 1f 0b 5d 9a 18 08 5a 18 4d
8b e7 ed d1
May 8 15:24:36 bitch pluto[19962]: | d7 72 45 fc 95 f1 e3 28 0b c7 98 e4
40 73 b4 3e
May 8 15:24:36 bitch pluto[19962]: | 8b b8 2a 82 07 bd 0d 93 80 84 5c 7b
c3 1a a4 46
May 8 15:24:36 bitch pluto[19962]: | 71 91 eb cd c1 ad 84 8a 52 ed a2 69
7b cc 66 de
May 8 15:24:36 bitch pluto[19962]: | f7 29 d9 99 f8 48 6a 23 a7 e9 73 4a
47 34 de 5e
May 8 15:24:36 bitch pluto[19962]: | 58 85 f8 70 d9 72 ee ed 01 59 50 1a
01 85 af 57
May 8 15:24:36 bitch pluto[19962]: | e1 1b fb 6e a3 ff 41 d9 e5 3d 7d fd
86 5c 62 ef
May 8 15:24:36 bitch pluto[19962]: | 87 a6 1b 1f 8f 72 2d e5 67 fc 59 1a
1d 45 42 fe
May 8 15:24:36 bitch pluto[19962]: | 87 cd 05 6c 3e 39 e3 53 c7 b8 66 34
d6 ce 6f 51
May 8 15:24:36 bitch pluto[19962]: | 58 34 2f 6c 51 07 79 49 60 4b d6 e6
a6 2d a3 9d
May 8 15:24:36 bitch pluto[19962]: | 21 be dc e8 6a cd 64 4a e5 50 41 03
90 83 88 61
May 8 15:24:36 bitch pluto[19962]: | 02 ac 6e f0 f2 e4 09 8a 66 c1 7e 79
50 e9 f6 97
May 8 15:24:36 bitch pluto[19962]: | d8 80 86 2c 9e a7 db 52 44 74 a0 63
af 54 d4 0a
May 8 15:24:36 bitch pluto[19962]: | c5 58 46 13 50 dd 2e f8 31 4a 85 9f
70 19 7d e5
May 8 15:24:36 bitch pluto[19962]: | 89 d4 d4 85 3f da d3 ab 94 76 b5 98
bb 4c b5 ea
May 8 15:24:36 bitch pluto[19962]: | a6 88 65 70 c6 a9 08 87 e6 4e 94 02
db 06 b0 49
May 8 15:24:36 bitch pluto[19962]: | df 68 90 47 aa 88 8a ae bb 1b e3 1c
31 27 3a 31
May 8 15:24:36 bitch pluto[19962]: | 83 c4 7a 0e cd d2 b1 9c 3e 95 66 b9
83 c3 a9 9d
May 8 15:24:36 bitch pluto[19962]: | 30 73 a0 fe fe 87 c2 cf 4b 22 38 27
f2 e4 58 8d
May 8 15:24:36 bitch pluto[19962]: | de 8a 5c c5 99 dc 4b 5f 74 13 1e 9c
6d dd eb 5e
May 8 15:24:36 bitch pluto[19962]: | 8c c5 ca b3 ec 29 9c 32 0a 3a 32 16
aa 45 e1 09
May 8 15:24:36 bitch pluto[19962]: | 4c 5b 6a 20 43 53 fc 9f a6 99 4a 06
e2 de 0c 17
May 8 15:24:36 bitch pluto[19962]: | 2c 23 12 96 17 0e f1 1b ed ad 03 6c
ec 90 26 35
May 8 15:24:36 bitch pluto[19962]: | ad 48 18 9e 69 46 e5 69 03 05 d1 c3
08 97 ff 44
May 8 15:24:36 bitch pluto[19962]: | 12 bd 74 c8 27 a9 d2 8e 21 78 eb ea
a5 04 77 9f
May 8 15:24:36 bitch pluto[19962]: | 17 50 ad 8e 87 ca c8 92 e9 0b ff 9f
May 8 15:24:36 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:24:36 bitch pluto[19962]: | initiator cookie:
May 8 15:24:36 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:24:36 bitch pluto[19962]: | responder cookie:
May 8 15:24:36 bitch pluto[19962]: | f0 88 83 b3 05 30 fa ac
May 8 15:24:36 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_HASH
May 8 15:24:36 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
May 8 15:24:36 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_QUICK
May 8 15:24:36 bitch pluto[19962]: | flags: ISAKMP_FLAG_v1_ENCRYPTION
May 8 15:24:36 bitch pluto[19962]: | message ID: 00 00 00 01
May 8 15:24:36 bitch pluto[19962]: | length: 444
May 8 15:24:36 bitch pluto[19962]: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_QUICK (32)
May 8 15:24:36 bitch pluto[19962]: | ICOOKIE: 14 d8 b2 ef 4f 94 ba df
May 8 15:24:36 bitch pluto[19962]: | RCOOKIE: f0 88 83 b3 05 30 fa ac
May 8 15:24:36 bitch pluto[19962]: | state hash entry 8
May 8 15:24:36 bitch pluto[19962]: | v1 peer and cookies match on #4, provided
msgid 00000001 vs 00000001
May 8 15:24:36 bitch pluto[19962]: | v1 state object #4 found, in
STATE_QUICK_R0
May 8 15:24:36 bitch pluto[19962]: | processing connection tunnel1-nat[3]
192.168.10.25
May 8 15:24:36 bitch pluto[19962]: | #4 state_busy:1872 st != NULL &&
st->st_calculating == FALSE;
May 8 15:24:36 bitch pluto[19962]: | received encrypted packet from
192.168.10.25:1024
May 8 15:24:36 bitch pluto[19962]: | decrypting 416 bytes using algorithm
OAKLEY_AES_CBC
May 8 15:24:36 bitch pluto[19962]: | last Phase 1 IV:
May 8 15:24:36 bitch pluto[19962]: | current Phase 1 IV:
May 8 15:24:36 bitch pluto[19962]: | computed Phase 2 IV:
May 8 15:24:36 bitch pluto[19962]: | 47 9e 04 f3 d1 2d 11 2b 5c 04 c9 ee
67 e4 b1 e6
May 8 15:24:36 bitch pluto[19962]: | e2 01 ea 4e
May 8 15:24:36 bitch pluto[19962]: | NSS do_aes_cbc: enter
May 8 15:24:36 bitch pluto[19962]: | NSS do_aes_cbc: exit
May 8 15:24:36 bitch pluto[19962]: | decrypted:
May 8 15:24:36 bitch pluto[19962]: | 35 1f 3a 11 43 c0 b8 5e 17 f5 0f d0
05 fd 96 6a
May 8 15:24:36 bitch pluto[19962]: | 45 09 ea bd 48 6c 1f 3c 0a 00 01 18
00 00 00 01
May 8 15:24:36 bitch pluto[19962]: | 00 00 00 01 02 00 00 38 01 03 04 01
55 86 0d 10
May 8 15:24:36 bitch pluto[19962]: | 00 00 00 2c 01 0c 00 00 80 04 00 04
80 06 01 00
May 8 15:24:36 bitch pluto[19962]: | 80 05 00 02 80 01 00 01 00 02 00 04
00 00 0e 10
May 8 15:24:36 bitch pluto[19962]: | 80 01 00 02 00 02 00 04 00 03 d0 90
02 00 00 38
May 8 15:24:36 bitch pluto[19962]: | 02 03 04 01 55 86 0d 10 00 00 00 2c
01 0c 00 00
May 8 15:24:36 bitch pluto[19962]: | 80 04 00 04 80 06 00 80 80 05 00 02
80 01 00 01
May 8 15:24:36 bitch pluto[19962]: | 00 02 00 04 00 00 0e 10 80 01 00 02
00 02 00 04
May 8 15:24:36 bitch pluto[19962]: | 00 03 d0 90 02 00 00 34 03 03 04 01
55 86 0d 10
May 8 15:24:36 bitch pluto[19962]: | 00 00 00 28 01 03 00 00 80 04 00 04
80 05 00 02
May 8 15:24:36 bitch pluto[19962]: | 80 01 00 01 00 02 00 04 00 00 0e 10
80 01 00 02
May 8 15:24:36 bitch pluto[19962]: | 00 02 00 04 00 03 d0 90 02 00 00 34
04 03 04 01
May 8 15:24:36 bitch pluto[19962]: | 55 86 0d 10 00 00 00 28 01 02 00 00
80 04 00 04
May 8 15:24:36 bitch pluto[19962]: | 80 05 00 02 80 01 00 01 00 02 00 04
00 00 0e 10
May 8 15:24:36 bitch pluto[19962]: | 80 01 00 02 00 02 00 04 00 03 d0 90
00 00 00 34
May 8 15:24:36 bitch pluto[19962]: | 05 03 04 01 55 86 0d 10 00 00 00 28
01 0b 00 00
May 8 15:24:36 bitch pluto[19962]: | 80 04 00 04 80 05 00 02 80 01 00 01
00 02 00 04
May 8 15:24:36 bitch pluto[19962]: | 00 00 0e 10 80 01 00 02 00 02 00 04
00 03 d0 90
May 8 15:24:36 bitch pluto[19962]: | 05 00 00 34 e0 11 2a 0c 97 0d 5e 6c
3c a8 50 43
May 8 15:24:36 bitch pluto[19962]: | 30 65 43 4f e1 e9 8e ec ab eb 99 a7
65 49 cb 34
May 8 15:24:36 bitch pluto[19962]: | 1d aa 2f 86 f1 e8 ea fa 32 ff 2b eb
6d 6b 44 84
May 8 15:24:36 bitch pluto[19962]: | 5c f0 04 ff 05 00 00 0c 01 11 06 a5
c0 a8 08 81
May 8 15:24:36 bitch pluto[19962]: | 15 00 00 0c 01 11 06 a5 c0 a8 0a fe
15 00 00 0c
May 8 15:24:36 bitch pluto[19962]: | 01 00 00 00 c0 a8 08 81 00 00 00 0c
01 00 00 00
May 8 15:24:36 bitch pluto[19962]: | c0 a8 0a fe 00 00 00 00 00 00 00 00
00 00 00 00
May 8 15:24:36 bitch pluto[19962]: | next IV: a5 04 77 9f 17 50 ad 8e 87 ca
c8 92 e9 0b ff 9f
May 8 15:24:36 bitch pluto[19962]: | got payload 0x100 (ISAKMP_NEXT_HASH)
needed: 0x502opt: 0x200030
May 8 15:24:36 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #4: next
payload type of ISAKMP Hash Payload has an unknown value: 53
May 8 15:24:36 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #4:
malformed payload in packet
May 8 15:24:36 bitch pluto[19962]: | * processed 0 messages from cryptographic
helpers
May 8 15:24:36 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 17
seconds
May 8 15:24:36 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 17
seconds
May 8 15:24:39 bitch pluto[19962]: |
May 8 15:24:39 bitch pluto[19962]: | *received kernel message
May 8 15:24:39 bitch pluto[19962]: | netlink_get: XFRM_MSG_EXPIRE message
May 8 15:24:39 bitch pluto[19962]: | * processed 0 messages from cryptographic
helpers
May 8 15:24:39 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 14
seconds
May 8 15:24:39 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 14
seconds
May 8 15:24:51 bitch pluto[19962]: |
May 8 15:24:51 bitch pluto[19962]: | *received 444 bytes from
192.168.10.25:1024 on eth1 (port=4500)
May 8 15:24:51 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df f0 88 83 b3
05 30 fa ac
May 8 15:24:51 bitch pluto[19962]: | 08 10 20 01 00 00 00 01 00 00 01 bc
59 47 e1 29
May 8 15:24:51 bitch pluto[19962]: | 8f 66 e3 1f 0b 5d 9a 18 08 5a 18 4d
8b e7 ed d1
May 8 15:24:51 bitch pluto[19962]: | d7 72 45 fc 95 f1 e3 28 0b c7 98 e4
40 73 b4 3e
May 8 15:24:51 bitch pluto[19962]: | 8b b8 2a 82 07 bd 0d 93 80 84 5c 7b
c3 1a a4 46
May 8 15:24:51 bitch pluto[19962]: | 71 91 eb cd c1 ad 84 8a 52 ed a2 69
7b cc 66 de
May 8 15:24:51 bitch pluto[19962]: | f7 29 d9 99 f8 48 6a 23 a7 e9 73 4a
47 34 de 5e
May 8 15:24:51 bitch pluto[19962]: | 58 85 f8 70 d9 72 ee ed 01 59 50 1a
01 85 af 57
May 8 15:24:51 bitch pluto[19962]: | e1 1b fb 6e a3 ff 41 d9 e5 3d 7d fd
86 5c 62 ef
May 8 15:24:51 bitch pluto[19962]: | 87 a6 1b 1f 8f 72 2d e5 67 fc 59 1a
1d 45 42 fe
May 8 15:24:51 bitch pluto[19962]: | 87 cd 05 6c 3e 39 e3 53 c7 b8 66 34
d6 ce 6f 51
May 8 15:24:51 bitch pluto[19962]: | 58 34 2f 6c 51 07 79 49 60 4b d6 e6
a6 2d a3 9d
May 8 15:24:51 bitch pluto[19962]: | 21 be dc e8 6a cd 64 4a e5 50 41 03
90 83 88 61
May 8 15:24:51 bitch pluto[19962]: | 02 ac 6e f0 f2 e4 09 8a 66 c1 7e 79
50 e9 f6 97
May 8 15:24:51 bitch pluto[19962]: | d8 80 86 2c 9e a7 db 52 44 74 a0 63
af 54 d4 0a
May 8 15:24:51 bitch pluto[19962]: | c5 58 46 13 50 dd 2e f8 31 4a 85 9f
70 19 7d e5
May 8 15:24:51 bitch pluto[19962]: | 89 d4 d4 85 3f da d3 ab 94 76 b5 98
bb 4c b5 ea
May 8 15:24:51 bitch pluto[19962]: | a6 88 65 70 c6 a9 08 87 e6 4e 94 02
db 06 b0 49
May 8 15:24:51 bitch pluto[19962]: | df 68 90 47 aa 88 8a ae bb 1b e3 1c
31 27 3a 31
May 8 15:24:51 bitch pluto[19962]: | 83 c4 7a 0e cd d2 b1 9c 3e 95 66 b9
83 c3 a9 9d
May 8 15:24:51 bitch pluto[19962]: | 30 73 a0 fe fe 87 c2 cf 4b 22 38 27
f2 e4 58 8d
May 8 15:24:51 bitch pluto[19962]: | de 8a 5c c5 99 dc 4b 5f 74 13 1e 9c
6d dd eb 5e
May 8 15:24:51 bitch pluto[19962]: | 8c c5 ca b3 ec 29 9c 32 0a 3a 32 16
aa 45 e1 09
May 8 15:24:51 bitch pluto[19962]: | 4c 5b 6a 20 43 53 fc 9f a6 99 4a 06
e2 de 0c 17
May 8 15:24:51 bitch pluto[19962]: | 2c 23 12 96 17 0e f1 1b ed ad 03 6c
ec 90 26 35
May 8 15:24:51 bitch pluto[19962]: | ad 48 18 9e 69 46 e5 69 03 05 d1 c3
08 97 ff 44
May 8 15:24:51 bitch pluto[19962]: | 12 bd 74 c8 27 a9 d2 8e 21 78 eb ea
a5 04 77 9f
May 8 15:24:51 bitch pluto[19962]: | 17 50 ad 8e 87 ca c8 92 e9 0b ff 9f
May 8 15:24:51 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:24:51 bitch pluto[19962]: | initiator cookie:
May 8 15:24:51 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:24:51 bitch pluto[19962]: | responder cookie:
May 8 15:24:51 bitch pluto[19962]: | f0 88 83 b3 05 30 fa ac
May 8 15:24:51 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_HASH
May 8 15:24:51 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
May 8 15:24:51 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_QUICK
May 8 15:24:51 bitch pluto[19962]: | flags: ISAKMP_FLAG_v1_ENCRYPTION
May 8 15:24:51 bitch pluto[19962]: | message ID: 00 00 00 01
May 8 15:24:51 bitch pluto[19962]: | length: 444
May 8 15:24:51 bitch pluto[19962]: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_QUICK (32)
May 8 15:24:51 bitch pluto[19962]: | ICOOKIE: 14 d8 b2 ef 4f 94 ba df
May 8 15:24:51 bitch pluto[19962]: | RCOOKIE: f0 88 83 b3 05 30 fa ac
May 8 15:24:51 bitch pluto[19962]: | state hash entry 8
May 8 15:24:51 bitch pluto[19962]: | v1 peer and cookies match on #4, provided
msgid 00000001 vs 00000001
May 8 15:24:51 bitch pluto[19962]: | v1 state object #4 found, in
STATE_QUICK_R0
May 8 15:24:51 bitch pluto[19962]: | processing connection tunnel1-nat[3]
192.168.10.25
May 8 15:24:51 bitch pluto[19962]: | #4 state_busy:1872 st != NULL &&
st->st_calculating == FALSE;
May 8 15:24:51 bitch pluto[19962]: | received encrypted packet from
192.168.10.25:1024
May 8 15:24:51 bitch pluto[19962]: | decrypting 416 bytes using algorithm
OAKLEY_AES_CBC
May 8 15:24:51 bitch pluto[19962]: | last Phase 1 IV:
May 8 15:24:51 bitch pluto[19962]: | current Phase 1 IV:
May 8 15:24:51 bitch pluto[19962]: | computed Phase 2 IV:
May 8 15:24:51 bitch pluto[19962]: | 47 9e 04 f3 d1 2d 11 2b 5c 04 c9 ee
67 e4 b1 e6
May 8 15:24:51 bitch pluto[19962]: | e2 01 ea 4e
May 8 15:24:51 bitch pluto[19962]: | NSS do_aes_cbc: enter
May 8 15:24:51 bitch pluto[19962]: | NSS do_aes_cbc: exit
May 8 15:24:51 bitch pluto[19962]: | decrypted:
May 8 15:24:51 bitch pluto[19962]: | 35 1f 3a 11 43 c0 b8 5e 17 f5 0f d0
05 fd 96 6a
May 8 15:24:51 bitch pluto[19962]: | 45 09 ea bd 48 6c 1f 3c 0a 00 01 18
00 00 00 01
May 8 15:24:51 bitch pluto[19962]: | 00 00 00 01 02 00 00 38 01 03 04 01
55 86 0d 10
May 8 15:24:51 bitch pluto[19962]: | 00 00 00 2c 01 0c 00 00 80 04 00 04
80 06 01 00
May 8 15:24:51 bitch pluto[19962]: | 80 05 00 02 80 01 00 01 00 02 00 04
00 00 0e 10
May 8 15:24:51 bitch pluto[19962]: | 80 01 00 02 00 02 00 04 00 03 d0 90
02 00 00 38
May 8 15:24:51 bitch pluto[19962]: | 02 03 04 01 55 86 0d 10 00 00 00 2c
01 0c 00 00
May 8 15:24:51 bitch pluto[19962]: | 80 04 00 04 80 06 00 80 80 05 00 02
80 01 00 01
May 8 15:24:51 bitch pluto[19962]: | 00 02 00 04 00 00 0e 10 80 01 00 02
00 02 00 04
May 8 15:24:51 bitch pluto[19962]: | 00 03 d0 90 02 00 00 34 03 03 04 01
55 86 0d 10
May 8 15:24:51 bitch pluto[19962]: | 00 00 00 28 01 03 00 00 80 04 00 04
80 05 00 02
May 8 15:24:51 bitch pluto[19962]: | 80 01 00 01 00 02 00 04 00 00 0e 10
80 01 00 02
May 8 15:24:51 bitch pluto[19962]: | 00 02 00 04 00 03 d0 90 02 00 00 34
04 03 04 01
May 8 15:24:51 bitch pluto[19962]: | 55 86 0d 10 00 00 00 28 01 02 00 00
80 04 00 04
May 8 15:24:51 bitch pluto[19962]: | 80 05 00 02 80 01 00 01 00 02 00 04
00 00 0e 10
May 8 15:24:51 bitch pluto[19962]: | 80 01 00 02 00 02 00 04 00 03 d0 90
00 00 00 34
May 8 15:24:51 bitch pluto[19962]: | 05 03 04 01 55 86 0d 10 00 00 00 28
01 0b 00 00
May 8 15:24:51 bitch pluto[19962]: | 80 04 00 04 80 05 00 02 80 01 00 01
00 02 00 04
May 8 15:24:51 bitch pluto[19962]: | 00 00 0e 10 80 01 00 02 00 02 00 04
00 03 d0 90
May 8 15:24:51 bitch pluto[19962]: | 05 00 00 34 e0 11 2a 0c 97 0d 5e 6c
3c a8 50 43
May 8 15:24:51 bitch pluto[19962]: | 30 65 43 4f e1 e9 8e ec ab eb 99 a7
65 49 cb 34
May 8 15:24:51 bitch pluto[19962]: | 1d aa 2f 86 f1 e8 ea fa 32 ff 2b eb
6d 6b 44 84
May 8 15:24:51 bitch pluto[19962]: | 5c f0 04 ff 05 00 00 0c 01 11 06 a5
c0 a8 08 81
May 8 15:24:51 bitch pluto[19962]: | 15 00 00 0c 01 11 06 a5 c0 a8 0a fe
15 00 00 0c
May 8 15:24:51 bitch pluto[19962]: | 01 00 00 00 c0 a8 08 81 00 00 00 0c
01 00 00 00
May 8 15:24:51 bitch pluto[19962]: | c0 a8 0a fe 00 00 00 00 00 00 00 00
00 00 00 00
May 8 15:24:51 bitch pluto[19962]: | next IV: a5 04 77 9f 17 50 ad 8e 87 ca
c8 92 e9 0b ff 9f
May 8 15:24:51 bitch pluto[19962]: | got payload 0x100 (ISAKMP_NEXT_HASH)
needed: 0x502opt: 0x200030
May 8 15:24:51 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #4: next
payload type of ISAKMP Hash Payload has an unknown value: 53
May 8 15:24:51 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #4:
malformed payload in packet
May 8 15:24:51 bitch pluto[19962]: | * processed 0 messages from cryptographic
helpers
May 8 15:24:51 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 2 seconds
May 8 15:24:51 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 2 seconds
May 8 15:24:53 bitch pluto[19962]: |
May 8 15:24:53 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 0 seconds
May 8 15:24:53 bitch pluto[19962]: | *time to handle event
May 8 15:24:53 bitch pluto[19962]: | handling event EVENT_PENDING_DDNS
May 8 15:24:53 bitch pluto[19962]: | event after this is EVENT_PENDING_PHASE2
in 0 seconds
May 8 15:24:53 bitch pluto[19962]: | inserting event EVENT_PENDING_DDNS,
timeout in 60 seconds
May 8 15:24:53 bitch pluto[19962]: | event added after event
EVENT_PENDING_PHASE2
May 8 15:24:53 bitch pluto[19962]: | handling event EVENT_PENDING_PHASE2
May 8 15:24:53 bitch pluto[19962]: | event after this is EVENT_PENDING_DDNS in
60 seconds
May 8 15:24:53 bitch pluto[19962]: | inserting event EVENT_PENDING_PHASE2,
timeout in 120 seconds
May 8 15:24:53 bitch pluto[19962]: | event added after event EVENT_PENDING_DDNS
May 8 15:24:53 bitch pluto[19962]: | pending review: connection "tunnel1-nat"
was not up, skipped
May 8 15:24:53 bitch pluto[19962]: | pending review: connection "tunnel1-nat"
was not up, skipped
May 8 15:24:53 bitch pluto[19962]: | pending review: connection "tunnel1" was
not up, skipped
May 8 15:24:53 bitch pluto[19962]: | pending review: connection "tunnel1-nat"
was not up, skipped
May 8 15:24:53 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 60
seconds
May 8 15:25:06 bitch pluto[19962]: |
May 8 15:25:06 bitch pluto[19962]: | *received 92 bytes from
192.168.10.25:1024 on eth1 (port=4500)
May 8 15:25:06 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df f0 88 83 b3
05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | 08 10 05 01 d8 23 be 34 00 00 00 5c
5d 9e e0 32
May 8 15:25:06 bitch pluto[19962]: | 52 a4 62 64 1b e2 c1 dc 0a 7f 30 ac
6d 2f a3 a1
May 8 15:25:06 bitch pluto[19962]: | 11 d8 40 d1 32 21 5c 38 d6 bb b4 ce
13 7c fd e1
May 8 15:25:06 bitch pluto[19962]: | e8 47 df ea 09 6e e9 ef 79 07 b0 7a
26 00 22 5b
May 8 15:25:06 bitch pluto[19962]: | f0 ff 04 15 15 b5 5d 10 13 3c f7 c7
May 8 15:25:06 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:25:06 bitch pluto[19962]: | initiator cookie:
May 8 15:25:06 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:25:06 bitch pluto[19962]: | responder cookie:
May 8 15:25:06 bitch pluto[19962]: | f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_HASH
May 8 15:25:06 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
May 8 15:25:06 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_INFO
May 8 15:25:06 bitch pluto[19962]: | flags: ISAKMP_FLAG_v1_ENCRYPTION
May 8 15:25:06 bitch pluto[19962]: | message ID: d8 23 be 34
May 8 15:25:06 bitch pluto[19962]: | length: 92
May 8 15:25:06 bitch pluto[19962]: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_INFO (5)
May 8 15:25:06 bitch pluto[19962]: | ICOOKIE: 14 d8 b2 ef 4f 94 ba df
May 8 15:25:06 bitch pluto[19962]: | RCOOKIE: f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | state hash entry 8
May 8 15:25:06 bitch pluto[19962]: | peer and cookies match on #4, provided
msgid 00000000 vs 00000001/00000000
May 8 15:25:06 bitch pluto[19962]: | peer and cookies match on #3, provided
msgid 00000000 vs 00000000/00000000
May 8 15:25:06 bitch pluto[19962]: | p15 state object #3 found, in
STATE_MAIN_R3
May 8 15:25:06 bitch pluto[19962]: | processing connection tunnel1-nat[3]
192.168.10.25
May 8 15:25:06 bitch pluto[19962]: | last Phase 1 IV: 53 41 2a e1 b8 a2 fc
76 69 fb 40 db ce b2 02 3f
May 8 15:25:06 bitch pluto[19962]: | current Phase 1 IV: 53 41 2a e1 b8 a2
fc 76 69 fb 40 db ce b2 02 3f
May 8 15:25:06 bitch pluto[19962]: | computed Phase 2 IV:
May 8 15:25:06 bitch pluto[19962]: | 50 29 a2 ac 14 60 d7 a6 b7 cc ab f9
77 5b de eb
May 8 15:25:06 bitch pluto[19962]: | 8b 83 d9 d2
May 8 15:25:06 bitch pluto[19962]: | #3 state_busy:1872 st != NULL &&
st->st_calculating == FALSE;
May 8 15:25:06 bitch pluto[19962]: | received encrypted packet from
192.168.10.25:1024
May 8 15:25:06 bitch pluto[19962]: | decrypting 64 bytes using algorithm
OAKLEY_AES_CBC
May 8 15:25:06 bitch pluto[19962]: | NSS do_aes_cbc: enter
May 8 15:25:06 bitch pluto[19962]: | NSS do_aes_cbc: exit
May 8 15:25:06 bitch pluto[19962]: | decrypted:
May 8 15:25:06 bitch pluto[19962]: | 0c 00 00 18 b2 ae 09 20 39 25 03 dd
d1 5a e2 a7
May 8 15:25:06 bitch pluto[19962]: | d6 7e c8 9e f0 5f ed e0 00 00 00 1c
00 00 00 01
May 8 15:25:06 bitch pluto[19962]: | 01 10 00 01 14 d8 b2 ef 4f 94 ba df
f0 88 83 b3
May 8 15:25:06 bitch pluto[19962]: | 05 30 fa ac 00 00 00 00 00 00 00 00
00 00 00 00
May 8 15:25:06 bitch pluto[19962]: | next IV: 26 00 22 5b f0 ff 04 15 15 b5
5d 10 13 3c f7 c7
May 8 15:25:06 bitch pluto[19962]: | got payload 0x100 (ISAKMP_NEXT_HASH)
needed: 0x100opt: 0x0
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Hash Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_D
May 8 15:25:06 bitch pluto[19962]: | length: 24
May 8 15:25:06 bitch pluto[19962]: | got payload 0x1000 (ISAKMP_NEXT_D)
needed: 0x0opt: 0x0
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Delete Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_NONE
May 8 15:25:06 bitch pluto[19962]: | length: 28
May 8 15:25:06 bitch pluto[19962]: | DOI: ISAKMP_DOI_IPSEC
May 8 15:25:06 bitch pluto[19962]: | protocol ID: 1
May 8 15:25:06 bitch pluto[19962]: | SPI size: 16
May 8 15:25:06 bitch pluto[19962]: | number of SPIs: 1
May 8 15:25:06 bitch pluto[19962]: | removing 12 bytes of padding
May 8 15:25:06 bitch pluto[19962]: | parsing 8 raw bytes of ISAKMP Delete
Payload into iCookie
May 8 15:25:06 bitch pluto[19962]: | iCookie 14 d8 b2 ef 4f 94 ba df
May 8 15:25:06 bitch pluto[19962]: | parsing 8 raw bytes of ISAKMP Delete
Payload into rCookie
May 8 15:25:06 bitch pluto[19962]: | rCookie f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | ICOOKIE: 14 d8 b2 ef 4f 94 ba df
May 8 15:25:06 bitch pluto[19962]: | RCOOKIE: f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | state hash entry 8
May 8 15:25:06 bitch pluto[19962]: | v1 peer and cookies match on #4, provided
msgid 00000000 vs 00000001
May 8 15:25:06 bitch pluto[19962]: | v1 peer and cookies match on #3, provided
msgid 00000000 vs 00000000
May 8 15:25:06 bitch pluto[19962]: | v1 state object #3 found, in STATE_MAIN_R3
May 8 15:25:06 bitch pluto[19962]: | del:
May 8 15:25:06 bitch pluto[19962]: "tunnel1-nat"[3] 192.168.10.25 #3: received
Delete SA payload: self-deleting ISAKMP State #3
May 8 15:25:06 bitch pluto[19962]: | deleting state #3
May 8 15:25:06 bitch pluto[19962]: | **emit ISAKMP Message:
May 8 15:25:06 bitch pluto[19962]: | initiator cookie:
May 8 15:25:06 bitch pluto[19962]: | 14 d8 b2 ef 4f 94 ba df
May 8 15:25:06 bitch pluto[19962]: | responder cookie:
May 8 15:25:06 bitch pluto[19962]: | f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_HASH
May 8 15:25:06 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
May 8 15:25:06 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_INFO
May 8 15:25:06 bitch pluto[19962]: | flags: ISAKMP_FLAG_v1_ENCRYPTION
May 8 15:25:06 bitch pluto[19962]: | message ID: 48 68 95 9b
May 8 15:25:06 bitch pluto[19962]: | ***emit ISAKMP Hash Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_D
May 8 15:25:06 bitch pluto[19962]: | emitting 20 zero bytes of HASH(1) into
ISAKMP Hash Payload
May 8 15:25:06 bitch pluto[19962]: | emitting length of ISAKMP Hash Payload: 24
May 8 15:25:06 bitch pluto[19962]: | ***emit ISAKMP Delete Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_NONE
May 8 15:25:06 bitch pluto[19962]: | DOI: ISAKMP_DOI_IPSEC
May 8 15:25:06 bitch pluto[19962]: | protocol ID: 1
May 8 15:25:06 bitch pluto[19962]: | SPI size: 16
May 8 15:25:06 bitch pluto[19962]: | number of SPIs: 1
May 8 15:25:06 bitch pluto[19962]: | emitting 16 raw bytes of delete payload
into ISAKMP Delete Payload
May 8 15:25:06 bitch pluto[19962]: | delete payload 14 d8 b2 ef 4f 94 ba df
f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | emitting length of ISAKMP Delete Payload:
28
May 8 15:25:06 bitch pluto[19962]: | hmac_update data value:
May 8 15:25:06 bitch pluto[19962]: | 48 68 95 9b
May 8 15:25:06 bitch pluto[19962]: | hmac_update: inside if
May 8 15:25:06 bitch pluto[19962]: | hmac_update: after digest
May 8 15:25:06 bitch pluto[19962]: | hmac_update: after assert
May 8 15:25:06 bitch pluto[19962]: | hmac_update data value:
May 8 15:25:06 bitch pluto[19962]: | 00 00 00 1c 00 00 00 01 01 10 00 01
14 d8 b2 ef
May 8 15:25:06 bitch pluto[19962]: | 4f 94 ba df f0 88 83 b3 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | hmac_update: inside if
May 8 15:25:06 bitch pluto[19962]: | hmac_update: after digest
May 8 15:25:06 bitch pluto[19962]: | hmac_update: after assert
May 8 15:25:06 bitch pluto[19962]: | HASH(1) computed:
May 8 15:25:06 bitch pluto[19962]: | 97 ae 28 72 63 15 b8 1d 0f c9 ac 41
f1 8a 1b b6
May 8 15:25:06 bitch pluto[19962]: | e5 39 64 15
May 8 15:25:06 bitch pluto[19962]: | last Phase 1 IV: 53 41 2a e1 b8 a2 fc
76 69 fb 40 db ce b2 02 3f
May 8 15:25:06 bitch pluto[19962]: | current Phase 1 IV: 53 41 2a e1 b8 a2
fc 76 69 fb 40 db ce b2 02 3f
May 8 15:25:06 bitch pluto[19962]: | computed Phase 2 IV:
May 8 15:25:06 bitch pluto[19962]: | 0f 7d 4d 9a 44 c6 9a 97 fe 8c 65 66
42 86 03 b7
May 8 15:25:06 bitch pluto[19962]: | d7 98 e2 ba
May 8 15:25:06 bitch pluto[19962]: | encrypting: 0c 00 00 18 97 ae 28 72 63
15 b8 1d 0f c9 ac 41
May 8 15:25:06 bitch pluto[19962]: | encrypting: f1 8a 1b b6 e5 39 64 15 00
00 00 1c 00 00 00 01
May 8 15:25:06 bitch pluto[19962]: | encrypting: 01 10 00 01 14 d8 b2 ef 4f
94 ba df f0 88 83 b3
May 8 15:25:06 bitch pluto[19962]: | encrypting: 05 30 fa ac
May 8 15:25:06 bitch pluto[19962]: | IV: 0f 7d 4d 9a 44 c6 9a 97 fe 8c 65
66 42 86 03 b7
May 8 15:25:06 bitch pluto[19962]: | IV: d7 98 e2 ba
May 8 15:25:06 bitch pluto[19962]: | unpadded size is: 52
May 8 15:25:06 bitch pluto[19962]: | emitting 12 zero bytes of encryption
padding into ISAKMP Message
May 8 15:25:06 bitch pluto[19962]: | encrypting 64 using OAKLEY_AES_CBC
May 8 15:25:06 bitch pluto[19962]: | NSS do_aes_cbc: enter
May 8 15:25:06 bitch pluto[19962]: | NSS do_aes_cbc: exit
May 8 15:25:06 bitch pluto[19962]: | next IV: 7f e3 14 24 66 ac 28 aa 8a 4f
4f a8 8b 26 a2 3d
May 8 15:25:06 bitch pluto[19962]: | no IKE message padding required
May 8 15:25:06 bitch pluto[19962]: | emitting length of ISAKMP Message: 92
May 8 15:25:06 bitch pluto[19962]: | sending 96 bytes for delete notify
through eth1:4500 to 192.168.10.25:1024 (using #3)
May 8 15:25:06 bitch pluto[19962]: | 00 00 00 00 14 d8 b2 ef 4f 94 ba df
f0 88 83 b3
May 8 15:25:06 bitch pluto[19962]: | 05 30 fa ac 08 10 05 01 48 68 95 9b
00 00 00 5c
May 8 15:25:06 bitch pluto[19962]: | d9 7a 25 09 81 b8 60 e7 fb a8 ca 9e
d5 91 0f ca
May 8 15:25:06 bitch pluto[19962]: | a9 a0 12 86 26 ba 76 cd 45 c5 b2 9e
9f c7 e6 77
May 8 15:25:06 bitch pluto[19962]: | 79 a1 c5 78 f8 71 5f 62 34 bc 04 08
69 49 4e 94
May 8 15:25:06 bitch pluto[19962]: | 7f e3 14 24 66 ac 28 aa 8a 4f 4f a8
8b 26 a2 3d
May 8 15:25:06 bitch pluto[19962]: | deleting event for #3
May 8 15:25:06 bitch pluto[19962]: packet from 192.168.10.25:1024: received
and ignored empty informational notification payload
May 8 15:25:06 bitch pluto[19962]: | complete v1 state transition with
STF_IGNORE
May 8 15:25:06 bitch pluto[19962]: | * processed 0 messages from cryptographic
helpers
May 8 15:25:06 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 47
seconds
May 8 15:25:06 bitch pluto[19962]: | next event EVENT_PENDING_DDNS in 47
seconds
May 8 15:25:06 bitch pluto[19962]: |
May 8 15:25:06 bitch pluto[19962]: | *received 408 bytes from 192.168.10.25:1
on eth1 (port=500)
May 8 15:25:06 bitch pluto[19962]: | 06 41 ba f0 fe 82 86 ea 00 00 00 00
00 00 00 00
May 8 15:25:06 bitch pluto[19962]: | 01 10 02 00 00 00 00 00 00 00 01 98
0d 00 00 d4
May 8 15:25:06 bitch pluto[19962]: | 00 00 00 01 00 00 00 01 00 00 00 c8
01 01 00 05
May 8 15:25:06 bitch pluto[19962]: | 03 00 00 28 01 01 00 00 80 01 00 07
80 0e 01 00
May 8 15:25:06 bitch pluto[19962]: | 80 02 00 02 80 04 00 14 80 03 00 01
80 0b 00 01
May 8 15:25:06 bitch pluto[19962]: | 00 0c 00 04 00 00 70 80 03 00 00 28
02 01 00 00
May 8 15:25:06 bitch pluto[19962]: | 80 01 00 07 80 0e 00 80 80 02 00 02
80 04 00 13
May 8 15:25:06 bitch pluto[19962]: | 80 03 00 01 80 0b 00 01 00 0c 00 04
00 00 70 80
May 8 15:25:06 bitch pluto[19962]: | 03 00 00 28 03 01 00 00 80 01 00 07
80 0e 01 00
May 8 15:25:06 bitch pluto[19962]: | 80 02 00 02 80 04 00 0e 80 03 00 01
80 0b 00 01
May 8 15:25:06 bitch pluto[19962]: | 00 0c 00 04 00 00 70 80 03 00 00 24
04 01 00 00
May 8 15:25:06 bitch pluto[19962]: | 80 01 00 05 80 02 00 02 80 04 00 0e
80 03 00 01
May 8 15:25:06 bitch pluto[19962]: | 80 0b 00 01 00 0c 00 04 00 00 70 80
00 00 00 24
May 8 15:25:06 bitch pluto[19962]: | 05 01 00 00 80 01 00 05 80 02 00 02
80 04 00 02
May 8 15:25:06 bitch pluto[19962]: | 80 03 00 01 80 0b 00 01 00 0c 00 04
00 00 70 80
May 8 15:25:06 bitch pluto[19962]: | 0d 00 00 18 01 52 8b bb c0 06 96 12
18 49 ab 9a
May 8 15:25:06 bitch pluto[19962]: | 1c 5b 2a 51 00 00 00 01 0d 00 00 18
1e 2b 51 69
May 8 15:25:06 bitch pluto[19962]: | 05 99 1c 7d 7c 96 fc bf b5 87 e4 61
00 00 00 09
May 8 15:25:06 bitch pluto[19962]: | 0d 00 00 14 4a 13 1c 81 07 03 58 45
5c 57 28 f2
May 8 15:25:06 bitch pluto[19962]: | 0e 95 45 2f 0d 00 00 14 90 cb 80 91
3e bb 69 6e
May 8 15:25:06 bitch pluto[19962]: | 08 63 81 b5 ec 42 7b 1f 0d 00 00 14
40 48 b7 d5
May 8 15:25:06 bitch pluto[19962]: | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3
0d 00 00 14
May 8 15:25:06 bitch pluto[19962]: | fb 1d e3 cd f3 41 b7 ea 16 b7 e5 be
08 55 f1 20
May 8 15:25:06 bitch pluto[19962]: | 0d 00 00 14 26 24 4d 38 ed db 61 b3
17 2a 36 e3
May 8 15:25:06 bitch pluto[19962]: | d0 cf b8 19 00 00 00 14 e3 a5 96 6a
76 37 9f e7
May 8 15:25:06 bitch pluto[19962]: | 07 22 82 31 e5 ce 86 52
May 8 15:25:06 bitch pluto[19962]: | **parse ISAKMP Message:
May 8 15:25:06 bitch pluto[19962]: | initiator cookie:
May 8 15:25:06 bitch pluto[19962]: | 06 41 ba f0 fe 82 86 ea
May 8 15:25:06 bitch pluto[19962]: | responder cookie:
May 8 15:25:06 bitch pluto[19962]: | 00 00 00 00 00 00 00 00
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_SA
May 8 15:25:06 bitch pluto[19962]: | ISAKMP version: ISAKMP Version 1.0
(rfc2407)
May 8 15:25:06 bitch pluto[19962]: | exchange type: ISAKMP_XCHG_IDPROT
May 8 15:25:06 bitch pluto[19962]: | flags: none
May 8 15:25:06 bitch pluto[19962]: | message ID: 00 00 00 00
May 8 15:25:06 bitch pluto[19962]: | length: 408
May 8 15:25:06 bitch pluto[19962]: | processing version=1.0 packet with
exchange type=ISAKMP_XCHG_IDPROT (2)
May 8 15:25:06 bitch pluto[19962]: | got payload 0x2 (ISAKMP_NEXT_SA) needed:
0x2opt: 0x2080
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Security Association
Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:25:06 bitch pluto[19962]: | length: 212
May 8 15:25:06 bitch pluto[19962]: | DOI: ISAKMP_DOI_IPSEC
May 8 15:25:06 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:25:06 bitch pluto[19962]: | length: 24
May 8 15:25:06 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:25:06 bitch pluto[19962]: | length: 24
May 8 15:25:06 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:25:06 bitch pluto[19962]: | length: 20
May 8 15:25:06 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
May 8 15:25:06 bitch pluto[19962]: | ***parse ISAKMP Vendor ID Payload:
May 8 15:25:06 bitch pluto[19962]: | next payload type: ISAKMP_NEXT_VID
May 8 15:25:06 bitch pluto[19962]: | length: 20
May 8 15:25:06 bitch pluto[19962]: | got payload 0x2000 (ISAKMP_NEXT_VID)
needed: 0x0opt: 0x2080
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
