You received a packet from before you restarted. Try restarting other end? Paul
Sent from my iPhone > On Mar 7, 2016, at 12:01, Srinivas Gudipudi <[email protected]> wrote: > > Hi, > > I am using Libreswan on RedHat to setup a VPN server, on the client side, I > have a Huawei 4G router connected across a CGNAT network server to the Redhat > server, which is the VPN server. I am placing the configurations below, I am > able to get the phase 1 up, but the phase 2 is not estbalishing, can you > please help here: > > Huawei Router Config: > > > Peer name : spua > IKE version : Version one > Exchange mode : main on phase 1 > Pre-shared-key cipher : %@%@6SzGWj[<u/%UUUW|E";TcxX^%@%@ > Proposal : 5 > Local ID type : IP > DPD : Enable > DPD mode : Periodic > DPD idle time : 120 > DPD retransmit interval : 30 > DPD retry limit : 5 > Host name : > Peer IP address : 125.16.240.98(active) > Host name : > Peer IP address : > VPN name : > Local IP address : > Local name : > Remote name : > NAT-traversal : Enable > DPD request message : 94 > DPD Ack message : 40 > DPD fail time : 9 > PKI realm : NULL > Lifetime notification : Disable > > > > IPSec.conf: > > > version 2.0 > > config setup > dumpdir=/var/run/pluto/ > nat_traversal=yes > > virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.42.0/24 > oe=off > protostack=netkey > nhelpers=0 > interfaces=%defaultroute > plutodebug=all > > conn vpnpsk > connaddrfamily=ipv4 > auto=add > left=10.56.138.86 > leftid=VM000003380 > leftsubnet=10.56.138.86/32 > leftnexthop=%defaultroute > leftprotoport=17/1701 > rightprotoport=17/%any > right=%any > rightsubnetwithin=0.0.0.0/0 > forceencaps=yes > authby=secret > pfs=no > type=transport > auth=esp > ike=3des-sha1,aes-sha1;dh22 > phase2alg=3des-sha1,aes-sha1 > rekey=no > keyingtries=5 > dpddelay=30 > dpdtimeout=120 > dpdaction=clear > > > Pluto Debug Log: > > Mar 7 17:23:55: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - enter > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - exit > Mar 7 17:23:55: | compare_chunk: encrypt: ok > Mar 7 17:23:55: | compare_chunk: updated CBC IV: ok > Mar 7 17:23:55: | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 > 00 00 00 00 00 00 00" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | decode_to_chunk: new IV: : input "0x07 92 3A 39 EB 0A 81 > 7D 1C 4D 87 BD B8 2D 1F 1C" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c > Mar 7 17:23:55: | decode_to_chunk: cipertext: : input "0x07 92 3A 39 EB 0A > 81 7D 1C 4D 87 BD B8 2D 1F 1C" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 07 92 3a 39 eb 0a 81 7d 1c 4d 87 bd b8 2d 1f 1c > Mar 7 17:23:55: | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 > 00 00 00 00 00 00 00 00 00 00" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - enter > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - exit > Mar 7 17:23:55: | compare_chunk: decrypt: ok > Mar 7 17:23:55: | compare_chunk: updated CBC IV: ok > Mar 7 17:23:55: | sym_key: free key 0x7f3862948990 > Mar 7 17:23:55: | test_ctr_vector: Camellia: 16 bytes with 128-bit key passed > Mar 7 17:23:55: | test_cbc_vector: Camellia: 16 bytes with 128-bit key > Mar 7 17:23:55: | decode_to_chunk: key: input "0x00 11 22 33 44 55 66 77 88 > 99 AA BB CC DD EE FF" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff > Mar 7 17:23:55: | ephemeral_key: key(0x7f3862947260) length(16) > type/mechanism(AES_KEY_GEN 0x00001080) > Mar 7 17:23:55: | tmp: merge symkey(0x7f3862947260) bytes(0x7f386294bb90/16) > - derive(CONCATENATE_DATA_AND_BASE) target(EXTRACT_KEY_FROM_KEY) > Mar 7 17:23:55: | symkey: key(0x7f3862947260) length(16) > type/mechanism(AES_KEY_GEN 0x00001080) > Mar 7 17:23:55: | bytes: 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff > Mar 7 17:23:55: | tmp: key(0x7f386294a210) length(32) > type/mechanism(EXTRACT_KEY_FROM_KEY 0x00000365) > Mar 7 17:23:55: | symkey: symkey from symkey(0x7f386294a210) - next-byte(0) > key-size(16) flags(0x0) derive(EXTRACT_KEY_FROM_KEY) target(CAMELLIA_CBC) > Mar 7 17:23:55: | symkey: key(0x7f386294a210) length(32) > type/mechanism(EXTRACT_KEY_FROM_KEY 0x00000365) > Mar 7 17:23:55: | symkey: key(0x7f3862948990) length(16) > type/mechanism(CAMELLIA_CBC 0x00000552) > Mar 7 17:23:55: | tmp:: free key 0x7f386294a210 > Mar 7 17:23:55: | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 > 00 00 00 00 00 00 00" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | decode_to_chunk: new IV: : input "0x14 4D 2B 0F 50 0C 27 > B7 EC 2C D1 2D 91 59 6F 37" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 > Mar 7 17:23:55: | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 > 00 00 00 00 00 00 00 00 00 01 " > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 > Mar 7 17:23:55: | decode_to_chunk: ciphertext: : input "0x14 4D 2B 0F 50 0C > 27 B7 EC 2C D1 2D 91 59 6F 37" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - enter > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - exit > Mar 7 17:23:55: | compare_chunk: encrypt: ok > Mar 7 17:23:55: | compare_chunk: updated CBC IV: ok > Mar 7 17:23:55: | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 > 00 00 00 00 00 00 00" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | decode_to_chunk: new IV: : input "0x14 4D 2B 0F 50 0C 27 > B7 EC 2C D1 2D 91 59 6F 37" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 > Mar 7 17:23:55: | decode_to_chunk: cipertext: : input "0x14 4D 2B 0F 50 0C > 27 B7 EC 2C D1 2D 91 59 6F 37" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 14 4d 2b 0f 50 0c 27 b7 ec 2c d1 2d 91 59 6f 37 > Mar 7 17:23:55: | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 > 00 00 00 00 00 00 00 00 00 01 " > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - enter > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - exit > Mar 7 17:23:55: | compare_chunk: decrypt: ok > Mar 7 17:23:55: | compare_chunk: updated CBC IV: ok > Mar 7 17:23:55: | sym_key: free key 0x7f3862948990 > Mar 7 17:23:55: | test_ctr_vector: Camellia: 16 bytes with 128-bit key passed > Mar 7 17:23:55: | test_cbc_vector: Camellia: 16 bytes with 256-bit key > Mar 7 17:23:55: | decode_to_chunk: key: input "0x00 00 00 00 00 00 00 00 00 > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | ephemeral_key: key(0x7f3862947260) length(16) > type/mechanism(AES_KEY_GEN 0x00001080) > Mar 7 17:23:55: | tmp: merge symkey(0x7f3862947260) bytes(0x7f386294bc10/32) > - derive(CONCATENATE_DATA_AND_BASE) target(EXTRACT_KEY_FROM_KEY) > Mar 7 17:23:55: | symkey: key(0x7f3862947260) length(16) > type/mechanism(AES_KEY_GEN 0x00001080) > Mar 7 17:23:55: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | tmp: key(0x7f386294a210) length(48) > type/mechanism(EXTRACT_KEY_FROM_KEY 0x00000365) > Mar 7 17:23:55: | symkey: symkey from symkey(0x7f386294a210) - next-byte(0) > key-size(32) flags(0x0) derive(EXTRACT_KEY_FROM_KEY) target(CAMELLIA_CBC) > Mar 7 17:23:55: | symkey: key(0x7f386294a210) length(48) > type/mechanism(EXTRACT_KEY_FROM_KEY 0x00000365) > Mar 7 17:23:55: | symkey: key(0x7f3862948990) length(32) > type/mechanism(CAMELLIA_CBC 0x00000552) > Mar 7 17:23:55: | tmp:: free key 0x7f386294a210 > Mar 7 17:23:55: | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 > 00 00 00 00 00 00 00" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | decode_to_chunk: new IV: : input "0xB0 C6 B8 8A EA 51 8A > B0 9E 84 72 48 E9 1B 1B 9D" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d > Mar 7 17:23:55: | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 > 00 00 00 00 00 00 00 00 00 00" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | decode_to_chunk: ciphertext: : input "0xB0 C6 B8 8A EA 51 > 8A B0 9E 84 72 48 E9 1B 1B 9D" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - enter > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - exit > Mar 7 17:23:55: | compare_chunk: encrypt: ok > Mar 7 17:23:55: | compare_chunk: updated CBC IV: ok > Mar 7 17:23:55: | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 > 00 00 00 00 00 00 00" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | decode_to_chunk: new IV: : input "0xB0 C6 B8 8A EA 51 8A > B0 9E 84 72 48 E9 1B 1B 9D" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d > Mar 7 17:23:55: | decode_to_chunk: cipertext: : input "0xB0 C6 B8 8A EA 51 > 8A B0 9E 84 72 48 E9 1B 1B 9D" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | b0 c6 b8 8a ea 51 8a b0 9e 84 72 48 e9 1b 1b 9d > Mar 7 17:23:55: | decode_to_chunk: plaintext: : input "0x80 00 00 00 00 00 > 00 00 00 00 00 00 00 00 00 00" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - enter > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - exit > Mar 7 17:23:55: | compare_chunk: decrypt: ok > Mar 7 17:23:55: | compare_chunk: updated CBC IV: ok > Mar 7 17:23:55: | sym_key: free key 0x7f3862948990 > Mar 7 17:23:55: | test_ctr_vector: Camellia: 16 bytes with 256-bit key passed > Mar 7 17:23:55: | test_cbc_vector: Camellia: 16 bytes with 256-bit key > Mar 7 17:23:55: | decode_to_chunk: key: input "0x00 11 22 33 44 55 66 77 88 > 99 AA BB CC DD EE FF FF EE DD CC BB AA 99 88 77 66 55 44 33 22 11 00" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff > Mar 7 17:23:55: | ff ee dd cc bb aa 99 88 77 66 55 44 33 22 11 00 > Mar 7 17:23:55: | ephemeral_key: key(0x7f3862947260) length(16) > type/mechanism(AES_KEY_GEN 0x00001080) > Mar 7 17:23:55: | tmp: merge symkey(0x7f3862947260) bytes(0x7f386294bc10/32) > - derive(CONCATENATE_DATA_AND_BASE) target(EXTRACT_KEY_FROM_KEY) > Mar 7 17:23:55: | symkey: key(0x7f3862947260) length(16) > type/mechanism(AES_KEY_GEN 0x00001080) > Mar 7 17:23:55: | bytes: 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff > Mar 7 17:23:55: | bytes: ff ee dd cc bb aa 99 88 77 66 55 44 33 22 11 00 > Mar 7 17:23:55: | tmp: key(0x7f386294a210) length(48) > type/mechanism(EXTRACT_KEY_FROM_KEY 0x00000365) > Mar 7 17:23:55: | symkey: symkey from symkey(0x7f386294a210) - next-byte(0) > key-size(32) flags(0x0) derive(EXTRACT_KEY_FROM_KEY) target(CAMELLIA_CBC) > Mar 7 17:23:55: | symkey: key(0x7f386294a210) length(48) > type/mechanism(EXTRACT_KEY_FROM_KEY 0x00000365) > Mar 7 17:23:55: | symkey: key(0x7f3862948990) length(32) > type/mechanism(CAMELLIA_CBC 0x00000552) > Mar 7 17:23:55: | tmp:: free key 0x7f386294a210 > Mar 7 17:23:55: | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 > 00 00 00 00 00 00 00" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | decode_to_chunk: new IV: : input "0xCC 39 FF EE 18 56 D3 > EB 61 02 5E 93 21 9B 65 23 " > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 > Mar 7 17:23:55: | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 > 00 00 00 00 00 00 00 00 00 01" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 > Mar 7 17:23:55: | decode_to_chunk: ciphertext: : input "0xCC 39 FF EE 18 56 > D3 EB 61 02 5E 93 21 9B 65 23 " > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - enter > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - exit > Mar 7 17:23:55: | compare_chunk: encrypt: ok > Mar 7 17:23:55: | compare_chunk: updated CBC IV: ok > Mar 7 17:23:55: | decode_to_chunk: IV: : input "0x00 00 00 00 00 00 00 00 00 > 00 00 00 00 00 00 00" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > Mar 7 17:23:55: | decode_to_chunk: new IV: : input "0xCC 39 FF EE 18 56 D3 > EB 61 02 5E 93 21 9B 65 23 " > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 > Mar 7 17:23:55: | decode_to_chunk: cipertext: : input "0xCC 39 FF EE 18 56 > D3 EB 61 02 5E 93 21 9B 65 23 " > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | cc 39 ff ee 18 56 d3 eb 61 02 5e 93 21 9b 65 23 > Mar 7 17:23:55: | decode_to_chunk: plaintext: : input "0x00 00 00 00 00 00 > 00 00 00 00 00 00 00 00 00 01" > Mar 7 17:23:55: | decode_to_chunk: output: > Mar 7 17:23:55: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - enter > Mar 7 17:23:55: | NSS ike_alg_nss_cbc: camellia - exit > Mar 7 17:23:55: | compare_chunk: decrypt: ok > Mar 7 17:23:55: | compare_chunk: updated CBC IV: ok > Mar 7 17:23:55: | sym_key: free key 0x7f3862948990 > Mar 7 17:23:55: | test_ctr_vector: Camellia: 16 bytes with 256-bit key passed > Mar 7 17:23:55: ike_alg_register_enc(): Activating OAKLEY_CAMELLIA_CBC: Ok > Mar 7 17:23:55: ike_alg_register_enc(): Activating OAKLEY_CAMELLIA_CTR: Ok > Mar 7 17:23:55: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok > Mar 7 17:23:55: ike_alg_register_hash(): Activating OAKLEY_SHA2_384: Ok > Mar 7 17:23:55: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok > Mar 7 17:23:55: no crypto helpers will be started; all cryptographic > operations will be done inline > Mar 7 17:23:55: Using Linux XFRM/NETKEY IPsec interface code on > 3.10.0-327.3.1.el7.x86_64 > Mar 7 17:23:55: | process 2067 listening for PF_KEY_V2 on file descriptor 11 > Mar 7 17:23:55: | kernel_alg_init() > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, > alg_id=18(ESP_AES_GCM_A) > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, > alg_id=19(ESP_AES_GCM_B) > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, > alg_id=20(ESP_AES_GCM_C) > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, > alg_id=14(ESP_AES_CCM_A) > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, > alg_id=15(ESP_AES_CCM_B) > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, > alg_id=16(ESP_AES_CCM_C) > Mar 7 17:23:55: ike_alg_register_enc(): Activating aes_ccm_8: Ok > Mar 7 17:23:55: ike_alg_register_enc(): Activating aes_ccm_12: Ok > Mar 7 17:23:55: ike_alg_register_enc(): Activating aes_ccm_16: Ok > Mar 7 17:23:55: | Registered AEAD AES CCM/GCM algorithms > Mar 7 17:23:55: | finish_pfkey_msg: K_SADB_REGISTER message 1 for AH > Mar 7 17:23:55: | 02 07 00 02 02 00 00 00 01 00 00 00 13 08 00 00 > Mar 7 17:23:55: | pfkey_get: K_SADB_REGISTER message 1 > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: > sadb_msg_len=22 sadb_supported_len=72 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=14, > alg_id=251(ESP_KAME_NULL) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[0], > exttype=14, satype=2, alg_id=251, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, > res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=14, alg_id=2(ESP_DES) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[1], > exttype=14, satype=2, alg_id=2, alg_ivlen=0, alg_minbits=128, > alg_maxbits=128, res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=14, alg_id=3(ESP_3DES) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[2], > exttype=14, satype=2, alg_id=3, alg_ivlen=0, alg_minbits=160, > alg_maxbits=160, res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=14, alg_id=5(ESP_IDEA) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[3], > exttype=14, satype=2, alg_id=5, alg_ivlen=0, alg_minbits=256, > alg_maxbits=256, res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=14, alg_id=6(ESP_CAST) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[4], > exttype=14, satype=2, alg_id=6, alg_ivlen=0, alg_minbits=384, > alg_maxbits=384, res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=14, > alg_id=7(ESP_BLOWFISH) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[5], > exttype=14, satype=2, alg_id=7, alg_ivlen=0, alg_minbits=512, > alg_maxbits=512, res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=14, alg_id=8(ESP_3IDEA) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[6], > exttype=14, satype=2, alg_id=8, alg_ivlen=0, alg_minbits=160, > alg_maxbits=160, res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=14, > alg_id=9(ESP_DES_IV32) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[7], > exttype=14, satype=2, alg_id=9, alg_ivlen=0, alg_minbits=128, > alg_maxbits=128, res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: > sadb_msg_len=22 sadb_supported_len=88 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=15, alg_id=11(ESP_NULL) > Mar 7 17:23:55: | kernel_alg_add(2,15,11) fails because alg combo is invalid > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[8], > exttype=15, satype=2, alg_id=11, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, > res=0, ret=-1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=15, alg_id=2(ESP_DES) > Mar 7 17:23:55: | kernel_alg_add(2,15,2) fails because alg combo is invalid > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[9], > exttype=15, satype=2, alg_id=2, alg_ivlen=8, alg_minbits=64, alg_maxbits=64, > res=0, ret=-1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=15, alg_id=3(ESP_3DES) > Mar 7 17:23:55: | kernel_alg_add(2,15,3) fails because alg combo is invalid > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[10], > exttype=15, satype=2, alg_id=3, alg_ivlen=8, alg_minbits=192, > alg_maxbits=192, res=0, ret=-1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=15, alg_id=6(ESP_CAST) > Mar 7 17:23:55: | kernel_alg_add(2,15,6) fails because alg combo is invalid > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[11], > exttype=15, satype=2, alg_id=6, alg_ivlen=8, alg_minbits=40, alg_maxbits=128, > res=0, ret=-1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=15, > alg_id=7(ESP_BLOWFISH) > Mar 7 17:23:55: | kernel_alg_add(2,15,7) fails because alg combo is invalid > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[12], > exttype=15, satype=2, alg_id=7, alg_ivlen=8, alg_minbits=40, alg_maxbits=448, > res=0, ret=-1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=15, alg_id=12(ESP_AES) > Mar 7 17:23:55: | kernel_alg_add(2,15,12) fails because alg combo is invalid > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[13], > exttype=15, satype=2, alg_id=12, alg_ivlen=8, alg_minbits=128, > alg_maxbits=256, res=0, ret=-1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=15, > alg_id=252(ESP_SERPENT) > Mar 7 17:23:55: | kernel_alg_add(2,15,252) fails because alg combo is invalid > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[14], > exttype=15, satype=2, alg_id=252, alg_ivlen=8, alg_minbits=128, > alg_maxbits=256, res=0, ret=-1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=15, > alg_id=22(ESP_CAMELLIA) > Mar 7 17:23:55: | kernel_alg_add(2,15,22) fails because alg combo is invalid > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[15], > exttype=15, satype=2, alg_id=22, alg_ivlen=8, alg_minbits=128, > alg_maxbits=256, res=0, ret=-1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=15, > alg_id=253(ESP_TWOFISH) > Mar 7 17:23:55: | kernel_alg_add(2,15,253) fails because alg combo is invalid > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[16], > exttype=15, satype=2, alg_id=253, alg_ivlen=8, alg_minbits=128, > alg_maxbits=256, res=0, ret=-1 > Mar 7 17:23:55: | kernel_alg_add(): satype=2, exttype=15, > alg_id=13(ESP_AES_CTR) > Mar 7 17:23:55: | kernel_alg_add(2,15,13) fails because alg combo is invalid > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: alg[17], > exttype=15, satype=2, alg_id=13, alg_ivlen=8, alg_minbits=160, > alg_maxbits=288, res=0, ret=-1 > Mar 7 17:23:55: | AH registered with kernel. > Mar 7 17:23:55: | finish_pfkey_msg: K_SADB_REGISTER message 2 for ESP > Mar 7 17:23:55: | 02 07 00 03 02 00 00 00 02 00 00 00 13 08 00 00 > Mar 7 17:23:55: | pfkey_get: K_SADB_REGISTER message 2 > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: > sadb_msg_len=22 sadb_supported_len=72 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=14, > alg_id=251(ESP_KAME_NULL) > Mar 7 17:23:55: | kernel_alg_add(): discarding already setup satype=3, > exttype=14, alg_id=251 > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[0], > exttype=14, satype=3, alg_id=251, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, > res=0, ret=0 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=14, alg_id=2(ESP_DES) > Mar 7 17:23:55: | kernel_alg_add(): discarding already setup satype=3, > exttype=14, alg_id=2 > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[1], > exttype=14, satype=3, alg_id=2, alg_ivlen=0, alg_minbits=128, > alg_maxbits=128, res=0, ret=0 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=14, alg_id=3(ESP_3DES) > Mar 7 17:23:55: | kernel_alg_add(): discarding already setup satype=3, > exttype=14, alg_id=3 > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[2], > exttype=14, satype=3, alg_id=3, alg_ivlen=0, alg_minbits=160, > alg_maxbits=160, res=0, ret=0 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=14, alg_id=5(ESP_IDEA) > Mar 7 17:23:55: | kernel_alg_add(): discarding already setup satype=3, > exttype=14, alg_id=5 > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[3], > exttype=14, satype=3, alg_id=5, alg_ivlen=0, alg_minbits=256, > alg_maxbits=256, res=0, ret=0 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=14, alg_id=6(ESP_CAST) > Mar 7 17:23:55: | kernel_alg_add(): discarding already setup satype=3, > exttype=14, alg_id=6 > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[4], > exttype=14, satype=3, alg_id=6, alg_ivlen=0, alg_minbits=384, > alg_maxbits=384, res=0, ret=0 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=14, > alg_id=7(ESP_BLOWFISH) > Mar 7 17:23:55: | kernel_alg_add(): discarding already setup satype=3, > exttype=14, alg_id=7 > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[5], > exttype=14, satype=3, alg_id=7, alg_ivlen=0, alg_minbits=512, > alg_maxbits=512, res=0, ret=0 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=14, alg_id=8(ESP_3IDEA) > Mar 7 17:23:55: | kernel_alg_add(): discarding already setup satype=3, > exttype=14, alg_id=8 > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[6], > exttype=14, satype=3, alg_id=8, alg_ivlen=0, alg_minbits=160, > alg_maxbits=160, res=0, ret=0 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=14, > alg_id=9(ESP_DES_IV32) > Mar 7 17:23:55: | kernel_alg_add(): discarding already setup satype=3, > exttype=14, alg_id=9 > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[7], > exttype=14, satype=3, alg_id=9, alg_ivlen=0, alg_minbits=128, > alg_maxbits=128, res=0, ret=0 > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: > sadb_msg_len=22 sadb_supported_len=88 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, alg_id=11(ESP_NULL) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[8], > exttype=15, satype=3, alg_id=11, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, > res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, alg_id=2(ESP_DES) > Mar 7 17:23:55: | kernel_alg_add(): Ignoring alg_id=2(ESP_DES) - too weak > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[9], > exttype=15, satype=3, alg_id=2, alg_ivlen=8, alg_minbits=64, alg_maxbits=64, > res=0, ret=0 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, alg_id=3(ESP_3DES) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[10], > exttype=15, satype=3, alg_id=3, alg_ivlen=8, alg_minbits=192, > alg_maxbits=192, res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, alg_id=6(ESP_CAST) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[11], > exttype=15, satype=3, alg_id=6, alg_ivlen=8, alg_minbits=40, alg_maxbits=128, > res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, > alg_id=7(ESP_BLOWFISH) > Mar 7 17:23:55: | kernel_alg_add(): Ignoring alg_id=7(ESP_BLOWFISH) - too > weak > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[12], > exttype=15, satype=3, alg_id=7, alg_ivlen=8, alg_minbits=40, alg_maxbits=448, > res=0, ret=0 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, alg_id=12(ESP_AES) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[13], > exttype=15, satype=3, alg_id=12, alg_ivlen=8, alg_minbits=128, > alg_maxbits=256, res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, > alg_id=252(ESP_SERPENT) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[14], > exttype=15, satype=3, alg_id=252, alg_ivlen=8, alg_minbits=128, > alg_maxbits=256, res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, > alg_id=22(ESP_CAMELLIA) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[15], > exttype=15, satype=3, alg_id=22, alg_ivlen=8, alg_minbits=128, > alg_maxbits=256, res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, > alg_id=253(ESP_TWOFISH) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[16], > exttype=15, satype=3, alg_id=253, alg_ivlen=8, alg_minbits=128, > alg_maxbits=256, res=0, ret=1 > Mar 7 17:23:55: | kernel_alg_add(): satype=3, exttype=15, > alg_id=13(ESP_AES_CTR) > Mar 7 17:23:55: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[17], > exttype=15, satype=3, alg_id=13, alg_ivlen=8, alg_minbits=160, > alg_maxbits=288, res=0, ret=1 > Mar 7 17:23:55: | ESP registered with kernel. > Mar 7 17:23:55: | finish_pfkey_msg: K_SADB_REGISTER message 3 for IPCOMP > Mar 7 17:23:55: | 02 07 00 09 02 00 00 00 03 00 00 00 13 08 00 00 > Mar 7 17:23:55: | pfkey_get: K_SADB_REGISTER message 3 > Mar 7 17:23:55: | IPCOMP registered with kernel. > Mar 7 17:23:55: | Registered AH, ESP and IPCOMP > Mar 7 17:23:55: | event_schedule called for 20 seconds > Mar 7 17:23:55: | event_schedule_tv called for about 20 seconds and change > Mar 7 17:23:55: | inserting event EVENT_SHUNT_SCAN, timeout in 20.000000 > seconds > Mar 7 17:23:55: | setup kernel fd callback > Mar 7 17:23:55: | Could not change to legacy CRL directory > '/etc/ipsec.d/crls': 2 No such file or directory > Mar 7 17:23:55: | event_schedule called for 23765 seconds > Mar 7 17:23:55: | event_schedule_tv called for about 23765 seconds and change > Mar 7 17:23:55: | inserting event EVENT_LOG_DAILY, timeout in 23765.000000 > seconds > Mar 7 17:23:55: | Setting up events, loop start > Mar 7 17:23:56: | calling addconn helper using execve > Mar 7 17:23:56: | entering aalg_getbyname_ike() > Mar 7 17:23:56: | raw_alg_info_ike_add() ealg_id=5 ek_bits=0 aalg_id=2 > ak_bits=0 modp_id=14, cnt=1 > Mar 7 17:23:56: | raw_alg_info_ike_add() ealg_id=5 ek_bits=0 aalg_id=2 > ak_bits=0 modp_id=5, cnt=2 > Mar 7 17:23:56: | raw_alg_info_ike_add() ealg_id=5 ek_bits=0 aalg_id=2 > ak_bits=0 modp_id=2, cnt=3 > Mar 7 17:23:56: | entering aalg_getbyname_ike() > Mar 7 17:23:56: | raw_alg_info_ike_add() ealg_id=7 ek_bits=0 aalg_id=2 > ak_bits=0 modp_id=22, cnt=4 > Mar 7 17:23:56: | find_host_pair_conn: 10.56.138.86:500 %any:500 -> hp:none > Mar 7 17:23:56: | Added new connection vpnpsk with policy > PSK+ENCRYPT+DONT_REKEY+IKEV1_ALLOW+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW > Mar 7 17:23:56: | from whack: got --esp=3des-sha1,aes-sha1 > Mar 7 17:23:56: | phase2alg string values: 3DES(3)_000-SHA1(2)_000, > AES(12)_000-SHA1(2)_000 > Mar 7 17:23:56: | ike (phase1) algorithm values: > 3DES_CBC(5)_000-SHA1(2)_000-MODP2048(14), > 3DES_CBC(5)_000-SHA1(2)_000-MODP1536(5), > 3DES_CBC(5)_000-SHA1(2)_000-MODP1024(2), AES_CBC(7)_000-SHA1(2)_000-DH22(22) > Mar 7 17:23:56: | counting wild cards for 10.56.138.86 is 0 > Mar 7 17:23:56: | counting wild cards for (none) is 15 > Mar 7 17:23:56: | based upon policy, the connection is a template. > Mar 7 17:23:56: added connection description "vpnpsk" > Mar 7 17:23:56: | > 10.56.138.86/32===10.56.138.86<10.56.138.86>:17/1701---10.56.138.81...%any:17/%any > Mar 7 17:23:56: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; > rekey_fuzz: 100%; keyingtries: 5; replay_window: 32; policy: > PSK+ENCRYPT+DONT_REKEY+IKEV1_ALLOW+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW > Mar 7 17:23:56: listening for IKE messages > Mar 7 17:23:56: | Inspecting interface lo > Mar 7 17:23:56: | found lo with address 127.0.0.1 > Mar 7 17:23:56: | Inspecting interface ens32 > Mar 7 17:23:56: | found ens32 with address 10.56.138.86 > Mar 7 17:23:56: | Inspecting interface virbr0 > Mar 7 17:23:56: | found virbr0 with address 192.168.122.1 > Mar 7 17:23:56: adding interface virbr0/virbr0 192.168.122.1:500 > Mar 7 17:23:56: | NAT-Traversal: Trying new style NAT-T > Mar 7 17:23:56: | NAT-Traversal: ESPINUDP(2) setup failed for new style > NAT-T family IPv4 (errno=19) > Mar 7 17:23:56: | NAT-Traversal: Trying old style NAT-T > Mar 7 17:23:56: | NAT-Traversal: ESPINUDP(2) setup succeeded for old style > NAT-T family IPv4 > Mar 7 17:23:56: adding interface virbr0/virbr0 192.168.122.1:4500 > Mar 7 17:23:56: adding interface ens32/ens32 10.56.138.86:500 > Mar 7 17:23:56: | NAT-Traversal: Trying new style NAT-T > Mar 7 17:23:56: | NAT-Traversal: ESPINUDP(2) setup failed for new style > NAT-T family IPv4 (errno=19) > Mar 7 17:23:56: | NAT-Traversal: Trying old style NAT-T > Mar 7 17:23:56: | NAT-Traversal: ESPINUDP(2) setup succeeded for old style > NAT-T family IPv4 > Mar 7 17:23:56: adding interface ens32/ens32 10.56.138.86:4500 > Mar 7 17:23:56: adding interface lo/lo 127.0.0.1:500 > Mar 7 17:23:56: | NAT-Traversal: Trying new style NAT-T > Mar 7 17:23:56: | NAT-Traversal: ESPINUDP(2) setup failed for new style > NAT-T family IPv4 (errno=19) > Mar 7 17:23:56: | NAT-Traversal: Trying old style NAT-T > Mar 7 17:23:56: | NAT-Traversal: ESPINUDP(2) setup succeeded for old style > NAT-T family IPv4 > Mar 7 17:23:56: adding interface lo/lo 127.0.0.1:4500 > Mar 7 17:23:56: | found lo with address > 0000:0000:0000:0000:0000:0000:0000:0001 > Mar 7 17:23:56: adding interface lo/lo ::1:500 > Mar 7 17:23:56: | connect_to_host_pair: 10.56.138.86:500 0.0.0.0:500 -> > hp:none > Mar 7 17:23:56: | setup callback for interface lo:500 fd 19 > Mar 7 17:23:56: | setup callback for interface lo:4500 fd 18 > Mar 7 17:23:56: | setup callback for interface lo:500 fd 17 > Mar 7 17:23:56: | setup callback for interface ens32:4500 fd 16 > Mar 7 17:23:56: | setup callback for interface ens32:500 fd 15 > Mar 7 17:23:56: | setup callback for interface virbr0:4500 fd 14 > Mar 7 17:23:56: | setup callback for interface virbr0:500 fd 13 > Mar 7 17:23:56: | certs and keys locked by 'free_preshared_secrets' > Mar 7 17:23:56: | certs and keys unlocked by 'free_preshard_secrets' > Mar 7 17:23:56: loading secrets from "/etc/ipsec.secrets" > Mar 7 17:23:56: | id type added to secret(0x7f3862951260) PPK_PSK: > 125.16.240.98 > Mar 7 17:23:56: | id type added to secret(0x7f3862951260) PPK_PSK: %any > Mar 7 17:23:56: | Processing PSK at line 1: passed > Mar 7 17:23:56: | certs and keys locked by 'process_secret' > Mar 7 17:23:56: | certs and keys unlocked by 'process_secret' > Mar 7 17:23:56: | reaped addconn helper child > Mar 7 17:23:56: reapchild failed with errno=10 No child processes > Mar 7 17:23:56: | *received 84 bytes from 106.216.143.95:11359 on ens32 > (port=4500) > Mar 7 17:23:56: | b1 42 5c 7a 52 75 cb 8c a2 29 a8 0f 40 0e 10 bf > Mar 7 17:23:56: | 0b 10 05 01 37 48 06 4c 00 00 00 54 17 dc ee 36 > Mar 7 17:23:56: | 46 77 45 10 38 d5 53 d8 5f 19 24 80 55 b6 c1 ac > Mar 7 17:23:56: | 2f f3 54 f3 6f 61 65 08 d7 44 4c 4a 10 0f 41 1e > Mar 7 17:23:56: | 02 a6 36 a5 dd ba db 3d f8 7c 32 e7 9f 4b 64 38 > Mar 7 17:23:56: | c6 76 cb f8 > Mar 7 17:23:56: | **parse ISAKMP Message: > Mar 7 17:23:56: | initiator cookie: > Mar 7 17:23:56: | b1 42 5c 7a 52 75 cb 8c > Mar 7 17:23:56: | responder cookie: > Mar 7 17:23:56: | a2 29 a8 0f 40 0e 10 bf > Mar 7 17:23:56: | next payload type: ISAKMP_NEXT_N (0xb) > Mar 7 17:23:56: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10) > Mar 7 17:23:56: | exchange type: ISAKMP_XCHG_INFO (0x5) > Mar 7 17:23:56: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1) > Mar 7 17:23:56: | message ID: 37 48 06 4c > Mar 7 17:23:56: | length: 84 (0x54) > Mar 7 17:23:56: | processing version=1.0 packet with exchange > type=ISAKMP_XCHG_INFO (5) > Mar 7 17:23:56: | finding hash chain in state hash table > Mar 7 17:23:56: | ICOOKIE: b1 42 5c 7a 52 75 cb 8c > Mar 7 17:23:56: | RCOOKIE: a2 29 a8 0f 40 0e 10 bf > Mar 7 17:23:56: | found hash chain 14 > Mar 7 17:23:56: | p15 state object not found > Mar 7 17:23:56: | finding hash chain in state hash table > Mar 7 17:23:56: | ICOOKIE: b1 42 5c 7a 52 75 cb 8c > Mar 7 17:23:56: | RCOOKIE: 00 00 00 00 00 00 00 00 > Mar 7 17:23:56: | found hash chain 3 > Mar 7 17:23:56: | v1 state object not found > Mar 7 17:23:56: | - unknown SA's md->hdr.isa_icookie: > Mar 7 17:23:56: | b1 42 5c 7a 52 75 cb 8c > Mar 7 17:23:56: | - unknown SA's md->hdr.isa_rcookie: > Mar 7 17:23:56: | a2 29 a8 0f 40 0e 10 bf > > > > _______________________________________________ > Swan mailing list > [email protected] > https://lists.libreswan.org/mailman/listinfo/swan
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
