13/02/27 13:03:05 ## : IKE Daemon, ver 2.1.7
13/02/27 13:03:05 ## : Copyright 2010 Shrew Soft Inc.
13/02/27 13:03:05 ## : This product linked OpenSSL 0.9.8h 28 May 2008
13/02/27 13:03:05 ii : opened 'C:\Program Files\ShrewSoft\VPN Client\debug\iked.log'
13/02/27 13:03:05 ii : opened 'C:\Program Files\ShrewSoft\VPN Client/debug/dump-ike-decrypt.cap'
13/02/27 13:03:05 ii : opened 'C:\Program Files\ShrewSoft\VPN Client/debug/dump-ike-encrypt.cap'
13/02/27 13:03:05 ii : rebuilding vnet device list ...
13/02/27 13:03:05 ii : device ROOT\VNET\0000 disabled
13/02/27 13:03:05 ii : network process thread begin ...
13/02/27 13:03:05 ii : pfkey process thread begin ...
13/02/27 13:03:05 ii : ipc server process thread begin ...
13/02/27 13:04:16 ii : ipc client process thread begin ...
13/02/27 13:04:16 <A : peer config add message
13/02/27 13:04:16 DB : peer added ( obj count = 1 )
13/02/27 13:04:16 ii : local address 172.20.10.3 selected for peer
13/02/27 13:04:16 DB : tunnel added ( obj count = 1 )
13/02/27 13:04:16 <A : proposal config message
13/02/27 13:04:16 <A : proposal config message
13/02/27 13:04:16 <A : client config message
13/02/27 13:04:16 <A : xauth username message
13/02/27 13:04:16 <A : xauth password message
13/02/27 13:04:16 <A : local id 'client.corporate.com' message
13/02/27 13:04:16 <A : remote id 'vpn.corporate.com' message
13/02/27 13:04:16 <A : preshared key message
13/02/27 13:04:16 <A : remote resource message
13/02/27 13:04:16 <A : peer tunnel enable message
13/02/27 13:04:16 DB : new phase1 ( ISAKMP initiator )
13/02/27 13:04:16 DB : exchange type is aggressive
13/02/27 13:04:16 DB : 172.20.10.3:500 <-> 209.66.114.182:500
13/02/27 13:04:16 DB : b39458fbfd5bf598:0000000000000000
13/02/27 13:04:16 DB : phase1 added ( obj count = 1 )
13/02/27 13:04:16 >> : security association payload
13/02/27 13:04:16 >> : - proposal #1 payload 
13/02/27 13:04:16 >> : -- transform #1 payload 
13/02/27 13:04:16 >> : -- transform #2 payload 
13/02/27 13:04:16 >> : -- transform #3 payload 
13/02/27 13:04:16 >> : -- transform #4 payload 
13/02/27 13:04:16 >> : -- transform #5 payload 
13/02/27 13:04:16 >> : -- transform #6 payload 
13/02/27 13:04:16 >> : -- transform #7 payload 
13/02/27 13:04:16 >> : -- transform #8 payload 
13/02/27 13:04:16 >> : -- transform #9 payload 
13/02/27 13:04:16 >> : -- transform #10 payload 
13/02/27 13:04:16 >> : -- transform #11 payload 
13/02/27 13:04:16 >> : -- transform #12 payload 
13/02/27 13:04:16 >> : -- transform #13 payload 
13/02/27 13:04:16 >> : -- transform #14 payload 
13/02/27 13:04:16 >> : -- transform #15 payload 
13/02/27 13:04:16 >> : -- transform #16 payload 
13/02/27 13:04:16 >> : -- transform #17 payload 
13/02/27 13:04:16 >> : -- transform #18 payload 
13/02/27 13:04:16 >> : key exchange payload
13/02/27 13:04:16 >> : nonce payload
13/02/27 13:04:16 >> : identification payload
13/02/27 13:04:16 >> : vendor id payload
13/02/27 13:04:16 ii : local supports XAUTH
13/02/27 13:04:16 >> : vendor id payload
13/02/27 13:04:16 ii : local supports nat-t ( draft v00 )
13/02/27 13:04:16 >> : vendor id payload
13/02/27 13:04:16 ii : local supports nat-t ( draft v01 )
13/02/27 13:04:16 >> : vendor id payload
13/02/27 13:04:16 ii : local supports nat-t ( draft v02 )
13/02/27 13:04:16 >> : vendor id payload
13/02/27 13:04:16 ii : local supports nat-t ( draft v03 )
13/02/27 13:04:16 >> : vendor id payload
13/02/27 13:04:16 ii : local supports nat-t ( rfc )
13/02/27 13:04:16 >> : vendor id payload
13/02/27 13:04:16 ii : local supports FRAGMENTATION
13/02/27 13:04:16 >> : vendor id payload
13/02/27 13:04:16 ii : local supports DPDv1
13/02/27 13:04:16 >> : vendor id payload
13/02/27 13:04:16 ii : local is SHREW SOFT compatible
13/02/27 13:04:16 >> : vendor id payload
13/02/27 13:04:16 ii : local is NETSCREEN compatible
13/02/27 13:04:16 >> : vendor id payload
13/02/27 13:04:16 ii : local is SIDEWINDER compatible
13/02/27 13:04:16 >> : vendor id payload
13/02/27 13:04:16 ii : local is CISCO UNITY compatible
13/02/27 13:04:16 >= : cookies b39458fbfd5bf598:0000000000000000
13/02/27 13:04:16 >= : message 00000000
13/02/27 13:04:16 -> : send IKE packet 172.20.10.3:500 -> 209.66.114.182:500 ( 1196 bytes )
13/02/27 13:04:16 DB : phase1 resend event scheduled ( ref count = 2 )
13/02/27 13:04:17 <- : recv IKE packet 209.66.114.182:500 -> 172.20.10.3:500 ( 389 bytes )
13/02/27 13:04:17 DB : phase1 found
13/02/27 13:04:17 ii : processing phase1 packet ( 389 bytes )
13/02/27 13:04:17 =< : cookies b39458fbfd5bf598:522010f96b92f8d1
13/02/27 13:04:17 =< : message 00000000
13/02/27 13:04:17 << : security association payload
13/02/27 13:04:17 << : - propsal #1 payload 
13/02/27 13:04:17 << : -- transform #1 payload 
13/02/27 13:04:17 ii : unmatched isakmp proposal/transform
13/02/27 13:04:17 ii : key length ( 128 != 256 )
13/02/27 13:04:17 ii : unmatched isakmp proposal/transform
13/02/27 13:04:17 ii : key length ( 128 != 256 )
13/02/27 13:04:17 ii : unmatched isakmp proposal/transform
13/02/27 13:04:17 ii : key length ( 128 != 192 )
13/02/27 13:04:17 ii : unmatched isakmp proposal/transform
13/02/27 13:04:17 ii : key length ( 128 != 192 )
13/02/27 13:04:17 !! : peer violates RFC, transform number mismatch ( 1 != 5 )
13/02/27 13:04:17 ii : matched isakmp proposal #1 transform #1
13/02/27 13:04:17 ii : - transform    = ike
13/02/27 13:04:17 ii : - cipher type  = aes
13/02/27 13:04:17 ii : - key length   = 128 bits
13/02/27 13:04:17 ii : - hash type    = md5
13/02/27 13:04:17 ii : - dh group     = modp-1024
13/02/27 13:04:17 ii : - auth type    = xauth-initiator-psk
13/02/27 13:04:17 ii : - life seconds = 86400
13/02/27 13:04:17 ii : - life kbytes  = 0
13/02/27 13:04:17 << : vendor id payload
13/02/27 13:04:17 ii : unknown vendor id ( 28 bytes )
13/02/27 13:04:17 0x : 0516dc8a 882c54a5 6690dc05 bdda3b9e c805e586 12000000 1e060000
13/02/27 13:04:17 << : vendor id payload
13/02/27 13:04:17 ii : peer supports XAUTH
13/02/27 13:04:17 << : vendor id payload
13/02/27 13:04:17 ii : peer supports DPDv1
13/02/27 13:04:17 << : vendor id payload
13/02/27 13:04:17 ii : peer supports HEARTBEAT-NOTIFY
13/02/27 13:04:17 << : key exchange payload
13/02/27 13:04:17 << : nonce payload
13/02/27 13:04:17 << : identification payload
13/02/27 13:04:17 ii : phase1 id match 
13/02/27 13:04:17 ii : received = fqdn vpn.corporate.com
13/02/27 13:04:17 << : hash payload
13/02/27 13:04:17 ii : nat-t is unsupported by remote peer
13/02/27 13:04:17 == : DH shared secret ( 128 bytes )
13/02/27 13:04:17 == : SETKEYID ( 16 bytes )
13/02/27 13:04:17 == : SETKEYID_d ( 16 bytes )
13/02/27 13:04:17 == : SETKEYID_a ( 16 bytes )
13/02/27 13:04:17 == : SETKEYID_e ( 16 bytes )
13/02/27 13:04:17 == : cipher key ( 16 bytes )
13/02/27 13:04:17 == : cipher iv ( 16 bytes )
13/02/27 13:04:17 == : phase1 hash_i ( computed ) ( 16 bytes )
13/02/27 13:04:17 >> : hash payload
13/02/27 13:04:17 >= : cookies b39458fbfd5bf598:522010f96b92f8d1
13/02/27 13:04:17 >= : message 00000000
13/02/27 13:04:17 >= : encrypt iv ( 16 bytes )
13/02/27 13:04:17 == : encrypt packet ( 48 bytes )
13/02/27 13:04:17 == : stored iv ( 16 bytes )
13/02/27 13:04:17 DB : phase1 resend event canceled ( ref count = 1 )
13/02/27 13:04:17 -> : send IKE packet 172.20.10.3:500 -> 209.66.114.182:500 ( 88 bytes )
13/02/27 13:04:17 == : phase1 hash_r ( computed ) ( 16 bytes )
13/02/27 13:04:17 == : phase1 hash_r ( received ) ( 16 bytes )
13/02/27 13:04:17 ii : phase1 sa established
13/02/27 13:04:17 ii : 209.66.114.182:500 <-> 172.20.10.3:500
13/02/27 13:04:17 ii : b39458fbfd5bf598:522010f96b92f8d1
13/02/27 13:04:17 ii : sending peer INITIAL-CONTACT notification
13/02/27 13:04:17 ii : - 172.20.10.3:500 -> 209.66.114.182:500
13/02/27 13:04:17 ii : - isakmp spi = b39458fbfd5bf598:522010f96b92f8d1
13/02/27 13:04:17 ii : - data size 0
13/02/27 13:04:17 >> : hash payload
13/02/27 13:04:17 >> : notification payload
13/02/27 13:04:17 == : new informational hash ( 16 bytes )
13/02/27 13:04:17 == : new informational iv ( 16 bytes )
13/02/27 13:04:17 >= : cookies b39458fbfd5bf598:522010f96b92f8d1
13/02/27 13:04:17 >= : message 834c9ce9
13/02/27 13:04:17 >= : encrypt iv ( 16 bytes )
13/02/27 13:04:17 == : encrypt packet ( 76 bytes )
13/02/27 13:04:17 == : stored iv ( 16 bytes )
13/02/27 13:04:17 -> : send IKE packet 172.20.10.3:500 -> 209.66.114.182:500 ( 104 bytes )
13/02/27 13:04:17 DB : phase2 not found
13/02/27 13:04:17 <- : recv IKE packet 209.66.114.182:500 -> 172.20.10.3:500 ( 76 bytes )
13/02/27 13:04:17 DB : phase1 found
13/02/27 13:04:17 ii : processing config packet ( 76 bytes )
13/02/27 13:04:17 DB : config not found
13/02/27 13:04:17 DB : config added ( obj count = 1 )
13/02/27 13:04:17 == : new config iv ( 16 bytes )
13/02/27 13:04:17 =< : cookies b39458fbfd5bf598:522010f96b92f8d1
13/02/27 13:04:17 =< : message 082a6c7b
13/02/27 13:04:17 =< : decrypt iv ( 16 bytes )
13/02/27 13:04:17 == : decrypt packet ( 76 bytes )
13/02/27 13:04:17 <= : trimmed packet padding ( 8 bytes )
13/02/27 13:04:17 <= : stored iv ( 16 bytes )
13/02/27 13:04:17 << : hash payload
13/02/27 13:04:17 << : attribute payload
13/02/27 13:04:17 == : configure hash_i ( computed ) ( 16 bytes )
13/02/27 13:04:17 == : configure hash_c ( computed ) ( 16 bytes )
13/02/27 13:04:17 ii : configure hash verified
13/02/27 13:04:17 ii : - xauth authentication type
13/02/27 13:04:17 ii : - xauth username
13/02/27 13:04:17 ii : - xauth password
13/02/27 13:04:17 ii : received basic xauth request - 
13/02/27 13:04:17 ii : - standard xauth username
13/02/27 13:04:17 ii : - standard xauth password
13/02/27 13:04:17 ii : sending xauth response for v.kapur
13/02/27 13:04:17 >> : hash payload
13/02/27 13:04:17 >> : attribute payload
13/02/27 13:04:17 == : new configure hash ( 16 bytes )
13/02/27 13:04:17 >= : cookies b39458fbfd5bf598:522010f96b92f8d1
13/02/27 13:04:17 >= : message 082a6c7b
13/02/27 13:04:17 >= : encrypt iv ( 16 bytes )
13/02/27 13:04:17 == : encrypt packet ( 84 bytes )
13/02/27 13:04:17 == : stored iv ( 16 bytes )
13/02/27 13:04:17 -> : send IKE packet 172.20.10.3:500 -> 209.66.114.182:500 ( 120 bytes )
13/02/27 13:04:17 DB : config resend event scheduled ( ref count = 2 )
13/02/27 13:04:22 -> : resend 1 config packet(s) 172.20.10.3:500 -> 209.66.114.182:500
13/02/27 13:04:27 -> : resend 1 config packet(s) 172.20.10.3:500 -> 209.66.114.182:500
13/02/27 13:04:29 <- : recv IKE packet 209.66.114.182:500 -> 172.20.10.3:500 ( 76 bytes )
13/02/27 13:04:29 DB : phase1 found
13/02/27 13:04:29 ii : processing config packet ( 76 bytes )
13/02/27 13:04:29 DB : config found
13/02/27 13:04:29 == : new config iv ( 16 bytes )
13/02/27 13:04:29 =< : cookies b39458fbfd5bf598:522010f96b92f8d1
13/02/27 13:04:29 =< : message df3f7caa
13/02/27 13:04:29 =< : decrypt iv ( 16 bytes )
13/02/27 13:04:29 == : decrypt packet ( 76 bytes )
13/02/27 13:04:29 <= : trimmed packet padding ( 16 bytes )
13/02/27 13:04:29 <= : stored iv ( 16 bytes )
13/02/27 13:04:29 << : hash payload
13/02/27 13:04:29 << : attribute payload
13/02/27 13:04:29 == : configure hash_i ( computed ) ( 16 bytes )
13/02/27 13:04:29 == : configure hash_c ( computed ) ( 16 bytes )
13/02/27 13:04:29 ii : configure hash verified
13/02/27 13:04:29 ii : received xauth result - 
13/02/27 13:04:29 !! : user v.kapur authentication failed
13/02/27 13:04:29 DB : phase1 soft event canceled ( ref count = 3 )
13/02/27 13:04:29 DB : phase1 hard event canceled ( ref count = 2 )
13/02/27 13:04:29 DB : phase1 dead event canceled ( ref count = 1 )
13/02/27 13:04:29 ii : sending peer DELETE message
13/02/27 13:04:29 ii : - 172.20.10.3:500 -> 209.66.114.182:500
13/02/27 13:04:29 ii : - isakmp spi = b39458fbfd5bf598:522010f96b92f8d1
13/02/27 13:04:29 ii : - data size 0
13/02/27 13:04:29 >> : hash payload
13/02/27 13:04:29 >> : delete payload
13/02/27 13:04:29 == : new informational hash ( 16 bytes )
13/02/27 13:04:29 == : new informational iv ( 16 bytes )
13/02/27 13:04:29 >= : cookies b39458fbfd5bf598:522010f96b92f8d1
13/02/27 13:04:29 >= : message 6ccea8cf
13/02/27 13:04:29 >= : encrypt iv ( 16 bytes )
13/02/27 13:04:29 == : encrypt packet ( 76 bytes )
13/02/27 13:04:29 == : stored iv ( 16 bytes )
13/02/27 13:04:29 -> : send IKE packet 172.20.10.3:500 -> 209.66.114.182:500 ( 104 bytes )
13/02/27 13:04:29 DB : config resend event canceled ( ref count = 1 )
13/02/27 13:04:29 DB : config deleted ( obj count = 0 )
13/02/27 13:04:29 ii : phase1 removal before expire time
13/02/27 13:04:29 DB : phase1 deleted ( obj count = 0 )
13/02/27 13:04:29 <- : recv IKE packet 209.66.114.182:500 -> 172.20.10.3:500 ( 92 bytes )
13/02/27 13:04:29 DB : phase1 not found
13/02/27 13:04:29 ww : ike packet from 209.66.114.182 ignored, unknown phase1 sa for peer
13/02/27 13:04:29 ww : b39458fbfd5bf598:522010f96b92f8d1
13/02/27 13:04:29 DB : policy not found
13/02/27 13:04:29 DB : policy not found
13/02/27 13:04:29 DB : policy not found
13/02/27 13:04:29 DB : policy not found
13/02/27 13:04:29 DB : policy not found
13/02/27 13:04:29 DB : policy not found
13/02/27 13:04:29 DB : tunnel dpd event canceled ( ref count = 2 )
13/02/27 13:04:29 DB : tunnel stats event canceled ( ref count = 1 )
13/02/27 13:04:29 DB : removing tunnel config references
13/02/27 13:04:29 DB : removing tunnel phase2 references
13/02/27 13:04:29 DB : removing tunnel phase1 references
13/02/27 13:04:29 DB : tunnel deleted ( obj count = 0 )
13/02/27 13:04:29 DB : removing all peer tunnel refrences
13/02/27 13:04:29 DB : peer deleted ( obj count = 0 )
13/02/27 13:04:29 ii : ipc client process thread exit ...