[vpn-help] Access Manager - Disconnected during Phase-2 (Windows 7 64 bit)
ataru moroboshi
ataru80 at gmail.com
Mon Jan 4 18:28:05 CST 2010
Hi,
I'm trying to set a VPN client on Windows 7 64 bit.
I've installed and run Access Manager v.2.1.5 : I've imported a Cisco IPSEC
VPN account (file .pcf)
Everytings seems OK, no warning, etc.
When I try to connect to the VPN, I get the following ouptut:
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
pre-shared key configured
bringing up tunnel ...
network device configured
tunnel enabled
session terminated by gateway
tunnel disabled
detached from key daemon ...
It looks like connected, but after a short while i get the disconnected
status.
Looking on google I found the avdice of setting the "PFS Exchange" in the
Tab "Phase-2" to the value "group 2" but it still not working.
Attached and below you can find the trace output.
Could you please give me your support?
Thanx in advance
10/01/05 01:10:19 ii : ipc client process thread begin ...
10/01/05 01:10:19 <A : peer config add message
10/01/05 01:10:19 DB : peer added ( obj count = 1 )
10/01/05 01:10:19 ii : local address 192.168.0.4 selected for peer
10/01/05 01:10:19 DB : tunnel added ( obj count = 1 )
10/01/05 01:10:19 <A : proposal config message
10/01/05 01:10:19 <A : proposal config message
10/01/05 01:10:19 <A : client config message
10/01/05 01:10:19 <A : xauth username message
10/01/05 01:10:19 <A : xauth password message
10/01/05 01:10:19 <A : local id 'vpnusers' message
10/01/05 01:10:19 <A : preshared key message
10/01/05 01:10:19 <A : peer tunnel enable message
10/01/05 01:10:19 DB : new phase1 ( ISAKMP initiator )
10/01/05 01:10:19 DB : exchange type is aggressive
10/01/05 01:10:19 DB : 192.168.0.4:500 <-> 213.255.79.172:500
10/01/05 01:10:19 DB : b884b435e4cb96a5:0000000000000000
10/01/05 01:10:19 DB : phase1 added ( obj count = 1 )
10/01/05 01:10:19 >> : security association payload
10/01/05 01:10:19 >> : - proposal #1 payload
10/01/05 01:10:19 >> : -- transform #1 payload
10/01/05 01:10:19 >> : -- transform #2 payload
10/01/05 01:10:19 >> : -- transform #3 payload
10/01/05 01:10:19 >> : -- transform #4 payload
10/01/05 01:10:19 >> : -- transform #5 payload
10/01/05 01:10:19 >> : -- transform #6 payload
10/01/05 01:10:19 >> : -- transform #7 payload
10/01/05 01:10:19 >> : -- transform #8 payload
10/01/05 01:10:19 >> : -- transform #9 payload
10/01/05 01:10:19 >> : -- transform #10 payload
10/01/05 01:10:19 >> : -- transform #11 payload
10/01/05 01:10:19 >> : -- transform #12 payload
10/01/05 01:10:19 >> : -- transform #13 payload
10/01/05 01:10:19 >> : -- transform #14 payload
10/01/05 01:10:19 >> : -- transform #15 payload
10/01/05 01:10:19 >> : -- transform #16 payload
10/01/05 01:10:19 >> : -- transform #17 payload
10/01/05 01:10:19 >> : -- transform #18 payload
10/01/05 01:10:19 >> : key exchange payload
10/01/05 01:10:19 >> : nonce payload
10/01/05 01:10:19 >> : identification payload
10/01/05 01:10:19 >> : vendor id payload
10/01/05 01:10:19 ii : local supports XAUTH
10/01/05 01:10:19 >> : vendor id payload
10/01/05 01:10:19 ii : local supports nat-t ( draft v00 )
10/01/05 01:10:19 >> : vendor id payload
10/01/05 01:10:19 ii : local supports nat-t ( draft v01 )
10/01/05 01:10:19 >> : vendor id payload
10/01/05 01:10:19 ii : local supports nat-t ( draft v02 )
10/01/05 01:10:19 >> : vendor id payload
10/01/05 01:10:19 ii : local supports nat-t ( draft v03 )
10/01/05 01:10:19 >> : vendor id payload
10/01/05 01:10:19 ii : local supports nat-t ( rfc )
10/01/05 01:10:19 >> : vendor id payload
10/01/05 01:10:19 ii : local supports DPDv1
10/01/05 01:10:19 >> : vendor id payload
10/01/05 01:10:19 ii : local is SHREW SOFT compatible
10/01/05 01:10:19 >> : vendor id payload
10/01/05 01:10:19 ii : local is NETSCREEN compatible
10/01/05 01:10:19 >> : vendor id payload
10/01/05 01:10:19 ii : local is SIDEWINDER compatible
10/01/05 01:10:19 >> : vendor id payload
10/01/05 01:10:19 ii : local is CISCO UNITY compatible
10/01/05 01:10:19 >= : cookies b884b435e4cb96a5:0000000000000000
10/01/05 01:10:19 >= : message 00000000
10/01/05 01:10:19 -> : send IKE packet 192.168.0.4:500 ->
213.255.79.172:500( 1224 bytes )
10/01/05 01:10:19 DB : phase1 resend event scheduled ( ref count = 2 )
10/01/05 01:10:19 <- : recv IKE packet 213.255.79.172:500 ->
192.168.0.4:500( 512 bytes )
10/01/05 01:10:19 DB : phase1 found
10/01/05 01:10:19 ii : processing phase1 packet ( 512 bytes )
10/01/05 01:10:19 =< : cookies b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:19 =< : message 00000000
10/01/05 01:10:19 << : security association payload
10/01/05 01:10:19 << : - propsal #1 payload
10/01/05 01:10:19 << : -- transform #13 payload
10/01/05 01:10:19 ii : unmatched isakmp proposal/transform
10/01/05 01:10:19 ii : cipher type ( 3des != aes )
10/01/05 01:10:19 ii : unmatched isakmp proposal/transform
10/01/05 01:10:19 ii : cipher type ( 3des != aes )
10/01/05 01:10:19 ii : unmatched isakmp proposal/transform
10/01/05 01:10:19 ii : cipher type ( 3des != aes )
10/01/05 01:10:19 ii : unmatched isakmp proposal/transform
10/01/05 01:10:19 ii : cipher type ( 3des != aes )
10/01/05 01:10:19 ii : unmatched isakmp proposal/transform
10/01/05 01:10:19 ii : cipher type ( 3des != aes )
10/01/05 01:10:19 ii : unmatched isakmp proposal/transform
10/01/05 01:10:19 ii : cipher type ( 3des != aes )
10/01/05 01:10:19 ii : unmatched isakmp proposal/transform
10/01/05 01:10:19 ii : cipher type ( 3des != blowfish )
10/01/05 01:10:19 ii : unmatched isakmp proposal/transform
10/01/05 01:10:19 ii : cipher type ( 3des != blowfish )
10/01/05 01:10:19 ii : unmatched isakmp proposal/transform
10/01/05 01:10:19 ii : cipher type ( 3des != blowfish )
10/01/05 01:10:19 ii : unmatched isakmp proposal/transform
10/01/05 01:10:19 ii : cipher type ( 3des != blowfish )
10/01/05 01:10:19 ii : unmatched isakmp proposal/transform
10/01/05 01:10:19 ii : cipher type ( 3des != blowfish )
10/01/05 01:10:19 ii : unmatched isakmp proposal/transform
10/01/05 01:10:19 ii : cipher type ( 3des != blowfish )
10/01/05 01:10:19 ii : matched isakmp proposal #1 transform #13
10/01/05 01:10:19 ii : - transform = ike
10/01/05 01:10:19 ii : - cipher type = 3des
10/01/05 01:10:19 ii : - key length = default
10/01/05 01:10:19 ii : - hash type = md5
10/01/05 01:10:19 ii : - dh group = modp-1536
10/01/05 01:10:19 ii : - auth type = xauth-initiator-psk
10/01/05 01:10:19 ii : - life seconds = 86400
10/01/05 01:10:19 ii : - life kbytes = 0
10/01/05 01:10:19 << : key exchange payload
10/01/05 01:10:19 << : nonce payload
10/01/05 01:10:19 << : identification payload
10/01/05 01:10:19 ii : phase1 id target is any
10/01/05 01:10:19 ii : phase1 id match
10/01/05 01:10:19 ii : received = ipv4-host 10.16.96.66
10/01/05 01:10:19 << : hash payload
10/01/05 01:10:19 << : vendor id payload
10/01/05 01:10:19 ii : peer is CISCO UNITY compatible
10/01/05 01:10:19 << : vendor id payload
10/01/05 01:10:19 ii : peer supports XAUTH
10/01/05 01:10:19 << : vendor id payload
10/01/05 01:10:19 ii : peer supports DPDv1
10/01/05 01:10:19 << : vendor id payload
10/01/05 01:10:19 ii : peer supports nat-t ( draft v02 )
10/01/05 01:10:19 << : nat discovery payload
10/01/05 01:10:19 << : nat discovery payload
10/01/05 01:10:19 << : vendor id payload
10/01/05 01:10:19 ii : unknown vendor id ( 20 bytes )
10/01/05 01:10:19 0x : 4048b7d5 6ebce885 25e7de7f 00d6c2d3 c0000000
10/01/05 01:10:19 << : vendor id payload
10/01/05 01:10:19 ii : unknown vendor id ( 16 bytes )
10/01/05 01:10:19 0x : a39b4da2 68948ba8 1ae72a26 795ecd96
10/01/05 01:10:19 << : vendor id payload
10/01/05 01:10:19 ii : unknown vendor id ( 16 bytes )
10/01/05 01:10:19 0x : 1f07f70e aa6514d3 b0fa9654 2a500401
10/01/05 01:10:19 ii : nat discovery - local address is translated
10/01/05 01:10:19 ii : nat discovery - remote address is translated
10/01/05 01:10:19 ii : switching to src nat-t udp port 4500
10/01/05 01:10:19 ii : switching to dst nat-t udp port 4500
10/01/05 01:10:20 == : DH shared secret ( 192 bytes )
10/01/05 01:10:20 == : SETKEYID ( 16 bytes )
10/01/05 01:10:20 == : SETKEYID_d ( 16 bytes )
10/01/05 01:10:20 == : SETKEYID_a ( 16 bytes )
10/01/05 01:10:20 == : SETKEYID_e ( 16 bytes )
10/01/05 01:10:20 == : cipher key ( 32 bytes )
10/01/05 01:10:20 == : cipher iv ( 8 bytes )
10/01/05 01:10:20 == : phase1 hash_i ( computed ) ( 16 bytes )
10/01/05 01:10:20 >> : hash payload
10/01/05 01:10:20 >> : nat discovery payload
10/01/05 01:10:20 >> : nat discovery payload
10/01/05 01:10:20 >= : cookies b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:20 >= : message 00000000
10/01/05 01:10:20 >= : encrypt iv ( 8 bytes )
10/01/05 01:10:20 == : encrypt packet ( 88 bytes )
10/01/05 01:10:20 == : stored iv ( 8 bytes )
10/01/05 01:10:20 DB : phase1 resend event canceled ( ref count = 1 )
10/01/05 01:10:20 -> : send NAT-T:IKE packet 192.168.0.4:4500 ->
213.255.79.172:4500 ( 124 bytes )
10/01/05 01:10:20 == : phase1 hash_r ( computed ) ( 16 bytes )
10/01/05 01:10:20 == : phase1 hash_r ( received ) ( 16 bytes )
10/01/05 01:10:20 ii : phase1 sa established
10/01/05 01:10:20 ii : 213.255.79.172:4500 <-> 192.168.0.4:4500
10/01/05 01:10:20 ii : b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:20 ii : sending peer INITIAL-CONTACT notification
10/01/05 01:10:20 ii : - 192.168.0.4:4500 -> 213.255.79.172:4500
10/01/05 01:10:20 ii : - isakmp spi = b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:20 ii : - data size 0
10/01/05 01:10:20 >> : hash payload
10/01/05 01:10:20 >> : notification payload
10/01/05 01:10:20 == : new informational hash ( 16 bytes )
10/01/05 01:10:20 == : new informational iv ( 8 bytes )
10/01/05 01:10:20 >= : cookies b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:20 >= : message 6dfc6788
10/01/05 01:10:20 >= : encrypt iv ( 8 bytes )
10/01/05 01:10:20 == : encrypt packet ( 76 bytes )
10/01/05 01:10:20 == : stored iv ( 8 bytes )
10/01/05 01:10:20 -> : send NAT-T:IKE packet 192.168.0.4:4500 ->
213.255.79.172:4500 ( 108 bytes )
10/01/05 01:10:20 DB : phase2 not found
10/01/05 01:10:20 <- : recv NAT-T:IKE packet 213.255.79.172:4500 ->
192.168.0.4:4500 ( 116 bytes )
10/01/05 01:10:20 DB : phase1 found
10/01/05 01:10:20 ii : processing config packet ( 116 bytes )
10/01/05 01:10:20 DB : config not found
10/01/05 01:10:20 DB : config added ( obj count = 1 )
10/01/05 01:10:20 == : new config iv ( 8 bytes )
10/01/05 01:10:20 =< : cookies b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:20 =< : message 9c2fb287
10/01/05 01:10:20 =< : decrypt iv ( 8 bytes )
10/01/05 01:10:20 == : decrypt packet ( 116 bytes )
10/01/05 01:10:20 <= : trimmed packet padding ( 4 bytes )
10/01/05 01:10:20 <= : stored iv ( 8 bytes )
10/01/05 01:10:20 << : hash payload
10/01/05 01:10:20 << : attribute payload
10/01/05 01:10:20 == : configure hash_i ( computed ) ( 16 bytes )
10/01/05 01:10:20 == : configure hash_c ( computed ) ( 16 bytes )
10/01/05 01:10:20 ii : configure hash verified
10/01/05 01:10:20 ii : - xauth authentication type
10/01/05 01:10:20 ii : - xauth username
10/01/05 01:10:20 !! : warning, unhandled xauth attribute 16526
10/01/05 01:10:20 ii : - xauth password
10/01/05 01:10:20 ii : received basic xauth request - Enter Username,
Password and Domain.
10/01/05 01:10:20 ii : - standard xauth username
10/01/05 01:10:20 ii : - standard xauth password
10/01/05 01:10:20 ii : sending xauth response for novil
10/01/05 01:10:20 >> : hash payload
10/01/05 01:10:20 >> : attribute payload
10/01/05 01:10:20 == : new configure hash ( 16 bytes )
10/01/05 01:10:20 >= : cookies b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:20 >= : message 9c2fb287
10/01/05 01:10:20 >= : encrypt iv ( 8 bytes )
10/01/05 01:10:20 == : encrypt packet ( 81 bytes )
10/01/05 01:10:20 == : stored iv ( 8 bytes )
10/01/05 01:10:20 -> : send NAT-T:IKE packet 192.168.0.4:4500 ->
213.255.79.172:4500 ( 116 bytes )
10/01/05 01:10:20 DB : config resend event scheduled ( ref count = 2 )
10/01/05 01:10:20 <- : recv NAT-T:IKE packet 213.255.79.172:4500 ->
192.168.0.4:4500 ( 60 bytes )
10/01/05 01:10:20 DB : phase1 found
10/01/05 01:10:20 ii : processing config packet ( 60 bytes )
10/01/05 01:10:20 DB : config found
10/01/05 01:10:20 == : new config iv ( 8 bytes )
10/01/05 01:10:20 =< : cookies b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:20 =< : message 1375c751
10/01/05 01:10:20 =< : decrypt iv ( 8 bytes )
10/01/05 01:10:20 == : decrypt packet ( 60 bytes )
10/01/05 01:10:20 <= : stored iv ( 8 bytes )
10/01/05 01:10:20 << : hash payload
10/01/05 01:10:20 << : attribute payload
10/01/05 01:10:20 == : configure hash_i ( computed ) ( 16 bytes )
10/01/05 01:10:20 == : configure hash_c ( computed ) ( 16 bytes )
10/01/05 01:10:20 ii : configure hash verified
10/01/05 01:10:20 ii : received xauth result -
10/01/05 01:10:20 ii : user novil authentication succeeded
10/01/05 01:10:20 ii : sending xauth acknowledge
10/01/05 01:10:20 >> : hash payload
10/01/05 01:10:20 >> : attribute payload
10/01/05 01:10:20 == : new configure hash ( 16 bytes )
10/01/05 01:10:20 >= : cookies b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:20 >= : message 1375c751
10/01/05 01:10:20 >= : encrypt iv ( 8 bytes )
10/01/05 01:10:20 == : encrypt packet ( 56 bytes )
10/01/05 01:10:20 == : stored iv ( 8 bytes )
10/01/05 01:10:20 DB : config resend event canceled ( ref count = 1 )
10/01/05 01:10:20 -> : send NAT-T:IKE packet 192.168.0.4:4500 ->
213.255.79.172:4500 ( 92 bytes )
10/01/05 01:10:20 DB : config resend event scheduled ( ref count = 2 )
10/01/05 01:10:20 ii : building config attribute list
10/01/05 01:10:20 ii : - IP4 Address
10/01/05 01:10:20 ii : - Address Expiry
10/01/05 01:10:20 ii : - IP4 Netamask
10/01/05 01:10:20 ii : - IP4 DNS Server
10/01/05 01:10:20 ii : - IP4 WINS Server
10/01/05 01:10:20 ii : - DNS Suffix
10/01/05 01:10:20 ii : - Split DNS Domain
10/01/05 01:10:20 ii : - IP4 Split Network Include
10/01/05 01:10:20 ii : - IP4 Split Network Exclude
10/01/05 01:10:20 ii : - Login Banner
10/01/05 01:10:20 ii : - Save Password
10/01/05 01:10:20 == : new config iv ( 8 bytes )
10/01/05 01:10:20 ii : sending config pull request
10/01/05 01:10:20 >> : hash payload
10/01/05 01:10:20 >> : attribute payload
10/01/05 01:10:20 == : new configure hash ( 16 bytes )
10/01/05 01:10:20 >= : cookies b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:20 >= : message f60c55da
10/01/05 01:10:20 >= : encrypt iv ( 8 bytes )
10/01/05 01:10:20 == : encrypt packet ( 100 bytes )
10/01/05 01:10:20 == : stored iv ( 8 bytes )
10/01/05 01:10:20 DB : config resend event canceled ( ref count = 1 )
10/01/05 01:10:20 -> : send NAT-T:IKE packet 192.168.0.4:4500 ->
213.255.79.172:4500 ( 132 bytes )
10/01/05 01:10:20 DB : config resend event scheduled ( ref count = 2 )
10/01/05 01:10:20 <- : recv NAT-T:IKE packet 213.255.79.172:4500 ->
192.168.0.4:4500 ( 132 bytes )
10/01/05 01:10:20 DB : phase1 found
10/01/05 01:10:20 ii : processing config packet ( 132 bytes )
10/01/05 01:10:20 DB : config found
10/01/05 01:10:20 =< : cookies b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:20 =< : message f60c55da
10/01/05 01:10:20 =< : decrypt iv ( 8 bytes )
10/01/05 01:10:20 == : decrypt packet ( 132 bytes )
10/01/05 01:10:20 <= : trimmed packet padding ( 6 bytes )
10/01/05 01:10:20 <= : stored iv ( 8 bytes )
10/01/05 01:10:20 << : hash payload
10/01/05 01:10:20 << : attribute payload
10/01/05 01:10:20 == : configure hash_i ( computed ) ( 16 bytes )
10/01/05 01:10:20 == : configure hash_c ( computed ) ( 16 bytes )
10/01/05 01:10:20 ii : configure hash verified
10/01/05 01:10:20 ii : received config pull response
10/01/05 01:10:20 ii : - IP4 Address = 10.16.98.1
10/01/05 01:10:20 ii : - IP4 Netmask = 255.255.255.224
10/01/05 01:10:20 ii : - IP4 DNS Server = 10.16.112.36
10/01/05 01:10:20 ii : - IP4 DNS Server = 10.16.112.40
10/01/05 01:10:20 ii : - IP4 WINS Server = 10.16.112.2
10/01/05 01:10:20 ii : - IP4 WINS Server = 10.16.112.3
10/01/05 01:10:20 ii : - Save Password = 0
10/01/05 01:10:20 ii : - DNS Suffix = atr.ansaldo.it
10/01/05 01:10:20 DB : config resend event canceled ( ref count = 1 )
10/01/05 01:10:20 ii : waiting for vnet to arrive ...
10/01/05 01:10:21 !! : VNET adapter MTU defaulted to 1500.
10/01/05 01:10:21 ii : enabled adapter ROOT\VNET\0000
10/01/05 01:10:21 ii : creating NONE INBOUND policy ANY:213.255.79.172:* ->
ANY:192.168.0.4:*
10/01/05 01:10:21 DB : policy added ( obj count = 1 )
10/01/05 01:10:21 K> : send pfkey X_SPDADD UNSPEC message
10/01/05 01:10:21 ii : creating NONE OUTBOUND policy ANY:192.168.0.4:* ->
ANY:213.255.79.172:*
10/01/05 01:10:21 K< : recv pfkey X_SPDADD UNSPEC message
10/01/05 01:10:21 DB : policy found
10/01/05 01:10:21 ii : created NONE policy route for 213.255.79.172/32
10/01/05 01:10:21 DB : policy added ( obj count = 2 )
10/01/05 01:10:21 K> : send pfkey X_SPDADD UNSPEC message
10/01/05 01:10:21 ii : creating IPSEC INBOUND policy ANY:0.0.0.0/0:* ->
ANY:10.16.98.1:*
10/01/05 01:10:21 DB : policy added ( obj count = 3 )
10/01/05 01:10:21 K> : send pfkey X_SPDADD UNSPEC message
10/01/05 01:10:21 ii : creating IPSEC OUTBOUND policy ANY:10.16.98.1:* ->
ANY:0.0.0.0/0:*
10/01/05 01:10:21 ii : created IPSEC policy route for 0.0.0.0
10/01/05 01:10:21 DB : policy added ( obj count = 4 )
10/01/05 01:10:21 K> : send pfkey X_SPDADD UNSPEC message
10/01/05 01:10:21 ii : split DNS bypassed ( no split domains defined )
10/01/05 01:10:21 K< : recv pfkey X_SPDADD UNSPEC message
10/01/05 01:10:21 DB : policy found
10/01/05 01:10:21 ii : calling init phase2 for initial policy
10/01/05 01:10:21 DB : policy found
10/01/05 01:10:21 DB : policy not found
10/01/05 01:10:21 !! : unable to locate inbound policy for init phase2
10/01/05 01:10:21 K< : recv pfkey X_SPDADD UNSPEC message
10/01/05 01:10:21 DB : policy found
10/01/05 01:10:21 K< : recv pfkey X_SPDADD UNSPEC message
10/01/05 01:10:21 DB : policy found
10/01/05 01:10:24 K< : recv pfkey ACQUIRE UNSPEC message
10/01/05 01:10:24 DB : policy found
10/01/05 01:10:24 DB : policy found
10/01/05 01:10:24 DB : tunnel found
10/01/05 01:10:24 DB : new phase2 ( IPSEC initiator )
10/01/05 01:10:24 DB : phase2 added ( obj count = 1 )
10/01/05 01:10:24 K> : send pfkey GETSPI ESP message
10/01/05 01:10:24 K< : recv pfkey GETSPI ESP message
10/01/05 01:10:24 DB : phase2 found
10/01/05 01:10:24 ii : updated spi for 1 ipsec-esp proposal
10/01/05 01:10:24 DB : phase1 found
10/01/05 01:10:24 >> : hash payload
10/01/05 01:10:24 >> : security association payload
10/01/05 01:10:24 >> : - proposal #1 payload
10/01/05 01:10:24 >> : -- transform #1 payload
10/01/05 01:10:24 >> : -- transform #2 payload
10/01/05 01:10:24 >> : -- transform #3 payload
10/01/05 01:10:24 >> : -- transform #4 payload
10/01/05 01:10:24 >> : -- transform #5 payload
10/01/05 01:10:24 >> : -- transform #6 payload
10/01/05 01:10:24 >> : -- transform #7 payload
10/01/05 01:10:24 >> : -- transform #8 payload
10/01/05 01:10:24 >> : -- transform #9 payload
10/01/05 01:10:24 >> : -- transform #10 payload
10/01/05 01:10:24 >> : -- transform #11 payload
10/01/05 01:10:24 >> : -- transform #12 payload
10/01/05 01:10:24 >> : -- transform #13 payload
10/01/05 01:10:24 >> : -- transform #14 payload
10/01/05 01:10:24 >> : -- transform #15 payload
10/01/05 01:10:24 >> : -- transform #16 payload
10/01/05 01:10:24 >> : -- transform #17 payload
10/01/05 01:10:24 >> : -- transform #18 payload
10/01/05 01:10:24 >> : nonce payload
10/01/05 01:10:24 >> : key exchange payload
10/01/05 01:10:24 >> : identification payload
10/01/05 01:10:24 >> : identification payload
10/01/05 01:10:24 == : phase2 hash_i ( input ) ( 836 bytes )
10/01/05 01:10:24 == : phase2 hash_i ( computed ) ( 16 bytes )
10/01/05 01:10:24 == : new phase2 iv ( 8 bytes )
10/01/05 01:10:24 >= : cookies b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:24 >= : message 25857ede
10/01/05 01:10:24 >= : encrypt iv ( 8 bytes )
10/01/05 01:10:24 == : encrypt packet ( 880 bytes )
10/01/05 01:10:24 == : stored iv ( 8 bytes )
10/01/05 01:10:24 -> : send NAT-T:IKE packet 192.168.0.4:4500 ->
213.255.79.172:4500 ( 916 bytes )
10/01/05 01:10:24 DB : phase2 resend event scheduled ( ref count = 2 )
10/01/05 01:10:24 <- : recv NAT-T:IKE packet 213.255.79.172:4500 ->
192.168.0.4:4500 ( 76 bytes )
10/01/05 01:10:24 DB : phase1 found
10/01/05 01:10:24 ii : processing informational packet ( 76 bytes )
10/01/05 01:10:24 == : new informational iv ( 8 bytes )
10/01/05 01:10:24 =< : cookies b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:24 =< : message a42e8334
10/01/05 01:10:24 =< : decrypt iv ( 8 bytes )
10/01/05 01:10:24 == : decrypt packet ( 76 bytes )
10/01/05 01:10:24 <= : stored iv ( 8 bytes )
10/01/05 01:10:24 << : hash payload
10/01/05 01:10:24 << : delete payload
10/01/05 01:10:24 == : informational hash_i ( computed ) ( 16 bytes )
10/01/05 01:10:24 == : informational hash_c ( received ) ( 16 bytes )
10/01/05 01:10:24 ii : informational hash verified
10/01/05 01:10:24 ii : received peer DELETE message
10/01/05 01:10:24 ii : - 213.255.79.172:4500 -> 192.168.0.4:4500
10/01/05 01:10:24 ii : - isakmp spi = b884b435e4cb96a5:565ceabf68958ba8
10/01/05 01:10:24 DB : phase1 found
10/01/05 01:10:24 ii : cleanup, marked phase1
b884b435e4cb96a5:565ceabf68958ba8 for removal
10/01/05 01:10:24 DB : phase1 soft event canceled ( ref count = 4 )
10/01/05 01:10:24 DB : phase1 hard event canceled ( ref count = 3 )
10/01/05 01:10:24 DB : phase1 dead event canceled ( ref count = 2 )
10/01/05 01:10:24 DB : config deleted ( obj count = 0 )
10/01/05 01:10:24 ii : phase1 removal before expire time
10/01/05 01:10:24 DB : phase1 not found
10/01/05 01:10:24 DB : phase1 deleted ( obj count = 0 )
10/01/05 01:10:24 DB : policy found
10/01/05 01:10:24 ii : removing IPSEC INBOUND policy ANY:0.0.0.0/0:* ->
ANY:10.16.98.1:*
10/01/05 01:10:24 K> : send pfkey X_SPDDELETE2 UNSPEC message
10/01/05 01:10:24 DB : policy found
10/01/05 01:10:24 ii : removing IPSEC OUTBOUND policy ANY:10.16.98.1:* ->
ANY:0.0.0.0/0:*
10/01/05 01:10:24 K> : send pfkey X_SPDDELETE2 UNSPEC message
10/01/05 01:10:24 K< : recv pfkey X_SPDDELETE2 UNSPEC message
10/01/05 01:10:24 ii : removed IPSEC policy route for ANY:0.0.0.0/0:*
10/01/05 01:10:24 DB : policy found
10/01/05 01:10:24 ii : removing NONE INBOUND policy ANY:213.255.79.172:* ->
ANY:192.168.0.4:*
10/01/05 01:10:24 K> : send pfkey X_SPDDELETE2 UNSPEC message
10/01/05 01:10:24 DB : policy found
10/01/05 01:10:24 ii : removing NONE OUTBOUND policy ANY:192.168.0.4:* ->
ANY:213.255.79.172:*
10/01/05 01:10:24 K> : send pfkey X_SPDDELETE2 UNSPEC message
10/01/05 01:10:24 ii : removed NONE policy route for ANY:213.255.79.172:*
10/01/05 01:10:24 DB : policy found
10/01/05 01:10:24 DB : policy deleted ( obj count = 3 )
10/01/05 01:10:24 K< : recv pfkey X_SPDDELETE2 UNSPEC message
10/01/05 01:10:24 DB : policy found
10/01/05 01:10:24 DB : policy deleted ( obj count = 2 )
10/01/05 01:10:24 K< : recv pfkey X_SPDDELETE2 UNSPEC message
10/01/05 01:10:24 DB : policy found
10/01/05 01:10:24 DB : policy deleted ( obj count = 1 )
10/01/05 01:10:24 K< : recv pfkey X_SPDDELETE2 UNSPEC message
10/01/05 01:10:24 DB : policy found
10/01/05 01:10:24 DB : policy deleted ( obj count = 0 )
10/01/05 01:10:24 ii : disabled adapter ROOT\VNET\0000
10/01/05 01:10:24 DB : tunnel dpd event canceled ( ref count = 4 )
10/01/05 01:10:24 DB : tunnel natt event canceled ( ref count = 3 )
10/01/05 01:10:24 DB : tunnel stats event canceled ( ref count = 2 )
10/01/05 01:10:24 DB : removing tunnel config references
10/01/05 01:10:24 DB : removing tunnel phase2 references
10/01/05 01:10:24 DB : phase2 resend event canceled ( ref count = 1 )
10/01/05 01:10:24 ii : phase2 removal before expire time
10/01/05 01:10:24 DB : phase2 deleted ( obj count = 0 )
10/01/05 01:10:24 DB : removing tunnel phase1 references
10/01/05 01:10:24 DB : tunnel deleted ( obj count = 0 )
10/01/05 01:10:25 DB : removing all peer tunnel refrences
10/01/05 01:10:25 DB : peer deleted ( obj count = 0 )
10/01/05 01:10:25 ii : ipc client process thread exit ...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100105/54e4e915/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: iked.log
Type: application/octet-stream
Size: 208913 bytes
Desc: not available
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100105/54e4e915/attachment-0002.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ipsec.log
Type: application/octet-stream
Size: 109007 bytes
Desc: not available
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100105/54e4e915/attachment-0003.obj>
More information about the vpn-help
mailing list