[vpn-help] Not getting SA traffic out or in

mikelupo at aol.com mikelupo at aol.com
Thu Jan 6 18:59:15 CST 2011


Hi all,
I'm having a strange problem. 
First occured Using Shrew 2.1.7. Updated to 2.2.0 alpha 11 today. 
This problem still occurs.
The tunnel shows connected, but I can't seen to pass any SA traffic between the client and remote host. NETGEAR FVS318G. The Trace tool shows 0 bytes in both directions. 
I'm using mode config and the IP being assigned from the VPN host has a different subnet than the LAN IP of the hosts on the safe side of the VPN. so no collision there.
I'm not using the Virtual VPN adapter in the client. 

What else might I be doing wrong?

Thanks in advance,
Mike

11/01/06 19:48:35 ## : IKE Daemon, ver 2.2.0
11/01/06 19:48:35 ## : Copyright 2009 Shrew Soft Inc.
11/01/06 19:48:35 ## : This product linked OpenSSL 0.9.8h 28 May 2008
11/01/06 19:48:35 ii : opened 'C:\Program Files\ShrewSoft\VPN Client\debug\iked.log'
11/01/06 19:48:35 ii : opened 'C:\Program Files\ShrewSoft\VPN Client/debug/dump-ike-decrypt.cap'
11/01/06 19:48:35 ii : opened 'C:\Program Files\ShrewSoft\VPN Client/debug/dump-ike-encrypt.cap'
11/01/06 19:48:35 ii : rebuilding vnet device list ...
11/01/06 19:48:35 ii : device ROOT\VNET\0000 disabled
11/01/06 19:48:35 ii : pfkey process thread begin ...
11/01/06 19:48:35 ii : network process thread begin ...
11/01/06 19:48:35 ii : ipc server process thread begin ...
11/01/06 19:48:48 ii : ipc client process thread begin ...
11/01/06 19:48:48 <A : peer config add message
11/01/06 19:48:48 <A : proposal config message
11/01/06 19:48:48 <A : proposal config message
11/01/06 19:48:48 <A : client config message
11/01/06 19:48:48 <A : xauth username message
11/01/06 19:48:48 <A : xauth password message
11/01/06 19:48:48 <A : local id 'client.domain.com' message
11/01/06 19:48:48 <A : preshared key message
11/01/06 19:48:48 <A : remote resource message
11/01/06 19:48:48 <A : peer tunnel enable message
11/01/06 19:48:48 DB : peer added ( obj count = 1 )
11/01/06 19:48:48 ii : local address 10.0.0.18 selected for peer
11/01/06 19:48:48 DB : tunnel added ( obj count = 1 )
11/01/06 19:48:48 DB : new phase1 ( ISAKMP initiator )
11/01/06 19:48:48 DB : exchange type is aggressive
11/01/06 19:48:48 DB : 10.0.0.18:500 <-> <MASKED>:500
11/01/06 19:48:48 DB : 31417c77dc540784:0000000000000000
11/01/06 19:48:48 DB : phase1 added ( obj count = 1 )
11/01/06 19:48:48 >> : security association payload
11/01/06 19:48:48 >> : - proposal #1 payload 
11/01/06 19:48:48 >> : -- transform #1 payload 
11/01/06 19:48:48 >> : -- transform #2 payload 
11/01/06 19:48:48 >> : key exchange payload
11/01/06 19:48:48 >> : nonce payload
11/01/06 19:48:48 >> : identification payload
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports XAUTH
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports nat-t ( draft v00 )
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports nat-t ( draft v01 )
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports nat-t ( draft v02 )
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports nat-t ( draft v03 )
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports nat-t ( rfc )
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports FRAGMENTATION
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local is SHREW SOFT compatible
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local is NETSCREEN compatible
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local is SIDEWINDER compatible
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local is CISCO UNITY compatible
11/01/06 19:48:48 >= : cookies 31417c77dc540784:0000000000000000
11/01/06 19:48:48 >= : message 00000000
11/01/06 19:48:48 -> : send IKE packet 10.0.0.18:500 -> <MASKED>:500 ( 549 bytes )
11/01/06 19:48:48 DB : phase1 resend event scheduled ( ref count = 2 )
11/01/06 19:48:49 <- : recv IKE packet <MASKED>:500 -> 10.0.0.18:500 ( 420 bytes )
11/01/06 19:48:49 DB : phase1 found
11/01/06 19:48:49 ii : processing phase1 packet ( 420 bytes )
11/01/06 19:48:49 =< : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:49 =< : message 00000000
11/01/06 19:48:49 << : security association payload
11/01/06 19:48:49 << : - propsal #1 payload 
11/01/06 19:48:49 << : -- transform #2 payload 
11/01/06 19:48:49 ii : unmatched isakmp proposal/transform
11/01/06 19:48:49 ii : hash type ( hmac-sha != hmac-md5 )
11/01/06 19:48:49 ii : matched isakmp proposal #1 transform #2
11/01/06 19:48:49 ii : - transform = ike
11/01/06 19:48:49 ii : - cipher type = 3des
11/01/06 19:48:49 ii : - key length = default
11/01/06 19:48:49 ii : - hash type = sha1
11/01/06 19:48:49 ii : - dh group = modp-1024
11/01/06 19:48:49 ii : - auth type = xauth-initiator-psk
11/01/06 19:48:49 ii : - life seconds = 28800
11/01/06 19:48:49 ii : - life kbytes = 0
11/01/06 19:48:49 << : key exchange payload
11/01/06 19:48:49 << : nonce payload
11/01/06 19:48:49 << : identification payload
11/01/06 19:48:49 ii : phase1 id match ( natt prevents ip match )
11/01/06 19:48:49 ii : received = ipv4-host <MASKED>
11/01/06 19:48:49 << : hash payload
11/01/06 19:48:49 << : vendor id payload
11/01/06 19:48:49 ii : unknown vendor id ( 16 bytes )
11/01/06 19:48:49 0x : 09002689 dfd6b712 80a224de c33b81e5
11/01/06 19:48:49 << : vendor id payload
11/01/06 19:48:49 ii : peer is CISCO UNITY compatible
11/01/06 19:48:49 << : vendor id payload
11/01/06 19:48:49 ii : peer is IPSEC-TOOLS compatible
11/01/06 19:48:49 << : vendor id payload
11/01/06 19:48:49 ii : peer supports nat-t ( draft v02 )
11/01/06 19:48:49 << : nat discovery payload
11/01/06 19:48:49 << : nat discovery payload
11/01/06 19:48:49 << : vendor id payload
11/01/06 19:48:49 ii : peer supports DPDv1
11/01/06 19:48:49 ii : nat discovery - local address is translated
11/01/06 19:48:49 ii : switching to src nat-t udp port 4500
11/01/06 19:48:49 ii : switching to dst nat-t udp port 4500
11/01/06 19:48:49 == : DH shared secret ( 128 bytes )
11/01/06 19:48:49 == : SETKEYID ( 20 bytes )
11/01/06 19:48:49 == : SETKEYID_d ( 20 bytes )
11/01/06 19:48:49 == : SETKEYID_a ( 20 bytes )
11/01/06 19:48:49 == : SETKEYID_e ( 20 bytes )
11/01/06 19:48:49 == : cipher key ( 40 bytes )
11/01/06 19:48:49 == : cipher iv ( 8 bytes )
11/01/06 19:48:49 == : phase1 hash_i ( computed ) ( 20 bytes )
11/01/06 19:48:49 >> : hash payload
11/01/06 19:48:49 >> : nat discovery payload
11/01/06 19:48:49 >> : nat discovery payload
11/01/06 19:48:49 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:49 >= : message 00000000
11/01/06 19:48:49 >= : encrypt iv ( 8 bytes )
11/01/06 19:48:49 == : encrypt packet ( 100 bytes )
11/01/06 19:48:49 == : stored iv ( 8 bytes )
11/01/06 19:48:49 DB : phase1 resend event canceled ( ref count = 1 )
11/01/06 19:48:49 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 132 bytes )
11/01/06 19:48:49 == : phase1 hash_r ( computed ) ( 20 bytes )
11/01/06 19:48:49 == : phase1 hash_r ( received ) ( 20 bytes )
11/01/06 19:48:49 ii : phase1 sa established
11/01/06 19:48:49 ii : <MASKED>:4500 <-> 10.0.0.18:4500
11/01/06 19:48:49 ii : 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:49 ii : sending peer INITIAL-CONTACT notification
11/01/06 19:48:49 ii : - 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:48:49 ii : - isakmp spi = 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:49 ii : - data size 0
11/01/06 19:48:49 >> : hash payload
11/01/06 19:48:49 >> : notification payload
11/01/06 19:48:49 == : new informational hash ( 20 bytes )
11/01/06 19:48:49 == : new informational iv ( 8 bytes )
11/01/06 19:48:49 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:49 >= : message 5cf156d4
11/01/06 19:48:49 >= : encrypt iv ( 8 bytes )
11/01/06 19:48:49 == : encrypt packet ( 80 bytes )
11/01/06 19:48:49 == : stored iv ( 8 bytes )
11/01/06 19:48:49 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 116 bytes )
11/01/06 19:48:49 DB : phase2 not found
11/01/06 19:48:50 <- : recv NAT-T:IKE packet <MASKED>:4500 -> 10.0.0.18:4500 ( 76 bytes )
11/01/06 19:48:50 DB : phase1 found
11/01/06 19:48:50 ii : processing config packet ( 76 bytes )
11/01/06 19:48:50 DB : config not found
11/01/06 19:48:50 DB : config added ( obj count = 1 )
11/01/06 19:48:50 == : new config iv ( 8 bytes )
11/01/06 19:48:50 =< : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 =< : message a0161d16
11/01/06 19:48:50 =< : decrypt iv ( 8 bytes )
11/01/06 19:48:50 == : decrypt packet ( 76 bytes )
11/01/06 19:48:50 <= : trimmed packet padding ( 4 bytes )
11/01/06 19:48:50 <= : stored iv ( 8 bytes )
11/01/06 19:48:50 << : hash payload
11/01/06 19:48:50 << : attribute payload
11/01/06 19:48:50 == : configure hash_i ( computed ) ( 20 bytes )
11/01/06 19:48:50 == : configure hash_c ( computed ) ( 20 bytes )
11/01/06 19:48:50 ii : configure hash verified
11/01/06 19:48:50 ii : - xauth authentication type
11/01/06 19:48:50 ii : - xauth username
11/01/06 19:48:50 ii : - xauth password
11/01/06 19:48:50 ii : received basic xauth request - 
11/01/06 19:48:50 ii : - standard xauth username
11/01/06 19:48:50 ii : - standard xauth password
11/01/06 19:48:50 ii : sending xauth response for necb
11/01/06 19:48:50 >> : hash payload
11/01/06 19:48:50 >> : attribute payload
11/01/06 19:48:50 == : new configure hash ( 20 bytes )
11/01/06 19:48:50 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 >= : message a0161d16
11/01/06 19:48:50 >= : encrypt iv ( 8 bytes )
11/01/06 19:48:50 == : encrypt packet ( 80 bytes )
11/01/06 19:48:50 == : stored iv ( 8 bytes )
11/01/06 19:48:50 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 116 bytes )
11/01/06 19:48:50 DB : config resend event scheduled ( ref count = 2 )
11/01/06 19:48:50 <- : recv NAT-T:IKE packet <MASKED>:4500 -> 10.0.0.18:4500 ( 68 bytes )
11/01/06 19:48:50 DB : phase1 found
11/01/06 19:48:50 ii : processing config packet ( 68 bytes )
11/01/06 19:48:50 DB : config found
11/01/06 19:48:50 == : new config iv ( 8 bytes )
11/01/06 19:48:50 =< : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 =< : message a8ee1ec7
11/01/06 19:48:50 =< : decrypt iv ( 8 bytes )
11/01/06 19:48:50 == : decrypt packet ( 68 bytes )
11/01/06 19:48:50 <= : trimmed packet padding ( 4 bytes )
11/01/06 19:48:50 <= : stored iv ( 8 bytes )
11/01/06 19:48:50 << : hash payload
11/01/06 19:48:50 << : attribute payload
11/01/06 19:48:50 == : configure hash_i ( computed ) ( 20 bytes )
11/01/06 19:48:50 == : configure hash_c ( computed ) ( 20 bytes )
11/01/06 19:48:50 ii : configure hash verified
11/01/06 19:48:50 ii : received xauth result - 
11/01/06 19:48:50 ii : user necb authentication succeeded
11/01/06 19:48:50 ii : sending xauth acknowledge
11/01/06 19:48:50 >> : hash payload
11/01/06 19:48:50 >> : attribute payload
11/01/06 19:48:50 == : new configure hash ( 20 bytes )
11/01/06 19:48:50 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 >= : message a8ee1ec7
11/01/06 19:48:50 >= : encrypt iv ( 8 bytes )
11/01/06 19:48:50 == : encrypt packet ( 60 bytes )
11/01/06 19:48:50 == : stored iv ( 8 bytes )
11/01/06 19:48:50 DB : config resend event canceled ( ref count = 1 )
11/01/06 19:48:50 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 92 bytes )
11/01/06 19:48:50 DB : config resend event scheduled ( ref count = 2 )
11/01/06 19:48:50 ii : building config attribute list
11/01/06 19:48:50 ii : - IP4 DNS Server
11/01/06 19:48:50 ii : - IP4 WINS Server
11/01/06 19:48:50 ii : - DNS Suffix
11/01/06 19:48:50 ii : - Split DNS Domain
11/01/06 19:48:50 ii : - Save Password
11/01/06 19:48:50 ii : - CISCO UDP Port
11/01/06 19:48:50 ii : - Application Version = Cisco Systems VPN Client 4.8.01.0300:WinNT
11/01/06 19:48:50 ii : - Firewall Type = CISCO-UNKNOWN
11/01/06 19:48:50 == : new config iv ( 8 bytes )
11/01/06 19:48:50 ii : sending config pull request
11/01/06 19:48:50 >> : hash payload
11/01/06 19:48:50 >> : attribute payload
11/01/06 19:48:50 == : new configure hash ( 20 bytes )
11/01/06 19:48:50 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 >= : message 91292891
11/01/06 19:48:50 >= : encrypt iv ( 8 bytes )
11/01/06 19:48:50 == : encrypt packet ( 146 bytes )
11/01/06 19:48:50 == : stored iv ( 8 bytes )
11/01/06 19:48:50 DB : config resend event canceled ( ref count = 1 )
11/01/06 19:48:50 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 180 bytes )
11/01/06 19:48:50 DB : config resend event scheduled ( ref count = 2 )
11/01/06 19:48:50 <- : recv NAT-T:IKE packet <MASKED>:4500 -> 10.0.0.18:4500 ( 140 bytes )
11/01/06 19:48:50 DB : phase1 found
11/01/06 19:48:50 ii : processing config packet ( 140 bytes )
11/01/06 19:48:50 DB : config found
11/01/06 19:48:50 =< : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 =< : message 91292891
11/01/06 19:48:50 =< : decrypt iv ( 8 bytes )
11/01/06 19:48:50 == : decrypt packet ( 140 bytes )
11/01/06 19:48:50 <= : trimmed packet padding ( 5 bytes )
11/01/06 19:48:50 <= : stored iv ( 8 bytes )
11/01/06 19:48:50 << : hash payload
11/01/06 19:48:50 << : attribute payload
11/01/06 19:48:50 == : configure hash_i ( computed ) ( 20 bytes )
11/01/06 19:48:50 == : configure hash_c ( computed ) ( 20 bytes )
11/01/06 19:48:50 ii : configure hash verified
11/01/06 19:48:50 ii : received config pull response
11/01/06 19:48:50 ii : - IP4 DNS Server = 192.168.1.1
11/01/06 19:48:50 ii : - IP4 WINS Server = 192.168.1.1
11/01/06 19:48:50 ii : - Save Password = 0
11/01/06 19:48:50 ii : - Application Version = KAME/racoon + Hybrid auth Patches <manu at netbsd.org>
11/01/06 19:48:50 DB : config resend event canceled ( ref count = 1 )
11/01/06 19:48:50 ii : generating IPSEC security policies at UNIQUE level
11/01/06 19:48:50 ii : creating NONE INBOUND policy ANY:<MASKED>:* -> ANY:10.0.0.18:*
11/01/06 19:48:50 DB : policy added ( obj count = 1 )
11/01/06 19:48:50 K> : send pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 ii : creating NONE OUTBOUND policy ANY:10.0.0.18:* -> ANY:<MASKED>:*
11/01/06 19:48:50 K< : recv pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 DB : policy found
11/01/06 19:48:50 ii : created NONE policy route for <MASKED>/32
11/01/06 19:48:50 DB : policy added ( obj count = 2 )
11/01/06 19:48:50 K> : send pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 K< : recv pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 DB : policy found
11/01/06 19:48:50 ii : creating NONE INBOUND policy ANY:10.0.0.1:* -> ANY:10.0.0.18:*
11/01/06 19:48:50 DB : policy added ( obj count = 3 )
11/01/06 19:48:50 K> : send pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 ii : creating NONE OUTBOUND policy ANY:10.0.0.18:* -> ANY:10.0.0.1:*
11/01/06 19:48:50 DB : policy added ( obj count = 4 )
11/01/06 19:48:50 K> : send pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 ii : creating IPSEC INBOUND policy ANY:192.168.1.0/24:* -> ANY:10.0.0.18:*
11/01/06 19:48:50 DB : policy added ( obj count = 5 )
11/01/06 19:48:50 K> : send pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 ii : creating IPSEC OUTBOUND policy ANY:10.0.0.18:* -> ANY:192.168.1.0/24:*
11/01/06 19:48:50 K< : recv pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 DB : policy found
11/01/06 19:48:50 ii : created IPSEC policy route for 192.168.1.0/24
11/01/06 19:48:50 DB : policy added ( obj count = 6 )
11/01/06 19:48:50 K> : send pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 ii : split DNS is disabled
11/01/06 19:48:50 K< : recv pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 DB : policy found
 19:48:35 ## : IKE Daemon, ver 2.2.0
11/01/06 19:48:35 ## : Copyright 2009 Shrew Soft Inc.
11/01/06 19:48:35 ## : This product linked OpenSSL 0.9.8h 28 May 2008
11/01/06 19:48:35 ii : opened 'C:\Program Files\ShrewSoft\VPN Client\debug\iked.log'
11/01/06 19:48:35 ii : opened 'C:\Program Files\ShrewSoft\VPN Client/debug/dump-ike-decrypt.cap'
11/01/06 19:48:35 ii : opened 'C:\Program Files\ShrewSoft\VPN Client/debug/dump-ike-encrypt.cap'
11/01/06 19:48:35 ii : rebuilding vnet device list ...
11/01/06 19:48:35 ii : device ROOT\VNET\0000 disabled
11/01/06 19:48:35 ii : pfkey process thread begin ...
11/01/06 19:48:35 ii : network process thread begin ...
11/01/06 19:48:35 ii : ipc server process thread begin ...
11/01/06 19:48:48 ii : ipc client process thread begin ...
11/01/06 19:48:48 <A : peer config add message
11/01/06 19:48:48 <A : proposal config message
11/01/06 19:48:48 <A : proposal config message
11/01/06 19:48:48 <A : client config message
11/01/06 19:48:48 <A : xauth username message
11/01/06 19:48:48 <A : xauth password message
11/01/06 19:48:48 <A : local id 'client.domain.com' message
11/01/06 19:48:48 <A : preshared key message
11/01/06 19:48:48 <A : remote resource message
11/01/06 19:48:48 <A : peer tunnel enable message
11/01/06 19:48:48 DB : peer added ( obj count = 1 )
11/01/06 19:48:48 ii : local address 10.0.0.18 selected for peer
11/01/06 19:48:48 DB : tunnel added ( obj count = 1 )
11/01/06 19:48:48 DB : new phase1 ( ISAKMP initiator )
11/01/06 19:48:48 DB : exchange type is aggressive
11/01/06 19:48:48 DB : 10.0.0.18:500 <-> <MASKED>:500
11/01/06 19:48:48 DB : 31417c77dc540784:0000000000000000
11/01/06 19:48:48 DB : phase1 added ( obj count = 1 )
11/01/06 19:48:48 >> : security association payload
11/01/06 19:48:48 >> : - proposal #1 payload 
11/01/06 19:48:48 >> : -- transform #1 payload 
11/01/06 19:48:48 >> : -- transform #2 payload 
11/01/06 19:48:48 >> : key exchange payload
11/01/06 19:48:48 >> : nonce payload
11/01/06 19:48:48 >> : identification payload
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports XAUTH
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports nat-t ( draft v00 )
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports nat-t ( draft v01 )
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports nat-t ( draft v02 )
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports nat-t ( draft v03 )
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports nat-t ( rfc )
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local supports FRAGMENTATION
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local is SHREW SOFT compatible
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local is NETSCREEN compatible
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local is SIDEWINDER compatible
11/01/06 19:48:48 >> : vendor id payload
11/01/06 19:48:48 ii : local is CISCO UNITY compatible
11/01/06 19:48:48 >= : cookies 31417c77dc540784:0000000000000000
11/01/06 19:48:48 >= : message 00000000
11/01/06 19:48:48 -> : send IKE packet 10.0.0.18:500 -> <MASKED>:500 ( 549 bytes )
11/01/06 19:48:48 DB : phase1 resend event scheduled ( ref count = 2 )
11/01/06 19:48:49 <- : recv IKE packet <MASKED>:500 -> 10.0.0.18:500 ( 420 bytes )
11/01/06 19:48:49 DB : phase1 found
11/01/06 19:48:49 ii : processing phase1 packet ( 420 bytes )
11/01/06 19:48:49 =< : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:49 =< : message 00000000
11/01/06 19:48:49 << : security association payload
11/01/06 19:48:49 << : - propsal #1 payload 
11/01/06 19:48:49 << : -- transform #2 payload 
11/01/06 19:48:49 ii : unmatched isakmp proposal/transform
11/01/06 19:48:49 ii : hash type ( hmac-sha != hmac-md5 )
11/01/06 19:48:49 ii : matched isakmp proposal #1 transform #2
11/01/06 19:48:49 ii : - transform = ike
11/01/06 19:48:49 ii : - cipher type = 3des
11/01/06 19:48:49 ii : - key length = default
11/01/06 19:48:49 ii : - hash type = sha1
11/01/06 19:48:49 ii : - dh group = modp-1024
11/01/06 19:48:49 ii : - auth type = xauth-initiator-psk
11/01/06 19:48:49 ii : - life seconds = 28800
11/01/06 19:48:49 ii : - life kbytes = 0
11/01/06 19:48:49 << : key exchange payload
11/01/06 19:48:49 << : nonce payload
11/01/06 19:48:49 << : identification payload
11/01/06 19:48:49 ii : phase1 id match ( natt prevents ip match )
11/01/06 19:48:49 ii : received = ipv4-host <MASKED>
11/01/06 19:48:49 << : hash payload
11/01/06 19:48:49 << : vendor id payload
11/01/06 19:48:49 ii : unknown vendor id ( 16 bytes )
11/01/06 19:48:49 0x : 09002689 dfd6b712 80a224de c33b81e5
11/01/06 19:48:49 << : vendor id payload
11/01/06 19:48:49 ii : peer is CISCO UNITY compatible
11/01/06 19:48:49 << : vendor id payload
11/01/06 19:48:49 ii : peer is IPSEC-TOOLS compatible
11/01/06 19:48:49 << : vendor id payload
11/01/06 19:48:49 ii : peer supports nat-t ( draft v02 )
11/01/06 19:48:49 << : nat discovery payload
11/01/06 19:48:49 << : nat discovery payload
11/01/06 19:48:49 << : vendor id payload
11/01/06 19:48:49 ii : peer supports DPDv1
11/01/06 19:48:49 ii : nat discovery - local address is translated
11/01/06 19:48:49 ii : switching to src nat-t udp port 4500
11/01/06 19:48:49 ii : switching to dst nat-t udp port 4500
11/01/06 19:48:49 == : DH shared secret ( 128 bytes )
11/01/06 19:48:49 == : SETKEYID ( 20 bytes )
11/01/06 19:48:49 == : SETKEYID_d ( 20 bytes )
11/01/06 19:48:49 == : SETKEYID_a ( 20 bytes )
11/01/06 19:48:49 == : SETKEYID_e ( 20 bytes )
11/01/06 19:48:49 == : cipher key ( 40 bytes )
11/01/06 19:48:49 == : cipher iv ( 8 bytes )
11/01/06 19:48:49 == : phase1 hash_i ( computed ) ( 20 bytes )
11/01/06 19:48:49 >> : hash payload
11/01/06 19:48:49 >> : nat discovery payload
11/01/06 19:48:49 >> : nat discovery payload
11/01/06 19:48:49 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:49 >= : message 00000000
11/01/06 19:48:49 >= : encrypt iv ( 8 bytes )
11/01/06 19:48:49 == : encrypt packet ( 100 bytes )
11/01/06 19:48:49 == : stored iv ( 8 bytes )
11/01/06 19:48:49 DB : phase1 resend event canceled ( ref count = 1 )
11/01/06 19:48:49 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 132 bytes )
11/01/06 19:48:49 == : phase1 hash_r ( computed ) ( 20 bytes )
11/01/06 19:48:49 == : phase1 hash_r ( received ) ( 20 bytes )
11/01/06 19:48:49 ii : phase1 sa established
11/01/06 19:48:49 ii : <MASKED>:4500 <-> 10.0.0.18:4500
11/01/06 19:48:49 ii : 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:49 ii : sending peer INITIAL-CONTACT notification
11/01/06 19:48:49 ii : - 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:48:49 ii : - isakmp spi = 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:49 ii : - data size 0
11/01/06 19:48:49 >> : hash payload
11/01/06 19:48:49 >> : notification payload
11/01/06 19:48:49 == : new informational hash ( 20 bytes )
11/01/06 19:48:49 == : new informational iv ( 8 bytes )
11/01/06 19:48:49 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:49 >= : message 5cf156d4
11/01/06 19:48:49 >= : encrypt iv ( 8 bytes )
11/01/06 19:48:49 == : encrypt packet ( 80 bytes )
11/01/06 19:48:49 == : stored iv ( 8 bytes )
11/01/06 19:48:49 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 116 bytes )
11/01/06 19:48:49 DB : phase2 not found
11/01/06 19:48:50 <- : recv NAT-T:IKE packet <MASKED>:4500 -> 10.0.0.18:4500 ( 76 bytes )
11/01/06 19:48:50 DB : phase1 found
11/01/06 19:48:50 ii : processing config packet ( 76 bytes )
11/01/06 19:48:50 DB : config not found
11/01/06 19:48:50 DB : config added ( obj count = 1 )
11/01/06 19:48:50 == : new config iv ( 8 bytes )
11/01/06 19:48:50 =< : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 =< : message a0161d16
11/01/06 19:48:50 =< : decrypt iv ( 8 bytes )
11/01/06 19:48:50 == : decrypt packet ( 76 bytes )
11/01/06 19:48:50 <= : trimmed packet padding ( 4 bytes )
11/01/06 19:48:50 <= : stored iv ( 8 bytes )
11/01/06 19:48:50 << : hash payload
11/01/06 19:48:50 << : attribute payload
11/01/06 19:48:50 == : configure hash_i ( computed ) ( 20 bytes )
11/01/06 19:48:50 == : configure hash_c ( computed ) ( 20 bytes )
11/01/06 19:48:50 ii : configure hash verified
11/01/06 19:48:50 ii : - xauth authentication type
11/01/06 19:48:50 ii : - xauth username
11/01/06 19:48:50 ii : - xauth password
11/01/06 19:48:50 ii : received basic xauth request - 
11/01/06 19:48:50 ii : - standard xauth username
11/01/06 19:48:50 ii : - standard xauth password
11/01/06 19:48:50 ii : sending xauth response for necb
11/01/06 19:48:50 >> : hash payload
11/01/06 19:48:50 >> : attribute payload
11/01/06 19:48:50 == : new configure hash ( 20 bytes )
11/01/06 19:48:50 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 >= : message a0161d16
11/01/06 19:48:50 >= : encrypt iv ( 8 bytes )
11/01/06 19:48:50 == : encrypt packet ( 80 bytes )
11/01/06 19:48:50 == : stored iv ( 8 bytes )
11/01/06 19:48:50 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 116 bytes )
11/01/06 19:48:50 DB : config resend event scheduled ( ref count = 2 )
11/01/06 19:48:50 <- : recv NAT-T:IKE packet <MASKED>:4500 -> 10.0.0.18:4500 ( 68 bytes )
11/01/06 19:48:50 DB : phase1 found
11/01/06 19:48:50 ii : processing config packet ( 68 bytes )
11/01/06 19:48:50 DB : config found
11/01/06 19:48:50 == : new config iv ( 8 bytes )
11/01/06 19:48:50 =< : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 =< : message a8ee1ec7
11/01/06 19:48:50 =< : decrypt iv ( 8 bytes )
11/01/06 19:48:50 == : decrypt packet ( 68 bytes )
11/01/06 19:48:50 <= : trimmed packet padding ( 4 bytes )
11/01/06 19:48:50 <= : stored iv ( 8 bytes )
11/01/06 19:48:50 << : hash payload
11/01/06 19:48:50 << : attribute payload
11/01/06 19:48:50 == : configure hash_i ( computed ) ( 20 bytes )
11/01/06 19:48:50 == : configure hash_c ( computed ) ( 20 bytes )
11/01/06 19:48:50 ii : configure hash verified
11/01/06 19:48:50 ii : received xauth result - 
11/01/06 19:48:50 ii : user necb authentication succeeded
11/01/06 19:48:50 ii : sending xauth acknowledge
11/01/06 19:48:50 >> : hash payload
11/01/06 19:48:50 >> : attribute payload
11/01/06 19:48:50 == : new configure hash ( 20 bytes )
11/01/06 19:48:50 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 >= : message a8ee1ec7
11/01/06 19:48:50 >= : encrypt iv ( 8 bytes )
11/01/06 19:48:50 == : encrypt packet ( 60 bytes )
11/01/06 19:48:50 == : stored iv ( 8 bytes )
11/01/06 19:48:50 DB : config resend event canceled ( ref count = 1 )
11/01/06 19:48:50 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 92 bytes )
11/01/06 19:48:50 DB : config resend event scheduled ( ref count = 2 )
11/01/06 19:48:50 ii : building config attribute list
11/01/06 19:48:50 ii : - IP4 DNS Server
11/01/06 19:48:50 ii : - IP4 WINS Server
11/01/06 19:48:50 ii : - DNS Suffix
11/01/06 19:48:50 ii : - Split DNS Domain
11/01/06 19:48:50 ii : - Save Password
11/01/06 19:48:50 ii : - CISCO UDP Port
11/01/06 19:48:50 ii : - Application Version = Cisco Systems VPN Client 4.8.01.0300:WinNT
11/01/06 19:48:50 ii : - Firewall Type = CISCO-UNKNOWN
11/01/06 19:48:50 == : new config iv ( 8 bytes )
11/01/06 19:48:50 ii : sending config pull request
11/01/06 19:48:50 >> : hash payload
11/01/06 19:48:50 >> : attribute payload
11/01/06 19:48:50 == : new configure hash ( 20 bytes )
11/01/06 19:48:50 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 >= : message 91292891
11/01/06 19:48:50 >= : encrypt iv ( 8 bytes )
11/01/06 19:48:50 == : encrypt packet ( 146 bytes )
11/01/06 19:48:50 == : stored iv ( 8 bytes )
11/01/06 19:48:50 DB : config resend event canceled ( ref count = 1 )
11/01/06 19:48:50 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 180 bytes )
11/01/06 19:48:50 DB : config resend event scheduled ( ref count = 2 )
11/01/06 19:48:50 <- : recv NAT-T:IKE packet <MASKED>:4500 -> 10.0.0.18:4500 ( 140 bytes )
11/01/06 19:48:50 DB : phase1 found
11/01/06 19:48:50 ii : processing config packet ( 140 bytes )
11/01/06 19:48:50 DB : config found
11/01/06 19:48:50 =< : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 =< : message 91292891
11/01/06 19:48:50 =< : decrypt iv ( 8 bytes )
11/01/06 19:48:50 == : decrypt packet ( 140 bytes )
11/01/06 19:48:50 <= : trimmed packet padding ( 5 bytes )
11/01/06 19:48:50 <= : stored iv ( 8 bytes )
11/01/06 19:48:50 << : hash payload
11/01/06 19:48:50 << : attribute payload
11/01/06 19:48:50 == : configure hash_i ( computed ) ( 20 bytes )
11/01/06 19:48:50 == : configure hash_c ( computed ) ( 20 bytes )
11/01/06 19:48:50 ii : configure hash verified
11/01/06 19:48:50 ii : received config pull response
11/01/06 19:48:50 ii : - IP4 DNS Server = 192.168.1.1
11/01/06 19:48:50 ii : - IP4 WINS Server = 192.168.1.1
11/01/06 19:48:50 ii : - Save Password = 0
11/01/06 19:48:50 ii : - Application Version = KAME/racoon + Hybrid auth Patches <manu at netbsd.org>
11/01/06 19:48:50 DB : config resend event canceled ( ref count = 1 )
11/01/06 19:48:50 ii : generating IPSEC security policies at UNIQUE level
11/01/06 19:48:50 ii : creating NONE INBOUND policy ANY:<MASKED>:* -> ANY:10.0.0.18:*
11/01/06 19:48:50 DB : policy added ( obj count = 1 )
11/01/06 19:48:50 K> : send pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 ii : creating NONE OUTBOUND policy ANY:10.0.0.18:* -> ANY:<MASKED>:*
11/01/06 19:48:50 K< : recv pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 DB : policy found
11/01/06 19:48:50 ii : created NONE policy route for <MASKED>/32
11/01/06 19:48:50 DB : policy added ( obj count = 2 )
11/01/06 19:48:50 K> : send pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 K< : recv pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 DB : policy found
11/01/06 19:48:50 ii : creating NONE INBOUND policy ANY:10.0.0.1:* -> ANY:10.0.0.18:*
11/01/06 19:48:50 DB : policy added ( obj count = 3 )
11/01/06 19:48:50 K> : send pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 ii : creating NONE OUTBOUND policy ANY:10.0.0.18:* -> ANY:10.0.0.1:*
11/01/06 19:48:50 DB : policy added ( obj count = 4 )
11/01/06 19:48:50 K> : send pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 ii : creating IPSEC INBOUND policy ANY:192.168.1.0/24:* -> ANY:10.0.0.18:*
11/01/06 19:48:50 DB : policy added ( obj count = 5 )
11/01/06 19:48:50 K> : send pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 ii : creating IPSEC OUTBOUND policy ANY:10.0.0.18:* -> ANY:192.168.1.0/24:*
11/01/06 19:48:50 K< : recv pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 DB : policy found
11/01/06 19:48:50 ii : created IPSEC policy route for 192.168.1.0/24
11/01/06 19:48:50 DB : policy added ( obj count = 6 )
11/01/06 19:48:50 K> : send pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 ii : split DNS is disabled
11/01/06 19:48:50 K< : recv pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 DB : policy found
11/01/06 19:48:50 K< : recv pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 DB : policy found
11/01/06 19:48:50 K< : recv pfkey X_SPDADD UNSPEC message
11/01/06 19:48:50 DB : policy found
11/01/06 19:48:50 ii : calling init phase2 for initial policy
11/01/06 19:48:50 DB : policy found
11/01/06 19:48:50 DB : policy found
11/01/06 19:48:50 DB : tunnel found
11/01/06 19:48:50 DB : new phase2 ( IPSEC initiator )
11/01/06 19:48:50 DB : phase2 added ( obj count = 1 )
11/01/06 19:48:50 K> : send pfkey GETSPI ESP message
11/01/06 19:48:50 K< : recv pfkey GETSPI ESP message
11/01/06 19:48:50 DB : phase2 found
11/01/06 19:48:50 ii : updated spi for 1 ipsec-esp proposal
11/01/06 19:48:50 DB : phase1 found
11/01/06 19:48:50 >> : hash payload
11/01/06 19:48:50 >> : security association payload
11/01/06 19:48:50 >> : - proposal #1 payload 
11/01/06 19:48:50 >> : -- transform #1 payload 
11/01/06 19:48:50 >> : nonce payload
11/01/06 19:48:50 >> : key exchange payload
11/01/06 19:48:50 >> : identification payload
11/01/06 19:48:50 >> : identification payload
11/01/06 19:48:50 == : phase2 hash_i ( input ) ( 244 bytes )
11/01/06 19:48:50 == : phase2 hash_i ( computed ) ( 20 bytes )
11/01/06 19:48:50 == : new phase2 iv ( 8 bytes )
11/01/06 19:48:50 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 >= : message f0b6f607
11/01/06 19:48:50 >= : encrypt iv ( 8 bytes )
11/01/06 19:48:50 == : encrypt packet ( 292 bytes )
11/01/06 19:48:50 == : stored iv ( 8 bytes )
11/01/06 19:48:50 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 324 bytes )
11/01/06 19:48:50 DB : phase2 resend event scheduled ( ref count = 2 )
11/01/06 19:48:50 K< : recv pfkey ACQUIRE UNSPEC message
11/01/06 19:48:50 DB : policy found
11/01/06 19:48:50 DB : policy found
11/01/06 19:48:50 DB : tunnel found
11/01/06 19:48:50 DB : new phase2 ( IPSEC initiator )
11/01/06 19:48:50 DB : phase2 added ( obj count = 2 )
11/01/06 19:48:50 K> : send pfkey GETSPI ESP message
11/01/06 19:48:50 K< : recv pfkey GETSPI ESP message
11/01/06 19:48:50 DB : phase2 found
11/01/06 19:48:50 ii : updated spi for 1 ipsec-esp proposal
11/01/06 19:48:50 DB : phase1 found
11/01/06 19:48:50 >> : hash payload
11/01/06 19:48:50 >> : security association payload
11/01/06 19:48:50 >> : - proposal #1 payload 
11/01/06 19:48:50 >> : -- transform #1 payload 
11/01/06 19:48:50 >> : nonce payload
11/01/06 19:48:50 >> : key exchange payload
11/01/06 19:48:50 >> : identification payload
11/01/06 19:48:50 >> : identification payload
11/01/06 19:48:50 == : phase2 hash_i ( input ) ( 244 bytes )
11/01/06 19:48:50 == : phase2 hash_i ( computed ) ( 20 bytes )
11/01/06 19:48:50 == : new phase2 iv ( 8 bytes )
11/01/06 19:48:50 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:48:50 >= : message f1021745
11/01/06 19:48:50 >= : encrypt iv ( 8 bytes )
11/01/06 19:48:50 == : encrypt packet ( 292 bytes )
11/01/06 19:48:50 == : stored iv ( 8 bytes )
11/01/06 19:48:50 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 324 bytes )
11/01/06 19:48:50 DB : phase2 resend event scheduled ( ref count = 2 )
11/01/06 19:48:50 <- : recv NAT-T:IKE packet <MASKED>:4500 -> 10.0.0.18:4500 ( 116 bytes )
11/01/06 19:48:50 DB : phase1 found
11/01/06 19:48:50 ii : processing config packet ( 116 bytes )
11/01/06 19:48:50 DB : config found
11/01/06 19:48:50 == : new config iv ( 8 bytes )
11/01/06 19:48:50 !! : config packet ignored ( config already mature )
11/01/06 19:48:55 -> : resend 1 phase2 packet(s) [0/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:48:55 -> : resend 1 phase2 packet(s) [0/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:00 -> : resend 1 phase2 packet(s) [1/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:00 -> : resend 1 phase2 packet(s) [1/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:04 DB : phase1 found
11/01/06 19:49:04 -> : send NAT-T:KEEP-ALIVE packet 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:05 -> : resend 1 phase2 packet(s) [2/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:05 -> : resend 1 phase2 packet(s) [2/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:06 K< : recv pfkey ACQUIRE UNSPEC message
11/01/06 19:49:06 DB : policy found
11/01/06 19:49:06 DB : policy found
11/01/06 19:49:06 DB : tunnel found
11/01/06 19:49:06 DB : new phase2 ( IPSEC initiator )
11/01/06 19:49:06 DB : phase2 added ( obj count = 3 )
11/01/06 19:49:06 K> : send pfkey GETSPI ESP message
11/01/06 19:49:06 K< : recv pfkey GETSPI ESP message
11/01/06 19:49:06 DB : phase2 found
11/01/06 19:49:06 ii : updated spi for 1 ipsec-esp proposal
11/01/06 19:49:06 DB : phase1 found
11/01/06 19:49:06 >> : hash payload
11/01/06 19:49:06 >> : security association payload
11/01/06 19:49:06 >> : - proposal #1 payload 
11/01/06 19:49:06 >> : -- transform #1 payload 
11/01/06 19:49:06 >> : nonce payload
11/01/06 19:49:06 >> : key exchange payload
11/01/06 19:49:06 >> : identification payload
11/01/06 19:49:06 >> : identification payload
11/01/06 19:49:06 == : phase2 hash_i ( input ) ( 244 bytes )
11/01/06 19:49:06 == : phase2 hash_i ( computed ) ( 20 bytes )
11/01/06 19:49:06 == : new phase2 iv ( 8 bytes )
11/01/06 19:49:06 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:49:06 >= : message 381105b4
11/01/06 19:49:06 >= : encrypt iv ( 8 bytes )
11/01/06 19:49:06 == : encrypt packet ( 292 bytes )
11/01/06 19:49:06 == : stored iv ( 8 bytes )
11/01/06 19:49:06 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 324 bytes )
11/01/06 19:49:06 DB : phase2 resend event scheduled ( ref count = 2 )
11/01/06 19:49:10 ii : resend limit exceeded for phase2 exchange
11/01/06 19:49:10 ii : phase2 removal before expire time
11/01/06 19:49:10 DB : phase2 deleted ( obj count = 2 )
11/01/06 19:49:10 ii : resend limit exceeded for phase2 exchange
11/01/06 19:49:10 ii : phase2 removal before expire time
11/01/06 19:49:10 DB : phase2 deleted ( obj count = 1 )
11/01/06 19:49:11 -> : resend 1 phase2 packet(s) [0/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:16 -> : resend 1 phase2 packet(s) [1/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:19 DB : phase1 found
11/01/06 19:49:19 -> : send NAT-T:KEEP-ALIVE packet 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:21 -> : resend 1 phase2 packet(s) [2/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:22 K< : recv pfkey ACQUIRE UNSPEC message
11/01/06 19:49:22 DB : policy found
11/01/06 19:49:22 DB : policy found
11/01/06 19:49:22 DB : tunnel found
11/01/06 19:49:22 DB : new phase2 ( IPSEC initiator )
11/01/06 19:49:22 DB : phase2 added ( obj count = 2 )
11/01/06 19:49:22 K> : send pfkey GETSPI ESP message
11/01/06 19:49:22 K< : recv pfkey GETSPI ESP message
11/01/06 19:49:22 DB : phase2 found
11/01/06 19:49:22 ii : updated spi for 1 ipsec-esp proposal
11/01/06 19:49:22 DB : phase1 found
11/01/06 19:49:22 >> : hash payload
11/01/06 19:49:22 >> : security association payload
11/01/06 19:49:22 >> : - proposal #1 payload 
11/01/06 19:49:22 >> : -- transform #1 payload 
11/01/06 19:49:22 >> : nonce payload
11/01/06 19:49:22 >> : key exchange payload
11/01/06 19:49:22 >> : identification payload
11/01/06 19:49:22 >> : identification payload
11/01/06 19:49:22 == : phase2 hash_i ( input ) ( 244 bytes )
11/01/06 19:49:22 == : phase2 hash_i ( computed ) ( 20 bytes )
11/01/06 19:49:22 == : new phase2 iv ( 8 bytes )
11/01/06 19:49:22 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:49:22 >= : message 7b538387
11/01/06 19:49:22 >= : encrypt iv ( 8 bytes )
11/01/06 19:49:22 == : encrypt packet ( 292 bytes )
11/01/06 19:49:22 == : stored iv ( 8 bytes )
11/01/06 19:49:22 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 324 bytes )
11/01/06 19:49:22 DB : phase2 resend event scheduled ( ref count = 2 )
11/01/06 19:49:26 ii : resend limit exceeded for phase2 exchange
11/01/06 19:49:26 ii : phase2 removal before expire time
11/01/06 19:49:26 DB : phase2 deleted ( obj count = 1 )
11/01/06 19:49:27 -> : resend 1 phase2 packet(s) [0/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:32 -> : resend 1 phase2 packet(s) [1/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:35 DB : phase1 found
11/01/06 19:49:35 -> : send NAT-T:KEEP-ALIVE packet 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:37 -> : resend 1 phase2 packet(s) [2/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:49:42 ii : resend limit exceeded for phase2 exchange
11/01/06 19:49:42 ii : phase2 removal before expire time
11/01/06 19:49:42 DB : phase2 deleted ( obj count = 0 )
11/01/06 19:49:50 DB : phase1 found
11/01/06 19:49:50 -> : send NAT-T:KEEP-ALIVE packet 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:50:00 K< : recv pfkey ACQUIRE UNSPEC message
11/01/06 19:50:00 DB : policy found
11/01/06 19:50:00 DB : policy found
11/01/06 19:50:00 DB : tunnel found
11/01/06 19:50:00 DB : new phase2 ( IPSEC initiator )
11/01/06 19:50:00 DB : phase2 added ( obj count = 1 )
11/01/06 19:50:00 K> : send pfkey GETSPI ESP message
11/01/06 19:50:00 K< : recv pfkey GETSPI ESP message
11/01/06 19:50:00 DB : phase2 found
11/01/06 19:50:00 ii : updated spi for 1 ipsec-esp proposal
11/01/06 19:50:00 DB : phase1 found
11/01/06 19:50:00 >> : hash payload
11/01/06 19:50:00 >> : security association payload
11/01/06 19:50:00 >> : - proposal #1 payload 
11/01/06 19:50:00 >> : -- transform #1 payload 
11/01/06 19:50:00 >> : nonce payload
11/01/06 19:50:00 >> : key exchange payload
11/01/06 19:50:00 >> : identification payload
11/01/06 19:50:00 >> : identification payload
11/01/06 19:50:00 == : phase2 hash_i ( input ) ( 244 bytes )
11/01/06 19:50:00 == : phase2 hash_i ( computed ) ( 20 bytes )
11/01/06 19:50:00 == : new phase2 iv ( 8 bytes )
11/01/06 19:50:00 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:50:00 >= : message e939c2d8
11/01/06 19:50:00 >= : encrypt iv ( 8 bytes )
11/01/06 19:50:00 == : encrypt packet ( 292 bytes )
11/01/06 19:50:00 == : stored iv ( 8 bytes )
11/01/06 19:50:00 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 324 bytes )
11/01/06 19:50:00 DB : phase2 resend event scheduled ( ref count = 2 )
11/01/06 19:50:05 DB : phase1 found
11/01/06 19:50:05 -> : send NAT-T:KEEP-ALIVE packet 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:50:05 -> : resend 1 phase2 packet(s) [0/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:50:10 -> : resend 1 phase2 packet(s) [1/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:50:15 -> : resend 1 phase2 packet(s) [2/2] 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:50:20 DB : phase1 found
11/01/06 19:50:20 -> : send NAT-T:KEEP-ALIVE packet 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:50:20 ii : resend limit exceeded for phase2 exchange
11/01/06 19:50:20 ii : phase2 removal before expire time
11/01/06 19:50:20 DB : phase2 deleted ( obj count = 0 )
11/01/06 19:50:20 <A : peer tunnel disable message
11/01/06 19:50:20 DB : policy found
11/01/06 19:50:20 ii : removing IPSEC INBOUND policy ANY:192.168.1.0/24:* -> ANY:10.0.0.18:*
11/01/06 19:50:20 K> : send pfkey X_SPDDELETE2 UNSPEC message
11/01/06 19:50:20 DB : policy found
11/01/06 19:50:20 ii : removing IPSEC OUTBOUND policy ANY:10.0.0.18:* -> ANY:192.168.1.0/24:*
11/01/06 19:50:20 K> : send pfkey X_SPDDELETE2 UNSPEC message
11/01/06 19:50:20 K< : recv pfkey X_SPDDELETE2 UNSPEC message
11/01/06 19:50:20 ii : removed IPSEC policy route for ANY:192.168.1.0/24:*
11/01/06 19:50:20 DB : policy found
11/01/06 19:50:20 ii : removing NONE INBOUND policy ANY:<MASKED>:* -> ANY:10.0.0.18:*
11/01/06 19:50:20 K> : send pfkey X_SPDDELETE2 UNSPEC message
11/01/06 19:50:20 DB : policy found
11/01/06 19:50:20 ii : removing NONE OUTBOUND policy ANY:10.0.0.18:* -> ANY:<MASKED>:*
11/01/06 19:50:20 K> : send pfkey X_SPDDELETE2 UNSPEC message
11/01/06 19:50:20 ii : removed NONE policy route for ANY:<MASKED>:*
11/01/06 19:50:20 DB : policy found
11/01/06 19:50:20 ii : removing NONE INBOUND policy ANY:10.0.0.1:* -> ANY:10.0.0.18:*
11/01/06 19:50:20 K> : send pfkey X_SPDDELETE2 UNSPEC message
11/01/06 19:50:20 DB : policy found
11/01/06 19:50:20 ii : removing NONE OUTBOUND policy ANY:10.0.0.18:* -> ANY:10.0.0.1:*
11/01/06 19:50:20 K> : send pfkey X_SPDDELETE2 UNSPEC message
11/01/06 19:50:20 DB : policy found
11/01/06 19:50:20 DB : policy deleted ( obj count = 5 )
11/01/06 19:50:20 K< : recv pfkey X_SPDDELETE2 UNSPEC message
11/01/06 19:50:20 DB : policy found
11/01/06 19:50:20 DB : policy deleted ( obj count = 4 )
11/01/06 19:50:20 K< : recv pfkey X_SPDDELETE2 UNSPEC message
11/01/06 19:50:20 DB : policy found
11/01/06 19:50:20 DB : policy deleted ( obj count = 3 )
11/01/06 19:50:20 K< : recv pfkey X_SPDDELETE2 UNSPEC message
11/01/06 19:50:20 DB : policy found
11/01/06 19:50:20 DB : policy deleted ( obj count = 2 )
11/01/06 19:50:20 K< : recv pfkey X_SPDDELETE2 UNSPEC message
11/01/06 19:50:20 DB : policy found
11/01/06 19:50:20 DB : policy deleted ( obj count = 1 )
11/01/06 19:50:20 K< : recv pfkey X_SPDDELETE2 UNSPEC message
11/01/06 19:50:20 DB : policy found
11/01/06 19:50:20 DB : policy deleted ( obj count = 0 )
11/01/06 19:50:20 DB : tunnel natt event canceled ( ref count = 4 )
11/01/06 19:50:20 DB : tunnel stats event canceled ( ref count = 3 )
11/01/06 19:50:20 DB : removing tunnel config references
11/01/06 19:50:20 DB : config deleted ( obj count = 0 )
11/01/06 19:50:20 DB : removing tunnel phase2 references
11/01/06 19:50:20 DB : removing tunnel phase1 references
11/01/06 19:50:20 DB : phase1 soft event canceled ( ref count = 3 )
11/01/06 19:50:20 DB : phase1 hard event canceled ( ref count = 2 )
11/01/06 19:50:20 DB : phase1 dead event canceled ( ref count = 1 )
11/01/06 19:50:20 ii : sending peer DELETE message
11/01/06 19:50:20 ii : - 10.0.0.18:4500 -> <MASKED>:4500
11/01/06 19:50:20 ii : - isakmp spi = 31417c77dc540784:253a85e56b2aa247
11/01/06 19:50:20 ii : - data size 0
11/01/06 19:50:20 >> : hash payload
11/01/06 19:50:20 >> : delete payload
11/01/06 19:50:20 == : new informational hash ( 20 bytes )
11/01/06 19:50:20 == : new informational iv ( 8 bytes )
11/01/06 19:50:20 >= : cookies 31417c77dc540784:253a85e56b2aa247
11/01/06 19:50:20 >= : message 011dad21
11/01/06 19:50:20 >= : encrypt iv ( 8 bytes )
11/01/06 19:50:20 == : encrypt packet ( 80 bytes )
11/01/06 19:50:20 == : stored iv ( 8 bytes )
11/01/06 19:50:20 -> : send NAT-T:IKE packet 10.0.0.18:4500 -> <MASKED>:4500 ( 116 bytes )
11/01/06 19:50:20 ii : phase1 removal before expire time
11/01/06 19:50:20 DB : phase1 deleted ( obj count = 0 )
11/01/06 19:50:20 DB : tunnel deleted ( obj count = 0 )
11/01/06 19:50:20 DB : removing all peer tunnel refrences
11/01/06 19:50:20 DB : peer deleted ( obj count = 0 )
11/01/06 19:50:20 ii : ipc client process thread exit ...






-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20110106/01cc9087/attachment-0001.html>


More information about the vpn-help mailing list