[vpn-help] No packets going through Watchguard

Roper, Andrew aroper at bcsvoicedata.com
Wed Feb 8 09:40:40 CST 2012 

Mike,

It doesn't look like Phase 2 is being completed. Without Phase 2 negotiations completing you cannot build the tunnel. Check your Phase 2 proposals on the client and make sure they match with what the firewall is expecting.

Regards,
Andrew

From: vpn-help-bounces at lists.shrew.net [mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Mike Pacifico
Sent: Tuesday, February 07, 2012 12:56 AM
To: vpn-help at lists.shrew.net
Subject: [vpn-help] No packets going through Watchguard

Hello,

Just installed a watchguard XTM 510 4.2.1. Exported the the .vpn, imported the config file into the VPN client. According the the watchguard, I am authenticated as an client, or am I? No packets are being moved.

I apologize in advance if I'm overlooking the obvious, but it's been a very long day.

The following is the VPN trace:

12/02/06 21:37:52 ## : IKE Daemon, ver 2.1.7
12/02/06 21:37:52 ## : Copyright 2010 Shrew Soft Inc.
12/02/06 21:37:52 ## : This product linked OpenSSL 0.9.8h 28 May 2008
12/02/06 21:37:52 ii : opened 'C:\Program Files\ShrewSoft\VPN Client\debug\iked.log'
12/02/06 21:37:52 ii : rebuilding vnet device list ...
12/02/06 21:37:52 ii : device ROOT\VNET\0000 disabled
12/02/06 21:37:52 ii : network process thread begin ...
12/02/06 21:37:52 ii : pfkey process thread begin ...
12/02/06 21:37:52 ii : ipc server process thread begin ...
12/02/06 21:38:33 ii : ipc client process thread begin ...
12/02/06 21:38:33 <A : peer config add message
12/02/06 21:38:33 DB : peer ref increment ( ref count = 1, obj count = 0 )
12/02/06 21:38:33 DB : peer added ( obj count = 1 )
12/02/06 21:38:33 ii : local address 192.168.1.6 selected for peer
12/02/06 21:38:33 DB : peer ref increment ( ref count = 2, obj count = 1 )
12/02/06 21:38:33 DB : tunnel ref increment ( ref count = 1, obj count = 0 )
12/02/06 21:38:33 DB : tunnel added ( obj count = 1 )
12/02/06 21:38:33 <A : proposal config message
12/02/06 21:38:33 <A : proposal config message
12/02/06 21:38:33 <A : client config message
12/02/06 21:38:33 <A : xauth username message
12/02/06 21:38:33 <A : xauth password message
12/02/06 21:38:33 <A : local id '<user>_VPN' message
12/02/06 21:38:33 <A : preshared key message
12/02/06 21:38:33 <A : peer tunnel enable message
12/02/06 21:38:33 DB : tunnel ref increment ( ref count = 2, obj count = 1 )
12/02/06 21:38:33 DB : new phase1 ( ISAKMP initiator )
12/02/06 21:38:33 DB : exchange type is aggressive
12/02/06 21:38:33 DB : 192.168.1.6:500<http://192.168.1.6:500> <-> xx.xx.xx.xx:500
12/02/06 21:38:33 DB : f88412956c4b60da:0000000000000000
12/02/06 21:38:33 DB : phase1 ref increment ( ref count = 1, obj count = 0 )
12/02/06 21:38:33 DB : phase1 added ( obj count = 1 )
12/02/06 21:38:33 >> : security association payload
12/02/06 21:38:33 >> : - proposal #1 payload
12/02/06 21:38:33 >> : -- transform #1 payload
12/02/06 21:38:33 >> : key exchange payload
12/02/06 21:38:33 >> : nonce payload
12/02/06 21:38:33 >> : identification payload
12/02/06 21:38:33 >> : vendor id payload
12/02/06 21:38:33 ii : local supports XAUTH
12/02/06 21:38:33 >> : vendor id payload
12/02/06 21:38:33 ii : local supports nat-t ( draft v00 )
12/02/06 21:38:33 >> : vendor id payload
12/02/06 21:38:33 ii : local supports nat-t ( draft v01 )
12/02/06 21:38:33 >> : vendor id payload
12/02/06 21:38:33 ii : local supports nat-t ( draft v02 )
12/02/06 21:38:33 >> : vendor id payload
12/02/06 21:38:33 ii : local supports nat-t ( draft v03 )
12/02/06 21:38:33 >> : vendor id payload
12/02/06 21:38:33 ii : local supports nat-t ( rfc )
12/02/06 21:38:33 >> : vendor id payload
12/02/06 21:38:33 ii : local supports DPDv1
12/02/06 21:38:33 >> : vendor id payload
12/02/06 21:38:33 ii : local is SHREW SOFT compatible
12/02/06 21:38:33 >> : vendor id payload
12/02/06 21:38:33 ii : local is NETSCREEN compatible
12/02/06 21:38:33 >> : vendor id payload
12/02/06 21:38:33 ii : local is SIDEWINDER compatible
12/02/06 21:38:33 >> : vendor id payload
12/02/06 21:38:33 ii : local is CISCO UNITY compatible
12/02/06 21:38:33 >= : cookies f88412956c4b60da:0000000000000000
12/02/06 21:38:33 >= : message 00000000
12/02/06 21:38:33 -> : send IKE packet 192.168.1.6:500<http://192.168.1.6:500> -> xx.xx.xx.xx:500 ( 468 bytes )
12/02/06 21:38:33 DB : phase1 resend event scheduled ( ref count = 2 )
12/02/06 21:38:33 DB : phase1 ref decrement ( ref count = 1, obj count = 1 )
12/02/06 21:38:33 DB : tunnel ref increment ( ref count = 3, obj count = 1 )
12/02/06 21:38:34 <- : recv IKE packet xx.xx.xx.xx:500 -> 192.168.1.6:500<http://192.168.1.6:500> ( 320 bytes )
12/02/06 21:38:34 DB : phase1 found
12/02/06 21:38:34 DB : phase1 ref increment ( ref count = 2, obj count = 1 )
12/02/06 21:38:34 ii : processing phase1 packet ( 320 bytes )
12/02/06 21:38:34 =< : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:34 =< : message 00000000
12/02/06 21:38:34 << : security association payload
12/02/06 21:38:34 << : - propsal #1 payload
12/02/06 21:38:34 << : -- transform #1 payload
12/02/06 21:38:34 ii : matched isakmp proposal #1 transform #1
12/02/06 21:38:34 ii : - transform    = ike
12/02/06 21:38:34 ii : - cipher type  = 3des
12/02/06 21:38:34 ii : - key length   = default
12/02/06 21:38:34 ii : - hash type    = sha1
12/02/06 21:38:34 ii : - dh group     = modp-768
12/02/06 21:38:34 ii : - auth type    = xauth-initiator-psk
12/02/06 21:38:34 ii : - life seconds = 86400
12/02/06 21:38:34 ii : - life kbytes  = 0
12/02/06 21:38:34 << : key exchange payload
12/02/06 21:38:34 << : nonce payload
12/02/06 21:38:34 << : identification payload
12/02/06 21:38:34 ii : phase1 id target is any
12/02/06 21:38:34 ii : phase1 id match
12/02/06 21:38:34 ii : received = ipv4-host xx.xx.xx.xx
12/02/06 21:38:34 << : vendor id payload
12/02/06 21:38:34 ii : peer supports DPDv1
12/02/06 21:38:34 << : vendor id payload
12/02/06 21:38:34 ii : peer supports nat-t ( draft v02 )
12/02/06 21:38:34 << : nat discovery payload
12/02/06 21:38:34 << : nat discovery payload
12/02/06 21:38:34 << : hash payload
12/02/06 21:38:34 ii : nat discovery - local address is translated
12/02/06 21:38:34 ii : switching to src nat-t udp port 4500
12/02/06 21:38:34 ii : switching to dst nat-t udp port 4500
12/02/06 21:38:34 == : DH shared secret ( 96 bytes )
12/02/06 21:38:34 == : SETKEYID ( 20 bytes )
12/02/06 21:38:34 == : SETKEYID_d ( 20 bytes )
12/02/06 21:38:34 == : SETKEYID_a ( 20 bytes )
12/02/06 21:38:34 == : SETKEYID_e ( 20 bytes )
12/02/06 21:38:34 == : cipher key ( 40 bytes )
12/02/06 21:38:34 == : cipher iv ( 8 bytes )
12/02/06 21:38:34 == : phase1 hash_i ( computed ) ( 20 bytes )
12/02/06 21:38:34 >> : hash payload
12/02/06 21:38:34 >> : nat discovery payload
12/02/06 21:38:34 >> : nat discovery payload
12/02/06 21:38:34 >= : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:34 >= : message 00000000
12/02/06 21:38:34 >= : encrypt iv ( 8 bytes )
12/02/06 21:38:34 == : encrypt packet ( 100 bytes )
12/02/06 21:38:34 == : stored iv ( 8 bytes )
12/02/06 21:38:34 DB : phase1 resend event canceled ( ref count = 1 )
12/02/06 21:38:34 -> : send NAT-T:IKE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx4500 ( 132 bytes )
12/02/06 21:38:34 == : phase1 hash_r ( computed ) ( 20 bytes )
12/02/06 21:38:34 == : phase1 hash_r ( received ) ( 20 bytes )
12/02/06 21:38:34 ii : phase1 sa established
12/02/06 21:38:34 ii : xx.xx.xx.xx:4500 <-> 192.168.1.6:4500<http://192.168.1.6:4500>
12/02/06 21:38:34 ii : f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:34 ii : sending peer INITIAL-CONTACT notification
12/02/06 21:38:34 ii : - 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:38:34 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:34 ii : - data size 0
12/02/06 21:38:34 >> : hash payload
12/02/06 21:38:34 >> : notification payload
12/02/06 21:38:34 == : new informational hash ( 20 bytes )
12/02/06 21:38:34 == : new informational iv ( 8 bytes )
12/02/06 21:38:34 >= : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:34 >= : message f653a002
12/02/06 21:38:34 >= : encrypt iv ( 8 bytes )
12/02/06 21:38:34 == : encrypt packet ( 80 bytes )
12/02/06 21:38:34 == : stored iv ( 8 bytes )
12/02/06 21:38:34 -> : send NAT-T:IKE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500 ( 116 bytes )
12/02/06 21:38:34 DB : tunnel ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:38:34 DB : tunnel ref increment ( ref count = 5, obj count = 1 )
12/02/06 21:38:34 DB : phase1 ref increment ( ref count = 2, obj count = 1 )
12/02/06 21:38:34 DB : phase1 ref increment ( ref count = 3, obj count = 1 )
12/02/06 21:38:34 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:38:34 DB : phase2 not found
12/02/06 21:38:34 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:38:34 <- : recv NAT-T:IKE packet xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500> ( 116 bytes )
12/02/06 21:38:34 DB : phase1 found
12/02/06 21:38:34 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:38:34 ii : processing config packet ( 116 bytes )
12/02/06 21:38:34 DB : config not found
12/02/06 21:38:34 DB : tunnel ref increment ( ref count = 6, obj count = 1 )
12/02/06 21:38:34 DB : config ref increment ( ref count = 1, obj count = 0 )
12/02/06 21:38:34 DB : config added ( obj count = 1 )
12/02/06 21:38:34 == : new config iv ( 8 bytes )
12/02/06 21:38:34 =< : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:34 =< : message 84d14434
12/02/06 21:38:34 =< : decrypt iv ( 8 bytes )
12/02/06 21:38:34 == : decrypt packet ( 116 bytes )
12/02/06 21:38:34 <= : trimmed packet padding ( 2 bytes )
12/02/06 21:38:34 <= : stored iv ( 8 bytes )
12/02/06 21:38:34 << : hash payload
12/02/06 21:38:34 << : attribute payload
12/02/06 21:38:34 == : configure hash_i ( computed ) ( 20 bytes )
12/02/06 21:38:34 == : configure hash_c ( computed ) ( 20 bytes )
12/02/06 21:38:34 ii : configure hash verified
12/02/06 21:38:34 ii : - xauth username
12/02/06 21:38:34 ii : - xauth password
12/02/06 21:38:34 ii : received basic xauth request - Please Enter Your User Name and Password :
12/02/06 21:38:34 ii : - standard xauth username
12/02/06 21:38:34 ii : - standard xauth password
12/02/06 21:38:34 ii : sending xauth response for <user-redacted>
12/02/06 21:38:34 >> : hash payload
12/02/06 21:38:34 >> : attribute payload
12/02/06 21:38:34 == : new configure hash ( 20 bytes )
12/02/06 21:38:34 >= : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:34 >= : message 84d14434
12/02/06 21:38:34 >= : encrypt iv ( 8 bytes )
12/02/06 21:38:34 == : encrypt packet ( 93 bytes )
12/02/06 21:38:34 == : stored iv ( 8 bytes )
12/02/06 21:38:34 -> : send NAT-T:IKE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500 ( 132 bytes )
12/02/06 21:38:34 DB : config resend event scheduled ( ref count = 2 )
12/02/06 21:38:34 DB : config ref decrement ( ref count = 1, obj count = 1 )
12/02/06 21:38:34 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:38:35 <- : recv NAT-T:IKE packet xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500> ( 100 bytes )
12/02/06 21:38:35 DB : phase1 found
12/02/06 21:38:35 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:38:35 ii : processing config packet ( 100 bytes )
12/02/06 21:38:35 DB : config found
12/02/06 21:38:35 DB : config ref increment ( ref count = 2, obj count = 1 )
12/02/06 21:38:35 =< : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:35 =< : message 84d14434
12/02/06 21:38:35 =< : decrypt iv ( 8 bytes )
12/02/06 21:38:35 == : decrypt packet ( 100 bytes )
12/02/06 21:38:35 <= : trimmed packet padding ( 4 bytes )
12/02/06 21:38:35 <= : stored iv ( 8 bytes )
12/02/06 21:38:35 << : hash payload
12/02/06 21:38:35 << : attribute payload
12/02/06 21:38:35 == : configure hash_i ( computed ) ( 20 bytes )
12/02/06 21:38:35 == : configure hash_c ( computed ) ( 20 bytes )
12/02/06 21:38:35 ii : configure hash verified
12/02/06 21:38:35 ii : received xauth result -
12/02/06 21:38:35 ii : user <user_redacted> authentication succeeded
12/02/06 21:38:35 ii : sending xauth acknowledge
12/02/06 21:38:35 >> : hash payload
12/02/06 21:38:35 >> : attribute payload
12/02/06 21:38:35 == : new configure hash ( 20 bytes )
12/02/06 21:38:35 >= : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:35 >= : message 84d14434
12/02/06 21:38:35 >= : encrypt iv ( 8 bytes )
12/02/06 21:38:35 == : encrypt packet ( 60 bytes )
12/02/06 21:38:35 == : stored iv ( 8 bytes )
12/02/06 21:38:35 DB : config resend event canceled ( ref count = 1 )
12/02/06 21:38:35 -> : send NAT-T:IKE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500 ( 92 bytes )
12/02/06 21:38:35 DB : config resend event scheduled ( ref count = 2 )
12/02/06 21:38:35 ii : building config attribute list
12/02/06 21:38:35 ii : - IP4 Address
12/02/06 21:38:35 ii : - Address Expiry
12/02/06 21:38:35 ii : - IP4 Netamask
12/02/06 21:38:35 ii : - IP4 DNS Server
12/02/06 21:38:35 ii : - IP4 WINS Server
12/02/06 21:38:35 ii : - IP4 Subnet
12/02/06 21:38:35 == : new config iv ( 8 bytes )
12/02/06 21:38:35 ii : sending config pull request
12/02/06 21:38:35 >> : hash payload
12/02/06 21:38:35 >> : attribute payload
12/02/06 21:38:35 == : new configure hash ( 20 bytes )
12/02/06 21:38:35 >= : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:35 >= : message 6a213b7c
12/02/06 21:38:35 >= : encrypt iv ( 8 bytes )
12/02/06 21:38:35 == : encrypt packet ( 84 bytes )
12/02/06 21:38:35 == : stored iv ( 8 bytes )
12/02/06 21:38:35 DB : config resend event canceled ( ref count = 1 )
12/02/06 21:38:35 -> : send NAT-T:IKE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500 ( 116 bytes )
12/02/06 21:38:35 DB : config resend event scheduled ( ref count = 2 )
12/02/06 21:38:35 DB : config ref decrement ( ref count = 1, obj count = 1 )
12/02/06 21:38:35 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:38:40 -> : resend 1 config packet(s) 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:38:45 -> : resend 1 config packet(s) 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:38:49 DB : phase1 found
12/02/06 21:38:49 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:38:49 ii : sending peer DPDV1-R-U-THERE notification
12/02/06 21:38:49 ii : - 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:38:49 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:49 ii : - data size 4
12/02/06 21:38:49 >> : hash payload
12/02/06 21:38:49 >> : notification payload
12/02/06 21:38:49 == : new informational hash ( 20 bytes )
12/02/06 21:38:49 == : new informational iv ( 8 bytes )
12/02/06 21:38:49 >= : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:49 >= : message 4fa00751
12/02/06 21:38:49 >= : encrypt iv ( 8 bytes )
12/02/06 21:38:49 == : encrypt packet ( 84 bytes )
12/02/06 21:38:49 == : stored iv ( 8 bytes )
12/02/06 21:38:49 -> : send NAT-T:IKE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500 ( 116 bytes )
12/02/06 21:38:49 ii : DPD ARE-YOU-THERE sequence 25f03682 requested
12/02/06 21:38:49 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:38:49 <- : recv NAT-T:IKE packet xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500> ( 84 bytes )
12/02/06 21:38:49 DB : phase1 found
12/02/06 21:38:49 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:38:49 ii : processing informational packet ( 84 bytes )
12/02/06 21:38:49 == : new informational iv ( 8 bytes )
12/02/06 21:38:49 =< : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:49 =< : message 87841a4f
12/02/06 21:38:49 =< : decrypt iv ( 8 bytes )
12/02/06 21:38:49 == : decrypt packet ( 84 bytes )
12/02/06 21:38:49 <= : stored iv ( 8 bytes )
12/02/06 21:38:49 << : hash payload
12/02/06 21:38:49 << : notification payload
12/02/06 21:38:49 == : informational hash_i ( computed ) ( 20 bytes )
12/02/06 21:38:49 == : informational hash_c ( received ) ( 20 bytes )
12/02/06 21:38:49 ii : informational hash verified
12/02/06 21:38:49 ii : received peer DPDV1-R-U-THERE-ACK notification
12/02/06 21:38:49 ii : - xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500>
12/02/06 21:38:49 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:38:49 ii : - data size 4
12/02/06 21:38:49 ii : DPD ARE-YOU-THERE-ACK sequence 25f03682 accepted
12/02/06 21:38:49 ii : next tunnel DPD request in 15 secs for peer xx.xx.xx.xx:4500
12/02/06 21:38:49 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:38:50 -> : resend 1 config packet(s) 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:38:54 DB : phase1 found
12/02/06 21:38:54 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:38:54 -> : send NAT-T:KEEP-ALIVE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:38:54 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:38:55 ii : resend limit exceeded for config exchange
12/02/06 21:38:55 DB : config deleted ( obj count = 0 )
12/02/06 21:38:55 DB : tunnel ref decrement ( ref count = 5, obj count = 1 )
12/02/06 21:39:04 DB : phase1 found
12/02/06 21:39:04 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:39:04 ii : sending peer DPDV1-R-U-THERE notification
12/02/06 21:39:04 ii : - 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:39:04 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:04 ii : - data size 4
12/02/06 21:39:04 >> : hash payload
12/02/06 21:39:04 >> : notification payload
12/02/06 21:39:04 == : new informational hash ( 20 bytes )
12/02/06 21:39:04 == : new informational iv ( 8 bytes )
12/02/06 21:39:04 >= : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:04 >= : message c7f0488b
12/02/06 21:39:04 >= : encrypt iv ( 8 bytes )
12/02/06 21:39:04 == : encrypt packet ( 84 bytes )
12/02/06 21:39:04 == : stored iv ( 8 bytes )
12/02/06 21:39:04 -> : send NAT-T:IKE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500 ( 116 bytes )
12/02/06 21:39:04 ii : DPD ARE-YOU-THERE sequence 25f03683 requested
12/02/06 21:39:04 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:39:04 <- : recv NAT-T:IKE packet xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500> ( 84 bytes )
12/02/06 21:39:04 DB : phase1 found
12/02/06 21:39:04 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:39:04 ii : processing informational packet ( 84 bytes )
12/02/06 21:39:04 == : new informational iv ( 8 bytes )
12/02/06 21:39:04 =< : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:04 =< : message fbc22a40
12/02/06 21:39:04 =< : decrypt iv ( 8 bytes )
12/02/06 21:39:04 == : decrypt packet ( 84 bytes )
12/02/06 21:39:04 <= : stored iv ( 8 bytes )
12/02/06 21:39:04 << : hash payload
12/02/06 21:39:04 << : notification payload
12/02/06 21:39:04 == : informational hash_i ( computed ) ( 20 bytes )
12/02/06 21:39:04 == : informational hash_c ( received ) ( 20 bytes )
12/02/06 21:39:04 ii : informational hash verified
12/02/06 21:39:04 ii : received peer DPDV1-R-U-THERE-ACK notification
12/02/06 21:39:04 ii : - xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500>
12/02/06 21:39:04 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:04 ii : - data size 4
12/02/06 21:39:04 ii : DPD ARE-YOU-THERE-ACK sequence 25f03683 accepted
12/02/06 21:39:04 ii : next tunnel DPD request in 15 secs for peer xx.xx.xx.xx:4500
12/02/06 21:39:04 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:39:14 DB : phase1 found
12/02/06 21:39:14 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:39:14 -> : send NAT-T:KEEP-ALIVE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:39:14 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:39:19 DB : phase1 found
12/02/06 21:39:19 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:39:19 ii : sending peer DPDV1-R-U-THERE notification
12/02/06 21:39:19 ii : - 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:39:19 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:19 ii : - data size 4
12/02/06 21:39:19 >> : hash payload
12/02/06 21:39:19 >> : notification payload
12/02/06 21:39:19 == : new informational hash ( 20 bytes )
12/02/06 21:39:19 == : new informational iv ( 8 bytes )
12/02/06 21:39:19 >= : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:19 >= : message b292a263
12/02/06 21:39:19 >= : encrypt iv ( 8 bytes )
12/02/06 21:39:19 == : encrypt packet ( 84 bytes )
12/02/06 21:39:19 == : stored iv ( 8 bytes )
12/02/06 21:39:19 -> : send NAT-T:IKE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500 ( 116 bytes )
12/02/06 21:39:19 ii : DPD ARE-YOU-THERE sequence 25f03684 requested
12/02/06 21:39:19 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:39:19 <- : recv NAT-T:IKE packet xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500> ( 84 bytes )
12/02/06 21:39:19 DB : phase1 found
12/02/06 21:39:19 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:39:19 ii : processing informational packet ( 84 bytes )
12/02/06 21:39:19 == : new informational iv ( 8 bytes )
12/02/06 21:39:19 =< : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:19 =< : message c92ea38f
12/02/06 21:39:19 =< : decrypt iv ( 8 bytes )
12/02/06 21:39:19 == : decrypt packet ( 84 bytes )
12/02/06 21:39:19 <= : stored iv ( 8 bytes )
12/02/06 21:39:19 << : hash payload
12/02/06 21:39:19 << : notification payload
12/02/06 21:39:19 == : informational hash_i ( computed ) ( 20 bytes )
12/02/06 21:39:19 == : informational hash_c ( received ) ( 20 bytes )
12/02/06 21:39:19 ii : informational hash verified
12/02/06 21:39:19 ii : received peer DPDV1-R-U-THERE-ACK notification
12/02/06 21:39:19 ii : - xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500>
12/02/06 21:39:19 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:19 ii : - data size 4
12/02/06 21:39:19 ii : DPD ARE-YOU-THERE-ACK sequence 25f03684 accepted
12/02/06 21:39:19 ii : next tunnel DPD request in 15 secs for peer xx.xx.xx.xx:4500
12/02/06 21:39:19 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:39:34 DB : phase1 found
12/02/06 21:39:34 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:39:34 -> : send NAT-T:KEEP-ALIVE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:39:34 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:39:34 DB : phase1 found
12/02/06 21:39:34 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:39:34 ii : sending peer DPDV1-R-U-THERE notification
12/02/06 21:39:34 ii : - 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:39:34 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:34 ii : - data size 4
12/02/06 21:39:34 >> : hash payload
12/02/06 21:39:34 >> : notification payload
12/02/06 21:39:34 == : new informational hash ( 20 bytes )
12/02/06 21:39:34 == : new informational iv ( 8 bytes )
12/02/06 21:39:34 >= : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:34 >= : message 275ea992
12/02/06 21:39:34 >= : encrypt iv ( 8 bytes )
12/02/06 21:39:34 == : encrypt packet ( 84 bytes )
12/02/06 21:39:34 == : stored iv ( 8 bytes )
12/02/06 21:39:34 -> : send NAT-T:IKE packet 192.168.1.6:4500<http://192.168.1.6:4500> ->xx.xx.xx.xx:4500 ( 116 bytes )
12/02/06 21:39:34 ii : DPD ARE-YOU-THERE sequence 25f03685 requested
12/02/06 21:39:34 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:39:34 <- : recv NAT-T:IKE packet xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500> ( 84 bytes )
12/02/06 21:39:34 DB : phase1 found
12/02/06 21:39:34 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:39:34 ii : processing informational packet ( 84 bytes )
12/02/06 21:39:34 == : new informational iv ( 8 bytes )
12/02/06 21:39:34 =< : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:34 =< : message 8d1e702e
12/02/06 21:39:34 =< : decrypt iv ( 8 bytes )
12/02/06 21:39:34 == : decrypt packet ( 84 bytes )
12/02/06 21:39:34 <= : stored iv ( 8 bytes )
12/02/06 21:39:34 << : hash payload
12/02/06 21:39:34 << : notification payload
12/02/06 21:39:34 == : informational hash_i ( computed ) ( 20 bytes )
12/02/06 21:39:34 == : informational hash_c ( received ) ( 20 bytes )
12/02/06 21:39:34 ii : informational hash verified
12/02/06 21:39:34 ii : received peer DPDV1-R-U-THERE-ACK notification
12/02/06 21:39:34 ii : - xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500>
12/02/06 21:39:34 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:34 ii : - data size 4
12/02/06 21:39:34 ii : DPD ARE-YOU-THERE-ACK sequence 25f03685 accepted
12/02/06 21:39:34 ii : next tunnel DPD request in 15 secs for peer xx.xx.xx.xx:4500
12/02/06 21:39:34 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:39:49 DB : phase1 found
12/02/06 21:39:49 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:39:49 ii : sending peer DPDV1-R-U-THERE notification
12/02/06 21:39:49 ii : - 192.168.1.6:4500<http://192.168.1.6:4500> -> 12.249.128.94:4500<http://12.249.128.94:4500>
12/02/06 21:39:49 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:49 ii : - data size 4
12/02/06 21:39:49 >> : hash payload
12/02/06 21:39:49 >> : notification payload
12/02/06 21:39:49 == : new informational hash ( 20 bytes )
12/02/06 21:39:49 == : new informational iv ( 8 bytes )
12/02/06 21:39:49 >= : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:39:49 >= : message 0dd7dfcb
12/02/06 21:39:49 >= : encrypt iv ( 8 bytes )
12/02/06 21:39:49 == : encrypt packet ( 84 bytes )
12/02/06 21:39:49 == : stored iv ( 8 bytes )
12/02/06 21:39:49 -> : send NAT-T:IKE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500 ( 116 bytes )
12/02/06 21:39:49 ii : DPD ARE-YOU-THERE sequence 25f03686 requested
12/02/06 21:39:49 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:39:49 <- : recv NAT-T:IKE packet xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500> ( 84 bytes )
12/02/06 21:39:49 DB : phase1 found
12/02/06 21:39:49 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:39:49 ii : processing informational packet ( 84 bytes )
12/02/06 21:39:49 == : new informational iv ( 8 bytes )
12/02/06 21:40:04 DB : phase1 found
12/02/06 21:40:04 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:40:04 ii : sending peer DPDV1-R-U-THERE notification
12/02/06 21:40:04 ii : - 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:40:04 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:40:04 ii : - data size 4
12/02/06 21:40:04 >> : hash payload
12/02/06 21:40:04 >> : notification payload
12/02/06 21:40:04 == : new informational hash ( 20 bytes )
12/02/06 21:40:04 == : new informational iv ( 8 bytes )
12/02/06 21:40:04 >= : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:40:04 >= : message 30a04be5
12/02/06 21:40:04 >= : encrypt iv ( 8 bytes )
12/02/06 21:40:04 == : encrypt packet ( 84 bytes )
12/02/06 21:40:04 == : stored iv ( 8 bytes )
12/02/06 21:40:04 -> : send NAT-T:IKE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500 ( 116 bytes )
12/02/06 21:40:04 ii : DPD ARE-YOU-THERE sequence 25f03687 requested
12/02/06 21:40:04 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:40:04 <- : recv NAT-T:IKE packet xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500> ( 84 bytes )
12/02/06 21:40:04 DB : phase1 found
12/02/06 21:40:04 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:40:04 ii : processing informational packet ( 84 bytes )
12/02/06 21:40:04 == : new informational iv ( 8 bytes )
12/02/06 21:40:04 =< : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:40:04 =< : message b1407db0
12/02/06 21:40:04 =< : decrypt iv ( 8 bytes )
12/02/06 21:40:04 == : decrypt packet ( 84 bytes )
12/02/06 21:40:04 <= : stored iv ( 8 bytes )
12/02/06 21:40:04 << : hash payload
12/02/06 21:40:04 << : notification payload
12/02/06 21:40:04 == : informational hash_i ( computed ) ( 20 bytes )
12/02/06 21:40:04 == : informational hash_c ( received ) ( 20 bytes )
12/02/06 21:40:04 ii : informational hash verified
12/02/06 21:40:04 ii : received peer DPDV1-R-U-THERE-ACK notification
12/02/06 21:40:04 ii : - xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500>
12/02/06 21:40:04 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:40:04 ii : - data size 4
12/02/06 21:40:04 ii : DPD ARE-YOU-THERE-ACK sequence 25f03687 accepted
12/02/06 21:40:04 ii : next tunnel DPD request in 15 secs for peer xx.xx.xx.xx:4500
12/02/06 21:40:04 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:40:14 DB : phase1 found
12/02/06 21:40:14 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:40:14 -> : send NAT-T:KEEP-ALIVE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:40:14 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:40:19 DB : phase1 found
12/02/06 21:40:19 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:40:19 ii : sending peer DPDV1-R-U-THERE notification
12/02/06 21:40:19 ii : - 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500
12/02/06 21:40:19 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:40:19 ii : - data size 4
12/02/06 21:40:19 >> : hash payload
12/02/06 21:40:19 >> : notification payload
12/02/06 21:40:19 == : new informational hash ( 20 bytes )
12/02/06 21:40:19 == : new informational iv ( 8 bytes )
12/02/06 21:40:19 >= : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:40:19 >= : message 211c1463
12/02/06 21:40:19 >= : encrypt iv ( 8 bytes )
12/02/06 21:40:19 == : encrypt packet ( 84 bytes )
12/02/06 21:40:19 == : stored iv ( 8 bytes )
12/02/06 21:40:19 -> : send NAT-T:IKE packet 192.168.1.6:4500<http://192.168.1.6:4500> -> xx.xx.xx.xx:4500 ( 116 bytes )
12/02/06 21:40:19 ii : DPD ARE-YOU-THERE sequence 25f03688 requested
12/02/06 21:40:19 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )
12/02/06 21:40:19 <- : recv NAT-T:IKE packet xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500> ( 84 bytes )
12/02/06 21:40:19 DB : phase1 found
12/02/06 21:40:19 DB : phase1 ref increment ( ref count = 4, obj count = 1 )
12/02/06 21:40:19 ii : processing informational packet ( 84 bytes )
12/02/06 21:40:19 == : new informational iv ( 8 bytes )
12/02/06 21:40:19 =< : cookies f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:40:19 =< : message bcdd000f
12/02/06 21:40:19 =< : decrypt iv ( 8 bytes )
12/02/06 21:40:19 == : decrypt packet ( 84 bytes )
12/02/06 21:40:19 <= : stored iv ( 8 bytes )
12/02/06 21:40:19 << : hash payload
12/02/06 21:40:19 << : notification payload
12/02/06 21:40:19 == : informational hash_i ( computed ) ( 20 bytes )
12/02/06 21:40:19 == : informational hash_c ( received ) ( 20 bytes )
12/02/06 21:40:19 ii : informational hash verified
12/02/06 21:40:19 ii : received peer DPDV1-R-U-THERE-ACK notification
12/02/06 21:40:19 ii : -xx.xx.xx.xx:4500 -> 192.168.1.6:4500<http://192.168.1.6:4500>
12/02/06 21:40:19 ii : - isakmp spi = f88412956c4b60da:93e25c78b27cfdea
12/02/06 21:40:19 ii : - data size 4
12/02/06 21:40:19 ii : DPD ARE-YOU-THERE-ACK sequence 25f03688 accepted
12/02/06 21:40:19 ii : next tunnel DPD request in 15 secs for peer xx.xx.xx.xx:4500
12/02/06 21:40:19 DB : phase1 ref decrement ( ref count = 3, obj count = 1 )

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20120208/78bcecc0/attachment-0002.html>

More information about the vpn-help mailing list