API tools faq
paste
Advertisement
skuda

fortigate side

skuda
Aug 14th, 2014
1,087
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.68 KB | None | 0 0
raw download clone embed print report
  1. ike 0:conname:611341: negotiation timeout, deleting
  2. ike 0:conname: connection expiring due to phase1 down
  3. ike 0:conname: deleting
  4. ike 0:conname: flushing
  5. ike 0:conname: flushed
  6. ike 0:conname: schedule auto-negotiate
  7. ike 0:conname: reset NAT-T
  8. ike 0:conname: deleted
  9. ike 0:conname: sending DNS request for remote peer dyn.dyndns.org
  10. ike 0:conname: dyn.dyndns.org resolved to 000.000.000.000
  11. ike 0:conname: remote gateway IP address changed 0.0.0.0->000.000.000.000
  12. ike 0:conname: sending DNS request for remote peer dyn.dyndns.org
  13. ike 0:conname: cached as static-ddns
  14. ike 0:conname: dyn.dyndns.org resolved to 000.000.000.000
  15. ike 0:conname: auto-negotiate connection
  16. ike 0:conname: created connection: 0xa77fda0 3 111.111.111.111->000.000.000.000:500.
  17. ike 0:conname:conname_p2: chosen to populate IKE_SA traffic-selectors
  18. ike 0:conname: no suitable IKE_SA, queuing CHILD_SA request and initiating IKE_SA negotiation
  19. ike 0:conname:611345: out A41995D334D4DA930000000000000000212022080000000000000120220000300000002C010100040300000C0100000C800E00800300000802000002030000080300000200000008040000022800008800020000902647AA3F389DCAFC1F99575E26507AFE8E3C218F8D63609F17B2DDD7E9346F21F3ACD3B4683A4395AB4C2E53F3A85503C021B87129576D2F1C95D4BC988F0191CDC5A4DF5654A4490BCA0FFAF355B49C63CC2754F0DF53E1D6F02F35735CBF86699DE1C4C2BDE5AB1CA04573616E9635290289403E3B2DABF5CFC3AE4A0C752900001490A8E6493627F93C8B2617E2E497C8B42900001C000040047869B98776CFA03A2AEB1186D3716E5199A65EC50000001C00004005685AF34FABA12675E6046246D8734A63917F3B5D
  20. ike 0:conname:611345: sent IKE msg (SA_INIT): 111.111.111.111:500->000.000.000.000:500, len=288, id=a41995d334d4da93/0000000000000000
  21. ike 0:conname:611345: initiator received SA_INIT response
  22. ike 0:conname:611345: received notify type NAT_DETECTION_SOURCE_IP
  23. ike 0:conname:611345: processing NAT-D payload
  24. ike 0:conname:611345: NAT detected: PEER
  25. ike 0:conname:611345: process NAT-D
  26. ike 0:conname:611345: received notify type NAT_DETECTION_DESTINATION_IP
  27. ike 0:conname:611345: processing NAT-D payload
  28. ike 0:conname:611345: NAT detected: PEER
  29. ike 0:conname:611345: process NAT-D
  30. ike 0:conname:611345: received notify type 16404
  31. ike 0:conname:611345: ignoring unauthenticated notify payload (16404)
  32. ike 0:conname:611345: incoming proposal:
  33. ike 0:conname:611345: proposal id = 1:
  34. ike 0:conname:611345: protocol = IKEv2:
  35. ike 0:conname:611345: encapsulation = IKEv2/none
  36. ike 0:conname:611345: type=ENCR, val=AES_CBC (key_len = 128)
  37. ike 0:conname:611345: type=INTEGR, val=AUTH_HMAC_SHA_96
  38. ike 0:conname:611345: type=PRF, val=PRF_HMAC_SHA
  39. ike 0:conname:611345: type=DH_GROUP, val=1024.
  40. ike 0:conname:611345: matched proposal id 1
  41. ike 0:conname:611345: IKE SA a41995d334d4da93/17bfa64e291a64eb SK_ei 16:D26882030C4CF8DC7455624E6F96E389
  42. ike 0:conname:611345: IKE SA a41995d334d4da93/17bfa64e291a64eb SK_er 16:8D08ABD9E12693D6ACD085E61B6EDEF9
  43. ike 0:conname:611345: IKE SA a41995d334d4da93/17bfa64e291a64eb SK_ai 20:EB14E2B078296EB34FD517ABD44ACBC22CD604D5
  44. ike 0:conname:611345: IKE SA a41995d334d4da93/17bfa64e291a64eb SK_ar 20:46F17BF92D5DAE2A786DB7149E7903F58A9E887A
  45. ike 0:conname:611345: initiator preparing AUTH msg
  46. ike 0:conname:611345: sending INITIAL-CONTACT
  47. ike 0:conname:611345: enc 2900000C01000000D4E6381227000008000040002100001C02000000C7C9E1121954BD88018C57DBE399140585B46A122C00002C00000028010304038CC3B23F0300000C0100000C800E0080030000080300000200000008050000002D00001801000000070000100000FFFFC0A86400C0A864FF0000001801000000070000100000FFFFC0A8FE00C0A8FEFF03020103
  48. ike 0:conname:611345: detected NAT
  49. ike 0:conname:611345: NAT-T float port 4500
  50. ike 0:conname:611345: out A41995D334D4DA9317BFA64E291A64EB2E20230800000001000000CC230000B0418F33DE426EC107C5ABDE46A4E0BEC558DB1F9A99D416CAE6EC6561824AB492D22582A504F7EF65D4689C3123FC1E698E505EF004DB589AF720984DCD48CDDE270B9A63A1075FAA6A10243AA63069C5DDDBC997B883FF0FAF2E37BEBF7F834D855CD97BBFDDCA4D8FB2B71F35026FBC6EB6E58EC28C39797C802B4830964DC12E135E8D15CA02D0265A17524BCBD638C7B97B7F6D1DF3058A2DEAC564AECCB874E8D1708887099B9F76E86D
  51. ike 0:conname:611345: sent IKE msg (AUTH): 111.111.111.111:4500->000.000.000.000:4500, len=204, id=a41995d334d4da93/17bfa64e291a64eb:00000001
  52. ike 0:conname:611345: out A41995D334D4DA9317BFA64E291A64EB2E20230800000001000000CC230000B0418F33DE426EC107C5ABDE46A4E0BEC558DB1F9A99D416CAE6EC6561824AB492D22582A504F7EF65D4689C3123FC1E698E505EF004DB589AF720984DCD48CDDE270B9A63A1075FAA6A10243AA63069C5DDDBC997B883FF0FAF2E37BEBF7F834D855CD97BBFDDCA4D8FB2B71F35026FBC6EB6E58EC28C39797C802B4830964DC12E135E8D15CA02D0265A17524BCBD638C7B97B7F6D1DF3058A2DEAC564AECCB874E8D1708887099B9F76E86D
  53. ike 0:conname:611345: sent IKE msg (RETRANSMIT_AUTH): 111.111.111.111:4500->000.000.000.000:4500, len=204, id=a41995d334d4da93/17bfa64e291a64eb:00000001
  54. ike 0:conname: sending DNS request for remote peer dyn.dyndns.org
  55. ike 0:conname: cached as static-ddns
  56. ike 0:conname: cached as static-ddns
  57. ike 0: found conname 111.111.111.111 3 -> 000.000.000.000:500
  58. ike 0:conname:611347: responder received SA_INIT msg
  59. ike 0:conname:611347: received notify type NAT_DETECTION_SOURCE_IP
  60. ike 0:conname:611347: processing NAT-D payload
  61. ike 0:conname:611347: NAT detected: PEER
  62. ike 0:conname:611347: process NAT-D
  63. ike 0:conname:611347: received notify type NAT_DETECTION_DESTINATION_IP
  64. ike 0:conname:611347: processing NAT-D payload
  65. ike 0:conname:611347: NAT detected: PEER
  66. ike 0:conname:611347: process NAT-D
  67. ike 0:conname:611347: incoming proposal:
  68. ike 0:conname:611347: proposal id = 1:
  69. ike 0:conname:611347: protocol = IKEv2:
  70. ike 0:conname:611347: encapsulation = IKEv2/none
  71. ike 0:conname:611347: type=ENCR, val=AES_CBC (key_len = 128)
  72. ike 0:conname:611347: type=INTEGR, val=AUTH_HMAC_SHA_96
  73. ike 0:conname:611347: type=PRF, val=PRF_HMAC_SHA
  74. ike 0:conname:611347: type=DH_GROUP, val=1024.
  75. ike 0:conname:611347: matched proposal id 1
  76. ike 0:conname:611347: responder preparing SA_INIT msg
  77. ike 0:conname:611347: out 04DEC76BD14CABAF3F7AAEE4483D0530212022200000000000000120220000300000002C010100040300000C0100000C800E00800300000802000002030000080300000200000008040000022800008800020000435B42198FF739C8AD999CC858C5F95CC57D22BE1AA320CBAA533A6FB8B1557B75B6EB11AE04B274B11E0752AF4790E008C36E2E13C3A0F8780008D389440BBE2F8360D6FD91F9B8BA9FA0686F9500A0F3312CC0BFF4D96B7F7334F4861162FD3FF1102C6F18CA10E71A9B6E6804CFA5D20E539D120A1256D29B2522F7FC1572290000146126945E39619C98DA2A32A8EC82C4A32900001C00004004D3850A9D787E27D5B16D958E5F61B4B31FB396B30000001C000040051B31EA852D4A59BCACB313FAFCE473220F987290
  78. ike 0:conname:611347: sent IKE msg (SA_INIT_RESPONSE): 111.111.111.111:4500->000.000.000.000:500, len=288, id=04dec76bd14cabaf/3f7aaee4483d0530
  79. ike 0:conname:611347: IKE SA 04dec76bd14cabaf/3f7aaee4483d0530 SK_ei 16:793AF54562E769A9935746910A2AE668
  80. ike 0:conname:611347: IKE SA 04dec76bd14cabaf/3f7aaee4483d0530 SK_er 16:551ED7B2EB4C0E56AEFF032400F6074F
  81. ike 0:conname:611347: IKE SA 04dec76bd14cabaf/3f7aaee4483d0530 SK_ai 20:44D097F4C75F432277DC77E25E94FDC05009166C
  82. ike 0:conname:611347: IKE SA 04dec76bd14cabaf/3f7aaee4483d0530 SK_ar 20:7E766C3EF9056FD9BB4BF8563E737A160FD69ADA
  83. ike 0:conname: NAT keep-alive 3 111.111.111.111->000.000.000.000:4500.
  84. ike 0:conname: dyn.dyndns.org resolved to 000.000.000.000
  85. ike 0:conname:611345: out A41995D334D4DA9317BFA64E291A64EB2E20230800000001000000CC230000B0418F33DE426EC107C5ABDE46A4E0BEC558DB1F9A99D416CAE6EC6561824AB492D22582A504F7EF65D4689C3123FC1E698E505EF004DB589AF720984DCD48CDDE270B9A63A1075FAA6A10243AA63069C5DDDBC997B883FF0FAF2E37BEBF7F834D855CD97BBFDDCA4D8FB2B71F35026FBC6EB6E58EC28C39797C802B4830964DC12E135E8D15CA02D0265A17524BCBD638C7B97B7F6D1DF3058A2DEAC564AECCB874E8D1708887099B9F76E86D
  86. ike 0:conname:611345: sent IKE msg (RETRANSMIT_AUTH): 111.111.111.111:4500->000.000.000.000:4500, len=204, id=a41995d334d4da93/17bfa64e291a64eb:00000001
  87. ike 0:conname: NAT keep-alive 3 111.111.111.111->000.000.000.000:4500.
  88. ike 0:conname:611345: negotiation timeout, deleting
  89. ike 0:conname: schedule auto-negotiate
  90. ike 0:conname:611347: negotiation timeout, deleting
  91. ike 0:conname: connection expiring due to phase1 down
  92. ike 0:conname: deleting
  93. ike 0:conname: flushing
  94. ike 0:conname: flushed
  95. ike 0:conname: schedule auto-negotiate
  96. ike 0:conname: reset NAT-T
  97. ike 0:conname: deleted
  98. ike 0:conname: sending DNS request for remote peer dyn.dyndns.org
  99. ike 0:conname: dyn.dyndns.org resolved to 000.000.000.000
  100. ike 0:conname: remote gateway IP address changed 0.0.0.0->000.000.000.000
  101. ike 0:conname: sending DNS request for remote peer dyn.dyndns.org
  102. ike 0:conname: cached as static-ddns
  103. ike 0:conname: auto-negotiate connection
  104. ike 0:conname: created connection: 0xa7fdb28 3 111.111.111.111->000.000.000.000:500.
  105. ike 0:conname:conname_p2: chosen to populate IKE_SA traffic-selectors
  106. ike 0:conname: no suitable IKE_SA, queuing CHILD_SA request and initiating IKE_SA negotiation
  107. ike 0:conname:611348: out 290ADD3637A190FF0000000000000000212022080000000000000120220000300000002C010100040300000C0100000C800E0080030000080200000203000008030000020000000804000002280000880002000054E5402D3D9BF5C28548872A13D5369473BE73013EB4EA732F066148F82FC4745FBC66528359CF35EA9BBF51ED094D0904902F2A11291AA1CB7994118686E99239F3DCB3C55D072B48AB0378E98EC7CD4A7FC43AECC74798FE4E7ABDADC7C8F712325ECCD2EB3DE8A8D8CFEAEA97CE0B30FF0B6C8D4931D302A66C4E8AB687A22900001486CF6EE0FF94DC14689289DCB6126FEE2900001C0000400474344420E8E2774A3AAD2147242CD268ABC729890000001C00004005BD3B9D61F18E71B49A8B681C514050BAC793A8C1
  108. ike 0:conname:611348: sent IKE msg (SA_INIT): 111.111.111.111:500->000.000.000.000:500, len=288, id=290add3637a190ff/0000000000000000
  109. ike 0:conname: dyn.dyndns.org resolved to 000.000.000.000
  110. ike 0:conname:611348: initiator received SA_INIT response
  111. ike 0:conname:611348: received notify type NAT_DETECTION_SOURCE_IP
  112. ike 0:conname:611348: processing NAT-D payload
  113. ike 0:conname:611348: NAT detected: PEER
  114. ike 0:conname:611348: process NAT-D
  115. ike 0:conname:611348: received notify type NAT_DETECTION_DESTINATION_IP
  116. ike 0:conname:611348: processing NAT-D payload
  117. ike 0:conname:611348: NAT detected: PEER
  118. ike 0:conname:611348: process NAT-D
  119. ike 0:conname:611348: received notify type 16404
  120. ike 0:conname:611348: ignoring unauthenticated notify payload (16404)
  121. ike 0:conname:611348: incoming proposal:
  122. ike 0:conname:611348: proposal id = 1:
  123. ike 0:conname:611348: protocol = IKEv2:
  124. ike 0:conname:611348: encapsulation = IKEv2/none
  125. ike 0:conname:611348: type=ENCR, val=AES_CBC (key_len = 128)
  126. ike 0:conname:611348: type=INTEGR, val=AUTH_HMAC_SHA_96
  127. ike 0:conname:611348: type=PRF, val=PRF_HMAC_SHA
  128. ike 0:conname:611348: type=DH_GROUP, val=1024.
  129. ike 0:conname:611348: matched proposal id 1
  130. ike 0:conname:611348: IKE SA 290add3637a190ff/64d714fdcde8f676 SK_ei 16:0ADA7343D7B3C638C8BB67C7860E07EE
  131. ike 0:conname:611348: IKE SA 290add3637a190ff/64d714fdcde8f676 SK_er 16:E529B94298CF268A6D604A3466A6FC89
  132. ike 0:conname:611348: IKE SA 290add3637a190ff/64d714fdcde8f676 SK_ai 20:79BAC7EBE1AC30DBBA669A69AB8489826D974349
  133. ike 0:conname:611348: IKE SA 290add3637a190ff/64d714fdcde8f676 SK_ar 20:2AB2A8F393375397E53C65976D5810E51953DC1C
  134. ike 0:conname:611348: initiator preparing AUTH msg
  135. ike 0:conname:611348: sending INITIAL-CONTACT
  136. ike 0:conname:611348: enc 2900000C01000000D4E6381227000008000040002100001C020000004B17340A74CD55E23A13F804A71EA908C0D76E1D2C00002C00000028010304038CC3B2400300000C0100000C800E0080030000080300000200000008050000002D00001801000000070000100000FFFFC0A86400C0A864FF0000001801000000070000100000FFFFC0A8FE00C0A8FEFF03020103
  137. ike 0:conname:611348: detected NAT
  138. ike 0:conname:611348: NAT-T float port 4500
  139. ike 0:conname:611348: out 290ADD3637A190FF64D714FDCDE8F6762E20230800000001000000CC230000B0CF5D42B2510499F04E268716925941960E034C3CF4FB2BF658C99F51D909847B8420222E5619228EAA45A7C274AC81659C15CD85443CCE9C9500C8A490B43D625F21F51247B254026A69A6EEF9876D6B5F27F307F9F87C2877D122A24E24415D83A676CD9165F5855AB9D3D26BD46FFF224E0E53DA7A113E161E02FCB535C2AE9E6EF724535C712A6FE8402D49546B9769BE20C57B545AFB19FD8CA586B1A105C16C5F407FB9F78A38D52038
  140. ike 0:conname:611348: sent IKE msg (AUTH): 111.111.111.111:4500->000.000.000.000:4500, len=204, id=290add3637a190ff/64d714fdcde8f676:00000001
  141. ike 0:conname:611348: out 290ADD3637A190FF64D714FDCDE8F6762E20230800000001000000CC230000B0CF5D42B2510499F04E268716925941960E034C3CF4FB2BF658C99F51D909847B8420222E5619228EAA45A7C274AC81659C15CD85443CCE9C9500C8A490B43D625F21F51247B254026A69A6EEF9876D6B5F27F307F9F87C2877D122A24E24415D83A676CD9165F5855AB9D3D26BD46FFF224E0E53DA7A113E161E02FCB535C2AE9E6EF724535C712A6FE8402D49546B9769BE20C57B545AFB19FD8CA586B1A105C16C5F407FB9F78A38D52038
  142. ike 0:conname:611348: sent IKE msg (RETRANSMIT_AUTH): 111.111.111.111:4500->000.000.000.000:4500, len=204, id=290add3637a190ff/64d714fdcde8f676:00000001
  143. ike 0:conname: NAT keep-alive 3 111.111.111.111->000.000.000.000:4500.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!