Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Jan 22 20:14:21 elisonniven pluto[8471]: |
- Jan 22 20:14:21 elisonniven pluto[8471]: | *received 324 bytes from 10.103.2.75:500 on p18p1 (port=500)
- Jan 22 20:14:21 elisonniven pluto[8471]: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_AGGR (4)
- Jan 22 20:14:21 elisonniven pluto[8471]: packet from 10.103.2.75:500: ignoring unknown Vendor ID payload [4a4340b543e02b84c88a8b96a8af9ebe77d9accc0000000b00000500]
- Jan 22 20:14:21 elisonniven pluto[8471]: packet from 10.103.2.75:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
- Jan 22 20:14:21 elisonniven pluto[8471]: packet from 10.103.2.75:500: ignoring Vendor ID payload [HeartBeat Notify 386b0100]
- Jan 22 20:14:21 elisonniven pluto[8471]: | creating state object #2 at 0x9cba710
- Jan 22 20:14:21 elisonniven pluto[8471]: "jun" #2: Aggressive mode peer ID is ID_IPV4_ADDR: '10.103.2.75'
- Jan 22 20:14:21 elisonniven pluto[8471]: | started looking for secret for 10.103.6.114->10.103.2.75 of kind PPK_PSK
- Jan 22 20:14:21 elisonniven pluto[8471]: | actually looking for secret for 10.103.6.114->10.103.2.75 of kind PPK_PSK
- Jan 22 20:14:21 elisonniven pluto[8471]: | 1: compared key 10.103.2.75 to 10.103.6.114 / 10.103.2.75 -> 4
- Jan 22 20:14:21 elisonniven pluto[8471]: | 2: compared key 10.103.6.114 to 10.103.6.114 / 10.103.2.75 -> 12
- Jan 22 20:14:21 elisonniven pluto[8471]: | line 4: match=12
- Jan 22 20:14:21 elisonniven pluto[8471]: | best_match 0>12 best=0x9c8f990 (line=4)
- Jan 22 20:14:21 elisonniven pluto[8471]: | concluding with best_match=12 best=0x9c8f990 (lineno=4)
- Jan 22 20:14:21 elisonniven pluto[8471]: | offered CA: '%none'
- Jan 22 20:14:21 elisonniven pluto[8471]: | processing connection jun
- Jan 22 20:14:21 elisonniven pluto[8471]: | ICOOKIE: 3c 2d 3b 1e 5c 83 8d 92
- Jan 22 20:14:21 elisonniven pluto[8471]: | RCOOKIE: c2 63 eb 86 90 b0 57 46
- Jan 22 20:14:21 elisonniven pluto[8471]: | state hash entry 27
- Jan 22 20:14:21 elisonniven pluto[8471]: | inserting state object #2
- Jan 22 20:14:21 elisonniven pluto[8471]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #2
- Jan 22 20:14:21 elisonniven pluto[8471]: "jun" #2: responding to Aggressive Mode, state #2, connection "jun" from 10.103.2.75
- Jan 22 20:14:21 elisonniven pluto[8471]: "jun" #2: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-00/01
- Jan 22 20:14:21 elisonniven pluto[8471]: | started looking for secret for 10.103.6.114->10.103.2.75 of kind PPK_PSK
- Jan 22 20:14:21 elisonniven pluto[8471]: | actually looking for secret for 10.103.6.114->10.103.2.75 of kind PPK_PSK
- Jan 22 20:14:21 elisonniven pluto[8471]: | 1: compared key 10.103.2.75 to 10.103.6.114 / 10.103.2.75 -> 4
- Jan 22 20:14:21 elisonniven pluto[8471]: | 2: compared key 10.103.6.114 to 10.103.6.114 / 10.103.2.75 -> 12
- Jan 22 20:14:21 elisonniven pluto[8471]: | line 4: match=12
- Jan 22 20:14:21 elisonniven pluto[8471]: | best_match 0>12 best=0x9c8f990 (line=4)
- Jan 22 20:14:21 elisonniven pluto[8471]: | concluding with best_match=12 best=0x9c8f990 (lineno=4)
- Jan 22 20:14:21 elisonniven pluto[8471]: | helper -1 doing build_kenonce op id: 0
- Jan 22 20:14:21 elisonniven pluto[8471]: | processing connection jun
- Jan 22 20:14:21 elisonniven pluto[8471]: | started looking for secret for 10.103.6.114->10.103.2.75 of kind PPK_PSK
- Jan 22 20:14:21 elisonniven pluto[8471]: | actually looking for secret for 10.103.6.114->10.103.2.75 of kind PPK_PSK
- Jan 22 20:14:21 elisonniven pluto[8471]: | 1: compared key 10.103.2.75 to 10.103.6.114 / 10.103.2.75 -> 4
- Jan 22 20:14:21 elisonniven pluto[8471]: | 2: compared key 10.103.6.114 to 10.103.6.114 / 10.103.2.75 -> 12
- Jan 22 20:14:21 elisonniven pluto[8471]: | line 4: match=12
- Jan 22 20:14:21 elisonniven pluto[8471]: | best_match 0>12 best=0x9c8f990 (line=4)
- Jan 22 20:14:21 elisonniven pluto[8471]: | concluding with best_match=12 best=0x9c8f990 (lineno=4)
- Jan 22 20:14:21 elisonniven pluto[8471]: | parent1 type: 7 group: 2 len: 2680
- Jan 22 20:14:21 elisonniven pluto[8471]: | helper -1 doing compute dh+iv op id: 0
- Jan 22 20:14:21 elisonniven pluto[8471]: | processing connection jun
- Jan 22 20:14:21 elisonniven pluto[8471]: | thinking about whether to send my certificate:
- Jan 22 20:14:21 elisonniven pluto[8471]: | I have RSA key: OAKLEY_PRESHARED_KEY cert.type: CERT_NONE
- Jan 22 20:14:21 elisonniven pluto[8471]: | sendcert: CERT_ALWAYSSEND and I did not get a certificate request
- Jan 22 20:14:21 elisonniven pluto[8471]: | so do not send cert.
- Jan 22 20:14:21 elisonniven pluto[8471]: | I did not send a certificate because digital signatures are not being used. (PSK)
- Jan 22 20:14:21 elisonniven pluto[8471]: | I am not sending a certificate request
- Jan 22 20:14:21 elisonniven pluto[8471]: | started looking for secret for 10.103.6.114->10.103.2.75 of kind PPK_PSK
- Jan 22 20:14:21 elisonniven pluto[8471]: | actually looking for secret for 10.103.6.114->10.103.2.75 of kind PPK_PSK
- Jan 22 20:14:21 elisonniven pluto[8471]: | 1: compared key 10.103.2.75 to 10.103.6.114 / 10.103.2.75 -> 4
- Jan 22 20:14:21 elisonniven pluto[8471]: | 2: compared key 10.103.6.114 to 10.103.6.114 / 10.103.2.75 -> 12
- Jan 22 20:14:21 elisonniven pluto[8471]: | line 4: match=12
- Jan 22 20:14:21 elisonniven pluto[8471]: | best_match 0>12 best=0x9c8f990 (line=4)
- Jan 22 20:14:21 elisonniven pluto[8471]: | concluding with best_match=12 best=0x9c8f990 (lineno=4)
- Jan 22 20:14:21 elisonniven pluto[8471]: | complete state transition with STF_OK
- Jan 22 20:14:21 elisonniven pluto[8471]: "jun" #2: transition from state STATE_AGGR_R0 to state STATE_AGGR_R1
- Jan 22 20:14:21 elisonniven pluto[8471]: | sending reply packet to 10.103.2.75:500 (from port 500)
- Jan 22 20:14:21 elisonniven pluto[8471]: | sending 356 bytes for STATE_AGGR_R0 through p18p1:500 to 10.103.2.75:500 (using #2)
- Jan 22 20:14:21 elisonniven pluto[8471]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #2
- Jan 22 20:14:21 elisonniven pluto[8471]: "jun" #2: STATE_AGGR_R1: sent AR1, expecting AI2
- Jan 22 20:14:21 elisonniven pluto[8471]: | modecfg pull: noquirk policy:push not-client
- Jan 22 20:14:21 elisonniven pluto[8471]: | phase 1 is done, looking for phase 2 to unpend
- Jan 22 20:14:21 elisonniven pluto[8471]: | complete state transition with STF_INLINE
- Jan 22 20:14:21 elisonniven pluto[8471]: | complete state transition with STF_INLINE
- Jan 22 20:14:21 elisonniven pluto[8471]: | * processed 0 messages from cryptographic helpers
- Jan 22 20:14:21 elisonniven pluto[8471]: | next event EVENT_RETRANSMIT in 10 seconds for #2
- Jan 22 20:14:21 elisonniven pluto[8471]: | next event EVENT_RETRANSMIT in 10 seconds for #2
- Jan 22 20:14:21 elisonniven pluto[8471]: |
- Jan 22 20:14:21 elisonniven pluto[8471]: | *received 100 bytes from 10.103.2.75:500 on p18p1 (port=500)
- Jan 22 20:14:21 elisonniven pluto[8471]: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_AGGR (4)
- Jan 22 20:14:21 elisonniven pluto[8471]: | ICOOKIE: 3c 2d 3b 1e 5c 83 8d 92
- Jan 22 20:14:21 elisonniven pluto[8471]: | RCOOKIE: c2 63 eb 86 90 b0 57 46
- Jan 22 20:14:21 elisonniven pluto[8471]: | state hash entry 27
- Jan 22 20:14:21 elisonniven pluto[8471]: | v1 peer and cookies match on #2, provided msgid 00000000 vs 00000000
- Jan 22 20:14:21 elisonniven pluto[8471]: | v1 state object #2 found, in STATE_AGGR_R1
- Jan 22 20:14:21 elisonniven pluto[8471]: | processing connection jun
- Jan 22 20:14:21 elisonniven pluto[8471]: "jun" #2: packet rejected: should have been encrypted
- Jan 22 20:14:21 elisonniven pluto[8471]: "jun" #2: sending notification INVALID_FLAGS to 10.103.2.75:500
- Jan 22 20:14:21 elisonniven pluto[8471]: | sending 40 bytes for notification packet through p18p1:500 to 10.103.2.75:500 (using #2)
- Jan 22 20:14:21 elisonniven pluto[8471]: | * processed 0 messages from cryptographic helpers
- Jan 22 20:14:21 elisonniven pluto[8471]: | next event EVENT_RETRANSMIT in 10 seconds for #2
- Jan 22 20:14:21 elisonniven pluto[8471]: | next event EVENT_RETRANSMIT in 10 seconds for #2
- Jan 22 20:14:21 elisonniven pluto[8471]: |
- Jan 22 20:14:21 elisonniven pluto[8471]: | *received 348 bytes from 10.103.2.75:500 on p18p1 (port=500)
- Jan 22 20:14:21 elisonniven pluto[8471]: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32)
- Jan 22 20:14:21 elisonniven pluto[8471]: | ICOOKIE: 3c 2d 3b 1e 5c 83 8d 92
- Jan 22 20:14:21 elisonniven pluto[8471]: | RCOOKIE: c2 63 eb 86 90 b0 57 46
- Jan 22 20:14:21 elisonniven pluto[8471]: | state hash entry 27
- Jan 22 20:14:21 elisonniven pluto[8471]: | v1 peer and cookies match on #2, provided msgid d06d4524 vs 00000000
- Jan 22 20:14:21 elisonniven pluto[8471]: | v1 state object not found
- Jan 22 20:14:21 elisonniven pluto[8471]: | ICOOKIE: 3c 2d 3b 1e 5c 83 8d 92
- Jan 22 20:14:21 elisonniven pluto[8471]: | RCOOKIE: c2 63 eb 86 90 b0 57 46
- Jan 22 20:14:21 elisonniven pluto[8471]: | state hash entry 27
- Jan 22 20:14:21 elisonniven pluto[8471]: | v1 peer and cookies match on #2, provided msgid 00000000 vs 00000000
- Jan 22 20:14:21 elisonniven pluto[8471]: | v1 state object #2 found, in STATE_AGGR_R1
- Jan 22 20:14:21 elisonniven pluto[8471]: | processing connection jun
- Jan 22 20:14:21 elisonniven pluto[8471]: "jun" #2: Quick Mode message is unacceptable because it is for an incomplete ISAKMP SA
- Jan 22 20:14:21 elisonniven pluto[8471]: | payload malformed after IV
- Jan 22 20:14:21 elisonniven pluto[8471]: | de 49 0d ec 4c 27 57 e8 de 64 e8 7a f9 f5 bf 55
- Jan 22 20:14:21 elisonniven pluto[8471]: | 0e 65 f2 44
- Jan 22 20:14:21 elisonniven pluto[8471]: "jun" #2: sending notification PAYLOAD_MALFORMED to 10.103.2.75:500
- Jan 22 20:14:21 elisonniven pluto[8471]: | sending 40 bytes for notification packet through p18p1:500 to 10.103.2.75:500 (using #2)
- Jan 22 20:14:21 elisonniven pluto[8471]: | * processed 0 messages from cryptographic helpers
- Jan 22 20:14:21 elisonniven pluto[8471]: | next event EVENT_RETRANSMIT in 10 seconds for #2
- Jan 22 20:14:21 elisonniven pluto[8471]: | next event EVENT_RETRANSMIT in 10 seconds for #2
- Jan 22 20:14:25 elisonniven pluto[8471]: |
- Jan 22 20:14:25 elisonniven pluto[8471]: | *received 348 bytes from 10.103.2.75:500 on p18p1 (port=500)
- Jan 22 20:14:25 elisonniven pluto[8471]: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32)
- Jan 22 20:14:25 elisonniven pluto[8471]: | ICOOKIE: 3c 2d 3b 1e 5c 83 8d 92
- Jan 22 20:14:25 elisonniven pluto[8471]: | RCOOKIE: c2 63 eb 86 90 b0 57 46
- Jan 22 20:14:25 elisonniven pluto[8471]: | state hash entry 27
- Jan 22 20:14:25 elisonniven pluto[8471]: | v1 peer and cookies match on #2, provided msgid d06d4524 vs 00000000
- Jan 22 20:14:25 elisonniven pluto[8471]: | v1 state object not found
- Jan 22 20:14:25 elisonniven pluto[8471]: | ICOOKIE: 3c 2d 3b 1e 5c 83 8d 92
- Jan 22 20:14:25 elisonniven pluto[8471]: | RCOOKIE: c2 63 eb 86 90 b0 57 46
- Jan 22 20:14:25 elisonniven pluto[8471]: | state hash entry 27
- Jan 22 20:14:25 elisonniven pluto[8471]: | v1 peer and cookies match on #2, provided msgid 00000000 vs 00000000
- Jan 22 20:14:25 elisonniven pluto[8471]: | v1 state object #2 found, in STATE_AGGR_R1
- Jan 22 20:14:25 elisonniven pluto[8471]: | processing connection jun
- Jan 22 20:14:25 elisonniven pluto[8471]: "jun" #2: Quick Mode message is unacceptable because it is for an incomplete ISAKMP SA
- Jan 22 20:14:25 elisonniven pluto[8471]: | payload malformed after IV
- Jan 22 20:14:25 elisonniven pluto[8471]: | de 49 0d ec 4c 27 57 e8 de 64 e8 7a f9 f5 bf 55
- Jan 22 20:14:25 elisonniven pluto[8471]: | 0e 65 f2 44
- Jan 22 20:14:25 elisonniven pluto[8471]: "jun" #2: sending notification PAYLOAD_MALFORMED to 10.103.2.75:500
- Jan 22 20:14:25 elisonniven pluto[8471]: | sending 40 bytes for notification packet through p18p1:500 to 10.103.2.75:500 (using #2)
- Jan 22 20:14:25 elisonniven pluto[8471]: | * processed 0 messages from cryptographic helpers
- Jan 22 20:14:25 elisonniven pluto[8471]: | next event EVENT_RETRANSMIT in 6 seconds for #2
- Jan 22 20:14:25 elisonniven pluto[8471]: | next event EVENT_RETRANSMIT in 6 seconds for #2
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement