API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 5th, 2015
244
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.89 KB | None | 0 0
raw download clone embed print report
  1. Plutorun started on Mon Jan 5 22:09:57 YEKT 2015
  2. adjusting ipsec.d to /etc/ipsec.d
  3. Starting Pluto (Openswan Version 2.6.37; Vendor ID OEu\134d\134jy\134\134ap) pid:13709
  4. LEAK_DETECTIVE support [disabled]
  5. OCF support for IKE [disabled]
  6. SAref support [disabled]: Protocol not available
  7. SAbind support [disabled]: Protocol not available
  8. NSS support [disabled]
  9. HAVE_STATSD notification support not compiled in
  10. Setting NAT-Traversal port-4500 floating to on
  11. port floating activation criteria nat_t=1/port_float=1
  12. NAT-Traversal support [enabled]
  13. using /dev/urandom as source of random entropy
  14. ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
  15. starting up 1 cryptographic helpers
  16. using /dev/urandom as source of random entropy
  17. started helper pid=13715 (fd:4)
  18. Using Linux 2.6 IPsec interface code on 3.2.0-4-amd64 (experimental code)
  19. ike_alg_register_enc(): Activating aes_ccm_8: Ok (ret=0)
  20. ike_alg_add(): ERROR: Algorithm already exists
  21. ike_alg_register_enc(): Activating aes_ccm_12: FAILED (ret=-17)
  22. ike_alg_add(): ERROR: Algorithm already exists
  23. ike_alg_register_enc(): Activating aes_ccm_16: FAILED (ret=-17)
  24. ike_alg_add(): ERROR: Algorithm already exists
  25. ike_alg_register_enc(): Activating aes_gcm_8: FAILED (ret=-17)
  26. ike_alg_add(): ERROR: Algorithm already exists
  27. ike_alg_register_enc(): Activating aes_gcm_12: FAILED (ret=-17)
  28. ike_alg_add(): ERROR: Algorithm already exists
  29. ike_alg_register_enc(): Activating aes_gcm_16: FAILED (ret=-17)
  30. Changed path to directory '/etc/ipsec.d/cacerts'
  31. Changed path to directory '/etc/ipsec.d/aacerts'
  32. Changed path to directory '/etc/ipsec.d/ocspcerts'
  33. Changing to directory '/etc/ipsec.d/crls'
  34. Warning: empty directory
  35. added connection description "L2TP-PSK-NAT"
  36. added connection description "L2TP-PSK-noNAT"
  37. added connection description "passthrough-for-non-l2tp"
  38. listening for IKE messages
  39. adding interface eth0/eth0 192.168.0.103:500
  40. adding interface eth0/eth0 192.168.0.103:4500
  41. adding interface lo/lo 127.0.0.1:500
  42. adding interface lo/lo 127.0.0.1:4500
  43. adding interface lo/lo ::1:500
  44. loading secrets from "/etc/ipsec.secrets"
  45. loading secrets from "/var/lib/openswan/ipsec.secrets.inc"
  46. packet from 192.168.0.102:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
  47. packet from 192.168.0.102:500: received Vendor ID payload [RFC 3947] method set to=109
  48. packet from 192.168.0.102:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
  49. packet from 192.168.0.102:500: ignoring Vendor ID payload [FRAGMENTATION]
  50. packet from 192.168.0.102:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
  51. packet from 192.168.0.102:500: ignoring Vendor ID payload [Vid-Initial-Contact]
  52. packet from 192.168.0.102:500: ignoring Vendor ID payload [IKE CGA version 1]
  53. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: responding to Main Mode from unknown peer 192.168.0.102
  54. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: OAKLEY_GROUP 20 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
  55. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: OAKLEY_GROUP 19 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
  56. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
  57. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: STATE_MAIN_R1: sent MR1, expecting MI2
  58. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
  59. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
  60. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: STATE_MAIN_R2: sent MR2, expecting MI3
  61. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: Main mode peer ID is ID_IPV4_ADDR: '192.168.0.102'
  62. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
  63. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp2048}
  64. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: the peer proposed: 192.168.0.103/32:17/1701 -> 192.168.0.102/32:17/0
  65. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: peer proposal was reject in a virtual connection policy because:
  66. "L2TP-PSK-NAT"[1] 192.168.0.102 #1: a private network virtual IP was required, but the proposed IP did not match our list (virtual_private=)
  67. "L2TP-PSK-noNAT"[1] 192.168.0.102 #2: responding to Quick Mode proposal {msgid:01000000}
  68. "L2TP-PSK-noNAT"[1] 192.168.0.102 #2: us: 192.168.0.103<192.168.0.103>[+S=C]:17/1701
  69. "L2TP-PSK-noNAT"[1] 192.168.0.102 #2: them: 192.168.0.102[+S=C]:17/1701
  70. "L2TP-PSK-noNAT"[1] 192.168.0.102 #2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
  71. "L2TP-PSK-noNAT"[1] 192.168.0.102 #2: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
  72. "L2TP-PSK-noNAT"[1] 192.168.0.102 #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
  73. "L2TP-PSK-noNAT"[1] 192.168.0.102 #2: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0xc0563554 <0x41a152d1 xfrm=AES_256-HMAC_SHA1 NATOA=none NATD=none DPD=none}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!