gateway.helios.lanThu Aug 26 17:09:25 CEST 2010+ _________________________ v

1. gateway.helios.lan
2. Thu Aug 26 17:09:25 CEST 2010
3. + _________________________ version
4. + ipsec --version
5. Linux Openswan U2.6.28/K2.6.18-194.8.1.v5 (netkey)
6. See `ipsec --copyright' for copyright information.
7. + _________________________ /proc/version
8. + cat /proc/version
9. Linux version 2.6.18-194.8.1.v5 (devel@clearos5x.lan) (gcc version 4.1.2 20080704 (Red Hat 4.1.2-48)) #1 SMP Thu Jul 15 01:14:04 EDT 2010
10. + _________________________ /proc/net/ipsec_eroute
11. + test -r /proc/net/ipsec_eroute
12. + _________________________ netstat-rn
13. + netstat -nr
14. + head -n 100
15. Kernel IP routing table
16. Destination Gateway Genmask Flags MSS Window irtt Iface
17. 10.81.9.204 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
18. 10.81.9.203 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
19. 10.97.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
20. 85.145.148.0 0.0.0.0 255.255.252.0 U 0 0 0 eth0
21. 0.0.0.0 85.145.148.1 0.0.0.0 UG 0 0 0 eth0
22. + _________________________ /proc/net/ipsec_spi
23. + test -r /proc/net/ipsec_spi
24. + _________________________ /proc/net/ipsec_spigrp
25. + test -r /proc/net/ipsec_spigrp
26. + _________________________ /proc/net/ipsec_tncfg
27. + test -r /proc/net/ipsec_tncfg
28. + _________________________ /proc/net/pfkey
29. + test -r /proc/net/pfkey
30. + cat /proc/net/pfkey
31. sk RefCnt Rmem Wmem User Inode
32. + _________________________ ip-xfrm-state
33. + ip xfrm state
34. src 85.145.148.106 dst 95.96.10.129
35. proto esp spi 0x428a7ae2 reqid 16409 mode tunnel
36. replay-window 32 flag 20
37. auth hmac(sha1) 0x80355ad1d31366f2d48aec500b31499cc7b13699
38. enc cbc(aes) 0xf826a6f97b576c3f2645afa4f7ed7a6f
39. encap type espinudp sport 4500 dport 4500 addr 0.0.0.0
40. src 85.145.148.106 dst 95.96.10.129
41. proto esp spi 0x21bdff69 reqid 16405 mode tunnel
42. replay-window 32 flag 20
43. auth hmac(sha1) 0x5953d63e870a1dc036bd0d321f1887c54ab4490c
44. enc cbc(aes) 0x8d9df67c3a606bee54dae8da20a270c8
45. encap type espinudp sport 4500 dport 4500 addr 0.0.0.0
46. src 85.145.148.106 dst 95.96.10.129
47. proto esp spi 0xad585a15 reqid 16409 mode tunnel
48. replay-window 32 flag 20
49. auth hmac(sha1) 0x744809d95ffc3caa317c5e8a15f28802556ab3bc
50. enc cbc(aes) 0xaae9e3b4d3614e94d24acde4057e75ae
51. encap type espinudp sport 4500 dport 4500 addr 0.0.0.0
52. src 95.96.10.129 dst 85.145.148.106
53. proto esp spi 0x5b0be685 reqid 16409 mode tunnel
54. replay-window 32 flag 20
55. auth hmac(sha1) 0xa5aedbc37f2f2a3f33686b82d37893d9f86740ab
56. enc cbc(aes) 0x808100be2786db9c1cd291da27e12b7e
57. encap type espinudp sport 4500 dport 4500 addr 0.0.0.0
58. src 95.96.10.129 dst 85.145.148.106
59. proto esp spi 0x099a2dc4 reqid 16405 mode tunnel
60. replay-window 32 flag 20
61. auth hmac(sha1) 0x05962134deeb653c881e2c3b644c493042704ef1
62. enc cbc(aes) 0xec4e63dd515788a2e3e4418c449b20c2
63. encap type espinudp sport 4500 dport 4500 addr 0.0.0.0
64. src 95.96.10.129 dst 85.145.148.106
65. proto esp spi 0xad22afb1 reqid 16409 mode tunnel
66. replay-window 32 flag 20
67. auth hmac(sha1) 0xac919a02df53a5f0376c099de97d6d697380cd08
68. enc cbc(aes) 0x212cce4a983bab0eee881d3a974d5412
69. encap type espinudp sport 4500 dport 4500 addr 0.0.0.0
70. + _________________________ ip-xfrm-policy
71. + ip xfrm policy
72. src 10.81.9.204/32 dst 10.97.10.0/24
73. dir in priority 2336
74. tmpl src 95.96.10.129 dst 85.145.148.106
75. proto esp reqid 16409 mode tunnel
76. src 10.81.9.203/32 dst 10.97.10.0/24
77. dir in priority 2336
78. tmpl src 95.96.10.129 dst 85.145.148.106
79. proto esp reqid 16405 mode tunnel
80. src 10.97.10.0/24 dst 10.81.9.203/32
81. dir out priority 2336
82. tmpl src 85.145.148.106 dst 95.96.10.129
83. proto esp reqid 16405 mode tunnel
84. src 10.97.10.0/24 dst 10.81.9.204/32
85. dir out priority 2336
86. tmpl src 85.145.148.106 dst 95.96.10.129
87. proto esp reqid 16409 mode tunnel
88. src 10.81.9.204/32 dst 10.97.10.0/24
89. dir fwd priority 2336
90. tmpl src 95.96.10.129 dst 85.145.148.106
91. proto esp reqid 16409 mode tunnel
92. src 10.81.9.203/32 dst 10.97.10.0/24
93. dir fwd priority 2336
94. tmpl src 95.96.10.129 dst 85.145.148.106
95. proto esp reqid 16405 mode tunnel
96. src ::/0 dst ::/0
97. dir in priority 0
98. src 0.0.0.0/0 dst 0.0.0.0/0
99. dir in priority 0
100. src 0.0.0.0/0 dst 0.0.0.0/0
101. dir in priority 0
102. src 0.0.0.0/0 dst 0.0.0.0/0
103. dir in priority 0
104. src 0.0.0.0/0 dst 0.0.0.0/0
105. dir in priority 0
106. src 0.0.0.0/0 dst 0.0.0.0/0
107. dir in priority 0
108. src 0.0.0.0/0 dst 0.0.0.0/0
109. dir in priority 0
110. src ::/0 dst ::/0
111. dir out priority 0
112. src 0.0.0.0/0 dst 0.0.0.0/0
113. dir out priority 0
114. src 0.0.0.0/0 dst 0.0.0.0/0
115. dir out priority 0
116. src 0.0.0.0/0 dst 0.0.0.0/0
117. dir out priority 0
118. src 0.0.0.0/0 dst 0.0.0.0/0
119. dir out priority 0
120. src 0.0.0.0/0 dst 0.0.0.0/0
121. dir out priority 0
122. src 0.0.0.0/0 dst 0.0.0.0/0
123. dir out priority 0
124. + _________________________ /proc/crypto
125. + test -r /proc/crypto
126. + cat /proc/crypto
127. name : deflate
128. driver : deflate-generic
129. module : deflate
130. priority : 0
131. type : compression
132.  
133. name : tnepres
134. driver : tnepres-generic
135. module : serpent
136. priority : 0
137. type : cipher
138. blocksize : 16
139. min keysize : 0
140. max keysize : 32
141.  
142. name : serpent
143. driver : serpent-generic
144. module : serpent
145. priority : 0
146. type : cipher
147. blocksize : 16
148. min keysize : 0
149. max keysize : 32
150.  
151. name : blowfish
152. driver : blowfish-generic
153. module : blowfish
154. priority : 0
155. type : cipher
156. blocksize : 8
157. min keysize : 4
158. max keysize : 56
159.  
160. name : twofish
161. driver : twofish-generic
162. module : twofish
163. priority : 0
164. type : cipher
165. blocksize : 16
166. min keysize : 16
167. max keysize : 32
168.  
169. name : md5
170. driver : md5-generic
171. module : md5
172. priority : 0
173. type : digest
174. blocksize : 64
175. digestsize : 16
176.  
177. name : sha256
178. driver : sha256-generic
179. module : sha256
180. priority : 0
181. type : digest
182. blocksize : 64
183. digestsize : 32
184.  
185. name : sha512
186. driver : sha512-generic
187. module : sha512
188. priority : 0
189. type : digest
190. blocksize : 128
191. digestsize : 64
192.  
193. name : sha384
194. driver : sha384-generic
195. module : sha512
196. priority : 0
197. type : digest
198. blocksize : 128
199. digestsize : 48
200.  
201. name : des3_ede
202. driver : des3_ede-generic
203. module : des
204. priority : 0
205. type : cipher
206. blocksize : 8
207. min keysize : 24
208. max keysize : 24
209.  
210. name : des
211. driver : des-generic
212. module : des
213. priority : 0
214. type : cipher
215. blocksize : 8
216. min keysize : 8
217. max keysize : 8
218.  
219. name : aes
220. driver : aes-generic
221. module : aes_generic
222. priority : 100
223. type : cipher
224. blocksize : 16
225. min keysize : 16
226. max keysize : 32
227.  
228. name : aes
229. driver : aes-i586
230. module : aes_i586
231. priority : 200
232. type : cipher
233. blocksize : 16
234. min keysize : 16
235. max keysize : 32
236.  
237. name : arc4
238. driver : arc4-generic
239. module : arc4
240. priority : 0
241. type : cipher
242. blocksize : 1
243. min keysize : 1
244. max keysize : 256
245.  
246. name : crc32c
247. driver : crc32c-generic
248. module : kernel
249. priority : 0
250. type : digest
251. blocksize : 32
252. digestsize : 4
253.  
254. name : sha1
255. driver : sha1-generic
256. module : kernel
257. priority : 0
258. type : digest
259. blocksize : 64
260. digestsize : 20
261.  
262. + __________________________/proc/sys/net/core/xfrm-star
263. /usr/local/libexec/ipsec/barf: line 191: __________________________/proc/sys/net/core/xfrm-star: No such file or directory
264. + for i in '/proc/sys/net/core/xfrm_*'
265. + echo -n '/proc/sys/net/core/xfrm_acq_expires: '
266. /proc/sys/net/core/xfrm_acq_expires: + cat /proc/sys/net/core/xfrm_acq_expires
267. 30
268. + for i in '/proc/sys/net/core/xfrm_*'
269. + echo -n '/proc/sys/net/core/xfrm_aevent_etime: '
270. /proc/sys/net/core/xfrm_aevent_etime: + cat /proc/sys/net/core/xfrm_aevent_etime
271. 10
272. + for i in '/proc/sys/net/core/xfrm_*'
273. + echo -n '/proc/sys/net/core/xfrm_aevent_rseqth: '
274. /proc/sys/net/core/xfrm_aevent_rseqth: + cat /proc/sys/net/core/xfrm_aevent_rseqth
275. 2
276. + for i in '/proc/sys/net/core/xfrm_*'
277. + echo -n '/proc/sys/net/core/xfrm_larval_drop: '
278. /proc/sys/net/core/xfrm_larval_drop: + cat /proc/sys/net/core/xfrm_larval_drop
279. 0
280. + _________________________ /proc/sys/net/ipsec-star
281. + test -d /proc/sys/net/ipsec
282. + _________________________ ipsec/status
283. + ipsec auto --status
284. 000 using kernel interface: netkey
285. 000 interface lo/lo ::1
286. 000 interface lo/lo 127.0.0.1
287. 000 interface lo/lo 127.0.0.1
288. 000 interface eth1/eth1 10.97.10.1
289. 000 interface eth1/eth1 10.97.10.1
290. 000 interface eth0/eth0 85.145.148.106
291. 000 interface eth0/eth0 85.145.148.106
292. 000 %myid = (none)
293. 000 debug none
294. 000
295. 000 virtual_private (%priv):
296. 000 - allowed 3 subnets: 10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12
297. 000 - disallowed 1 subnet: 10.97.10.0/24
298. 000
299. 000 algorithm ESP encrypt: id=2, name=ESP_DES, ivlen=8, keysizemin=64, keysizemax=64
300. 000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=8, keysizemin=192, keysizemax=192
301. 000 algorithm ESP encrypt: id=6, name=ESP_CAST, ivlen=8, keysizemin=40, keysizemax=128
302. 000 algorithm ESP encrypt: id=7, name=ESP_BLOWFISH, ivlen=8, keysizemin=40, keysizemax=448
303. 000 algorithm ESP encrypt: id=11, name=ESP_NULL, ivlen=0, keysizemin=0, keysizemax=0
304. 000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=8, keysizemin=128, keysizemax=256
305. 000 algorithm ESP encrypt: id=13, name=ESP_AES_CTR, ivlen=8, keysizemin=128, keysizemax=256
306. 000 algorithm ESP encrypt: id=14, name=ESP_AES_CCM_A, ivlen=8, keysizemin=128, keysizemax=256
307. 000 algorithm ESP encrypt: id=15, name=ESP_AES_CCM_B, ivlen=8, keysizemin=128, keysizemax=256
308. 000 algorithm ESP encrypt: id=16, name=ESP_AES_CCM_C, ivlen=8, keysizemin=128, keysizemax=256
309. 000 algorithm ESP encrypt: id=18, name=ESP_AES_GCM_A, ivlen=8, keysizemin=128, keysizemax=256
310. 000 algorithm ESP encrypt: id=19, name=ESP_AES_GCM_B, ivlen=8, keysizemin=128, keysizemax=256
311. 000 algorithm ESP encrypt: id=20, name=ESP_AES_GCM_C, ivlen=8, keysizemin=128, keysizemax=256
312. 000 algorithm ESP encrypt: id=252, name=ESP_SERPENT, ivlen=8, keysizemin=128, keysizemax=256
313. 000 algorithm ESP encrypt: id=253, name=ESP_TWOFISH, ivlen=8, keysizemin=128, keysizemax=256
314. 000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128
315. 000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160
316. 000 algorithm ESP auth attr: id=5, name=AUTH_ALGORITHM_HMAC_SHA2_256, keysizemin=256, keysizemax=256
317. 000 algorithm ESP auth attr: id=8, name=AUTH_ALGORITHM_HMAC_RIPEMD, keysizemin=160, keysizemax=160
318. 000 algorithm ESP auth attr: id=9, name=AUTH_ALGORITHM_AES_CBC, keysizemin=128, keysizemax=128
319. 000 algorithm ESP auth attr: id=251, name=(null), keysizemin=0, keysizemax=0
320. 000
321. 000 algorithm IKE encrypt: id=0, name=(null), blocksize=16, keydeflen=131
322. 000 algorithm IKE encrypt: id=3, name=OAKLEY_BLOWFISH_CBC, blocksize=8, keydeflen=128
323. 000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192
324. 000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128
325. 000 algorithm IKE encrypt: id=65004, name=OAKLEY_SERPENT_CBC, blocksize=16, keydeflen=128
326. 000 algorithm IKE encrypt: id=65005, name=OAKLEY_TWOFISH_CBC, blocksize=16, keydeflen=128
327. 000 algorithm IKE encrypt: id=65289, name=OAKLEY_TWOFISH_CBC_SSH, blocksize=16, keydeflen=128
328. 000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16
329. 000 algorithm IKE hash: id=2, name=OAKLEY_SHA1, hashsize=20
330. 000 algorithm IKE hash: id=4, name=OAKLEY_SHA2_256, hashsize=32
331. 000 algorithm IKE hash: id=6, name=OAKLEY_SHA2_512, hashsize=64
332. 000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024
333. 000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536
334. 000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048
335. 000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072
336. 000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096
337. 000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144
338. 000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192
339. 000
340. 000 stats db_ops: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0}
341. 000
342. 000 "LAN": 10.97.10.0/24===85.145.148.106<85.145.148.106>[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Left1024, E=admin@testingcorporation.nl,+S=C]...%virtual[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl,+S=C]===?; unrouted; eroute owner: #0
343. 000 "LAN": myip=10.97.10.1; hisip=unset; mycert=Left1024-cert.pem;
344. 000 "LAN": CAs: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Testing1024, E=admin@testingcorporation.nl'...'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Testing1024, E=admin@testingcorporation.nl'
345. 000 "LAN": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0
346. 000 "LAN": policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEv2ALLOW; prio: 24,32; interface: eth0;
347. 000 "LAN": newest ISAKMP SA: #0; newest IPsec SA: #0;
348. 000 "LAN"[5]: 10.97.10.0/24===85.145.148.106<85.145.148.106>[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Left1024, E=admin@testingcorporation.nl,+S=C]...95.96.10.129[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl,+S=C]===10.81.9.203/32; erouted; eroute owner: #80
349. 000 "LAN"[5]: myip=10.97.10.1; hisip=unset; mycert=Left1024-cert.pem;
350. 000 "LAN"[5]: CAs: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Testing1024, E=admin@testingcorporation.nl'...'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Testing1024, E=admin@testingcorporation.nl'
351. 000 "LAN"[5]: ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0
352. 000 "LAN"[5]: policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEv2ALLOW; prio: 24,32; interface: eth0;
353. 000 "LAN"[5]: newest ISAKMP SA: #101; newest IPsec SA: #80;
354. 000 "LAN"[5]: IKE algorithm newest: AES_CBC_128-SHA1-MODP2048
355. 000 "LAN"[6]: 10.97.10.0/24===85.145.148.106<85.145.148.106>[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Left1024, E=admin@testingcorporation.nl,+S=C]...95.96.10.129[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl,+S=C]===10.81.9.204/32; erouted; eroute owner: #97
356. 000 "LAN"[6]: myip=10.97.10.1; hisip=unset; mycert=Left1024-cert.pem;
357. 000 "LAN"[6]: CAs: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Testing1024, E=admin@testingcorporation.nl'...'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Testing1024, E=admin@testingcorporation.nl'
358. 000 "LAN"[6]: ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0
359. 000 "LAN"[6]: policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEv2ALLOW; prio: 24,32; interface: eth0;
360. 000 "LAN"[6]: newest ISAKMP SA: #102; newest IPsec SA: #97;
361. 000 "LAN"[6]: IKE algorithm newest: AES_CBC_128-SHA1-MODP2048
362. 000
363. 000 #80: "LAN"[5] 95.96.10.129:4500 STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 7913s; newest IPSEC; eroute owner; isakmp#77; idle; import:not set
364. 000 #80: "LAN"[5] 95.96.10.129 esp.21bdff69@95.96.10.129 esp.99a2dc4@85.145.148.106 tun.0@95.96.10.129 tun.0@85.145.148.106 ref=0 refhim=4294901761
365. 000 #101: "LAN"[5] 95.96.10.129:4500 STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 2324s; newest ISAKMP; lastdpd=-1s(seq in:0 out:0); idle; import:not set
366. 000 #97: "LAN"[6] 95.96.10.129:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 21445s; newest IPSEC; eroute owner; isakmp#96; idle; import:not set
367. 000 #97: "LAN"[6] 95.96.10.129 esp.428a7ae2@95.96.10.129 esp.5b0be685@85.145.148.106 tun.0@95.96.10.129 tun.0@85.145.148.106 ref=0 refhim=4294901761
368. 000 #79: "LAN"[6] 95.96.10.129:4500 STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 8264s; isakmp#78; idle; import:not set
369. 000 #79: "LAN"[6] 95.96.10.129 esp.ad585a15@95.96.10.129 esp.ad22afb1@85.145.148.106 tun.0@95.96.10.129 tun.0@85.145.148.106 ref=0 refhim=4294901761
370. 000 #103: "LAN"[6] 95.96.10.129:4500 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 2957s; lastdpd=-1s(seq in:0 out:0); idle; import:not set
371. 000 #102: "LAN"[6] 95.96.10.129:4500 STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 2419s; newest ISAKMP; lastdpd=-1s(seq in:0 out:0); idle; import:not set
372. 000
373. + _________________________ ifconfig-a
374. + ifconfig -a
375. eth0 Link encap:Ethernet HWaddr 00:04:75:E5:5B:18
376. inet addr:85.145.148.106 Bcast:85.145.151.255 Mask:255.255.252.0
377. inet6 addr: fe80::204:75ff:fee5:5b18/64 Scope:Link
378. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
379. RX packets:481065 errors:0 dropped:0 overruns:0 frame:0
380. TX packets:466750 errors:0 dropped:0 overruns:0 carrier:0
381. collisions:0 txqueuelen:1000
382. RX bytes:410535641 (391.5 MiB) TX bytes:78958682 (75.3 MiB)
383. Interrupt:201 Base address:0x6000
384.  
385. eth1 Link encap:Ethernet HWaddr 00:0C:6E:3E:22:A9
386. inet addr:10.97.10.1 Bcast:10.97.10.255 Mask:255.255.255.0
387. inet6 addr: fe80::20c:6eff:fe3e:22a9/64 Scope:Link
388. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
389. RX packets:478536 errors:0 dropped:0 overruns:0 frame:0
390. TX packets:445295 errors:0 dropped:0 overruns:0 carrier:0
391. collisions:0 txqueuelen:1000
392. RX bytes:80839662 (77.0 MiB) TX bytes:335371910 (319.8 MiB)
393. Interrupt:201 Base address:0x9800
394.  
395. imq0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
396. NOARP MTU:16000 Metric:1
397. RX packets:0 errors:0 dropped:0 overruns:0 frame:0
398. TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
399. collisions:0 txqueuelen:11000
400. RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
401.  
402. imq1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
403. NOARP MTU:16000 Metric:1
404. RX packets:0 errors:0 dropped:0 overruns:0 frame:0
405. TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
406. collisions:0 txqueuelen:11000
407. RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
408.  
409. lo Link encap:Local Loopback
410. inet addr:127.0.0.1 Mask:255.0.0.0
411. inet6 addr: ::1/128 Scope:Host
412. UP LOOPBACK RUNNING MTU:16436 Metric:1
413. RX packets:5606 errors:0 dropped:0 overruns:0 frame:0
414. TX packets:5606 errors:0 dropped:0 overruns:0 carrier:0
415. collisions:0 txqueuelen:0
416. RX bytes:2629695 (2.5 MiB) TX bytes:2629695 (2.5 MiB)
417.  
418. sit0 Link encap:IPv6-in-IPv4
419. NOARP MTU:1480 Metric:1
420. RX packets:0 errors:0 dropped:0 overruns:0 frame:0
421. TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
422. collisions:0 txqueuelen:0
423. RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
424.  
425. + _________________________ ip-addr-list
426. + ip addr list
427. 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
428. link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
429. inet 127.0.0.1/8 scope host lo
430. inet6 ::1/128 scope host
431. valid_lft forever preferred_lft forever
432. 2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
433. link/ether 00:0c:6e:3e:22:a9 brd ff:ff:ff:ff:ff:ff
434. inet 10.97.10.1/24 brd 10.97.10.255 scope global eth1
435. inet6 fe80::20c:6eff:fe3e:22a9/64 scope link
436. valid_lft forever preferred_lft forever
437. 3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
438. link/ether 00:04:75:e5:5b:18 brd ff:ff:ff:ff:ff:ff
439. inet 85.145.148.106/22 brd 85.145.151.255 scope global eth0
440. inet6 fe80::204:75ff:fee5:5b18/64 scope link
441. valid_lft forever preferred_lft forever
442. 4: imq0: <NOARP> mtu 16000 qdisc noop qlen 11000
443. link/void
444. 5: imq1: <NOARP> mtu 16000 qdisc noop qlen 11000
445. link/void
446. 6: sit0: <NOARP> mtu 1480 qdisc noop
447. link/sit 0.0.0.0 brd 0.0.0.0
448. + _________________________ ip-route-list
449. + ip route list
450. 10.81.9.204 dev eth0 scope link src 10.97.10.1
451. 10.81.9.203 dev eth0 scope link src 10.97.10.1
452. 10.97.10.0/24 dev eth1 proto kernel scope link src 10.97.10.1
453. 85.145.148.0/22 dev eth0 proto kernel scope link src 85.145.148.106
454. default via 85.145.148.1 dev eth0
455. + _________________________ ip-rule-list
456. + ip rule list
457. 0: from all lookup 255
458. 32766: from all lookup main
459. 32767: from all lookup default
460. + _________________________ ipsec_verify
461. + ipsec verify --nocolour
462. Checking your system to see if IPsec got installed and started correctly:
463. Version check and ipsec on-path [OK]
464. Linux Openswan U2.6.28/K2.6.18-194.8.1.v5 (netkey)
465. Checking for IPsec support in kernel [OK]
466. NETKEY detected, testing for disabled ICMP send_redirects [OK]
467. NETKEY detected, testing for disabled ICMP accept_redirects [OK]
468. Checking that pluto is running [OK]
469. Pluto listening for IKE on udp 500 [OK]
470. Pluto listening for NAT-T on udp 4500 [OK]
471. Two or more interfaces found, checking IP forwarding [OK]
472. Checking NAT and MASQUERADEing
473. Checking for 'ip' command [OK]
474. Checking for 'iptables' command [OK]
475. Opportunistic Encryption Support [DISABLED]
476. + _________________________ mii-tool
477. + '[' -x /sbin/mii-tool ']'
478. + /sbin/mii-tool -v
479. eth0: negotiated 100baseTx-FD flow-control, link ok
480. product info: vendor 00:10:5a, model 0 rev 0
481. basic mode: autonegotiation enabled
482. basic status: autonegotiation complete, link ok
483. capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
484. advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
485. link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
486. eth1: negotiated 100baseTx-FD, link ok
487. product info: vendor 00:00:20, model 32 rev 1
488. basic mode: autonegotiation enabled
489. basic status: autonegotiation complete, link ok
490. capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
491. advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
492. link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
493. + _________________________ ipsec/directory
494. + ipsec --directory
495. /usr/local/lib/ipsec
496. + _________________________ hostname/fqdn
497. + hostname --fqdn
498. gateway.helios.lan
499. + _________________________ hostname/ipaddress
500. + hostname --ip-address
501. 10.97.10.1
502. + _________________________ uptime
503. + uptime
504. 17:09:25 up 1 day, 4:03, 3 users, load average: 0.00, 0.06, 0.05
505. + _________________________ ps
506. + ps alxwf
507. + egrep -i 'ppid|pluto|ipsec|klips'
508. F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND
509. 0 0 3467 29365 24 0 4572 1220 wait S+ pts/0 0:00 | \_ /bin/sh /usr/local/libexec/ipsec/barf
510. 0 0 3551 3467 25 0 432 144 - R+ pts/0 0:00 | \_ egrep -i ppid|pluto|ipsec|klips
511. 1 0 19909 1 24 0 2488 416 wait S ? 0:00 /bin/sh /usr/local/lib/ipsec/_plutorun --debug --uniqueids yes --force_busy no --nocrsend no --strictcrlpolicy no --nat_traversal yes --keep_alive --protostack netkey --force_keepalive no --disable_port_floating no --virtual_private %v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%4:!10.97.10.0/24 --crlcheckinterval 0 --ocspuri --nhelpers --dump --opts --stderrlog --wait no --pre --post --log daemon.error --plutorestartoncrash true --pid /var/run/pluto/pluto.pid
512. 1 0 19910 19909 24 0 2488 640 wait S ? 0:00 \_ /bin/sh /usr/local/lib/ipsec/_plutorun --debug --uniqueids yes --force_busy no --nocrsend no --strictcrlpolicy no --nat_traversal yes --keep_alive --protostack netkey --force_keepalive no --disable_port_floating no --virtual_private %v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%4:!10.97.10.0/24 --crlcheckinterval 0 --ocspuri --nhelpers --dump --opts --stderrlog --wait no --pre --post --log daemon.error --plutorestartoncrash true --pid /var/run/pluto/pluto.pid
513. 4 0 19911 19910 15 0 3436 1840 - S ? 0:00 | \_ /usr/local/libexec/ipsec/pluto --nofork --secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec.d --use-netkey --uniqueids --nat_traversal --virtual_private %v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%4:!10.97.10.0/24
514. 1 0 19917 19911 32 10 3372 764 - SN ? 0:00 | \_ pluto helper # 0
515. 0 0 19930 19911 25 0 1680 284 - S ? 0:00 | \_ _pluto_adns
516. 0 0 19912 19909 24 0 2488 1036 pipe_w S ? 0:00 \_ /bin/sh /usr/local/lib/ipsec/_plutoload --wait no --post
517. 0 0 19914 1 23 0 1736 528 pipe_w S ? 0:00 logger -s -p daemon.error -t ipsec__plutorun
518. + _________________________ ipsec/showdefaults
519. + ipsec showdefaults
520. routephys=eth0
521. routevirt=none
522. routeaddr=85.145.148.106
523. routenexthop=85.145.148.1
524. + _________________________ ipsec/conf
525. + ipsec _include /etc/ipsec.conf
526. + ipsec _keycensor
527.  
528. #< /etc/ipsec.conf 1
529. # /etc/ipsec.conf - Openswan IPsec configuration file
530.  
531. # This file: /usr/local/share/doc/openswan/ipsec.conf-sample
532. #
533. # Manual: ipsec.conf.5
534.  
535.  
536. version 2.0 # conforms to second version of ipsec.conf specification
537.  
538. # basic configuration
539. config setup
540. # Do not set debug options to debug configuration issues!
541. # plutodebug / klipsdebug = "all", "none" or a combation from below:
542. # "raw crypt parsing emitting control klips pfkey natt x509 dpd private"
543. # eg:
544. # plutodebug="control parsing"
545. #
546. # enable to get logs per-peer
547. # plutoopts="--perpeerlog"
548. #
549. # Again: only enable plutodebug or klipsdebug when asked by a developer
550. #
551. # NAT-TRAVERSAL support, see README.NAT-Traversal
552. nat_traversal=yes
553. # exclude networks used on server side by adding %v4:!a.b.c.0/24
554. virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%4:!10.97.10.0/24
555. # OE is now off by default. Uncomment and change to on, to enable.
556. oe=off
557. # which IPsec stack to use. auto will try netkey, then klips then mast
558. protostack=netkey
559.  
560. # Add connections here
561.  
562. # sample VPN connection
563. # for more examples, see /etc/ipsec.d/examples/
564. #conn sample
565. # # Left security gateway, subnet behind it, nexthop toward right.
566. # left=10.0.0.1
567. # leftsubnet=172.16.0.0/24
568. # leftnexthop=10.22.33.44
569. # # Right security gateway, subnet behind it, nexthop toward left.
570. # right=10.12.12.1
571. # rightsubnet=192.168.0.0/24
572. # rightnexthop=10.101.102.103
573. # # To authorize this connection, but not actually start it,
574. # # at startup, uncomment this.
575. # #auto=add
576. conn LAN
577. left=85.145.148.106
578. leftsourceip=10.97.10.1
579. leftsubnet=10.97.10.0/24
580. leftrsasigkey=%cert
581. leftcert="Left1024-cert.pem"
582. leftid="/C=NL/ST=Utrecht/L=Utrecht/O=Testing Corporation/OU=Research and Development/CN=Left1024/emailAddress=admin@testingcorporation.nl"
583. right=%any
584. rightsubnet=vhost:%priv,%no
585. rightrsasigkey=%cert
586. rightid="/C=NL/ST=Utrecht/L=Utrecht/O=Testing Corporation/OU=Research and Development/CN=Right1024/emailAddress=admin@testingcorporation.nl"
587. rightca=%same
588. auto=add
589.  
590. + _________________________ ipsec/secrets
591. + ipsec _include /etc/ipsec.secrets
592. + ipsec _secretcensor
593.  
594. #< /etc/ipsec.secrets 1
595. : RSA /etc/ipsec.d/private/Left1024-key.pem "[sums to 2867...]"
596. + _________________________ ipsec/listall
597. + ipsec auto --listall
598. 000
599. 000 List of Public Keys:
600. 000
601. 000 Aug 26 17:03:46 2010, 1024 RSA Key AwEAAcuUr (no private key), until Aug 21 23:40:19 2011 ok
602. 000 ID_USER_FQDN 'admin@testingcorporation.nl'
603. 000 Issuer 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Testing1024, E=admin@testingcorporation.nl'
604. 000 Aug 26 17:03:46 2010, 1024 RSA Key AwEAAcuUr (no private key), until Aug 21 23:40:19 2011 ok
605. 000 ID_DER_ASN1_DN 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
606. 000 Issuer 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Testing1024, E=admin@testingcorporation.nl'
607. 000 Aug 25 13:46:45 2010, 1024 RSA Key AwEAAac0u (has private key), until Aug 21 23:39:52 2011 ok
608. 000 ID_DER_ASN1_DN 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Left1024, E=admin@testingcorporation.nl'
609. 000 Issuer 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Testing1024, E=admin@testingcorporation.nl'
610. 000 List of Pre-shared secrets (from /etc/ipsec.secrets)
611. 000 1: RSA (none) (none)
612. 000
613. 000 List of X.509 End Certificates:
614. 000
615. 000 Aug 25 13:46:45 2010, count: 3
616. 000 subject: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Left1024, E=admin@testingcorporation.nl'
617. 000 issuer: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Testing1024, E=admin@testingcorporation.nl'
618. 000 serial: 01
619. 000 pubkey: 1024 RSA Key AwEAAac0u, has private key
620. 000 validity: not before Aug 21 23:39:52 2010 ok
621. 000 not after Aug 21 23:39:52 2011 ok
622. 000 subjkey: b6:31:11:23:ce:2e:44:da:37:b6:ad:28:db:29:76:5f:f9:99:3e:d3
623. 000 authkey: 9a:fb:f6:09:95:a1:9f:9a:63:b6:be:c5:76:bc:65:8b:92:94:cb:9d
624. 000 aserial: 00:b2:89:a7:f2:67:f8:fd:55
625. 000
626. 000 List of X.509 CA Certificates:
627. 000
628. 000 Aug 25 13:46:44 2010, count: 1
629. 000 subject: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Testing1024, E=admin@testingcorporation.nl'
630. 000 issuer: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Testing1024, E=admin@testingcorporation.nl'
631. 000 serial: 00:b2:89:a7:f2:67:f8:fd:55
632. 000 pubkey: 1024 RSA Key AwEAAeKdH
633. 000 validity: not before Aug 21 23:39:28 2010 ok
634. 000 not after Aug 18 23:39:28 2020 ok
635. 000 subjkey: 9a:fb:f6:09:95:a1:9f:9a:63:b6:be:c5:76:bc:65:8b:92:94:cb:9d
636. 000 authkey: 9a:fb:f6:09:95:a1:9f:9a:63:b6:be:c5:76:bc:65:8b:92:94:cb:9d
637. 000 aserial: 00:b2:89:a7:f2:67:f8:fd:55
638. 000
639. 000 List of X.509 CRLs:
640. 000
641. 000 Aug 25 13:46:44 2010, revoked certs: 0
642. 000 issuer: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Testing1024, E=admin@testingcorporation.nl'
643. 000 updates: this Aug 21 23:42:15 2010
644. 000 next Sep 20 23:42:15 2010 ok
645. + '[' /etc/ipsec.d/policies ']'
646. + for policy in '$POLICIES/*'
647. ++ basename /etc/ipsec.d/policies/block
648. + base=block
649. + _________________________ ipsec/policies/block
650. + cat /etc/ipsec.d/policies/block
651. # This file defines the set of CIDRs (network/mask-length) to which
652. # communication should never be allowed.
653. #
654. # See /usr/share/doc/openswan/policygroups.html for details.
655. #
656. # $Id: block.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
657. #
658.  
659. + for policy in '$POLICIES/*'
660. ++ basename /etc/ipsec.d/policies/clear
661. + base=clear
662. + _________________________ ipsec/policies/clear
663. + cat /etc/ipsec.d/policies/clear
664. # This file defines the set of CIDRs (network/mask-length) to which
665. # communication should always be in the clear.
666. #
667. # See /usr/share/doc/openswan/policygroups.html for details.
668. #
669.  
670. # root name servers should be in the clear
671. 192.58.128.30/32
672. 198.41.0.4/32
673. 192.228.79.201/32
674. 192.33.4.12/32
675. 128.8.10.90/32
676. 192.203.230.10/32
677. 192.5.5.241/32
678. 192.112.36.4/32
679. 128.63.2.53/32
680. 192.36.148.17/32
681. 193.0.14.129/32
682. 199.7.83.42/32
683. 202.12.27.33/32
684. + for policy in '$POLICIES/*'
685. ++ basename /etc/ipsec.d/policies/clear-or-private
686. + base=clear-or-private
687. + _________________________ ipsec/policies/clear-or-private
688. + cat /etc/ipsec.d/policies/clear-or-private
689. # This file defines the set of CIDRs (network/mask-length) to which
690. # we will communicate in the clear, or, if the other side initiates IPSEC,
691. # using encryption. This behaviour is also called "Opportunistic Responder".
692. #
693. # See /usr/share/doc/openswan/policygroups.html for details.
694. #
695. # $Id: clear-or-private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
696. #
697. + for policy in '$POLICIES/*'
698. ++ basename /etc/ipsec.d/policies/private
699. + base=private
700. + _________________________ ipsec/policies/private
701. + cat /etc/ipsec.d/policies/private
702. # This file defines the set of CIDRs (network/mask-length) to which
703. # communication should always be private (i.e. encrypted).
704. # See /usr/share/doc/openswan/policygroups.html for details.
705. #
706. # $Id: private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $
707. #
708. + for policy in '$POLICIES/*'
709. ++ basename /etc/ipsec.d/policies/private-or-clear
710. + base=private-or-clear
711. + _________________________ ipsec/policies/private-or-clear
712. + cat /etc/ipsec.d/policies/private-or-clear
713. # This file defines the set of CIDRs (network/mask-length) to which
714. # communication should be private, if possible, but in the clear otherwise.
715. #
716. # If the target has a TXT (later IPSECKEY) record that specifies
717. # authentication material, we will require private (i.e. encrypted)
718. # communications. If no such record is found, communications will be
719. # in the clear.
720. #
721. # See /usr/share/doc/openswan/policygroups.html for details.
722. #
723. # $Id: private-or-clear.in,v 1.5 2003/02/17 02:22:15 mcr Exp $
724. #
725.  
726. 0.0.0.0/0
727. + _________________________ ipsec/ls-libdir
728. + ls -l /usr/local/lib/ipsec
729. total 128
730. -rwxr-xr-x 1 root root 12196 Aug 25 13:38 _copyright
731. -rwxr-xr-x 1 root root 2379 Aug 25 13:38 _include
732. -rwxr-xr-x 1 root root 1475 Aug 25 13:38 _keycensor
733. -rwxr-xr-x 1 root root 2632 Aug 25 13:38 _plutoload
734. -rwxr-xr-x 1 root root 8221 Aug 25 13:38 _plutorun
735. -rwxr-xr-x 1 root root 12951 Aug 25 13:38 _realsetup
736. -rwxr-xr-x 1 root root 1975 Aug 25 13:38 _secretcensor
737. -rwxr-xr-x 1 root root 9314 Aug 25 13:38 _startklips
738. -rwxr-xr-x 1 root root 6042 Aug 25 13:38 _startnetkey
739. -rwxr-xr-x 1 root root 4886 Aug 25 13:38 _updown
740. -rwxr-xr-x 1 root root 16182 Aug 25 13:38 _updown.klips
741. -rwxr-xr-x 1 root root 15372 Aug 25 13:38 _updown.mast
742. -rwxr-xr-x 1 root root 11551 Aug 25 13:38 _updown.netkey
743. + _________________________ ipsec/ls-execdir
744. + ls -l /usr/local/libexec/ipsec
745. total 4960
746. -rwxr-xr-x 1 root root 21910 Aug 25 13:38 _pluto_adns
747. -rwxr-xr-x 1 root root 387796 Aug 25 13:38 addconn
748. -rwxr-xr-x 1 root root 6015 Aug 25 13:38 auto
749. -rwxr-xr-x 1 root root 10828 Aug 25 13:38 barf
750. -rwxr-xr-x 1 root root 175646 Aug 25 13:38 eroute
751. -rwxr-xr-x 1 root root 48916 Aug 25 13:38 ikeping
752. -rwxr-xr-x 1 root root 115332 Aug 25 13:38 klipsdebug
753. -rwxr-xr-x 1 root root 2591 Aug 25 13:38 look
754. -rwxr-xr-x 1 root root 2182 Aug 25 13:38 newhostkey
755. -rwxr-xr-x 1 root root 105844 Aug 25 13:38 pf_key
756. -rwxr-xr-x 1 root root 2816403 Aug 25 13:38 pluto
757. -rwxr-xr-x 1 root root 16799 Aug 25 13:38 ranbits
758. -rwxr-xr-x 1 root root 37046 Aug 25 13:38 rsasigkey
759. -rwxr-xr-x 1 root root 766 Aug 25 13:38 secrets
760. lrwxrwxrwx 1 root root 22 Aug 25 13:38 setup -> /etc/rc.d/init.d/ipsec
761. -rwxr-xr-x 1 root root 1054 Aug 25 13:38 showdefaults
762. -rwxr-xr-x 1 root root 483277 Aug 25 13:38 showhostkey
763. -rwxr-xr-x 1 root root 63622 Aug 25 13:38 showpolicy
764. -rwxr-xr-x 1 root root 291460 Aug 25 13:38 spi
765. -rwxr-xr-x 1 root root 151281 Aug 25 13:38 spigrp
766. -rwxr-xr-x 1 root root 126834 Aug 25 13:38 tncfg
767. -rwxr-xr-x 1 root root 13452 Aug 25 13:38 verify
768. -rwxr-xr-x 1 root root 112726 Aug 25 13:38 whack
769. + _________________________ /proc/net/dev
770. + cat /proc/net/dev
771. Inter-| Receive | Transmit
772. face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
773. lo: 2629695 5606 0 0 0 0 0 0 2629695 5606 0 0 0 0 0 0
774. eth1:80839662 478536 0 0 0 0 0 0 335372024 445296 0 0 0 0 0 0
775. eth0:410535953 481068 0 0 0 0 0 0 78958856 466752 0 0 0 0 0 0
776. imq0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
777. imq1: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
778. sit0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
779. + _________________________ /proc/net/route
780. + cat /proc/net/route
781. Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT
782. eth0 CC09510A 00000000 0005 0 0 0 FFFFFFFF 0 0 0
783. eth0 CB09510A 00000000 0005 0 0 0 FFFFFFFF 0 0 0
784. eth1 000A610A 00000000 0001 0 0 0 00FFFFFF 0 0 0
785. eth0 00949155 00000000 0001 0 0 0 00FCFFFF 0 0 0
786. eth0 00000000 01949155 0003 0 0 0 00000000 0 0 0
787. + _________________________ /proc/sys/net/ipv4/ip_no_pmtu_disc
788. + cat /proc/sys/net/ipv4/ip_no_pmtu_disc
789. 0
790. + _________________________ /proc/sys/net/ipv4/ip_forward
791. + cat /proc/sys/net/ipv4/ip_forward
792. 1
793. + _________________________ /proc/sys/net/ipv4/tcp_ecn
794. + cat /proc/sys/net/ipv4/tcp_ecn
795. 0
796. + _________________________ /proc/sys/net/ipv4/conf/star-rp_filter
797. + cd /proc/sys/net/ipv4/conf
798. + egrep '^' all/rp_filter default/rp_filter eth0/rp_filter eth1/rp_filter lo/rp_filter
799. all/rp_filter:0
800. default/rp_filter:1
801. eth0/rp_filter:1
802. eth1/rp_filter:1
803. lo/rp_filter:0
804. + _________________________ /proc/sys/net/ipv4/conf/star-star-redirects
805. + cd /proc/sys/net/ipv4/conf
806. + egrep '^' all/accept_redirects all/secure_redirects all/send_redirects default/accept_redirects default/secure_redirects default/send_redirects eth0/accept_redirects eth0/secure_redirects eth0/send_redirects eth1/accept_redirects eth1/secure_redirects eth1/send_redirects lo/accept_redirects lo/secure_redirects lo/send_redirects
807. all/accept_redirects:0
808. all/secure_redirects:0
809. all/send_redirects:0
810. default/accept_redirects:0
811. default/secure_redirects:0
812. default/send_redirects:0
813. eth0/accept_redirects:0
814. eth0/secure_redirects:0
815. eth0/send_redirects:0
816. eth1/accept_redirects:0
817. eth1/secure_redirects:0
818. eth1/send_redirects:0
819. lo/accept_redirects:0
820. lo/secure_redirects:0
821. lo/send_redirects:0
822. + _________________________ /proc/sys/net/ipv4/tcp_window_scaling
823. + cat /proc/sys/net/ipv4/tcp_window_scaling
824. 1
825. + _________________________ /proc/sys/net/ipv4/tcp_adv_win_scale
826. + cat /proc/sys/net/ipv4/tcp_adv_win_scale
827. 2
828. + _________________________ uname-a
829. + uname -a
830. Linux gateway.helios.lan 2.6.18-194.8.1.v5 #1 SMP Thu Jul 15 01:14:04 EDT 2010 i686 i686 i386 GNU/Linux
831. + _________________________ config-built-with
832. + test -r /proc/config_built_with
833. + _________________________ distro-release
834. + for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
835. + test -f /etc/redhat-release
836. + cat /etc/redhat-release
837. CentOS release 5.4 (Final)
838. + for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
839. + test -f /etc/debian-release
840. + for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
841. + test -f /etc/SuSE-release
842. + for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
843. + test -f /etc/mandrake-release
844. + for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
845. + test -f /etc/mandriva-release
846. + for distro in /etc/redhat-release /etc/debian-release /etc/SuSE-release /etc/mandrake-release /etc/mandriva-release /etc/gentoo-release
847. + test -f /etc/gentoo-release
848. + _________________________ /proc/net/ipsec_version
849. + test -r /proc/net/ipsec_version
850. + test -r /proc/net/pfkey
851. ++ uname -r
852. + echo 'NETKEY (2.6.18-194.8.1.v5) support detected '
853. NETKEY (2.6.18-194.8.1.v5) support detected
854. + _________________________ iptables
855. + test -r /sbin/iptables
856. + iptables -L -v -n
857. Chain INPUT (policy DROP 226 packets, 13483 bytes)
858. pkts bytes target prot opt in out source destination
859. 1 52 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
860. 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x12/0x12 state NEW reject-with tcp-reset
861. 10 2428 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW
862. 0 0 DROP all -- eth0 * 127.0.0.0/8 0.0.0.0/0
863. 0 0 DROP all -- eth0 * 169.254.0.0/16 0.0.0.0/0
864. 76 6144 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
865. 0 0 ACCEPT all -- pptp+ * 0.0.0.0/0 0.0.0.0/0
866. 0 0 ACCEPT all -- tun+ * 0.0.0.0/0 0.0.0.0/0
867. 5985 504K ACCEPT all -- eth1 * 0.0.0.0/0 0.0.0.0/0
868. 157 4553 ACCEPT icmp -- eth0 * 0.0.0.0/0 0.0.0.0/0 icmp type 0
869. 6 576 ACCEPT icmp -- eth0 * 0.0.0.0/0 0.0.0.0/0 icmp type 3
870. 0 0 ACCEPT icmp -- eth0 * 0.0.0.0/0 0.0.0.0/0 icmp type 8
871. 0 0 ACCEPT icmp -- eth0 * 0.0.0.0/0 0.0.0.0/0 icmp type 11
872. 1 328 ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
873. 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp spt:67 dpt:68
874. 821 49232 ACCEPT udp -- * * 0.0.0.0/0 85.145.148.106 udp dpt:4500
875. 0 0 ACCEPT udp -- * * 0.0.0.0/0 85.145.148.106 udp dpt:5000
876. 18 7452 ACCEPT udp -- * * 0.0.0.0/0 85.145.148.106 udp dpt:500
877. 0 0 ACCEPT tcp -- * * 0.0.0.0/0 85.145.148.106 tcp dpt:443
878. 0 0 ACCEPT udp -- * * 0.0.0.0/0 85.145.148.106 udp dpt:443
879. 0 0 ACCEPT udp -- * * 0.0.0.0/0 85.145.148.106 udp spt:500 dpt:500
880. 0 0 ACCEPT esp -- * * 0.0.0.0/0 85.145.148.106
881. 0 0 ACCEPT ah -- * * 0.0.0.0/0 85.145.148.106
882. 0 0 ACCEPT all -- * * 0.0.0.0/0 85.145.148.106 MARK match 0x64
883. 0 0 ACCEPT all -- * * 0.0.0.0/0 10.97.10.1 MARK match 0x64
884. 226 29147 ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp dpts:1024:65535 state RELATED,ESTABLISHED
885. 52 30154 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 state RELATED,ESTABLISHED
886.  
887. Chain FORWARD (policy DROP 0 packets, 0 bytes)
888. pkts bytes target prot opt in out source destination
889. 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 MARK match 0x64
890. 16132 1370K ACCEPT tcp -- * eth1 0.0.0.0/0 10.97.10.102 tcp dpt:22
891. 8 613 ACCEPT tcp -- * eth1 0.0.0.0/0 10.97.10.102 tcp dpt:443
892. 0 0 ACCEPT udp -- * eth1 0.0.0.0/0 10.97.10.102 udp dpt:443
893. 39637 10M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
894. 1825 104K ACCEPT all -- eth1 * 0.0.0.0/0 0.0.0.0/0
895. 0 0 ACCEPT all -- pptp+ * 0.0.0.0/0 0.0.0.0/0
896. 0 0 ACCEPT all -- tun+ * 0.0.0.0/0 0.0.0.0/0
897.  
898. Chain OUTPUT (policy DROP 0 packets, 0 bytes)
899. pkts bytes target prot opt in out source destination
900. 87 8624 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
901. 0 0 ACCEPT all -- * pptp+ 0.0.0.0/0 0.0.0.0/0
902. 0 0 ACCEPT all -- * tun+ 0.0.0.0/0 0.0.0.0/0
903. 4133 597K ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0
904. 162 5367 ACCEPT icmp -- * eth0 0.0.0.0/0 0.0.0.0/0
905. 1 328 ACCEPT udp -- * eth0 0.0.0.0/0 0.0.0.0/0 udp spt:68 dpt:67
906. 0 0 ACCEPT tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 tcp spt:68 dpt:67
907. 32 18640 ACCEPT udp -- * eth0 85.145.148.106 0.0.0.0/0 udp spt:4500
908. 0 0 ACCEPT udp -- * eth0 85.145.148.106 0.0.0.0/0 udp spt:5000
909. 200 121K ACCEPT udp -- * eth0 85.145.148.106 0.0.0.0/0 udp spt:500
910. 0 0 ACCEPT tcp -- * eth0 85.145.148.106 0.0.0.0/0 tcp spt:443
911. 0 0 ACCEPT udp -- * eth0 85.145.148.106 0.0.0.0/0 udp spt:443
912. 0 0 ACCEPT udp -- * eth0 85.145.148.106 0.0.0.0/0 udp spt:500 dpt:500
913. 0 0 ACCEPT esp -- * eth0 85.145.148.106 0.0.0.0/0
914. 0 0 ACCEPT ah -- * eth0 85.145.148.106 0.0.0.0/0
915. 306 23160 ACCEPT all -- * eth0 0.0.0.0/0 0.0.0.0/0
916.  
917. Chain drop-lan (0 references)
918. pkts bytes target prot opt in out source destination
919. 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
920. + _________________________ iptables-nat
921. + iptables -t nat -L -v -n
922. Chain PREROUTING (policy ACCEPT 40907 packets, 3965K bytes)
923. pkts bytes target prot opt in out source destination
924. 22 1320 DNAT tcp -- * * 0.0.0.0/0 85.145.148.106 tcp dpt:22 to:10.97.10.102:22
925. 2 120 DNAT tcp -- * * 0.0.0.0/0 85.145.148.106 tcp dpt:443 to:10.97.10.102:443
926. 0 0 DNAT udp -- * * 0.0.0.0/0 85.145.148.106 udp dpt:443 to:10.97.10.102:443
927.  
928. Chain POSTROUTING (policy ACCEPT 4502 packets, 238K bytes)
929. pkts bytes target prot opt in out source destination
930. 0 0 ACCEPT esp -- * eth0 0.0.0.0/0 0.0.0.0/0
931. 0 0 ACCEPT ah -- * eth0 0.0.0.0/0 0.0.0.0/0
932. 0 0 ACCEPT all -- * tun+ 0.0.0.0/0 0.0.0.0/0
933. 0 0 SNAT tcp -- * * 10.97.10.0/24 10.97.10.102 tcp dpt:22 to:10.97.10.1
934. 0 0 SNAT tcp -- * * 10.97.10.0/24 10.97.10.102 tcp dpt:443 to:10.97.10.1
935. 0 0 SNAT udp -- * * 10.97.10.0/24 10.97.10.102 udp dpt:443 to:10.97.10.1
936. 1034 85183 MASQUERADE all -- * eth0 0.0.0.0/0 0.0.0.0/0
937.  
938. Chain OUTPUT (policy ACCEPT 8808 packets, 1259K bytes)
939. pkts bytes target prot opt in out source destination
940. + _________________________ iptables-mangle
941. + iptables -t mangle -L -v -n
942. Chain PREROUTING (policy ACCEPT 954K packets, 478M bytes)
943. pkts bytes target prot opt in out source destination
944. 0 0 MARK esp -- * * 0.0.0.0/0 0.0.0.0/0 MARK set 0x64
945.  
946. Chain INPUT (policy ACCEPT 117K packets, 88M bytes)
947. pkts bytes target prot opt in out source destination
948.  
949. Chain FORWARD (policy ACCEPT 836K packets, 390M bytes)
950. pkts bytes target prot opt in out source destination
951.  
952. Chain OUTPUT (policy ACCEPT 69968 packets, 12M bytes)
953. pkts bytes target prot opt in out source destination
954.  
955. Chain POSTROUTING (policy ACCEPT 906K packets, 402M bytes)
956. pkts bytes target prot opt in out source destination
957. + _________________________ /proc/modules
958. + test -f /proc/modules
959. + cat /proc/modules
960. xt_mark 5888 3 - Live 0xe0d2c000 (U)
961. xt_MARK 6400 1 - Live 0xe0d26000 (U)
962. krng 6016 1 - Live 0xe0d23000 (U)
963. ansi_cprng 9604 0 - Live 0xe0d1f000 (U)
964. chainiv 9088 6 - Live 0xe0d1b000 (U)
965. rng 7688 3 krng,ansi_cprng,chainiv, Live 0xe0d18000 (U)
966. authenc 10368 6 - Live 0xe0d14000 (U)
967. hmac 8704 6 - Live 0xe0cff000 (U)
968. cryptomgr 7552 0 - Live 0xe0c00000 (U)
969. ah6 10368 0 - Live 0xe0c6c000 (U)
970. ah4 10240 0 - Live 0xe0c63000 (U)
971. esp6 12160 0 - Live 0xe0c5f000 (U)
972. esp4 12288 6 - Live 0xe0c5b000 (U)
973. xfrm4_tunnel 6528 0 - Live 0xe0c53000 (U)
974. xfrm4_mode_tunnel 6784 6 - Live 0xe0c4c000 (U)
975. xfrm4_mode_transport 6016 0 - Live 0xe0c46000 (U)
976. xfrm6_mode_transport 6144 0 - Live 0xe0c43000 (U)
977. xfrm6_mode_tunnel 6656 0 - Live 0xe0c40000 (U)
978. ipcomp 11400 0 - Live 0xe0c3c000 (U)
979. ipcomp6 11912 0 - Live 0xe0c24000 (U)
980. xfrm6_tunnel 11040 1 ipcomp6, Live 0xe0c28000 (U)
981. af_key 40720 0 - Live 0xe0c31000 (U)
982. deflate 7808 0 - Live 0xe0cde000 (U)
983. zlib_deflate 21912 1 deflate, Live 0xe0d0d000 (U)
984. ccm 13440 0 - Live 0xe0ce8000 (U)
985. serpent 29184 0 - Live 0xe0d04000 (U)
986. blowfish 12544 0 - Live 0xe0ce3000 (U)
987. twofish 45952 0 - Live 0xe0cee000 (U)
988. ecb 7552 0 - Live 0xe0cdb000 (U)
989. xcbc 9856 0 - Live 0xe0cd7000 (U)
990. crypto_hash 6272 2 hmac,xcbc, Live 0xe0cd4000 (U)
991. cbc 8192 6 - Live 0xe0cd1000 (U)
992. md5 8064 0 - Live 0xe0cce000 (U)
993. sha256 15232 0 - Live 0xe0c09000 (U)
994. sha512 13056 0 - Live 0xe0c67000 (U)
995. des 20352 0 - Live 0xe0cc8000 (U)
996. aes_generic 31680 0 - Live 0xe0cbf000 (U)
997. aes_i586 36992 6 - Live 0xe0cb4000 (U)
998. xfrm6_esp 9472 1 esp6, Live 0xe0c57000 (U)
999. xfrm4_esp 9728 1 esp4, Live 0xe0c4f000 (U)
1000. tunnel4 7300 1 xfrm4_tunnel, Live 0xe0c49000 (U)
1001. tunnel6 7300 1 xfrm6_tunnel, Live 0xe0c21000 (U)
1002. ipv6 270368 35 ah6,esp6,xfrm6_mode_transport,ipcomp6,xfrm6_tunnel,xfrm6_esp,tunnel6, Live 0xe0c70000 (U)
1003. xfrm_nalgo 13316 7 ah6,ah4,esp6,esp4,xfrm6_esp,xfrm4_esp,ipv6, Live 0xe0c1c000 (U)
1004. xt_tcpudp 7040 29 - Live 0xe0c03000 (U)
1005. xt_state 6144 6 - Live 0xe0c06000 (U)
1006. ip_nat_h323 11008 0 - Live 0xe0be6000 (U)
1007. ip_conntrack_h323 51356 1 ip_nat_h323, Live 0xe0c0e000 (U)
1008. ip_nat_pptp 9732 0 - Live 0xe0bfc000 (U)
1009. ip_nat_irc 6656 0 - Live 0xe0bea000 (U)
1010. ip_nat_ftp 7296 0 - Live 0xe0bbd000 (U)
1011. ipt_MASQUERADE 8192 1 - Live 0xe0b84000 (U)
1012. ipt_IMQ 6016 0 - Live 0xe0bba000 (U)
1013. imq 8964 0 - Live 0xe0be2000 (U)
1014. ip_conntrack_pptp 15376 1 ip_nat_pptp, Live 0xe0bdd000 (U)
1015. testmgr_cipher 6784 0 - Live 0xe0b2c000 (U)
1016. testmgr 52272 1 testmgr_cipher, Live 0xe0bee000 (U)
1017. aead 11776 5 authenc,esp6,esp4,ccm,testmgr, Live 0xe0b79000 (U)
1018. crypto_blkcipher 17536 6 chainiv,authenc,ccm,ecb,cbc,testmgr, Live 0xe0bce000 (U)
1019. crypto_algapi 22784 13 krng,ansi_cprng,chainiv,authenc,hmac,cryptomgr,ccm,ecb,xcbc,cbc,testmgr,aead,crypto_blkcipher, Live 0xe0bd6000 (U)
1020. crypto_api 12544 12 rng,authenc,ah6,ah4,esp6,esp4,ccm,xfrm_nalgo,testmgr,aead,crypto_blkcipher,crypto_algapi, Live 0xe0bc9000 (U)
1021. arc4 6016 0 - Live 0xe0b76000 (U)
1022. ppp_mppe 10372 0 - Live 0xe0bb6000 (U)
1023. ppp_generic 29972 1 ppp_mppe, Live 0xe0bc0000 (U)
1024. slhc 10240 1 ppp_generic, Live 0xe0bb2000 (U)
1025. ip_conntrack_irc 10480 1 ip_nat_irc, Live 0xe0bae000 (U)
1026. ip_conntrack_ftp 11504 1 ip_nat_ftp, Live 0xe0baa000 (U)
1027. ipt_REJECT 9600 1 - Live 0xe0ba6000 (U)
1028. ipt_LOG 9856 0 - Live 0xe0ba2000 (U)
1029. iptable_nat 11140 1 - Live 0xe0b9e000 (U)
1030. ip_nat 21548 6 ip_nat_h323,ip_nat_pptp,ip_nat_irc,ip_nat_ftp,ipt_MASQUERADE,iptable_nat, Live 0xe0b7d000 (U)
1031. ip_conntrack 53216 12 xt_state,ip_nat_h323,ip_conntrack_h323,ip_nat_pptp,ip_nat_irc,ip_nat_ftp,ipt_MASQUERADE,ip_conntrack_pptp,ip_conntrack_irc,ip_conntrack_ftp,iptable_nat,ip_nat, Live 0xe0b87000 (U)
1032. nfnetlink 10648 2 ip_nat,ip_conntrack, Live 0xe0b02000 (U)
1033. iptable_mangle 6784 1 - Live 0xe0b06000 (U)
1034. iptable_filter 7040 1 - Live 0xe0a59000 (U)
1035. ip_tables 16964 3 iptable_nat,iptable_mangle,iptable_filter, Live 0xe0b26000 (U)
1036. x_tables 17284 10 xt_mark,xt_MARK,xt_tcpudp,xt_state,ipt_MASQUERADE,ipt_IMQ,ipt_REJECT,ipt_LOG,iptable_nat,ip_tables, Live 0xe0b20000 (U)
1037. ib_iser 37208 0 - Live 0xe0b6b000 (U)
1038. rdma_cm 35384 1 ib_iser, Live 0xe0b61000 (U)
1039. ib_cm 39148 1 rdma_cm, Live 0xe0b56000 (U)
1040. iw_cm 13060 1 rdma_cm, Live 0xe0b1b000 (U)
1041. ib_sa 39028 2 rdma_cm,ib_cm, Live 0xe0b4b000 (U)
1042. ib_mad 37780 2 ib_cm,ib_sa, Live 0xe0b40000 (U)
1043. ib_core 63620 6 ib_iser,rdma_cm,ib_cm,iw_cm,ib_sa,ib_mad, Live 0xe0b2f000 (U)
1044. ib_addr 11780 1 rdma_cm, Live 0xe0b17000 (U)
1045. iscsi_tcp 19848 0 - Live 0xe0b11000 (U)
1046. libiscsi_tcp 21892 1 iscsi_tcp, Live 0xe0b0a000 (U)
1047. libiscsi2 42628 3 ib_iser,iscsi_tcp,libiscsi_tcp, Live 0xe0aea000 (U)
1048. scsi_transport_iscsi2 37644 4 ib_iser,iscsi_tcp,libiscsi2, Live 0xe0af7000 (U)
1049. scsi_transport_iscsi 6020 1 scsi_transport_iscsi2, Live 0xe0a5c000 (U)
1050. dm_mirror 24328 0 - Live 0xe0a61000 (U)
1051. dm_multipath 25356 0 - Live 0xe0a46000 (U)
1052. scsi_dh 12032 1 dm_multipath, Live 0xe0a55000 (U)
1053. video 21128 0 - Live 0xe0a4e000 (U)
1054. backlight 9984 1 video, Live 0xe0a04000 (U)
1055. sbs 18468 0 - Live 0xe0a3a000 (U)
1056. power_meter 16396 0 - Live 0xe0a40000 (U)
1057. hwmon 7300 1 power_meter, Live 0xe0a17000 (U)
1058. i2c_ec 8960 1 sbs, Live 0xe0a36000 (U)
1059. dell_wmi 8336 0 - Live 0xe0a08000 (U)
1060. wmi 12072 1 dell_wmi, Live 0xe0a32000 (U)
1061. button 10512 0 - Live 0xe09fc000 (U)
1062. battery 13572 0 - Live 0xe0a12000 (U)
1063. asus_acpi 19224 0 - Live 0xe0a0c000 (U)
1064. ac 9092 0 - Live 0xe0a00000 (U)
1065. lp 15784 0 - Live 0xe0990000 (U)
1066. snd_intel8x0 35356 0 - Live 0xe09b9000 (U)
1067. snd_ac97_codec 92832 1 snd_intel8x0, Live 0xe0a1a000 (U)
1068. ac97_bus 6272 1 snd_ac97_codec, Live 0xe09b6000 (U)
1069. snd_seq_dummy 7812 0 - Live 0xe09b3000 (U)
1070. snd_seq_oss 32512 0 - Live 0xe099c000 (U)
1071. snd_seq_midi_event 10880 1 snd_seq_oss, Live 0xe097c000 (U)
1072. snd_seq 49520 5 snd_seq_dummy,snd_seq_oss,snd_seq_midi_event, Live 0xe09ee000 (U)
1073. snd_pcm_oss 42752 0 - Live 0xe09e2000 (U)
1074. 3c59x 44584 0 - Live 0xe09d6000 (U)
1075. snd_mixer_oss 18944 1 snd_pcm_oss, Live 0xe09ad000 (U)
1076. snd_pcm 72068 3 snd_intel8x0,snd_ac97_codec,snd_pcm_oss, Live 0xe09c3000 (U)
1077. pcspkr 7040 0 - Live 0xe08bd000 (U)
1078. sis900 25984 0 - Live 0xe09a5000 (U)
1079. mii 9216 2 3c59x,sis900, Live 0xe098c000 (U)
1080. snd_timer 24452 2 snd_seq,snd_pcm, Live 0xe0995000 (U)
1081. i2c_sis96x 9348 0 - Live 0xe0980000 (U)
1082. i2c_core 23936 2 i2c_ec,i2c_sis96x, Live 0xe0985000 (U)
1083. snd_page_alloc 14216 2 snd_intel8x0,snd_pcm, Live 0xe090d000 (U)
1084. snd_mpu401 12200 0 - Live 0xe0978000 (U)
1085. snd_mpu401_uart 12032 1 snd_mpu401, Live 0xe0974000 (U)
1086. snd_rawmidi 26368 1 snd_mpu401_uart, Live 0xe095d000 (U)
1087. snd_seq_device 11660 4 snd_seq_dummy,snd_seq_oss,snd_seq,snd_rawmidi, Live 0xe0959000 (U)
1088. ns558 8960 0 - Live 0xe0912000 (U)
1089. gameport 18568 2 ns558, Live 0xe0953000 (U)
1090. snd 55684 12 snd_intel8x0,snd_ac97_codec,snd_seq_oss,snd_seq,snd_pcm_oss,snd_mixer_oss,snd_pcm,snd_timer,snd_mpu401,snd_mpu401_uart,snd_rawmidi,snd_seq_device, Live 0xe0965000 (U)
1091. soundcore 11488 1 snd, Live 0xe08ca000 (U)
1092. parport_pc 29092 1 - Live 0xe0918000 (U)
1093. parport 37448 2 lp,parport_pc, Live 0xe0948000 (U)
1094. ide_cd 40096 0 - Live 0xe093d000 (U)
1095. cdrom 36512 1 ide_cd, Live 0xe0933000 (U)
1096. serio_raw 10628 0 - Live 0xe084e000 (U)
1097. dm_raid45 67080 0 - Live 0xe0921000 (U)
1098. dm_message 6912 1 dm_raid45, Live 0xe08ba000 (U)
1099. dm_region_hash 15616 1 dm_raid45, Live 0xe08c5000 (U)
1100. dm_log 14592 3 dm_mirror,dm_raid45,dm_region_hash, Live 0xe08c0000 (U)
1101. dm_mod 63160 4 dm_mirror,dm_multipath,dm_raid45,dm_log, Live 0xe08ce000 (U)
1102. dm_mem_cache 9472 1 dm_raid45, Live 0xe0852000 (U)
1103. pata_sis 15620 0 - Live 0xe08b5000 (U)
1104. libata 157252 1 pata_sis, Live 0xe08e5000 (U)
1105. sd_mod 25216 0 - Live 0xe0857000 (U)
1106. scsi_mod 141908 7 ib_iser,iscsi_tcp,libiscsi2,scsi_transport_iscsi2,scsi_dh,libata,sd_mod, Live 0xe0870000 (U)
1107. ext3 125448 2 - Live 0xe0895000 (U)
1108. jbd 57256 1 ext3, Live 0xe0861000 (U)
1109. uhci_hcd 25356 0 - Live 0xe0834000 (U)
1110. ohci_hcd 24872 0 - Live 0xe0846000 (U)
1111. ehci_hcd 33804 0 - Live 0xe083c000 (U)
1112. + _________________________ /proc/meminfo
1113. + cat /proc/meminfo
1114. MemTotal: 515380 kB
1115. MemFree: 33520 kB
1116. Buffers: 92708 kB
1117. Cached: 203164 kB
1118. SwapCached: 0 kB
1119. Active: 258976 kB
1120. Inactive: 137132 kB
1121. HighTotal: 0 kB
1122. HighFree: 0 kB
1123. LowTotal: 515380 kB
1124. LowFree: 33520 kB
1125. SwapTotal: 1052248 kB
1126. SwapFree: 1052120 kB
1127. Dirty: 76 kB
1128. Writeback: 0 kB
1129. AnonPages: 100216 kB
1130. Mapped: 43868 kB
1131. Slab: 77600 kB
1132. PageTables: 2216 kB
1133. NFS_Unstable: 0 kB
1134. Bounce: 0 kB
1135. CommitLimit: 1309936 kB
1136. Committed_AS: 400992 kB
1137. VmallocTotal: 507896 kB
1138. VmallocUsed: 5196 kB
1139. VmallocChunk: 502588 kB
1140. HugePages_Total: 0
1141. HugePages_Free: 0
1142. HugePages_Rsvd: 0
1143. Hugepagesize: 4096 kB
1144. + _________________________ /proc/net/ipsec-ls
1145. + test -f /proc/net/ipsec_version
1146. + _________________________ usr/src/linux/.config
1147. + test -f /proc/config.gz
1148. ++ uname -r
1149. + test -f /lib/modules/2.6.18-194.8.1.v5/build/.config
1150. ++ uname -r
1151. + cat /lib/modules/2.6.18-194.8.1.v5/build/.config
1152. + egrep 'CONFIG_IPSEC|CONFIG_KLIPS|CONFIG_NET_KEY|CONFIG_INET|CONFIG_IP|CONFIG_HW_RANDOM|CONFIG_CRYPTO_DEV|_XFRM'
1153. CONFIG_XFRM=y
1154. CONFIG_XFRM_NALGO=m
1155. CONFIG_XFRM_USER=y
1156. CONFIG_NET_KEY=m
1157. CONFIG_INET=y
1158. CONFIG_IP_MULTICAST=y
1159. CONFIG_IP_ADVANCED_ROUTER=y
1160. # CONFIG_IP_FIB_TRIE is not set
1161. CONFIG_IP_FIB_HASH=y
1162. CONFIG_IP_MULTIPLE_TABLES=y
1163. CONFIG_IP_ROUTE_FWMARK=y
1164. CONFIG_IP_ROUTE_MULTIPATH=y
1165. # CONFIG_IP_ROUTE_MULTIPATH_CACHED is not set
1166. CONFIG_IP_ROUTE_VERBOSE=y
1167. # CONFIG_IP_PNP is not set
1168. CONFIG_IP_MROUTE=y
1169. CONFIG_IP_PIMSM_V1=y
1170. CONFIG_IP_PIMSM_V2=y
1171. CONFIG_INET_AH=m
1172. CONFIG_INET_ESP=m
1173. CONFIG_INET_IPCOMP=m
1174. CONFIG_INET_XFRM_TUNNEL=m
1175. CONFIG_INET_TUNNEL=m
1176. CONFIG_INET_XFRM_MODE_TRANSPORT=m
1177. CONFIG_INET_XFRM_MODE_TUNNEL=m
1178. CONFIG_INET_DIAG=m
1179. CONFIG_INET_TCP_DIAG=m
1180. CONFIG_INET_LRO=y
1181. CONFIG_IP_VS=m
1182. # CONFIG_IP_VS_DEBUG is not set
1183. CONFIG_IP_VS_TAB_BITS=12
1184. CONFIG_IP_VS_PROTO_TCP=y
1185. CONFIG_IP_VS_PROTO_UDP=y
1186. CONFIG_IP_VS_PROTO_ESP=y
1187. CONFIG_IP_VS_PROTO_AH=y
1188. CONFIG_IP_VS_RR=m
1189. CONFIG_IP_VS_WRR=m
1190. CONFIG_IP_VS_LC=m
1191. CONFIG_IP_VS_WLC=m
1192. CONFIG_IP_VS_LBLC=m
1193. CONFIG_IP_VS_LBLCR=m
1194. CONFIG_IP_VS_DH=m
1195. CONFIG_IP_VS_SH=m
1196. CONFIG_IP_VS_SED=m
1197. CONFIG_IP_VS_NQ=m
1198. CONFIG_IP_VS_FTP=m
1199. CONFIG_IPV6=m
1200. CONFIG_IPV6_PRIVACY=y
1201. CONFIG_IPV6_ROUTER_PREF=y
1202. CONFIG_IPV6_ROUTE_INFO=y
1203. CONFIG_IPV6_OPTIMISTIC_DAD=y
1204. CONFIG_INET6_AH=m
1205. CONFIG_INET6_ESP=m
1206. CONFIG_INET6_IPCOMP=m
1207. CONFIG_INET6_XFRM_TUNNEL=m
1208. CONFIG_INET6_TUNNEL=m
1209. CONFIG_INET6_XFRM_MODE_TRANSPORT=m
1210. CONFIG_INET6_XFRM_MODE_TUNNEL=m
1211. CONFIG_IPV6_TUNNEL=m
1212. # CONFIG_IPV6_SUBTREES is not set
1213. CONFIG_IPV6_MULTIPLE_TABLES=y
1214. CONFIG_IPV6_ROUTE_FWMARK=y
1215. CONFIG_IP_NF_CONNTRACK=m
1216. CONFIG_IP_NF_CT_ACCT=y
1217. CONFIG_IP_NF_CONNTRACK_MARK=y
1218. CONFIG_IP_NF_CONNTRACK_SECMARK=y
1219. CONFIG_IP_NF_CONNTRACK_EVENTS=y
1220. CONFIG_IP_NF_CONNTRACK_NETLINK=m
1221. CONFIG_IP_NF_CT_PROTO_SCTP=m
1222. CONFIG_IP_NF_FTP=m
1223. CONFIG_IP_NF_IRC=m
1224. CONFIG_IP_NF_NETBIOS_NS=m
1225. CONFIG_IP_NF_TFTP=m
1226. CONFIG_IP_NF_AMANDA=m
1227. CONFIG_IP_NF_PPTP=m
1228. CONFIG_IP_NF_H323=m
1229. CONFIG_IP_NF_SIP=m
1230. CONFIG_IP_NF_QUEUE=m
1231. CONFIG_IP_NF_IPTABLES=m
1232. CONFIG_IP_NF_MATCH_IPRANGE=m
1233. CONFIG_IP_NF_MATCH_TOS=m
1234. CONFIG_IP_NF_MATCH_RECENT=m
1235. CONFIG_IP_NF_MATCH_ECN=m
1236. CONFIG_IP_NF_MATCH_DSCP=m
1237. CONFIG_IP_NF_MATCH_AH=m
1238. CONFIG_IP_NF_MATCH_TTL=m
1239. CONFIG_IP_NF_MATCH_OWNER=m
1240. CONFIG_IP_NF_MATCH_ADDRTYPE=m
1241. CONFIG_IP_NF_MATCH_HASHLIMIT=m
1242. CONFIG_IP_NF_FILTER=m
1243. CONFIG_IP_NF_TARGET_REJECT=m
1244. CONFIG_IP_NF_TARGET_LOG=m
1245. CONFIG_IP_NF_TARGET_ULOG=m
1246. CONFIG_IP_NF_TARGET_TCPMSS=m
1247. CONFIG_IP_NF_NAT=m
1248. CONFIG_IP_NF_NAT_NEEDED=y
1249. CONFIG_IP_NF_TARGET_MASQUERADE=m
1250. CONFIG_IP_NF_TARGET_REDIRECT=m
1251. CONFIG_IP_NF_TARGET_NETMAP=m
1252. CONFIG_IP_NF_TARGET_SAME=m
1253. CONFIG_IP_NF_NAT_SNMP_BASIC=m
1254. CONFIG_IP_NF_NAT_IRC=m
1255. CONFIG_IP_NF_NAT_FTP=m
1256. CONFIG_IP_NF_NAT_TFTP=m
1257. CONFIG_IP_NF_NAT_AMANDA=m
1258. CONFIG_IP_NF_NAT_PPTP=m
1259. CONFIG_IP_NF_NAT_H323=m
1260. CONFIG_IP_NF_NAT_SIP=m
1261. CONFIG_IP_NF_MANGLE=m
1262. CONFIG_IP_NF_TARGET_IMQ=m
1263. CONFIG_IP_NF_TARGET_TOS=m
1264. CONFIG_IP_NF_TARGET_ECN=m
1265. CONFIG_IP_NF_TARGET_DSCP=m
1266. CONFIG_IP_NF_TARGET_TTL=m
1267. CONFIG_IP_NF_TARGET_CLUSTERIP=m
1268. CONFIG_IP_NF_RAW=m
1269. CONFIG_IP_NF_ARPTABLES=m
1270. CONFIG_IP_NF_ARPFILTER=m
1271. CONFIG_IP_NF_ARP_MANGLE=m
1272. CONFIG_IP_NF_MATCH_IPP2P=m
1273. CONFIG_IP6_NF_QUEUE=m
1274. CONFIG_IP6_NF_IPTABLES=m
1275. CONFIG_IP6_NF_MATCH_RT=m
1276. CONFIG_IP6_NF_MATCH_OPTS=m
1277. CONFIG_IP6_NF_MATCH_FRAG=m
1278. CONFIG_IP6_NF_MATCH_HL=m
1279. CONFIG_IP6_NF_MATCH_OWNER=m
1280. CONFIG_IP6_NF_MATCH_IPV6HEADER=m
1281. CONFIG_IP6_NF_MATCH_AH=m
1282. CONFIG_IP6_NF_MATCH_EUI64=m
1283. CONFIG_IP6_NF_FILTER=m
1284. CONFIG_IP6_NF_TARGET_LOG=m
1285. CONFIG_IP6_NF_TARGET_REJECT=m
1286. CONFIG_IP6_NF_MANGLE=m
1287. CONFIG_IP6_NF_TARGET_IMQ=m
1288. CONFIG_IP6_NF_TARGET_HL=m
1289. CONFIG_IP6_NF_RAW=m
1290. CONFIG_IP_DCCP=m
1291. CONFIG_INET_DCCP_DIAG=m
1292. CONFIG_IP_DCCP_ACKVEC=y
1293. CONFIG_IP_DCCP_CCID2=m
1294. CONFIG_IP_DCCP_CCID3=m
1295. CONFIG_IP_DCCP_TFRC_LIB=m
1296. # CONFIG_IP_DCCP_DEBUG is not set
1297. CONFIG_IP_SCTP=m
1298. CONFIG_IPX=m
1299. # CONFIG_IPX_INTERN is not set
1300. CONFIG_IPW2100=m
1301. CONFIG_IPW2100_MONITOR=y
1302. # CONFIG_IPW2100_DEBUG is not set
1303. CONFIG_IPW2200=m
1304. CONFIG_IPW2200_MONITOR=y
1305. CONFIG_IPW2200_RADIOTAP=y
1306. CONFIG_IPW2200_PROMISCUOUS=y
1307. CONFIG_IPW2200_QOS=y
1308. # CONFIG_IPW2200_DEBUG is not set
1309. CONFIG_IPPP_FILTER=y
1310. CONFIG_IPMI_HANDLER=m
1311. CONFIG_IPMI_PANIC_EVENT=y
1312. CONFIG_IPMI_PANIC_STRING=y
1313. CONFIG_IPMI_DEVICE_INTERFACE=m
1314. CONFIG_IPMI_SI=m
1315. CONFIG_IPMI_WATCHDOG=m
1316. CONFIG_IPMI_POWEROFF=m
1317. CONFIG_HW_RANDOM=y
1318. CONFIG_HW_RANDOM_INTEL=m
1319. CONFIG_HW_RANDOM_AMD=m
1320. CONFIG_HW_RANDOM_GEODE=m
1321. CONFIG_HW_RANDOM_VIA=m
1322. CONFIG_SECURITY_NETWORK_XFRM=y
1323. CONFIG_CRYPTO_DEV_PADLOCK=m
1324. CONFIG_CRYPTO_DEV_PADLOCK_AES=y
1325. + _________________________ etc/syslog.conf
1326. + _________________________ etc/syslog-ng/syslog-ng.conf
1327. + cat /etc/syslog-ng/syslog-ng.conf
1328. cat: /etc/syslog-ng/syslog-ng.conf: No such file or directory
1329. + cat /etc/syslog.conf
1330. # Log all kernel messages to the console.
1331. # Logging much else clutters up the screen.
1332. #kern.* /dev/console
1333.  
1334. # Log anything (except mail) of level info or higher.
1335. # Don't log private authentication messages!
1336. *.info;mail.none;authpriv.none;cron.none;local6.none;local5.none;local0.none /var/log/messages
1337.  
1338. # The authpriv file has restricted access.
1339. authpriv.* /var/log/secure
1340.  
1341. # Log all the mail messages in one place.
1342. mail.info -/var/log/maillog
1343.  
1344.  
1345. # Log cron stuff
1346. cron.* /var/log/cron
1347.  
1348. # Everybody gets emergency messages
1349. *.emerg *
1350.  
1351. # Save news errors of level crit and higher in a special file.
1352. uucp,news.crit /var/log/spooler
1353.  
1354. # Save boot messages also to boot.log
1355. local7.* /var/log/boot.log
1356. local6.* /var/log/system
1357. local5.* /var/log/compliance
1358. local0.* /var/log/suva
1359. + _________________________ etc/resolv.conf
1360. + cat /etc/resolv.conf
1361. ; generated by /sbin/dhclient-script
1362. search orange.nl
1363. nameserver 194.134.5.5
1364. nameserver 194.134.0.97
1365. + _________________________ lib/modules-ls
1366. + ls -ltr /lib/modules
1367. total 8
1368. drwxr-xr-x 6 root root 4096 Aug 25 19:00 2.6.18-194.8.1.v5
1369. + _________________________ fipscheck
1370. + cat /proc/sys/crypto/fips_enabled
1371. 0
1372. + _________________________ /proc/ksyms-netif_rx
1373. + test -r /proc/ksyms
1374. + test -r /proc/kallsyms
1375. + egrep netif_rx /proc/kallsyms
1376. c05c5d1c T __netif_rx_schedule
1377. c05c70bb T netif_rx
1378. c05c85c1 T netif_rx_ni
1379. c05c70bb U netif_rx [xfrm6_esp]
1380. c05c70bb U netif_rx [xfrm4_esp]
1381. c05c70bb U netif_rx [ipv6]
1382. c05c70bb U netif_rx [ppp_generic]
1383. c05c70bb U netif_rx [3c59x]
1384. c05c70bb U netif_rx [sis900]
1385. + _________________________ lib/modules-netif_rx
1386. + modulegoo kernel/net/ipv4/ipip.o netif_rx
1387. + set +x
1388. 2.6.18-194.8.1.v5:
1389. + _________________________ kern.debug
1390. + test -f /var/log/kern.debug
1391. + _________________________ klog
1392. + sed -n '483,$p' /var/log/messages
1393. + egrep -i 'ipsec|klips|pluto'
1394. + case "$1" in
1395. + cat
1396. Aug 25 13:46:44 system ipsec_setup: Starting Openswan IPsec U2.6.28/K2.6.18-194.8.1.v5...
1397. Aug 25 13:46:44 system pluto: adjusting ipsec.d to /etc/ipsec.d
1398. Aug 25 13:46:44 system ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
1399. Aug 25 13:46:44 system ipsec_setup: ...Openswan IPsec started
1400. Aug 25 13:46:45 system ipsec__plutorun: 002 loading certificate from Left1024-cert.pem
1401. Aug 25 13:46:45 system ipsec__plutorun: 002 loaded host cert file '/etc/ipsec.d/certs/Left1024-cert.pem' (1635 bytes)
1402. Aug 25 13:46:45 system ipsec__plutorun: 002 added connection description "LAN"
1403. Aug 25 13:46:45 system ipsec__plutorun: 003 NAT-Traversal: Trying new style NAT-T
1404. Aug 25 13:46:45 system ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1) setup failed for new style NAT-T family IPv4 (errno=19)
1405. Aug 25 13:46:45 system ipsec__plutorun: 003 NAT-Traversal: Trying old style NAT-T
1406. + _________________________ plog
1407. + sed -n '139,$p' /var/log/secure
1408. + egrep -i pluto
1409. + case "$1" in
1410. + cat
1411. Aug 25 13:46:44 system ipsec__plutorun: Starting Pluto subsystem...
1412. Aug 25 13:46:44 system pluto[19911]: Starting Pluto (Openswan Version 2.6.28; Vendor ID OEQ{O\177nez{CQ) pid:19911
1413. Aug 25 13:46:44 system pluto[19911]: SAref support [disabled]: Protocol not available
1414. Aug 25 13:46:44 system pluto[19911]: SAbind support [disabled]: Protocol not available
1415. Aug 25 13:46:44 system pluto[19911]: Setting NAT-Traversal port-4500 floating to on
1416. Aug 25 13:46:44 system pluto[19911]: port floating activation criteria nat_t=1/port_float=1
1417. Aug 25 13:46:44 system pluto[19911]: NAT-Traversal support [enabled]
1418. Aug 25 13:46:44 system pluto[19911]: fixup for bad virtual_private entry '%4:!10.97.10.0/24', please fix your virtual_private line!
1419. Aug 25 13:46:44 system pluto[19911]: fixup for bad virtual_private entry '%4:!10.97.10.0/24', please fix your virtual_private line!
1420. Aug 25 13:46:44 system pluto[19911]: using /dev/urandom as source of random entropy
1421. Aug 25 13:46:44 system pluto[19911]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0)
1422. Aug 25 13:46:44 system pluto[19911]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC: Ok (ret=0)
1423. Aug 25 13:46:44 system pluto[19911]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC: Ok (ret=0)
1424. Aug 25 13:46:44 system pluto[19911]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
1425. Aug 25 13:46:44 system pluto[19911]: ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC: Ok (ret=0)
1426. Aug 25 13:46:44 system pluto[19911]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok (ret=0)
1427. Aug 25 13:46:44 system pluto[19911]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok (ret=0)
1428. Aug 25 13:46:44 system pluto[19911]: starting up 1 cryptographic helpers
1429. Aug 25 13:46:44 system pluto[19917]: using /dev/urandom as source of random entropy
1430. Aug 25 13:46:44 system pluto[19911]: started helper pid=19917 (fd:7)
1431. Aug 25 13:46:44 system pluto[19911]: Using Linux 2.6 IPsec interface code on 2.6.18-194.8.1.v5 (experimental code)
1432. Aug 25 13:46:44 system pluto[19911]: ike_alg_register_enc(): Activating aes_ccm_8: Ok (ret=0)
1433. Aug 25 13:46:44 system pluto[19911]: ike_alg_add(): ERROR: Algorithm already exists
1434. Aug 25 13:46:44 system pluto[19911]: ike_alg_register_enc(): Activating aes_ccm_12: FAILED (ret=-17)
1435. Aug 25 13:46:44 system pluto[19911]: ike_alg_add(): ERROR: Algorithm already exists
1436. Aug 25 13:46:44 system pluto[19911]: ike_alg_register_enc(): Activating aes_ccm_16: FAILED (ret=-17)
1437. Aug 25 13:46:44 system pluto[19911]: ike_alg_add(): ERROR: Algorithm already exists
1438. Aug 25 13:46:44 system pluto[19911]: ike_alg_register_enc(): Activating aes_gcm_8: FAILED (ret=-17)
1439. Aug 25 13:46:44 system pluto[19911]: ike_alg_add(): ERROR: Algorithm already exists
1440. Aug 25 13:46:44 system pluto[19911]: ike_alg_register_enc(): Activating aes_gcm_12: FAILED (ret=-17)
1441. Aug 25 13:46:44 system pluto[19911]: ike_alg_add(): ERROR: Algorithm already exists
1442. Aug 25 13:46:44 system pluto[19911]: ike_alg_register_enc(): Activating aes_gcm_16: FAILED (ret=-17)
1443. Aug 25 13:46:44 system pluto[19911]: Changed path to directory '/etc/ipsec.d/cacerts'
1444. Aug 25 13:46:44 system pluto[19911]: loaded CA cert file 'Testing1024-crl.pem' (568 bytes)
1445. Aug 25 13:46:44 system pluto[19911]: error in X.509 certificate Testing1024-crl.pem
1446. Aug 25 13:46:44 system pluto[19911]: loaded CA cert file 'Testing1024-cacert.pem' (1639 bytes)
1447. Aug 25 13:46:44 system pluto[19911]: Changed path to directory '/etc/ipsec.d/aacerts'
1448. Aug 25 13:46:44 system pluto[19911]: Changed path to directory '/etc/ipsec.d/ocspcerts'
1449. Aug 25 13:46:44 system pluto[19911]: Changing to directory '/etc/ipsec.d/crls'
1450. Aug 25 13:46:44 system pluto[19911]: loaded crl file 'Testing1024-crl.pem' (568 bytes)
1451. Aug 25 13:46:44 system pluto[19911]: loading certificate from Left1024-cert.pem
1452. Aug 25 13:46:44 system pluto[19911]: loaded host cert file '/etc/ipsec.d/certs/Left1024-cert.pem' (1635 bytes)
1453. Aug 25 13:46:45 system pluto[19911]: added connection description "LAN"
1454. Aug 25 13:46:45 system pluto[19911]: listening for IKE messages
1455. Aug 25 13:46:45 system pluto[19911]: NAT-Traversal: Trying new style NAT-T
1456. Aug 25 13:46:45 system pluto[19911]: NAT-Traversal: ESPINUDP(1) setup failed for new style NAT-T family IPv4 (errno=19)
1457. Aug 25 13:46:45 system pluto[19911]: NAT-Traversal: Trying old style NAT-T
1458. Aug 25 13:46:45 system pluto[19911]: adding interface eth0/eth0 85.145.148.106:500
1459. Aug 25 13:46:45 system pluto[19911]: adding interface eth0/eth0 85.145.148.106:4500
1460. Aug 25 13:46:45 system pluto[19911]: adding interface eth1/eth1 10.97.10.1:500
1461. Aug 25 13:46:45 system pluto[19911]: adding interface eth1/eth1 10.97.10.1:4500
1462. Aug 25 13:46:45 system pluto[19911]: adding interface lo/lo 127.0.0.1:500
1463. Aug 25 13:46:45 system pluto[19911]: adding interface lo/lo 127.0.0.1:4500
1464. Aug 25 13:46:45 system pluto[19911]: adding interface lo/lo ::1:500
1465. Aug 25 13:46:45 system pluto[19911]: loading secrets from "/etc/ipsec.secrets"
1466. Aug 25 13:46:45 system pluto[19911]: loaded private key file '/etc/ipsec.d/private/Left1024-key.pem' (963 bytes)
1467. Aug 25 13:46:45 system pluto[19911]: loaded private key for keyid: PPK_RSA:AwEAAac0u
1468. Aug 25 13:49:16 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1469. Aug 25 13:49:16 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [Dead Peer Detection]
1470. Aug 25 13:49:16 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [RFC 3947] method set to=109
1471. Aug 25 13:49:16 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
1472. Aug 25 13:49:16 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
1473. Aug 25 13:49:16 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
1474. Aug 25 13:49:16 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
1475. Aug 25 13:49:16 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: responding to Main Mode from unknown peer 62.140.137.121
1476. Aug 25 13:49:16 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
1477. Aug 25 13:49:16 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: STATE_MAIN_R1: sent MR1, expecting MI2
1478. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1479. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
1480. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: STATE_MAIN_R2: sent MR2, expecting MI3
1481. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1482. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: I am sending my cert
1483. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
1484. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: new NAT mapping for #1, was 62.140.137.121:37386, now 62.140.137.121:37394
1485. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1486. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: the peer proposed: 10.97.10.0/24:0/0 -> 192.168.0.102/32:0/0
1487. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #2: responding to Quick Mode proposal {msgid:d5514e4c}
1488. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #2: us: 10.97.10.0/24===85.145.148.106<85.145.148.106>[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Left1024, E=admin@testingcorporation.nl,+S=C]
1489. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #2: them: 62.140.137.121[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl,+S=C]===192.168.0.102/32
1490. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
1491. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #2: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
1492. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
1493. Aug 25 13:49:17 system pluto[19911]: "LAN"[1] 62.140.137.121 #2: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x2bb0ea5d <0xbf822e57 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=62.140.137.121:37394 DPD=none}
1494. Aug 25 13:49:40 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: received Delete SA(0x2bb0ea5d) payload: deleting IPSEC State #2
1495. Aug 25 13:49:40 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: received and ignored informational message
1496. Aug 25 13:49:41 system pluto[19911]: "LAN"[1] 62.140.137.121 #1: received Delete SA payload: deleting ISAKMP State #1
1497. Aug 25 13:49:41 system pluto[19911]: "LAN"[1] 62.140.137.121: deleting connection "LAN" instance with peer 62.140.137.121 {isakmp=#0/ipsec=#0}
1498. Aug 25 13:49:41 system pluto[19911]: packet from 62.140.137.121:37394: received and ignored informational message
1499. Aug 25 13:49:46 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1500. Aug 25 13:49:46 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [Dead Peer Detection]
1501. Aug 25 13:49:46 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [RFC 3947] method set to=109
1502. Aug 25 13:49:46 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
1503. Aug 25 13:49:46 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
1504. Aug 25 13:49:46 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
1505. Aug 25 13:49:46 system pluto[19911]: packet from 62.140.137.121:37386: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
1506. Aug 25 13:49:46 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: responding to Main Mode from unknown peer 62.140.137.121
1507. Aug 25 13:49:46 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
1508. Aug 25 13:49:46 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: STATE_MAIN_R1: sent MR1, expecting MI2
1509. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1510. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
1511. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: STATE_MAIN_R2: sent MR2, expecting MI3
1512. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1513. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: I am sending my cert
1514. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
1515. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: new NAT mapping for #3, was 62.140.137.121:37386, now 62.140.137.121:37394
1516. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1517. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: the peer proposed: 10.97.10.0/24:0/0 -> 192.168.0.102/32:0/0
1518. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #4: responding to Quick Mode proposal {msgid:4c1352e9}
1519. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #4: us: 10.97.10.0/24===85.145.148.106<85.145.148.106>[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Left1024, E=admin@testingcorporation.nl,+S=C]
1520. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #4: them: 62.140.137.121[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl,+S=C]===192.168.0.102/32
1521. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #4: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
1522. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #4: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
1523. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #4: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
1524. Aug 25 13:49:47 system pluto[19911]: "LAN"[2] 62.140.137.121 #4: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x3a9de822 <0xdd30e5b2 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=62.140.137.121:37394 DPD=none}
1525. Aug 25 13:52:29 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: received Delete SA(0x3a9de822) payload: deleting IPSEC State #4
1526. Aug 25 13:52:29 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: received and ignored informational message
1527. Aug 25 13:52:29 system pluto[19911]: "LAN"[2] 62.140.137.121 #3: received Delete SA payload: deleting ISAKMP State #3
1528. Aug 25 13:52:29 system pluto[19911]: "LAN"[2] 62.140.137.121: deleting connection "LAN" instance with peer 62.140.137.121 {isakmp=#0/ipsec=#0}
1529. Aug 25 13:52:29 system pluto[19911]: packet from 62.140.137.121:37394: received and ignored informational message
1530. Aug 25 13:52:29 system pluto[19911]: packet from 62.140.137.121:45638: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1531. Aug 25 13:52:29 system pluto[19911]: packet from 62.140.137.121:45638: received Vendor ID payload [Dead Peer Detection]
1532. Aug 25 13:52:29 system pluto[19911]: packet from 62.140.137.121:45638: received Vendor ID payload [RFC 3947] method set to=109
1533. Aug 25 13:52:29 system pluto[19911]: packet from 62.140.137.121:45638: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
1534. Aug 25 13:52:29 system pluto[19911]: packet from 62.140.137.121:45638: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
1535. Aug 25 13:52:29 system pluto[19911]: packet from 62.140.137.121:45638: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
1536. Aug 25 13:52:29 system pluto[19911]: packet from 62.140.137.121:45638: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
1537. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: responding to Main Mode from unknown peer 62.140.137.121
1538. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
1539. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: STATE_MAIN_R1: sent MR1, expecting MI2
1540. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1541. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
1542. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: STATE_MAIN_R2: sent MR2, expecting MI3
1543. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1544. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: I am sending my cert
1545. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
1546. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: new NAT mapping for #5, was 62.140.137.121:45638, now 62.140.137.121:37394
1547. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1548. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: the peer proposed: 10.97.10.0/24:0/0 -> 192.168.0.102/32:0/0
1549. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #6: responding to Quick Mode proposal {msgid:b08d5d9b}
1550. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #6: us: 10.97.10.0/24===85.145.148.106<85.145.148.106>[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Left1024, E=admin@testingcorporation.nl,+S=C]
1551. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #6: them: 62.140.137.121[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl,+S=C]===192.168.0.102/32
1552. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #6: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
1553. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #6: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
1554. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #6: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
1555. Aug 25 13:52:29 system pluto[19911]: "LAN"[3] 62.140.137.121 #6: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x7f608526 <0x4045a59d xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=62.140.137.121:37394 DPD=none}
1556. Aug 25 13:52:38 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: received Delete SA(0x7f608526) payload: deleting IPSEC State #6
1557. Aug 25 13:52:38 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: received and ignored informational message
1558. Aug 25 13:52:38 system pluto[19911]: "LAN"[3] 62.140.137.121 #5: received Delete SA payload: deleting ISAKMP State #5
1559. Aug 25 13:52:38 system pluto[19911]: "LAN"[3] 62.140.137.121: deleting connection "LAN" instance with peer 62.140.137.121 {isakmp=#0/ipsec=#0}
1560. Aug 25 13:52:38 system pluto[19911]: packet from 62.140.137.121:37394: received and ignored informational message
1561. Aug 25 18:21:31 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1562. Aug 25 18:21:31 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Dead Peer Detection]
1563. Aug 25 18:21:31 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [RFC 3947] method set to=109
1564. Aug 25 18:21:31 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
1565. Aug 25 18:21:31 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
1566. Aug 25 18:21:31 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
1567. Aug 25 18:21:31 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
1568. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #7: responding to Main Mode from unknown peer 95.96.10.129
1569. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #7: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
1570. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #7: STATE_MAIN_R1: sent MR1, expecting MI2
1571. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #7: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1572. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #7: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
1573. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #7: STATE_MAIN_R2: sent MR2, expecting MI3
1574. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #7: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1575. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #7: I am sending my cert
1576. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #7: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
1577. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #7: new NAT mapping for #7, was 95.96.10.129:500, now 95.96.10.129:4500
1578. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #7: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1579. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #7: the peer proposed: 10.97.10.0/24:0/0 -> 192.168.0.102/32:0/0
1580. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #8: responding to Quick Mode proposal {msgid:f13d1a3f}
1581. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #8: us: 10.97.10.0/24===85.145.148.106<85.145.148.106>[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Left1024, E=admin@testingcorporation.nl,+S=C]
1582. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #8: them: 95.96.10.129[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl,+S=C]===192.168.0.102/32
1583. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #8: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
1584. Aug 25 18:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #8: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
1585. Aug 25 18:21:32 system pluto[19911]: "LAN"[4] 95.96.10.129 #8: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
1586. Aug 25 18:21:32 system pluto[19911]: "LAN"[4] 95.96.10.129 #8: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0xdf8a45ef <0x138a332a xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=95.96.10.129:4500 DPD=none}
1587. Aug 25 19:07:28 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1588. Aug 25 19:07:28 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Dead Peer Detection]
1589. Aug 25 19:07:28 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [RFC 3947] method set to=109
1590. Aug 25 19:07:28 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
1591. Aug 25 19:07:28 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
1592. Aug 25 19:07:28 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
1593. Aug 25 19:07:28 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
1594. Aug 25 19:07:28 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: responding to Main Mode from unknown peer 95.96.10.129
1595. Aug 25 19:07:28 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
1596. Aug 25 19:07:28 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: STATE_MAIN_R1: sent MR1, expecting MI2
1597. Aug 25 19:07:28 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1598. Aug 25 19:07:28 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
1599. Aug 25 19:07:28 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: STATE_MAIN_R2: sent MR2, expecting MI3
1600. Aug 25 19:07:29 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1601. Aug 25 19:07:29 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: I am sending my cert
1602. Aug 25 19:07:29 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
1603. Aug 25 19:07:29 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: new NAT mapping for #9, was 95.96.10.129:500, now 95.96.10.129:4500
1604. Aug 25 19:07:29 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1605. Aug 25 19:21:31 system pluto[19911]: "LAN"[4] 95.96.10.129 #7: received Delete SA payload: deleting ISAKMP State #7
1606. Aug 25 19:21:31 system pluto[19911]: packet from 95.96.10.129:4500: received and ignored informational message
1607. Aug 25 19:24:07 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: received Delete SA(0xdf8a45ef) payload: deleting IPSEC State #8
1608. Aug 25 19:24:07 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: received and ignored informational message
1609. Aug 25 19:24:07 system pluto[19911]: "LAN"[4] 95.96.10.129 #9: received Delete SA payload: deleting ISAKMP State #9
1610. Aug 25 19:24:07 system pluto[19911]: "LAN"[4] 95.96.10.129: deleting connection "LAN" instance with peer 95.96.10.129 {isakmp=#0/ipsec=#0}
1611. Aug 25 19:24:07 system pluto[19911]: packet from 95.96.10.129:4500: received and ignored informational message
1612. Aug 25 19:41:18 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1613. Aug 25 19:41:18 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Dead Peer Detection]
1614. Aug 25 19:41:18 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [RFC 3947] method set to=109
1615. Aug 25 19:41:18 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
1616. Aug 25 19:41:18 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
1617. Aug 25 19:41:18 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
1618. Aug 25 19:41:18 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
1619. Aug 25 19:41:18 system pluto[19911]: "LAN"[5] 95.96.10.129 #10: responding to Main Mode from unknown peer 95.96.10.129
1620. Aug 25 19:41:18 system pluto[19911]: "LAN"[5] 95.96.10.129 #10: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
1621. Aug 25 19:41:18 system pluto[19911]: "LAN"[5] 95.96.10.129 #10: STATE_MAIN_R1: sent MR1, expecting MI2
1622. Aug 25 19:41:18 system pluto[19911]: "LAN"[5] 95.96.10.129 #10: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1623. Aug 25 19:41:18 system pluto[19911]: "LAN"[5] 95.96.10.129 #10: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
1624. Aug 25 19:41:18 system pluto[19911]: "LAN"[5] 95.96.10.129 #10: STATE_MAIN_R2: sent MR2, expecting MI3
1625. Aug 25 19:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #10: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1626. Aug 25 19:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #10: I am sending my cert
1627. Aug 25 19:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #10: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
1628. Aug 25 19:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #10: new NAT mapping for #10, was 95.96.10.129:500, now 95.96.10.129:4500
1629. Aug 25 19:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #10: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1630. Aug 25 19:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #10: the peer proposed: 10.97.10.0/24:0/0 -> 10.81.9.203/32:0/0
1631. Aug 25 19:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #11: responding to Quick Mode proposal {msgid:3b170279}
1632. Aug 25 19:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #11: us: 10.97.10.0/24===85.145.148.106<85.145.148.106>[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Left1024, E=admin@testingcorporation.nl,+S=C]
1633. Aug 25 19:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #11: them: 95.96.10.129[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl,+S=C]===10.81.9.203/32
1634. Aug 25 19:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #11: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
1635. Aug 25 19:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #11: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
1636. Aug 25 19:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #11: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
1637. Aug 25 19:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #11: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0xcf518acc <0x9999a0c7 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=95.96.10.129:4500 DPD=none}
1638. Aug 25 20:29:04 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1639. Aug 25 20:29:04 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Dead Peer Detection]
1640. Aug 25 20:29:04 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [RFC 3947] method set to=109
1641. Aug 25 20:29:04 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
1642. Aug 25 20:29:04 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
1643. Aug 25 20:29:04 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
1644. Aug 25 20:29:04 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
1645. Aug 25 20:29:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #12: responding to Main Mode from unknown peer 95.96.10.129
1646. Aug 25 20:29:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #12: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
1647. Aug 25 20:29:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #12: STATE_MAIN_R1: sent MR1, expecting MI2
1648. Aug 25 20:29:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #12: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1649. Aug 25 20:29:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #12: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
1650. Aug 25 20:29:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #12: STATE_MAIN_R2: sent MR2, expecting MI3
1651. Aug 25 20:29:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #12: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1652. Aug 25 20:29:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #12: I am sending my cert
1653. Aug 25 20:29:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #12: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
1654. Aug 25 20:29:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #12: new NAT mapping for #12, was 95.96.10.129:500, now 95.96.10.129:4500
1655. Aug 25 20:29:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #12: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1656. Aug 25 21:24:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #13: initiating Main Mode to replace #12
1657. Aug 25 21:29:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #12: ISAKMP SA expired (LATEST!)
1658. Aug 25 21:37:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #13: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1659. Aug 25 21:37:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #13: starting keying attempt 2 of an unlimited number
1660. Aug 25 21:37:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #14: initiating Main Mode to replace #13
1661. Aug 25 21:50:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #14: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1662. Aug 25 21:50:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #14: starting keying attempt 3 of an unlimited number
1663. Aug 25 21:50:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #15: initiating Main Mode to replace #14
1664. Aug 25 22:04:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #15: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1665. Aug 25 22:04:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #15: starting keying attempt 4 of an unlimited number
1666. Aug 25 22:04:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #16: initiating Main Mode to replace #15
1667. Aug 25 22:17:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #16: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1668. Aug 25 22:17:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #16: starting keying attempt 5 of an unlimited number
1669. Aug 25 22:17:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #17: initiating Main Mode to replace #16
1670. Aug 25 22:30:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #17: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1671. Aug 25 22:30:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #17: starting keying attempt 6 of an unlimited number
1672. Aug 25 22:30:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #18: initiating Main Mode to replace #17
1673. Aug 25 22:43:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #18: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1674. Aug 25 22:43:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #18: starting keying attempt 7 of an unlimited number
1675. Aug 25 22:43:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #19: initiating Main Mode to replace #18
1676. Aug 25 22:56:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #19: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1677. Aug 25 22:56:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #19: starting keying attempt 8 of an unlimited number
1678. Aug 25 22:56:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #20: initiating Main Mode to replace #19
1679. Aug 25 23:09:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #20: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1680. Aug 25 23:09:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #20: starting keying attempt 9 of an unlimited number
1681. Aug 25 23:09:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #21: initiating Main Mode to replace #20
1682. Aug 25 23:23:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #21: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1683. Aug 25 23:23:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #21: starting keying attempt 10 of an unlimited number
1684. Aug 25 23:23:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #22: initiating Main Mode to replace #21
1685. Aug 25 23:36:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #22: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1686. Aug 25 23:36:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #22: starting keying attempt 11 of an unlimited number
1687. Aug 25 23:36:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #23: initiating Main Mode to replace #22
1688. Aug 25 23:49:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #23: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1689. Aug 25 23:49:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #23: starting keying attempt 12 of an unlimited number
1690. Aug 25 23:49:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #24: initiating Main Mode to replace #23
1691. Aug 26 00:02:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #24: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1692. Aug 26 00:02:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #24: starting keying attempt 13 of an unlimited number
1693. Aug 26 00:02:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #25: initiating Main Mode to replace #24
1694. Aug 26 00:15:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #25: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1695. Aug 26 00:15:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #25: starting keying attempt 14 of an unlimited number
1696. Aug 26 00:15:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #26: initiating Main Mode to replace #25
1697. Aug 26 00:28:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #26: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1698. Aug 26 00:28:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #26: starting keying attempt 15 of an unlimited number
1699. Aug 26 00:28:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #27: initiating Main Mode to replace #26
1700. Aug 26 00:42:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #27: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1701. Aug 26 00:42:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #27: starting keying attempt 16 of an unlimited number
1702. Aug 26 00:42:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #28: initiating Main Mode to replace #27
1703. Aug 26 00:55:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #28: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1704. Aug 26 00:55:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #28: starting keying attempt 17 of an unlimited number
1705. Aug 26 00:55:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #29: initiating Main Mode to replace #28
1706. Aug 26 01:08:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #29: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1707. Aug 26 01:08:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #29: starting keying attempt 18 of an unlimited number
1708. Aug 26 01:08:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #30: initiating Main Mode to replace #29
1709. Aug 26 01:21:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #30: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1710. Aug 26 01:21:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #30: starting keying attempt 19 of an unlimited number
1711. Aug 26 01:21:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #31: initiating Main Mode to replace #30
1712. Aug 26 01:34:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #31: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1713. Aug 26 01:34:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #31: starting keying attempt 20 of an unlimited number
1714. Aug 26 01:34:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #32: initiating Main Mode to replace #31
1715. Aug 26 01:47:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #32: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1716. Aug 26 01:47:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #32: starting keying attempt 21 of an unlimited number
1717. Aug 26 01:47:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #33: initiating Main Mode to replace #32
1718. Aug 26 02:01:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #33: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1719. Aug 26 02:01:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #33: starting keying attempt 22 of an unlimited number
1720. Aug 26 02:01:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #34: initiating Main Mode to replace #33
1721. Aug 26 02:14:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #34: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1722. Aug 26 02:14:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #34: starting keying attempt 23 of an unlimited number
1723. Aug 26 02:14:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #35: initiating Main Mode to replace #34
1724. Aug 26 02:27:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #35: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1725. Aug 26 02:27:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #35: starting keying attempt 24 of an unlimited number
1726. Aug 26 02:27:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #36: initiating Main Mode to replace #35
1727. Aug 26 02:40:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #36: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1728. Aug 26 02:40:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #36: starting keying attempt 25 of an unlimited number
1729. Aug 26 02:40:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #37: initiating Main Mode to replace #36
1730. Aug 26 02:53:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #37: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1731. Aug 26 02:53:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #37: starting keying attempt 26 of an unlimited number
1732. Aug 26 02:53:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #38: initiating Main Mode to replace #37
1733. Aug 26 03:06:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #38: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1734. Aug 26 03:06:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #38: starting keying attempt 27 of an unlimited number
1735. Aug 26 03:06:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #39: initiating Main Mode to replace #38
1736. Aug 26 03:20:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #39: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1737. Aug 26 03:20:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #39: starting keying attempt 28 of an unlimited number
1738. Aug 26 03:20:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #40: initiating Main Mode to replace #39
1739. Aug 26 03:33:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #40: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1740. Aug 26 03:33:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #40: starting keying attempt 29 of an unlimited number
1741. Aug 26 03:33:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #41: initiating Main Mode to replace #40
1742. Aug 26 03:41:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #11: IPsec SA expired (LATEST!)
1743. Aug 26 03:46:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #41: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1744. Aug 26 03:46:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #41: starting keying attempt 30 of an unlimited number
1745. Aug 26 03:46:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #42: initiating Main Mode to replace #41
1746. Aug 26 03:59:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #42: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1747. Aug 26 03:59:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #42: starting keying attempt 31 of an unlimited number
1748. Aug 26 03:59:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #43: initiating Main Mode to replace #42
1749. Aug 26 04:12:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #43: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1750. Aug 26 04:12:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #43: starting keying attempt 32 of an unlimited number
1751. Aug 26 04:12:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #44: initiating Main Mode to replace #43
1752. Aug 26 04:25:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #44: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1753. Aug 26 04:25:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #44: starting keying attempt 33 of an unlimited number
1754. Aug 26 04:25:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #45: initiating Main Mode to replace #44
1755. Aug 26 04:39:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #45: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1756. Aug 26 04:39:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #45: starting keying attempt 34 of an unlimited number
1757. Aug 26 04:39:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #46: initiating Main Mode to replace #45
1758. Aug 26 04:52:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #46: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1759. Aug 26 04:52:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #46: starting keying attempt 35 of an unlimited number
1760. Aug 26 04:52:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #47: initiating Main Mode to replace #46
1761. Aug 26 05:05:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #47: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1762. Aug 26 05:05:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #47: starting keying attempt 36 of an unlimited number
1763. Aug 26 05:05:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #48: initiating Main Mode to replace #47
1764. Aug 26 05:18:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #48: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1765. Aug 26 05:18:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #48: starting keying attempt 37 of an unlimited number
1766. Aug 26 05:18:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #49: initiating Main Mode to replace #48
1767. Aug 26 05:31:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #49: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1768. Aug 26 05:31:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #49: starting keying attempt 38 of an unlimited number
1769. Aug 26 05:31:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #50: initiating Main Mode to replace #49
1770. Aug 26 05:44:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #50: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1771. Aug 26 05:44:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #50: starting keying attempt 39 of an unlimited number
1772. Aug 26 05:44:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #51: initiating Main Mode to replace #50
1773. Aug 26 05:58:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #51: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1774. Aug 26 05:58:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #51: starting keying attempt 40 of an unlimited number
1775. Aug 26 05:58:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #52: initiating Main Mode to replace #51
1776. Aug 26 06:11:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #52: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1777. Aug 26 06:11:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #52: starting keying attempt 41 of an unlimited number
1778. Aug 26 06:11:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #53: initiating Main Mode to replace #52
1779. Aug 26 06:24:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #53: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1780. Aug 26 06:24:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #53: starting keying attempt 42 of an unlimited number
1781. Aug 26 06:24:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #54: initiating Main Mode to replace #53
1782. Aug 26 06:37:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #54: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1783. Aug 26 06:37:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #54: starting keying attempt 43 of an unlimited number
1784. Aug 26 06:37:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #55: initiating Main Mode to replace #54
1785. Aug 26 06:50:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #55: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1786. Aug 26 06:50:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #55: starting keying attempt 44 of an unlimited number
1787. Aug 26 06:50:44 system pluto[19911]: "LAN"[5] 95.96.10.129 #56: initiating Main Mode to replace #55
1788. Aug 26 07:03:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #56: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1789. Aug 26 07:03:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #56: starting keying attempt 45 of an unlimited number
1790. Aug 26 07:03:54 system pluto[19911]: "LAN"[5] 95.96.10.129 #57: initiating Main Mode to replace #56
1791. Aug 26 07:17:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #57: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1792. Aug 26 07:17:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #57: starting keying attempt 46 of an unlimited number
1793. Aug 26 07:17:04 system pluto[19911]: "LAN"[5] 95.96.10.129 #58: initiating Main Mode to replace #57
1794. Aug 26 07:30:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #58: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1795. Aug 26 07:30:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #58: starting keying attempt 47 of an unlimited number
1796. Aug 26 07:30:14 system pluto[19911]: "LAN"[5] 95.96.10.129 #59: initiating Main Mode to replace #58
1797. Aug 26 07:43:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #59: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1798. Aug 26 07:43:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #59: starting keying attempt 48 of an unlimited number
1799. Aug 26 07:43:24 system pluto[19911]: "LAN"[5] 95.96.10.129 #60: initiating Main Mode to replace #59
1800. Aug 26 07:56:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #60: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1801. Aug 26 07:56:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #60: starting keying attempt 49 of an unlimited number
1802. Aug 26 07:56:34 system pluto[19911]: "LAN"[5] 95.96.10.129 #61: initiating Main Mode to replace #60
1803. Aug 26 08:09:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #61: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1804. Aug 26 08:09:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #61: starting keying attempt 50 of an unlimited number
1805. Aug 26 08:09:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #62: initiating Main Mode to replace #61
1806. Aug 26 08:22:57 system pluto[19911]: "LAN"[5] 95.96.10.129 #62: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1807. Aug 26 08:22:57 system pluto[19911]: "LAN"[5] 95.96.10.129 #62: starting keying attempt 51 of an unlimited number
1808. Aug 26 08:22:57 system pluto[19911]: "LAN"[5] 95.96.10.129 #63: initiating Main Mode to replace #62
1809. Aug 26 08:36:07 system pluto[19911]: "LAN"[5] 95.96.10.129 #63: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1810. Aug 26 08:36:07 system pluto[19911]: "LAN"[5] 95.96.10.129 #63: starting keying attempt 52 of an unlimited number
1811. Aug 26 08:36:07 system pluto[19911]: "LAN"[5] 95.96.10.129 #64: initiating Main Mode to replace #63
1812. Aug 26 08:49:17 system pluto[19911]: "LAN"[5] 95.96.10.129 #64: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1813. Aug 26 08:49:17 system pluto[19911]: "LAN"[5] 95.96.10.129 #64: starting keying attempt 53 of an unlimited number
1814. Aug 26 08:49:17 system pluto[19911]: "LAN"[5] 95.96.10.129 #65: initiating Main Mode to replace #64
1815. Aug 26 09:02:27 system pluto[19911]: "LAN"[5] 95.96.10.129 #65: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1816. Aug 26 09:02:27 system pluto[19911]: "LAN"[5] 95.96.10.129 #65: starting keying attempt 54 of an unlimited number
1817. Aug 26 09:02:27 system pluto[19911]: "LAN"[5] 95.96.10.129 #66: initiating Main Mode to replace #65
1818. Aug 26 09:15:37 system pluto[19911]: "LAN"[5] 95.96.10.129 #66: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1819. Aug 26 09:15:37 system pluto[19911]: "LAN"[5] 95.96.10.129 #66: starting keying attempt 55 of an unlimited number
1820. Aug 26 09:15:37 system pluto[19911]: "LAN"[5] 95.96.10.129 #67: initiating Main Mode to replace #66
1821. Aug 26 09:28:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #67: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1822. Aug 26 09:28:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #67: starting keying attempt 56 of an unlimited number
1823. Aug 26 09:28:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #68: initiating Main Mode to replace #67
1824. Aug 26 09:41:57 system pluto[19911]: "LAN"[5] 95.96.10.129 #68: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1825. Aug 26 09:41:57 system pluto[19911]: "LAN"[5] 95.96.10.129 #68: starting keying attempt 57 of an unlimited number
1826. Aug 26 09:41:57 system pluto[19911]: "LAN"[5] 95.96.10.129 #69: initiating Main Mode to replace #68
1827. Aug 26 09:55:07 system pluto[19911]: "LAN"[5] 95.96.10.129 #69: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1828. Aug 26 09:55:07 system pluto[19911]: "LAN"[5] 95.96.10.129 #69: starting keying attempt 58 of an unlimited number
1829. Aug 26 09:55:07 system pluto[19911]: "LAN"[5] 95.96.10.129 #70: initiating Main Mode to replace #69
1830. Aug 26 10:08:17 system pluto[19911]: "LAN"[5] 95.96.10.129 #70: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1831. Aug 26 10:08:17 system pluto[19911]: "LAN"[5] 95.96.10.129 #70: starting keying attempt 59 of an unlimited number
1832. Aug 26 10:08:17 system pluto[19911]: "LAN"[5] 95.96.10.129 #71: initiating Main Mode to replace #70
1833. Aug 26 10:21:27 system pluto[19911]: "LAN"[5] 95.96.10.129 #71: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1834. Aug 26 10:21:27 system pluto[19911]: "LAN"[5] 95.96.10.129 #71: starting keying attempt 60 of an unlimited number
1835. Aug 26 10:21:27 system pluto[19911]: "LAN"[5] 95.96.10.129 #72: initiating Main Mode to replace #71
1836. Aug 26 10:34:37 system pluto[19911]: "LAN"[5] 95.96.10.129 #72: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1837. Aug 26 10:34:37 system pluto[19911]: "LAN"[5] 95.96.10.129 #72: starting keying attempt 61 of an unlimited number
1838. Aug 26 10:34:37 system pluto[19911]: "LAN"[5] 95.96.10.129 #73: initiating Main Mode to replace #72
1839. Aug 26 10:47:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #73: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1840. Aug 26 10:47:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #73: starting keying attempt 62 of an unlimited number
1841. Aug 26 10:47:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #74: initiating Main Mode to replace #73
1842. Aug 26 11:00:57 system pluto[19911]: "LAN"[5] 95.96.10.129 #74: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1843. Aug 26 11:00:57 system pluto[19911]: "LAN"[5] 95.96.10.129 #74: starting keying attempt 63 of an unlimited number
1844. Aug 26 11:00:57 system pluto[19911]: "LAN"[5] 95.96.10.129 #75: initiating Main Mode to replace #74
1845. Aug 26 11:14:07 system pluto[19911]: "LAN"[5] 95.96.10.129 #75: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1846. Aug 26 11:14:07 system pluto[19911]: "LAN"[5] 95.96.10.129 #75: starting keying attempt 64 of an unlimited number
1847. Aug 26 11:14:07 system pluto[19911]: "LAN"[5] 95.96.10.129 #76: initiating Main Mode to replace #75
1848. Aug 26 11:27:17 system pluto[19911]: "LAN"[5] 95.96.10.129 #76: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1849. Aug 26 11:27:17 system pluto[19911]: "LAN"[5] 95.96.10.129 #76: starting keying attempt 65 of an unlimited number
1850. Aug 26 11:27:17 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: initiating Main Mode to replace #76
1851. Aug 26 11:31:39 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1852. Aug 26 11:31:39 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Dead Peer Detection]
1853. Aug 26 11:31:39 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [RFC 3947] method set to=109
1854. Aug 26 11:31:39 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
1855. Aug 26 11:31:39 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
1856. Aug 26 11:31:39 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
1857. Aug 26 11:31:39 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
1858. Aug 26 11:31:39 system pluto[19911]: "LAN"[5] 95.96.10.129 #78: responding to Main Mode from unknown peer 95.96.10.129
1859. Aug 26 11:31:39 system pluto[19911]: "LAN"[5] 95.96.10.129 #78: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
1860. Aug 26 11:31:39 system pluto[19911]: "LAN"[5] 95.96.10.129 #78: STATE_MAIN_R1: sent MR1, expecting MI2
1861. Aug 26 11:31:39 system pluto[19911]: "LAN"[5] 95.96.10.129 #78: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1862. Aug 26 11:31:39 system pluto[19911]: "LAN"[5] 95.96.10.129 #78: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
1863. Aug 26 11:31:39 system pluto[19911]: "LAN"[5] 95.96.10.129 #78: STATE_MAIN_R2: sent MR2, expecting MI3
1864. Aug 26 11:31:39 system pluto[19911]: "LAN"[5] 95.96.10.129 #78: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1865. Aug 26 11:31:39 system pluto[19911]: "LAN"[5] 95.96.10.129 #78: I am sending my cert
1866. Aug 26 11:31:39 system pluto[19911]: "LAN"[5] 95.96.10.129 #78: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
1867. Aug 26 11:31:39 system pluto[19911]: "LAN"[5] 95.96.10.129 #78: new NAT mapping for #78, was 95.96.10.129:500, now 95.96.10.129:4500
1868. Aug 26 11:31:39 system pluto[19911]: "LAN"[5] 95.96.10.129 #78: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1869. Aug 26 11:31:39 system pluto[19911]: "LAN"[5] 95.96.10.129 #78: the peer proposed: 10.97.10.0/24:0/0 -> 10.81.9.204/32:0/0
1870. Aug 26 11:31:39 system pluto[19911]: "LAN"[6] 95.96.10.129 #79: responding to Quick Mode proposal {msgid:d6aad545}
1871. Aug 26 11:31:39 system pluto[19911]: "LAN"[6] 95.96.10.129 #79: us: 10.97.10.0/24===85.145.148.106<85.145.148.106>[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Left1024, E=admin@testingcorporation.nl,+S=C]
1872. Aug 26 11:31:39 system pluto[19911]: "LAN"[6] 95.96.10.129 #79: them: 95.96.10.129[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl,+S=C]===10.81.9.204/32
1873. Aug 26 11:31:39 system pluto[19911]: "LAN"[6] 95.96.10.129 #79: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
1874. Aug 26 11:31:39 system pluto[19911]: "LAN"[6] 95.96.10.129 #79: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
1875. Aug 26 11:31:39 system pluto[19911]: "LAN"[6] 95.96.10.129 #79: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
1876. Aug 26 11:31:39 system pluto[19911]: "LAN"[6] 95.96.10.129 #79: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0xad585a15 <0xad22afb1 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=95.96.10.129:4500 DPD=none}
1877. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1878. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: received Vendor ID payload [Dead Peer Detection]
1879. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: received Vendor ID payload [RFC 3947] method set to=109
1880. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: enabling possible NAT-traversal with method 4
1881. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
1882. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: STATE_MAIN_I2: sent MI2, expecting MR2
1883. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1884. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: I am sending my cert
1885. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: I am sending a certificate request
1886. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
1887. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: STATE_MAIN_I3: sent MI3, expecting MR3
1888. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: received Vendor ID payload [CAN-IKEv2]
1889. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1890. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
1891. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #77: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1892. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #80: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+IKEv2ALLOW to replace #11 {using isakmp#77 msgid:7c188bcd proposal=defaults pfsgroup=OAKLEY_GROUP_MODP2048}
1893. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #80: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
1894. Aug 26 11:31:47 system pluto[19911]: "LAN"[5] 95.96.10.129 #80: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x21bdff69 <0x099a2dc4 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=95.96.10.129:4500 DPD=none}
1895. Aug 26 12:20:19 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: initiating Main Mode to replace #77
1896. Aug 26 12:27:17 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1897. Aug 26 12:27:17 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Dead Peer Detection]
1898. Aug 26 12:27:17 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [RFC 3947] method set to=109
1899. Aug 26 12:27:17 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
1900. Aug 26 12:27:17 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
1901. Aug 26 12:27:17 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
1902. Aug 26 12:27:17 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
1903. Aug 26 12:27:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #82: responding to Main Mode from unknown peer 95.96.10.129
1904. Aug 26 12:27:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #82: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
1905. Aug 26 12:27:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #82: STATE_MAIN_R1: sent MR1, expecting MI2
1906. Aug 26 12:27:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #82: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1907. Aug 26 12:27:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #82: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
1908. Aug 26 12:27:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #82: STATE_MAIN_R2: sent MR2, expecting MI3
1909. Aug 26 12:27:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #82: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1910. Aug 26 12:27:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #82: I am sending my cert
1911. Aug 26 12:27:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #82: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
1912. Aug 26 12:27:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #82: new NAT mapping for #82, was 95.96.10.129:500, now 95.96.10.129:4500
1913. Aug 26 12:27:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #82: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1914. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1915. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: received Vendor ID payload [Dead Peer Detection]
1916. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: received Vendor ID payload [RFC 3947] method set to=109
1917. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: enabling possible NAT-traversal with method 4
1918. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
1919. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: STATE_MAIN_I2: sent MI2, expecting MR2
1920. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1921. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: I am sending my cert
1922. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: I am sending a certificate request
1923. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
1924. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: STATE_MAIN_I3: sent MI3, expecting MR3
1925. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: received Vendor ID payload [CAN-IKEv2]
1926. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1927. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
1928. Aug 26 12:27:29 system pluto[19911]: "LAN"[5] 95.96.10.129 #81: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1929. Aug 26 12:31:39 system pluto[19911]: "LAN"[5] 95.96.10.129 #78: received Delete SA payload: deleting ISAKMP State #78
1930. Aug 26 12:31:39 system pluto[19911]: packet from 95.96.10.129:4500: received and ignored informational message
1931. Aug 26 12:31:47 system pluto[19911]: packet from 95.96.10.129:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x9e17f018
1932. Aug 26 13:12:23 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: initiating Main Mode to replace #81
1933. Aug 26 13:22:47 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: initiating Main Mode to replace #82
1934. Aug 26 13:23:00 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1935. Aug 26 13:23:00 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Dead Peer Detection]
1936. Aug 26 13:23:00 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [RFC 3947] method set to=109
1937. Aug 26 13:23:00 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
1938. Aug 26 13:23:00 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
1939. Aug 26 13:23:00 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
1940. Aug 26 13:23:00 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
1941. Aug 26 13:23:00 system pluto[19911]: "LAN"[6] 95.96.10.129 #85: responding to Main Mode from unknown peer 95.96.10.129
1942. Aug 26 13:23:00 system pluto[19911]: "LAN"[6] 95.96.10.129 #85: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
1943. Aug 26 13:23:00 system pluto[19911]: "LAN"[6] 95.96.10.129 #85: STATE_MAIN_R1: sent MR1, expecting MI2
1944. Aug 26 13:23:00 system pluto[19911]: "LAN"[6] 95.96.10.129 #85: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1945. Aug 26 13:23:00 system pluto[19911]: "LAN"[6] 95.96.10.129 #85: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
1946. Aug 26 13:23:00 system pluto[19911]: "LAN"[6] 95.96.10.129 #85: STATE_MAIN_R2: sent MR2, expecting MI3
1947. Aug 26 13:23:00 system pluto[19911]: "LAN"[6] 95.96.10.129 #85: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1948. Aug 26 13:23:00 system pluto[19911]: "LAN"[6] 95.96.10.129 #85: I am sending my cert
1949. Aug 26 13:23:00 system pluto[19911]: "LAN"[6] 95.96.10.129 #85: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
1950. Aug 26 13:23:00 system pluto[19911]: "LAN"[6] 95.96.10.129 #85: new NAT mapping for #85, was 95.96.10.129:500, now 95.96.10.129:4500
1951. Aug 26 13:23:00 system pluto[19911]: "LAN"[6] 95.96.10.129 #85: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1952. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1953. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: received Vendor ID payload [Dead Peer Detection]
1954. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: received Vendor ID payload [RFC 3947] method set to=109
1955. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: enabling possible NAT-traversal with method 4
1956. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
1957. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: STATE_MAIN_I2: sent MI2, expecting MR2
1958. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1959. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: I am sending my cert
1960. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: I am sending a certificate request
1961. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
1962. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: STATE_MAIN_I3: sent MI3, expecting MR3
1963. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: received Vendor ID payload [CAN-IKEv2]
1964. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1965. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
1966. Aug 26 13:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1967. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: received Vendor ID payload [Openswan (this version) 2.6.28 ]
1968. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: received Vendor ID payload [Dead Peer Detection]
1969. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: received Vendor ID payload [RFC 3947] method set to=109
1970. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: enabling possible NAT-traversal with method 4
1971. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
1972. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: STATE_MAIN_I2: sent MI2, expecting MR2
1973. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
1974. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: I am sending my cert
1975. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: I am sending a certificate request
1976. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
1977. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: STATE_MAIN_I3: sent MI3, expecting MR3
1978. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: received Vendor ID payload [CAN-IKEv2]
1979. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
1980. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
1981. Aug 26 13:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
1982. Aug 26 13:27:17 system pluto[19911]: packet from 95.96.10.129:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x46f7947e
1983. Aug 26 13:27:29 system pluto[19911]: packet from 95.96.10.129:4500: Informational Exchange is for an unknown (expired?) SA with MSGID:0x96284328
1984. Aug 26 14:07:42 system pluto[19911]: "LAN"[6] 95.96.10.129 #86: initiating Main Mode to replace #84
1985. Aug 26 14:13:48 system pluto[19911]: "LAN"[5] 95.96.10.129 #87: initiating Main Mode to replace #83
1986. Aug 26 14:20:52 system pluto[19911]: "LAN"[6] 95.96.10.129 #86: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1987. Aug 26 14:20:52 system pluto[19911]: "LAN"[6] 95.96.10.129 #86: starting keying attempt 2 of an unlimited number
1988. Aug 26 14:20:52 system pluto[19911]: "LAN"[6] 95.96.10.129 #88: initiating Main Mode to replace #86
1989. Aug 26 14:23:17 system pluto[19911]: "LAN"[6] 95.96.10.129 #84: ISAKMP SA expired (LATEST!)
1990. Aug 26 14:23:33 system pluto[19911]: "LAN"[5] 95.96.10.129 #83: ISAKMP SA expired (LATEST!)
1991. Aug 26 14:26:58 system pluto[19911]: "LAN"[5] 95.96.10.129 #87: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1992. Aug 26 14:26:58 system pluto[19911]: "LAN"[5] 95.96.10.129 #87: starting keying attempt 2 of an unlimited number
1993. Aug 26 14:26:58 system pluto[19911]: "LAN"[5] 95.96.10.129 #89: initiating Main Mode to replace #87
1994. Aug 26 14:34:02 system pluto[19911]: "LAN"[6] 95.96.10.129 #88: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1995. Aug 26 14:34:02 system pluto[19911]: "LAN"[6] 95.96.10.129 #88: starting keying attempt 3 of an unlimited number
1996. Aug 26 14:34:02 system pluto[19911]: "LAN"[6] 95.96.10.129 #90: initiating Main Mode to replace #88
1997. Aug 26 14:40:08 system pluto[19911]: "LAN"[5] 95.96.10.129 #89: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
1998. Aug 26 14:40:08 system pluto[19911]: "LAN"[5] 95.96.10.129 #89: starting keying attempt 3 of an unlimited number
1999. Aug 26 14:40:08 system pluto[19911]: "LAN"[5] 95.96.10.129 #91: initiating Main Mode to replace #89
2000. Aug 26 14:47:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #90: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
2001. Aug 26 14:47:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #90: starting keying attempt 4 of an unlimited number
2002. Aug 26 14:47:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #92: initiating Main Mode to replace #90
2003. Aug 26 14:53:18 system pluto[19911]: "LAN"[5] 95.96.10.129 #91: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
2004. Aug 26 14:53:18 system pluto[19911]: "LAN"[5] 95.96.10.129 #91: starting keying attempt 4 of an unlimited number
2005. Aug 26 14:53:18 system pluto[19911]: "LAN"[5] 95.96.10.129 #93: initiating Main Mode to replace #91
2006. Aug 26 15:00:22 system pluto[19911]: "LAN"[6] 95.96.10.129 #92: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
2007. Aug 26 15:00:22 system pluto[19911]: "LAN"[6] 95.96.10.129 #92: starting keying attempt 5 of an unlimited number
2008. Aug 26 15:00:22 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: initiating Main Mode to replace #92
2009. Aug 26 15:06:28 system pluto[19911]: "LAN"[5] 95.96.10.129 #93: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
2010. Aug 26 15:06:28 system pluto[19911]: "LAN"[5] 95.96.10.129 #93: starting keying attempt 5 of an unlimited number
2011. Aug 26 15:06:28 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: initiating Main Mode to replace #93
2012. Aug 26 15:11:19 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Openswan (this version) 2.6.28 ]
2013. Aug 26 15:11:19 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Dead Peer Detection]
2014. Aug 26 15:11:19 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [RFC 3947] method set to=109
2015. Aug 26 15:11:19 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
2016. Aug 26 15:11:19 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
2017. Aug 26 15:11:19 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
2018. Aug 26 15:11:19 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
2019. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #96: responding to Main Mode from unknown peer 95.96.10.129
2020. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #96: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
2021. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #96: STATE_MAIN_R1: sent MR1, expecting MI2
2022. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #96: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
2023. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #96: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
2024. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #96: STATE_MAIN_R2: sent MR2, expecting MI3
2025. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #96: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
2026. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #96: I am sending my cert
2027. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #96: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
2028. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #96: new NAT mapping for #96, was 95.96.10.129:500, now 95.96.10.129:4500
2029. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #96: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
2030. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #96: the peer proposed: 10.97.10.0/24:0/0 -> 10.81.9.204/32:0/0
2031. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #97: responding to Quick Mode proposal {msgid:59d6b2bd}
2032. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #97: us: 10.97.10.0/24===85.145.148.106<85.145.148.106>[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Left1024, E=admin@testingcorporation.nl,+S=C]
2033. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #97: them: 95.96.10.129[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl,+S=C]===10.81.9.204/32
2034. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #97: keeping refhim=4294901761 during rekey
2035. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #97: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
2036. Aug 26 15:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #97: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
2037. Aug 26 15:11:20 system pluto[19911]: "LAN"[6] 95.96.10.129 #97: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
2038. Aug 26 15:11:20 system pluto[19911]: "LAN"[6] 95.96.10.129 #97: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP=>0x428a7ae2 <0x5b0be685 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=95.96.10.129:4500 DPD=none}
2039. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: received Vendor ID payload [Openswan (this version) 2.6.28 ]
2040. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: received Vendor ID payload [Dead Peer Detection]
2041. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: received Vendor ID payload [RFC 3947] method set to=109
2042. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: enabling possible NAT-traversal with method 4
2043. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
2044. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: STATE_MAIN_I2: sent MI2, expecting MR2
2045. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
2046. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: I am sending my cert
2047. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: I am sending a certificate request
2048. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
2049. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: STATE_MAIN_I3: sent MI3, expecting MR3
2050. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: received Vendor ID payload [CAN-IKEv2]
2051. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
2052. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
2053. Aug 26 15:11:32 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
2054. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: received Vendor ID payload [Openswan (this version) 2.6.28 ]
2055. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: received Vendor ID payload [Dead Peer Detection]
2056. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: received Vendor ID payload [RFC 3947] method set to=109
2057. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: enabling possible NAT-traversal with method 4
2058. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
2059. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: STATE_MAIN_I2: sent MI2, expecting MR2
2060. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
2061. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: I am sending my cert
2062. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: I am sending a certificate request
2063. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
2064. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: STATE_MAIN_I3: sent MI3, expecting MR3
2065. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: received Vendor ID payload [CAN-IKEv2]
2066. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
2067. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
2068. Aug 26 15:11:38 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
2069. Aug 26 15:59:12 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: initiating Main Mode to replace #95
2070. Aug 26 16:00:28 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: initiating Main Mode to replace #94
2071. Aug 26 16:07:07 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Openswan (this version) 2.6.28 ]
2072. Aug 26 16:07:07 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Dead Peer Detection]
2073. Aug 26 16:07:07 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [RFC 3947] method set to=109
2074. Aug 26 16:07:07 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
2075. Aug 26 16:07:07 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
2076. Aug 26 16:07:07 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
2077. Aug 26 16:07:07 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
2078. Aug 26 16:07:07 system pluto[19911]: "LAN"[6] 95.96.10.129 #100: responding to Main Mode from unknown peer 95.96.10.129
2079. Aug 26 16:07:07 system pluto[19911]: "LAN"[6] 95.96.10.129 #100: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
2080. Aug 26 16:07:07 system pluto[19911]: "LAN"[6] 95.96.10.129 #100: STATE_MAIN_R1: sent MR1, expecting MI2
2081. Aug 26 16:07:07 system pluto[19911]: "LAN"[6] 95.96.10.129 #100: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
2082. Aug 26 16:07:07 system pluto[19911]: "LAN"[6] 95.96.10.129 #100: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
2083. Aug 26 16:07:07 system pluto[19911]: "LAN"[6] 95.96.10.129 #100: STATE_MAIN_R2: sent MR2, expecting MI3
2084. Aug 26 16:07:07 system pluto[19911]: "LAN"[6] 95.96.10.129 #100: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
2085. Aug 26 16:07:07 system pluto[19911]: "LAN"[6] 95.96.10.129 #100: I am sending my cert
2086. Aug 26 16:07:07 system pluto[19911]: "LAN"[6] 95.96.10.129 #100: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
2087. Aug 26 16:07:07 system pluto[19911]: "LAN"[6] 95.96.10.129 #100: new NAT mapping for #100, was 95.96.10.129:500, now 95.96.10.129:4500
2088. Aug 26 16:07:07 system pluto[19911]: "LAN"[6] 95.96.10.129 #100: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
2089. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: received Vendor ID payload [Openswan (this version) 2.6.28 ]
2090. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: received Vendor ID payload [Dead Peer Detection]
2091. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: received Vendor ID payload [RFC 3947] method set to=109
2092. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: enabling possible NAT-traversal with method 4
2093. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
2094. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: STATE_MAIN_I2: sent MI2, expecting MR2
2095. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
2096. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: I am sending my cert
2097. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: I am sending a certificate request
2098. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
2099. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: STATE_MAIN_I3: sent MI3, expecting MR3
2100. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: received Vendor ID payload [CAN-IKEv2]
2101. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
2102. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
2103. Aug 26 16:07:38 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
2104. Aug 26 16:07:42 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: received Vendor ID payload [Openswan (this version) 2.6.28 ]
2105. Aug 26 16:07:42 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: received Vendor ID payload [Dead Peer Detection]
2106. Aug 26 16:07:42 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: received Vendor ID payload [RFC 3947] method set to=109
2107. Aug 26 16:07:42 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: enabling possible NAT-traversal with method 4
2108. Aug 26 16:07:42 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
2109. Aug 26 16:07:42 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: STATE_MAIN_I2: sent MI2, expecting MR2
2110. Aug 26 16:07:42 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
2111. Aug 26 16:07:42 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: I am sending my cert
2112. Aug 26 16:07:42 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: I am sending a certificate request
2113. Aug 26 16:07:42 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
2114. Aug 26 16:07:42 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: STATE_MAIN_I3: sent MI3, expecting MR3
2115. Aug 26 16:07:43 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: received Vendor ID payload [CAN-IKEv2]
2116. Aug 26 16:07:43 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
2117. Aug 26 16:07:43 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
2118. Aug 26 16:07:43 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
2119. Aug 26 16:11:19 system pluto[19911]: "LAN"[6] 95.96.10.129 #96: received Delete SA payload: deleting ISAKMP State #96
2120. Aug 26 16:11:19 system pluto[19911]: packet from 95.96.10.129:4500: received and ignored informational message
2121. Aug 26 16:11:31 system pluto[19911]: "LAN"[6] 95.96.10.129 #94: received Delete SA payload: deleting ISAKMP State #94
2122. Aug 26 16:11:31 system pluto[19911]: packet from 95.96.10.129:4500: received and ignored informational message
2123. Aug 26 16:11:37 system pluto[19911]: "LAN"[5] 95.96.10.129 #95: received Delete SA payload: deleting ISAKMP State #95
2124. Aug 26 16:11:37 system pluto[19911]: packet from 95.96.10.129:4500: received and ignored informational message
2125. Aug 26 16:51:16 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: initiating Main Mode to replace #98
2126. Aug 26 16:56:11 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: initiating Main Mode to replace #99
2127. Aug 26 17:03:12 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Openswan (this version) 2.6.28 ]
2128. Aug 26 17:03:12 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [Dead Peer Detection]
2129. Aug 26 17:03:12 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [RFC 3947] method set to=109
2130. Aug 26 17:03:12 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
2131. Aug 26 17:03:12 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
2132. Aug 26 17:03:12 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
2133. Aug 26 17:03:12 system pluto[19911]: packet from 95.96.10.129:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
2134. Aug 26 17:03:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #103: responding to Main Mode from unknown peer 95.96.10.129
2135. Aug 26 17:03:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #103: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
2136. Aug 26 17:03:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #103: STATE_MAIN_R1: sent MR1, expecting MI2
2137. Aug 26 17:03:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #103: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
2138. Aug 26 17:03:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #103: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
2139. Aug 26 17:03:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #103: STATE_MAIN_R2: sent MR2, expecting MI3
2140. Aug 26 17:03:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #103: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
2141. Aug 26 17:03:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #103: I am sending my cert
2142. Aug 26 17:03:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #103: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
2143. Aug 26 17:03:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #103: new NAT mapping for #103, was 95.96.10.129:500, now 95.96.10.129:4500
2144. Aug 26 17:03:12 system pluto[19911]: "LAN"[6] 95.96.10.129 #103: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
2145. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: received Vendor ID payload [Openswan (this version) 2.6.28 ]
2146. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: received Vendor ID payload [Dead Peer Detection]
2147. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: received Vendor ID payload [RFC 3947] method set to=109
2148. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: enabling possible NAT-traversal with method 4
2149. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
2150. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: STATE_MAIN_I2: sent MI2, expecting MR2
2151. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
2152. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: I am sending my cert
2153. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: I am sending a certificate request
2154. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
2155. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: STATE_MAIN_I3: sent MI3, expecting MR3
2156. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: received Vendor ID payload [CAN-IKEv2]
2157. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
2158. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
2159. Aug 26 17:03:21 system pluto[19911]: "LAN"[6] 95.96.10.129 #102: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
2160. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: received Vendor ID payload [Openswan (this version) 2.6.28 ]
2161. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: received Vendor ID payload [Dead Peer Detection]
2162. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: received Vendor ID payload [RFC 3947] method set to=109
2163. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: enabling possible NAT-traversal with method 4
2164. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
2165. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: STATE_MAIN_I2: sent MI2, expecting MR2
2166. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
2167. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: I am sending my cert
2168. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: I am sending a certificate request
2169. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
2170. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: STATE_MAIN_I3: sent MI3, expecting MR3
2171. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: received Vendor ID payload [CAN-IKEv2]
2172. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation, OU=Research and Development, CN=Right1024, E=admin@testingcorporation.nl'
2173. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
2174. Aug 26 17:03:46 system pluto[19911]: "LAN"[5] 95.96.10.129 #101: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=aes_128 prf=oakley_sha group=modp2048}
2175. Aug 26 17:07:06 system pluto[19911]: "LAN"[6] 95.96.10.129 #100: received Delete SA payload: deleting ISAKMP State #100
2176. Aug 26 17:07:06 system pluto[19911]: packet from 95.96.10.129:4500: received and ignored informational message
2177. Aug 26 17:07:37 system pluto[19911]: "LAN"[6] 95.96.10.129 #99: received Delete SA payload: deleting ISAKMP State #99
2178. Aug 26 17:07:37 system pluto[19911]: packet from 95.96.10.129:4500: received and ignored informational message
2179. Aug 26 17:07:42 system pluto[19911]: "LAN"[5] 95.96.10.129 #98: received Delete SA payload: deleting ISAKMP State #98
2180. Aug 26 17:07:42 system pluto[19911]: packet from 95.96.10.129:4500: received and ignored informational message
2181. + _________________________ date
2182. + date
2183. Thu Aug 26 17:09:26 CEST 2010