Advertisement
Guest User

SS config and logs

a guest
Jul 29th, 2015
286
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 80.42 KB | None | 0 0
  1. Server ipsec.conf:
  2.  
  3. config setup
  4. charondebug="tls 2, ike 2"
  5.  
  6. conn %default
  7. ikelifetime=60m
  8. keylife=20m
  9. rekeymargin=3m
  10. keyingtries=1
  11. keyexchange=ikev2
  12.  
  13. conn dtss-vpn
  14. left=203.37.210.230
  15. leftcert=vpn.datacomtss.com.au.cert
  16. leftid="OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  17. leftauth=pubkey
  18. rightauth=eap-tls
  19. leftsubnet=192.168.0.0/16
  20. right=%any
  21. rightca="C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=Datacom TSS Corp VPN CA"
  22. rightsendcert=never
  23. eap_identity=%any
  24. rightsourceip=172.16.0.97/27
  25. rightdns=192.168.8.10,8.8.8.8
  26. auto=add
  27.  
  28.  
  29. Server logs:
  30.  
  31. Jul 29 23:49:34 vpn kernel: IPTables-Accepted: IN=eno16777728 OUT= MAC=00:50:56:8a:c8:af:00:1b:17:b8:14:01:08:00 SRC=172.16.0.10 DST=203.37.210.230 LEN=752 TOS=0x00 PREC=0x00 TTL=62 ID=36838 DF PROTO=UDP SPT=29688 DPT=500 LEN=732
  32. Jul 29 23:49:34 vpn charon: 15[NET] received packet: from 172.16.0.10[29688] to 203.37.210.230[500] (724 bytes)
  33. Jul 29 23:49:34 vpn charon: 15[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
  34. Jul 29 23:49:34 vpn charon: 15[IKE] 172.16.0.10 is initiating an IKE_SA
  35. Jul 29 23:49:34 vpn charon: 15[IKE] IKE_SA (unnamed)[11] state change: CREATED => CONNECTING
  36. Jul 29 23:49:34 vpn charon: 15[IKE] remote host is behind NAT
  37. Jul 29 23:49:34 vpn charon: 15[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(MULT_AUTH) ]
  38. Jul 29 23:49:34 vpn charon: 15[NET] sending packet: from 203.37.210.230[500] to 172.16.0.10[29688] (456 bytes)
  39. Jul 29 23:49:34 vpn kernel: IPTables-Accepted: IN=eno16777728 OUT= MAC=00:50:56:8a:c8:af:00:1b:17:b8:14:01:08:00 SRC=172.16.0.10 DST=203.37.210.230 LEN=732 TOS=0x00 PREC=0x00 TTL=62 ID=36839 DF PROTO=UDP SPT=26648 DPT=4500 LEN=712
  40. Jul 29 23:49:34 vpn charon: 12[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (700 bytes)
  41. Jul 29 23:49:34 vpn charon: 12[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
  42. Jul 29 23:49:34 vpn charon: 12[CFG] looking for peer configs matching 203.37.210.230[OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au]...172.16.0.10[C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au]
  43. Jul 29 23:49:34 vpn charon: 12[CFG] selected peer config 'dtss-vpn'
  44. Jul 29 23:49:34 vpn charon: 12[IKE] initiating EAP_IDENTITY method (id 0x00)
  45. Jul 29 23:49:34 vpn charon: 12[IKE] processing INTERNAL_IP4_ADDRESS attribute
  46. Jul 29 23:49:34 vpn charon: 12[IKE] processing INTERNAL_IP4_DNS attribute
  47. Jul 29 23:49:34 vpn charon: 12[IKE] peer supports MOBIKE
  48. Jul 29 23:49:34 vpn charon: 12[IKE] got additional MOBIKE peer address: 172.17.42.1
  49. Jul 29 23:49:34 vpn charon: 12[IKE] authentication of 'OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au' (myself) with RSA_EMSA_PKCS1_SHA256 successful
  50. Jul 29 23:49:34 vpn charon: 12[ENC] generating IKE_AUTH response 1 [ IDr AUTH EAP/REQ/ID ]
  51. Jul 29 23:49:34 vpn charon: 12[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (524 bytes)
  52. Jul 29 23:49:34 vpn ipsec: 06[TLS] received EAP_TLS acknowledgement packet
  53. Jul 29 23:49:34 vpn ipsec: 06[TLS] sending EAP_TLS final fragment (427 bytes)
  54. Jul 29 23:49:34 vpn ipsec: 06[ENC] generating IKE_AUTH response 7 [ EAP/REQ/TLS ]
  55. Jul 29 23:49:34 vpn ipsec: 06[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[23731] (492 bytes)
  56. Jul 29 23:49:34 vpn ipsec: 07[NET] received packet: from 172.16.0.10[23731] to 203.37.210.230[4500] (1100 bytes)
  57. Jul 29 23:49:34 vpn ipsec: 07[ENC] parsed IKE_AUTH request 8 [ EAP/RES/TLS ]
  58. Jul 29 23:49:34 vpn ipsec: 07[TLS] buffering 1014 bytes, 1014 bytes of 1968 byte TLS record received
  59. Jul 29 23:49:34 vpn ipsec: 07[TLS] sending EAP_TLS acknowledgement packet
  60. Jul 29 23:49:34 vpn ipsec: 07[ENC] generating IKE_AUTH response 8 [ EAP/REQ/TLS ]
  61. Jul 29 23:49:34 vpn ipsec: 07[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[23731] (76 bytes)
  62. Jul 29 23:49:34 vpn ipsec: 09[NET] received packet: from 172.16.0.10[23731] to 203.37.210.230[4500] (1100 bytes)
  63. Jul 29 23:49:34 vpn ipsec: 09[ENC] parsed IKE_AUTH request 9 [ EAP/RES/TLS ]
  64. Jul 29 23:49:34 vpn ipsec: 09[TLS] buffering 954 bytes, 1968 bytes of 1968 byte TLS record received
  65. Jul 29 23:49:34 vpn ipsec: 09[TLS] processing buffered TLS Handshake record (1963 bytes)
  66. Jul 29 23:49:34 vpn ipsec: 09[TLS] received TLS Certificate handshake (1433 bytes)
  67. Jul 29 23:49:34 vpn ipsec: 09[TLS] received TLS peer certificate 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au'
  68. Jul 29 23:49:34 vpn ipsec: 09[TLS] received TLS ClientKeyExchange handshake (258 bytes)
  69. Jul 29 23:49:34 vpn ipsec: 09[TLS] received TLS CertificateVerify handshake (260 bytes)
  70. Jul 29 23:49:34 vpn ipsec: 09[CFG] using certificate "C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au"
  71. Jul 29 23:49:34 vpn ipsec: 09[CFG] no issuer certificate found for "C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au"
  72. Jul 29 23:49:34 vpn ipsec: 09[TLS] no trusted certificate found for 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au' to verify TLS peer
  73. Jul 29 23:49:34 vpn ipsec: 09[TLS] processing TLS ChangeCipherSpec record (1 bytes)
  74. Jul 29 23:49:34 vpn ipsec: 09[TLS] buffering 58 bytes, 58 bytes of 69 byte TLS record received
  75. Jul 29 23:49:34 vpn ipsec: 09[TLS] sending fatal TLS alert 'certificate unknown'
  76. Jul 29 23:49:34 vpn ipsec: 09[TLS] sending TLS Alert record (2 bytes)
  77. Jul 29 23:49:34 vpn ipsec: 09[TLS] sending EAP_TLS packet (17 bytes)
  78. Jul 29 23:49:34 vpn ipsec: 09[ENC] generating IKE_AUTH response 9 [ EAP/REQ/TLS ]
  79. Jul 29 23:49:34 vpn charon: 10[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (252 bytes)
  80. Jul 29 23:49:34 vpn charon: 10[ENC] parsed IKE_AUTH request 2 [ EAP/RES/ID ]
  81. Jul 29 23:49:34 vpn charon: 10[IKE] received EAP identity 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au'
  82. Jul 29 23:49:34 vpn charon: 10[TLS] disabling ECDSA suites, no backend found
  83. Jul 29 23:49:34 vpn charon: 10[TLS] 13 supported TLS cipher suites:
  84. Jul 29 23:49:34 vpn charon: 10[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  85. Jul 29 23:49:34 vpn charon: 10[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  86. Jul 29 23:49:34 vpn charon: 10[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  87. Jul 29 23:49:34 vpn charon: 10[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  88. Jul 29 23:49:34 vpn charon: 10[TLS] TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  89. Jul 29 23:49:34 vpn charon: 10[TLS] TLS_RSA_WITH_AES_128_CBC_SHA
  90. Jul 29 23:49:34 vpn charon: 10[TLS] TLS_RSA_WITH_AES_128_CBC_SHA256
  91. Jul 29 23:49:34 vpn charon: 10[TLS] TLS_RSA_WITH_AES_256_CBC_SHA
  92. Jul 29 23:49:34 vpn ipsec: 09[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[23731] (92 bytes)
  93. Jul 29 23:49:34 vpn ipsec: 13[NET] received packet: from 172.16.0.10[23731] to 203.37.210.230[4500] (76 bytes)
  94. Jul 29 23:49:34 vpn ipsec: 13[ENC] parsed INFORMATIONAL request 10 [ N(AUTH_FAILED) ]
  95. Jul 29 23:49:34 vpn ipsec: 13[ENC] generating INFORMATIONAL response 10 [ N(AUTH_FAILED) ]
  96. Jul 29 23:49:34 vpn ipsec: 13[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[23731] (76 bytes)
  97. Jul 29 23:49:34 vpn ipsec: 13[IKE] IKE_SA dtss-vpn[10] state change: CONNECTING => DESTROYING
  98. Jul 29 23:49:34 vpn ipsec: 15[NET] received packet: from 172.16.0.10[29688] to 203.37.210.230[500] (724 bytes)
  99. Jul 29 23:49:34 vpn ipsec: 15[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
  100. Jul 29 23:49:34 vpn ipsec: 15[IKE] 172.16.0.10 is initiating an IKE_SA
  101. Jul 29 23:49:34 vpn ipsec: 15[IKE] IKE_SA (unnamed)[11] state change: CREATED => CONNECTING
  102. Jul 29 23:49:34 vpn ipsec: 15[IKE] remote host is behind NAT
  103. Jul 29 23:49:34 vpn ipsec: 15[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(MULT_AUTH) ]
  104. Jul 29 23:49:34 vpn ipsec: 15[NET] sending packet: from 203.37.210.230[500] to 172.16.0.10[29688] (456 bytes)
  105. Jul 29 23:49:34 vpn ipsec: 12[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (700 bytes)
  106. Jul 29 23:49:34 vpn ipsec: 12[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
  107. Jul 29 23:49:34 vpn ipsec: 12[CFG] looking for peer configs matching 203.37.210.230[OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au]...172.16.0.10[C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au]
  108. Jul 29 23:49:34 vpn ipsec: 12[CFG] selected peer config 'dtss-vpn'
  109. Jul 29 23:49:34 vpn ipsec: 12[IKE] initiating EAP_IDENTITY method (id 0x00)
  110. Jul 29 23:49:34 vpn ipsec: 12[IKE] processing INTERNAL_IP4_ADDRESS attribute
  111. Jul 29 23:49:34 vpn ipsec: 12[IKE] processing INTERNAL_IP4_DNS attribute
  112. Jul 29 23:49:34 vpn ipsec: 12[IKE] peer supports MOBIKE
  113. Jul 29 23:49:34 vpn ipsec: 12[IKE] got additional MOBIKE peer address: 172.17.42.1
  114. Jul 29 23:49:34 vpn ipsec: 12[IKE] authentication of 'OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au' (myself) with RSA_EMSA_PKCS1_SHA256 successful
  115. Jul 29 23:49:34 vpn ipsec: 12[ENC] generating IKE_AUTH response 1 [ IDr AUTH EAP/REQ/ID ]
  116. Jul 29 23:49:34 vpn charon: 10[TLS] TLS_RSA_WITH_AES_256_CBC_SHA256
  117. Jul 29 23:49:34 vpn charon: 10[TLS] TLS_RSA_WITH_3DES_EDE_CBC_SHA
  118. Jul 29 23:49:34 vpn charon: 10[TLS] TLS_RSA_WITH_NULL_SHA
  119. Jul 29 23:49:34 vpn charon: 10[TLS] TLS_RSA_WITH_NULL_SHA256
  120. Jul 29 23:49:34 vpn charon: 10[TLS] TLS_RSA_WITH_NULL_MD5
  121. Jul 29 23:49:34 vpn charon: 10[TLS] sending EAP_TLS start packet (6 bytes)
  122. Jul 29 23:49:34 vpn charon: 10[IKE] initiating EAP_TLS method (id 0x62)
  123. Jul 29 23:49:34 vpn charon: 10[ENC] generating IKE_AUTH response 2 [ EAP/REQ/TLS ]
  124. Jul 29 23:49:34 vpn charon: 10[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (76 bytes)
  125. Jul 29 23:49:34 vpn charon: 08[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (172 bytes)
  126. Jul 29 23:49:34 vpn charon: 08[ENC] parsed IKE_AUTH request 3 [ EAP/RES/TLS ]
  127. Jul 29 23:49:34 vpn charon: 08[TLS] processing TLS Handshake record (89 bytes)
  128. Jul 29 23:49:34 vpn charon: 08[TLS] received TLS ClientHello handshake (85 bytes)
  129. Jul 29 23:49:34 vpn charon: 08[TLS] received TLS 'signature algorithms' extension
  130. Jul 29 23:49:34 vpn charon: 08[TLS] received 13 TLS cipher suites:
  131. Jul 29 23:49:34 vpn charon: 08[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  132. Jul 29 23:49:34 vpn charon: 08[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  133. Jul 29 23:49:34 vpn charon: 08[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  134. Jul 29 23:49:34 vpn charon: 08[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  135. Jul 29 23:49:34 vpn charon: 08[TLS] TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  136. Jul 29 23:49:34 vpn charon: 08[TLS] TLS_RSA_WITH_AES_128_CBC_SHA
  137. Jul 29 23:49:34 vpn charon: 08[TLS] TLS_RSA_WITH_AES_128_CBC_SHA256
  138. Jul 29 23:49:34 vpn charon: 08[TLS] TLS_RSA_WITH_AES_256_CBC_SHA
  139. Jul 29 23:49:34 vpn charon: 08[TLS] TLS_RSA_WITH_AES_256_CBC_SHA256
  140. Jul 29 23:49:34 vpn charon: 08[TLS] TLS_RSA_WITH_3DES_EDE_CBC_SHA
  141. Jul 29 23:49:34 vpn charon: 08[TLS] TLS_RSA_WITH_NULL_SHA
  142. Jul 29 23:49:34 vpn charon: 08[TLS] TLS_RSA_WITH_NULL_SHA256
  143. Jul 29 23:49:34 vpn charon: 08[TLS] TLS_RSA_WITH_NULL_MD5
  144. Jul 29 23:49:34 vpn charon: 08[TLS] negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  145. Jul 29 23:49:34 vpn charon: 08[TLS] sending TLS ServerHello handshake (54 bytes)
  146. Jul 29 23:49:34 vpn charon: 08[TLS] sending TLS server certificate 'OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au'
  147. Jul 29 23:49:34 vpn charon: 08[TLS] sending TLS intermediate certificate 'C=US, O=GeoTrust Inc., CN=RapidSSL SHA256 CA - G3'
  148. Jul 29 23:49:34 vpn charon: 08[TLS] sending TLS intermediate certificate 'C=US, O=GeoTrust Inc., CN=GeoTrust Global CA'
  149. Jul 29 23:49:34 vpn charon: 08[TLS] sending TLS Certificate handshake (3175 bytes)
  150. Jul 29 23:49:34 vpn charon: 08[TLS] selected DH group MODP_2048
  151. Jul 29 23:49:34 vpn charon: 08[TLS] created signature with SHA256/RSA
  152. Jul 29 23:49:34 vpn charon: 08[TLS] sending TLS ServerKeyExchange handshake (779 bytes)
  153. Jul 29 23:49:34 vpn charon: 08[TLS] sending TLS cert request for 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=Datacom TSS Corp VPN CA'
  154. Jul 29 23:49:34 vpn charon: 08[TLS] sending TLS cert request for 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=Datacom TSS Root CA'
  155. Jul 29 23:49:34 vpn charon: 08[TLS] sending TLS cert request for 'C=US, O=GeoTrust Inc., CN=RapidSSL SHA256 CA - G3'
  156. Jul 29 23:49:34 vpn charon: 08[TLS] sending TLS cert request for 'C=US, O=GeoTrust Inc., CN=GeoTrust Global CA'
  157. Jul 29 23:49:34 vpn charon: 08[TLS] sending TLS CertificateRequest handshake (456 bytes)
  158. Jul 29 23:49:34 vpn charon: 08[TLS] sending TLS ServerHelloDone handshake (0 bytes)
  159. Jul 29 23:49:34 vpn charon: 08[TLS] sending TLS Handshake record (4484 bytes)
  160. Jul 29 23:49:34 vpn charon: 08[TLS] sending EAP_TLS first fragment (1024 bytes)
  161. Jul 29 23:49:34 vpn charon: 08[ENC] generating IKE_AUTH response 3 [ EAP/REQ/TLS ]
  162. Jul 29 23:49:34 vpn charon: 08[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (1100 bytes)
  163. Jul 29 23:49:34 vpn charon: 04[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (76 bytes)
  164. Jul 29 23:49:34 vpn charon: 04[ENC] parsed IKE_AUTH request 4 [ EAP/RES/TLS ]
  165. Jul 29 23:49:34 vpn charon: 04[TLS] received EAP_TLS acknowledgement packet
  166. Jul 29 23:49:34 vpn charon: 04[TLS] sending EAP_TLS further fragment (1024 bytes)
  167. Jul 29 23:49:34 vpn charon: 04[ENC] generating IKE_AUTH response 4 [ EAP/REQ/TLS ]
  168. Jul 29 23:49:34 vpn charon: 04[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (1100 bytes)
  169. Jul 29 23:49:34 vpn charon: 06[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (76 bytes)
  170. Jul 29 23:49:34 vpn charon: 06[ENC] parsed IKE_AUTH request 5 [ EAP/RES/TLS ]
  171. Jul 29 23:49:34 vpn charon: 06[TLS] received EAP_TLS acknowledgement packet
  172. Jul 29 23:49:34 vpn charon: 06[TLS] sending EAP_TLS further fragment (1024 bytes)
  173. Jul 29 23:49:34 vpn charon: 06[ENC] generating IKE_AUTH response 5 [ EAP/REQ/TLS ]
  174. Jul 29 23:49:34 vpn charon: 06[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (1100 bytes)
  175. Jul 29 23:49:34 vpn ipsec: 12[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (524 bytes)
  176. Jul 29 23:49:34 vpn ipsec: 10[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (252 bytes)
  177. Jul 29 23:49:34 vpn ipsec: 10[ENC] parsed IKE_AUTH request 2 [ EAP/RES/ID ]
  178. Jul 29 23:49:34 vpn ipsec: 10[IKE] received EAP identity 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au'
  179. Jul 29 23:49:34 vpn ipsec: 10[TLS] disabling ECDSA suites, no backend found
  180. Jul 29 23:49:34 vpn ipsec: 10[TLS] 13 supported TLS cipher suites:
  181. Jul 29 23:49:34 vpn ipsec: 10[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  182. Jul 29 23:49:34 vpn ipsec: 10[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  183. Jul 29 23:49:34 vpn ipsec: 10[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  184. Jul 29 23:49:34 vpn ipsec: 10[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  185. Jul 29 23:49:34 vpn ipsec: 10[TLS] TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  186. Jul 29 23:49:34 vpn ipsec: 10[TLS] TLS_RSA_WITH_AES_128_CBC_SHA
  187. Jul 29 23:49:34 vpn ipsec: 10[TLS] TLS_RSA_WITH_AES_128_CBC_SHA256
  188. Jul 29 23:49:34 vpn ipsec: 10[TLS] TLS_RSA_WITH_AES_256_CBC_SHA
  189. Jul 29 23:49:34 vpn ipsec: 10[TLS] TLS_RSA_WITH_AES_256_CBC_SHA256
  190. Jul 29 23:49:34 vpn ipsec: 10[TLS] TLS_RSA_WITH_3DES_EDE_CBC_SHA
  191. Jul 29 23:49:34 vpn ipsec: 10[TLS] TLS_RSA_WITH_NULL_SHA
  192. Jul 29 23:49:34 vpn ipsec: 10[TLS] TLS_RSA_WITH_NULL_SHA256
  193. Jul 29 23:49:34 vpn ipsec: 10[TLS] TLS_RSA_WITH_NULL_MD5
  194. Jul 29 23:49:34 vpn ipsec: 10[TLS] sending EAP_TLS start packet (6 bytes)
  195. Jul 29 23:49:34 vpn ipsec: 10[IKE] initiating EAP_TLS method (id 0x62)
  196. Jul 29 23:49:34 vpn ipsec: 10[ENC] generating IKE_AUTH response 2 [ EAP/REQ/TLS ]
  197. Jul 29 23:49:34 vpn ipsec: 10[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (76 bytes)
  198. Jul 29 23:49:34 vpn ipsec: 08[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (172 bytes)
  199. Jul 29 23:49:34 vpn ipsec: 08[ENC] parsed IKE_AUTH request 3 [ EAP/RES/TLS ]
  200. Jul 29 23:49:34 vpn ipsec: 08[TLS] processing TLS Handshake record (89 bytes)
  201. Jul 29 23:49:34 vpn ipsec: 08[TLS] received TLS ClientHello handshake (85 bytes)
  202. Jul 29 23:49:34 vpn ipsec: 08[TLS] received TLS 'signature algorithms' extension
  203. Jul 29 23:49:34 vpn ipsec: 08[TLS] received 13 TLS cipher suites:
  204. Jul 29 23:49:34 vpn ipsec: 08[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  205. Jul 29 23:49:34 vpn ipsec: 08[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  206. Jul 29 23:49:34 vpn ipsec: 08[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  207. Jul 29 23:49:34 vpn ipsec: 08[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  208. Jul 29 23:49:34 vpn ipsec: 08[TLS] TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  209. Jul 29 23:49:34 vpn ipsec: 08[TLS] TLS_RSA_WITH_AES_128_CBC_SHA
  210. Jul 29 23:49:34 vpn ipsec: 08[TLS] TLS_RSA_WITH_AES_128_CBC_SHA256
  211. Jul 29 23:49:34 vpn ipsec: 08[TLS] TLS_RSA_WITH_AES_256_CBC_SHA
  212. Jul 29 23:49:34 vpn ipsec: 08[TLS] TLS_RSA_WITH_AES_256_CBC_SHA256
  213. Jul 29 23:49:34 vpn ipsec: 08[TLS] TLS_RSA_WITH_3DES_EDE_CBC_SHA
  214. Jul 29 23:49:34 vpn ipsec: 08[TLS] TLS_RSA_WITH_NULL_SHA
  215. Jul 29 23:49:34 vpn ipsec: 08[TLS] TLS_RSA_WITH_NULL_SHA256
  216. Jul 29 23:49:34 vpn ipsec: 08[TLS] TLS_RSA_WITH_NULL_MD5
  217. Jul 29 23:49:34 vpn ipsec: 08[TLS] negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  218. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending TLS ServerHello handshake (54 bytes)
  219. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending TLS server certificate 'OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au'
  220. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending TLS intermediate certificate 'C=US, O=GeoTrust Inc., CN=RapidSSL SHA256 CA - G3'
  221. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending TLS intermediate certificate 'C=US, O=GeoTrust Inc., CN=GeoTrust Global CA'
  222. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending TLS Certificate handshake (3175 bytes)
  223. Jul 29 23:49:34 vpn ipsec: 08[TLS] selected DH group MODP_2048
  224. Jul 29 23:49:34 vpn ipsec: 08[TLS] created signature with SHA256/RSA
  225. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending TLS ServerKeyExchange handshake (779 bytes)
  226. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending TLS cert request for 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=Datacom TSS Corp VPN CA'
  227. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending TLS cert request for 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=Datacom TSS Root CA'
  228. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending TLS cert request for 'C=US, O=GeoTrust Inc., CN=RapidSSL SHA256 CA - G3'
  229. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending TLS cert request for 'C=US, O=GeoTrust Inc., CN=GeoTrust Global CA'
  230. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending TLS CertificateRequest handshake (456 bytes)
  231. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending TLS ServerHelloDone handshake (0 bytes)
  232. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending TLS Handshake record (4484 bytes)
  233. Jul 29 23:49:34 vpn ipsec: 08[TLS] sending EAP_TLS first fragment (1024 bytes)
  234. Jul 29 23:49:34 vpn ipsec: 08[ENC] generating IKE_AUTH response 3 [ EAP/REQ/TLS ]
  235. Jul 29 23:49:34 vpn ipsec: 08[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (1100 bytes)
  236. Jul 29 23:49:34 vpn ipsec: 04[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (76 bytes)
  237. Jul 29 23:49:34 vpn ipsec: 04[ENC] parsed IKE_AUTH request 4 [ EAP/RES/TLS ]
  238. Jul 29 23:49:34 vpn ipsec: 04[TLS] received EAP_TLS acknowledgement packet
  239. Jul 29 23:49:34 vpn ipsec: 04[TLS] sending EAP_TLS further fragment (1024 bytes)
  240. Jul 29 23:49:34 vpn ipsec: 04[ENC] generating IKE_AUTH response 4 [ EAP/REQ/TLS ]
  241. Jul 29 23:49:34 vpn ipsec: 04[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (1100 bytes)
  242. Jul 29 23:49:34 vpn ipsec: 06[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (76 bytes)
  243. Jul 29 23:49:34 vpn ipsec: 06[ENC] parsed IKE_AUTH request 5 [ EAP/RES/TLS ]
  244. Jul 29 23:49:34 vpn charon: 07[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (76 bytes)
  245. Jul 29 23:49:34 vpn charon: 07[ENC] parsed IKE_AUTH request 6 [ EAP/RES/TLS ]
  246. Jul 29 23:49:34 vpn charon: 07[TLS] received EAP_TLS acknowledgement packet
  247. Jul 29 23:49:34 vpn charon: 07[TLS] sending EAP_TLS further fragment (1024 bytes)
  248. Jul 29 23:49:34 vpn charon: 07[ENC] generating IKE_AUTH response 6 [ EAP/REQ/TLS ]
  249. Jul 29 23:49:34 vpn charon: 07[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (1100 bytes)
  250. Jul 29 23:49:34 vpn charon: 09[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (76 bytes)
  251. Jul 29 23:49:34 vpn charon: 09[ENC] parsed IKE_AUTH request 7 [ EAP/RES/TLS ]
  252. Jul 29 23:49:34 vpn charon: 09[TLS] received EAP_TLS acknowledgement packet
  253. Jul 29 23:49:34 vpn charon: 09[TLS] sending EAP_TLS final fragment (427 bytes)
  254. Jul 29 23:49:34 vpn charon: 09[ENC] generating IKE_AUTH response 7 [ EAP/REQ/TLS ]
  255. Jul 29 23:49:34 vpn charon: 09[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (492 bytes)
  256. Jul 29 23:49:34 vpn ipsec: 06[TLS] received EAP_TLS acknowledgement packet
  257. Jul 29 23:49:34 vpn charon: 13[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (1100 bytes)
  258. Jul 29 23:49:34 vpn charon: 13[ENC] parsed IKE_AUTH request 8 [ EAP/RES/TLS ]
  259. Jul 29 23:49:34 vpn charon: 13[TLS] buffering 1014 bytes, 1014 bytes of 1968 byte TLS record received
  260. Jul 29 23:49:34 vpn charon: 13[TLS] sending EAP_TLS acknowledgement packet
  261. Jul 29 23:49:34 vpn charon: 13[ENC] generating IKE_AUTH response 8 [ EAP/REQ/TLS ]
  262. Jul 29 23:49:34 vpn charon: 13[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (76 bytes)
  263. Jul 29 23:49:34 vpn charon: 11[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (1100 bytes)
  264. Jul 29 23:49:34 vpn charon: 11[ENC] parsed IKE_AUTH request 9 [ EAP/RES/TLS ]
  265. Jul 29 23:49:34 vpn charon: 11[TLS] buffering 954 bytes, 1968 bytes of 1968 byte TLS record received
  266. Jul 29 23:49:34 vpn charon: 11[TLS] processing buffered TLS Handshake record (1963 bytes)
  267. Jul 29 23:49:34 vpn charon: 11[TLS] received TLS Certificate handshake (1433 bytes)
  268. Jul 29 23:49:34 vpn charon: 11[TLS] received TLS peer certificate 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au'
  269. Jul 29 23:49:34 vpn charon: 11[TLS] received TLS ClientKeyExchange handshake (258 bytes)
  270. Jul 29 23:49:34 vpn charon: 11[TLS] received TLS CertificateVerify handshake (260 bytes)
  271. Jul 29 23:49:34 vpn charon: 11[CFG] using certificate "C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au"
  272. Jul 29 23:49:34 vpn charon: 11[CFG] no issuer certificate found for "C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au"
  273. Jul 29 23:49:34 vpn charon: 11[TLS] no trusted certificate found for 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au' to verify TLS peer
  274. Jul 29 23:49:34 vpn charon: 11[TLS] processing TLS ChangeCipherSpec record (1 bytes)
  275. Jul 29 23:49:34 vpn charon: 11[TLS] buffering 58 bytes, 58 bytes of 69 byte TLS record received
  276. Jul 29 23:49:34 vpn charon: 11[TLS] sending fatal TLS alert 'certificate unknown'
  277. Jul 29 23:49:34 vpn charon: 11[TLS] sending TLS Alert record (2 bytes)
  278. Jul 29 23:49:34 vpn charon: 11[TLS] sending EAP_TLS packet (17 bytes)
  279. Jul 29 23:49:34 vpn charon: 11[ENC] generating IKE_AUTH response 9 [ EAP/REQ/TLS ]
  280. Jul 29 23:49:34 vpn charon: 11[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (92 bytes)
  281. Jul 29 23:49:34 vpn charon: 16[NET] received packet: from 172.16.0.10[26648] to 203.37.210.230[4500] (76 bytes)
  282. Jul 29 23:49:34 vpn charon: 16[ENC] parsed INFORMATIONAL request 10 [ N(AUTH_FAILED) ]
  283. Jul 29 23:49:34 vpn charon: 16[ENC] generating INFORMATIONAL response 10 [ N(AUTH_FAILED) ]
  284. Jul 29 23:49:34 vpn charon: 16[NET] sending packet: from 203.37.210.230[4500] to 172.16.0.10[26648] (76 bytes)
  285. Jul 29 23:49:34 vpn charon: 16[IKE] IKE_SA dtss-vpn[11] state change: CONNECTING => DESTROYING
  286.  
  287.  
  288. Client ipsec.conf:
  289.  
  290. config setup
  291. charondebug="tls 2, ike 2"
  292.  
  293. conn %default
  294. ikelifetime=60m
  295. keylife=20m
  296. rekeymargin=3m
  297. keyingtries=1
  298. keyexchange=ikev2
  299.  
  300. conn home
  301. left=192.168.80.10
  302. leftcert=craddie.cert.pem
  303. leftauth=eap
  304. leftid="C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au"
  305. leftsourceip=%config
  306. right=vpn.datacomtss.com.au
  307. rightcert=vpn.datacomtss.com.au.cert
  308. rightid="OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  309. rightauth=any
  310. rightsubnet=192.168.0.0/16
  311. rightsendcert=never
  312. auto=add
  313.  
  314.  
  315. client logs:
  316.  
  317. Jul 30 09:50:35 lina charon: 14[CFG] received stroke: initiate 'home'
  318. Jul 30 09:50:35 lina charon: 14[CFG] received stroke: initiate 'home'
  319. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_VENDOR task
  320. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_INIT task
  321. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_VENDOR task
  322. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_NATD task
  323. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_INIT task
  324. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_CERT_PRE task
  325. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_NATD task
  326. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_AUTH task
  327. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_CERT_PRE task
  328. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_CERT_POST task
  329. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_AUTH task
  330. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_CONFIG task
  331. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_CERT_POST task
  332. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_AUTH_LIFETIME task
  333. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_CONFIG task
  334. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_MOBIKE task
  335. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_AUTH_LIFETIME task
  336. Jul 30 09:50:35 lina charon: 13[IKE] queueing CHILD_CREATE task
  337. Jul 30 09:50:35 lina charon: 13[IKE] queueing IKE_MOBIKE task
  338. Jul 30 09:50:35 lina charon: 13[IKE] activating new tasks
  339. Jul 30 09:50:35 lina charon: 13[IKE] queueing CHILD_CREATE task
  340. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_VENDOR task
  341. Jul 30 09:50:35 lina charon: 13[IKE] activating new tasks
  342. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_INIT task
  343. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_VENDOR task
  344. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_NATD task
  345. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_INIT task
  346. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_CERT_PRE task
  347. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_NATD task
  348. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_AUTH task
  349. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_CERT_PRE task
  350. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_CERT_POST task
  351. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_AUTH task
  352. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_CONFIG task
  353. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_CERT_POST task
  354. Jul 30 09:50:35 lina charon: 13[IKE] activating CHILD_CREATE task
  355. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_CONFIG task
  356. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_AUTH_LIFETIME task
  357. Jul 30 09:50:35 lina charon: 13[IKE] activating CHILD_CREATE task
  358. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_MOBIKE task
  359. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_AUTH_LIFETIME task
  360. Jul 30 09:50:35 lina charon: 13[IKE] initiating IKE_SA home[3] to 203.37.210.230
  361. Jul 30 09:50:35 lina charon: 13[IKE] activating IKE_MOBIKE task
  362. Jul 30 09:50:35 lina charon: 13[IKE] initiating IKE_SA home[3] to 203.37.210.230
  363. Jul 30 09:50:35 lina charon: 13[IKE] IKE_SA home[3] state change: CREATED => CONNECTING
  364. Jul 30 09:50:35 lina charon: 13[IKE] IKE_SA home[3] state change: CREATED => CONNECTING
  365. Jul 30 09:50:35 lina charon: 13[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
  366. Jul 30 09:50:35 lina charon: 13[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
  367. Jul 30 09:50:35 lina charon: 13[NET] sending packet: from 192.168.80.10[500] to 203.37.210.230[500] (724 bytes)
  368. Jul 30 09:50:35 lina charon: 13[NET] sending packet: from 192.168.80.10[500] to 203.37.210.230[500] (724 bytes)
  369. Jul 30 09:50:35 lina charon: 04[NET] received packet: from 203.37.210.230[500] to 192.168.80.10[500] (456 bytes)
  370. Jul 30 09:50:35 lina charon: 04[NET] received packet: from 203.37.210.230[500] to 192.168.80.10[500] (456 bytes)
  371. Jul 30 09:50:35 lina charon: 04[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(MULT_AUTH) ]
  372. Jul 30 09:50:35 lina charon: 04[IKE] received SIGNATURE_HASH_ALGORITHMS notify
  373. Jul 30 09:50:35 lina charon: 04[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(MULT_AUTH) ]
  374. Jul 30 09:50:35 lina charon: 04[IKE] received SIGNATURE_HASH_ALGORITHMS notify
  375. Jul 30 09:50:35 lina charon: 04[IKE] local host is behind NAT, sending keep alives
  376. Jul 30 09:50:35 lina charon: 04[IKE] reinitiating already active tasks
  377. Jul 30 09:50:35 lina charon: 04[IKE] local host is behind NAT, sending keep alives
  378. Jul 30 09:50:35 lina charon: 04[IKE] IKE_CERT_PRE task
  379. Jul 30 09:50:35 lina charon: 04[IKE] reinitiating already active tasks
  380. Jul 30 09:50:35 lina charon: 04[IKE] IKE_AUTH task
  381. Jul 30 09:50:35 lina charon: 04[IKE] IKE_CERT_PRE task
  382. Jul 30 09:50:35 lina charon: 04[IKE] building INTERNAL_IP4_DNS attribute
  383. Jul 30 09:50:35 lina charon: 04[IKE] IKE_AUTH task
  384. Jul 30 09:50:35 lina charon: 04[IKE] establishing CHILD_SA home
  385. Jul 30 09:50:35 lina charon: 04[IKE] building INTERNAL_IP4_DNS attribute
  386. Jul 30 09:50:35 lina charon: 04[IKE] establishing CHILD_SA home
  387. Jul 30 09:50:35 lina charon: 04[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
  388. Jul 30 09:50:35 lina charon: 04[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (700 bytes)
  389. Jul 30 09:50:35 lina charon: 04[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
  390. Jul 30 09:50:35 lina charon: 04[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (700 bytes)
  391. Jul 30 09:50:35 lina charon: 12[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (524 bytes)
  392. Jul 30 09:50:35 lina charon: 12[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (524 bytes)
  393. Jul 30 09:50:35 lina charon: 12[ENC] parsed IKE_AUTH response 1 [ IDr AUTH EAP/REQ/ID ]
  394. Jul 30 09:50:35 lina charon: 12[ENC] parsed IKE_AUTH response 1 [ IDr AUTH EAP/REQ/ID ]
  395. Jul 30 09:50:35 lina charon: 12[CFG] no issuer certificate found for "OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  396. Jul 30 09:50:35 lina charon: 12[CFG] using trusted certificate "OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  397. Jul 30 09:50:35 lina charon: 12[IKE] authentication of 'OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au' with RSA_EMSA_PKCS1_SHA256 successful
  398. Jul 30 09:50:35 lina charon: 12[IKE] server requested EAP_IDENTITY (id 0x00), sending 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au'
  399. Jul 30 09:50:35 lina charon: 12[IKE] reinitiating already active tasks
  400. Jul 30 09:50:35 lina charon: 12[IKE] IKE_AUTH task
  401. Jul 30 09:50:35 lina charon: 12[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ]
  402. Jul 30 09:50:35 lina charon: 12[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (252 bytes)
  403. Jul 30 09:50:35 lina charon: 12[CFG] no issuer certificate found for "OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  404. Jul 30 09:50:35 lina charon: 12[CFG] using trusted certificate "OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  405. Jul 30 09:50:35 lina charon: 12[IKE] authentication of 'OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au' with RSA_EMSA_PKCS1_SHA256 successful
  406. Jul 30 09:50:35 lina charon: 12[IKE] server requested EAP_IDENTITY (id 0x00), sending 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au'
  407. Jul 30 09:50:35 lina charon: 12[IKE] reinitiating already active tasks
  408. Jul 30 09:50:35 lina charon: 12[IKE] IKE_AUTH task
  409. Jul 30 09:50:35 lina charon: 12[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ]
  410. Jul 30 09:50:35 lina charon: 12[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (252 bytes)
  411. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] received TLS cert request for unknown CA 'C=US, O=GeoTrust Inc., CN=RapidSSL SHA256 CA - G3'
  412. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] received TLS cert request for unknown CA 'C=US, O=GeoTrust Inc., CN=GeoTrust Global CA'
  413. Jul 30 09:50:35 lina ipsec: 08[TLS] received TLS cert request for unknown CA 'C=US, O=GeoTrust Inc., CN=RapidSSL SHA256 CA - G3'
  414. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] received TLS ServerHelloDone handshake (0 bytes)
  415. Jul 30 09:50:35 lina ipsec: 08[TLS] received TLS cert request for unknown CA 'C=US, O=GeoTrust Inc., CN=GeoTrust Global CA'
  416. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] sending TLS peer certificate 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au'
  417. Jul 30 09:50:35 lina ipsec: 08[TLS] received TLS ServerHelloDone handshake (0 bytes)
  418. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] sending TLS Certificate handshake (1433 bytes)
  419. Jul 30 09:50:35 lina ipsec: 08[TLS] sending TLS peer certificate 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au'
  420. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] sending TLS ClientKeyExchange handshake (258 bytes)
  421. Jul 30 09:50:35 lina ipsec: 08[TLS] sending TLS Certificate handshake (1433 bytes)
  422. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] created signature with SHA256/RSA
  423. Jul 30 09:50:35 lina ipsec: 08[TLS] sending TLS ClientKeyExchange handshake (258 bytes)
  424. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] sending TLS CertificateVerify handshake (260 bytes)
  425. Jul 30 09:50:35 lina ipsec: 08[TLS] created signature with SHA256/RSA
  426. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] sending TLS Handshake record (1963 bytes)
  427. Jul 30 09:50:35 lina ipsec: 08[TLS] sending TLS CertificateVerify handshake (260 bytes)
  428. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] sending TLS ChangeCipherSpec record (1 bytes)
  429. Jul 30 09:50:35 lina ipsec: 08[TLS] sending TLS Handshake record (1963 bytes)
  430. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] sending TLS Finished handshake (12 bytes)
  431. Jul 30 09:50:35 lina ipsec: 08[TLS] sending TLS ChangeCipherSpec record (1 bytes)
  432. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] sending TLS Handshake record (64 bytes)
  433. Jul 30 09:50:35 lina ipsec: 08[TLS] sending TLS Finished handshake (12 bytes)
  434. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] sending EAP_TLS first fragment (1024 bytes)
  435. Jul 30 09:50:35 lina ipsec: 08[TLS] sending TLS Handshake record (64 bytes)
  436. Jul 30 09:50:35 lina ipsec[31096]: 08[IKE] reinitiating already active tasks
  437. Jul 30 09:50:35 lina ipsec: 08[TLS] sending EAP_TLS first fragment (1024 bytes)
  438. Jul 30 09:50:35 lina ipsec[31096]: 08[IKE] IKE_AUTH task
  439. Jul 30 09:50:35 lina ipsec: 08[IKE] reinitiating already active tasks
  440. Jul 30 09:50:35 lina ipsec[31096]: 08[ENC] generating IKE_AUTH request 8 [ EAP/RES/TLS ]
  441. Jul 30 09:50:35 lina ipsec: 08[IKE] IKE_AUTH task
  442. Jul 30 09:50:35 lina ipsec[31096]: 08[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (1100 bytes)
  443. Jul 30 09:50:35 lina ipsec: 08[ENC] generating IKE_AUTH request 8 [ EAP/RES/TLS ]
  444. Jul 30 09:50:35 lina ipsec[31096]: 07[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (76 bytes)
  445. Jul 30 09:50:35 lina ipsec: 08[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (1100 bytes)
  446. Jul 30 09:50:35 lina ipsec[31096]: 07[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TLS ]
  447. Jul 30 09:50:35 lina ipsec: 07[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (76 bytes)
  448. Jul 30 09:50:35 lina ipsec[31096]: 07[TLS] received EAP_TLS acknowledgement packet
  449. Jul 30 09:50:35 lina ipsec: 07[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TLS ]
  450. Jul 30 09:50:35 lina ipsec[31096]: 07[TLS] sending EAP_TLS further fragment (1024 bytes)
  451. Jul 30 09:50:35 lina ipsec: 07[TLS] received EAP_TLS acknowledgement packet
  452. Jul 30 09:50:35 lina ipsec[31096]: 07[IKE] reinitiating already active tasks
  453. Jul 30 09:50:35 lina ipsec: 07[TLS] sending EAP_TLS further fragment (1024 bytes)
  454. Jul 30 09:50:35 lina ipsec[31096]: 07[IKE] IKE_AUTH task
  455. Jul 30 09:50:35 lina ipsec: 07[IKE] reinitiating already active tasks
  456. Jul 30 09:50:35 lina ipsec[31096]: 07[ENC] generating IKE_AUTH request 9 [ EAP/RES/TLS ]
  457. Jul 30 09:50:35 lina ipsec: 07[IKE] IKE_AUTH task
  458. Jul 30 09:50:35 lina ipsec[31096]: 07[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (1100 bytes)
  459. Jul 30 09:50:35 lina ipsec: 07[ENC] generating IKE_AUTH request 9 [ EAP/RES/TLS ]
  460. Jul 30 09:50:35 lina ipsec[31096]: 09[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (92 bytes)
  461. Jul 30 09:50:35 lina ipsec: 07[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (1100 bytes)
  462. Jul 30 09:50:35 lina ipsec[31096]: 09[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/TLS ]
  463. Jul 30 09:50:35 lina ipsec: 09[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (92 bytes)
  464. Jul 30 09:50:35 lina ipsec[31096]: 09[TLS] processing TLS Alert record (2 bytes)
  465. Jul 30 09:50:35 lina ipsec: 09[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/TLS ]
  466. Jul 30 09:50:35 lina ipsec[31096]: 09[TLS] received fatal TLS alert 'certificate unknown'
  467. Jul 30 09:50:35 lina ipsec: 09[TLS] processing TLS Alert record (2 bytes)
  468. Jul 30 09:50:35 lina ipsec[31096]: 09[IKE] EAP_TLS method failed
  469. Jul 30 09:50:35 lina ipsec: 09[TLS] received fatal TLS alert 'certificate unknown'
  470. Jul 30 09:50:35 lina ipsec[31096]: 09[ENC] generating INFORMATIONAL request 10 [ N(AUTH_FAILED) ]
  471. Jul 30 09:50:35 lina ipsec: 09[IKE] EAP_TLS method failed
  472. Jul 30 09:50:35 lina ipsec[31096]: 09[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  473. Jul 30 09:50:35 lina ipsec: 09[ENC] generating INFORMATIONAL request 10 [ N(AUTH_FAILED) ]
  474. Jul 30 09:50:35 lina ipsec[31096]: 09[IKE] IKE_SA home[2] state change: CONNECTING => DESTROYING
  475. Jul 30 09:50:35 lina ipsec: 09[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  476. Jul 30 09:50:35 lina ipsec[31096]: 14[CFG] received stroke: initiate 'home'
  477. Jul 30 09:50:35 lina ipsec: 09[IKE] IKE_SA home[2] state change: CONNECTING => DESTROYING
  478. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] queueing IKE_VENDOR task
  479. Jul 30 09:50:35 lina ipsec: 14[CFG] received stroke: initiate 'home'
  480. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] queueing IKE_INIT task
  481. Jul 30 09:50:35 lina ipsec: 13[IKE] queueing IKE_VENDOR task
  482. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] queueing IKE_NATD task
  483. Jul 30 09:50:35 lina ipsec: 13[IKE] queueing IKE_INIT task
  484. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] queueing IKE_CERT_PRE task
  485. Jul 30 09:50:35 lina ipsec: 13[IKE] queueing IKE_NATD task
  486. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] queueing IKE_AUTH task
  487. Jul 30 09:50:35 lina ipsec: 13[IKE] queueing IKE_CERT_PRE task
  488. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] queueing IKE_CERT_POST task
  489. Jul 30 09:50:35 lina ipsec: 13[IKE] queueing IKE_AUTH task
  490. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] queueing IKE_CONFIG task
  491. Jul 30 09:50:35 lina ipsec: 13[IKE] queueing IKE_CERT_POST task
  492. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] queueing IKE_AUTH_LIFETIME task
  493. Jul 30 09:50:35 lina ipsec: 13[IKE] queueing IKE_CONFIG task
  494. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] queueing IKE_MOBIKE task
  495. Jul 30 09:50:35 lina ipsec: 13[IKE] queueing IKE_AUTH_LIFETIME task
  496. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] queueing CHILD_CREATE task
  497. Jul 30 09:50:35 lina ipsec: 13[IKE] queueing IKE_MOBIKE task
  498. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] activating new tasks
  499. Jul 30 09:50:35 lina ipsec: 13[IKE] queueing CHILD_CREATE task
  500. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] activating IKE_VENDOR task
  501. Jul 30 09:50:35 lina ipsec: 13[IKE] activating new tasks
  502. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] activating IKE_INIT task
  503. Jul 30 09:50:35 lina ipsec: 13[IKE] activating IKE_VENDOR task
  504. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] activating IKE_NATD task
  505. Jul 30 09:50:35 lina ipsec: 13[IKE] activating IKE_INIT task
  506. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] activating IKE_CERT_PRE task
  507. Jul 30 09:50:35 lina ipsec: 13[IKE] activating IKE_NATD task
  508. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] activating IKE_AUTH task
  509. Jul 30 09:50:35 lina ipsec: 13[IKE] activating IKE_CERT_PRE task
  510. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] activating IKE_CERT_POST task
  511. Jul 30 09:50:35 lina ipsec: 13[IKE] activating IKE_AUTH task
  512. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] activating IKE_CONFIG task
  513. Jul 30 09:50:35 lina ipsec: 13[IKE] activating IKE_CERT_POST task
  514. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] activating CHILD_CREATE task
  515. Jul 30 09:50:35 lina ipsec: 13[IKE] activating IKE_CONFIG task
  516. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] activating IKE_AUTH_LIFETIME task
  517. Jul 30 09:50:35 lina ipsec: 13[IKE] activating CHILD_CREATE task
  518. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] activating IKE_MOBIKE task
  519. Jul 30 09:50:35 lina ipsec: 13[IKE] activating IKE_AUTH_LIFETIME task
  520. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] initiating IKE_SA home[3] to 203.37.210.230
  521. Jul 30 09:50:35 lina ipsec: 13[IKE] activating IKE_MOBIKE task
  522. Jul 30 09:50:35 lina ipsec[31096]: 13[IKE] IKE_SA home[3] state change: CREATED => CONNECTING
  523. Jul 30 09:50:35 lina ipsec: 13[IKE] initiating IKE_SA home[3] to 203.37.210.230
  524. Jul 30 09:50:35 lina ipsec[31096]: 13[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
  525. Jul 30 09:50:35 lina ipsec: 13[IKE] IKE_SA home[3] state change: CREATED => CONNECTING
  526. Jul 30 09:50:35 lina ipsec[31096]: 13[NET] sending packet: from 192.168.80.10[500] to 203.37.210.230[500] (724 bytes)
  527. Jul 30 09:50:35 lina ipsec: 13[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
  528. Jul 30 09:50:35 lina ipsec[31096]: 04[NET] received packet: from 203.37.210.230[500] to 192.168.80.10[500] (456 bytes)
  529. Jul 30 09:50:35 lina ipsec: 13[NET] sending packet: from 192.168.80.10[500] to 203.37.210.230[500] (724 bytes)
  530. Jul 30 09:50:35 lina ipsec[31096]: 04[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(MULT_AUTH) ]
  531. Jul 30 09:50:35 lina ipsec: 04[NET] received packet: from 203.37.210.230[500] to 192.168.80.10[500] (456 bytes)
  532. Jul 30 09:50:35 lina ipsec[31096]: 04[IKE] received SIGNATURE_HASH_ALGORITHMS notify
  533. Jul 30 09:50:35 lina ipsec: 04[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(MULT_AUTH) ]
  534. Jul 30 09:50:35 lina ipsec[31096]: 04[IKE] local host is behind NAT, sending keep alives
  535. Jul 30 09:50:35 lina ipsec: 04[IKE] received SIGNATURE_HASH_ALGORITHMS notify
  536. Jul 30 09:50:35 lina ipsec[31096]: 04[IKE] reinitiating already active tasks
  537. Jul 30 09:50:35 lina ipsec: 04[IKE] local host is behind NAT, sending keep alives
  538. Jul 30 09:50:35 lina ipsec[31096]: 04[IKE] IKE_CERT_PRE task
  539. Jul 30 09:50:35 lina ipsec: 04[IKE] reinitiating already active tasks
  540. Jul 30 09:50:35 lina ipsec[31096]: 04[IKE] IKE_AUTH task
  541. Jul 30 09:50:35 lina ipsec: 04[IKE] IKE_CERT_PRE task
  542. Jul 30 09:50:35 lina ipsec[31096]: 04[IKE] building INTERNAL_IP4_DNS attribute
  543. Jul 30 09:50:35 lina ipsec: 04[IKE] IKE_AUTH task
  544. Jul 30 09:50:35 lina ipsec[31096]: 04[IKE] establishing CHILD_SA home
  545. Jul 30 09:50:35 lina ipsec: 04[IKE] building INTERNAL_IP4_DNS attribute
  546. Jul 30 09:50:35 lina ipsec[31096]: 04[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
  547. Jul 30 09:50:35 lina ipsec: 04[IKE] establishing CHILD_SA home
  548. Jul 30 09:50:35 lina ipsec[31096]: 04[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (700 bytes)
  549. Jul 30 09:50:35 lina ipsec: 04[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr CPRQ(ADDR DNS) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
  550. Jul 30 09:50:35 lina ipsec[31096]: 12[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (524 bytes)
  551. Jul 30 09:50:35 lina ipsec: 04[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (700 bytes)
  552. Jul 30 09:50:35 lina ipsec[31096]: 12[ENC] parsed IKE_AUTH response 1 [ IDr AUTH EAP/REQ/ID ]
  553. Jul 30 09:50:35 lina ipsec: 12[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (524 bytes)
  554. Jul 30 09:50:35 lina ipsec[31096]: 12[CFG] no issuer certificate found for "OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  555. Jul 30 09:50:35 lina ipsec: 12[ENC] parsed IKE_AUTH response 1 [ IDr AUTH EAP/REQ/ID ]
  556. Jul 30 09:50:35 lina ipsec: 12[CFG] no issuer certificate found for "OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  557. Jul 30 09:50:35 lina charon: 15[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (76 bytes)
  558. Jul 30 09:50:35 lina charon: 15[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TLS ]
  559. Jul 30 09:50:35 lina charon: 15[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (76 bytes)
  560. Jul 30 09:50:35 lina charon: 15[IKE] server requested EAP_TLS authentication (id 0x33)
  561. Jul 30 09:50:35 lina charon: 15[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TLS ]
  562. Jul 30 09:50:35 lina charon: 15[TLS] disabling ECDSA suites, no backend found
  563. Jul 30 09:50:35 lina charon: 15[IKE] server requested EAP_TLS authentication (id 0x33)
  564. Jul 30 09:50:35 lina charon: 15[TLS] 13 supported TLS cipher suites:
  565. Jul 30 09:50:35 lina charon: 15[TLS] disabling ECDSA suites, no backend found
  566. Jul 30 09:50:35 lina charon: 15[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  567. Jul 30 09:50:35 lina charon: 15[TLS] 13 supported TLS cipher suites:
  568. Jul 30 09:50:35 lina charon: 15[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  569. Jul 30 09:50:35 lina charon: 15[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  570. Jul 30 09:50:35 lina charon: 15[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  571. Jul 30 09:50:35 lina charon: 15[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  572. Jul 30 09:50:35 lina charon: 15[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  573. Jul 30 09:50:35 lina charon: 15[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  574. Jul 30 09:50:35 lina charon: 15[TLS] TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  575. Jul 30 09:50:35 lina charon: 15[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  576. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_AES_128_CBC_SHA
  577. Jul 30 09:50:35 lina charon: 15[TLS] TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  578. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_AES_128_CBC_SHA256
  579. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_AES_128_CBC_SHA
  580. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_AES_256_CBC_SHA
  581. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_AES_128_CBC_SHA256
  582. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_AES_256_CBC_SHA256
  583. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_AES_256_CBC_SHA
  584. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_3DES_EDE_CBC_SHA
  585. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_AES_256_CBC_SHA256
  586. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_NULL_SHA
  587. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_3DES_EDE_CBC_SHA
  588. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_NULL_SHA256
  589. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_NULL_SHA
  590. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_NULL_MD5
  591. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_NULL_SHA256
  592. Jul 30 09:50:35 lina charon: 15[TLS] sending TLS ClientHello handshake (85 bytes)
  593. Jul 30 09:50:35 lina charon: 15[TLS] TLS_RSA_WITH_NULL_MD5
  594. Jul 30 09:50:35 lina charon: 15[TLS] sending TLS Handshake record (89 bytes)
  595. Jul 30 09:50:35 lina charon: 15[TLS] sending TLS ClientHello handshake (85 bytes)
  596. Jul 30 09:50:35 lina charon: 15[TLS] sending EAP_TLS packet (104 bytes)
  597. Jul 30 09:50:35 lina charon: 15[TLS] sending TLS Handshake record (89 bytes)
  598. Jul 30 09:50:35 lina charon: 15[IKE] reinitiating already active tasks
  599. Jul 30 09:50:35 lina charon: 15[TLS] sending EAP_TLS packet (104 bytes)
  600. Jul 30 09:50:35 lina charon: 15[IKE] IKE_AUTH task
  601. Jul 30 09:50:35 lina charon: 15[IKE] reinitiating already active tasks
  602. Jul 30 09:50:35 lina charon: 15[ENC] generating IKE_AUTH request 3 [ EAP/RES/TLS ]
  603. Jul 30 09:50:35 lina charon: 15[IKE] IKE_AUTH task
  604. Jul 30 09:50:35 lina charon: 15[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (172 bytes)
  605. Jul 30 09:50:35 lina charon: 15[ENC] generating IKE_AUTH request 3 [ EAP/RES/TLS ]
  606. Jul 30 09:50:35 lina charon: 15[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (172 bytes)
  607. Jul 30 09:50:35 lina charon: 05[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  608. Jul 30 09:50:35 lina charon: 05[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  609. Jul 30 09:50:35 lina charon: 05[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TLS ]
  610. Jul 30 09:50:35 lina charon: 05[TLS] buffering 1014 bytes, 1014 bytes of 4489 byte TLS record received
  611. Jul 30 09:50:35 lina charon: 05[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TLS ]
  612. Jul 30 09:50:35 lina charon: 05[TLS] sending EAP_TLS acknowledgement packet
  613. Jul 30 09:50:35 lina charon: 05[TLS] buffering 1014 bytes, 1014 bytes of 4489 byte TLS record received
  614. Jul 30 09:50:35 lina charon: 05[IKE] reinitiating already active tasks
  615. Jul 30 09:50:35 lina charon: 05[TLS] sending EAP_TLS acknowledgement packet
  616. Jul 30 09:50:35 lina charon: 05[IKE] IKE_AUTH task
  617. Jul 30 09:50:35 lina charon: 05[IKE] reinitiating already active tasks
  618. Jul 30 09:50:35 lina charon: 05[ENC] generating IKE_AUTH request 4 [ EAP/RES/TLS ]
  619. Jul 30 09:50:35 lina charon: 05[IKE] IKE_AUTH task
  620. Jul 30 09:50:35 lina charon: 05[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  621. Jul 30 09:50:35 lina charon: 05[ENC] generating IKE_AUTH request 4 [ EAP/RES/TLS ]
  622. Jul 30 09:50:35 lina charon: 05[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  623. Jul 30 09:50:35 lina charon: 06[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  624. Jul 30 09:50:35 lina charon: 06[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  625. Jul 30 09:50:35 lina charon: 06[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TLS ]
  626. Jul 30 09:50:35 lina charon: 06[TLS] buffering 1018 bytes, 2032 bytes of 4489 byte TLS record received
  627. Jul 30 09:50:35 lina charon: 06[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TLS ]
  628. Jul 30 09:50:35 lina charon: 06[TLS] sending EAP_TLS acknowledgement packet
  629. Jul 30 09:50:35 lina charon: 06[TLS] buffering 1018 bytes, 2032 bytes of 4489 byte TLS record received
  630. Jul 30 09:50:35 lina charon: 06[IKE] reinitiating already active tasks
  631. Jul 30 09:50:35 lina charon: 06[TLS] sending EAP_TLS acknowledgement packet
  632. Jul 30 09:50:35 lina charon: 06[IKE] IKE_AUTH task
  633. Jul 30 09:50:35 lina charon: 06[IKE] reinitiating already active tasks
  634. Jul 30 09:50:35 lina charon: 06[ENC] generating IKE_AUTH request 5 [ EAP/RES/TLS ]
  635. Jul 30 09:50:35 lina charon: 06[IKE] IKE_AUTH task
  636. Jul 30 09:50:35 lina charon: 06[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  637. Jul 30 09:50:35 lina charon: 06[ENC] generating IKE_AUTH request 5 [ EAP/RES/TLS ]
  638. Jul 30 09:50:35 lina charon: 06[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  639. Jul 30 09:50:35 lina charon: 08[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  640. Jul 30 09:50:35 lina charon: 08[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  641. Jul 30 09:50:35 lina charon: 08[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TLS ]
  642. Jul 30 09:50:35 lina charon: 08[TLS] buffering 1018 bytes, 3050 bytes of 4489 byte TLS record received
  643. Jul 30 09:50:35 lina charon: 08[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TLS ]
  644. Jul 30 09:50:35 lina charon: 08[TLS] sending EAP_TLS acknowledgement packet
  645. Jul 30 09:50:35 lina charon: 08[TLS] buffering 1018 bytes, 3050 bytes of 4489 byte TLS record received
  646. Jul 30 09:50:35 lina charon: 08[IKE] reinitiating already active tasks
  647. Jul 30 09:50:35 lina charon: 08[TLS] sending EAP_TLS acknowledgement packet
  648. Jul 30 09:50:35 lina charon: 08[IKE] IKE_AUTH task
  649. Jul 30 09:50:35 lina charon: 08[IKE] reinitiating already active tasks
  650. Jul 30 09:50:35 lina charon: 08[ENC] generating IKE_AUTH request 6 [ EAP/RES/TLS ]
  651. Jul 30 09:50:35 lina charon: 08[IKE] IKE_AUTH task
  652. Jul 30 09:50:35 lina charon: 08[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  653. Jul 30 09:50:35 lina charon: 08[ENC] generating IKE_AUTH request 6 [ EAP/RES/TLS ]
  654. Jul 30 09:50:35 lina charon: 08[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  655. Jul 30 09:50:35 lina charon: 07[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  656. Jul 30 09:50:35 lina charon: 07[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  657. Jul 30 09:50:35 lina charon: 07[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TLS ]
  658. Jul 30 09:50:35 lina charon: 07[TLS] buffering 1018 bytes, 4068 bytes of 4489 byte TLS record received
  659. Jul 30 09:50:35 lina charon: 07[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TLS ]
  660. Jul 30 09:50:35 lina charon: 07[TLS] sending EAP_TLS acknowledgement packet
  661. Jul 30 09:50:35 lina charon: 07[TLS] buffering 1018 bytes, 4068 bytes of 4489 byte TLS record received
  662. Jul 30 09:50:35 lina charon: 07[IKE] reinitiating already active tasks
  663. Jul 30 09:50:35 lina charon: 07[TLS] sending EAP_TLS acknowledgement packet
  664. Jul 30 09:50:35 lina charon: 07[IKE] IKE_AUTH task
  665. Jul 30 09:50:35 lina charon: 07[IKE] reinitiating already active tasks
  666. Jul 30 09:50:35 lina charon: 07[ENC] generating IKE_AUTH request 7 [ EAP/RES/TLS ]
  667. Jul 30 09:50:35 lina charon: 07[IKE] IKE_AUTH task
  668. Jul 30 09:50:35 lina charon: 07[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  669. Jul 30 09:50:35 lina charon: 07[ENC] generating IKE_AUTH request 7 [ EAP/RES/TLS ]
  670. Jul 30 09:50:35 lina charon: 07[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  671. Jul 30 09:50:35 lina charon: 09[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (492 bytes)
  672. Jul 30 09:50:35 lina charon: 09[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (492 bytes)
  673. Jul 30 09:50:35 lina charon: 09[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TLS ]
  674. Jul 30 09:50:35 lina charon: 09[TLS] buffering 421 bytes, 4489 bytes of 4489 byte TLS record received
  675. Jul 30 09:50:35 lina charon: 09[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TLS ]
  676. Jul 30 09:50:35 lina charon: 09[TLS] processing buffered TLS Handshake record (4484 bytes)
  677. Jul 30 09:50:35 lina charon: 09[TLS] buffering 421 bytes, 4489 bytes of 4489 byte TLS record received
  678. Jul 30 09:50:35 lina charon: 09[TLS] received TLS ServerHello handshake (54 bytes)
  679. Jul 30 09:50:35 lina charon: 09[TLS] processing buffered TLS Handshake record (4484 bytes)
  680. Jul 30 09:50:35 lina charon: 09[TLS] negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  681. Jul 30 09:50:35 lina charon: 09[TLS] received TLS ServerHello handshake (54 bytes)
  682. Jul 30 09:50:35 lina charon: 09[TLS] received TLS Certificate handshake (3175 bytes)
  683. Jul 30 09:50:35 lina charon: 09[TLS] negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  684. Jul 30 09:50:35 lina charon: 09[TLS] received TLS server certificate 'OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au'
  685. Jul 30 09:50:35 lina charon: 09[TLS] received TLS Certificate handshake (3175 bytes)
  686. Jul 30 09:50:35 lina charon: 09[TLS] received TLS server certificate 'OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au'
  687. Jul 30 09:50:35 lina charon: 09[TLS] received TLS intermediate certificate 'C=US, O=GeoTrust Inc., CN=RapidSSL SHA256 CA - G3'
  688. Jul 30 09:50:35 lina charon: 09[TLS] received TLS intermediate certificate 'C=US, O=GeoTrust Inc., CN=GeoTrust Global CA'
  689. Jul 30 09:50:35 lina charon: 09[TLS] received TLS ServerKeyExchange handshake (779 bytes)
  690. Jul 30 09:50:35 lina charon: 09[TLS] received TLS intermediate certificate 'C=US, O=GeoTrust Inc., CN=RapidSSL SHA256 CA - G3'
  691. Jul 30 09:50:35 lina charon: 09[TLS] received TLS intermediate certificate 'C=US, O=GeoTrust Inc., CN=GeoTrust Global CA'
  692. Jul 30 09:50:35 lina charon: 09[TLS] received TLS ServerKeyExchange handshake (779 bytes)
  693. Jul 30 09:50:35 lina charon: 09[CFG] using untrusted intermediate certificate "C=US, O=GeoTrust Inc., CN=RapidSSL SHA256 CA - G3"
  694. Jul 30 09:50:35 lina charon: 09[CFG] checking certificate status of "OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  695. Jul 30 09:50:35 lina charon: 09[CFG] using untrusted intermediate certificate "C=US, O=GeoTrust Inc., CN=RapidSSL SHA256 CA - G3"
  696. Jul 30 09:50:35 lina charon: 09[CFG] requesting ocsp status from 'http://gv.symcd.com' ...
  697. Jul 30 09:50:35 lina charon: 09[CFG] checking certificate status of "OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  698. Jul 30 09:50:35 lina charon: 09[LIB] unable to fetch from http://gv.symcd.com, no capable fetcher found
  699. Jul 30 09:50:35 lina charon: 09[CFG] requesting ocsp status from 'http://gv.symcd.com' ...
  700. Jul 30 09:50:35 lina charon: 09[CFG] ocsp request to http://gv.symcd.com failed
  701. Jul 30 09:50:35 lina charon: 09[LIB] unable to fetch from http://gv.symcd.com, no capable fetcher found
  702. Jul 30 09:50:35 lina charon: 09[CFG] ocsp check failed, fallback to crl
  703. Jul 30 09:50:35 lina charon: 09[CFG] ocsp request to http://gv.symcd.com failed
  704. Jul 30 09:50:35 lina charon: 09[CFG] fetching crl from 'http://gv.symcb.com/gv.crl' ...
  705. Jul 30 09:50:35 lina charon: 09[CFG] ocsp check failed, fallback to crl
  706. Jul 30 09:50:35 lina charon: 09[LIB] unable to fetch from http://gv.symcb.com/gv.crl, no capable fetcher found
  707. Jul 30 09:50:35 lina charon: 09[CFG] fetching crl from 'http://gv.symcb.com/gv.crl' ...
  708. Jul 30 09:50:35 lina charon: 09[CFG] crl fetching failed
  709. Jul 30 09:50:35 lina charon: 09[LIB] unable to fetch from http://gv.symcb.com/gv.crl, no capable fetcher found
  710. Jul 30 09:50:35 lina charon: 09[CFG] certificate status is not available
  711. Jul 30 09:50:35 lina charon: 09[CFG] crl fetching failed
  712. Jul 30 09:50:35 lina charon: 09[CFG] certificate policy 2.23.140.1.2.1 for 'OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au' not allowed by trustchain, ignored
  713. Jul 30 09:50:35 lina charon: 09[CFG] certificate status is not available
  714. Jul 30 09:50:35 lina charon: 09[CFG] reached self-signed root ca with a path length of 0
  715. Jul 30 09:50:35 lina charon: 09[CFG] certificate policy 2.23.140.1.2.1 for 'OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au' not allowed by trustchain, ignored
  716. Jul 30 09:50:35 lina charon: 09[CFG] using trusted certificate "OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  717. Jul 30 09:50:35 lina charon: 09[CFG] reached self-signed root ca with a path length of 0
  718. Jul 30 09:50:35 lina charon: 09[TLS] verified signature with SHA256/RSA
  719. Jul 30 09:50:35 lina charon: 09[CFG] using trusted certificate "OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  720. Jul 30 09:50:35 lina ipsec[31096]: 12[CFG] using trusted certificate "OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  721. Jul 30 09:50:35 lina charon: 09[TLS] verified signature with SHA256/RSA
  722. Jul 30 09:50:35 lina ipsec[31096]: 12[IKE] authentication of 'OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au' with RSA_EMSA_PKCS1_SHA256 successful
  723. Jul 30 09:50:35 lina ipsec: 12[CFG] using trusted certificate "OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au"
  724. Jul 30 09:50:35 lina ipsec[31096]: 12[IKE] server requested EAP_IDENTITY (id 0x00), sending 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au'
  725. Jul 30 09:50:35 lina ipsec: 12[IKE] authentication of 'OU=GT09599516, OU=See www.rapidssl.com/resources/cps (c)15, OU=Domain Control Validated - RapidSSL(R), CN=vpn.datacomtss.com.au' with RSA_EMSA_PKCS1_SHA256 successful
  726. Jul 30 09:50:35 lina ipsec[31096]: 12[IKE] reinitiating already active tasks
  727. Jul 30 09:50:35 lina ipsec: 12[IKE] server requested EAP_IDENTITY (id 0x00), sending 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au'
  728. Jul 30 09:50:35 lina ipsec[31096]: 12[IKE] IKE_AUTH task
  729. Jul 30 09:50:35 lina ipsec: 12[IKE] reinitiating already active tasks
  730. Jul 30 09:50:35 lina ipsec[31096]: 12[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ]
  731. Jul 30 09:50:35 lina ipsec: 12[IKE] IKE_AUTH task
  732. Jul 30 09:50:35 lina ipsec[31096]: 12[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (252 bytes)
  733. Jul 30 09:50:35 lina ipsec: 12[ENC] generating IKE_AUTH request 2 [ EAP/RES/ID ]
  734. Jul 30 09:50:35 lina ipsec[31096]: 15[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (76 bytes)
  735. Jul 30 09:50:35 lina ipsec: 12[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (252 bytes)
  736. Jul 30 09:50:35 lina ipsec[31096]: 15[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TLS ]
  737. Jul 30 09:50:35 lina ipsec: 15[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (76 bytes)
  738. Jul 30 09:50:35 lina ipsec[31096]: 15[IKE] server requested EAP_TLS authentication (id 0x33)
  739. Jul 30 09:50:35 lina ipsec: 15[ENC] parsed IKE_AUTH response 2 [ EAP/REQ/TLS ]
  740. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] disabling ECDSA suites, no backend found
  741. Jul 30 09:50:35 lina ipsec: 15[IKE] server requested EAP_TLS authentication (id 0x33)
  742. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] 13 supported TLS cipher suites:
  743. Jul 30 09:50:35 lina ipsec: 15[TLS] disabling ECDSA suites, no backend found
  744. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  745. Jul 30 09:50:35 lina ipsec: 15[TLS] 13 supported TLS cipher suites:
  746. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  747. Jul 30 09:50:35 lina ipsec: 15[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  748. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  749. Jul 30 09:50:35 lina ipsec: 15[TLS] TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  750. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  751. Jul 30 09:50:35 lina ipsec: 15[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  752. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  753. Jul 30 09:50:35 lina ipsec: 15[TLS] TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  754. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] TLS_RSA_WITH_AES_128_CBC_SHA
  755. Jul 30 09:50:35 lina ipsec: 15[TLS] TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  756. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] TLS_RSA_WITH_AES_128_CBC_SHA256
  757. Jul 30 09:50:35 lina ipsec: 15[TLS] TLS_RSA_WITH_AES_128_CBC_SHA
  758. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] TLS_RSA_WITH_AES_256_CBC_SHA
  759. Jul 30 09:50:35 lina ipsec: 15[TLS] TLS_RSA_WITH_AES_128_CBC_SHA256
  760. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] TLS_RSA_WITH_AES_256_CBC_SHA256
  761. Jul 30 09:50:35 lina ipsec: 15[TLS] TLS_RSA_WITH_AES_256_CBC_SHA
  762. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] TLS_RSA_WITH_3DES_EDE_CBC_SHA
  763. Jul 30 09:50:35 lina ipsec: 15[TLS] TLS_RSA_WITH_AES_256_CBC_SHA256
  764. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] TLS_RSA_WITH_NULL_SHA
  765. Jul 30 09:50:35 lina ipsec: 15[TLS] TLS_RSA_WITH_3DES_EDE_CBC_SHA
  766. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] TLS_RSA_WITH_NULL_SHA256
  767. Jul 30 09:50:35 lina ipsec: 15[TLS] TLS_RSA_WITH_NULL_SHA
  768. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] TLS_RSA_WITH_NULL_MD5
  769. Jul 30 09:50:35 lina ipsec: 15[TLS] TLS_RSA_WITH_NULL_SHA256
  770. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] sending TLS ClientHello handshake (85 bytes)
  771. Jul 30 09:50:35 lina ipsec: 15[TLS] TLS_RSA_WITH_NULL_MD5
  772. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] sending TLS Handshake record (89 bytes)
  773. Jul 30 09:50:35 lina ipsec: 15[TLS] sending TLS ClientHello handshake (85 bytes)
  774. Jul 30 09:50:35 lina ipsec[31096]: 15[TLS] sending EAP_TLS packet (104 bytes)
  775. Jul 30 09:50:35 lina ipsec: 15[TLS] sending TLS Handshake record (89 bytes)
  776. Jul 30 09:50:35 lina ipsec[31096]: 15[IKE] reinitiating already active tasks
  777. Jul 30 09:50:35 lina ipsec: 15[TLS] sending EAP_TLS packet (104 bytes)
  778. Jul 30 09:50:35 lina ipsec[31096]: 15[IKE] IKE_AUTH task
  779. Jul 30 09:50:35 lina ipsec: 15[IKE] reinitiating already active tasks
  780. Jul 30 09:50:35 lina ipsec[31096]: 15[ENC] generating IKE_AUTH request 3 [ EAP/RES/TLS ]
  781. Jul 30 09:50:35 lina ipsec: 15[IKE] IKE_AUTH task
  782. Jul 30 09:50:35 lina ipsec[31096]: 15[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (172 bytes)
  783. Jul 30 09:50:35 lina ipsec: 15[ENC] generating IKE_AUTH request 3 [ EAP/RES/TLS ]
  784. Jul 30 09:50:35 lina ipsec[31096]: 05[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  785. Jul 30 09:50:35 lina ipsec: 15[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (172 bytes)
  786. Jul 30 09:50:35 lina ipsec: 05[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  787. Jul 30 09:50:35 lina ipsec[31096]: 05[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TLS ]
  788. Jul 30 09:50:35 lina ipsec[31096]: 05[TLS] buffering 1014 bytes, 1014 bytes of 4489 byte TLS record received
  789. Jul 30 09:50:35 lina ipsec: 05[ENC] parsed IKE_AUTH response 3 [ EAP/REQ/TLS ]
  790. Jul 30 09:50:35 lina ipsec[31096]: 05[TLS] sending EAP_TLS acknowledgement packet
  791. Jul 30 09:50:35 lina ipsec: 05[TLS] buffering 1014 bytes, 1014 bytes of 4489 byte TLS record received
  792. Jul 30 09:50:35 lina ipsec[31096]: 05[IKE] reinitiating already active tasks
  793. Jul 30 09:50:35 lina ipsec: 05[TLS] sending EAP_TLS acknowledgement packet
  794. Jul 30 09:50:35 lina ipsec[31096]: 05[IKE] IKE_AUTH task
  795. Jul 30 09:50:35 lina ipsec: 05[IKE] reinitiating already active tasks
  796. Jul 30 09:50:35 lina ipsec[31096]: 05[ENC] generating IKE_AUTH request 4 [ EAP/RES/TLS ]
  797. Jul 30 09:50:35 lina ipsec: 05[IKE] IKE_AUTH task
  798. Jul 30 09:50:35 lina ipsec[31096]: 05[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  799. Jul 30 09:50:35 lina ipsec: 05[ENC] generating IKE_AUTH request 4 [ EAP/RES/TLS ]
  800. Jul 30 09:50:35 lina ipsec[31096]: 06[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  801. Jul 30 09:50:35 lina ipsec: 05[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  802. Jul 30 09:50:35 lina ipsec[31096]: 06[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TLS ]
  803. Jul 30 09:50:35 lina ipsec: 06[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  804. Jul 30 09:50:35 lina ipsec[31096]: 06[TLS] buffering 1018 bytes, 2032 bytes of 4489 byte TLS record received
  805. Jul 30 09:50:35 lina ipsec: 06[ENC] parsed IKE_AUTH response 4 [ EAP/REQ/TLS ]
  806. Jul 30 09:50:35 lina ipsec[31096]: 06[TLS] sending EAP_TLS acknowledgement packet
  807. Jul 30 09:50:35 lina ipsec: 06[TLS] buffering 1018 bytes, 2032 bytes of 4489 byte TLS record received
  808. Jul 30 09:50:35 lina ipsec[31096]: 06[IKE] reinitiating already active tasks
  809. Jul 30 09:50:35 lina ipsec: 06[TLS] sending EAP_TLS acknowledgement packet
  810. Jul 30 09:50:35 lina ipsec[31096]: 06[IKE] IKE_AUTH task
  811. Jul 30 09:50:35 lina ipsec: 06[IKE] reinitiating already active tasks
  812. Jul 30 09:50:35 lina ipsec[31096]: 06[ENC] generating IKE_AUTH request 5 [ EAP/RES/TLS ]
  813. Jul 30 09:50:35 lina ipsec: 06[IKE] IKE_AUTH task
  814. Jul 30 09:50:35 lina ipsec[31096]: 06[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  815. Jul 30 09:50:35 lina ipsec: 06[ENC] generating IKE_AUTH request 5 [ EAP/RES/TLS ]
  816. Jul 30 09:50:35 lina ipsec[31096]: 08[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  817. Jul 30 09:50:35 lina ipsec: 06[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  818. Jul 30 09:50:35 lina ipsec[31096]: 08[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TLS ]
  819. Jul 30 09:50:35 lina ipsec: 08[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  820. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] buffering 1018 bytes, 3050 bytes of 4489 byte TLS record received
  821. Jul 30 09:50:35 lina ipsec: 08[ENC] parsed IKE_AUTH response 5 [ EAP/REQ/TLS ]
  822. Jul 30 09:50:35 lina ipsec[31096]: 08[TLS] sending EAP_TLS acknowledgement packet
  823. Jul 30 09:50:35 lina ipsec: 08[TLS] buffering 1018 bytes, 3050 bytes of 4489 byte TLS record received
  824. Jul 30 09:50:35 lina ipsec[31096]: 08[IKE] reinitiating already active tasks
  825. Jul 30 09:50:35 lina ipsec: 08[TLS] sending EAP_TLS acknowledgement packet
  826. Jul 30 09:50:35 lina ipsec[31096]: 08[IKE] IKE_AUTH task
  827. Jul 30 09:50:35 lina ipsec: 08[IKE] reinitiating already active tasks
  828. Jul 30 09:50:35 lina ipsec[31096]: 08[ENC] generating IKE_AUTH request 6 [ EAP/RES/TLS ]
  829. Jul 30 09:50:35 lina ipsec: 08[IKE] IKE_AUTH task
  830. Jul 30 09:50:35 lina ipsec[31096]: 08[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  831. Jul 30 09:50:35 lina ipsec: 08[ENC] generating IKE_AUTH request 6 [ EAP/RES/TLS ]
  832. Jul 30 09:50:35 lina ipsec: 08[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  833. Jul 30 09:50:35 lina ipsec[31096]: 07[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  834. Jul 30 09:50:35 lina ipsec[31096]: 07[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TLS ]
  835. Jul 30 09:50:35 lina ipsec: 07[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (1100 bytes)
  836. Jul 30 09:50:35 lina ipsec[31096]: 07[TLS] buffering 1018 bytes, 4068 bytes of 4489 byte TLS record received
  837. Jul 30 09:50:35 lina ipsec: 07[ENC] parsed IKE_AUTH response 6 [ EAP/REQ/TLS ]
  838. Jul 30 09:50:35 lina ipsec[31096]: 07[TLS] sending EAP_TLS acknowledgement packet
  839. Jul 30 09:50:35 lina ipsec: 07[TLS] buffering 1018 bytes, 4068 bytes of 4489 byte TLS record received
  840. Jul 30 09:50:35 lina ipsec[31096]: 07[IKE] reinitiating already active tasks
  841. Jul 30 09:50:35 lina ipsec: 07[TLS] sending EAP_TLS acknowledgement packet
  842. Jul 30 09:50:35 lina ipsec[31096]: 07[IKE] IKE_AUTH task
  843. Jul 30 09:50:35 lina ipsec: 07[IKE] reinitiating already active tasks
  844. Jul 30 09:50:35 lina ipsec[31096]: 07[ENC] generating IKE_AUTH request 7 [ EAP/RES/TLS ]
  845. Jul 30 09:50:35 lina ipsec: 07[IKE] IKE_AUTH task
  846. Jul 30 09:50:35 lina ipsec[31096]: 07[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  847. Jul 30 09:50:35 lina ipsec: 07[ENC] generating IKE_AUTH request 7 [ EAP/RES/TLS ]
  848. Jul 30 09:50:35 lina ipsec[31096]: 09[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (492 bytes)
  849. Jul 30 09:50:35 lina ipsec: 07[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  850. Jul 30 09:50:35 lina ipsec[31096]: 09[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TLS ]
  851. Jul 30 09:50:35 lina ipsec: 09[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (492 bytes)
  852. Jul 30 09:50:35 lina ipsec[31096]: 09[TLS] buffering 421 bytes, 4489 bytes of 4489 byte TLS record received
  853. Jul 30 09:50:35 lina ipsec: 09[ENC] parsed IKE_AUTH response 7 [ EAP/REQ/TLS ]
  854. Jul 30 09:50:35 lina ipsec[31096]: 09[TLS] processing buffered TLS Handshake record (4484 bytes)
  855. Jul 30 09:50:35 lina ipsec: 09[TLS] buffering 421 bytes, 4489 bytes of 4489 byte TLS record received
  856. Jul 30 09:50:35 lina ipsec: 09[TLS] processing buffered TLS Handshake record (4484 bytes)
  857. Jul 30 09:50:35 lina ipsec[31096]: 09[TLS] received TLS ServerHello handshake (54 bytes)
  858. Jul 30 09:50:35 lina charon: 09[TLS] received TLS CertificateRequest handshake (456 bytes)
  859. Jul 30 09:50:35 lina ipsec: 09[TLS] received TLS ServerHello handshake (54 bytes)
  860. Jul 30 09:50:35 lina charon: 09[TLS] received TLS cert request for 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=Datacom TSS Corp VPN CA
  861. Jul 30 09:50:35 lina charon: 09[TLS] received TLS CertificateRequest handshake (456 bytes)
  862. Jul 30 09:50:35 lina charon: 09[TLS] received TLS cert request for 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=Datacom TSS Root CA
  863. Jul 30 09:50:35 lina charon: 09[TLS] received TLS cert request for 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=Datacom TSS Corp VPN CA
  864. Jul 30 09:50:35 lina charon: 09[TLS] received TLS cert request for unknown CA 'C=US, O=GeoTrust Inc., CN=RapidSSL SHA256 CA - G3'
  865. Jul 30 09:50:35 lina charon: 09[TLS] received TLS cert request for 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=Datacom TSS Root CA
  866. Jul 30 09:50:35 lina charon: 09[TLS] received TLS cert request for unknown CA 'C=US, O=GeoTrust Inc., CN=GeoTrust Global CA'
  867. Jul 30 09:50:35 lina charon: 09[TLS] received TLS cert request for unknown CA 'C=US, O=GeoTrust Inc., CN=RapidSSL SHA256 CA - G3'
  868. Jul 30 09:50:35 lina charon: 09[TLS] received TLS ServerHelloDone handshake (0 bytes)
  869. Jul 30 09:50:35 lina charon: 09[TLS] received TLS cert request for unknown CA 'C=US, O=GeoTrust Inc., CN=GeoTrust Global CA'
  870. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS peer certificate 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au'
  871. Jul 30 09:50:35 lina charon: 09[TLS] received TLS ServerHelloDone handshake (0 bytes)
  872. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS Certificate handshake (1433 bytes)
  873. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS peer certificate 'C=AU, ST=Australian Capital Territory, L=Canberra, O=Datacom TSS, OU=Corp, CN=craddie, E=chris.addie@datacom.com.au'
  874. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS ClientKeyExchange handshake (258 bytes)
  875. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS Certificate handshake (1433 bytes)
  876. Jul 30 09:50:35 lina charon: 09[TLS] created signature with SHA256/RSA
  877. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS ClientKeyExchange handshake (258 bytes)
  878. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS CertificateVerify handshake (260 bytes)
  879. Jul 30 09:50:35 lina charon: 09[TLS] created signature with SHA256/RSA
  880. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS Handshake record (1963 bytes)
  881. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS CertificateVerify handshake (260 bytes)
  882. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS ChangeCipherSpec record (1 bytes)
  883. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS Handshake record (1963 bytes)
  884. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS Finished handshake (12 bytes)
  885. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS ChangeCipherSpec record (1 bytes)
  886. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS Handshake record (64 bytes)
  887. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS Finished handshake (12 bytes)
  888. Jul 30 09:50:35 lina charon: 09[TLS] sending EAP_TLS first fragment (1024 bytes)
  889. Jul 30 09:50:35 lina charon: 09[TLS] sending TLS Handshake record (64 bytes)
  890. Jul 30 09:50:35 lina charon: 09[IKE] reinitiating already active tasks
  891. Jul 30 09:50:35 lina charon: 09[TLS] sending EAP_TLS first fragment (1024 bytes)
  892. Jul 30 09:50:35 lina charon: 09[IKE] IKE_AUTH task
  893. Jul 30 09:50:35 lina charon: 09[IKE] reinitiating already active tasks
  894. Jul 30 09:50:35 lina charon: 09[ENC] generating IKE_AUTH request 8 [ EAP/RES/TLS ]
  895. Jul 30 09:50:35 lina charon: 09[IKE] IKE_AUTH task
  896. Jul 30 09:50:35 lina charon: 09[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (1100 bytes)
  897. Jul 30 09:50:35 lina charon: 09[ENC] generating IKE_AUTH request 8 [ EAP/RES/TLS ]
  898. Jul 30 09:50:35 lina charon: 10[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (76 bytes)
  899. Jul 30 09:50:35 lina charon: 09[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (1100 bytes)
  900. Jul 30 09:50:35 lina charon: 10[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TLS ]
  901. Jul 30 09:50:35 lina charon: 10[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (76 bytes)
  902. Jul 30 09:50:35 lina charon: 10[TLS] received EAP_TLS acknowledgement packet
  903. Jul 30 09:50:35 lina charon: 10[ENC] parsed IKE_AUTH response 8 [ EAP/REQ/TLS ]
  904. Jul 30 09:50:35 lina charon: 10[TLS] received EAP_TLS acknowledgement packet
  905. Jul 30 09:50:35 lina charon: 10[TLS] sending EAP_TLS further fragment (1024 bytes)
  906. Jul 30 09:50:35 lina charon: 10[IKE] reinitiating already active tasks
  907. Jul 30 09:50:35 lina charon: 10[TLS] sending EAP_TLS further fragment (1024 bytes)
  908. Jul 30 09:50:35 lina charon: 10[IKE] IKE_AUTH task
  909. Jul 30 09:50:35 lina charon: 10[IKE] reinitiating already active tasks
  910. Jul 30 09:50:35 lina charon: 10[ENC] generating IKE_AUTH request 9 [ EAP/RES/TLS ]
  911. Jul 30 09:50:35 lina charon: 10[IKE] IKE_AUTH task
  912. Jul 30 09:50:35 lina charon: 10[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (1100 bytes)
  913. Jul 30 09:50:35 lina charon: 10[ENC] generating IKE_AUTH request 9 [ EAP/RES/TLS ]
  914. Jul 30 09:50:35 lina charon: 10[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (1100 bytes)
  915. Jul 30 09:50:35 lina charon: 11[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (92 bytes)
  916. Jul 30 09:50:35 lina charon: 11[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/TLS ]
  917. Jul 30 09:50:35 lina charon: 11[NET] received packet: from 203.37.210.230[4500] to 192.168.80.10[4500] (92 bytes)
  918. Jul 30 09:50:35 lina charon: 11[TLS] processing TLS Alert record (2 bytes)
  919. Jul 30 09:50:35 lina charon: 11[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/TLS ]
  920. Jul 30 09:50:35 lina charon: 11[TLS] received fatal TLS alert 'certificate unknown'
  921. Jul 30 09:50:35 lina charon: 11[TLS] processing TLS Alert record (2 bytes)
  922. Jul 30 09:50:35 lina charon: 11[IKE] EAP_TLS method failed
  923. Jul 30 09:50:35 lina charon: 11[TLS] received fatal TLS alert 'certificate unknown'
  924. Jul 30 09:50:35 lina charon: 11[ENC] generating INFORMATIONAL request 10 [ N(AUTH_FAILED) ]
  925. Jul 30 09:50:35 lina charon: 11[IKE] EAP_TLS method failed
  926. Jul 30 09:50:35 lina charon: 11[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  927. Jul 30 09:50:35 lina charon: 11[ENC] generating INFORMATIONAL request 10 [ N(AUTH_FAILED) ]
  928. Jul 30 09:50:35 lina charon: 11[IKE] IKE_SA home[3] state change: CONNECTING => DESTROYING
  929. Jul 30 09:50:35 lina charon: 11[NET] sending packet: from 192.168.80.10[4500] to 203.37.210.230[4500] (76 bytes)
  930. Jul 30 09:50:35 lina charon: 11[IKE] IKE_SA home[3] state change: CONNECTING => DESTROYING
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement