API tools faq
paste
pastebls

theclient-vpnlog

pastebls
Sep 7th, 2019
236
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 16.77 KB | None | 0 0
raw download clone embed print report
  1. Sep 07 19:28:25 theclient systemd[1]: Starting strongSwan IPsec IKEv1/IKEv2 daemon using swanctl...
  2. Sep 07 19:28:25 theclient charon-systemd[830]: loaded plugins: charon-systemd aes des rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp curve25519 xcbc cmac hmac attr kernel-netlink resolve socket-default vici updown eap-identity eap-md5 eap-mschapv2 eap-dynamic eap-tls xauth-generic counters
  3. Sep 07 19:28:25 theclient charon-systemd[830]: spawning 16 worker threads
  4. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, [email protected]'
  5. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, [email protected]'
  6. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, CN=theclient.domain.com'
  7. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, [email protected]'
  8. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, CN=theclient.domain.com'
  9. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, [email protected]'
  10. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, [email protected]'
  11. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, CN=theclient.domain.com'
  12. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, [email protected]'
  13. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, [email protected]'
  14. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theserver-strongSwan, [email protected]'
  15. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, [email protected]'
  16. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, [email protected]'
  17. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, [email protected]'
  18. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theserver-strongSwan, CN=strongSwan theserver Root CA'
  19. Sep 07 19:28:25 theclient charon-systemd[830]: loaded certificate 'C=US, O=theclient-strongSwan, CN=strongSwan theclient Root CA'
  20. Sep 07 19:28:25 theclient charon-systemd[830]: loaded ANY private key
  21. Sep 07 19:28:26 theclient charon-systemd[830]: loaded ANY private key
  22. Sep 07 19:28:26 theclient charon-systemd[830]: loaded ANY private key
  23. Sep 07 19:28:26 theclient charon-systemd[830]: loaded ANY private key
  24. Sep 07 19:28:26 theclient charon-systemd[830]: loaded ANY private key
  25. Sep 07 19:28:26 theclient charon-systemd[830]: loaded ANY private key
  26. Sep 07 19:28:26 theclient charon-systemd[830]: loaded ANY private key
  27. Sep 07 19:28:26 theclient charon-systemd[830]: loaded ANY private key
  28. Sep 07 19:28:26 theclient charon-systemd[830]: loaded ANY private key
  29. Sep 07 19:28:26 theclient charon-systemd[830]: loaded ANY private key
  30. Sep 07 19:28:26 theclient charon-systemd[830]: loaded ANY private key
  31. Sep 07 19:28:27 theclient charon-systemd[830]: loaded ANY private key
  32. Sep 07 19:28:27 theclient charon-systemd[830]: loaded ANY private key
  33. Sep 07 19:28:27 theclient charon-systemd[830]: loaded ANY private key
  34. Sep 07 19:28:27 theclient charon-systemd[830]: loaded ANY private key
  35. Sep 07 19:28:27 theclient swanctl[848]: no authorities found, 0 unloaded
  36. Sep 07 19:28:27 theclient charon-systemd[830]: added vici pool primary-pool-ipv4: 10.92.10.0, 254 entries
  37. Sep 07 19:28:27 theclient charon-systemd[830]: added vici connection: theclient-theserver
  38. Sep 07 19:28:27 theclient charon-systemd[830]: added vici connection: ikev2-pubkey-linux
  39. Sep 07 19:28:27 theclient charon-systemd[830]: added vici connection: ikev2-pubkey-ios
  40. Sep 07 19:28:27 theclient charon-systemd[830]: id not specified, defaulting to cert subject 'C=US, O=theclient-strongSwan, CN=theclient.domain.com'
  41. Sep 07 19:28:27 theclient charon-systemd[830]: added vici connection: ikev2-pubkey-windows
  42. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/rpi3p2-pi22-theclientCert.pem'
  43. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/rpi3p2-pi77-theclientCert.pem'
  44. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/windows-strongSwanVPNCert.pem'
  45. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/rpi3p2-pi65-theclientCert.pem'
  46. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/linux-strongSwanVPNCert.pem'
  47. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/rpi3p2-ib12-theclientCert.pem'
  48. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/rpi3p2-vax99-theclientCert.pem'
  49. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/ios-strongSwanVPNCert.pem'
  50. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/rpi3p2-hum1-theclientCert.pem'
  51. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/rpi3p2-pi2-theclientCert.pem'
  52. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/theclient-pi-theserverCert.pem'
  53. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/rpi3p2-o44-theclientCert.pem'
  54. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/rpi3p2-pi99-theclientCert.pem'
  55. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509/rpi3p2-pi-theclientCert.pem'
  56. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509ca/theserver-strongSwanCACert.pem'
  57. Sep 07 19:28:27 theclient swanctl[848]: loaded certificate from '/etc/swanctl/x509ca/strongSwanCACert.pem'
  58. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/rpi3p2-hum1-theclientKey.pem'
  59. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/windows-strongSwanVPNKey.pem'
  60. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/theclient-pi-theserverKey.pem'
  61. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/rpi3p2-pi65-theclientKey.pem'
  62. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/rpi3p2-pi2-theclientKey.pem'
  63. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/rpi3p2-pi99-theclientKey.pem'
  64. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/rpi3p2-pi-theclientKey.pem'
  65. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/rpi3p2-o44-theclientKey.pem'
  66. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/rpi3p2-ib12-theclientKey.pem'
  67. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/strongSwanCAKey.pem'
  68. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/rpi3p2-pi77-theclientKey.pem'
  69. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/rpi3p2-vax99-theclientKey.pem'
  70. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/linux-strongSwanVPNKey.pem'
  71. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/rpi3p2-pi22-theclientKey.pem'
  72. Sep 07 19:28:27 theclient swanctl[848]: loaded private key from '/etc/swanctl/private/ios-strongSwanVPNKey.pem'
  73. Sep 07 19:28:27 theclient swanctl[848]: loaded pool 'primary-pool-ipv4'
  74. Sep 07 19:28:27 theclient swanctl[848]: successfully loaded 1 pools, 0 unloaded
  75. Sep 07 19:28:27 theclient swanctl[848]: loaded connection 'theclient-theserver'
  76. Sep 07 19:28:27 theclient swanctl[848]: loaded connection 'ikev2-pubkey-linux'
  77. Sep 07 19:28:27 theclient swanctl[848]: loaded connection 'ikev2-pubkey-ios'
  78. Sep 07 19:28:27 theclient swanctl[848]: loaded connection 'ikev2-pubkey-windows'
  79. Sep 07 19:28:27 theclient swanctl[848]: successfully loaded 4 connections, 0 unloaded
  80. Sep 07 19:28:27 theclient systemd[1]: Started strongSwan IPsec IKEv1/IKEv2 daemon using swanctl.
  81. Sep 07 19:28:34 theclient charon-systemd[830]: vici initiate CHILD_SA 'theclient-theserver'
  82. Sep 07 19:28:34 theclient charon-systemd[830]: initiating IKE_SA theclient-theserver[1] to 50.47.109.48
  83. Sep 07 19:28:34 theclient charon-systemd[830]: generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  84. Sep 07 19:28:34 theclient charon-systemd[830]: sending packet: from 172.20.10.6[500] to 50.47.109.48[500] (792 bytes)
  85. Sep 07 19:28:34 theclient charon-systemd[830]: received packet: from 50.47.109.48[500] to 172.20.10.6[500] (297 bytes)
  86. Sep 07 19:28:34 theclient charon-systemd[830]: parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  87. Sep 07 19:28:34 theclient charon-systemd[830]: selected proposal: IKE:AES_GCM_16_192/PRF_HMAC_SHA2_256/ECP_256
  88. Sep 07 19:28:34 theclient charon-systemd[830]: local host is behind NAT, sending keep alives
  89. Sep 07 19:28:34 theclient charon-systemd[830]: remote host is behind NAT
  90. Sep 07 19:28:34 theclient charon-systemd[830]: received cert request for "C=US, O=theserver-strongSwan, CN=strongSwan theserver Root CA"
  91. Sep 07 19:28:34 theclient charon-systemd[830]: sending cert request for "C=US, O=theclient-strongSwan, CN=strongSwan theclient Root CA"
  92. Sep 07 19:28:34 theclient charon-systemd[830]: sending cert request for "C=US, O=theserver-strongSwan, CN=strongSwan theserver Root CA"
  93. Sep 07 19:28:34 theclient charon-systemd[830]: authentication of '[email protected]' (myself) with RSA_EMSA_PKCS1_SHA2_256 successful
  94. Sep 07 19:28:34 theclient charon-systemd[830]: sending end entity cert "C=US, O=theserver-strongSwan, [email protected]"
  95. Sep 07 19:28:34 theclient charon-systemd[830]: establishing CHILD_SA theclient-theserver{1}
  96. Sep 07 19:28:34 theclient charon-systemd[830]: generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH CPRQ(ADDR DNS) SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  97. Sep 07 19:28:34 theclient charon-systemd[830]: splitting IKE message (1772 bytes) into 2 fragments
  98. Sep 07 19:28:34 theclient charon-systemd[830]: generating IKE_AUTH request 1 [ EF(1/2) ]
  99. Sep 07 19:28:34 theclient charon-systemd[830]: generating IKE_AUTH request 1 [ EF(2/2) ]
  100. Sep 07 19:28:34 theclient charon-systemd[830]: sending packet: from 172.20.10.6[4500] to 50.47.109.48[4500] (1248 bytes)
  101. Sep 07 19:28:34 theclient charon-systemd[830]: sending packet: from 172.20.10.6[4500] to 50.47.109.48[4500] (589 bytes)
  102. Sep 07 19:28:34 theclient charon-systemd[830]: received packet: from 50.47.109.48[4500] to 172.20.10.6[4500] (1248 bytes)
  103. Sep 07 19:28:34 theclient charon-systemd[830]: parsed IKE_AUTH response 1 [ EF(1/2) ]
  104. Sep 07 19:28:34 theclient charon-systemd[830]: received fragment #1 of 2, waiting for complete IKE message
  105. Sep 07 19:28:34 theclient charon-systemd[830]: received packet: from 50.47.109.48[4500] to 172.20.10.6[4500] (993 bytes)
  106. Sep 07 19:28:34 theclient charon-systemd[830]: parsed IKE_AUTH response 1 [ EF(2/2) ]
  107. Sep 07 19:28:34 theclient charon-systemd[830]: received fragment #2 of 2, reassembled fragmented IKE message (2176 bytes)
  108. Sep 07 19:28:34 theclient charon-systemd[830]: parsed IKE_AUTH response 1 [ IDr CERT AUTH CPRP(ADDR DNS DNS) SA TSi TSr ]
  109. Sep 07 19:28:35 theclient charon-systemd[830]: received end entity cert "C=US, O=theserver-strongSwan, CN=theserver.domain.com"
  110. Sep 07 19:28:35 theclient charon-systemd[830]: using trusted ca certificate "C=US, O=theclient-strongSwan, CN=strongSwan theclient Root CA"
  111. Sep 07 19:28:35 theclient charon-systemd[830]: checking certificate status of "C=US, O=theclient-strongSwan, CN=theclient.domain.com"
  112. Sep 07 19:28:35 theclient charon-systemd[830]: certificate status is not available
  113. Sep 07 19:28:35 theclient charon-systemd[830]: reached self-signed root ca with a path length of 0
  114. Sep 07 19:28:35 theclient charon-systemd[830]: using trusted certificate "C=US, O=theclient-strongSwan, CN=theclient.domain.com"
  115. Sep 07 19:28:35 theclient charon-systemd[830]: signature validation failed, looking for another key
  116. Sep 07 19:28:35 theclient charon-systemd[830]: using certificate "C=US, O=theserver-strongSwan, CN=theserver.domain.com"
  117. Sep 07 19:28:35 theclient charon-systemd[830]: using trusted ca certificate "C=US, O=theserver-strongSwan, CN=strongSwan theserver Root CA"
  118. Sep 07 19:28:35 theclient charon-systemd[830]: checking certificate status of "C=US, O=theserver-strongSwan, CN=theserver.domain.com"
  119. Sep 07 19:28:35 theclient charon-systemd[830]: certificate status is not available
  120. Sep 07 19:28:35 theclient charon-systemd[830]: reached self-signed root ca with a path length of 0
  121. Sep 07 19:28:35 theclient charon-systemd[830]: authentication of 'linux.domain.com' with RSA_EMSA_PKCS1_SHA2_384 successful
  122. Sep 07 19:28:35 theclient charon-systemd[830]: IKE_SA theclient-theserver[1] established between 172.20.10.6[[email protected]]...50.47.109.48[linux.domain.com]
  123. Sep 07 19:28:35 theclient charon-systemd[830]: scheduling reauthentication in 10215s
  124. Sep 07 19:28:35 theclient charon-systemd[830]: maximum IKE_SA lifetime 11295s
  125. Sep 07 19:28:35 theclient charon-systemd[830]: installing DNS server 192.168.92.3 via resolvconf
  126. Sep 07 19:28:35 theclient charon-systemd[830]: installing DNS server 1.1.1.1 via resolvconf
  127. Sep 07 19:28:35 theclient charon-systemd[830]: installing new virtual IP 10.92.10.1
  128. Sep 07 19:28:35 theclient avahi-daemon[313]: Registering new address record for 10.92.10.1 on wlan0.IPv4.
  129. Sep 07 19:28:35 theclient charon-systemd[830]: selected proposal: ESP:AES_CBC_128/HMAC_SHA2_256_128/NO_EXT_SEQ
  130. Sep 07 19:28:35 theclient kernel: cryptd: max_cpu_qlen set to 1000
  131. Sep 07 19:28:35 theclient charon-systemd[830]: CHILD_SA theclient-theserver{1} established with SPIs cbaad7d2_i c11f1f32_o and TS 10.92.10.1/32 === 50.47.109.48/32
  132. Sep 07 19:28:58 theclient charon-systemd[830]: sending keep alive to 50.47.109.48[4500]
  133. Sep 07 19:29:04 theclient charon-systemd[830]: received packet: from 50.47.109.48[4500] to 172.20.10.6[4500] (57 bytes)
  134. Sep 07 19:29:04 theclient charon-systemd[830]: parsed INFORMATIONAL request 0 [ ]
  135. Sep 07 19:29:04 theclient charon-systemd[830]: generating INFORMATIONAL response 0 [ ]
  136. Sep 07 19:29:04 theclient charon-systemd[830]: sending packet: from 172.20.10.6[4500] to 50.47.109.48[4500] (57 bytes)
  137. Sep 07 19:29:13 theclient charon-systemd[830]: vici terminate CHILD_SA 'theclient-theserver'
  138. Sep 07 19:29:13 theclient charon-systemd[830]: closing CHILD_SA theclient-theserver{1} with SPIs cbaad7d2_i (0 bytes) c11f1f32_o (0 bytes) and TS 10.92.10.1/32 === 50.47.109.48/32
  139. Sep 07 19:29:13 theclient charon-systemd[830]: sending DELETE for ESP CHILD_SA with SPI cbaad7d2
  140. Sep 07 19:29:13 theclient charon-systemd[830]: generating INFORMATIONAL request 2 [ D ]
  141. Sep 07 19:29:13 theclient charon-systemd[830]: sending packet: from 172.20.10.6[4500] to 50.47.109.48[4500] (69 bytes)
  142. Sep 07 19:29:13 theclient charon-systemd[830]: received packet: from 50.47.109.48[4500] to 172.20.10.6[4500] (69 bytes)
  143. Sep 07 19:29:13 theclient charon-systemd[830]: parsed INFORMATIONAL response 2 [ D ]
  144. Sep 07 19:29:13 theclient charon-systemd[830]: received DELETE for ESP CHILD_SA with SPI c11f1f32
  145. Sep 07 19:29:13 theclient charon-systemd[830]: CHILD_SA closed
  146. Sep 07 19:29:13 theclient charon-systemd[830]: vici terminate IKE_SA 'theclient-theserver'
  147. Sep 07 19:29:13 theclient charon-systemd[830]: deleting IKE_SA theclient-theserver[1] between 172.20.10.6[[email protected]]...50.47.109.48[linux.domain.com]
  148. Sep 07 19:29:13 theclient charon-systemd[830]: sending DELETE for IKE_SA theclient-theserver[1]
  149. Sep 07 19:29:13 theclient charon-systemd[830]: generating INFORMATIONAL request 3 [ D ]
  150. Sep 07 19:29:13 theclient charon-systemd[830]: sending packet: from 172.20.10.6[4500] to 50.47.109.48[4500] (65 bytes)
  151. Sep 07 19:29:13 theclient charon-systemd[830]: received packet: from 50.47.109.48[4500] to 172.20.10.6[4500] (57 bytes)
  152. Sep 07 19:29:13 theclient charon-systemd[830]: parsed INFORMATIONAL response 3 [ ]
  153. Sep 07 19:29:13 theclient charon-systemd[830]: IKE_SA deleted
  154. Sep 07 19:29:13 theclient charon-systemd[830]: removing DNS server 1.1.1.1 via resolvconf
  155. Sep 07 19:29:13 theclient charon-systemd[830]: removing DNS server 192.168.92.3 via resolvconf
  156. Sep 07 19:29:13 theclient avahi-daemon[313]: Withdrawing address record for 10.92.10.1 on wlan0.
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!