Untitled

04/13/2016 21:10:08 [9006] set the loglevel to 3
04/13/2016 21:10:08 [9008] set the loglevel to 3
04/13/2016 21:10:08 [9008] sslvpn connection version:4.0.2289
04/13/2016 21:10:08 [9008] rcv cmd:0 at state[0]
04/13/2016 21:10:08 [9008] starting ssl vpn tunnel[4.0.2289]
gateway for 1.1.1.1:91.245.35.33 for 178.207.157.170:91.245.35.33
if has single route record for 1.1.1.1:0 for 178.207.157.170:1
04/13/2016 21:10:08 [9030] execl /usr/src/forticlientsslvpn/./helper/get_fortisslvpn_info /usr/src/forticlientsslvpn/./helper 178.207.157.170 10443   ...
04/13/2016 21:10:08 [9030] trusted CA dir: /root/.fctsslvpn_trustca
04/13/2016 21:10:08 [9030] set loglevel to 3
04/13/2016 21:10:08 [9030] Peer's certificate is not valid. action is 1
04/13/2016 21:10:08 [9030] peer's certificate:
        Version: 3 (0x2)$        Serial Number:$            da:f6:36:b4:43:d4:a5:8b$    Signature Algorithm: sha256WithRSAEncryption$        Issuer: C=US, ST=California, L=Sunnyvale, O=Fortinet, OU=Certificate Authority, CN=support/emailAddress=support@fortinet.com$        Validity$            Not Before: Jul 16 22:34:39 2015 GMT$            Not After : Jan 19 22:34:39 2038 GMT$        Subject: C=US, ST=California, L=Sunnyvale, O=Fortinet, OU=Certificate Authority, CN=support/emailAddress=support@fortinet.com$        Subject Public Key Info:$            Public Key Algorithm: rsaEncryption$                Public-Key: (2048 bit)$                Modulus:$                    ....
b8:1f:23:a1:ce:91:c1:d8:2f:f5:db:31:49:2d:7b:$                    1d:63$                Exponent: 65537 (0x10001)$        X509v3 extensions:$            X509v3 Basic Constraints: $                CA:TRUE$    Signature Algorithm: sha256WithRSAEncryption$         ....
92:8c:b8:87$
04/13/2016 21:10:08 [9008] rcv from grab web:2|Certificate:        Version: 3 (0x2)$        Serial Number:$            da:f6:36:b4:43:d4:a5:8b$    Signature Algorithm: ...$        Issuer: C=US, ST=California, L=Sunnyvale, O=Fortinet, OU=Certificate Authority, CN=support/emailAddress=support@fortinet.com$        Validity$            Not Before: Jul 16 22:34:39 2015 GMT$            Not After : Jan 19 22:34:39 2038 GMT$        Subject: C=US, ST=California, L=Sunnyvale, O=Fortinet, OU=Certificate Authority, CN=support/emailAddress=support@fortinet.com$        Subject Public Key Info:$            Public Key Algorithm: rsaEncryption$                Public-Key: (2048 bit)$                Modulus:$                    00:d4:3b:51:73:d0:35:12:12:c8:c3:4e:59:41:48:$                    .....
c4:d0:50:67:99:f1:3d:13:45:4b:6e:8b:75:ee:5d:$                    b8:1f:23:a1:ce:91:c1:d8:2f:f5:db:31:49:2d:7b:$                    1d:63$                Exponent: 65537 (0x10001)$        X509v3 extensions:$            X509v3 Basic Constraints: $                CA:TRUE$    Signature Algorithm: sha256WithRSAEncryption$         87:17:fb:8d:ec:67:4a:b4:cd:b2:1a:69:5e:98:8c:9a:52:b9:$
....
58:94:75:a9:0e:c7:4f:94:3d:b5:52:c2:af:fa:8e:9c:41:c4:$         92:8c:b8:87$

04/13/2016 21:10:08 [9008] send GUI:Certificate:        Version: 3 (0x2)$        Serial Number:$            da:f6:36:b4:43:d4:a5:8b$    Signature Algorithm: sha256WithRSAEncryption$        Issuer: C=US, ST=California, L=Sunnyvale, O=Fortinet, OU=Certificate Authority, CN=support/emailAddress=support@fortinet.com$        Validity$            Not Before: Jul 16 22:34:39 2015 GMT$            Not After : Jan 19 22:34:39 2038 GMT$        Subject: C=US, ST=California, L=Sunnyvale, O=Fortinet, OU=Certificate Authority, CN=support/emailAddress=support@fortinet.com$        Subject Public Key Info:$            Public Key Algorithm: rsaEncryption$                Public-Key: (2048 bit)$                Modulus:$                    00:d4:3b:51:73:d0:35:12:12:c8:c3:4e:59:41:48:$
......
c4:d0:50:67:99:f1:3d:13:45:4b:6e:8b:75:ee:5d:$                    b8:1f:23:a1:ce:91:c1:d8:2f:f5:db:31:49:2d:7b:$                    1d:63$                Exponent: 65537 (0x10001)$        X509v3 extensions:$            X509v3 Basic Constraints: $                CA:TRUE$    Signature Algorithm: sha256WithRSAEncryption$         87:17:fb:8d:ec:67:4a:b4:cd:b2:1a:69:5e:98:8c:9a:52:b9:$
.....
58:94:75:a9:0e:c7:4f:94:3d:b5:52:c2:af:fa:8e:9c:41:c4:$         92:8c:b8:87$

04/13/2016 21:10:08 [9008] receive input from GUI:1
04/13/2016 21:10:08 [9030] user accepted this invalid peer certificate: 1
04/13/2016 21:10:08 [9030] realm is enabled:
04/13/2016 21:10:08 [9030] get login page
04/13/2016 21:10:08 [9030] GET[194]:
GET /remote/login HTTP/1.1
Host: 178.207.157.170:10443
User-Agent: Mozilla/5.0 SV1
Accept: text/plain
Accept-Encoding: identify
Content-Type: application/x-www-form-urlencoded
Cookie:


04/13/2016 21:10:08 [9030] get response
04/13/2016 21:10:08 [9030] no Content-Length
04/13/2016 21:10:08 [9030] RESPONSE[3883]:
HTTP/1.1 200 OK
Date: Thu, 14 Apr 2016 13:35:08 GMT
Set-Cookie:  SVPNCOOKIE=; path=/; expires=Thu, 14-Apr-2016 13:35:08 GMT; secure; httponly;
Set-Cookie: SVPNNETWORKCOOKIE=; path=/remote/network; expires=Thu, 14-Apr-2016 13:35:08 GMT; secure; httponly
X-UA-Compatible: requiresActiveX=true
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN

<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>login</title><meta http-equiv="Pragma" content="no-cache"><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="cache-control" content="must-revalidate"><link href="/sslvpn/css/login.css" rel="stylesheet" type="text/css"><script type="text/javascript">if (top && top.location != window.location) top.location = top.location;if (window.opener && window.opener.top) { window.opener.top.location = window.opener.top.location; self.close(); }</script></head><body class="main"><center><table width="100%" height="100%" align="center" class="container" valign="middle" cellpadding="0" cellspacing="0"><tr valign=middle><td><form action="/remote/logincheck" method="post" name="f" autocomplete="off"><table class="list" cellpadding=10 cellspacing=0 align=center width=400 height=180><tr class="dark"><td colspan=2><b>Please Login</b></td></tr><!--remoteauthtimeout=5-->
<tr><td width=40% style="padding-left:10px"><b>Name:</b></td><td width=60%><input type=text maxlength=128 name=username id=username></td></tr><tr><td width=40% style="padding-left:10px"><b>Password:</b></td><td width=60%><input type=password autocomplete="off" maxlength=128 name=credential id=credential></td></tr><tr id=token_msg style="display:none;"><td colspan=2 id="token_label" style="text-align: left; font-size: 10px; padding-left: 10px"></td></tr>
<tr id=chal_input style="display:none;"><td id=chal_inputlabel width=40% style="padding-left:10px; font-weight: bold;"></td><td width=60%><input type=password autocomplete="off" maxlength=128 name=credential2 id=credential2></td></tr><tr id=chal_input2 style="display:none;"><td id=chal_inputlabel2 width=40% style="padding-left:10px; font-weight: bold;"></td><td width=60%><input type=password autocomplete="off" maxlength=128 name=credential3 id=credential3></td></tr><tr id=fortitoken style="display:none;"><td width=40% style="padding-left:10px"><b id=codelabel>FortiToken Code:</b></td><td width=60%><input type=password autocomplete="off" maxlength=8 name=code id=code></td></tr><tr id=driftmsg style="display:none;"><td colspan=2 style="padding-left:10px">FortiToken clock drift detected. Please input the next code and continue.</td></tr><tr id=fortitoken2 style="display:none;"><td width=40% style="padding-left:10px"><b id=codelabel2>Next FortiToken Code:</b></td><td width=60%><input type=password autocomplete="off" maxlength=8 name=code2 id=code2></td></tr><tr><td></td><td id=login><input type=button name=login_button id=login_button value="Login" onClick="try_login()" border=0></td></tr></table><input type=hidden name=just_logged_in value=1><input type=hidden name=magic id=magic_id value=""><input type=hidden name=reqid id=reqid_id value="0"><input type=hidden name=grpid id=grpid_id value=""><input type=hidden name=realm id=realm_id value=""><input type=hidden name=redir value="/sslvpn/portal.html"><script type="text/javascript" src="/sslvpn/js/login.js?q=19748"></script><script type="text/javascript" src="/lang/en.js"></script><script>document.onkeydown = key_pressdown;function load_login_strings() {var tmp = document.getElementById("err_str");if (tmp) {tmp.innerHTML = fgt_lang["error"] + ":";tmp = document.getElementById("err_val");tmp.innerHTML = fgt_lang[tmp.getAttribute('title')];}}window.onload = load_login_strings;</script></form></td></tr></table></center></body><script>document.forms[0].username.focus();</script></html>

04/13/2016 21:10:08 [9030] try to get cookie for the first time: 98 :  SVPNNETWORKCOOKIE=; path=/remote/network; expires=Thu, 14-Apr-2016 13:35:08 GMT; secure; httponly
04/13/2016 21:10:08 [9030] post to login
04/13/2016 21:10:08 [9030] POST [306]:
POST /remote/logincheck HTTP/1.1
Host: 178.207.157.170:10443
User-Agent: Mozilla/5.0 SV1
Accept: text/plain
Accept-Encoding: identify
Content-Type: application/x-www-form-urlencoded
Content-Length: 96

username=calluser&credential=MyPass&realm=&ajax=1&redir=%2Fremote%2Findex&just_logged_in=1
04/13/2016 21:10:08 [9030] get response
04/13/2016 21:10:08 [9030] no Content-Length
04/13/2016 21:10:08 [9030] RESPONSE[514]:
HTTP/1.1 200 OK
Date: Thu, 14 Apr 2016 13:35:08 GMT
Set-Cookie: SVPNCOOKIE=e3mE6berXlWjpxaKYxwSPe....e+pHntb2dTCdHedzfF6yEetLDw7wkEtqUWbM/roP5LUO3uione...ajNt5f7B5Z9nCEPALE0YuiKrSfvoZiMfvK5r/k7+PqSSMQntJhpgOEuKSEdH4ujYj%0a; path=/; secure; httponly
Transfer-Encoding: chunked
Content-Type: text/html
X-Frame-Options: SAMEORIGIN

<html><head>
<script language="javascript">
document.location=decodeURIComponent("/remote/index");
</script>
</head></html>

04/13/2016 21:10:08 [9030] RESPONSE[514]:
HTTP/1.1 200 OK
Date: Thu, 14 Apr 2016 13:35:08 GMT
Set-Cookie: SVPNCOOKIE=...../rk7IhJO/11IwSedIe2cDQYvlZj0T18e%0awgFJ06e+pHntb2dTCdHedzfF6yEetLDw7wkEtqUWbM/roP5LUO3uioneZRg3cXNc%0ajNt5f7B5Z9nCEPALE0YuiKrSfvoZiMfvK5r/k7+PqSSMQntJhpgOEuKSEdH4ujYj%0a; path=/; secure; httponly
Transfer-Encoding: chunked
Content-Type: text/html
X-Frame-Options: SAMEORIGIN

<html><head>
<script language="javascript">
document.location=decodeURIComponent("/remote/index");
</script>
</head></html>

04/13/2016 21:10:08 [9030] cookie: SVPNCOOKIE=...../rk7IhJO/11IwSedIe2cDQYvlZj0T18e%0awgFJ06e+pHntb2dTCdHedzfF6yEetLDw7wkEtqUWbM/roP5LUO3uioneZRg3cXNc%0ajNt5f7B5Z9nCEPALE0YuiKrSfvoZiMfvK5r/k7+PqSSMQntJhpgOEuKSEdH4ujYj%0a
04/13/2016 21:10:08 [9030] get /remote/index
04/13/2016 21:10:08 [9030] GET[406]:
GET /remote/index HTTP/1.1
Host: 178.207.157.170:10443
User-Agent: Mozilla/5.0 SV1
Accept: text/plain
Accept-Encoding: identify
Content-Type: application/x-www-form-urlencoded
Cookie: SVPNCOOKIE=e3mE6berXlWjpxaKYxwSPeHOOqrq8k4x/rk7IhJO/.....%0awgFJ06e+pHntb2dTCdHedzfF6yEetLDw7wkEtqUWbM/roP5LUO3uioneZRg3cXNc%0ajNt5f7B5Z9nCEPALE0YuiKrSfvoZiMfvK5r/k7+PqSSMQntJhpgOEuKSEdH4ujYj%0a


04/13/2016 21:10:08 [9030] get response
04/13/2016 21:10:08 [9030] no Content-Length
04/13/2016 21:10:08 [9030] RESPONSE[1712]:
HTTP/1.1 403 Forbidden
Date: Thu, 14 Apr 2016 13:35:08 GMT
Transfer-Encoding: chunked
Content-Type: text/html
X-Frame-Options: SAMEORIGIN

<HTML>
<HEAD>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<link href="/style.css?q=19748" rel="stylesheet" type="text/css">
<script type='text/javascript' src='/lang/en.js'></script>
</head>
<body class="main">
<table class="container" cellpadding="0" cellspacing="0">
<tr>
<td><table class="dialog" width=300 align="center" cellpadding="0" cellspacing="0">
<tr>
<td><table class="header" cellpadding="0" cellspacing="0">
<tr>
<td id="err_title"></td>
</tr>
</table></td>
</tr>
<script>document.getElementById('err_title').innerHTML=fgt_lang['error'];</script>
<tr>
<td class="body" height=100><table class="body"><tr><td id='err_val' title='403' align="center">
<script>
var errval_elem=document.getElementById('err_val');
var errval=errval_elem.getAttribute('title').split(',');
var err_str = fgt_lang[errval[0]];
if (err_str == undefined) {
   errval_elem.innerHTML = "some unknown error!<br>";
} else {   if (errval.length == 2) {
       err_str = err_str.replace("%d", errval[1]);
   }
   errval_elem.innerHTML = err_str;
}
</script></td></tr></table></td>
</tr>
<tr><td>
<table class="footer" cellpadding="0" cellspacing="0">
<tr><td>
<input id="ok_button" type="button" value="" onclick="chkbrowser()" style="width:80px">
</td></tr>
</table>
</td></tr>
</table>
</body>
<script language = "javascript">
document.getElementById('ok_button').value=fgt_lang['ok'];
function chkbrowser() {
if (window.location.pathname == "/remote/login")
history.go(0);
else
history.go(-1);}
</script>
</html>

04/13/2016 21:10:08 [9030] get /remote/fortisslvpn
04/13/2016 21:10:08 [9030] GET[412]:
GET /remote/fortisslvpn HTTP/1.1
Host: 178.207.157.170:10443
User-Agent: Mozilla/5.0 SV1
Accept: text/plain
Accept-Encoding: identify
Content-Type: application/x-www-form-urlencoded
Cookie: SVPNCOOKIE=e3mE6berXlWjpxaKYxwSPeHOOqrq8k4x/rk7I....qUWbM/....%0ajNt5f7B5Z9nCEPALE0YuiKrSfvoZiMfvK5r/k7+PqSSMQntJhpgOEuKSEdH4ujYj%0a


04/13/2016 21:10:08 [9030] get response
04/13/2016 21:10:08 [9030] no Content-Length
04/13/2016 21:10:08 [9030] RESPONSE[4155]:
HTTP/1.1 200 OK
Date: Thu, 14 Apr 2016 13:35:08 GMT
Set-Cookie: SVPNCOOKIE=e3mE.....bM/roP5LUO3uioneZRg3cXNc%0ajNt5f7B5Z9nCEPALE0YuiKrSfvoZiMfvK5r/k7+PqSSMQntJhpgOEuKSEdH4ujYj%0a; path=/; secure; httponly
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN

<HTML>

<HEAD>

<META http-equiv="Content-Type" content="text/html; charset=UTF-8">
<META http-equiv="Pragma" content="no-cache">
<META http-equiv="cache-control" content="no-cache">
<META http-equiv="cache-control" content="must-revalidate">
<link href="/sslvpn/css/sslvpn.css" rel="stylesheet" type="text/css">
<script type='text/javascript' src='/lang/en.js'></script>
<script language="JavaScript">
function load_fortisslvpn_strings() {
   document.getElementById('vb_connect').value = fgt_lang['sslvpn_wtunnel_connect'];
   document.getElementById('sslvpn_wtunnel_disconnect').value = fgt_lang['sslvpn_wtunnel_disconnect'];
   document.getElementById('sslvpn_wtunnel_refresh').value = fgt_lang['sslvpn_wtunnel_refresh'];
   document.getElementById('sslvpn_wtunnel_link_status').innerHTML = fgt_lang['sslvpn_wtunnel_link_status']  + ":";
   document.getElementById('sslvpn_wtunnel_bytes_tx').innerHTML = fgt_lang['sslvpn_wtunnel_bytes_tx'] + ":";
   document.getElementById('sslvpn_wtunnel_bytes_rx').innerHTML = fgt_lang['sslvpn_wtunnel_bytes_rx'] + ":";
   document.getElementById('sslvpn_wtunnel_collecting').value = fgt_lang['sslvpn_wtunnel_collecting'];
}
</script>

<TITLE>Fortinet SSL-VPN Client Version 1.0</TITLE>

<!-- SSL-VPN protocol version:
embed.FGTversion = 1;
fortisslvpn.FGTversion = 1
-->

</HEAD>
<BODY class=main>
<form name="fortisslvpn">
<input type="hidden" NAME="text6" VALUE="192.168.1.0/255.255.255.0">
<input type="hidden" NAME="text3" value="178.207.157.170:10443">
<input type="hidden" NAME="text7" value="0">
<div class="widget_content"><br style="display: none;"><style>input.readonly { border:0px; }</style><div><input id='vb_connect' LANGUAGE="JavaScript" TYPE=button  VALUE="" DISABLED=true NAME="submit3">
<input id='sslvpn_wtunnel_disconnect' LANGUAGE="JavaScript" TYPE=button  VALUE="" DISABLED=true NAME="submit4">
<input id='sslvpn_wtunnel_refresh' LANGUAGE="JavaScript" TYPE=button  VALUE=""  DISABLED=true NAME="submit5"></td>
</div><div><table><tbody><tr><td id='sslvpn_wtunnel_link_status'></td><td><input id="sslvpn_tunnel_status_value" type="text" size="20" name="text1" class="readonly" readonly="true"></td>
</td></tr><tr><td id='sslvpn_wtunnel_bytes_tx'></td><td><input TYPE="text" size="20" name="text4" class="readonly" readonly="true"></td>
</td></tr><tr><td id='sslvpn_wtunnel_bytes_rx'></td><td><input TYPE="text" size="20" name="text5" class="readonly" readonly="true"></td>
</td></tr></tbody></table></div><hr style="background-color: gray;"><div><input id='sslvpn_wtunnel_collecting' type="text" name="text11" class="readonly" readonly="true" value="" style="width: 100%"></div></div></form><script language="Javascript">
function js_get_cookie(c_name) {var cookie_str='......EtqUWbM/roP5LUO3uioneZRg3cXNc%0ajNt5f7B5Z9nCEPALE0YuiKrSfvoZiMfvK5r/k7+PqSSMQntJhpgOEuKSEdH4ujYj%0a';if (document.cookie.length>0) {c_start = document.cookie.indexOf(c_name + "=");if (c_start != -1) {c_start = c_start + c_name.length + 1;c_end = document.cookie.indexOf(";", c_start);if (c_end == -1) c_end = document.cookie.length;cookie_str=document.cookie.substring(c_start, c_end);}}return cookie_str;}
function js_get_host_address() {var port;if (document.location.port == "") {port=443;if (document.location.protocol == "http") {port=80;}} else {port = document.location.port;}if (document.location.hostname.indexOf(':') >= 0) {return '['+document.location.hostname+']:' + port+'?'+js_get_cookie('SVPNCOOKIE');} else {return document.location.hostname + ':' + port + '?' + js_get_cookie('SVPNCOOKIE');}}
</script>
</body>
<script language="JavaScript">
location.href = "/registryml.html";
</script>
</HTML>

04/13/2016 21:10:08 [9030] 0|178.207.157.170|10443|1|192.168.1.0/255.255.255.0|e3mE6be.....%0awgFJ06e+pHntb2dTCdHedzfF6yEetLDw7wkEtqUWbM/roP5LUO3uioneZRg3cXNc%0ajNt5f7B5Z9nCEPALE0YuiKrSfvoZiMfvK5r/k7+PqSSMQntJhpgOEuKSEdH4ujYj%0a|0
04/13/2016 21:10:08 [9008] rcv from grab web:0|178.207.157.170|10443|1|192.168.1.0/255.255.255.0|e3mE6berXlWjpxaKYx......awgFJ06e+pHntb2dTCdHedzfF6yEetLDw7wkEtqUWbM/roP5LUO3uioneZRg3cXNc%0ajNt5f7B5Z9nCEPALE0YuiKrSfvoZiMfvK5r/k7+PqSSMQntJhpgOEuKSEdH4ujYj%0a|0

04/13/2016 21:10:08 [9008] ssl vpn tunnel started
04/13/2016 21:10:08 [9008] rcv cmd:0 at state[1]
04/13/2016 21:10:08 [9032] server=178.207.157.170[178.207.157.170] port=10443[10443] version=1 tunnel=192.168.1.0/255.255.255.0 cookie=e3mE6berXlWjpxaKYx.....WbM/roP5LUO3uioneZRg3cXNc%0ajNt5f7B5Z9nCEPALE0YuiKrSfvoZiMfvK5r/k7+PqSSMQntJhpgOEuKSEdH4ujYj%0a exclusive routing: 0

04/13/2016 21:10:08 [9032] starting pppd
04/13/2016 21:10:08 [9032] use tty:/dev/pts/10
04/13/2016 21:10:08 [9032] connecting to 178.207.157.170:10443
04/13/2016 21:10:08 [9032] [xml config]: GET /remote/fortisslvpn_xml ... (received 812 bytes):
HTTP/1.1 200 OK
Date: Thu, 14 Apr 2016 13:35:08 GMT
Set-Cookie: SVPNCOOKIE=e3mE6berXlWjpxaK.....Dw7wkEtqUWbM/roP5LUO3uioneZRg3cXNc%0ajNt5f7B5Z9nCEPALE0YuiKrSfvoZiMfvK5r/k7+PqSSMQntJhpgOEuKSEdH4ujYj%0a; path=/; secure; httponly
Transfer-Encoding: chunked
Content-Type: text/xml
X-Frame-Options: SAMEORIGIN

<?xml version='1.0' encoding='utf-8'?><sslvpn-tunnel ver='1'><fos platform='FGT80C' major='5' minor='02' patch='4' build='0688' branch='688' /><client-config save-password='off' keep-alive='off' auto-connect='off' /><ipv4><assigned-addr ipv4='10.212.134.201' /><split-tunnel-info><addr ip='192.168.1.0' mask='255.255.255.0' /></split-tunnel-info></ipv4><idle-timeout val='300' /><auth-timeout val='28800' /></sslvpn-tunnel>
----

04/13/2016 21:10:08 [9032] begin io loop
04/13/2016 21:10:08 [9032] launch ssl read thread
04/13/2016 21:10:08 [9032] launch tty read thread
04/13/2016 21:10:08 [9032] ssl read thread started
04/13/2016 21:10:08 [9032] tty read thread started
04/13/2016 21:10:08 [9032] ssl write thread started
04/13/2016 21:10:08 [9032] tty write thread started
04/13/2016 21:10:08 [9032] Got local address from ppp, interface will be  up
04/13/2016 21:10:09 [9032] ppp interface is up
04/13/2016 21:10:09 [9032] run_scutil 178.207.157.170 192.168.1.0/255.255.255.0 0...
04/13/2016 21:10:09 [9032] main thread waiting on condition
begin sysconfig linux
Generating pppd.resolv.conf...Done
server route
interface ppp0
address 10.212.134.201
delete route 1.1.1.1
route to 178.207.157.170 already OK
route -n add -net 192.168.1.0 netmask 255.255.255.0 gw 10.212.134.201
04/13/2016 21:10:12 [9030] 1460571008->1460571012
04/13/2016 21:10:14 [9032] killing pppd ...
04/13/2016 21:10:14 [9032] kill_child:9035
04/13/2016 21:10:14 [9032] kill_child:9052
04/13/2016 21:10:14 [9030] signal rcved, logout now
04/13/2016 21:10:14 [9030] GET[407]:
GET /remote/logout HTTP/1.1
Host: 178.207.157.170:10443
User-Agent: Mozilla/5.0 SV1
Accept: text/plain
Accept-Encoding: identify
Content-Type: application/x-www-form-urlencoded
Cookie: SVPNCOOKIE=e3mE6berXlW...../roP5LUO3uioneZRg3cXNc%0ajNt5f7B5Z9nCEPALE0YuiKrSfvoZiMfvK5r/k7+PqSSMQntJhpgOEuKSEdH4ujYj%0a


04/13/2016 21:10:14 [9030] get response
04/13/2016 21:10:14 [9008] kill_child:9032
04/13/2016 21:10:14 [9008] kill_child:9032
04/13/2016 21:10:14 [9008] tunnel terminated
04/13/2016 21:10:14 [9008] kill_child:9030
04/13/2016 21:10:14 [9030] 1460571012->1460571014
04/13/2016 21:10:14 [9030] RESPONSE[369]:
HTTP/1.1 302 Found
Date: Thu, 14 Apr 2016 13:35:14 GMT
Set-Cookie:  SVPNCOOKIE=; path=/; expires=Thu, 14-Apr-2016 13:35:14 GMT; secure; httponly;
Set-Cookie: SVPNNETWORKCOOKIE=; path=/remote/network; expires=Thu, 14-Apr-2016 13:35:14 GMT; secure; httponly
Location: /remote/login?lang=en
Content-Length: 0
Content-Type: text/plain
X-Frame-Options: SAMEORIGIN


begin cleanup linux...
restore /etc/resolv.conf
clean up route...
truncate pppd.log
truncate forticlientsslvpn.log
04/13/2016 21:10:14 [9008] FortiClient SSLVPN[4.0.2289] stopped