Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Jan 27 09:12:06: | NSS ike_alg_nss_cbc: aes - enter
- Jan 27 09:12:06: | NSS ike_alg_nss_cbc: aes - exit
- Jan 27 09:12:06: | next IV: f5 e1 58 b8 e5 c1 e1 4c d3 ec 1e 2c ea d0 2d be
- Jan 27 09:12:06: | no IKEv1 message padding required
- Jan 27 09:12:06: | emitting length of ISAKMP Message: 92
- Jan 27 09:12:06: | sending 96 bytes for delete notify through eth0:4500 to aaa.bbb.ccc.ddd:4500 (using #535)
- Jan 27 09:12:06: | 00 00 00 00 88 1d 2f e5 6f 80 c6 c7 c4 1c f6 00
- Jan 27 09:12:06: | c7 c4 99 d4 08 10 05 01 70 85 89 85 00 00 00 5c
- Jan 27 09:12:06: | be d2 90 e4 3f f7 cd 4c 78 5f 0f 0a d6 b6 cd 76
- Jan 27 09:12:06: | 55 2c 2d 49 f5 72 00 11 87 c2 66 b8 e9 67 dd 26
- Jan 27 09:12:06: | f1 50 8e 09 e7 99 c0 35 70 fe bb 73 3b 78 3d d3
- Jan 27 09:12:06: | f5 e1 58 b8 e5 c1 e1 4c d3 ec 1e 2c ea d0 2d be
- Jan 27 09:12:06: | state: #535 requesting to delete non existing event
- Jan 27 09:12:06: | unhashing state object #535
- Jan 27 09:12:06: | removing state 0x7f410f6e5890 entry 0x7f410f6e5ef8 next (nil) prev-next 0x7f410f126300 from list
- Jan 27 09:12:06: | updated next entry is (nil)
- Jan 27 09:12:06: | removing state 0x7f410f6e5890 entry 0x7f410f6e5f10 next (nil) prev-next 0x7f410f126450 from list
- Jan 27 09:12:06: | updated next entry is (nil)
- Jan 27 09:12:06: | parent state #535: STATE_XAUTH_R0(established-authenticated-ike) > STATE_UNDEFINED(ignore)
- Jan 27 09:12:06: | ignore states: 0
- Jan 27 09:12:06: | half-open-ike states: 0
- Jan 27 09:12:06: | open-ike states: 0
- Jan 27 09:12:06: | established-anonymous-ike states: 0
- Jan 27 09:12:06: | established-authenticated-ike states: 1
- Jan 27 09:12:06: | anonymous-ipsec states: 0
- Jan 27 09:12:06: | authenticated-ipsec states: 2
- Jan 27 09:12:06: | informational states: 0
- Jan 27 09:12:06: | unknown states: 0
- Jan 27 09:12:06: | category states: 3 count states: 3
- Jan 27 09:12:06: | st->st_skeyseed_nss: free key 0x7f410f6da800
- Jan 27 09:12:06: | st->st_skey_d_nss: free key 0x7f410f6924c0
- Jan 27 09:12:06: | st->st_skey_ai_nss: free key 0x7f410f6bdfb0
- Jan 27 09:12:06: | st->st_skey_ar_nss: free key NULL
- Jan 27 09:12:06: | st->st_skey_ei_nss: free key 0x7f410f6d7370
- Jan 27 09:12:06: | st->st_skey_er_nss: free key NULL
- Jan 27 09:12:06: | st->st_skey_pi_nss: free key NULL
- Jan 27 09:12:06: | st->st_skey_pr_nss: free key NULL
- Jan 27 09:12:06: | st->st_enc_key_nss: free key 0x7f410f6d02d0
- Jan 27 09:12:07: | *received 848 bytes from aaa.bbb.ccc.ddd:500 on eth0 (port=500)
- Jan 27 09:12:07: | a2 7e 66 da e6 0b 70 e8 00 00 00 00 00 00 00 00
- Jan 27 09:12:07: | 01 10 02 00 00 00 00 00 00 00 03 50 0d 00 02 20
- Jan 27 09:12:07: | 00 00 00 01 00 00 00 01 00 00 02 14 01 01 00 0f
- Jan 27 09:12:07: | 03 00 00 24 01 01 00 00 80 0b 00 01 80 0c 0e 10
- Jan 27 09:12:07: | 80 01 00 07 80 0e 01 00 80 03 fd e9 80 02 00 04
- Jan 27 09:12:07: | 80 04 00 0e 03 00 00 24 02 01 00 00 80 0b 00 01
- Jan 27 09:12:07: | 80 0c 0e 10 80 01 00 07 80 0e 01 00 80 03 fd e9
- Jan 27 09:12:07: | 80 02 00 02 80 04 00 0e 03 00 00 24 03 01 00 00
- Jan 27 09:12:07: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 0e 01 00
- Jan 27 09:12:07: | 80 03 fd e9 80 02 00 01 80 04 00 0e 03 00 00 24
- Jan 27 09:12:07: | 04 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
- Jan 27 09:12:07: | 80 0e 01 00 80 03 fd e9 80 02 00 06 80 04 00 0e
- Jan 27 09:12:07: | 03 00 00 24 05 01 00 00 80 0b 00 01 80 0c 0e 10
- Jan 27 09:12:07: | 80 01 00 07 80 0e 01 00 80 03 fd e9 80 02 00 04
- Jan 27 09:12:07: | 80 04 00 05 03 00 00 24 06 01 00 00 80 0b 00 01
- Jan 27 09:12:07: | 80 0c 0e 10 80 01 00 07 80 0e 01 00 80 03 fd e9
- Jan 27 09:12:07: | 80 02 00 02 80 04 00 05 03 00 00 24 07 01 00 00
- Jan 27 09:12:07: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 0e 01 00
- Jan 27 09:12:07: | 80 03 fd e9 80 02 00 01 80 04 00 05 03 00 00 24
- Jan 27 09:12:07: | 08 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
- Jan 27 09:12:07: | 80 0e 01 00 80 03 fd e9 80 02 00 02 80 04 00 02
- Jan 27 09:12:07: | 03 00 00 24 09 01 00 00 80 0b 00 01 80 0c 0e 10
- Jan 27 09:12:07: | 80 01 00 07 80 0e 01 00 80 03 fd e9 80 02 00 01
- Jan 27 09:12:07: | 80 04 00 02 03 00 00 24 0a 01 00 00 80 0b 00 01
- Jan 27 09:12:07: | 80 0c 0e 10 80 01 00 07 80 0e 00 80 80 03 fd e9
- Jan 27 09:12:07: | 80 02 00 02 80 04 00 02 03 00 00 24 0b 01 00 00
- Jan 27 09:12:07: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 0e 00 80
- Jan 27 09:12:07: | 80 03 fd e9 80 02 00 01 80 04 00 02 03 00 00 20
- Jan 27 09:12:07: | 0c 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 05
- Jan 27 09:12:07: | 80 03 fd e9 80 02 00 02 80 04 00 02 03 00 00 20
- Jan 27 09:12:07: | 0d 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 05
- Jan 27 09:12:07: | 80 03 fd e9 80 02 00 01 80 04 00 02 03 00 00 20
- Jan 27 09:12:07: | 0e 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 01
- Jan 27 09:12:07: | 80 03 fd e9 80 02 00 02 80 04 00 02 00 00 00 20
- Jan 27 09:12:07: | 0f 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 01
- Jan 27 09:12:07: | 80 03 fd e9 80 02 00 01 80 04 00 02 0d 00 00 14
- Jan 27 09:12:07: | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
- Jan 27 09:12:07: | 0d 00 00 14 4d f3 79 28 e9 fc 4f d1 b3 26 21 70
- Jan 27 09:12:07: | d5 15 c6 62 0d 00 00 14 8f 8d 83 82 6d 24 6b 6f
- Jan 27 09:12:07: | c7 a8 a6 a4 28 c1 1d e8 0d 00 00 14 43 9b 59 f8
- Jan 27 09:12:07: | ba 67 6c 4c 77 37 ae 22 ea b8 f5 82 0d 00 00 14
- Jan 27 09:12:07: | 4d 1e 0e 13 6d ea fa 34 c4 f3 ea 9f 02 ec 72 85
- Jan 27 09:12:07: | 0d 00 00 14 80 d0 bb 3d ef 54 56 5e e8 46 45 d4
- Jan 27 09:12:07: | c8 5c e3 ee 0d 00 00 14 99 09 b6 4e ed 93 7c 65
- Jan 27 09:12:07: | 73 de 52 ac e9 52 fa 6b 0d 00 00 14 7d 94 19 a6
- Jan 27 09:12:07: | 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 0d 00 00 14
- Jan 27 09:12:07: | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48
- Jan 27 09:12:07: | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5
- Jan 27 09:12:07: | ec 42 7b 1f 0d 00 00 0c 09 00 26 89 df d6 b7 12
- Jan 27 09:12:07: | 0d 00 00 14 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2
- Jan 27 09:12:07: | 74 cc 01 00 0d 00 00 18 40 48 b7 d5 6e bc e8 85
- Jan 27 09:12:07: | 25 e7 de 7f 00 d6 c2 d3 80 00 00 00 00 00 00 14
- Jan 27 09:12:07: | af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00
- Jan 27 09:12:07: | **parse ISAKMP Message:
- Jan 27 09:12:07: | initiator cookie:
- Jan 27 09:12:07: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:07: | responder cookie:
- Jan 27 09:12:07: | 00 00 00 00 00 00 00 00
- Jan 27 09:12:07: | next payload type: ISAKMP_NEXT_SA (0x1)
- Jan 27 09:12:07: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:12:07: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
- Jan 27 09:12:07: | flags: none (0x0)
- Jan 27 09:12:07: | message ID: 00 00 00 00
- Jan 27 09:12:07: | length: 848 (0x350)
- Jan 27 09:12:07: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
- Jan 27 09:12:07: | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2opt: 0x2080
- Jan 27 09:12:07: | ***parse ISAKMP Security Association Payload:
- Jan 27 09:12:07: | next payload type: ISAKMP_NEXT_VID (0xd)
- Jan 27 09:12:07: | length: 544 (0x220)
- Jan 27 09:12:07: | DOI: ISAKMP_DOI_IPSEC (0x1)
- .
- .
- .
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947]
- Jan 27 09:12:07: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike]
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike]
- Jan 27 09:12:07: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-08]
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-08]
- Jan 27 09:12:07: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-07]
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-07]
- Jan 27 09:12:07: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-06]
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-06]
- Jan 27 09:12:07: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-05]
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-05]
- Jan 27 09:12:07: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-04]
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-04]
- Jan 27 09:12:07: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-03]
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
- Jan 27 09:12:07: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-02]
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
- Jan 27 09:12:07: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-02_n]
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [XAUTH]
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Cisco-Unity]
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [FRAGMENTATION 80000000]
- Jan 27 09:12:07: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
- Jan 27 09:12:07: | find_host_connection me=ccc.ddd.eee.fff:500 him=aaa.bbb.ccc.ddd:500 policy=IKEV1_ALLOW
- Jan 27 09:12:07: | find_host_pair: comparing ccc.ddd.eee.fff:500 to aaa.bbb.ccc.ddd:500
- Jan 27 09:12:07: | find_host_pair_conn (find_host_connection): ccc.ddd.eee.fff:500 aaa.bbb.ccc.ddd:500 -> hp:xauth-psk
- Jan 27 09:12:07: | find_next_host_connection policy=IKEV1_ALLOW
- Jan 27 09:12:07: | found policy = PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+MODECFG_PULL+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW (xauth-psk)
- Jan 27 09:12:07: | find_next_host_connection returns xauth-psk
- Jan 27 09:12:07: | creating state object #536 at 0x7f410f6e7b40
- Jan 27 09:12:07: | parent state #536: new > STATE_UNDEFINED(ignore)
- Jan 27 09:12:07: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:07: | parent state #536: STATE_UNDEFINED(ignore) > STATE_MAIN_R0(half-open-ike)
- Jan 27 09:12:07: | ignore states: 0
- Jan 27 09:12:07: | half-open-ike states: 1
- Jan 27 09:12:07: | open-ike states: 0
- Jan 27 09:12:07: | established-anonymous-ike states: 0
- Jan 27 09:12:07: | established-authenticated-ike states: 1
- Jan 27 09:12:07: | anonymous-ipsec states: 0
- Jan 27 09:12:07: | authenticated-ipsec states: 2
- Jan 27 09:12:07: | informational states: 0
- Jan 27 09:12:07: | unknown states: 0
- Jan 27 09:12:07: | category states: 4 count states: 4
- Jan 27 09:12:07: | inserting state object #536
- Jan 27 09:12:07: | finding hash chain in state hash table
- Jan 27 09:12:07: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:07: | RCOOKIE: db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:07: | found hash chain 14
- Jan 27 09:12:07: | list 0x7f410f1262b8 first entry (nil)
- Jan 27 09:12:07: | inserted state 0x7f410f6e7b40 entry 0x7f410f6e81a8 next (nil) prev-next 0x7f410f1262b8 into list
- Jan 27 09:12:07: | updated next entry is (nil)
- Jan 27 09:12:07: | finding hash chain in icookie hash table
- Jan 27 09:12:07: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:07: | RCOOKIE: 00 00 00 00 00 00 00 00
- Jan 27 09:12:07: | found hash chain 13
- Jan 27 09:12:07: | list 0x7f410f1263d0 first entry (nil)
- Jan 27 09:12:07: | inserted state 0x7f410f6e7b40 entry 0x7f410f6e81c0 next (nil) prev-next 0x7f410f1263d0 into list
- Jan 27 09:12:07: | updated next entry is (nil)
- Jan 27 09:12:07: | event_schedule called for 0 seconds
- Jan 27 09:12:07: | event_schedule_tv called for about 0 seconds and change
- Jan 27 09:12:07: | inserting event EVENT_SO_DISCARD, timeout in 0.000000 seconds for #536
- Jan 27 09:12:07: | sender checking NAT-T: enabled and 86
- Jan 27 09:12:07: | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC
- Jan 27 09:12:07: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
- Jan 27 09:12:07: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: responding to Main Mode from unknown peer aaa.bbb.ccc.ddd
- Jan 27 09:12:07: | **emit ISAKMP Message:
- Jan 27 09:12:07: | initiator cookie:
- Jan 27 09:12:07: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:07: | responder cookie:
- Jan 27 09:12:07: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:07: | next payload type: ISAKMP_NEXT_SA (0x1)
- Jan 27 09:12:07: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:12:07: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
- Jan 27 09:12:07: | flags: none (0x0)
- Jan 27 09:12:07: | message ID: 00 00 00 00
- Jan 27 09:12:07: | NAT-T VID detected, sending NAT-T VID
- .
- .
- .
- Jan 27 09:12:07: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
- Jan 27 09:12:07: | peer supports fragmentation
- Jan 27 09:12:07: | peer supports dpd
- Jan 27 09:12:07: | parent state #536: STATE_MAIN_R0(half-open-ike) > STATE_MAIN_R1(open-ike)
- Jan 27 09:12:07: | ignore states: 0
- Jan 27 09:12:07: | half-open-ike states: 0
- Jan 27 09:12:07: | open-ike states: 1
- Jan 27 09:12:07: | established-anonymous-ike states: 0
- Jan 27 09:12:07: | established-authenticated-ike states: 1
- Jan 27 09:12:07: | anonymous-ipsec states: 0
- Jan 27 09:12:07: | authenticated-ipsec states: 2
- Jan 27 09:12:07: | informational states: 0
- Jan 27 09:12:07: | unknown states: 0
- Jan 27 09:12:07: | category states: 4 count states: 4
- Jan 27 09:12:07: | state: #536 requesting EVENT_SO_DISCARD to be deleted
- Jan 27 09:12:07: | sending reply packet to aaa.bbb.ccc.ddd:500 (from port 500)
- Jan 27 09:12:07: | sending 156 bytes for STATE_MAIN_R0 through eth0:500 to aaa.bbb.ccc.ddd:500 (using #536)
- Jan 27 09:12:07: | a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:07: | 01 10 02 00 00 00 00 00 00 00 00 9c 0d 00 00 38
- Jan 27 09:12:07: | 00 00 00 01 00 00 00 01 00 00 00 2c 01 01 00 01
- Jan 27 09:12:07: | 00 00 00 24 01 01 00 00 80 0b 00 01 80 0c 0e 10
- Jan 27 09:12:07: | 80 01 00 07 80 0e 01 00 80 03 fd e9 80 02 00 04
- Jan 27 09:12:07: | 80 04 00 0e 0d 00 00 14 af ca d7 13 68 a1 f1 c9
- Jan 27 09:12:07: | 6b 86 96 fc 77 57 01 00 0d 00 00 14 40 48 b7 d5
- Jan 27 09:12:07: | 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 0d 00 00 0c
- Jan 27 09:12:07: | 09 00 26 89 df d6 b7 12 00 00 00 14 4a 13 1c 81
- Jan 27 09:12:07: | 07 03 58 45 5c 57 28 f2 0e 95 45 2f
- Jan 27 09:12:07: | event_schedule_ms called for about 500 ms
- Jan 27 09:12:07: | event_schedule_tv called for about 0 seconds and change
- Jan 27 09:12:07: | inserting event EVENT_v1_RETRANSMIT, timeout in 0.500000 seconds for #536
- Jan 27 09:12:07: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: STATE_MAIN_R1: sent MR1, expecting MI2
- Jan 27 09:12:07: | modecfg pull: quirk-poll policy:pull not-client
- Jan 27 09:12:07: | phase 1 is done, looking for phase 2 to unpend
- Jan 27 09:12:07: | *received 380 bytes from aaa.bbb.ccc.ddd:500 on eth0 (port=500)
- Jan 27 09:12:07: | a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:07: | 04 10 02 00 00 00 00 00 00 00 01 7c 0a 00 01 04
- Jan 27 09:12:07: | 19 4c f9 0e bb ca dd 8b c2 c2 e2 85 c4 a7 25 c1
- Jan 27 09:12:07: | 86 ec 55 df ca aa a4 0d 71 aa d3 1d 07 80 b8 ae
- Jan 27 09:12:07: | be b2 71 37 8c 9d 3f f3 af 70 2e fa b8 5c ea 5f
- Jan 27 09:12:07: | 6b ef 0b 9d 09 af 34 cd 9f c6 f4 e5 a8 11 28 62
- Jan 27 09:12:07: | 35 3e 62 be c4 54 0c 79 af d7 e2 5d 2c 5a 00 ef
- Jan 27 09:12:07: | 3f 5a 42 06 18 e1 11 e9 c7 5d 0c 23 5c 31 c4 90
- Jan 27 09:12:07: | 88 6b c6 05 60 1a f6 c7 8d 9b 09 e7 f7 44 8a ac
- Jan 27 09:12:07: | 90 c9 4f f9 cb 55 70 38 f3 29 59 bb 4d 3a bd dc
- Jan 27 09:12:07: | ce c8 70 bf 7c bf 45 7f 47 c7 81 f9 01 52 2f d6
- Jan 27 09:12:07: | c3 a9 8c 54 87 7a d4 ad f6 ad c8 28 7b 83 a7 06
- Jan 27 09:12:07: | 62 52 7f d4 cd 98 20 98 0a eb 39 27 7a 91 ce a6
- Jan 27 09:12:07: | 58 c0 f5 79 53 d3 51 22 f0 ab 06 98 1d 23 55 0f
- Jan 27 09:12:07: | 0a 13 50 a4 f1 6d f4 67 94 9d 19 4a 93 8a de 60
- Jan 27 09:12:07: | 7d 65 b9 e9 34 8c 25 e5 1f 62 b2 11 fa 84 19 12
- Jan 27 09:12:07: | 1b 4a fe b7 3f 1d 7e 64 8d 02 03 cb a7 08 13 2f
- Jan 27 09:12:07: | e4 57 82 73 07 00 14 40 b2 a3 5e c0 97 7b d1 96
- Jan 27 09:12:07: | 14 00 00 14 08 70 34 98 c3 1b b5 26 73 00 72 c4
- Jan 27 09:12:07: | 50 a9 d1 9e 14 00 00 24 8a 31 1d 54 62 06 67 cf
- Jan 27 09:12:07: | d2 51 23 2b 0a 63 c3 f1 db 68 b8 b2 fc 7f 64 0a
- Jan 27 09:12:07: | 16 ff e8 84 ff 92 c7 62 00 00 00 24 64 ac 2b 94
- Jan 27 09:12:07: | bb d8 76 eb c3 51 ad 8f b6 49 98 d5 b4 44 23 f4
- Jan 27 09:12:07: | a8 1f b5 18 3b 3b 3e 91 c7 d9 63 37
- Jan 27 09:12:07: | **parse ISAKMP Message:
- Jan 27 09:12:07: | initiator cookie:
- Jan 27 09:12:07: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:07: | responder cookie:
- Jan 27 09:12:07: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:07: | next payload type: ISAKMP_NEXT_KE (0x4)
- Jan 27 09:12:07: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:12:07: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
- Jan 27 09:12:07: | flags: none (0x0)
- Jan 27 09:12:07: | message ID: 00 00 00 00
- Jan 27 09:12:07: | length: 380 (0x17c)
- Jan 27 09:12:07: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
- Jan 27 09:12:07: | finding hash chain in state hash table
- Jan 27 09:12:07: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:07: | RCOOKIE: db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:07: | found hash chain 14
- Jan 27 09:12:07: | v1 peer and cookies match on #536, provided msgid 00000000 == 00000000
- Jan 27 09:12:07: | v1 state object #536 found, in STATE_MAIN_R1
- Jan 27 09:12:07: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:07: | #536 state_busy:2221 st != NULL && st->st_calculating == FALSE;
- Jan 27 09:12:07: | got payload 0x10 (ISAKMP_NEXT_KE) needed: 0x410opt: 0x102080
- Jan 27 09:12:07: | ***parse ISAKMP Key Exchange Payload:
- Jan 27 09:12:07: | next payload type: ISAKMP_NEXT_NONCE (0xa)
- Jan 27 09:12:07: | length: 260 (0x104)
- Jan 27 09:12:07: | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400opt: 0x102080
- Jan 27 09:12:07: | ***parse ISAKMP Nonce Payload:
- Jan 27 09:12:07: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
- Jan 27 09:12:07: | length: 20 (0x14)
- Jan 27 09:12:07: | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0opt: 0x102080
- Jan 27 09:12:07: | ***parse ISAKMP NAT-D Payload:
- Jan 27 09:12:07: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
- Jan 27 09:12:07: | length: 36 (0x24)
- Jan 27 09:12:07: | got payload 0x100000 (ISAKMP_NEXT_NATD_RFC) needed: 0x0opt: 0x102080
- Jan 27 09:12:07: | ***parse ISAKMP NAT-D Payload:
- Jan 27 09:12:07: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:07: | length: 36 (0x24)
- Jan 27 09:12:07: | DH public value received:
- Jan 27 09:12:07: | 19 4c f9 0e bb ca dd 8b c2 c2 e2 85 c4 a7 25 c1
- Jan 27 09:12:07: | 86 ec 55 df ca aa a4 0d 71 aa d3 1d 07 80 b8 ae
- Jan 27 09:12:07: | be b2 71 37 8c 9d 3f f3 af 70 2e fa b8 5c ea 5f
- Jan 27 09:12:07: | 6b ef 0b 9d 09 af 34 cd 9f c6 f4 e5 a8 11 28 62
- Jan 27 09:12:07: | 35 3e 62 be c4 54 0c 79 af d7 e2 5d 2c 5a 00 ef
- Jan 27 09:12:07: | 3f 5a 42 06 18 e1 11 e9 c7 5d 0c 23 5c 31 c4 90
- Jan 27 09:12:07: | 88 6b c6 05 60 1a f6 c7 8d 9b 09 e7 f7 44 8a ac
- Jan 27 09:12:07: | 90 c9 4f f9 cb 55 70 38 f3 29 59 bb 4d 3a bd dc
- Jan 27 09:12:07: | ce c8 70 bf 7c bf 45 7f 47 c7 81 f9 01 52 2f d6
- Jan 27 09:12:07: | c3 a9 8c 54 87 7a d4 ad f6 ad c8 28 7b 83 a7 06
- Jan 27 09:12:07: | 62 52 7f d4 cd 98 20 98 0a eb 39 27 7a 91 ce a6
- Jan 27 09:12:07: | 58 c0 f5 79 53 d3 51 22 f0 ab 06 98 1d 23 55 0f
- Jan 27 09:12:07: | 0a 13 50 a4 f1 6d f4 67 94 9d 19 4a 93 8a de 60
- Jan 27 09:12:07: | 7d 65 b9 e9 34 8c 25 e5 1f 62 b2 11 fa 84 19 12
- Jan 27 09:12:07: | 1b 4a fe b7 3f 1d 7e 64 8d 02 03 cb a7 08 13 2f
- Jan 27 09:12:07: | e4 57 82 73 07 00 14 40 b2 a3 5e c0 97 7b d1 96
- Jan 27 09:12:07: | checking NAT-t: enabled and RFC 3947 (NAT-Traversal)
- Jan 27 09:12:07: | natd_hash: hasher=0x7f410f12c980(32)
- Jan 27 09:12:07: | natd_hash: icookie= a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:07: | natd_hash: rcookie= db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:07: | natd_hash: ip= ac 1f 23 ef
- Jan 27 09:12:07: | natd_hash: port=500
- Jan 27 09:12:07: | natd_hash: hash= e1 a6 85 25 27 86 76 a7 81 07 0c 05 f1 56 73 87
- Jan 27 09:12:07: | natd_hash: hash= b1 41 48 21 43 b2 75 87 79 6c 30 07 92 18 b7 66
- Jan 27 09:12:07: | natd_hash: hasher=0x7f410f12c980(32)
- Jan 27 09:12:07: | natd_hash: icookie= a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:07: | natd_hash: rcookie= db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:07: | natd_hash: ip= 54 e5 1a 3b
- Jan 27 09:12:07: | natd_hash: port=500
- Jan 27 09:12:07: | natd_hash: hash= 92 e9 d3 3d 77 21 9b ad 4b ed 4a 58 7d f0 ef e3
- Jan 27 09:12:07: | natd_hash: hash= 60 f1 6f a2 a8 0d 2a 75 48 2a 35 73 07 9d 74 3e
- Jan 27 09:12:07: | expected NAT-D(me): e1 a6 85 25 27 86 76 a7 81 07 0c 05 f1 56 73 87
- Jan 27 09:12:07: | expected NAT-D(me): b1 41 48 21 43 b2 75 87 79 6c 30 07 92 18 b7 66
- Jan 27 09:12:07: | expected NAT-D(him):
- Jan 27 09:12:07: | 92 e9 d3 3d 77 21 9b ad 4b ed 4a 58 7d f0 ef e3
- Jan 27 09:12:07: | 60 f1 6f a2 a8 0d 2a 75 48 2a 35 73 07 9d 74 3e
- Jan 27 09:12:07: | received NAT-D: 8a 31 1d 54 62 06 67 cf d2 51 23 2b 0a 63 c3 f1
- Jan 27 09:12:07: | received NAT-D: db 68 b8 b2 fc 7f 64 0a 16 ff e8 84 ff 92 c7 62
- Jan 27 09:12:07: | received NAT-D: 64 ac 2b 94 bb d8 76 eb c3 51 ad 8f b6 49 98 d5
- Jan 27 09:12:07: | received NAT-D: b4 44 23 f4 a8 1f b5 18 3b 3b 3e 91 c7 d9 63 37
- Jan 27 09:12:07: | NAT_TRAVERSAL this end is behind NAT
- Jan 27 09:12:07: | NAT_TRAVERSAL that end is behind NAT aaa.bbb.ccc.ddd
- Jan 27 09:12:07: | NAT_TRAVERSAL nat_keepalive enabled aaa.bbb.ccc.ddd
- Jan 27 09:12:07: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: I am behind NAT+peer behind NAT
- Jan 27 09:12:07: | NAT_T_WITH_KA detected
- Jan 27 09:12:07: | crypto helper 0: pcw_work: 0
- Jan 27 09:12:07: | asking crypto helper 0 to do build KE and nonce; request ID 844 (len=2776, pcw_work=0)
- Jan 27 09:12:07: | crypto helper 0 read fd: 11
- Jan 27 09:12:07: | crypto helper 0 doing build KE and nonce; request ID 844
- .
- .
- .
- Jan 27 09:12:07: | ***emit ISAKMP Nonce Payload:
- Jan 27 09:12:07: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:07: | emitting 16 raw bytes of Nr into ISAKMP Nonce Payload
- Jan 27 09:12:07: | Nr 0c 20 3f da 14 72 e1 31 f6 56 9a dd ed 09 fd 72
- Jan 27 09:12:07: | emitting length of ISAKMP Nonce Payload: 20
- Jan 27 09:12:07: | sending NAT-D payloads
- Jan 27 09:12:07: | natd_hash: hasher=0x7f410f12c980(32)
- Jan 27 09:12:07: | natd_hash: icookie= a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:07: | natd_hash: rcookie= db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:07: | natd_hash: ip= 54 e5 1a 3b
- Jan 27 09:12:07: | natd_hash: port=500
- Jan 27 09:12:07: | natd_hash: hash= 92 e9 d3 3d 77 21 9b ad 4b ed 4a 58 7d f0 ef e3
- Jan 27 09:12:07: | natd_hash: hash= 60 f1 6f a2 a8 0d 2a 75 48 2a 35 73 07 9d 74 3e
- Jan 27 09:12:07: | ***emit ISAKMP NAT-D Payload:
- Jan 27 09:12:07: | next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
- Jan 27 09:12:07: | emitting 32 raw bytes of NAT-D into ISAKMP NAT-D Payload
- Jan 27 09:12:07: | NAT-D 92 e9 d3 3d 77 21 9b ad 4b ed 4a 58 7d f0 ef e3
- Jan 27 09:12:07: | NAT-D 60 f1 6f a2 a8 0d 2a 75 48 2a 35 73 07 9d 74 3e
- Jan 27 09:12:07: | emitting length of ISAKMP NAT-D Payload: 36
- Jan 27 09:12:07: | natd_hash: hasher=0x7f410f12c980(32)
- Jan 27 09:12:07: | natd_hash: icookie= a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:07: | natd_hash: rcookie= db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:07: | natd_hash: ip= ac 1f 23 ef
- Jan 27 09:12:07: | natd_hash: port=500
- Jan 27 09:12:07: | natd_hash: hash= e1 a6 85 25 27 86 76 a7 81 07 0c 05 f1 56 73 87
- Jan 27 09:12:07: | natd_hash: hash= b1 41 48 21 43 b2 75 87 79 6c 30 07 92 18 b7 66
- Jan 27 09:12:07: | ***emit ISAKMP NAT-D Payload:
- Jan 27 09:12:07: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:07: | emitting 32 raw bytes of NAT-D into ISAKMP NAT-D Payload
- Jan 27 09:12:07: | NAT-D e1 a6 85 25 27 86 76 a7 81 07 0c 05 f1 56 73 87
- Jan 27 09:12:07: | NAT-D b1 41 48 21 43 b2 75 87 79 6c 30 07 92 18 b7 66
- Jan 27 09:12:07: | emitting length of ISAKMP NAT-D Payload: 36
- .
- .
- .
- Jan 27 09:12:07: | prf outer hash key(0x7f410f6c2a40) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:07: | prf outer: free key 0x7f410f6c2670
- Jan 27 09:12:07: | prf final result key(0x7f410f6c2a40) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:07: | crypt key: symkey from symkey(0x7f410f6c2a40) - next-byte(0) key-size(32) flags(0x300) derive(EXTRACT_KEY_FROM_KEY) target(AES_CBC)
- Jan 27 09:12:07: | symkey: key(0x7f410f6c2a40) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:07: | crypt key: key(0x7f410f6c2670) length(32) type/mechanism(AES_CBC 0x00001082)
- Jan 27 09:12:07: | NSS: pointers skeyid_d 0x7f410f6da800, skeyid_a 0x7f410f6e4c80, skeyid_e 0x7f410f6c2a40, enc_key 0x7f410f6c2670
- Jan 27 09:12:07: | DH_i: 19 4c f9 0e bb ca dd 8b c2 c2 e2 85 c4 a7 25 c1
- Jan 27 09:12:07: | DH_i: 86 ec 55 df ca aa a4 0d 71 aa d3 1d 07 80 b8 ae
- Jan 27 09:12:07: | DH_i: be b2 71 37 8c 9d 3f f3 af 70 2e fa b8 5c ea 5f
- Jan 27 09:12:07: | DH_i: 6b ef 0b 9d 09 af 34 cd 9f c6 f4 e5 a8 11 28 62
- Jan 27 09:12:07: | DH_i: 35 3e 62 be c4 54 0c 79 af d7 e2 5d 2c 5a 00 ef
- Jan 27 09:12:07: | DH_i: 3f 5a 42 06 18 e1 11 e9 c7 5d 0c 23 5c 31 c4 90
- Jan 27 09:12:07: | DH_i: 88 6b c6 05 60 1a f6 c7 8d 9b 09 e7 f7 44 8a ac
- Jan 27 09:12:07: | DH_i: 90 c9 4f f9 cb 55 70 38 f3 29 59 bb 4d 3a bd dc
- Jan 27 09:12:07: | DH_i: ce c8 70 bf 7c bf 45 7f 47 c7 81 f9 01 52 2f d6
- Jan 27 09:12:07: | DH_i: c3 a9 8c 54 87 7a d4 ad f6 ad c8 28 7b 83 a7 06
- Jan 27 09:12:07: | DH_i: 62 52 7f d4 cd 98 20 98 0a eb 39 27 7a 91 ce a6
- Jan 27 09:12:07: | DH_i: 58 c0 f5 79 53 d3 51 22 f0 ab 06 98 1d 23 55 0f
- Jan 27 09:12:07: | DH_i: 0a 13 50 a4 f1 6d f4 67 94 9d 19 4a 93 8a de 60
- Jan 27 09:12:07: | DH_i: 7d 65 b9 e9 34 8c 25 e5 1f 62 b2 11 fa 84 19 12
- Jan 27 09:12:07: | DH_i: 1b 4a fe b7 3f 1d 7e 64 8d 02 03 cb a7 08 13 2f
- Jan 27 09:12:07: | DH_i: e4 57 82 73 07 00 14 40 b2 a3 5e c0 97 7b d1 96
- Jan 27 09:12:07: | DH_r: 9d 5a 5f 65 eb b0 65 4e eb 94 c6 df 0d 98 a9 d7
- Jan 27 09:12:07: | DH_r: 22 c3 72 25 ea 8e 07 33 85 5d 28 a8 f7 1d 54 95
- Jan 27 09:12:07: | DH_r: 06 ba f9 1e d7 b1 76 f2 f7 67 3e 0f 61 fa 59 e2
- Jan 27 09:12:07: | DH_r: d6 fa ed 19 24 d9 43 3b ad 60 82 30 16 0f d3 2c
- Jan 27 09:12:07: | DH_r: 4e b8 00 1d 43 dc b5 18 4d 12 80 5e 45 04 1f e1
- Jan 27 09:12:07: | DH_r: 39 fb 39 9c f2 c3 f3 6d 36 e3 6d 1b dc f4 8c 5e
- Jan 27 09:12:07: | DH_r: da fd 60 4a 11 47 92 ee 96 c9 59 df 71 de 87 2b
- Jan 27 09:12:07: | DH_r: ed 74 da c0 f3 33 d9 95 19 ed 1d 65 89 aa e7 0f
- Jan 27 09:12:07: | DH_r: 9c 69 09 49 e5 06 2b f9 48 c0 50 d4 8d 1d 0c 5b
- Jan 27 09:12:07: | DH_r: 72 b6 7b 57 f1 3d 92 28 07 9a 52 dd b2 e5 23 25
- Jan 27 09:12:07: | DH_r: 3c 6c 20 68 2c 96 a5 bb ee 0c b9 15 80 0e ae 54
- Jan 27 09:12:07: | DH_r: f3 9d 30 3a 02 cb b6 9f 2f c8 9f 5f 75 4e 80 48
- Jan 27 09:12:07: | DH_r: 2c 23 a5 21 ca 02 dd 48 5a 38 81 6f 28 79 43 a6
- Jan 27 09:12:07: | DH_r: 9e 85 ef 12 83 4a 9e 33 b8 3b 8f c2 72 e4 55 08
- Jan 27 09:12:07: | DH_r: 3e b2 04 83 cd c6 10 20 f2 34 22 98 af 1b 54 a9
- Jan 27 09:12:07: | DH_r: 72 19 3f 41 6b a3 b6 95 1e c8 b6 59 02 6e b7 34
- Jan 27 09:12:07: | end of IV generation
- Jan 27 09:12:07: | crypto helper 0 finished compute dh+iv (V1 Phase 1); request ID 845 time elapsed 2149 usec
- Jan 27 09:12:07: | #536 send_crypto_helper_request:613 st->st_calculating = TRUE;
- Jan 27 09:12:07: | state: #536 requesting EVENT_CRYPTO_FAILED to be deleted
- Jan 27 09:12:07: | event_schedule called for 60 seconds
- Jan 27 09:12:07: | event_schedule_tv called for about 60 seconds and change
- Jan 27 09:12:07: | inserting event EVENT_CRYPTO_FAILED, timeout in 60.000000 seconds for #536
- Jan 27 09:12:07: | started dh_secretiv, returned: stf=STF_SUSPEND
- Jan 27 09:12:07: | #536 main_inI2_outR2_tail:1367 st->st_calculating = FALSE;
- Jan 27 09:12:07: | complete v1 state transition with STF_OK
- Jan 27 09:12:07: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
- Jan 27 09:12:07: | parent state #536: STATE_MAIN_R1(open-ike) > STATE_MAIN_R2(open-ike)
- Jan 27 09:12:07: | ignore states: 0
- Jan 27 09:12:07: | half-open-ike states: 0
- Jan 27 09:12:07: | open-ike states: 1
- Jan 27 09:12:07: | established-anonymous-ike states: 0
- Jan 27 09:12:07: | established-authenticated-ike states: 1
- Jan 27 09:12:07: | anonymous-ipsec states: 0
- Jan 27 09:12:07: | authenticated-ipsec states: 2
- Jan 27 09:12:07: | informational states: 0
- Jan 27 09:12:07: | unknown states: 0
- Jan 27 09:12:07: | category states: 4 count states: 4
- Jan 27 09:12:07: | state: #536 requesting EVENT_CRYPTO_FAILED to be deleted
- Jan 27 09:12:07: | sending reply packet to aaa.bbb.ccc.ddd:500 (from port 500)
- Jan 27 09:12:07: | sending 380 bytes for STATE_MAIN_R1 through eth0:500 to aaa.bbb.ccc.ddd:500 (using #536)
- Jan 27 09:12:07: | a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:07: | 04 10 02 00 00 00 00 00 00 00 01 7c 0a 00 01 04
- Jan 27 09:12:07: | 9d 5a 5f 65 eb b0 65 4e eb 94 c6 df 0d 98 a9 d7
- Jan 27 09:12:07: | 22 c3 72 25 ea 8e 07 33 85 5d 28 a8 f7 1d 54 95
- Jan 27 09:12:07: | 06 ba f9 1e d7 b1 76 f2 f7 67 3e 0f 61 fa 59 e2
- Jan 27 09:12:07: | d6 fa ed 19 24 d9 43 3b ad 60 82 30 16 0f d3 2c
- Jan 27 09:12:07: | 4e b8 00 1d 43 dc b5 18 4d 12 80 5e 45 04 1f e1
- Jan 27 09:12:07: | 39 fb 39 9c f2 c3 f3 6d 36 e3 6d 1b dc f4 8c 5e
- Jan 27 09:12:07: | da fd 60 4a 11 47 92 ee 96 c9 59 df 71 de 87 2b
- Jan 27 09:12:07: | ed 74 da c0 f3 33 d9 95 19 ed 1d 65 89 aa e7 0f
- Jan 27 09:12:07: | 9c 69 09 49 e5 06 2b f9 48 c0 50 d4 8d 1d 0c 5b
- Jan 27 09:12:07: | 72 b6 7b 57 f1 3d 92 28 07 9a 52 dd b2 e5 23 25
- Jan 27 09:12:07: | 3c 6c 20 68 2c 96 a5 bb ee 0c b9 15 80 0e ae 54
- Jan 27 09:12:07: | f3 9d 30 3a 02 cb b6 9f 2f c8 9f 5f 75 4e 80 48
- Jan 27 09:12:07: | 2c 23 a5 21 ca 02 dd 48 5a 38 81 6f 28 79 43 a6
- Jan 27 09:12:07: | 9e 85 ef 12 83 4a 9e 33 b8 3b 8f c2 72 e4 55 08
- Jan 27 09:12:07: | 3e b2 04 83 cd c6 10 20 f2 34 22 98 af 1b 54 a9
- Jan 27 09:12:07: | 72 19 3f 41 6b a3 b6 95 1e c8 b6 59 02 6e b7 34
- Jan 27 09:12:07: | 14 00 00 14 0c 20 3f da 14 72 e1 31 f6 56 9a dd
- Jan 27 09:12:07: | ed 09 fd 72 14 00 00 24 92 e9 d3 3d 77 21 9b ad
- Jan 27 09:12:07: | 4b ed 4a 58 7d f0 ef e3 60 f1 6f a2 a8 0d 2a 75
- Jan 27 09:12:07: | 48 2a 35 73 07 9d 74 3e 00 00 00 24 e1 a6 85 25
- Jan 27 09:12:07: | 27 86 76 a7 81 07 0c 05 f1 56 73 87 b1 41 48 21
- Jan 27 09:12:07: | 43 b2 75 87 79 6c 30 07 92 18 b7 66
- Jan 27 09:12:07: | event_schedule_ms called for about 500 ms
- Jan 27 09:12:07: | event_schedule_tv called for about 0 seconds and change
- Jan 27 09:12:07: | inserting event EVENT_v1_RETRANSMIT, timeout in 0.500000 seconds for #536
- Jan 27 09:12:07: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: STATE_MAIN_R2: sent MR2, expecting MI3
- Jan 27 09:12:07: | modecfg pull: quirk-poll policy:pull not-client
- Jan 27 09:12:07: | phase 1 is done, looking for phase 2 to unpend
- Jan 27 09:12:07: | crypto helper 0 has finished work (pcw_work now 1)
- Jan 27 09:12:07: | crypto helper 0 replies to request ID 845
- Jan 27 09:12:07: | calling continuation function 0x7f410ee49180
- Jan 27 09:12:07: | main_inI2_outR2_calcdone for #536: calculate DH finished
- Jan 27 09:12:07: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:08: | *received 108 bytes from aaa.bbb.ccc.ddd:4500 on eth0 (port=4500)
- Jan 27 09:12:08: | a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | 05 10 02 01 00 00 00 00 00 00 00 6c e9 df 5c bd
- Jan 27 09:12:08: | 1e d6 94 32 5b e9 1d 0d 7d a3 11 2e ec 33 84 ee
- Jan 27 09:12:08: | a9 13 11 fe 51 4c 1c 15 97 95 d7 5f 33 cd 7c de
- Jan 27 09:12:08: | 6e 71 bb 52 57 91 dd 67 26 5c af 25 16 71 a7 2f
- Jan 27 09:12:08: | 11 2e a5 f8 e6 10 3d e1 43 7a e8 61 76 cb 98 af
- Jan 27 09:12:08: | 42 38 3f be 8f dc 8f d3 4b 10 77 a7
- Jan 27 09:12:08: | **parse ISAKMP Message:
- Jan 27 09:12:08: | initiator cookie:
- Jan 27 09:12:08: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | responder cookie:
- Jan 27 09:12:08: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_ID (0x5)
- Jan 27 09:12:08: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:12:08: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
- Jan 27 09:12:08: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
- Jan 27 09:12:08: | message ID: 00 00 00 00
- Jan 27 09:12:08: | length: 108 (0x6c)
- Jan 27 09:12:08: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
- Jan 27 09:12:08: | finding hash chain in state hash table
- Jan 27 09:12:08: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | RCOOKIE: db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | found hash chain 14
- Jan 27 09:12:08: | v1 peer and cookies match on #536, provided msgid 00000000 == 00000000
- Jan 27 09:12:08: | v1 state object #536 found, in STATE_MAIN_R2
- Jan 27 09:12:08: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:08: | #536 state_busy:2221 st != NULL && st->st_calculating == FALSE;
- Jan 27 09:12:08: | received encrypted packet from aaa.bbb.ccc.ddd:4500
- Jan 27 09:12:08: | decrypting 80 bytes using algorithm OAKLEY_AES_CBC
- Jan 27 09:12:08: | NSS ike_alg_nss_cbc: aes - enter
- Jan 27 09:12:08: | NSS ike_alg_nss_cbc: aes - exit
- Jan 27 09:12:08: | decrypted:
- Jan 27 09:12:08: | 08 00 00 0c 01 11 01 f4 c0 a8 01 0a 0b 00 00 24
- Jan 27 09:12:08: | 56 03 f6 40 e6 de ac 08 73 db f9 46 a6 9c f4 68
- Jan 27 09:12:08: | 2e 41 79 54 83 e5 42 d3 d2 ee 0f ee 2d a1 d7 4c
- Jan 27 09:12:08: | 00 00 00 1c 00 00 00 01 01 10 60 02 a2 7e 66 da
- Jan 27 09:12:08: | e6 0b 70 e8 db da 2a c5 c8 03 d1 6d 00 00 00 04
- Jan 27 09:12:08: | next IV: 76 cb 98 af 42 38 3f be 8f dc 8f d3 4b 10 77 a7
- Jan 27 09:12:08: | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x120opt: 0x2080
- Jan 27 09:12:08: | ***parse ISAKMP Identification Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_HASH (0x8)
- Jan 27 09:12:08: | length: 12 (0xc)
- Jan 27 09:12:08: | ID type: ID_IPV4_ADDR (0x1)
- Jan 27 09:12:08: | DOI specific A: 17 (0x11)
- Jan 27 09:12:08: | DOI specific B: 500 (0x1f4)
- Jan 27 09:12:08: | obj: c0 a8 01 0a
- Jan 27 09:12:08: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100opt: 0x2080
- Jan 27 09:12:08: | ***parse ISAKMP Hash Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_N (0xb)
- Jan 27 09:12:08: | length: 36 (0x24)
- Jan 27 09:12:08: | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0opt: 0x2080
- Jan 27 09:12:08: | ***parse ISAKMP Notification Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:08: | length: 28 (0x1c)
- Jan 27 09:12:08: | DOI: ISAKMP_DOI_IPSEC (0x1)
- Jan 27 09:12:08: | protocol ID: 1 (0x1)
- Jan 27 09:12:08: | SPI size: 16 (0x10)
- Jan 27 09:12:08: | Notify Message Type: IPSEC_INITIAL_CONTACT (0x6002)
- Jan 27 09:12:08: | removing 4 bytes of padding
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: ignoring informational payload IPSEC_INITIAL_CONTACT, msgid=00000000, length=28
- Jan 27 09:12:08: | ISAKMP Notification Payload
- Jan 27 09:12:08: | 00 00 00 1c 00 00 00 01 01 10 60 02
- Jan 27 09:12:08: | info: a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: Main mode peer ID is ID_IPV4_ADDR: '192.168.1.10'
- Jan 27 09:12:08: | refine_host_connection: starting with xauth-psk
- Jan 27 09:12:08: | match_id a=192.168.1.10
- Jan 27 09:12:08: | b=192.168.1.10
- Jan 27 09:12:08: | results matched
- Jan 27 09:12:08: | trusted_ca_nss called with a=(empty) b=(empty)
- Jan 27 09:12:08: | refine_host_connection: checking xauth-psk[232] aaa.bbb.ccc.ddd against xauth-psk[232] aaa.bbb.ccc.ddd, best=(none) with match=1(id=1/ca=1/reqca=1)
- Jan 27 09:12:08: | refine_host_connection: checked xauth-psk[232] aaa.bbb.ccc.ddd against xauth-psk[232] aaa.bbb.ccc.ddd, now for see if best
- Jan 27 09:12:08: | started looking for secret for ccc.ddd.eee.fff->192.168.1.10 of kind PPK_PSK
- Jan 27 09:12:08: | actually looking for secret for ccc.ddd.eee.fff->192.168.1.10 of kind PPK_PSK
- Jan 27 09:12:08: | line 1: key type PPK_PSK(ccc.ddd.eee.fff) to type PPK_PSK
- Jan 27 09:12:08: | 1: compared key (none) to ccc.ddd.eee.fff / 192.168.1.10 -> 2
- Jan 27 09:12:08: | 2: compared key (none) to ccc.ddd.eee.fff / 192.168.1.10 -> 2
- Jan 27 09:12:08: | line 1: match=2
- Jan 27 09:12:08: | best_match 0>2 best=0x7f410f43f470 (line=1)
- Jan 27 09:12:08: | concluding with best_match=2 best=0x7f410f43f470 (lineno=1)
- Jan 27 09:12:08: | offered CA: '%none'
- Jan 27 09:12:08: | hmac prf: init 0x7f410f521810
- Jan 27 09:12:08: | hmac prf: init symkey symkey 0x7f410f6d7370 (length 32)
- Jan 27 09:12:08: | hmac prf: update
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6d7370) bytes(0x7f410f12e1c0/32) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6d7370) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6bdfb0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | xor_symkey_chunk merge symkey(0x7f410f6bdfb0) bytes(0x7ffda297f1d0/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:12:08: | symkey: key(0x7f410f6bdfb0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | xor_symkey_chunk key(0x7f410f6924c0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f6e5a20 (length 256)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6924c0) bytes(0x7f410f6e5a20/256) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6924c0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | bytes: 19 4c f9 0e bb ca dd 8b c2 c2 e2 85 c4 a7 25 c1
- Jan 27 09:12:08: | bytes: 86 ec 55 df ca aa a4 0d 71 aa d3 1d 07 80 b8 ae
- Jan 27 09:12:08: | bytes: be b2 71 37 8c 9d 3f f3 af 70 2e fa b8 5c ea 5f
- Jan 27 09:12:08: | bytes: 6b ef 0b 9d 09 af 34 cd 9f c6 f4 e5 a8 11 28 62
- Jan 27 09:12:08: | bytes: 35 3e 62 be c4 54 0c 79 af d7 e2 5d 2c 5a 00 ef
- Jan 27 09:12:08: | bytes: 3f 5a 42 06 18 e1 11 e9 c7 5d 0c 23 5c 31 c4 90
- Jan 27 09:12:08: | bytes: 88 6b c6 05 60 1a f6 c7 8d 9b 09 e7 f7 44 8a ac
- Jan 27 09:12:08: | bytes: 90 c9 4f f9 cb 55 70 38 f3 29 59 bb 4d 3a bd dc
- Jan 27 09:12:08: | bytes: ce c8 70 bf 7c bf 45 7f 47 c7 81 f9 01 52 2f d6
- Jan 27 09:12:08: | bytes: c3 a9 8c 54 87 7a d4 ad f6 ad c8 28 7b 83 a7 06
- Jan 27 09:12:08: | bytes: 62 52 7f d4 cd 98 20 98 0a eb 39 27 7a 91 ce a6
- Jan 27 09:12:08: | bytes: 58 c0 f5 79 53 d3 51 22 f0 ab 06 98 1d 23 55 0f
- Jan 27 09:12:08: | bytes: 0a 13 50 a4 f1 6d f4 67 94 9d 19 4a 93 8a de 60
- Jan 27 09:12:08: | bytes: 7d 65 b9 e9 34 8c 25 e5 1f 62 b2 11 fa 84 19 12
- Jan 27 09:12:08: | bytes: 1b 4a fe b7 3f 1d 7e 64 8d 02 03 cb a7 08 13 2f
- Jan 27 09:12:08: | bytes: e4 57 82 73 07 00 14 40 b2 a3 5e c0 97 7b d1 96
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6b9e30) length(320) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6924c0
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f6e4b20 (length 256)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6b9e30) bytes(0x7f410f6e4b20/256) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6b9e30) length(320) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 9d 5a 5f 65 eb b0 65 4e eb 94 c6 df 0d 98 a9 d7
- Jan 27 09:12:08: | bytes: 22 c3 72 25 ea 8e 07 33 85 5d 28 a8 f7 1d 54 95
- Jan 27 09:12:08: | bytes: 06 ba f9 1e d7 b1 76 f2 f7 67 3e 0f 61 fa 59 e2
- Jan 27 09:12:08: | bytes: d6 fa ed 19 24 d9 43 3b ad 60 82 30 16 0f d3 2c
- Jan 27 09:12:08: | bytes: 4e b8 00 1d 43 dc b5 18 4d 12 80 5e 45 04 1f e1
- Jan 27 09:12:08: | bytes: 39 fb 39 9c f2 c3 f3 6d 36 e3 6d 1b dc f4 8c 5e
- Jan 27 09:12:08: | bytes: da fd 60 4a 11 47 92 ee 96 c9 59 df 71 de 87 2b
- Jan 27 09:12:08: | bytes: ed 74 da c0 f3 33 d9 95 19 ed 1d 65 89 aa e7 0f
- Jan 27 09:12:08: | bytes: 9c 69 09 49 e5 06 2b f9 48 c0 50 d4 8d 1d 0c 5b
- Jan 27 09:12:08: | bytes: 72 b6 7b 57 f1 3d 92 28 07 9a 52 dd b2 e5 23 25
- Jan 27 09:12:08: | bytes: 3c 6c 20 68 2c 96 a5 bb ee 0c b9 15 80 0e ae 54
- Jan 27 09:12:08: | bytes: f3 9d 30 3a 02 cb b6 9f 2f c8 9f 5f 75 4e 80 48
- Jan 27 09:12:08: | bytes: 2c 23 a5 21 ca 02 dd 48 5a 38 81 6f 28 79 43 a6
- Jan 27 09:12:08: | bytes: 9e 85 ef 12 83 4a 9e 33 b8 3b 8f c2 72 e4 55 08
- Jan 27 09:12:08: | bytes: 3e b2 04 83 cd c6 10 20 f2 34 22 98 af 1b 54 a9
- Jan 27 09:12:08: | bytes: 72 19 3f 41 6b a3 b6 95 1e c8 b6 59 02 6e b7 34
- .
- .
- .
- Jan 27 09:12:08: | hmac prf: init 0x7f410f4dce40
- Jan 27 09:12:08: | hmac prf: init symkey symkey 0x7f410f6e4c80 (length 32)
- Jan 27 09:12:08: | hmac prf: update
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6e4c80) bytes(0x7f410f12e1c0/32) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e4c80) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6bdfb0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | xor_symkey_chunk merge symkey(0x7f410f6bdfb0) bytes(0x7ffda297f8b0/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:12:08: | symkey: key(0x7f410f6bdfb0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | xor_symkey_chunk key(0x7f410f6924c0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f6e7e88 (length 4)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6924c0) bytes(0x7f410f6e7e88/4) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6924c0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | bytes: 7a 0d 16 1c
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6b9e30) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6924c0
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f50d0c0 (length 32)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6b9e30) bytes(0x7f410f50d0c0/32) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6b9e30) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 00 00 00 20 02 00 00 00 40 89 00 09 61 74 6f 64
- Jan 27 09:12:08: | bytes: 74 66 65 6c 64 40 8a 00 07 74 7a 69 74 7a 69 6d
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6924c0) length(100) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6b9e30
- Jan 27 09:12:08: | hmac prf: final
- Jan 27 09:12:08: | prf inner hash: hash(OAKLEY_SHA2_256) symkey(0x7f410f6924c0) to symkey - derive(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6924c0) length(100) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | prf inner hash: key(0x7f410f6b9e30) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | prf inner:: free key 0x7f410f6924c0
- Jan 27 09:12:08: | xor_symkey_chunk merge symkey(0x7f410f6bdfb0) bytes(0x7ffda297f890/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:12:08: | symkey: key(0x7f410f6bdfb0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | xor_symkey_chunk key(0x7f410f6924c0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | concat: merge symkey(1: 0x7f410f6924c0) symkey(2: 0x7f410f6b9e30) - derive(CONCATENATE_BASE_AND_KEY) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey 1: key(0x7f410f6924c0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | symkey 2: key(0x7f410f6b9e30) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | concat: key(0x7f410f6e5b30) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_symkey: free key 0x7f410f6924c0
- Jan 27 09:12:08: | prf hashed inner:: free key 0x7f410f6b9e30
- Jan 27 09:12:08: | prf key: free key 0x7f410f6bdfb0
- Jan 27 09:12:08: | prf outer hash hash(OAKLEY_SHA2_256) symkey(0x7f410f6e5b30) to bytes
- Jan 27 09:12:08: | symkey: key(0x7f410f6e5b30) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | prf outer hash a0 3f 84 54 28 3f ff cf 04 dd 44 0d ec 0e de 1e
- Jan 27 09:12:08: | prf outer hash 53 47 01 9c ee eb e2 cd 39 88 59 c8 79 5e 12 5e
- Jan 27 09:12:08: | prf outer: free key 0x7f410f6e5b30
- Jan 27 09:12:08: | prf final bytes a0 3f 84 54 28 3f ff cf 04 dd 44 0d ec 0e de 1e
- Jan 27 09:12:08: | prf final bytes 53 47 01 9c ee eb e2 cd 39 88 59 c8 79 5e 12 5e
- Jan 27 09:12:08: | XAUTH: HASH computed:
- Jan 27 09:12:08: | a0 3f 84 54 28 3f ff cf 04 dd 44 0d ec 0e de 1e
- Jan 27 09:12:08: | 53 47 01 9c ee eb e2 cd 39 88 59 c8 79 5e 12 5e
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: XAUTH-USER-NAME (0x4089)
- Jan 27 09:12:08: | length/value: 9 (0x9)
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: XAUTH-USER-PASSWORD (0x408a)
- Jan 27 09:12:08: | length/value: 7 (0x7)
- Jan 27 09:12:08: | complete v1 state transition with STF_IGNORE
- Jan 27 09:12:08: XAUTH: User user1: Attempting to login
- Jan 27 09:12:08: XAUTH: passwd file authentication being called to authenticate user user1
- Jan 27 09:12:08: XAUTH: password file (/etc/ipsec.d/passwd) open.
- Jan 27 09:12:08: | XAUTH: found user(user1/user1) pass($1$TLfrUoXu$nEqigz7i37T9pMdbNjK01.) connid(xauth-psk/xauth-psk) addresspool()
- Jan 27 09:12:08: | XAUTH: checking user(user1:xauth-psk) pass $1$TLfrUoXu$nEqigz7i37T9pMdbNjK01. vs $1$TLfrUoXu$nEqigz7i37T9pMdbNjK01.
- Jan 27 09:12:08: XAUTH: User user1: Authentication Successful
- Jan 27 09:12:08: | **emit ISAKMP Message:
- Jan 27 09:12:08: | initiator cookie:
- Jan 27 09:12:08: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | responder cookie:
- Jan 27 09:12:08: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_HASH (0x8)
- Jan 27 09:12:08: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:12:08: | exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
- Jan 27 09:12:08: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
- Jan 27 09:12:08: | message ID: 57 11 cd 06
- Jan 27 09:12:08: | ***emit ISAKMP Hash Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_MODECFG (0xe)
- Jan 27 09:12:08: | emitting 32 zero bytes of HASH into ISAKMP Hash Payload
- Jan 27 09:12:08: | emitting length of ISAKMP Hash Payload: 36
- Jan 27 09:12:08: | ***emit ISAKMP Mode Attribute:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:08: | Attr Msg Type: ISAKMP_CFG_SET (0x3)
- Jan 27 09:12:08: | Identifier: 0 (0x0)
- Jan 27 09:12:08: | ****emit ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: 49295?? (0xc08f)
- Jan 27 09:12:08: | length/value: 1 (0x1)
- Jan 27 09:12:08: | no IKEv1 message padding required
- Jan 27 09:12:08: | emitting length of ISAKMP Mode Attribute: 12
- Jan 27 09:12:08: | hmac prf: init 0x7f40f80009e0
- Jan 27 09:12:08: | hmac prf: init symkey symkey 0x7f410f6e4c80 (length 32)
- Jan 27 09:12:08: | hmac prf: update
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6e4c80) bytes(0x7f410f12e1c0/32) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e4c80) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6e5b30) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | xor_symkey_chunk merge symkey(0x7f410f6e5b30) bytes(0x7f4106bf5980/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e5b30) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | xor_symkey_chunk key(0x7f410f6bdfb0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f6e7e88 (length 4)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6bdfb0) bytes(0x7f410f6e7e88/4) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6bdfb0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | bytes: 57 11 cd 06
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6b9e30) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6bdfb0
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f4106bf5be0 (length 12)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6b9e30) bytes(0x7f4106bf5be0/12) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6b9e30) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 00 00 00 0c 03 00 00 00 c0 8f 00 01
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6bdfb0) length(80) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6b9e30
- Jan 27 09:12:08: | hmac prf: final
- Jan 27 09:12:08: | prf inner hash: hash(OAKLEY_SHA2_256) symkey(0x7f410f6bdfb0) to symkey - derive(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6bdfb0) length(80) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | prf inner hash: key(0x7f410f6b9e30) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | prf inner:: free key 0x7f410f6bdfb0
- Jan 27 09:12:08: | xor_symkey_chunk merge symkey(0x7f410f6e5b30) bytes(0x7f4106bf5960/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e5b30) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | xor_symkey_chunk key(0x7f410f6bdfb0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | concat: merge symkey(1: 0x7f410f6bdfb0) symkey(2: 0x7f410f6b9e30) - derive(CONCATENATE_BASE_AND_KEY) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey 1: key(0x7f410f6bdfb0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | symkey 2: key(0x7f410f6b9e30) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | concat: key(0x7f410f6924c0) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_symkey: free key 0x7f410f6bdfb0
- Jan 27 09:12:08: | prf hashed inner:: free key 0x7f410f6b9e30
- Jan 27 09:12:08: | prf key: free key 0x7f410f6e5b30
- Jan 27 09:12:08: | prf outer hash hash(OAKLEY_SHA2_256) symkey(0x7f410f6924c0) to bytes
- Jan 27 09:12:08: | symkey: key(0x7f410f6924c0) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | prf outer hash 23 d4 d4 65 77 5f 94 4f 1e 5e 33 2d 2e 89 a9 f4
- Jan 27 09:12:08: | prf outer hash 8b 8b 16 a5 95 f5 20 4a 3a 99 36 7e 98 f7 72 79
- Jan 27 09:12:08: | prf outer: free key 0x7f410f6924c0
- Jan 27 09:12:08: | prf final bytes 23 d4 d4 65 77 5f 94 4f 1e 5e 33 2d 2e 89 a9 f4
- Jan 27 09:12:08: | prf final bytes 8b 8b 16 a5 95 f5 20 4a 3a 99 36 7e 98 f7 72 79
- Jan 27 09:12:08: | XAUTH: HASH computed:
- Jan 27 09:12:08: | 23 d4 d4 65 77 5f 94 4f 1e 5e 33 2d 2e 89 a9 f4
- Jan 27 09:12:08: | 8b 8b 16 a5 95 f5 20 4a 3a 99 36 7e 98 f7 72 79
- Jan 27 09:12:08: | no IKEv1 message padding required
- Jan 27 09:12:08: | emitting length of ISAKMP Message: 76
- Jan 27 09:12:08: | last Phase 1 IV: 22 29 4e e5 e5 04 a4 d2 db 3f e3 e2 17 ef 14 c0
- Jan 27 09:12:08: | current Phase 1 IV: e0 02 12 c8 bb d9 52 9f 42 3d a1 ce be b2 60 de
- Jan 27 09:12:08: | computed Phase 2 IV:
- Jan 27 09:12:08: | 86 7f f1 ab df 81 4b 3a 1d 2d 14 7b 26 e0 f0 4f
- Jan 27 09:12:08: | 82 ac e2 f4 d9 8a dd 69 eb 1f 97 45 d3 93 2a 24
- Jan 27 09:12:08: | encrypting: 0e 00 00 24 23 d4 d4 65 77 5f 94 4f 1e 5e 33 2d
- Jan 27 09:12:08: | encrypting: 2e 89 a9 f4 8b 8b 16 a5 95 f5 20 4a 3a 99 36 7e
- Jan 27 09:12:08: | encrypting: 98 f7 72 79 00 00 00 0c 03 00 00 00 c0 8f 00 01
- Jan 27 09:12:08: | IV: 86 7f f1 ab df 81 4b 3a 1d 2d 14 7b 26 e0 f0 4f
- Jan 27 09:12:08: | IV: 82 ac e2 f4 d9 8a dd 69 eb 1f 97 45 d3 93 2a 24
- Jan 27 09:12:08: | unpadded size is: 48
- Jan 27 09:12:08: | encrypting 48 using OAKLEY_AES_CBC
- Jan 27 09:12:08: | NSS ike_alg_nss_cbc: aes - enter
- Jan 27 09:12:08: | NSS ike_alg_nss_cbc: aes - exit
- Jan 27 09:12:08: | next IV: ce 03 84 f2 b1 a1 97 1c 98 8e 71 3c 57 01 94 3a
- Jan 27 09:12:08: | no IKEv1 message padding required
- Jan 27 09:12:08: | emitting length of ISAKMP Message: 76
- Jan 27 09:12:08: | state: #536 requesting EVENT_v1_RETRANSMIT to be deleted
- Jan 27 09:12:08: | event_schedule_ms called for about 500 ms
- Jan 27 09:12:08: | event_schedule_tv called for about 0 seconds and change
- Jan 27 09:12:08: | inserting event EVENT_v1_RETRANSMIT, timeout in 0.500000 seconds for #536
- Jan 27 09:12:08: | sending 80 bytes for XAUTH: status through eth0:4500 to aaa.bbb.ccc.ddd:4500 (using #536)
- Jan 27 09:12:08: | 00 00 00 00 a2 7e 66 da e6 0b 70 e8 db da 2a c5
- Jan 27 09:12:08: | c8 03 d1 6d 08 10 06 01 57 11 cd 06 00 00 00 4c
- Jan 27 09:12:08: | 59 32 fe 4b 2b 36 c9 01 33 d1 29 85 7e 61 83 1d
- Jan 27 09:12:08: | b7 c8 42 4f d1 c7 d8 45 6f 13 f0 9a 0d 81 45 09
- Jan 27 09:12:08: | ce 03 84 f2 b1 a1 97 1c 98 8e 71 3c 57 01 94 3a
- Jan 27 09:12:08: | parent state #536: STATE_XAUTH_R0(established-authenticated-ike) > STATE_XAUTH_R1(established-authenticated-ike)
- Jan 27 09:12:08: | ignore states: 0
- Jan 27 09:12:08: | half-open-ike states: 0
- Jan 27 09:12:08: | open-ike states: 0
- Jan 27 09:12:08: | established-anonymous-ike states: 0
- Jan 27 09:12:08: | established-authenticated-ike states: 2
- Jan 27 09:12:08: | anonymous-ipsec states: 0
- Jan 27 09:12:08: | authenticated-ipsec states: 2
- Jan 27 09:12:08: | informational states: 0
- Jan 27 09:12:08: | unknown states: 0
- Jan 27 09:12:08: | category states: 4 count states: 4
- Jan 27 09:12:08: | *received 92 bytes from aaa.bbb.ccc.ddd:4500 on eth0 (port=4500)
- Jan 27 09:12:08: | a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | 08 10 06 01 57 11 cd 06 00 00 00 5c 5c 4c 68 b0
- Jan 27 09:12:08: | 07 55 90 79 9e 06 09 97 55 ff cc eb c6 48 dc 9f
- Jan 27 09:12:08: | 71 a3 51 08 0a 2c ed 9a 85 0f 0f e1 aa c2 4a d2
- Jan 27 09:12:08: | e9 49 bd 3e 29 a5 81 cf ce 28 14 90 43 37 07 fc
- Jan 27 09:12:08: | f8 f1 58 70 7d 1c 9c 73 34 dd f4 5a
- Jan 27 09:12:08: | **parse ISAKMP Message:
- Jan 27 09:12:08: | initiator cookie:
- Jan 27 09:12:08: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | responder cookie:
- Jan 27 09:12:08: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_HASH (0x8)
- Jan 27 09:12:08: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:12:08: | exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
- Jan 27 09:12:08: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
- Jan 27 09:12:08: | message ID: 57 11 cd 06
- Jan 27 09:12:08: | length: 92 (0x5c)
- Jan 27 09:12:08: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_MODE_CFG (6)
- Jan 27 09:12:08: | finding hash chain in state hash table
- Jan 27 09:12:08: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | RCOOKIE: db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | found hash chain 14
- Jan 27 09:12:08: | peer and cookies match on #536; msgid=5711cd06 st_msgid=00000000 st_msgid_phase15=5711cd06
- Jan 27 09:12:08: | p15 state object #536 found, in STATE_XAUTH_R1
- Jan 27 09:12:08: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:08: | #536 state_busy:2221 st != NULL && st->st_calculating == FALSE;
- Jan 27 09:12:08: | received encrypted packet from aaa.bbb.ccc.ddd:4500
- Jan 27 09:12:08: | decrypting 64 bytes using algorithm OAKLEY_AES_CBC
- Jan 27 09:12:08: | NSS ike_alg_nss_cbc: aes - enter
- Jan 27 09:12:08: | NSS ike_alg_nss_cbc: aes - exit
- Jan 27 09:12:08: | decrypted:
- Jan 27 09:12:08: | 0e 00 00 24 7d ec 36 d8 0a e3 3f 3f 39 e5 ce 5c
- Jan 27 09:12:08: | d7 e3 4d af cc e4 5d 66 e5 0f a8 94 7f 0b 88 76
- Jan 27 09:12:08: | f9 7a 34 29 00 00 00 0c 04 00 00 00 c0 8f 00 00
- Jan 27 09:12:08: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10
- Jan 27 09:12:08: | next IV: 43 37 07 fc f8 f1 58 70 7d 1c 9c 73 34 dd f4 5a
- Jan 27 09:12:08: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x4100opt: 0x2000
- Jan 27 09:12:08: | ***parse ISAKMP Hash Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_MODECFG (0xe)
- Jan 27 09:12:08: | length: 36 (0x24)
- Jan 27 09:12:08: | got payload 0x4000 (ISAKMP_NEXT_MODECFG) needed: 0x4000opt: 0x2000
- Jan 27 09:12:08: | ***parse ISAKMP Mode Attribute:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:08: | length: 12 (0xc)
- Jan 27 09:12:08: | Attr Msg Type: ISAKMP_CFG_ACK (0x4)
- Jan 27 09:12:08: | Identifier: 0 (0x0)
- Jan 27 09:12:08: | removing 16 bytes of padding
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: XAUTH: xauth_inR1(STF_OK)
- Jan 27 09:12:08: | modecfg server, pull mode. Starting new exchange.
- Jan 27 09:12:08: | complete v1 state transition with STF_OK
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: transition from state STATE_XAUTH_R1 to state STATE_MAIN_R3
- Jan 27 09:12:08: | parent state #536: STATE_XAUTH_R1(established-authenticated-ike) > STATE_MAIN_R3(established-authenticated-ike)
- Jan 27 09:12:08: | ignore states: 0
- Jan 27 09:12:08: | half-open-ike states: 0
- Jan 27 09:12:08: | open-ike states: 0
- Jan 27 09:12:08: | established-anonymous-ike states: 0
- Jan 27 09:12:08: | established-authenticated-ike states: 2
- Jan 27 09:12:08: | anonymous-ipsec states: 0
- Jan 27 09:12:08: | authenticated-ipsec states: 2
- Jan 27 09:12:08: | informational states: 0
- Jan 27 09:12:08: | unknown states: 0
- Jan 27 09:12:08: | category states: 4 count states: 4
- Jan 27 09:12:08: | state: #536 requesting EVENT_v1_RETRANSMIT to be deleted
- Jan 27 09:12:08: | event_schedule_ms called for about 3600000 ms
- Jan 27 09:12:08: | event_schedule_tv called for about 3600 seconds and change
- Jan 27 09:12:08: | inserting event EVENT_SA_EXPIRE, timeout in 3600.000000 seconds for #536
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: STATE_MAIN_R3: sent MR3, ISAKMP SA established
- Jan 27 09:12:08: | modecfg pull: quirk-poll policy:pull not-client
- Jan 27 09:12:08: | phase 1 is done, looking for phase 2 to unpend
- Jan 27 09:12:08: | *received 188 bytes from aaa.bbb.ccc.ddd:4500 on eth0 (port=4500)
- Jan 27 09:12:08: | a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | 08 10 06 01 9b 65 29 85 00 00 00 bc 4d 84 f0 80
- Jan 27 09:12:08: | 71 be c9 c0 48 16 d9 1b 8c 3f 46 9d 60 0d ee e8
- Jan 27 09:12:08: | ce bd 00 a0 57 d8 48 ae f5 98 d0 7e 95 30 16 7c
- Jan 27 09:12:08: | da 57 d8 8e e6 62 27 af 3f 9c f7 df 90 3d 1c 40
- Jan 27 09:12:08: | 48 fd 3b e7 93 cb f3 b8 d0 0e 12 52 3d a7 45 c5
- Jan 27 09:12:08: | 5a de a1 38 b3 26 5e eb 5a f0 27 61 a6 7f 76 4a
- Jan 27 09:12:08: | 82 54 15 14 2d 37 41 a0 32 ce 5d 06 cf b7 df 87
- Jan 27 09:12:08: | 35 b9 34 58 45 66 87 31 14 89 53 61 40 10 51 c3
- Jan 27 09:12:08: | 64 17 ff da ea 1c 3e 71 05 22 06 2c 2d c1 62 e7
- Jan 27 09:12:08: | 8f 0a 76 41 6a 30 63 16 16 05 87 6d f3 f4 5b d2
- Jan 27 09:12:08: | 99 1c 19 67 d9 54 7f 18 3c 76 af fe
- Jan 27 09:12:08: | **parse ISAKMP Message:
- Jan 27 09:12:08: | initiator cookie:
- Jan 27 09:12:08: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | responder cookie:
- Jan 27 09:12:08: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_HASH (0x8)
- Jan 27 09:12:08: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:12:08: | exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
- Jan 27 09:12:08: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
- Jan 27 09:12:08: | message ID: 9b 65 29 85
- Jan 27 09:12:08: | length: 188 (0xbc)
- Jan 27 09:12:08: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_MODE_CFG (6)
- Jan 27 09:12:08: | finding hash chain in state hash table
- Jan 27 09:12:08: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | RCOOKIE: db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | found hash chain 14
- Jan 27 09:12:08: | peer and cookies match on #536; msgid=9b652985 st_msgid=00000000 st_msgid_phase15=00000000
- Jan 27 09:12:08: | p15 state object not found
- Jan 27 09:12:08: | No appropriate Mode Config state yet.See if we have a Main Mode state
- Jan 27 09:12:08: | finding hash chain in state hash table
- Jan 27 09:12:08: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | RCOOKIE: db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | found hash chain 14
- Jan 27 09:12:08: | peer and cookies match on #536; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
- Jan 27 09:12:08: | p15 state object #536 found, in STATE_MAIN_R3
- Jan 27 09:12:08: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:08: | processing received isakmp_xchg_type ISAKMP_XCHG_MODE_CFG.
- Jan 27 09:12:08: | this is a xauthserver modecfgserver
- Jan 27 09:12:08: | call init_phase2_iv
- Jan 27 09:12:08: | last Phase 1 IV: 22 29 4e e5 e5 04 a4 d2 db 3f e3 e2 17 ef 14 c0
- Jan 27 09:12:08: | current Phase 1 IV: ce 03 84 f2 b1 a1 97 1c 98 8e 71 3c 57 01 94 3a
- Jan 27 09:12:08: | computed Phase 2 IV:
- Jan 27 09:12:08: | 97 88 32 6a a8 17 7b 8c 08 a6 6e d3 5a ad 03 00
- Jan 27 09:12:08: | 74 69 03 55 f5 c2 5b 33 c9 ef ef 42 76 88 21 79
- Jan 27 09:12:08: | set from_state to STATE_MAIN_R3 this is modecfgserver and IS_PHASE1() is TRUE
- Jan 27 09:12:08: | #536 state_busy:2221 st != NULL && st->st_calculating == FALSE;
- Jan 27 09:12:08: | received encrypted packet from aaa.bbb.ccc.ddd:4500
- Jan 27 09:12:08: | decrypting 160 bytes using algorithm OAKLEY_AES_CBC
- Jan 27 09:12:08: | NSS ike_alg_nss_cbc: aes - enter
- Jan 27 09:12:08: | NSS ike_alg_nss_cbc: aes - exit
- Jan 27 09:12:08: | decrypted:
- Jan 27 09:12:08: | 0e 00 00 24 d7 7d cb ed 95 7e 08 78 1d df f6 9a
- Jan 27 09:12:08: | c0 ee 03 47 c9 72 b0 41 fb 3a 55 2a 7e 02 9d 7f
- Jan 27 09:12:08: | 2e 80 f3 7e 00 00 00 71 01 00 7d eb 00 01 00 00
- Jan 27 09:12:08: | 00 02 00 00 00 03 00 00 00 04 00 00 00 05 00 00
- Jan 27 09:12:08: | 00 07 00 29 43 69 73 63 6f 20 53 79 73 74 65 6d
- Jan 27 09:12:08: | 73 20 56 50 4e 20 43 6c 69 65 6e 74 20 31 30 2e
- Jan 27 09:12:08: | 31 2e 31 3a 69 50 68 6f 6e 65 20 4f 53 70 00 00
- Jan 27 09:12:08: | 00 70 02 00 00 70 03 00 00 70 04 00 00 70 06 00
- Jan 27 09:12:08: | 00 70 07 00 00 70 01 00 00 70 08 00 00 70 09 00
- Jan 27 09:12:08: | 00 70 0b 00 00 00 00 00 00 00 00 00 00 00 00 0b
- Jan 27 09:12:08: | next IV: f3 f4 5b d2 99 1c 19 67 d9 54 7f 18 3c 76 af fe
- Jan 27 09:12:08: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x4100opt: 0x2000
- Jan 27 09:12:08: | ***parse ISAKMP Hash Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_MODECFG (0xe)
- Jan 27 09:12:08: | length: 36 (0x24)
- Jan 27 09:12:08: | got payload 0x4000 (ISAKMP_NEXT_MODECFG) needed: 0x4000opt: 0x2000
- Jan 27 09:12:08: | ***parse ISAKMP Mode Attribute:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:08: | length: 113 (0x71)
- Jan 27 09:12:08: | Attr Msg Type: ISAKMP_CFG_REQUEST (0x1)
- Jan 27 09:12:08: | Identifier: 32235 (0x7deb)
- Jan 27 09:12:08: | removing 11 bytes of padding
- Jan 27 09:12:08: | **emit ISAKMP Message:
- Jan 27 09:12:08: | initiator cookie:
- Jan 27 09:12:08: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | responder cookie:
- Jan 27 09:12:08: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_HASH (0x8)
- Jan 27 09:12:08: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:12:08: | exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
- Jan 27 09:12:08: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
- Jan 27 09:12:08: | message ID: 9b 65 29 85
- Jan 27 09:12:08: | arrived in modecfg_inR0
- Jan 27 09:12:08: | hmac prf: init 0x7f410f4b38e0
- Jan 27 09:12:08: | hmac prf: init symkey symkey 0x7f410f6e4c80 (length 32)
- Jan 27 09:12:08: | hmac prf: update
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6e4c80) bytes(0x7f410f12e1c0/32) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e4c80) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6924c0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | xor_symkey_chunk merge symkey(0x7f410f6924c0) bytes(0x7ffda297f910/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:12:08: | symkey: key(0x7f410f6924c0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | xor_symkey_chunk key(0x7f410f6e5b30) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f6e7e88 (length 4)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6e5b30) bytes(0x7f410f6e7e88/4) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e5b30) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | bytes: 9b 65 29 85
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6b9e30) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6e5b30
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f6e5d30 (length 113)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6b9e30) bytes(0x7f410f6e5d30/113) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6b9e30) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 00 00 00 71 01 00 7d eb 00 01 00 00 00 02 00 00
- Jan 27 09:12:08: | bytes: 00 03 00 00 00 04 00 00 00 05 00 00 00 07 00 29
- Jan 27 09:12:08: | bytes: 43 69 73 63 6f 20 53 79 73 74 65 6d 73 20 56 50
- Jan 27 09:12:08: | bytes: 4e 20 43 6c 69 65 6e 74 20 31 30 2e 31 2e 31 3a
- Jan 27 09:12:08: | bytes: 69 50 68 6f 6e 65 20 4f 53 70 00 00 00 70 02 00
- Jan 27 09:12:08: | bytes: 00 70 03 00 00 70 04 00 00 70 06 00 00 70 07 00
- Jan 27 09:12:08: | bytes: 00 70 01 00 00 70 08 00 00 70 09 00 00 70 0b 00
- Jan 27 09:12:08: | bytes: 00
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6e5b30) length(181) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6b9e30
- Jan 27 09:12:08: | hmac prf: final
- Jan 27 09:12:08: | prf inner hash: hash(OAKLEY_SHA2_256) symkey(0x7f410f6e5b30) to symkey - derive(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e5b30) length(181) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | prf inner hash: key(0x7f410f6b9e30) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | prf inner:: free key 0x7f410f6e5b30
- Jan 27 09:12:08: | xor_symkey_chunk merge symkey(0x7f410f6924c0) bytes(0x7ffda297f8f0/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:12:08: | symkey: key(0x7f410f6924c0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | xor_symkey_chunk key(0x7f410f6e5b30) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | concat: merge symkey(1: 0x7f410f6e5b30) symkey(2: 0x7f410f6b9e30) - derive(CONCATENATE_BASE_AND_KEY) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey 1: key(0x7f410f6e5b30) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | symkey 2: key(0x7f410f6b9e30) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | concat: key(0x7f410f6bdfb0) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_symkey: free key 0x7f410f6e5b30
- Jan 27 09:12:08: | prf hashed inner:: free key 0x7f410f6b9e30
- Jan 27 09:12:08: | prf key: free key 0x7f410f6924c0
- Jan 27 09:12:08: | prf outer hash hash(OAKLEY_SHA2_256) symkey(0x7f410f6bdfb0) to bytes
- Jan 27 09:12:08: | symkey: key(0x7f410f6bdfb0) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | prf outer hash d7 7d cb ed 95 7e 08 78 1d df f6 9a c0 ee 03 47
- Jan 27 09:12:08: | prf outer hash c9 72 b0 41 fb 3a 55 2a 7e 02 9d 7f 2e 80 f3 7e
- Jan 27 09:12:08: | prf outer: free key 0x7f410f6bdfb0
- Jan 27 09:12:08: | prf final bytes d7 7d cb ed 95 7e 08 78 1d df f6 9a c0 ee 03 47
- Jan 27 09:12:08: | prf final bytes c9 72 b0 41 fb 3a 55 2a 7e 02 9d 7f 2e 80 f3 7e
- Jan 27 09:12:08: | XAUTH: HASH computed:
- Jan 27 09:12:08: | d7 7d cb ed 95 7e 08 78 1d df f6 9a c0 ee 03 47
- Jan 27 09:12:08: | c9 72 b0 41 fb 3a 55 2a 7e 02 9d 7f 2e 80 f3 7e
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: INTERNAL_IP4_ADDRESS (0x1)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: INTERNAL_IP4_NETMASK (0x2)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: INTERNAL_IP4_DNS (0x3)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: INTERNAL_IP4_NBNS (0x4)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: INTERNAL_ADDRESS_EXPIRY (0x5)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: Unsupported modecfg long attribute INTERNAL_ADDRESS_EXPIRY received.
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: APPLICATION_VERSION (0x7)
- Jan 27 09:12:08: | length/value: 41 (0x29)
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: Unsupported modecfg long attribute APPLICATION_VERSION received.
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: MODECFG_BANNER (0x7000)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: Unsupported modecfg long attribute MODECFG_BANNER received.
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: MODECFG_DOMAIN (0x7002)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: Unsupported modecfg long attribute MODECFG_DOMAIN received.
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: CISCO_SPLIT_DNS (0x7003)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: Unsupported modecfg long attribute CISCO_SPLIT_DNS received.
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: CISCO_SPLIT_INC (0x7004)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: Unsupported modecfg long attribute CISCO_SPLIT_INC received.
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: CISCO_SPLIT_EXCLUDE (0x7006)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: Unsupported modecfg long attribute CISCO_SPLIT_EXCLUDE received.
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: CISCO_DO_PFS (0x7007)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: Unsupported modecfg long attribute CISCO_DO_PFS received.
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: CISCO_SAVE_PW (0x7001)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: Unsupported modecfg long attribute CISCO_SAVE_PW received.
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: CISCO_FW_TYPE (0x7008)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: Unsupported modecfg long attribute CISCO_FW_TYPE received.
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: CISCO_BACKUP_SERVER (0x7009)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: Unsupported modecfg long attribute CISCO_BACKUP_SERVER received.
- Jan 27 09:12:08: | ****parse ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: CISCO_UNKNOWN_SEEN_ON_IPHONE (0x700b)
- Jan 27 09:12:08: | length/value: 0 (0x0)
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: Unsupported modecfg long attribute CISCO_UNKNOWN_SEEN_ON_IPHONE received.
- Jan 27 09:12:08: | ***emit ISAKMP Hash Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_MODECFG (0xe)
- Jan 27 09:12:08: | emitting 32 zero bytes of HASH into ISAKMP Hash Payload
- Jan 27 09:12:08: | emitting length of ISAKMP Hash Payload: 36
- Jan 27 09:12:08: | ***emit ISAKMP Mode Attribute:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:08: | Attr Msg Type: ISAKMP_CFG_REPLY (0x2)
- Jan 27 09:12:08: | Identifier: 32235 (0x7deb)
- Jan 27 09:12:08: | request lease from addresspool eee.fff.ggg.hhh-eee.fff.ggg.xxx reference count 502 thatid '192.168.1.10' that.client.addr eee.fff.ggg.rrr
- Jan 27 09:12:08: | New lease from addresspool index 12
- Jan 27 09:12:08: | new lease 10.231.247.22 from addresspool eee.fff.ggg.hhh-eee.fff.ggg.xxx to that.client.addr eee.fff.ggg.rrr thatid '192.168.1.10'
- Jan 27 09:12:08: | ****emit ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: INTERNAL_IP4_ADDRESS (0x1)
- Jan 27 09:12:08: | emitting 4 raw bytes of IP4_addr into ISAKMP ModeCfg attribute
- Jan 27 09:12:08: | IP4_addr 0a e7 f7 16
- Jan 27 09:12:08: | emitting length of ISAKMP ModeCfg attribute: 4
- Jan 27 09:12:08: | ****emit ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: INTERNAL_IP4_NETMASK (0x2)
- Jan 27 09:12:08: | emitting 4 raw bytes of IP4_submsk into ISAKMP ModeCfg attribute
- Jan 27 09:12:08: | IP4_submsk 00 00 00 00
- Jan 27 09:12:08: | emitting length of ISAKMP ModeCfg attribute: 4
- Jan 27 09:12:08: | ****emit ISAKMP ModeCfg attribute:
- Jan 27 09:12:08: | ModeCfg attr type: INTERNAL_IP4_DNS (0x3)
- Jan 27 09:12:08: | emitting 4 raw bytes of IP4_dns into ISAKMP ModeCfg attribute
- Jan 27 09:12:08: | IP4_dns ac 1f 23 ef
- Jan 27 09:12:08: | emitting length of ISAKMP ModeCfg attribute: 4
- Jan 27 09:12:08: | no IKEv1 message padding required
- Jan 27 09:12:08: | emitting length of ISAKMP Mode Attribute: 32
- Jan 27 09:12:08: | hmac prf: init 0x7f410f4b38e0
- Jan 27 09:12:08: | hmac prf: init symkey symkey 0x7f410f6e4c80 (length 32)
- Jan 27 09:12:08: | hmac prf: update
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6e4c80) bytes(0x7f410f12e1c0/32) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e4c80) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6bdfb0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | xor_symkey_chunk merge symkey(0x7f410f6bdfb0) bytes(0x7ffda297f760/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:12:08: | symkey: key(0x7f410f6bdfb0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | xor_symkey_chunk key(0x7f410f6924c0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f6e7e88 (length 4)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6924c0) bytes(0x7f410f6e7e88/4) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6924c0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | bytes: 9b 65 29 85
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6b9e30) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6924c0
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f1365a0 (length 32)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6b9e30) bytes(0x7f410f1365a0/32) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6b9e30) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 00 00 00 20 02 00 7d eb 00 01 00 04 0a e7 f7 16
- Jan 27 09:12:08: | bytes: 00 02 00 04 00 00 00 00 00 03 00 04 ac 1f 23 ef
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6924c0) length(100) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6b9e30
- Jan 27 09:12:08: | hmac prf: final
- Jan 27 09:12:08: | prf inner hash: hash(OAKLEY_SHA2_256) symkey(0x7f410f6924c0) to symkey - derive(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6924c0) length(100) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | prf inner hash: key(0x7f410f6b9e30) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | prf inner:: free key 0x7f410f6924c0
- Jan 27 09:12:08: | xor_symkey_chunk merge symkey(0x7f410f6bdfb0) bytes(0x7ffda297f740/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:12:08: | symkey: key(0x7f410f6bdfb0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | xor_symkey_chunk key(0x7f410f6924c0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | concat: merge symkey(1: 0x7f410f6924c0) symkey(2: 0x7f410f6b9e30) - derive(CONCATENATE_BASE_AND_KEY) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey 1: key(0x7f410f6924c0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | symkey 2: key(0x7f410f6b9e30) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | concat: key(0x7f410f6e5b30) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_symkey: free key 0x7f410f6924c0
- Jan 27 09:12:08: | prf hashed inner:: free key 0x7f410f6b9e30
- Jan 27 09:12:08: | prf key: free key 0x7f410f6bdfb0
- Jan 27 09:12:08: | prf outer hash hash(OAKLEY_SHA2_256) symkey(0x7f410f6e5b30) to bytes
- Jan 27 09:12:08: | symkey: key(0x7f410f6e5b30) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | prf outer hash ea 47 06 a8 34 80 5a ce 18 c2 ac 7b f9 50 3e 47
- Jan 27 09:12:08: | prf outer hash 62 0c e9 7d 1e 1b b5 d7 8d 68 3d 58 49 c3 ce 1d
- Jan 27 09:12:08: | prf outer: free key 0x7f410f6e5b30
- Jan 27 09:12:08: | prf final bytes ea 47 06 a8 34 80 5a ce 18 c2 ac 7b f9 50 3e 47
- Jan 27 09:12:08: | prf final bytes 62 0c e9 7d 1e 1b b5 d7 8d 68 3d 58 49 c3 ce 1d
- Jan 27 09:12:08: | XAUTH: HASH computed:
- Jan 27 09:12:08: | ea 47 06 a8 34 80 5a ce 18 c2 ac 7b f9 50 3e 47
- Jan 27 09:12:08: | 62 0c e9 7d 1e 1b b5 d7 8d 68 3d 58 49 c3 ce 1d
- Jan 27 09:12:08: | no IKEv1 message padding required
- Jan 27 09:12:08: | emitting length of ISAKMP Message: 96
- Jan 27 09:12:08: | encrypting: 0e 00 00 24 ea 47 06 a8 34 80 5a ce 18 c2 ac 7b
- Jan 27 09:12:08: | encrypting: f9 50 3e 47 62 0c e9 7d 1e 1b b5 d7 8d 68 3d 58
- Jan 27 09:12:08: | encrypting: 49 c3 ce 1d 00 00 00 20 02 00 7d eb 00 01 00 04
- Jan 27 09:12:08: | encrypting: 0a e7 f7 16 00 02 00 04 00 00 00 00 00 03 00 04
- Jan 27 09:12:08: | encrypting: ac 1f 23 ef
- Jan 27 09:12:08: | IV: f3 f4 5b d2 99 1c 19 67 d9 54 7f 18 3c 76 af fe
- Jan 27 09:12:08: | unpadded size is: 68
- Jan 27 09:12:08: | emitting 12 zero bytes of encryption padding into ISAKMP Message
- Jan 27 09:12:08: | encrypting 80 using OAKLEY_AES_CBC
- Jan 27 09:12:08: | NSS ike_alg_nss_cbc: aes - enter
- Jan 27 09:12:08: | NSS ike_alg_nss_cbc: aes - exit
- Jan 27 09:12:08: | next IV: a5 f9 09 88 45 a4 1a d6 a7 9b 4a 1d dc f2 b9 34
- Jan 27 09:12:08: | no IKEv1 message padding required
- Jan 27 09:12:08: | emitting length of ISAKMP Message: 108
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: modecfg_inR0(STF_OK)
- Jan 27 09:12:08: | complete v1 state transition with STF_OK
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: transition from state STATE_MODE_CFG_R0 to state STATE_MODE_CFG_R1
- Jan 27 09:12:08: | parent state #536: STATE_MAIN_R3(established-authenticated-ike) > STATE_MODE_CFG_R1(established-authenticated-ike)
- Jan 27 09:12:08: | ignore states: 0
- Jan 27 09:12:08: | half-open-ike states: 0
- Jan 27 09:12:08: | open-ike states: 0
- Jan 27 09:12:08: | established-anonymous-ike states: 0
- Jan 27 09:12:08: | established-authenticated-ike states: 2
- Jan 27 09:12:08: | anonymous-ipsec states: 0
- Jan 27 09:12:08: | authenticated-ipsec states: 2
- Jan 27 09:12:08: | informational states: 0
- Jan 27 09:12:08: | unknown states: 0
- Jan 27 09:12:08: | category states: 4 count states: 4
- Jan 27 09:12:08: | state: #536 requesting EVENT_SA_EXPIRE to be deleted
- Jan 27 09:12:08: | sending reply packet to aaa.bbb.ccc.ddd:4500 (from port 4500)
- Jan 27 09:12:08: | sending 112 bytes for STATE_MODE_CFG_R0 through eth0:4500 to aaa.bbb.ccc.ddd:4500 (using #536)
- Jan 27 09:12:08: | 00 00 00 00 a2 7e 66 da e6 0b 70 e8 db da 2a c5
- Jan 27 09:12:08: | c8 03 d1 6d 08 10 06 01 9b 65 29 85 00 00 00 6c
- Jan 27 09:12:08: | 24 d5 c1 34 97 ea ea f7 84 a5 ac c4 43 6f 1c e8
- Jan 27 09:12:08: | cb e4 6d b3 4b 99 94 cd dc 64 b6 a2 4a e8 39 c4
- Jan 27 09:12:08: | 5f 96 36 f9 31 10 9b 4f 77 9a a6 62 1a b6 62 cc
- Jan 27 09:12:08: | e5 a0 72 c6 3d ba c1 81 08 bd 01 61 12 1b aa 4e
- Jan 27 09:12:08: | a5 f9 09 88 45 a4 1a d6 a7 9b 4a 1d dc f2 b9 34
- Jan 27 09:12:08: | event_schedule_ms called for about 3600000 ms
- Jan 27 09:12:08: | event_schedule_tv called for about 3600 seconds and change
- Jan 27 09:12:08: | inserting event EVENT_SA_EXPIRE, timeout in 3600.000000 seconds for #536
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: STATE_MODE_CFG_R1: ModeCfg Set sent, expecting Ack
- Jan 27 09:12:08: | modecfg pull: quirk-poll policy:pull not-client
- Jan 27 09:12:08: | phase 1 is done, looking for phase 2 to unpend
- Jan 27 09:12:08: | *received 300 bytes from aaa.bbb.ccc.ddd:4500 on eth0 (port=4500)
- Jan 27 09:12:08: | a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | 08 10 20 01 b2 6d de 8a 00 00 01 2c de 50 62 66
- Jan 27 09:12:08: | 3c ca 43 55 83 d4 22 7e 29 81 b9 d4 4c 29 e4 bf
- Jan 27 09:12:08: | d3 c5 1d 40 ee c0 3f 71 80 69 be e9 3b f6 51 14
- Jan 27 09:12:08: | ed d9 43 92 79 96 fc ee ea 53 2f f3 87 30 11 db
- Jan 27 09:12:08: | 28 ca b0 45 00 e2 95 dc 51 68 5b aa 2c a3 cf 72
- Jan 27 09:12:08: | 33 e4 14 f0 fe a3 06 5c 41 2f 27 a0 47 49 e5 aa
- Jan 27 09:12:08: | ff 06 1b 77 b8 df 79 2c 48 16 77 34 3b 75 24 56
- Jan 27 09:12:08: | 65 53 65 4a d0 89 19 5b 74 af f3 42 08 61 dd c9
- Jan 27 09:12:08: | 34 2a 91 15 30 e9 97 3b ba 6d 43 c9 63 d8 c4 fe
- Jan 27 09:12:08: | d1 14 2e 86 c4 bb 85 5c 48 ce ce e7 e0 db 91 ee
- Jan 27 09:12:08: | 6d 0a 22 37 8b 28 dc 7f 84 be b4 62 6a 3f b2 dc
- Jan 27 09:12:08: | 24 8b 4a 01 f4 bd ef fb 52 c8 4c 9f 02 83 96 14
- Jan 27 09:12:08: | 21 e8 da 55 8c c1 4f f1 23 49 ae d8 83 fc 31 03
- Jan 27 09:12:08: | 29 2e b8 08 cb 1d 12 f7 93 27 e8 38 d5 f0 2f 39
- Jan 27 09:12:08: | 13 ce 7a 1e 13 a8 f4 65 83 98 50 f1 0b e9 c5 88
- Jan 27 09:12:08: | fb 87 31 d3 ca 9a 71 80 9f b6 31 76 9a 8d 55 c5
- Jan 27 09:12:08: | dc 9c 8c 8c 0f ea dd 62 e9 b8 eb 33 2c 9e 34 5e
- Jan 27 09:12:08: | 74 ba ee c6 2c 4d cb e3 6b b2 4c 0a
- Jan 27 09:12:08: | **parse ISAKMP Message:
- Jan 27 09:12:08: | initiator cookie:
- Jan 27 09:12:08: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | responder cookie:
- Jan 27 09:12:08: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_HASH (0x8)
- Jan 27 09:12:08: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:12:08: | exchange type: ISAKMP_XCHG_QUICK (0x20)
- Jan 27 09:12:08: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
- Jan 27 09:12:08: | message ID: b2 6d de 8a
- Jan 27 09:12:08: | length: 300 (0x12c)
- Jan 27 09:12:08: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_QUICK (32)
- Jan 27 09:12:08: | finding hash chain in state hash table
- Jan 27 09:12:08: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | RCOOKIE: db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | found hash chain 14
- Jan 27 09:12:08: | v1 peer and cookies match on #536, provided msgid b26dde8a == 00000000
- Jan 27 09:12:08: | v1 state object not found
- Jan 27 09:12:08: | finding hash chain in state hash table
- Jan 27 09:12:08: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | RCOOKIE: db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | found hash chain 14
- Jan 27 09:12:08: | v1 peer and cookies match on #536, provided msgid 00000000 == 00000000
- Jan 27 09:12:08: | v1 state object #536 found, in STATE_MODE_CFG_R1
- Jan 27 09:12:08: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:08: | last Phase 1 IV: 22 29 4e e5 e5 04 a4 d2 db 3f e3 e2 17 ef 14 c0
- Jan 27 09:12:08: | current Phase 1 IV: a5 f9 09 88 45 a4 1a d6 a7 9b 4a 1d dc f2 b9 34
- Jan 27 09:12:08: | computed Phase 2 IV:
- Jan 27 09:12:08: | df 25 63 0d d0 62 46 7c 16 ef 4f 85 22 c9 8c 55
- Jan 27 09:12:08: | 2a f3 f4 be 97 fa b2 c7 ae 5a 79 50 23 55 93 bc
- Jan 27 09:12:08: | #536 state_busy:2221 st != NULL && st->st_calculating == FALSE;
- Jan 27 09:12:08: | received encrypted packet from aaa.bbb.ccc.ddd:4500
- Jan 27 09:12:08: | decrypting 272 bytes using algorithm OAKLEY_AES_CBC
- Jan 27 09:12:08: | NSS ike_alg_nss_cbc: aes - enter
- Jan 27 09:12:08: | NSS ike_alg_nss_cbc: aes - exit
- Jan 27 09:12:08: | decrypted:
- Jan 27 09:12:08: | 01 00 00 24 16 c5 6b 1f 9b 12 a3 35 9d 1d 50 90
- Jan 27 09:12:08: | 83 92 ca 6b fd 2c 61 39 c4 b7 32 6f 13 44 e4 ed
- Jan 27 09:12:08: | 46 2f f1 77 0a 00 00 b8 00 00 00 01 00 00 00 01
- Jan 27 09:12:08: | 00 00 00 ac 01 03 04 06 03 fb 8b a5 03 00 00 1c
- Jan 27 09:12:08: | 01 0c 00 00 80 01 00 01 80 02 0e 10 80 04 00 03
- Jan 27 09:12:08: | 80 06 01 00 80 05 00 02 03 00 00 1c 02 0c 00 00
- Jan 27 09:12:08: | 80 01 00 01 80 02 0e 10 80 04 00 03 80 06 01 00
- Jan 27 09:12:08: | 80 05 00 01 03 00 00 1c 03 0c 00 00 80 01 00 01
- Jan 27 09:12:08: | 80 02 0e 10 80 04 00 03 80 06 00 80 80 05 00 02
- Jan 27 09:12:08: | 03 00 00 1c 04 0c 00 00 80 01 00 01 80 02 0e 10
- Jan 27 09:12:08: | 80 04 00 03 80 06 00 80 80 05 00 01 03 00 00 18
- Jan 27 09:12:08: | 05 03 00 00 80 01 00 01 80 02 0e 10 80 04 00 03
- Jan 27 09:12:08: | 80 05 00 02 00 00 00 18 06 03 00 00 80 01 00 01
- Jan 27 09:12:08: | 80 02 0e 10 80 04 00 03 80 05 00 01 05 00 00 14
- Jan 27 09:12:08: | 7b 39 96 76 84 f2 dc cb a4 26 d4 62 f9 fa 18 ed
- Jan 27 09:12:08: | 05 00 00 0c 01 00 00 00 0a e7 f7 16 00 00 00 10
- Jan 27 09:12:08: | 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04
- Jan 27 09:12:08: | next IV: 2c 9e 34 5e 74 ba ee c6 2c 4d cb e3 6b b2 4c 0a
- Jan 27 09:12:08: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x502opt: 0x200030
- Jan 27 09:12:08: | ***parse ISAKMP Hash Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_SA (0x1)
- Jan 27 09:12:08: | length: 36 (0x24)
- Jan 27 09:12:08: | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x402opt: 0x200030
- Jan 27 09:12:08: | ***parse ISAKMP Security Association Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_NONCE (0xa)
- Jan 27 09:12:08: | length: 184 (0xb8)
- Jan 27 09:12:08: | DOI: ISAKMP_DOI_IPSEC (0x1)
- Jan 27 09:12:08: | got payload 0x400 (ISAKMP_NEXT_NONCE) needed: 0x400opt: 0x200030
- Jan 27 09:12:08: | ***parse ISAKMP Nonce Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_ID (0x5)
- Jan 27 09:12:08: | length: 20 (0x14)
- Jan 27 09:12:08: | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0opt: 0x200030
- Jan 27 09:12:08: | ***parse ISAKMP Identification Payload (IPsec DOI):
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_ID (0x5)
- Jan 27 09:12:08: | length: 12 (0xc)
- Jan 27 09:12:08: | ID type: ID_IPV4_ADDR (0x1)
- Jan 27 09:12:08: | Protocol ID: 0 (0x0)
- Jan 27 09:12:08: | port: 0 (0x0)
- Jan 27 09:12:08: | obj: 0a e7 f7 16
- Jan 27 09:12:08: | got payload 0x20 (ISAKMP_NEXT_ID) needed: 0x0opt: 0x200030
- Jan 27 09:12:08: | ***parse ISAKMP Identification Payload (IPsec DOI):
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:08: | length: 16 (0x10)
- Jan 27 09:12:08: | ID type: ID_USER_FQDN (0x4)
- Jan 27 09:12:08: | Protocol ID: 0 (0x0)
- Jan 27 09:12:08: | port: 0 (0x0)
- Jan 27 09:12:08: | obj: 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | removing 4 bytes of padding
- Jan 27 09:12:08: | hmac prf: init 0x7f410f565c70
- Jan 27 09:12:08: | hmac prf: init symkey symkey 0x7f410f6e4c80 (length 32)
- Jan 27 09:12:08: | hmac prf: update
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6e4c80) bytes(0x7f410f12e1c0/32) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e4c80) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6e5b30) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | xor_symkey_chunk merge symkey(0x7f410f6e5b30) bytes(0x7ffda297f620/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e5b30) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | xor_symkey_chunk key(0x7f410f6bdfb0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f43f9a4 (length 4)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6bdfb0) bytes(0x7f410f43f9a4/4) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6bdfb0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | bytes: b2 6d de 8a
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6b9e30) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6bdfb0
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f6e9890 (length 232)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6b9e30) bytes(0x7f410f6e9890/232) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6b9e30) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 0a 00 00 b8 00 00 00 01 00 00 00 01 00 00 00 ac
- Jan 27 09:12:08: | bytes: 01 03 04 06 03 fb 8b a5 03 00 00 1c 01 0c 00 00
- Jan 27 09:12:08: | bytes: 80 01 00 01 80 02 0e 10 80 04 00 03 80 06 01 00
- Jan 27 09:12:08: | bytes: 80 05 00 02 03 00 00 1c 02 0c 00 00 80 01 00 01
- Jan 27 09:12:08: | bytes: 80 02 0e 10 80 04 00 03 80 06 01 00 80 05 00 01
- Jan 27 09:12:08: | bytes: 03 00 00 1c 03 0c 00 00 80 01 00 01 80 02 0e 10
- Jan 27 09:12:08: | bytes: 80 04 00 03 80 06 00 80 80 05 00 02 03 00 00 1c
- Jan 27 09:12:08: | bytes: 04 0c 00 00 80 01 00 01 80 02 0e 10 80 04 00 03
- Jan 27 09:12:08: | bytes: 80 06 00 80 80 05 00 01 03 00 00 18 05 03 00 00
- Jan 27 09:12:08: | bytes: 80 01 00 01 80 02 0e 10 80 04 00 03 80 05 00 02
- Jan 27 09:12:08: | bytes: 00 00 00 18 06 03 00 00 80 01 00 01 80 02 0e 10
- Jan 27 09:12:08: | bytes: 80 04 00 03 80 05 00 01 05 00 00 14 7b 39 96 76
- Jan 27 09:12:08: | bytes: 84 f2 dc cb a4 26 d4 62 f9 fa 18 ed 05 00 00 0c
- Jan 27 09:12:08: | bytes: 01 00 00 00 0a e7 f7 16 00 00 00 10 04 00 00 00
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6bdfb0) length(300) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6b9e30
- Jan 27 09:12:08: | hmac prf: final
- Jan 27 09:12:08: | prf inner hash: hash(OAKLEY_SHA2_256) symkey(0x7f410f6bdfb0) to symkey - derive(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6bdfb0) length(300) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | prf inner hash: key(0x7f410f6b9e30) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | prf inner:: free key 0x7f410f6bdfb0
- Jan 27 09:12:08: | xor_symkey_chunk merge symkey(0x7f410f6e5b30) bytes(0x7ffda297f600/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e5b30) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | xor_symkey_chunk key(0x7f410f6bdfb0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | concat: merge symkey(1: 0x7f410f6bdfb0) symkey(2: 0x7f410f6b9e30) - derive(CONCATENATE_BASE_AND_KEY) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey 1: key(0x7f410f6bdfb0) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | symkey 2: key(0x7f410f6b9e30) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | concat: key(0x7f410f6924c0) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_symkey: free key 0x7f410f6bdfb0
- Jan 27 09:12:08: | prf hashed inner:: free key 0x7f410f6b9e30
- Jan 27 09:12:08: | prf key: free key 0x7f410f6e5b30
- Jan 27 09:12:08: | prf outer hash hash(OAKLEY_SHA2_256) symkey(0x7f410f6924c0) to bytes
- Jan 27 09:12:08: | symkey: key(0x7f410f6924c0) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | prf outer hash 16 c5 6b 1f 9b 12 a3 35 9d 1d 50 90 83 92 ca 6b
- Jan 27 09:12:08: | prf outer hash fd 2c 61 39 c4 b7 32 6f 13 44 e4 ed 46 2f f1 77
- Jan 27 09:12:08: | prf outer: free key 0x7f410f6924c0
- Jan 27 09:12:08: | prf final bytes 16 c5 6b 1f 9b 12 a3 35 9d 1d 50 90 83 92 ca 6b
- Jan 27 09:12:08: | prf final bytes fd 2c 61 39 c4 b7 32 6f 13 44 e4 ed 46 2f f1 77
- Jan 27 09:12:08: | HASH(1) computed:
- Jan 27 09:12:08: | 16 c5 6b 1f 9b 12 a3 35 9d 1d 50 90 83 92 ca 6b
- Jan 27 09:12:08: | fd 2c 61 39 c4 b7 32 6f 13 44 e4 ed 46 2f f1 77
- Jan 27 09:12:08: | peer client is 10.231.247.22
- Jan 27 09:12:08: | peer client protocol/port is 0/0
- Jan 27 09:12:08: | our client is subnet 0.0.0.0/0
- Jan 27 09:12:08: | our client protocol/port is 0/0
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: the peer proposed: 0.0.0.0/0:0/0 -> 10.231.247.22/32:0/0
- Jan 27 09:12:08: | find_client_connection starting with xauth-psk
- Jan 27 09:12:08: | looking for 0.0.0.0/0:0/0 -> 10.231.247.22/32:0/0
- Jan 27 09:12:08: | concrete checking against sr#0 0.0.0.0/0 -> 10.231.247.22/32
- Jan 27 09:12:08: | client wildcard: no port wildcard: no virtual: no
- Jan 27 09:12:08: | NAT-Traversal: received 0 NAT-OA.
- Jan 27 09:12:08: | creating state object #537 at 0x7f410f6e9ad0
- Jan 27 09:12:08: | parent state #537: new > STATE_UNDEFINED(ignore)
- Jan 27 09:12:08: | duplicating state object #536 as #537
- Jan 27 09:12:08: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:08: | child state #537: STATE_UNDEFINED(ignore) > STATE_QUICK_R0(authenticated-ipsec)
- Jan 27 09:12:08: | ignore states: 0
- Jan 27 09:12:08: | half-open-ike states: 0
- Jan 27 09:12:08: | open-ike states: 0
- Jan 27 09:12:08: | established-anonymous-ike states: 0
- Jan 27 09:12:08: | established-authenticated-ike states: 2
- Jan 27 09:12:08: | anonymous-ipsec states: 0
- Jan 27 09:12:08: | authenticated-ipsec states: 3
- Jan 27 09:12:08: | informational states: 0
- Jan 27 09:12:08: | unknown states: 0
- Jan 27 09:12:08: | category states: 5 count states: 5
- Jan 27 09:12:08: | inserting state object #537
- Jan 27 09:12:08: | finding hash chain in state hash table
- Jan 27 09:12:08: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | RCOOKIE: db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | found hash chain 14
- Jan 27 09:12:08: | list 0x7f410f1262b8 first entry 0x7f410f6e81a8
- Jan 27 09:12:08: | inserted state 0x7f410f6e9ad0 entry 0x7f410f6ea138 next 0x7f410f6e81a8 prev-next 0x7f410f1262b8 into list
- Jan 27 09:12:08: | updated next state 0x7f410f6e7b40 entry 0x7f410f6e81a8 next (nil) prev-next 0x7f410f6ea138
- Jan 27 09:12:08: | finding hash chain in icookie hash table
- Jan 27 09:12:08: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | RCOOKIE: 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | found hash chain 13
- Jan 27 09:12:08: | list 0x7f410f1263d0 first entry 0x7f410f6e81c0
- Jan 27 09:12:08: | inserted state 0x7f410f6e9ad0 entry 0x7f410f6ea150 next 0x7f410f6e81c0 prev-next 0x7f410f1263d0 into list
- Jan 27 09:12:08: | updated next state 0x7f410f6e7b40 entry 0x7f410f6e81c0 next (nil) prev-next 0x7f410f6ea150
- Jan 27 09:12:08: | event_schedule called for 0 seconds
- Jan 27 09:12:08: | event_schedule_tv called for about 0 seconds and change
- Jan 27 09:12:08: | inserting event EVENT_SO_DISCARD, timeout in 0.000000 seconds for #537
- Jan 27 09:12:08: | ****parse IPsec DOI SIT:
- Jan 27 09:12:08: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
- Jan 27 09:12:08: | ****parse ISAKMP Proposal Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:08: | length: 172 (0xac)
- Jan 27 09:12:08: | proposal number: 1 (0x1)
- Jan 27 09:12:08: | protocol ID: PROTO_IPSEC_ESP (0x3)
- Jan 27 09:12:08: | SPI size: 4 (0x4)
- Jan 27 09:12:08: | number of transforms: 6 (0x6)
- Jan 27 09:12:08: | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI
- Jan 27 09:12:08: | SPI 03 fb 8b a5
- Jan 27 09:12:08: | *****parse ISAKMP Transform Payload (ESP):
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_T (0x3)
- Jan 27 09:12:08: | length: 28 (0x1c)
- Jan 27 09:12:08: | ESP transform number: 1 (0x1)
- Jan 27 09:12:08: | ESP transform ID: ESP_AES (0xc)
- Jan 27 09:12:08: | ******parse ISAKMP IPsec DOI attribute:
- Jan 27 09:12:08: | af+type: SA_LIFE_TYPE (0x8001)
- Jan 27 09:12:08: | length/value: 1 (0x1)
- Jan 27 09:12:08: | [1 is SA_LIFE_TYPE_SECONDS]
- Jan 27 09:12:08: | ******parse ISAKMP IPsec DOI attribute:
- Jan 27 09:12:08: | af+type: SA_LIFE_DURATION (0x8002)
- Jan 27 09:12:08: | length/value: 3600 (0xe10)
- Jan 27 09:12:08: | ******parse ISAKMP IPsec DOI attribute:
- Jan 27 09:12:08: | af+type: ENCAPSULATION_MODE (0x8004)
- Jan 27 09:12:08: | length/value: 3 (0x3)
- Jan 27 09:12:08: | [3 is ENCAPSULATION_MODE_UDP_TUNNEL_RFC]
- Jan 27 09:12:08: | NAT-T RFC: Installing IPsec SA with ENCAP, st->hidden_variables.st_nat_traversal is RFC 3947 (NAT-Traversal)+I am behind NAT+peer behind NAT
- Jan 27 09:12:08: | ******parse ISAKMP IPsec DOI attribute:
- Jan 27 09:12:08: | af+type: KEY_LENGTH (0x8006)
- Jan 27 09:12:08: | length/value: 256 (0x100)
- Jan 27 09:12:08: | ******parse ISAKMP IPsec DOI attribute:
- Jan 27 09:12:08: | af+type: AUTH_ALGORITHM (0x8005)
- Jan 27 09:12:08: | length/value: 2 (0x2)
- Jan 27 09:12:08: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
- Jan 27 09:12:08: | check_kernel_encrypt_alg(12,256): OK
- Jan 27 09:12:08: | crypto helper 0: pcw_work: 0
- Jan 27 09:12:08: | asking crypto helper 0 to do build nonce; request ID 846 (len=2776, pcw_work=0)
- Jan 27 09:12:08: | crypto helper 0 read fd: 11
- Jan 27 09:12:08: | crypto helper 0 doing build nonce; request ID 846
- Jan 27 09:12:08: | Generated nonce: f4 1b 63 6e 1c 7e 98 7f 9b 38 64 51 ab 52 6e b6
- Jan 27 09:12:08: | crypto helper 0 finished build nonce; request ID 846 time elapsed 11 usec
- Jan 27 09:12:08: | #537 send_crypto_helper_request:613 st->st_calculating = TRUE;
- Jan 27 09:12:08: | state: #537 requesting EVENT_SO_DISCARD to be deleted
- Jan 27 09:12:08: | event_schedule called for 60 seconds
- Jan 27 09:12:08: | event_schedule_tv called for about 60 seconds and change
- Jan 27 09:12:08: | inserting event EVENT_CRYPTO_FAILED, timeout in 60.000000 seconds for #537
- Jan 27 09:12:08: | complete v1 state transition with STF_SUSPEND
- Jan 27 09:12:08: | crypto helper 0 has finished work (pcw_work now 1)
- Jan 27 09:12:08: | crypto helper 0 replies to request ID 846
- Jan 27 09:12:08: | calling continuation function 0x7f410ee50290
- Jan 27 09:12:08: | quick_inI1_outR1_cryptocontinue1 for #537: calculated ke+nonce, calculating DH
- Jan 27 09:12:08: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:08: | #537 quick_inI1_outR1_cryptocontinue1:2202 st->st_calculating = FALSE;
- Jan 27 09:12:08: | **emit ISAKMP Message:
- Jan 27 09:12:08: | initiator cookie:
- Jan 27 09:12:08: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:08: | responder cookie:
- Jan 27 09:12:08: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_HASH (0x8)
- Jan 27 09:12:08: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:12:08: | exchange type: ISAKMP_XCHG_QUICK (0x20)
- Jan 27 09:12:08: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
- Jan 27 09:12:08: | message ID: b2 6d de 8a
- Jan 27 09:12:08: | ***emit ISAKMP Hash Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_SA (0x1)
- Jan 27 09:12:08: | emitting 32 zero bytes of HASH into ISAKMP Hash Payload
- Jan 27 09:12:08: | emitting length of ISAKMP Hash Payload: 36
- Jan 27 09:12:08: | ***emit ISAKMP Security Association Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_NONCE (0xa)
- Jan 27 09:12:08: | DOI: ISAKMP_DOI_IPSEC (0x1)
- Jan 27 09:12:08: | ****parse IPsec DOI SIT:
- Jan 27 09:12:08: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
- Jan 27 09:12:08: | ****parse ISAKMP Proposal Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:08: | length: 172 (0xac)
- Jan 27 09:12:08: | proposal number: 1 (0x1)
- Jan 27 09:12:08: | protocol ID: PROTO_IPSEC_ESP (0x3)
- Jan 27 09:12:08: | SPI size: 4 (0x4)
- Jan 27 09:12:08: | number of transforms: 6 (0x6)
- Jan 27 09:12:08: | parsing 4 raw bytes of ISAKMP Proposal Payload into SPI
- Jan 27 09:12:08: | SPI 03 fb 8b a5
- Jan 27 09:12:08: | *****parse ISAKMP Transform Payload (ESP):
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_T (0x3)
- Jan 27 09:12:08: | length: 28 (0x1c)
- Jan 27 09:12:08: | ESP transform number: 1 (0x1)
- Jan 27 09:12:08: | ESP transform ID: ESP_AES (0xc)
- Jan 27 09:12:08: | ******parse ISAKMP IPsec DOI attribute:
- Jan 27 09:12:08: | af+type: SA_LIFE_TYPE (0x8001)
- Jan 27 09:12:08: | length/value: 1 (0x1)
- Jan 27 09:12:08: | [1 is SA_LIFE_TYPE_SECONDS]
- Jan 27 09:12:08: | ******parse ISAKMP IPsec DOI attribute:
- Jan 27 09:12:08: | af+type: SA_LIFE_DURATION (0x8002)
- Jan 27 09:12:08: | length/value: 3600 (0xe10)
- Jan 27 09:12:08: | ******parse ISAKMP IPsec DOI attribute:
- Jan 27 09:12:08: | af+type: ENCAPSULATION_MODE (0x8004)
- Jan 27 09:12:08: | length/value: 3 (0x3)
- Jan 27 09:12:08: | [3 is ENCAPSULATION_MODE_UDP_TUNNEL_RFC]
- Jan 27 09:12:08: | NAT-T RFC: Installing IPsec SA with ENCAP, st->hidden_variables.st_nat_traversal is RFC 3947 (NAT-Traversal)+I am behind NAT+peer behind NAT
- Jan 27 09:12:08: | ******parse ISAKMP IPsec DOI attribute:
- Jan 27 09:12:08: | af+type: KEY_LENGTH (0x8006)
- Jan 27 09:12:08: | length/value: 256 (0x100)
- Jan 27 09:12:08: | ******parse ISAKMP IPsec DOI attribute:
- Jan 27 09:12:08: | af+type: AUTH_ALGORITHM (0x8005)
- Jan 27 09:12:08: | length/value: 2 (0x2)
- Jan 27 09:12:08: | [2 is AUTH_ALGORITHM_HMAC_SHA1]
- Jan 27 09:12:08: | check_kernel_encrypt_alg(12,256): OK
- Jan 27 09:12:08: | ****emit IPsec DOI SIT:
- Jan 27 09:12:08: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
- Jan 27 09:12:08: | ****emit ISAKMP Proposal Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:08: | proposal number: 1 (0x1)
- Jan 27 09:12:08: | protocol ID: PROTO_IPSEC_ESP (0x3)
- Jan 27 09:12:08: | SPI size: 4 (0x4)
- Jan 27 09:12:08: | number of transforms: 1 (0x1)
- Jan 27 09:12:08: | netlink_get_spi: allocated 0xb85cae98 for esp.0@ccc.ddd.eee.fff
- Jan 27 09:12:08: | emitting 4 raw bytes of SPI into ISAKMP Proposal Payload
- Jan 27 09:12:08: | SPI b8 5c ae 98
- Jan 27 09:12:08: | *****emit ISAKMP Transform Payload (ESP):
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:08: | ESP transform number: 1 (0x1)
- Jan 27 09:12:08: | ESP transform ID: ESP_AES (0xc)
- Jan 27 09:12:08: | emitting 20 raw bytes of attributes into ISAKMP Transform Payload (ESP)
- Jan 27 09:12:08: | attributes 80 01 00 01 80 02 0e 10 80 04 00 03 80 06 01 00
- Jan 27 09:12:08: | attributes 80 05 00 02
- Jan 27 09:12:08: | emitting length of ISAKMP Transform Payload (ESP): 28
- Jan 27 09:12:08: | emitting length of ISAKMP Proposal Payload: 40
- Jan 27 09:12:08: | emitting length of ISAKMP Security Association Payload: 52
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #537: responding to Quick Mode proposal {msgid:8ade6db2}
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #537: us: 0.0.0.0/0===ccc.ddd.eee.fff[MS+XS+S=C]
- Jan 27 09:12:08: "xauth-psk"[232] aaa.bbb.ccc.ddd #537: them: aaa.bbb.ccc.ddd[192.168.1.10,+MC+XC+S=C]===10.231.247.22/32
- Jan 27 09:12:08: | ***emit ISAKMP Nonce Payload:
- Jan 27 09:12:08: | next payload type: ISAKMP_NEXT_ID (0x5)
- Jan 27 09:12:08: | emitting 16 raw bytes of Nr into ISAKMP Nonce Payload
- Jan 27 09:12:08: | Nr f4 1b 63 6e 1c 7e 98 7f 9b 38 64 51 ab 52 6e b6
- Jan 27 09:12:08: | emitting length of ISAKMP Nonce Payload: 20
- Jan 27 09:12:08: | emitting 12 raw bytes of IDci into ISAKMP Message
- Jan 27 09:12:08: | IDci 05 00 00 0c 01 00 00 00 0a e7 f7 16
- Jan 27 09:12:08: | emitting 16 raw bytes of IDcr into ISAKMP Message
- Jan 27 09:12:08: | IDcr 00 00 00 10 04 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | hmac prf: init 0x7f410f51d460
- Jan 27 09:12:08: | hmac prf: init symkey symkey 0x7f410f6e4c80 (length 32)
- Jan 27 09:12:08: | hmac prf: update
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6e4c80) bytes(0x7f410f12e1c0/32) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e4c80) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6924c0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | xor_symkey_chunk merge symkey(0x7f410f6924c0) bytes(0x7ffda297ece0/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:12:08: | symkey: key(0x7f410f6924c0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:12:08: | xor_symkey_chunk key(0x7f410f6e5b30) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f6e9e10 (length 4)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6e5b30) bytes(0x7f410f6e9e10/4) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e5b30) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | bytes: b2 6d de 8a
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6b9e30) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6e5b30
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f6bdab0 (length 16)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6b9e30) bytes(0x7f410f6bdab0/16) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6b9e30) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 7b 39 96 76 84 f2 dc cb a4 26 d4 62 f9 fa 18 ed
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6e5b30) length(84) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6b9e30
- Jan 27 09:12:08: | hmac prf: update bytes data 0x7f410f1365a0 (length 100)
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6e5b30) bytes(0x7f410f1365a0/100) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6e5b30) length(84) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 0a 00 00 34 00 00 00 01 00 00 00 01 00 00 00 28
- Jan 27 09:12:08: | bytes: 01 03 04 01 b8 5c ae 98 00 00 00 1c 01 0c 00 00
- Jan 27 09:12:08: | bytes: 80 01 00 01 80 02 0e 10 80 04 00 03 80 06 01 00
- Jan 27 09:12:08: | bytes: 80 05 00 02 05 00 00 14 f4 1b 63 6e 1c 7e 98 7f
- Jan 27 09:12:08: | bytes: 9b 38 64 51 ab 52 6e b6 05 00 00 0c 01 00 00 00
- Jan 27 09:12:08: | bytes: 0a e7 f7 16 00 00 00 10 04 00 00 00 00 00 00 00
- Jan 27 09:12:08: | bytes: 00 00 00 00
- Jan 27 09:12:08: | concat_symkey_bytes key(0x7f410f6b9e30) length(184) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_bytes: free key 0x7f410f6e5b30
- Jan 27 09:12:08: | hmac prf: final
- Jan 27 09:12:08: | prf inner hash: hash(OAKLEY_SHA2_256) symkey(0x7f410f6b9e30) to symkey - derive(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey: key(0x7f410f6b9e30) length(184) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | prf inner hash: key(0x7f410f6e5b30) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | prf inner:: free key 0x7f410f6b9e30
- Jan 27 09:12:08: | xor_symkey_chunk merge symkey(0x7f410f6924c0) bytes(0x7ffda297ecc0/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:12:08: | symkey: key(0x7f410f6924c0) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:12:08: | xor_symkey_chunk key(0x7f410f6b9e30) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | concat: merge symkey(1: 0x7f410f6b9e30) symkey(2: 0x7f410f6e5b30) - derive(CONCATENATE_BASE_AND_KEY) target(SHA256_KEY_DERIVATION)
- Jan 27 09:12:08: | symkey 1: key(0x7f410f6b9e30) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:12:08: | symkey 2: key(0x7f410f6e5b30) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:12:08: | concat: key(0x7f410f6bdfb0) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | append_symkey_symkey: free key 0x7f410f6b9e30
- Jan 27 09:12:08: | prf hashed inner:: free key 0x7f410f6e5b30
- Jan 27 09:12:08: | prf key: free key 0x7f410f6924c0
- Jan 27 09:12:08: | prf outer hash hash(OAKLEY_SHA2_256) symkey(0x7f410f6bdfb0) to bytes
- Jan 27 09:12:08: | symkey: key(0x7f410f6bdfb0) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:08: | prf outer hash 8c b2 a4 e1 23 a0 e3 0c 4f cf d8 50 d9 64 28 97
- Jan 27 09:12:08: | prf outer hash c6 1e 38 eb e9 3e 29 8d 9a d9 b1 31 21 c6 0f 8b
- Jan 27 09:12:08: | prf outer: free key 0x7f410f6bdfb0
- Jan 27 09:12:08: | prf final bytes 8c b2 a4 e1 23 a0 e3 0c 4f cf d8 50 d9 64 28 97
- Jan 27 09:12:08: | prf final bytes c6 1e 38 eb e9 3e 29 8d 9a d9 b1 31 21 c6 0f 8b
- Jan 27 09:12:08: | HASH(2) computed:
- Jan 27 09:12:08: | 8c b2 a4 e1 23 a0 e3 0c 4f cf d8 50 d9 64 28 97
- Jan 27 09:12:08: | c6 1e 38 eb e9 3e 29 8d 9a d9 b1 31 21 c6 0f 8b
- Jan 27 09:12:08: | compute_proto_keymat:needed_len (after ESP enc)=32
- Jan 27 09:12:08: | compute_proto_keymat:needed_len (after ESP auth)=52
- Jan 27 09:12:08: | hmac prf: init 0x7f410f51d460
- Jan 27 09:12:08: | hmac prf: init symkey symkey 0x7f410f6da800 (length 32)
- Jan 27 09:12:08: | hmac prf: update
- Jan 27 09:12:08: | concat_symkey_bytes merge symkey(0x7f410f6da800) bytes(0x7f410f12e1c0/32) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- .
- .
- .
- Jan 27 09:12:11: | prf key: free key 0x7f410f6b9e30
- Jan 27 09:12:11: | prf outer hash hash(OAKLEY_SHA2_256) symkey(0x7f410f6ebb20) to bytes
- Jan 27 09:12:11: | symkey: key(0x7f410f6ebb20) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:12:11: | prf outer hash 13 89 24 17 38 bd c3 2d 07 82 e9 b5 6e 89 dd 6a
- Jan 27 09:12:11: | prf outer hash 27 24 f5 78 08 d4 f9 5c 96 36 1f 5b b9 d7 68 81
- Jan 27 09:12:11: | prf outer: free key 0x7f410f6ebb20
- Jan 27 09:12:11: | prf final bytes 13 89 24 17 38 bd c3 2d 07 82 e9 b5 6e 89 dd 6a
- Jan 27 09:12:11: | prf final bytes 27 24 f5 78 08 d4 f9 5c 96 36 1f 5b b9 d7 68 81
- Jan 27 09:12:11: | HASH(1) computed:
- Jan 27 09:12:11: | 13 89 24 17 38 bd c3 2d 07 82 e9 b5 6e 89 dd 6a
- Jan 27 09:12:11: | 27 24 f5 78 08 d4 f9 5c 96 36 1f 5b b9 d7 68 81
- Jan 27 09:12:11: | last Phase 1 IV: 23 0b ee 0e 81 e6 03 ae bd 6f c8 9c 95 9f e2 2f
- Jan 27 09:12:11: | current Phase 1 IV: 30 e6 33 60 c4 f7 23 f4 47 cd ad 16 04 c0 3d 81
- Jan 27 09:12:11: | computed Phase 2 IV:
- Jan 27 09:12:11: | c6 b7 f5 1d 90 ee 56 bb c8 39 c0 b1 8e 09 67 19
- Jan 27 09:12:11: | 84 a6 75 8a d0 38 0a 6e 5d 5c 79 ea 91 cc 79 22
- Jan 27 09:12:11: | encrypting: 0c 00 00 24 13 89 24 17 38 bd c3 2d 07 82 e9 b5
- Jan 27 09:12:11: | encrypting: 6e 89 dd 6a 27 24 f5 78 08 d4 f9 5c 96 36 1f 5b
- Jan 27 09:12:11: | encrypting: b9 d7 68 81 00 00 00 10 00 00 00 01 03 04 00 01
- Jan 27 09:12:11: | encrypting: 49 a6 cb a6
- Jan 27 09:12:11: | IV: c6 b7 f5 1d 90 ee 56 bb c8 39 c0 b1 8e 09 67 19
- Jan 27 09:12:11: | IV: 84 a6 75 8a d0 38 0a 6e 5d 5c 79 ea 91 cc 79 22
- Jan 27 09:12:11: | unpadded size is: 52
- Jan 27 09:12:11: | emitting 12 zero bytes of encryption padding into ISAKMP Message
- Jan 27 09:12:11: | encrypting 64 using OAKLEY_AES_CBC
- Jan 27 09:12:11: | NSS ike_alg_nss_cbc: aes - enter
- Jan 27 09:12:11: | NSS ike_alg_nss_cbc: aes - exit
- Jan 27 09:12:11: | next IV: 37 25 70 96 16 d5 00 d8 a1 0e a8 ad 88 03 5f 91
- Jan 27 09:12:11: | no IKEv1 message padding required
- Jan 27 09:12:11: | emitting length of ISAKMP Message: 92
- Jan 27 09:12:11: | sending 96 bytes for delete notify through eth0:4500 to bbb.ccc.ddd.eee:4500 (using #531)
- Jan 27 09:12:11: | 00 00 00 00 14 24 85 61 42 b2 d3 dc 03 c4 02 58
- Jan 27 09:12:11: | f8 bb 64 0c 08 10 05 01 5c 06 fe a3 00 00 00 5c
- Jan 27 09:12:11: | 6c 84 93 80 18 7b 87 6c ac 35 45 d4 34 2d a7 2b
- Jan 27 09:12:11: | 47 99 48 a8 b1 f0 0a 67 08 f4 2a a6 65 c7 08 06
- Jan 27 09:12:11: | 84 c7 c6 f9 76 15 97 4e 47 d9 55 d9 f7 b8 37 96
- Jan 27 09:12:11: | 37 25 70 96 16 d5 00 d8 a1 0e a8 ad 88 03 5f 91
- Jan 27 09:12:11: | state: #532 requesting EVENT_SA_EXPIRE to be deleted
- Jan 27 09:12:11: | unhashing state object #532
- Jan 27 09:12:11: | removing state 0x7f410f6e1300 entry 0x7f410f6e1968 next 0x7f410f6ccfb8 prev-next 0x7f410f1262c0 from list
- Jan 27 09:12:11: | updated next state 0x7f410f6cc950 entry 0x7f410f6ccfb8 next (nil) prev-next 0x7f410f1262c0
- Jan 27 09:12:11: | removing state 0x7f410f6e1300 entry 0x7f410f6e1980 next 0x7f410f6ccfd0 prev-next 0x7f410f126410 from list
- Jan 27 09:12:11: | updated next state 0x7f410f6cc950 entry 0x7f410f6ccfd0 next (nil) prev-next 0x7f410f126410
- Jan 27 09:12:11: | command executing down-client
- Jan 27 09:12:11: | get esp.95d908c@bbb.ccc.ddd.eee
- Jan 27 09:12:11: | get esp.49a6cba6@ccc.ddd.eee.fff
- Jan 27 09:12:11: | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='xauth-psk' PLUTO_INTERFACE='eth0' PLUTO_NEXT_HOP='ddd.eee.fff.ggg' PLUTO_ME='ccc.ddd.eee.fff' PLUTO_MY_ID='ccc.ddd.eee.fff' PLUTO_MY_CLIENT='0.0.0.0/0' PLUTO_MY_CLIENT_NET='0.0.0.0' PLUTO_MY_CLIENT_MASK='0.0.0.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='bbb.ccc.ddd.eee' PLUTO_PEER_ID='fff.ggg.hhh.iii' PLUTO_PEER_CLIENT='eee.fff.ggg.iii/32' PLUTO_PEER_CLIENT_NET='eee.fff.ggg.iii' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1485508114' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+MODECFG_PULL+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_XAUTH_USERNAME='user2' PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_NM_CONFIGURED='0' PLUTO_INBYTES='20744' PLUTO_OUTBYTES='9633' ipsec _updown 2>&1
- Jan 27 09:12:11: | popen cmd is 992 chars long
- Jan 27 09:12:11: | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='xauth-psk' PLUTO_:
- Jan 27 09:12:11: | cmd( 80):INTERFACE='eth0' PLUTO_NEXT_HOP='ddd.eee.fff.ggg' PLUTO_ME='ccc.ddd.eee.fff' PLUTO_MY_:
- Jan 27 09:12:11: | cmd( 160):ID='ccc.ddd.eee.fff' PLUTO_MY_CLIENT='0.0.0.0/0' PLUTO_MY_CLIENT_NET='0.0.0.0' PLU:
- Jan 27 09:12:11: | cmd( 240):TO_MY_CLIENT_MASK='0.0.0.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQ:
- Jan 27 09:12:11: | cmd( 320):ID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='bbb.ccc.ddd.eee' PLUTO_PEER_ID='fff.ggg.:
- Jan 27 09:12:11: | cmd( 400):hhh.iii' PLUTO_PEER_CLIENT='eee.fff.ggg.iii/32' PLUTO_PEER_CLIENT_NET='eee.fff.ggg.iii' :
- Jan 27 09:12:11: | cmd( 480):PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL:
- Jan 27 09:12:11: | cmd( 560):='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1485508114' PLUTO_CONN:
- Jan 27 09:12:11: | cmd( 640):_POLICY='PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+MODECFG_PULL+IKEV1_ALLOW+SAREF_TRAC:
- Jan 27 09:12:11: | cmd( 720):K+IKE_FRAG_ALLOW' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_XAUTH_USERNA:
- Jan 27 09:12:11: | cmd( 800):ME='user2' PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INF:
- Jan 27 09:12:11: | cmd( 880):O='' PLUTO_PEER_BANNER='' PLUTO_NM_CONFIGURED='0' PLUTO_INBYTES='20744' PLUTO_OU:
- Jan 27 09:12:11: | cmd( 960):TBYTES='9633' ipsec _updown 2>&1:
- Jan 27 09:12:11: | shunt_eroute() called for connection 'xauth-psk' to 'delete' for rt_kind 'unrouted'
- Jan 27 09:12:11: | route owner of "xauth-psk"[498] bbb.ccc.ddd.eee unrouted: NULL
- Jan 27 09:12:11: | command executing unroute-client
- Jan 27 09:12:11: | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='xauth-psk' PLUTO_INTERFACE='eth0' PLUTO_NEXT_HOP='ddd.eee.fff.ggg' PLUTO_ME='ccc.ddd.eee.fff' PLUTO_MY_ID='ccc.ddd.eee.fff' PLUTO_MY_CLIENT='0.0.0.0/0' PLUTO_MY_CLIENT_NET='0.0.0.0' PLUTO_MY_CLIENT_MASK='0.0.0.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='bbb.ccc.ddd.eee' PLUTO_PEER_ID='fff.ggg.hhh.iii' PLUTO_PEER_CLIENT='eee.fff.ggg.iii/32' PLUTO_PEER_CLIENT_NET='eee.fff.ggg.iii' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+MODECFG_PULL+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_NM_CONFIGURED='0' ipsec _updown 2>&1
- Jan 27 09:12:11: | popen cmd is 913 chars long
- Jan 27 09:12:11: | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='xauth-psk' PLU:
- Jan 27 09:12:11: | cmd( 80):TO_INTERFACE='eth0' PLUTO_NEXT_HOP='ddd.eee.fff.ggg' PLUTO_ME='ccc.ddd.eee.fff' PLUTO_:
- Jan 27 09:12:11: | cmd( 160):MY_ID='ccc.ddd.eee.fff' PLUTO_MY_CLIENT='0.0.0.0/0' PLUTO_MY_CLIENT_NET='0.0.0.0' :
- Jan 27 09:12:11: | cmd( 240):PLUTO_MY_CLIENT_MASK='0.0.0.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_:
- Jan 27 09:12:11: | cmd( 320):REQID='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='bbb.ccc.ddd.eee' PLUTO_PEER_ID='1:
- Jan 27 09:12:11: | cmd( 400):0.0.0.3' PLUTO_PEER_CLIENT='eee.fff.ggg.iii/32' PLUTO_PEER_CLIENT_NET='eee.fff.ggg.:
- Jan 27 09:12:11: | cmd( 480):iii' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PROT:
- Jan 27 09:12:11: | cmd( 560):OCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLI:
- Jan 27 09:12:11: | cmd( 640):CY='PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+MODECFG_PULL+IKEV1_ALLOW+SAREF_TRACK+IKE:
- Jan 27 09:12:11: | cmd( 720):_FRAG_ALLOW' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0':
- Jan 27 09:12:11: | cmd( 800): PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_NM_:
- Jan 27 09:12:11: | cmd( 880):CONFIGURED='0' ipsec _updown 2>&1:
- Jan 27 09:12:11: | delete esp.95d908c@bbb.ccc.ddd.eee
- Jan 27 09:12:11: | delete inbound eroute eee.fff.ggg.iii/32:0 --0-> 0.0.0.0/0:0 => unk255.10000@ccc.ddd.eee.fff (raw_eroute)
- Jan 27 09:12:11: | raw_eroute result=success
- Jan 27 09:12:11: | delete esp.49a6cba6@ccc.ddd.eee.fff
- Jan 27 09:12:11: | child state #532: STATE_QUICK_R2(authenticated-ipsec) > STATE_UNDEFINED(ignore)
- Jan 27 09:12:11: | ignore states: 0
- Jan 27 09:12:11: | half-open-ike states: 0
- Jan 27 09:12:11: | open-ike states: 0
- Jan 27 09:12:11: | established-anonymous-ike states: 0
- Jan 27 09:12:11: | established-authenticated-ike states: 2
- Jan 27 09:12:11: | anonymous-ipsec states: 0
- Jan 27 09:12:11: | authenticated-ipsec states: 2
- Jan 27 09:12:11: | informational states: 0
- Jan 27 09:12:11: | unknown states: 0
- Jan 27 09:12:11: | category states: 4 count states: 4
- Jan 27 09:12:11: | st->st_skeyseed_nss: free key 0x7f410f6d1190
- Jan 27 09:12:11: | st->st_skey_d_nss: free key 0x7f410f6c6d10
- Jan 27 09:12:11: | st->st_skey_ai_nss: free key 0x7f410f64e8b0
- Jan 27 09:12:11: | st->st_skey_ar_nss: free key NULL
- Jan 27 09:12:11: | st->st_skey_ei_nss: free key 0x7f410f6db630
- Jan 27 09:12:11: | st->st_skey_er_nss: free key NULL
- Jan 27 09:12:11: | st->st_skey_pi_nss: free key NULL
- Jan 27 09:12:11: | st->st_skey_pr_nss: free key NULL
- Jan 27 09:12:11: | st->st_enc_key_nss: free key 0x7f410f6b6930
- Jan 27 09:12:11: | del:
- Jan 27 09:12:11: "xauth-psk"[498] bbb.ccc.ddd.eee #531: received and ignored empty informational notification payload
- Jan 27 09:12:11: | complete v1 state transition with STF_IGNORE
- Jan 27 09:12:11: | *received 108 bytes from bbb.ccc.ddd.eee:4500 on eth0 (port=4500)
- Jan 27 09:12:11: | 14 24 85 61 42 b2 d3 dc 03 c4 02 58 f8 bb 64 0c
- Jan 27 09:12:11: | 08 10 05 01 83 ea 0c e6 00 00 00 6c e3 ae 14 e0
- Jan 27 09:12:11: | e1 c0 ee 4a 20 48 03 2d 7d a9 b9 65 05 79 4c 20
- Jan 27 09:12:11: | 19 51 8a 95 c4 69 4f 40 56 96 b9 ad 70 bd 69 84
- Jan 27 09:12:11: | 7c c7 5b e8 b2 9a 3b 8e f5 3f e0 c6 71 e2 03 f2
- Jan 27 09:12:11: | 81 e9 15 47 19 42 19 cd 96 4d 9f 57 6c 80 e1 84
- Jan 27 09:12:11: | 3d 72 0c 56 90 26 14 16 9c 71 17 6b
- Jan 27 09:12:11: | **parse ISAKMP Message:
- Jan 27 09:12:11: | initiator cookie:
- Jan 27 09:12:11: | 14 24 85 61 42 b2 d3 dc
- Jan 27 09:12:11: | responder cookie:
- Jan 27 09:12:11: | 03 c4 02 58 f8 bb 64 0c
- Jan 27 09:12:11: | next payload type: ISAKMP_NEXT_HASH (0x8)
- Jan 27 09:12:11: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:12:11: | exchange type: ISAKMP_XCHG_INFO (0x5)
- Jan 27 09:12:11: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
- Jan 27 09:12:11: | message ID: 83 ea 0c e6
- Jan 27 09:12:11: | length: 108 (0x6c)
- Jan 27 09:12:11: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5)
- Jan 27 09:12:11: | finding hash chain in state hash table
- Jan 27 09:12:11: | ICOOKIE: 14 24 85 61 42 b2 d3 dc
- Jan 27 09:12:11: | RCOOKIE: 03 c4 02 58 f8 bb 64 0c
- Jan 27 09:12:11: | found hash chain 15
- Jan 27 09:12:11: | peer and cookies match on #531; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
- Jan 27 09:12:11: | p15 state object #531 found, in STATE_MODE_CFG_R1
- Jan 27 09:12:11: | processing connection "xauth-psk"[498] bbb.ccc.ddd.eee
- Jan 27 09:12:11: | last Phase 1 IV: 23 0b ee 0e 81 e6 03 ae bd 6f c8 9c 95 9f e2 2f
- Jan 27 09:12:11: | current Phase 1 IV: 30 e6 33 60 c4 f7 23 f4 47 cd ad 16 04 c0 3d 81
- Jan 27 09:12:11: | computed Phase 2 IV:
- Jan 27 09:12:11: | 17 0e 4c be 6b 88 ec bb 05 d3 95 ed 6a b5 d7 d7
- Jan 27 09:12:11: | 33 16 01 08 0b c8 ac e9 81 86 0f e5 77 67 11 5a
- Jan 27 09:12:11: | #531 state_busy:2221 st != NULL && st->st_calculating == FALSE;
- .
- .
- .
- Jan 27 09:12:29: | processing connection "xauth-psk"[500] bbb.ccc.ddd.eee
- Jan 27 09:12:29: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
- Jan 27 09:12:29: | processing connection "xauth-psk"[500] bbb.ccc.ddd.eee
- Jan 27 09:12:29: | ka_event: send NAT-KA to bbb.ccc.ddd.eee:4500 (state=#538)
- Jan 27 09:12:29: | sending NAT-T Keep Alive
- Jan 27 09:12:29: | sending 1 bytes for NAT-T Keep Alive through eth0:4500 to bbb.ccc.ddd.eee:4500 (using #538)
- Jan 27 09:12:29: | ff
- Jan 27 09:12:29: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:29: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
- Jan 27 09:12:29: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:29: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
- Jan 27 09:12:29: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:29: | ka_event: send NAT-KA to aaa.bbb.ccc.ddd:4500 (state=#537)
- Jan 27 09:12:29: | sending NAT-T Keep Alive
- Jan 27 09:12:29: | sending 1 bytes for NAT-T Keep Alive through eth0:4500 to aaa.bbb.ccc.ddd:4500 (using #537)
- Jan 27 09:12:29: | ff
- Jan 27 09:12:29: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:29: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
- Jan 27 09:12:29: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:29: | ka_event: send NAT-KA to aaa.bbb.ccc.ddd:4500 (state=#536)
- Jan 27 09:12:29: | sending NAT-T Keep Alive
- Jan 27 09:12:29: | sending 1 bytes for NAT-T Keep Alive through eth0:4500 to aaa.bbb.ccc.ddd:4500 (using #536)
- Jan 27 09:12:29: | ff
- Jan 27 09:12:29: | event_schedule called for 20 seconds
- Jan 27 09:12:29: | event_schedule_tv called for about 20 seconds and change
- Jan 27 09:12:29: | inserting event EVENT_NAT_T_KEEPALIVE, timeout in 20.000000 seconds
- Jan 27 09:12:30: | *received 108 bytes from aaa.bbb.ccc.ddd:4500 on eth0 (port=4500)
- Jan 27 09:12:30: | a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:30: | 08 10 05 01 16 87 b2 7b 00 00 00 6c 88 4a 14 3a
- Jan 27 09:12:30: | c9 75 8c c6 d3 6e a6 e6 0b 79 a9 40 cf 2b 84 e0
- Jan 27 09:12:30: | bd 6a bd 18 1b b4 1e 5d eb 33 7d 72 72 bc 91 33
- Jan 27 09:12:30: | e5 f3 e3 c5 76 5f f2 8d f2 6f 10 03 4c 3b 51 71
- Jan 27 09:12:30: | a1 16 52 28 cc 16 91 5d 67 64 30 4b 41 18 cf b4
- Jan 27 09:12:30: | 9c f4 4b 34 20 34 0d 58 44 a1 da 56
- Jan 27 09:12:30: | **parse ISAKMP Message:
- Jan 27 09:12:30: | initiator cookie:
- Jan 27 09:12:30: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:30: | responder cookie:
- Jan 27 09:12:30: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:30: | next payload type: ISAKMP_NEXT_HASH (0x8)
- Jan 27 09:12:30: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:12:30: | exchange type: ISAKMP_XCHG_INFO (0x5)
- Jan 27 09:12:30: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
- Jan 27 09:12:30: | message ID: 16 87 b2 7b
- Jan 27 09:12:30: | length: 108 (0x6c)
- Jan 27 09:12:30: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5)
- Jan 27 09:12:30: | finding hash chain in state hash table
- Jan 27 09:12:30: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:30: | RCOOKIE: db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:30: | found hash chain 14
- Jan 27 09:12:30: | peer and cookies match on #537; msgid=00000000 st_msgid=b26dde8a st_msgid_phase15=00000000
- Jan 27 09:12:30: | peer and cookies match on #536; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
- Jan 27 09:12:30: | p15 state object #536 found, in STATE_MODE_CFG_R1
- Jan 27 09:12:30: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:12:30: | last Phase 1 IV: 22 29 4e e5 e5 04 a4 d2 db 3f e3 e2 17 ef 14 c0
- Jan 27 09:12:30: | current Phase 1 IV: a5 f9 09 88 45 a4 1a d6 a7 9b 4a 1d dc f2 b9 34
- Jan 27 09:12:30: | computed Phase 2 IV:
- Jan 27 09:12:30: | f7 2b 2b 7a 58 fa 90 2d aa cb 62 48 b8 c1 fd 41
- Jan 27 09:12:30: | bf 09 a5 45 5b de f8 6a 88 58 d8 e6 cc d1 27 4a
- Jan 27 09:12:30: | #536 state_busy:2221 st != NULL && st->st_calculating == FALSE;
- Jan 27 09:12:30: | received encrypted packet from aaa.bbb.ccc.ddd:4500
- Jan 27 09:12:30: | decrypting 80 bytes using algorithm OAKLEY_AES_CBC
- Jan 27 09:12:30: | NSS ike_alg_nss_cbc: aes - enter
- Jan 27 09:12:30: | NSS ike_alg_nss_cbc: aes - exit
- Jan 27 09:12:30: | decrypted:
- Jan 27 09:12:30: | 0b 00 00 24 40 78 ab a6 73 66 a6 cb 26 92 19 fa
- Jan 27 09:12:30: | 31 c6 86 96 74 87 30 3b cd e9 a3 7e a2 b4 92 f3
- Jan 27 09:12:30: | ac 64 31 ab 00 00 00 20 00 00 00 01 01 10 8d 28
- Jan 27 09:12:30: | a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:30: | 00 00 01 75 00 00 00 00 00 00 00 00 00 00 00 0c
- Jan 27 09:12:30: | next IV: 41 18 cf b4 9c f4 4b 34 20 34 0d 58 44 a1 da 56
- Jan 27 09:12:30: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100opt: 0x0
- Jan 27 09:12:30: | ***parse ISAKMP Hash Payload:
- Jan 27 09:12:30: | next payload type: ISAKMP_NEXT_N (0xb)
- Jan 27 09:12:30: | length: 36 (0x24)
- Jan 27 09:12:30: | got payload 0x800 (ISAKMP_NEXT_N) needed: 0x0opt: 0x0
- Jan 27 09:12:30: | ***parse ISAKMP Notification Payload:
- Jan 27 09:12:30: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:30: | length: 32 (0x20)
- Jan 27 09:12:30: | DOI: ISAKMP_DOI_IPSEC (0x1)
- Jan 27 09:12:30: | protocol ID: 1 (0x1)
- Jan 27 09:12:30: | SPI size: 16 (0x10)
- Jan 27 09:12:30: | Notify Message Type: R_U_THERE (0x8d28)
- Jan 27 09:12:30: | removing 12 bytes of padding
- Jan 27 09:12:30: | info: a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:30: | info: 00 00 01 75
- Jan 27 09:12:30: | processing informational R_U_THERE (36136)
- Jan 27 09:12:30: | DPD: received R_U_THERE seq:373 monotime:1485508350 (state=#536 name="xauth-psk")
- Jan 27 09:12:30: | **emit ISAKMP Message:
- Jan 27 09:12:30: | initiator cookie:
- Jan 27 09:12:30: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:30: | responder cookie:
- Jan 27 09:12:30: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:30: | next payload type: ISAKMP_NEXT_HASH (0x8)
- Jan 27 09:12:30: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:12:30: | exchange type: ISAKMP_XCHG_INFO (0x5)
- Jan 27 09:12:30: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
- Jan 27 09:12:30: | message ID: 66 d6 60 0e
- Jan 27 09:12:30: | ***emit ISAKMP Hash Payload:
- Jan 27 09:12:30: | next payload type: ISAKMP_NEXT_N (0xb)
- Jan 27 09:12:30: | emitting 32 zero bytes of HASH into ISAKMP Hash Payload
- Jan 27 09:12:30: | emitting length of ISAKMP Hash Payload: 36
- Jan 27 09:12:30: | ***emit ISAKMP Notification Payload:
- Jan 27 09:12:30: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:12:30: | DOI: ISAKMP_DOI_IPSEC (0x1)
- Jan 27 09:12:30: | protocol ID: 1 (0x1)
- Jan 27 09:12:30: | SPI size: 16 (0x10)
- Jan 27 09:12:30: | Notify Message Type: R_U_THERE_ACK (0x8d29)
- Jan 27 09:12:30: | emitting 8 raw bytes of notify icookie into ISAKMP Notification Payload
- Jan 27 09:12:30: | notify icookie a2 7e 66 da e6 0b 70 e8
- Jan 27 09:12:30: | emitting 8 raw bytes of notify rcookie into ISAKMP Notification Payload
- Jan 27 09:12:30: | notify rcookie db da 2a c5 c8 03 d1 6d
- Jan 27 09:12:30: | emitting 4 raw bytes of notify data into ISAKMP Notification Payload
- Jan 27 09:12:30: | notify data 00 00 01 75
- Jan 27 09:12:30: | emitting length of ISAKMP Notification Payload: 32
- Jan 27 09:12:30: | hmac prf: init 0x7f410f5d4910
- Jan 27 09:12:30: | hmac prf: init symkey symkey 0x7f410f6e4c80 (length 32)
- Jan 27 09:12:30: | hmac prf: update
- .
- .
- .
- Jan 27 09:31:10: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
- Jan 27 09:31:10: | processing connection "xauth-psk"[508] bbb.ccc.ddd.eee
- Jan 27 09:31:10: | ka_event: send NAT-KA to bbb.ccc.ddd.eee:4500 (state=#546)
- Jan 27 09:31:10: | sending NAT-T Keep Alive
- Jan 27 09:31:10: | sending 1 bytes for NAT-T Keep Alive through eth0:4500 to bbb.ccc.ddd.eee:4500 (using #546)
- Jan 27 09:31:10: | ff
- Jan 27 09:31:10: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:31:10: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
- Jan 27 09:31:10: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:31:10: | ka_event: send NAT-KA to aaa.bbb.ccc.ddd:4500 (state=#537)
- Jan 27 09:31:10: | sending NAT-T Keep Alive
- Jan 27 09:31:10: | sending 1 bytes for NAT-T Keep Alive through eth0:4500 to aaa.bbb.ccc.ddd:4500 (using #537)
- Jan 27 09:31:10: | ff
- Jan 27 09:31:10: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:31:10: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
- Jan 27 09:31:10: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:31:10: | ka_event: send NAT-KA to aaa.bbb.ccc.ddd:4500 (state=#536)
- Jan 27 09:31:10: | sending NAT-T Keep Alive
- Jan 27 09:31:10: | sending 1 bytes for NAT-T Keep Alive through eth0:4500 to aaa.bbb.ccc.ddd:4500 (using #536)
- Jan 27 09:31:10: | ff
- Jan 27 09:31:10: | event_schedule called for 20 seconds
- Jan 27 09:31:10: | event_schedule_tv called for about 20 seconds and change
- Jan 27 09:31:10: | inserting event EVENT_NAT_T_KEEPALIVE, timeout in 20.000000 seconds
- Jan 27 09:31:30: | handling event EVENT_SHUNT_SCAN
- Jan 27 09:31:30: | expiring aged bare shunts
- Jan 27 09:31:30: | event_schedule called for 20 seconds
- Jan 27 09:31:30: | event_schedule_tv called for about 20 seconds and change
- Jan 27 09:31:30: | inserting event EVENT_SHUNT_SCAN, timeout in 20.000000 seconds
- Jan 27 09:31:30: | handling event EVENT_NAT_T_KEEPALIVE
- Jan 27 09:31:30: | processing connection "xauth-psk"[508] bbb.ccc.ddd.eee
- Jan 27 09:31:30: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
- Jan 27 09:31:30: | processing connection "xauth-psk"[508] bbb.ccc.ddd.eee
- Jan 27 09:31:30: | ka_event: send NAT-KA to bbb.ccc.ddd.eee:4500 (state=#547)
- Jan 27 09:31:30: | sending NAT-T Keep Alive
- Jan 27 09:31:30: | sending 1 bytes for NAT-T Keep Alive through eth0:4500 to bbb.ccc.ddd.eee:4500 (using #547)
- Jan 27 09:31:30: | ff
- Jan 27 09:31:30: | processing connection "xauth-psk"[508] bbb.ccc.ddd.eee
- Jan 27 09:31:30: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
- Jan 27 09:31:30: | processing connection "xauth-psk"[508] bbb.ccc.ddd.eee
- Jan 27 09:31:30: | ka_event: send NAT-KA to bbb.ccc.ddd.eee:4500 (state=#546)
- Jan 27 09:31:30: | sending NAT-T Keep Alive
- Jan 27 09:31:30: | sending 1 bytes for NAT-T Keep Alive through eth0:4500 to bbb.ccc.ddd.eee:4500 (using #546)
- Jan 27 09:31:30: | ff
- Jan 27 09:31:30: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:31:30: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
- Jan 27 09:31:30: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:31:30: | ka_event: send NAT-KA to aaa.bbb.ccc.ddd:4500 (state=#537)
- Jan 27 09:31:30: | sending NAT-T Keep Alive
- Jan 27 09:31:30: | sending 1 bytes for NAT-T Keep Alive through eth0:4500 to aaa.bbb.ccc.ddd:4500 (using #537)
- Jan 27 09:31:30: | ff
- Jan 27 09:31:30: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:31:30: | Sending of NAT-T KEEP-ALIVE enabled by per-conn configuration (nat_keepalive=yes)
- Jan 27 09:31:30: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:31:30: | ka_event: send NAT-KA to aaa.bbb.ccc.ddd:4500 (state=#536)
- Jan 27 09:31:30: | sending NAT-T Keep Alive
- Jan 27 09:31:30: | sending 1 bytes for NAT-T Keep Alive through eth0:4500 to aaa.bbb.ccc.ddd:4500 (using #536)
- Jan 27 09:31:30: | ff
- Jan 27 09:31:30: | event_schedule called for 20 seconds
- Jan 27 09:31:30: | event_schedule_tv called for about 20 seconds and change
- Jan 27 09:31:30: | inserting event EVENT_NAT_T_KEEPALIVE, timeout in 20.000000 seconds
- Jan 27 09:31:42: | handling event EVENT_PENDING_PHASE2
- Jan 27 09:31:42: | event_schedule called for 120 seconds
- Jan 27 09:31:42: | event_schedule_tv called for about 120 seconds and change
- Jan 27 09:31:42: | inserting event EVENT_PENDING_PHASE2, timeout in 120.000000 seconds
- Jan 27 09:31:42: | pending review: connection "xauth-psk" was not up, skipped
- Jan 27 09:31:42: | pending review: connection "xauth-psk" was not up, skipped
- Jan 27 09:31:42: | pending review: connection "xauth-psk" was not up, skipped
- Jan 27 09:31:43: | handling event EVENT_PENDING_DDNS
- Jan 27 09:31:43: | event_schedule called for 60 seconds
- Jan 27 09:31:43: | event_schedule_tv called for about 60 seconds and change
- Jan 27 09:31:43: | inserting event EVENT_PENDING_DDNS, timeout in 60.000000 seconds
- Jan 27 09:31:43: | elapsed time in connection_check_ddns for hostname lookup 0.000000
- Jan 27 09:31:45: | *received 92 bytes from aaa.bbb.ccc.ddd:4500 on eth0 (port=4500)
- Jan 27 09:31:45: | a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:31:45: | 08 10 05 01 82 be c8 3e 00 00 00 5c 0f 7e 27 59
- Jan 27 09:31:45: | 0c 30 a0 cf 35 58 51 92 4e 92 d5 18 7c 84 5f 98
- Jan 27 09:31:45: | d8 15 34 df b5 f2 c8 ba f2 0d 50 de 61 5e b0 ec
- Jan 27 09:31:45: | d7 70 79 ac 43 e9 f3 fc 74 89 af 7f bc 3d eb cd
- Jan 27 09:31:45: | 46 78 7e 78 ba 0e d4 77 cb 28 30 7e
- Jan 27 09:31:45: | **parse ISAKMP Message:
- Jan 27 09:31:45: | initiator cookie:
- Jan 27 09:31:45: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:31:45: | responder cookie:
- Jan 27 09:31:45: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:31:45: | next payload type: ISAKMP_NEXT_HASH (0x8)
- Jan 27 09:31:45: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:31:45: | exchange type: ISAKMP_XCHG_INFO (0x5)
- Jan 27 09:31:45: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
- Jan 27 09:31:45: | message ID: 82 be c8 3e
- Jan 27 09:31:45: | length: 92 (0x5c)
- Jan 27 09:31:45: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5)
- Jan 27 09:31:45: | finding hash chain in state hash table
- Jan 27 09:31:45: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:31:45: | RCOOKIE: db da 2a c5 c8 03 d1 6d
- Jan 27 09:31:45: | found hash chain 14
- Jan 27 09:31:45: | peer and cookies match on #537; msgid=00000000 st_msgid=b26dde8a st_msgid_phase15=00000000
- Jan 27 09:31:45: | peer and cookies match on #536; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
- Jan 27 09:31:45: | p15 state object #536 found, in STATE_MODE_CFG_R1
- Jan 27 09:31:45: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:31:45: | last Phase 1 IV: 22 29 4e e5 e5 04 a4 d2 db 3f e3 e2 17 ef 14 c0
- Jan 27 09:31:45: | current Phase 1 IV: a5 f9 09 88 45 a4 1a d6 a7 9b 4a 1d dc f2 b9 34
- Jan 27 09:31:45: | computed Phase 2 IV:
- Jan 27 09:31:45: | 03 91 ec a9 cd 8f 08 62 90 9e 91 66 1a 91 b8 90
- Jan 27 09:31:45: | 59 7f ef 92 c6 af 3d 34 ad 58 9e bd 22 83 64 4b
- Jan 27 09:31:45: | #536 state_busy:2221 st != NULL && st->st_calculating == FALSE;
- Jan 27 09:31:45: | received encrypted packet from aaa.bbb.ccc.ddd:4500
- Jan 27 09:31:45: | decrypting 64 bytes using algorithm OAKLEY_AES_CBC
- Jan 27 09:31:45: | NSS ike_alg_nss_cbc: aes - enter
- Jan 27 09:31:45: | NSS ike_alg_nss_cbc: aes - exit
- Jan 27 09:31:45: | decrypted:
- Jan 27 09:31:45: | 0c 00 00 24 28 a2 1e be f4 87 76 c0 34 25 bf 67
- Jan 27 09:31:45: | 05 ac 11 67 ff 72 68 1d 63 f4 38 6a 5e 67 f9 07
- Jan 27 09:31:45: | dd 42 42 1a 00 00 00 10 00 00 00 01 03 04 00 01
- Jan 27 09:31:45: | 03 fb 8b a5 00 00 00 00 00 00 00 00 00 00 00 0c
- Jan 27 09:31:45: | next IV: bc 3d eb cd 46 78 7e 78 ba 0e d4 77 cb 28 30 7e
- Jan 27 09:31:45: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100opt: 0x0
- Jan 27 09:31:45: | ***parse ISAKMP Hash Payload:
- Jan 27 09:31:45: | next payload type: ISAKMP_NEXT_D (0xc)
- Jan 27 09:31:45: | length: 36 (0x24)
- Jan 27 09:31:45: | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0opt: 0x0
- Jan 27 09:31:45: | ***parse ISAKMP Delete Payload:
- Jan 27 09:31:45: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:31:45: | length: 16 (0x10)
- Jan 27 09:31:45: | DOI: ISAKMP_DOI_IPSEC (0x1)
- Jan 27 09:31:45: | protocol ID: 3 (0x3)
- Jan 27 09:31:45: | SPI size: 4 (0x4)
- Jan 27 09:31:45: | number of SPIs: 1 (0x1)
- Jan 27 09:31:45: | removing 12 bytes of padding
- Jan 27 09:31:45: | parsing 4 raw bytes of ISAKMP Delete Payload into SPI
- Jan 27 09:31:45: | SPI 03 fb 8b a5
- Jan 27 09:31:45: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:31:45: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: received Delete SA(0x03fb8ba5) payload: deleting IPSEC State #537
- Jan 27 09:31:45: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: deleting state #537 (STATE_QUICK_R2)
- Jan 27 09:31:45: | child state #537: STATE_QUICK_R2(authenticated-ipsec) > delete
- Jan 27 09:31:45: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: ESP traffic information: in=0B out=0B XAUTHuser=user1
- Jan 27 09:31:45: | **emit ISAKMP Message:
- Jan 27 09:31:45: | initiator cookie:
- Jan 27 09:31:45: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:31:45: | responder cookie:
- Jan 27 09:31:45: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:31:45: | next payload type: ISAKMP_NEXT_HASH (0x8)
- Jan 27 09:31:45: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:31:45: | exchange type: ISAKMP_XCHG_INFO (0x5)
- Jan 27 09:31:45: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
- Jan 27 09:31:45: | message ID: 72 9d 4a 60
- Jan 27 09:31:45: | ***emit ISAKMP Hash Payload:
- Jan 27 09:31:45: | next payload type: ISAKMP_NEXT_D (0xc)
- Jan 27 09:31:45: | emitting 32 zero bytes of HASH(1) into ISAKMP Hash Payload
- Jan 27 09:31:45: | emitting length of ISAKMP Hash Payload: 36
- Jan 27 09:31:45: | ***emit ISAKMP Delete Payload:
- Jan 27 09:31:45: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:31:45: | DOI: ISAKMP_DOI_IPSEC (0x1)
- Jan 27 09:31:45: | protocol ID: 3 (0x3)
- Jan 27 09:31:45: | SPI size: 4 (0x4)
- Jan 27 09:31:45: | number of SPIs: 1 (0x1)
- Jan 27 09:31:45: | emitting 4 raw bytes of delete payload into ISAKMP Delete Payload
- Jan 27 09:31:45: | delete payload b8 5c ae 98
- Jan 27 09:31:45: | emitting length of ISAKMP Delete Payload: 16
- Jan 27 09:31:45: | hmac prf: init 0x7f410f595500
- Jan 27 09:31:45: | hmac prf: init symkey symkey 0x7f410f6e4c80 (length 32)
- Jan 27 09:31:45: | hmac prf: update
- Jan 27 09:31:45: | concat_symkey_bytes merge symkey(0x7f410f6e4c80) bytes(0x7f410f12e1c0/32) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:31:45: | symkey: key(0x7f410f6e4c80) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:31:45: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:31:45: | bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
- Jan 27 09:31:45: | concat_symkey_bytes key(0x7f410f6d1190) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:31:45: | xor_symkey_chunk merge symkey(0x7f410f6d1190) bytes(0x7ffda297d300/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:31:45: | symkey: key(0x7f410f6d1190) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:31:45: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:31:45: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:31:45: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:31:45: | bytes: 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36
- Jan 27 09:31:45: | xor_symkey_chunk key(0x7f410f624b70) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:31:45: | hmac prf: update bytes data 0x7ffda297d3ec (length 4)
- Jan 27 09:31:45: | concat_symkey_bytes merge symkey(0x7f410f624b70) bytes(0x7ffda297d3ec/4) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:31:45: | symkey: key(0x7f410f624b70) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:31:45: | bytes: 72 9d 4a 60
- Jan 27 09:31:45: | concat_symkey_bytes key(0x7f410f6d53c0) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:31:45: | append_symkey_bytes: free key 0x7f410f624b70
- Jan 27 09:31:45: | hmac prf: update bytes data 0x7ffda297d5f0 (length 16)
- Jan 27 09:31:45: | concat_symkey_bytes merge symkey(0x7f410f6d53c0) bytes(0x7ffda297d5f0/16) - derive(CONCATENATE_BASE_AND_DATA) target(SHA256_KEY_DERIVATION)
- Jan 27 09:31:45: | symkey: key(0x7f410f6d53c0) length(68) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:31:45: | bytes: 00 00 00 10 00 00 00 01 03 04 00 01 b8 5c ae 98
- Jan 27 09:31:45: | concat_symkey_bytes key(0x7f410f624b70) length(84) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:31:45: | append_symkey_bytes: free key 0x7f410f6d53c0
- Jan 27 09:31:45: | hmac prf: final
- Jan 27 09:31:45: | prf inner hash: hash(OAKLEY_SHA2_256) symkey(0x7f410f624b70) to symkey - derive(SHA256_KEY_DERIVATION)
- Jan 27 09:31:45: | symkey: key(0x7f410f624b70) length(84) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:31:45: | prf inner hash: key(0x7f410f6d53c0) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:31:45: | prf inner:: free key 0x7f410f624b70
- Jan 27 09:31:45: | xor_symkey_chunk merge symkey(0x7f410f6d1190) bytes(0x7ffda297d2e0/64) - derive(XOR_BASE_AND_DATA) target(CONCATENATE_BASE_AND_DATA)
- Jan 27 09:31:45: | symkey: key(0x7f410f6d1190) length(64) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:31:45: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:31:45: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:31:45: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:31:45: | bytes: 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c
- Jan 27 09:31:45: | xor_symkey_chunk key(0x7f410f624b70) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:31:45: | concat: merge symkey(1: 0x7f410f624b70) symkey(2: 0x7f410f6d53c0) - derive(CONCATENATE_BASE_AND_KEY) target(SHA256_KEY_DERIVATION)
- Jan 27 09:31:45: | symkey 1: key(0x7f410f624b70) length(64) type/mechanism(CONCATENATE_BASE_AND_DATA 0x00000362)
- Jan 27 09:31:45: | symkey 2: key(0x7f410f6d53c0) length(32) type/mechanism(CONCATENATE_BASE_AND_KEY 0x00000360)
- Jan 27 09:31:45: | concat: key(0x7f410f63b730) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:31:45: | append_symkey_symkey: free key 0x7f410f624b70
- Jan 27 09:31:45: | prf hashed inner:: free key 0x7f410f6d53c0
- Jan 27 09:31:45: | prf key: free key 0x7f410f6d1190
- Jan 27 09:31:45: | prf outer hash hash(OAKLEY_SHA2_256) symkey(0x7f410f63b730) to bytes
- Jan 27 09:31:45: | symkey: key(0x7f410f63b730) length(96) type/mechanism(SHA256_KEY_DERIVATION 0x00000393)
- Jan 27 09:31:45: | prf outer hash 3a 53 89 0e a4 88 9a 10 72 39 91 c6 ba 82 2d 77
- Jan 27 09:31:45: | prf outer hash 6f 62 cb 1d a5 ad d0 48 b7 d9 8d 61 79 69 e3 19
- Jan 27 09:31:45: | prf outer: free key 0x7f410f63b730
- Jan 27 09:31:45: | prf final bytes 3a 53 89 0e a4 88 9a 10 72 39 91 c6 ba 82 2d 77
- Jan 27 09:31:45: | prf final bytes 6f 62 cb 1d a5 ad d0 48 b7 d9 8d 61 79 69 e3 19
- Jan 27 09:31:45: | HASH(1) computed:
- Jan 27 09:31:45: | 3a 53 89 0e a4 88 9a 10 72 39 91 c6 ba 82 2d 77
- Jan 27 09:31:45: | 6f 62 cb 1d a5 ad d0 48 b7 d9 8d 61 79 69 e3 19
- Jan 27 09:31:45: | last Phase 1 IV: 22 29 4e e5 e5 04 a4 d2 db 3f e3 e2 17 ef 14 c0
- Jan 27 09:31:45: | current Phase 1 IV: a5 f9 09 88 45 a4 1a d6 a7 9b 4a 1d dc f2 b9 34
- Jan 27 09:31:45: | computed Phase 2 IV:
- Jan 27 09:31:45: | 29 d2 2f 45 c0 8d 66 1c 12 bb dd a5 8b 01 39 fc
- Jan 27 09:31:45: | 15 f2 53 fe af 53 db 6f 36 8c c3 34 8c 3f f6 26
- Jan 27 09:31:45: | encrypting: 0c 00 00 24 3a 53 89 0e a4 88 9a 10 72 39 91 c6
- Jan 27 09:31:45: | encrypting: ba 82 2d 77 6f 62 cb 1d a5 ad d0 48 b7 d9 8d 61
- Jan 27 09:31:45: | encrypting: 79 69 e3 19 00 00 00 10 00 00 00 01 03 04 00 01
- Jan 27 09:31:45: | encrypting: b8 5c ae 98
- Jan 27 09:31:45: | IV: 29 d2 2f 45 c0 8d 66 1c 12 bb dd a5 8b 01 39 fc
- Jan 27 09:31:45: | IV: 15 f2 53 fe af 53 db 6f 36 8c c3 34 8c 3f f6 26
- Jan 27 09:31:45: | unpadded size is: 52
- Jan 27 09:31:45: | emitting 12 zero bytes of encryption padding into ISAKMP Message
- Jan 27 09:31:45: | encrypting 64 using OAKLEY_AES_CBC
- Jan 27 09:31:45: | NSS ike_alg_nss_cbc: aes - enter
- Jan 27 09:31:45: | NSS ike_alg_nss_cbc: aes - exit
- Jan 27 09:31:45: | next IV: 6e cb 7e 01 5b b2 00 84 ef 8a 80 ed 94 f8 79 82
- Jan 27 09:31:45: | no IKEv1 message padding required
- Jan 27 09:31:45: | emitting length of ISAKMP Message: 92
- Jan 27 09:31:45: | sending 96 bytes for delete notify through eth0:4500 to aaa.bbb.ccc.ddd:4500 (using #536)
- Jan 27 09:31:45: | 00 00 00 00 a2 7e 66 da e6 0b 70 e8 db da 2a c5
- Jan 27 09:31:45: | c8 03 d1 6d 08 10 05 01 72 9d 4a 60 00 00 00 5c
- Jan 27 09:31:45: | 1d 8a 91 70 d2 73 2e 52 47 c0 d3 02 e2 bd a9 3f
- Jan 27 09:31:45: | 98 d8 4b 75 11 c0 94 3a b4 18 c7 fa a9 21 f7 e9
- Jan 27 09:31:45: | b3 00 83 cb 60 53 bb 5e e5 49 78 e2 02 1a 3c 59
- Jan 27 09:31:45: | 6e cb 7e 01 5b b2 00 84 ef 8a 80 ed 94 f8 79 82
- Jan 27 09:31:45: | state: #537 requesting EVENT_SA_EXPIRE to be deleted
- Jan 27 09:31:45: | unhashing state object #537
- Jan 27 09:31:45: | removing state 0x7f410f6e9ad0 entry 0x7f410f6ea138 next 0x7f410f6e81a8 prev-next 0x7f410f1262b8 from list
- Jan 27 09:31:45: | updated next state 0x7f410f6e7b40 entry 0x7f410f6e81a8 next (nil) prev-next 0x7f410f1262b8
- Jan 27 09:31:45: | removing state 0x7f410f6e9ad0 entry 0x7f410f6ea150 next 0x7f410f6e81c0 prev-next 0x7f410f1263d0 from list
- Jan 27 09:31:45: | updated next state 0x7f410f6e7b40 entry 0x7f410f6e81c0 next (nil) prev-next 0x7f410f1263d0
- Jan 27 09:31:45: | command executing down-client
- Jan 27 09:31:45: | get esp.3fb8ba5@aaa.bbb.ccc.ddd
- Jan 27 09:31:45: | get esp.b85cae98@ccc.ddd.eee.fff
- Jan 27 09:31:45: | executing down-client: PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='xauth-psk' PLUTO_INTERFACE='eth0' PLUTO_NEXT_HOP='ddd.eee.fff.ggg' PLUTO_ME='ccc.ddd.eee.fff' PLUTO_MY_ID='ccc.ddd.eee.fff' PLUTO_MY_CLIENT='0.0.0.0/0' PLUTO_MY_CLIENT_NET='0.0.0.0' PLUTO_MY_CLIENT_MASK='0.0.0.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='aaa.bbb.ccc.ddd' PLUTO_PEER_ID='192.168.1.10' PLUTO_PEER_CLIENT='10.231.247.22/32' PLUTO_PEER_CLIENT_NET='10.231.247.22' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1485508328' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+MODECFG_PULL+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_XAUTH_USERNAME='user1' PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_NM_CONFIGURED='0' PLUTO_INBYTES='2509' PLUTO_OUTBYTES='18250' ipsec _updown 2>&1
- Jan 27 09:31:45: | popen cmd is 996 chars long
- Jan 27 09:31:45: | cmd( 0):PLUTO_VERB='down-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='xauth-psk' PLUTO_:
- Jan 27 09:31:45: | cmd( 80):INTERFACE='eth0' PLUTO_NEXT_HOP='ddd.eee.fff.ggg' PLUTO_ME='ccc.ddd.eee.fff' PLUTO_MY_:
- Jan 27 09:31:45: | cmd( 160):ID='ccc.ddd.eee.fff' PLUTO_MY_CLIENT='0.0.0.0/0' PLUTO_MY_CLIENT_NET='0.0.0.0' PLU:
- Jan 27 09:31:45: | cmd( 240):TO_MY_CLIENT_MASK='0.0.0.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQ:
- Jan 27 09:31:45: | cmd( 320):ID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='aaa.bbb.ccc.ddd' PLUTO_PEER_ID='192.168.:
- Jan 27 09:31:45: | cmd( 400):1.10' PLUTO_PEER_CLIENT='10.231.247.22/32' PLUTO_PEER_CLIENT_NET='10.231.247.22':
- Jan 27 09:31:45: | cmd( 480): PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCO:
- Jan 27 09:31:45: | cmd( 560):L='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='1485508328' PLUTO_CON:
- Jan 27 09:31:45: | cmd( 640):N_POLICY='PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+MODECFG_PULL+IKEV1_ALLOW+SAREF_TRA:
- Jan 27 09:31:45: | cmd( 720):CK+IKE_FRAG_ALLOW' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_XAUTH_USERN:
- Jan 27 09:31:45: | cmd( 800):AME='user1' PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN:
- Jan 27 09:31:45: | cmd( 880):_INFO='' PLUTO_PEER_BANNER='' PLUTO_NM_CONFIGURED='0' PLUTO_INBYTES='2509' PLUTO:
- Jan 27 09:31:45: | cmd( 960):_OUTBYTES='18250' ipsec _updown 2>&1:
- Jan 27 09:31:45: | shunt_eroute() called for connection 'xauth-psk' to 'delete' for rt_kind 'unrouted'
- Jan 27 09:31:45: | route owner of "xauth-psk"[232] aaa.bbb.ccc.ddd unrouted: NULL
- Jan 27 09:31:45: | command executing unroute-client
- Jan 27 09:31:45: | executing unroute-client: PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='xauth-psk' PLUTO_INTERFACE='eth0' PLUTO_NEXT_HOP='ddd.eee.fff.ggg' PLUTO_ME='ccc.ddd.eee.fff' PLUTO_MY_ID='ccc.ddd.eee.fff' PLUTO_MY_CLIENT='0.0.0.0/0' PLUTO_MY_CLIENT_NET='0.0.0.0' PLUTO_MY_CLIENT_MASK='0.0.0.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='aaa.bbb.ccc.ddd' PLUTO_PEER_ID='192.168.1.10' PLUTO_PEER_CLIENT='10.231.247.22/32' PLUTO_PEER_CLIENT_NET='10.231.247.22' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+MODECFG_PULL+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_NM_CONFIGURED='0' ipsec _updown 2>&1
- Jan 27 09:31:45: | popen cmd is 914 chars long
- Jan 27 09:31:45: | cmd( 0):PLUTO_VERB='unroute-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='xauth-psk' PLU:
- Jan 27 09:31:45: | cmd( 80):TO_INTERFACE='eth0' PLUTO_NEXT_HOP='ddd.eee.fff.ggg' PLUTO_ME='ccc.ddd.eee.fff' PLUTO_:
- Jan 27 09:31:45: | cmd( 160):MY_ID='ccc.ddd.eee.fff' PLUTO_MY_CLIENT='0.0.0.0/0' PLUTO_MY_CLIENT_NET='0.0.0.0' :
- Jan 27 09:31:45: | cmd( 240):PLUTO_MY_CLIENT_MASK='0.0.0.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_:
- Jan 27 09:31:45: | cmd( 320):REQID='16388' PLUTO_SA_TYPE='none' PLUTO_PEER='aaa.bbb.ccc.ddd' PLUTO_PEER_ID='192.:
- Jan 27 09:31:45: | cmd( 400):168.1.10' PLUTO_PEER_CLIENT='10.231.247.22/32' PLUTO_PEER_CLIENT_NET='10.231.247:
- Jan 27 09:31:45: | cmd( 480):.22' PLUTO_PEER_CLIENT_MASK='255.255.255.255' PLUTO_PEER_PORT='0' PLUTO_PEER_PRO:
- Jan 27 09:31:45: | cmd( 560):TOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POL:
- Jan 27 09:31:45: | cmd( 640):ICY='PSK+ENCRYPT+TUNNEL+DONT_REKEY+XAUTH+MODECFG_PULL+IKEV1_ALLOW+SAREF_TRACK+IK:
- Jan 27 09:31:45: | cmd( 720):E_FRAG_ALLOW' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0:
- Jan 27 09:31:45: | cmd( 800):' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_NM:
- Jan 27 09:31:45: | cmd( 880):_CONFIGURED='0' ipsec _updown 2>&1:
- Jan 27 09:31:45: | delete esp.3fb8ba5@aaa.bbb.ccc.ddd
- Jan 27 09:31:45: | delete inbound eroute 10.231.247.22/32:0 --0-> 0.0.0.0/0:0 => unk255.10000@ccc.ddd.eee.fff (raw_eroute)
- Jan 27 09:31:45: | raw_eroute result=success
- Jan 27 09:31:45: | delete esp.b85cae98@ccc.ddd.eee.fff
- Jan 27 09:31:45: | child state #537: STATE_QUICK_R2(authenticated-ipsec) > STATE_UNDEFINED(ignore)
- Jan 27 09:31:45: | ignore states: 0
- Jan 27 09:31:45: | half-open-ike states: 0
- Jan 27 09:31:45: | open-ike states: 0
- Jan 27 09:31:45: | established-anonymous-ike states: 0
- Jan 27 09:31:45: | established-authenticated-ike states: 2
- Jan 27 09:31:45: | anonymous-ipsec states: 0
- Jan 27 09:31:45: | authenticated-ipsec states: 1
- Jan 27 09:31:45: | informational states: 0
- Jan 27 09:31:45: | unknown states: 0
- Jan 27 09:31:45: | category states: 3 count states: 3
- Jan 27 09:31:45: | st->st_skeyseed_nss: free key 0x7f410f6d7370
- Jan 27 09:31:45: | st->st_skey_d_nss: free key 0x7f410f6da800
- Jan 27 09:31:45: | st->st_skey_ai_nss: free key 0x7f410f6e4c80
- Jan 27 09:31:45: | st->st_skey_ar_nss: free key NULL
- Jan 27 09:31:45: | st->st_skey_ei_nss: free key 0x7f410f6c2a40
- Jan 27 09:31:45: | st->st_skey_er_nss: free key NULL
- Jan 27 09:31:45: | st->st_skey_pi_nss: free key NULL
- Jan 27 09:31:45: | st->st_skey_pr_nss: free key NULL
- Jan 27 09:31:45: | st->st_enc_key_nss: free key 0x7f410f6c2670
- Jan 27 09:31:45: | del:
- Jan 27 09:31:45: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: received and ignored empty informational notification payload
- Jan 27 09:31:45: | complete v1 state transition with STF_IGNORE
- Jan 27 09:31:45: | *received 108 bytes from aaa.bbb.ccc.ddd:4500 on eth0 (port=4500)
- Jan 27 09:31:45: | a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:31:45: | 08 10 05 01 ab 23 b8 2f 00 00 00 6c 61 d6 3b 94
- Jan 27 09:31:45: | cc 0a ee 90 28 b0 ee a9 09 94 40 87 0c a0 f3 aa
- Jan 27 09:31:45: | 4c e3 ee f4 9e a4 b6 70 6c 89 9d 0d ee 40 4e 5d
- Jan 27 09:31:45: | 34 8e 17 62 bc 30 65 b8 cf ed 53 48 39 a1 9c b8
- Jan 27 09:31:45: | c4 80 bd 9c 9f d3 1b d4 60 ba ca e3 40 d7 9d 42
- Jan 27 09:31:45: | 49 a8 36 57 21 a5 90 cb 96 32 82 59
- Jan 27 09:31:45: | **parse ISAKMP Message:
- Jan 27 09:31:45: | initiator cookie:
- Jan 27 09:31:45: | a2 7e 66 da e6 0b 70 e8
- Jan 27 09:31:45: | responder cookie:
- Jan 27 09:31:45: | db da 2a c5 c8 03 d1 6d
- Jan 27 09:31:45: | next payload type: ISAKMP_NEXT_HASH (0x8)
- Jan 27 09:31:45: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:31:45: | exchange type: ISAKMP_XCHG_INFO (0x5)
- Jan 27 09:31:45: | flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
- Jan 27 09:31:45: | message ID: ab 23 b8 2f
- Jan 27 09:31:45: | length: 108 (0x6c)
- Jan 27 09:31:45: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5)
- Jan 27 09:31:45: | finding hash chain in state hash table
- Jan 27 09:31:45: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:31:45: | RCOOKIE: db da 2a c5 c8 03 d1 6d
- Jan 27 09:31:45: | found hash chain 14
- Jan 27 09:31:45: | peer and cookies match on #536; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
- Jan 27 09:31:45: | p15 state object #536 found, in STATE_MODE_CFG_R1
- Jan 27 09:31:45: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:31:45: | last Phase 1 IV: 22 29 4e e5 e5 04 a4 d2 db 3f e3 e2 17 ef 14 c0
- Jan 27 09:31:45: | current Phase 1 IV: a5 f9 09 88 45 a4 1a d6 a7 9b 4a 1d dc f2 b9 34
- Jan 27 09:31:45: | computed Phase 2 IV:
- Jan 27 09:31:45: | 25 05 00 d8 0a 67 f4 7d 8c 5c 3f 96 f4 85 d7 2f
- Jan 27 09:31:45: | e0 a8 4f 85 db ba 62 84 29 46 94 3f 47 5e bb 53
- Jan 27 09:31:45: | #536 state_busy:2221 st != NULL && st->st_calculating == FALSE;
- Jan 27 09:31:45: | received encrypted packet from aaa.bbb.ccc.ddd:4500
- Jan 27 09:31:45: | decrypting 80 bytes using algorithm OAKLEY_AES_CBC
- Jan 27 09:31:45: | NSS ike_alg_nss_cbc: aes - enter
- Jan 27 09:31:45: | NSS ike_alg_nss_cbc: aes - exit
- Jan 27 09:31:45: | decrypted:
- Jan 27 09:31:45: | 0c 00 00 24 90 35 c7 e8 fd cd 63 6c e9 10 17 76
- Jan 27 09:31:45: | 37 4f 1e b5 b6 df 54 10 00 00 8d 5d 78 72 2b 8d
- Jan 27 09:31:45: | 1f ce 1d 12 00 00 00 1c 00 00 00 01 01 10 00 01
- Jan 27 09:31:45: | a2 7e 66 da e6 0b 70 e8 db da 2a c5 c8 03 d1 6d
- Jan 27 09:31:45: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10
- Jan 27 09:31:45: | next IV: 40 d7 9d 42 49 a8 36 57 21 a5 90 cb 96 32 82 59
- Jan 27 09:31:45: | got payload 0x100 (ISAKMP_NEXT_HASH) needed: 0x100opt: 0x0
- Jan 27 09:31:45: | ***parse ISAKMP Hash Payload:
- Jan 27 09:31:45: | next payload type: ISAKMP_NEXT_D (0xc)
- Jan 27 09:31:45: | length: 36 (0x24)
- Jan 27 09:31:45: | got payload 0x1000 (ISAKMP_NEXT_D) needed: 0x0opt: 0x0
- Jan 27 09:31:45: | ***parse ISAKMP Delete Payload:
- Jan 27 09:31:45: | next payload type: ISAKMP_NEXT_NONE (0x0)
- Jan 27 09:31:45: | length: 28 (0x1c)
- Jan 27 09:31:45: | DOI: ISAKMP_DOI_IPSEC (0x1)
- Jan 27 09:31:45: | protocol ID: 1 (0x1)
- Jan 27 09:31:45: | SPI size: 16 (0x10)
- Jan 27 09:31:45: | number of SPIs: 1 (0x1)
- Jan 27 09:31:45: | removing 16 bytes of padding
- Jan 27 09:31:45: | parsing 8 raw bytes of ISAKMP Delete Payload into iCookie
- Jan 27 09:31:45: | iCookie a2 7e 66 da e6 0b 70 e8
- Jan 27 09:31:45: | parsing 8 raw bytes of ISAKMP Delete Payload into rCookie
- Jan 27 09:31:45: | rCookie db da 2a c5 c8 03 d1 6d
- Jan 27 09:31:45: | finding hash chain in state hash table
- Jan 27 09:31:45: | ICOOKIE: a2 7e 66 da e6 0b 70 e8
- Jan 27 09:31:45: | RCOOKIE: db da 2a c5 c8 03 d1 6d
- Jan 27 09:31:45: | found hash chain 14
- Jan 27 09:31:45: | v1 peer and cookies match on #536, provided msgid 00000000 == 00000000
- Jan 27 09:31:45: | v1 state object #536 found, in STATE_MODE_CFG_R1
- Jan 27 09:31:45: | del:
- Jan 27 09:31:45: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: received Delete SA payload: self-deleting ISAKMP State #536
- Jan 27 09:31:45: "xauth-psk"[232] aaa.bbb.ccc.ddd #536: deleting state #536 (STATE_MODE_CFG_R1)
- .
- .
- .
- Jan 27 09:31:45: | sending 96 bytes for delete notify through eth0:4500 to aaa.bbb.ccc.ddd:4500 (using #536)
- Jan 27 09:31:45: | 00 00 00 00 a2 7e 66 da e6 0b 70 e8 db da 2a c5
- Jan 27 09:31:45: | c8 03 d1 6d 08 10 05 01 66 f4 2f 50 00 00 00 5c
- Jan 27 09:31:45: | 7e 96 03 17 4d 7c 7b e5 0f d8 6f 1d 09 93 f5 62
- Jan 27 09:31:45: | 46 6e 10 ac ee ec 94 9e 4a 80 a3 ab fe 72 8a ac
- Jan 27 09:31:45: | dc cd dd d9 9a 58 13 83 4f 5f 55 4c c7 2b 27 8f
- Jan 27 09:31:45: | dd b2 fc 1e c5 37 1d fb 25 11 c1 0e db e7 8f 7a
- Jan 27 09:31:45: | state: #536 requesting EVENT_SA_EXPIRE to be deleted
- Jan 27 09:31:45: | unhashing state object #536
- Jan 27 09:31:45: | removing state 0x7f410f6e7b40 entry 0x7f410f6e81a8 next (nil) prev-next 0x7f410f1262b8 from list
- Jan 27 09:31:45: | updated next entry is (nil)
- Jan 27 09:31:45: | removing state 0x7f410f6e7b40 entry 0x7f410f6e81c0 next (nil) prev-next 0x7f410f1263d0 from list
- Jan 27 09:31:45: | updated next entry is (nil)
- Jan 27 09:31:45: | processing connection "xauth-psk"[232] aaa.bbb.ccc.ddd
- Jan 27 09:31:45: "xauth-psk"[232] aaa.bbb.ccc.ddd: deleting connection "xauth-psk" instance with peer aaa.bbb.ccc.ddd {isakmp=#0/ipsec=#0}
- Jan 27 09:31:45: | addresspool free lease entry ptr 0x7f410f49b890 refcnt 0
- Jan 27 09:31:45: | freed lease refcnt 0 10.231.247.22 from addresspool eee.fff.ggg.hhh-eee.fff.ggg.xxx index=12. pool size 245 used 12 lingering=0 address
- Jan 27 09:31:45: | Deleting states for connection
- Jan 27 09:31:45: | pass 0
- Jan 27 09:31:45: | index 7 state #547
- Jan 27 09:31:45: | index 7 state #546
- Jan 27 09:31:45: | pass 1
- Jan 27 09:31:45: | index 7 state #547
- Jan 27 09:31:45: | index 7 state #546
- Jan 27 09:31:45: | unreference addresspool of conn xauth-psk[232] kind CK_GOING_AWAY refcnt 512
- Jan 27 09:31:45: | parent state #536: STATE_MODE_CFG_R1(established-authenticated-ike) > STATE_UNDEFINED(ignore)
- Jan 27 09:31:45: | ignore states: 0
- Jan 27 09:31:45: | half-open-ike states: 0
- Jan 27 09:31:45: | open-ike states: 0
- Jan 27 09:31:45: | established-anonymous-ike states: 0
- Jan 27 09:31:45: | established-authenticated-ike states: 1
- Jan 27 09:31:45: | anonymous-ipsec states: 0
- Jan 27 09:31:45: | authenticated-ipsec states: 1
- Jan 27 09:31:45: | informational states: 0
- Jan 27 09:31:45: | unknown states: 0
- Jan 27 09:31:45: | category states: 2 count states: 2
- Jan 27 09:31:45: | st->st_skeyseed_nss: free key 0x7f410f6d7370
- Jan 27 09:31:45: | st->st_skey_d_nss: free key 0x7f410f6da800
- Jan 27 09:31:45: | st->st_skey_ai_nss: free key 0x7f410f6e4c80
- Jan 27 09:31:45: | st->st_skey_ar_nss: free key NULL
- Jan 27 09:31:45: | st->st_skey_ei_nss: free key 0x7f410f6c2a40
- Jan 27 09:31:45: | st->st_skey_er_nss: free key NULL
- Jan 27 09:31:45: | st->st_skey_pi_nss: free key NULL
- Jan 27 09:31:45: | st->st_skey_pr_nss: free key NULL
- Jan 27 09:31:45: | st->st_enc_key_nss: free key 0x7f410f6c2670
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:4500: received and ignored empty informational notification payload
- Jan 27 09:31:45: | complete v1 state transition with STF_IGNORE
- Jan 27 09:31:45: | *received 848 bytes from aaa.bbb.ccc.ddd:500 on eth0 (port=500)
- Jan 27 09:31:45: | 2c 8a 42 6d 37 68 e4 35 00 00 00 00 00 00 00 00
- Jan 27 09:31:45: | 01 10 02 00 00 00 00 00 00 00 03 50 0d 00 02 20
- Jan 27 09:31:45: | 00 00 00 01 00 00 00 01 00 00 02 14 01 01 00 0f
- Jan 27 09:31:45: | 03 00 00 24 01 01 00 00 80 0b 00 01 80 0c 0e 10
- Jan 27 09:31:45: | 80 01 00 07 80 0e 01 00 80 03 fd e9 80 02 00 04
- Jan 27 09:31:45: | 80 04 00 0e 03 00 00 24 02 01 00 00 80 0b 00 01
- Jan 27 09:31:45: | 80 0c 0e 10 80 01 00 07 80 0e 01 00 80 03 fd e9
- Jan 27 09:31:45: | 80 02 00 02 80 04 00 0e 03 00 00 24 03 01 00 00
- Jan 27 09:31:45: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 0e 01 00
- Jan 27 09:31:45: | 80 03 fd e9 80 02 00 01 80 04 00 0e 03 00 00 24
- Jan 27 09:31:45: | 04 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
- Jan 27 09:31:45: | 80 0e 01 00 80 03 fd e9 80 02 00 06 80 04 00 0e
- Jan 27 09:31:45: | 03 00 00 24 05 01 00 00 80 0b 00 01 80 0c 0e 10
- Jan 27 09:31:45: | 80 01 00 07 80 0e 01 00 80 03 fd e9 80 02 00 04
- Jan 27 09:31:45: | 80 04 00 05 03 00 00 24 06 01 00 00 80 0b 00 01
- Jan 27 09:31:45: | 80 0c 0e 10 80 01 00 07 80 0e 01 00 80 03 fd e9
- Jan 27 09:31:45: | 80 02 00 02 80 04 00 05 03 00 00 24 07 01 00 00
- Jan 27 09:31:45: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 0e 01 00
- Jan 27 09:31:45: | 80 03 fd e9 80 02 00 01 80 04 00 05 03 00 00 24
- Jan 27 09:31:45: | 08 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 07
- Jan 27 09:31:45: | 80 0e 01 00 80 03 fd e9 80 02 00 02 80 04 00 02
- Jan 27 09:31:45: | 03 00 00 24 09 01 00 00 80 0b 00 01 80 0c 0e 10
- Jan 27 09:31:45: | 80 01 00 07 80 0e 01 00 80 03 fd e9 80 02 00 01
- Jan 27 09:31:45: | 80 04 00 02 03 00 00 24 0a 01 00 00 80 0b 00 01
- Jan 27 09:31:45: | 80 0c 0e 10 80 01 00 07 80 0e 00 80 80 03 fd e9
- Jan 27 09:31:45: | 80 02 00 02 80 04 00 02 03 00 00 24 0b 01 00 00
- Jan 27 09:31:45: | 80 0b 00 01 80 0c 0e 10 80 01 00 07 80 0e 00 80
- Jan 27 09:31:45: | 80 03 fd e9 80 02 00 01 80 04 00 02 03 00 00 20
- Jan 27 09:31:45: | 0c 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 05
- Jan 27 09:31:45: | 80 03 fd e9 80 02 00 02 80 04 00 02 03 00 00 20
- Jan 27 09:31:45: | 0d 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 05
- Jan 27 09:31:45: | 80 03 fd e9 80 02 00 01 80 04 00 02 03 00 00 20
- Jan 27 09:31:45: | 0e 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 01
- Jan 27 09:31:45: | 80 03 fd e9 80 02 00 02 80 04 00 02 00 00 00 20
- Jan 27 09:31:45: | 0f 01 00 00 80 0b 00 01 80 0c 0e 10 80 01 00 01
- Jan 27 09:31:45: | 80 03 fd e9 80 02 00 01 80 04 00 02 0d 00 00 14
- Jan 27 09:31:45: | 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
- Jan 27 09:31:45: | 0d 00 00 14 4d f3 79 28 e9 fc 4f d1 b3 26 21 70
- Jan 27 09:31:45: | d5 15 c6 62 0d 00 00 14 8f 8d 83 82 6d 24 6b 6f
- Jan 27 09:31:45: | c7 a8 a6 a4 28 c1 1d e8 0d 00 00 14 43 9b 59 f8
- Jan 27 09:31:45: | ba 67 6c 4c 77 37 ae 22 ea b8 f5 82 0d 00 00 14
- Jan 27 09:31:45: | 4d 1e 0e 13 6d ea fa 34 c4 f3 ea 9f 02 ec 72 85
- Jan 27 09:31:45: | 0d 00 00 14 80 d0 bb 3d ef 54 56 5e e8 46 45 d4
- Jan 27 09:31:45: | c8 5c e3 ee 0d 00 00 14 99 09 b6 4e ed 93 7c 65
- Jan 27 09:31:45: | 73 de 52 ac e9 52 fa 6b 0d 00 00 14 7d 94 19 a6
- Jan 27 09:31:45: | 53 10 ca 6f 2c 17 9d 92 15 52 9d 56 0d 00 00 14
- Jan 27 09:31:45: | cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48
- Jan 27 09:31:45: | 0d 00 00 14 90 cb 80 91 3e bb 69 6e 08 63 81 b5
- Jan 27 09:31:45: | ec 42 7b 1f 0d 00 00 0c 09 00 26 89 df d6 b7 12
- Jan 27 09:31:45: | 0d 00 00 14 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2
- Jan 27 09:31:45: | 74 cc 01 00 0d 00 00 18 40 48 b7 d5 6e bc e8 85
- Jan 27 09:31:45: | 25 e7 de 7f 00 d6 c2 d3 80 00 00 00 00 00 00 14
- Jan 27 09:31:45: | af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00
- Jan 27 09:31:45: | **parse ISAKMP Message:
- Jan 27 09:31:45: | initiator cookie:
- Jan 27 09:31:45: | 2c 8a 42 6d 37 68 e4 35
- Jan 27 09:31:45: | responder cookie:
- Jan 27 09:31:45: | 00 00 00 00 00 00 00 00
- Jan 27 09:31:45: | next payload type: ISAKMP_NEXT_SA (0x1)
- Jan 27 09:31:45: | ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
- Jan 27 09:31:45: | exchange type: ISAKMP_XCHG_IDPROT (0x2)
- Jan 27 09:31:45: | flags: none (0x0)
- Jan 27 09:31:45: | message ID: 00 00 00 00
- Jan 27 09:31:45: | length: 848 (0x350)
- Jan 27 09:31:45: | processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
- Jan 27 09:31:45: | got payload 0x2 (ISAKMP_NEXT_SA) needed: 0x2opt: 0x2080
- Jan 27 09:31:45: | ***parse ISAKMP Security Association Payload:
- Jan 27 09:31:45: | next payload type: ISAKMP_NEXT_VID (0xd)
- Jan 27 09:31:45: | length: 544 (0x220)
- Jan 27 09:31:45: | DOI: ISAKMP_DOI_IPSEC (0x1)
- .
- .
- .
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [RFC 3947]
- Jan 27 09:31:45: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike]
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike]
- Jan 27 09:31:45: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-08]
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-08]
- Jan 27 09:31:45: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-07]
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-07]
- Jan 27 09:31:45: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-06]
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-06]
- Jan 27 09:31:45: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-05]
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-05]
- Jan 27 09:31:45: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-04]
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-04]
- Jan 27 09:31:45: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-03]
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
- Jan 27 09:31:45: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-02]
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
- Jan 27 09:31:45: | Ignoring older NAT-T Vendor ID paylad [draft-ietf-ipsec-nat-t-ike-02_n]
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [XAUTH]
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Cisco-Unity]
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [FRAGMENTATION 80000000]
- Jan 27 09:31:45: packet from aaa.bbb.ccc.ddd:500: received Vendor ID payload [Dead Peer Detection]
- Jan 27 09:31:45: | find_host_connection me=ccc.ddd.eee.fff:500 him=aaa.bbb.ccc.ddd:500 policy=IKEV1_ALLOW
- Jan 27 09:31:45: | find_host_pair: comparing ccc.ddd.eee.fff:500 to bbb.ccc.ddd.eee:500
- Jan 27 09:31:45: | find_host_pair: comparing ccc.ddd.eee.fff:500 to 0.0.0.0:500
- Jan 27 09:31:45: | find_host_pair_conn (find_host_connection): ccc.ddd.eee.fff:500 aaa.bbb.ccc.ddd:500 -> hp:none
- Jan 27 09:31:45: | find_next_host_connection policy=IKEV1_ALLOW
- Jan 27 09:31:45: | find_next_host_connection returns empty
- Jan 27 09:31:45: | ****parse IPsec DOI SIT:
- Jan 27 09:31:45: | IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
- Jan 27 09:31:45: | ****parse ISAKMP Proposal Payload:
- .
- .
- .
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement