API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 14th, 2019
680
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 13.04 KB | None | 0 0
raw download clone embed print report
  1. asa-fw1/pri/act(config)# debug crypto ikev1 200
  2. asa-fw1/pri/act(config)# Sep 15 03:14:00 [IKEv1]IP = 193.164.94.47, IKE Initiator: New Phase 1, Intf inside, IKE Peer 193.164.94.47  local Proxy Address 0.0.0.0, remote Proxy Address 10.200.4.0,  Crypto map (CRYPTO-MAP)
  3. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, constructing ISAKMP SA payload
  4. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, constructing NAT-Traversal VID ver 02 payload
  5. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, constructing NAT-Traversal VID ver 03 payload
  6. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, constructing NAT-Traversal VID ver RFC payload
  7. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, constructing Fragmentation VID + extended capabilities payload
  8. Sep 15 03:14:00 [IKEv1]IP = 193.164.94.47, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 248
  9. Sep 15 03:14:00 [IKEv1]IP = 193.164.94.47, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 128
  10. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, processing SA payload
  11. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, Oakley proposal is acceptable
  12. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, processing VID payload
  13. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, Received NAT-Traversal RFC VID
  14. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, processing VID payload
  15. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, Received DPD VID
  16. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, constructing ke payload
  17. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, constructing nonce payload
  18. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, constructing Cisco Unity VID payload
  19. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, constructing xauth V6 VID payload
  20. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, Send IOS VID
  21. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, Constructing ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001)
  22. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, constructing VID payload
  23. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, Send Altiga/Cisco VPN3000/Cisco ASA GW VID
  24. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, constructing NAT-Discovery payload
  25. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, computing NAT Discovery hash
  26. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, constructing NAT-Discovery payload
  27. Sep 15 03:14:00 [IKEv1 DEBUG]IP = 193.164.94.47, computing NAT Discovery hash
  28. Sep 15 03:14:00 [IKEv1]IP = 193.164.94.47, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NAT-D (20) + NAT-D (20) + NONE (0) total length : 264
  29. Sep 15 03:14:01 [IKEv1]IP = 193.164.94.47, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + NAT-D (20) + NAT-D (20) + NONE (0) total length : 188
  30. Sep 15 03:14:01 [IKEv1 DEBUG]IP = 193.164.94.47, processing ke payload
  31. Sep 15 03:14:01 [IKEv1 DEBUG]IP = 193.164.94.47, processing ISA_KE payload
  32. Sep 15 03:14:01 [IKEv1 DEBUG]IP = 193.164.94.47, processing nonce payload
  33. Sep 15 03:14:01 [IKEv1 DEBUG]IP = 193.164.94.47, processing NAT-Discovery payload
  34. Sep 15 03:14:01 [IKEv1 DEBUG]IP = 193.164.94.47, computing NAT Discovery hash
  35. Sep 15 03:14:01 [IKEv1 DEBUG]IP = 193.164.94.47, processing NAT-Discovery payload
  36. Sep 15 03:14:01 [IKEv1 DEBUG]IP = 193.164.94.47, computing NAT Discovery hash
  37. Sep 15 03:14:01 [IKEv1]IP = 193.164.94.47, Connection landed on tunnel_group 193.164.94.47
  38. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, Generating keys for Initiator...
  39. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing ID payload
  40. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing hash payload
  41. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, Computing hash for ISAKMP
  42. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing dpd vid payload
  43. Sep 15 03:14:01 [IKEv1]IP = 193.164.94.47, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + VENDOR (13) + NONE (0) total length : 80
  44. Sep 15 03:14:01 [IKEv1]Group = 193.164.94.47, IP = 193.164.94.47, Automatic NAT Detection Status:     Remote end   IS   behind a NAT device     This   end is NOT behind a NAT device
  45. Sep 15 03:14:01 [IKEv1]Group = 193.164.94.47, IP = 193.164.94.47, Floating NAT-T to port 4500
  46. Sep 15 03:14:01 [IKEv1]IP = 193.164.94.47, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + NONE (0) total length : 67
  47. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, processing ID payload
  48. Sep 15 03:14:01 [IKEv1 DECODE]Group = 193.164.94.47, IP = 193.164.94.47, ID_FQDN ID received, len 11
  49. 0000: 616C692D 6265696A 696E67                ali-beijing
  50.  
  51.  
  52. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, processing hash payload
  53. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, Computing hash for ISAKMP
  54. Sep 15 03:14:01 [IKEv1]IP = 193.164.94.47, Connection landed on tunnel_group 193.164.94.47
  55. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, Proposing only UDP-Encapsulated-Tunnel and  UDP-Encapsulated-Transport modes defined by NAT-Traversal
  56. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, Oakley begin quick mode
  57. Sep 15 03:14:01 [IKEv1 DECODE]Group = 193.164.94.47, IP = 193.164.94.47, IKE Initiator starting QM: msg id = b6aed5ce
  58. Sep 15 03:14:01 [IKEv1]Group = 193.164.94.47, IP = 193.164.94.47, PHASE 1 COMPLETED
  59. Sep 15 03:14:01 [IKEv1]IP = 193.164.94.47, Keep-alive type for this connection: DPD
  60. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, Starting P1 rekey timer: 64800 seconds.
  61. Sep 15 03:14:01 [IKEv1]Group = 193.164.94.47, IP = 193.164.94.47, Add to IKEv1 Tunnel Table succeeded for SA with logical ID 67371008
  62. Sep 15 03:14:01 [IKEv1]Group = 193.164.94.47, IP = 193.164.94.47, Add to IKEv1 MIB Table succeeded for SA with logical ID 67371008
  63. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, IKE got SPI from key engine: SPI = 0x78a097ae
  64. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, oakley constucting quick mode
  65. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing blank hash payload
  66. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing IPSec SA payload
  67. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing IPSec nonce payload
  68. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing pfs ke payload
  69. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing proxy ID
  70. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, Transmitting Proxy Id:
  71.   Local subnet:  0.0.0.0  mask 0.0.0.0 Protocol 0  Port 0
  72.   Remote subnet: 10.200.4.0  Mask 255.255.255.0 Protocol 0  Port 0
  73. Sep 15 03:14:01 [IKEv1 DECODE]Group = 193.164.94.47, IP = 193.164.94.47, IKE Initiator sending Initial Contact
  74. Sep 15 03:14:01 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing qm hash payload
  75. Sep 15 03:14:01 [IKEv1 DECODE]Group = 193.164.94.47, IP = 193.164.94.47, IKE Initiator sending 1st QM pkt: msg id = b6aed5ce
  76. Sep 15 03:14:01 [IKEv1]IP = 193.164.94.47, IKE_DECODE SENDING Message (msgid=b6aed5ce) with payloads : HDR + HASH (8) + SA (1) + NONCE (10) + KE (4) + ID (5) + ID (5) + NOTIFY (11) + NONE (0) total length : 336
  77. Sep 15 03:14:10 [IKEv1]IP = 193.164.94.47, IKE_DECODE RECEIVED Message (msgid=ef141d54) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 80
  78. Sep 15 03:14:10 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, processing hash payload
  79. Sep 15 03:14:10 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, processing notify payload
  80. Sep 15 03:14:10 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, Received keep-alive of type DPD R-U-THERE (seq number 0xead)
  81. Sep 15 03:14:10 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, Sending keep-alive of type DPD R-U-THERE-ACK (seq number 0xead)
  82. Sep 15 03:14:10 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing blank hash payload
  83. Sep 15 03:14:10 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing qm hash payload
  84. Sep 15 03:14:10 [IKEv1]IP = 193.164.94.47, IKE_DECODE SENDING Message (msgid=5c198f22) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 80
  85. Sep 15 03:14:20 [IKEv1]IP = 193.164.94.47, IKE_DECODE RECEIVED Message (msgid=263bc2e6) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 80
  86. Sep 15 03:14:20 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, processing hash payload
  87. Sep 15 03:14:20 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, processing notify payload
  88. Sep 15 03:14:20 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, Received keep-alive of type DPD R-U-THERE (seq number 0xeae)
  89. Sep 15 03:14:20 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, Sending keep-alive of type DPD R-U-THERE-ACK (seq number 0xeae)
  90. Sep 15 03:14:20 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing blank hash payload
  91. Sep 15 03:14:20 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing qm hash payload
  92. Sep 15 03:14:20 [IKEv1]IP = 193.164.94.47, IKE_DECODE SENDING Message (msgid=4a811f7d) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 80
  93. Sep 15 03:14:30 [IKEv1]IP = 193.164.94.47, IKE_DECODE RECEIVED Message (msgid=99c74a85) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 80
  94. Sep 15 03:14:30 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, processing hash payload
  95. Sep 15 03:14:30 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, processing notify payload
  96. Sep 15 03:14:30 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, Received keep-alive of type DPD R-U-THERE (seq number 0xeaf)
  97. Sep 15 03:14:30 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, Sending keep-alive of type DPD R-U-THERE-ACK (seq number 0xeaf)
  98. Sep 15 03:14:30 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing blank hash payload
  99. Sep 15 03:14:30 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing qm hash payload
  100. Sep 15 03:14:30 [IKEv1]IP = 193.164.94.47, IKE_DECODE SENDING Message (msgid=14019cc3) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 80
  101. Sep 15 03:14:33 [IKEv1]Group = 193.164.94.47, IP = 193.164.94.47, QM FSM error (P2 struct &0x00007f41f1085ae0, mess id 0xb6aed5ce)!
  102. Sep 15 03:14:33 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, IKE QM Initiator FSM error history (struct &0x00007f41f1085ae0)  <state>, <event>:  QM_DONE, EV_ERROR-->QM_WAIT_MSG2, EV_TIMEOUT-->QM_WAIT_MSG2, NullEvent-->QM_SND_MSG1, EV_SND_MSG-->QM_SND_MSG1, EV_START_TMR-->QM_SND_MSG1, EV_RESEND_MSG-->QM_WAIT_MSG2, EV_TIMEOUT-->QM_WAIT_MSG2, NullEvent
  103. Sep 15 03:14:33 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, sending delete/delete with reason message
  104. Sep 15 03:14:33 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing blank hash payload
  105. Sep 15 03:14:33 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing IPSec delete payload
  106. Sep 15 03:14:33 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing qm hash payload
  107. Sep 15 03:14:33 [IKEv1]IP = 193.164.94.47, IKE_DECODE SENDING Message (msgid=e183475d) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 64
  108. Sep 15 03:14:33 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, IKE Deleting SA: Remote Proxy 10.200.4.0, Local Proxy 0.0.0.0
  109. Sep 15 03:14:33 [IKEv1]Group = 193.164.94.47, IP = 193.164.94.47, Removing peer from correlator table failed, no match!
  110. Sep 15 03:14:33 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, IKE SA MM:aafd3096 rcv'd Terminate: state MM_ACTIVE  flags 0x00000062, refcnt 1, tuncnt 0
  111. Sep 15 03:14:33 [IKEv1]Group = 193.164.94.47, IP = 193.164.94.47, Remove from IKEv1 Tunnel Table succeeded for SA with logicalId 67371008
  112. Sep 15 03:14:33 [IKEv1]Group = 193.164.94.47, IP = 193.164.94.47, Remove from IKEv1 MIB Table succeeded for SA with logical ID 67371008
  113. Sep 15 03:14:33 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, IKE SA MM:aafd3096 terminating:  flags 0x01000022, refcnt 0, tuncnt 0
  114. Sep 15 03:14:33 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, sending delete/delete with reason message
  115. Sep 15 03:14:33 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing blank hash payload
  116. Sep 15 03:14:33 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing IKE delete payload
  117. Sep 15 03:14:33 [IKEv1 DEBUG]Group = 193.164.94.47, IP = 193.164.94.47, constructing qm hash payload
  118. Sep 15 03:14:33 [IKEv1]IP = 193.164.94.47, IKE_DECODE SENDING Message (msgid=dfd8ec7) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 76
  119. Sep 15 03:14:33 [IKEv1]Group = 193.164.94.47, IP = 193.164.94.47, Session is being torn down. Reason: Lost Service
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!