API tools faq
paste
Guest User

libreswan originator

a guest
Dec 7th, 2018
47
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 178.32 KB | None | 0 0
raw download clone embed print report
  1. After running ``ping -I eth1 -p deadbeef 192.168.50.2`` from 192.168.50.3:
  2.  
  3.  
  4. /var/log/pluto.log (192.168.50.3 - ping originator):
  5.  
  6. ------
  7.  
  8. Dec 7 19:09:08.481089: FIPS Product: NO
  9. Dec 7 19:09:08.481231: FIPS Kernel: NO
  10. Dec 7 19:09:08.481234: FIPS Mode: NO
  11. Dec 7 19:09:08.481236: NSS DB directory: sql:/etc/ipsec.d
  12. Dec 7 19:09:08.481317: Initializing NSS
  13. Dec 7 19:09:08.481327: Opening NSS database "sql:/etc/ipsec.d" read-only
  14. Dec 7 19:09:08.559610: NSS initialized
  15. Dec 7 19:09:08.559635: NSS crypto library initialized
  16. Dec 7 19:09:08.559640: FIPS HMAC integrity support [enabled]
  17. Dec 7 19:09:08.559644: FIPS mode disabled for pluto daemon
  18. Dec 7 19:09:08.584017: FIPS HMAC integrity verification self-test passed
  19. Dec 7 19:09:08.584565: libcap-ng support [enabled]
  20. Dec 7 19:09:08.584576: Linux audit support [enabled]
  21. Dec 7 19:09:08.584721: Linux audit activated
  22. Dec 7 19:09:08.584726: Starting Pluto (Libreswan Version 3.25 XFRM(netkey) KLIPS FORK PTHREAD_SETSCHEDPRIO GCC_EXCEPTIONS NSS DNSSEC SYSTEMD_WATCHDOG FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS) LDAP(non-NSS)) pid:7534
  23. Dec 7 19:09:08.584729: core dump dir: /run/pluto
  24. Dec 7 19:09:08.584731: secrets file: /etc/ipsec.secrets
  25. Dec 7 19:09:08.584733: leak-detective enabled
  26. Dec 7 19:09:08.584735: NSS crypto [enabled]
  27. Dec 7 19:09:08.584737: XAUTH PAM support [enabled]
  28. Dec 7 19:09:08.584797: | init_nat_traversal() initialized with keep_alive=0s
  29. Dec 7 19:09:08.584801: NAT-Traversal support [enabled]
  30. Dec 7 19:09:08.584814: Initializing libevent in pthreads mode: headers: 2.0.21-stable (2001500); library: 2.0.21-stable (2001500)
  31. Dec 7 19:09:08.584965: | event_schedule: new EVENT_REINIT_SECRET-pe@0x564dee3ac808
  32. Dec 7 19:09:08.584972: | inserting event EVENT_REINIT_SECRET, timeout in 3600.000 seconds
  33. Dec 7 19:09:08.584980: | event_schedule: new EVENT_PENDING_DDNS-pe@0x564dee3ac958
  34. Dec 7 19:09:08.584983: | inserting event EVENT_PENDING_DDNS, timeout in 60.000 seconds
  35. Dec 7 19:09:08.584986: | event_schedule: new EVENT_PENDING_PHASE2-pe@0x564dee3aca58
  36. Dec 7 19:09:08.584989: | inserting event EVENT_PENDING_PHASE2, timeout in 120.000 seconds
  37. Dec 7 19:09:08.585013: Encryption algorithms:
  38. Dec 7 19:09:08.585020: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} (aes_ccm aes_ccm_c)
  39. Dec 7 19:09:08.585023: AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} (aes_ccm_b)
  40. Dec 7 19:09:08.585026: AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} (aes_ccm_a)
  41. Dec 7 19:09:08.585029: 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] (3des)
  42. Dec 7 19:09:08.585032: CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128}
  43. Dec 7 19:09:08.585035: CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} (camellia)
  44. Dec 7 19:09:08.585038: AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} (aes_gcm aes_gcm_c)
  45. Dec 7 19:09:08.585041: AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} (aes_gcm_b)
  46. Dec 7 19:09:08.585043: AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} (aes_gcm_a)
  47. Dec 7 19:09:08.585046: AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} (aesctr)
  48. Dec 7 19:09:08.585049: AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} (aes)
  49. Dec 7 19:09:08.585052: SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} (serpent)
  50. Dec 7 19:09:08.585055: TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} (twofish)
  51. Dec 7 19:09:08.585057: TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} (twofish_cbc_ssh)
  52. Dec 7 19:09:08.585060: CAST_CBC IKEv1: ESP IKEv2: ESP {*128} (cast)
  53. Dec 7 19:09:08.585063: NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP {256,192,*128} (aes_gmac)
  54. Dec 7 19:09:08.585065: NULL IKEv1: ESP IKEv2: ESP []
  55. Dec 7 19:09:08.585071: Hash algorithms:
  56. Dec 7 19:09:08.585074: MD5 IKEv1: IKE IKEv2:
  57. Dec 7 19:09:08.585084: SHA1 IKEv1: IKE IKEv2: FIPS (sha)
  58. Dec 7 19:09:08.585086: SHA2_256 IKEv1: IKE IKEv2: FIPS (sha2 sha256)
  59. Dec 7 19:09:08.585089: SHA2_384 IKEv1: IKE IKEv2: FIPS (sha384)
  60. Dec 7 19:09:08.585091: SHA2_512 IKEv1: IKE IKEv2: FIPS (sha512)
  61. Dec 7 19:09:08.585097: PRF algorithms:
  62. Dec 7 19:09:08.585100: HMAC_MD5 IKEv1: IKE IKEv2: IKE (md5)
  63. Dec 7 19:09:08.585102: HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS (sha sha1)
  64. Dec 7 19:09:08.585105: HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS (sha2 sha256 sha2_256)
  65. Dec 7 19:09:08.585107: HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS (sha384 sha2_384)
  66. Dec 7 19:09:08.585109: HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS (sha512 sha2_512)
  67. Dec 7 19:09:08.585112: AES_XCBC IKEv1: IKEv2: IKE FIPS (aes128_xcbc)
  68. Dec 7 19:09:08.585119: Integrity algorithms:
  69. Dec 7 19:09:08.585121: HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH (md5 hmac_md5)
  70. Dec 7 19:09:08.585124: HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS (sha sha1 sha1_96 hmac_sha1)
  71. Dec 7 19:09:08.585126: HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS (sha512 sha2_512 hmac_sha2_512)
  72. Dec 7 19:09:08.585129: HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS (sha384 sha2_384 hmac_sha2_384)
  73. Dec 7 19:09:08.585131: HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS (sha2 sha256 sha2_256 hmac_sha2_256)
  74. Dec 7 19:09:08.585133: AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH FIPS (aes_xcbc aes128_xcbc aes128_xcbc_96)
  75. Dec 7 19:09:08.585136: AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS (aes_cmac)
  76. Dec 7 19:09:08.585138: NONE IKEv1: ESP IKEv2: ESP FIPS (null)
  77. Dec 7 19:09:08.585146: DH algorithms:
  78. Dec 7 19:09:08.585148: NONE IKEv1: IKEv2: IKE ESP AH (null dh0)
  79. Dec 7 19:09:08.585151: MODP1024 IKEv1: IKE ESP AH IKEv2: IKE ESP AH (dh2)
  80. Dec 7 19:09:08.585153: MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH (dh5)
  81. Dec 7 19:09:08.585155: MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS (dh14)
  82. Dec 7 19:09:08.585157: MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS (dh15)
  83. Dec 7 19:09:08.585160: MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS (dh16)
  84. Dec 7 19:09:08.585162: MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS (dh17)
  85. Dec 7 19:09:08.585165: MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS (dh18)
  86. Dec 7 19:09:08.585167: DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS (ecp_256)
  87. Dec 7 19:09:08.585169: DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS (ecp_384)
  88. Dec 7 19:09:08.585171: DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS (ecp_521)
  89. Dec 7 19:09:08.585174: DH22 IKEv1: IKE ESP AH IKEv2: IKE ESP AH
  90. Dec 7 19:09:08.585176: DH23 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS
  91. Dec 7 19:09:08.585178: DH24 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS
  92. Dec 7 19:09:08.586891: starting up 2 crypto helpers
  93. Dec 7 19:09:08.586936: started thread for crypto helper 0
  94. Dec 7 19:09:08.586951: started thread for crypto helper 1
  95. Dec 7 19:09:08.586962: | ignoring microcode for XAUTH_I1 (timeout: EVENT_v1_RETRANSMIT flags: 0) -> MAIN_I4 (timeout: EVENT_SA_REPLACE flags: 0) with event EVENT_v1_RETRANSMIT
  96. Dec 7 19:09:08.586965: | MAIN_R0 (timeout: EVENT_NULL flags: 0)
  97. Dec 7 19:09:08.586967: | MAIN_I1 (timeout: EVENT_NULL flags: 0)
  98. Dec 7 19:09:08.586970: | MAIN_R1 (timeout: EVENT_SO_DISCARD flags: 200)
  99. Dec 7 19:09:08.586972: | MAIN_I2 (timeout: EVENT_v1_RETRANSMIT flags: 0)
  100. Dec 7 19:09:08.586977: | MAIN_R2 (timeout: EVENT_v1_RETRANSMIT flags: 0)
  101. Dec 7 19:09:08.586980: | MAIN_I3 (timeout: EVENT_v1_RETRANSMIT flags: 0)
  102. Dec 7 19:09:08.586982: | MAIN_R3 (timeout: EVENT_SA_REPLACE flags: 200)
  103. Dec 7 19:09:08.586984: | MAIN_I4 (timeout: EVENT_SA_REPLACE flags: 0)
  104. Dec 7 19:09:08.586986: | AGGR_R0 (timeout: EVENT_NULL flags: 0)
  105. Dec 7 19:09:08.586988: | AGGR_I1 (timeout: EVENT_NULL flags: 0)
  106. Dec 7 19:09:08.586990: | AGGR_R1 (timeout: EVENT_SO_DISCARD flags: 200)
  107. Dec 7 19:09:08.586992: | AGGR_I2 (timeout: EVENT_SA_REPLACE flags: 200)
  108. Dec 7 19:09:08.586995: | AGGR_R2 (timeout: EVENT_SA_REPLACE flags: 0)
  109. Dec 7 19:09:08.586997: | QUICK_R0 (timeout: EVENT_NULL flags: 0)
  110. Dec 7 19:09:08.586999: | QUICK_I1 (timeout: EVENT_NULL flags: 0)
  111. Dec 7 19:09:08.587001: | QUICK_R1 (timeout: EVENT_v1_RETRANSMIT flags: 0)
  112. Dec 7 19:09:08.587003: | QUICK_I2 (timeout: EVENT_SA_REPLACE flags: 200)
  113. Dec 7 19:09:08.587005: | QUICK_R2 (timeout: EVENT_SA_REPLACE flags: 0)
  114. Dec 7 19:09:08.587007: | INFO (timeout: EVENT_NULL flags: 0)
  115. Dec 7 19:09:08.587010: | INFO_PROTECTED (timeout: EVENT_NULL flags: 0)
  116. Dec 7 19:09:08.587012: | XAUTH_R0 (timeout: EVENT_NULL flags: 0)
  117. Dec 7 19:09:08.587014: | XAUTH_R1 (timeout: EVENT_NULL flags: 0)
  118. Dec 7 19:09:08.587016: | MODE_CFG_R0 (timeout: EVENT_NULL flags: 0)
  119. Dec 7 19:09:08.587018: | MODE_CFG_R1 (timeout: EVENT_SA_REPLACE flags: 0)
  120. Dec 7 19:09:08.587020: | MODE_CFG_R2 (timeout: EVENT_SA_REPLACE flags: 0)
  121. Dec 7 19:09:08.587022: | MODE_CFG_I1 (timeout: EVENT_NULL flags: 0)
  122. Dec 7 19:09:08.587024: | XAUTH_I0 (timeout: EVENT_NULL flags: 0)
  123. Dec 7 19:09:08.587026: | XAUTH_I1 (timeout: EVENT_v1_RETRANSMIT flags: 0)
  124. Dec 7 19:09:08.587032: | Processing IKEv2 state V2_REKEY_IKE_I0 (microcode Initiate CREATE_CHILD_SA IKE Rekey)
  125. Dec 7 19:09:08.587035: | Processing IKEv2 state V2_REKEY_CHILD_I0 (microcode Initiate CREATE_CHILD_SA IPsec Rekey SA)
  126. Dec 7 19:09:08.587037: | Processing IKEv2 state V2_CREATE_I0 (microcode Initiate CREATE_CHILD_SA IPsec SA)
  127. Dec 7 19:09:08.587040: | Processing IKEv2 state PARENT_I0 (microcode initiate IKE_SA_INIT)
  128. Dec 7 19:09:08.587042: | Processing IKEv2 state PARENT_I1 (microcode Initiator: process SA_INIT reply notification)
  129. Dec 7 19:09:08.587044: | Processing IKEv2 state PARENT_I2 (microcode Initiator: process INVALID_SYNTAX AUTH notification)
  130. Dec 7 19:09:08.587047: | Processing IKEv2 state PARENT_R0 (microcode Respond to IKE_SA_INIT)
  131. Dec 7 19:09:08.587049: | Processing IKEv2 state PARENT_R1 (microcode Responder: process AUTH request (no SKEYSEED))
  132. Dec 7 19:09:08.587051: | Processing IKEv2 state V2_REKEY_IKE_R (microcode Respond to CREATE_CHILD_SA IKE Rekey)
  133. Dec 7 19:09:08.587054: | Processing IKEv2 state V2_REKEY_IKE_I (microcode Process CREATE_CHILD_SA IKE Rekey Response)
  134. Dec 7 19:09:08.587056: | Processing IKEv2 state V2_CREATE_I (microcode Process CREATE_CHILD_SA IPsec SA Response)
  135. Dec 7 19:09:08.587058: | Processing IKEv2 state V2_CREATE_R (microcode Respond to CREATE_CHILD_SA IPsec SA Request)
  136. Dec 7 19:09:08.587060: | Processing IKEv2 state PARENT_I3 (microcode I3: INFORMATIONAL Request)
  137. Dec 7 19:09:08.587063: | Processing IKEv2 state PARENT_R2 (microcode R2: process INFORMATIONAL Request)
  138. Dec 7 19:09:08.587065: | Processing IKEv2 state IKESA_DEL (microcode IKE_SA_DEL: process INFORMATIONAL)
  139. Dec 7 19:09:08.587068: | ignoring microcode for PARENT_I1 (timeout: EVENT_v2_RETRANSMIT flags: 0) -> PARENT_I1 (timeout: EVENT_v2_RETRANSMIT flags: 0) with event EVENT_RETAIN
  140. Dec 7 19:09:08.587071: | ignoring microcode for PARENT_I2 (timeout: EVENT_v2_RETRANSMIT flags: 0) -> PARENT_I2 (timeout: EVENT_v2_RETRANSMIT flags: 0) with event EVENT_NULL
  141. Dec 7 19:09:08.587074: | ignoring microcode for PARENT_I2 (timeout: EVENT_v2_RETRANSMIT flags: 0) -> PARENT_I2 (timeout: EVENT_v2_RETRANSMIT flags: 0) with event EVENT_NULL
  142. Dec 7 19:09:08.587077: | ignoring microcode for PARENT_I2 (timeout: EVENT_v2_RETRANSMIT flags: 0) -> PARENT_I2 (timeout: EVENT_v2_RETRANSMIT flags: 0) with event EVENT_NULL
  143. Dec 7 19:09:08.587080: | ignoring microcode for PARENT_I2 (timeout: EVENT_v2_RETRANSMIT flags: 0) -> PARENT_I2 (timeout: EVENT_v2_RETRANSMIT flags: 0) with event EVENT_NULL
  144. Dec 7 19:09:08.587084: | ignoring microcode for PARENT_R1 (timeout: EVENT_v2_RESPONDER_TIMEOUT flags: 0) -> PARENT_R1 (timeout: EVENT_v2_RESPONDER_TIMEOUT flags: 0) with event EVENT_SA_REPLACE
  145. Dec 7 19:09:08.587088: | ignoring microcode for PARENT_I3 (timeout: EVENT_SA_REPLACE flags: 0) -> PARENT_I3 (timeout: EVENT_SA_REPLACE flags: 0) with event EVENT_RETAIN
  146. Dec 7 19:09:08.587091: | ignoring microcode for PARENT_I3 (timeout: EVENT_SA_REPLACE flags: 0) -> PARENT_I3 (timeout: EVENT_SA_REPLACE flags: 0) with event EVENT_RETAIN
  147. Dec 7 19:09:08.587094: | ignoring microcode for PARENT_R2 (timeout: EVENT_SA_REPLACE flags: 0) -> PARENT_R2 (timeout: EVENT_SA_REPLACE flags: 0) with event EVENT_RETAIN
  148. Dec 7 19:09:08.587097: | ignoring microcode for PARENT_R2 (timeout: EVENT_SA_REPLACE flags: 0) -> PARENT_R2 (timeout: EVENT_SA_REPLACE flags: 0) with event EVENT_RETAIN
  149. Dec 7 19:09:08.587099: | IKEv2_BASE (timeout: EVENT_NULL flags: 0)
  150. Dec 7 19:09:08.587102: | PARENT_I1 (timeout: EVENT_v2_RETRANSMIT flags: 0)
  151. Dec 7 19:09:08.587104: | PARENT_I2 (timeout: EVENT_v2_RETRANSMIT flags: 0)
  152. Dec 7 19:09:08.587106: | PARENT_I3 (timeout: EVENT_SA_REPLACE flags: 0)
  153. Dec 7 19:09:08.587108: | PARENT_R1 (timeout: EVENT_v2_RESPONDER_TIMEOUT flags: 0)
  154. Dec 7 19:09:08.587110: | PARENT_R2 (timeout: EVENT_SA_REPLACE flags: 0)
  155. Dec 7 19:09:08.587112: | V2_CREATE_I0 (timeout: EVENT_NULL flags: 0)
  156. Dec 7 19:09:08.587114: | V2_CREATE_I (timeout: EVENT_v2_RETRANSMIT flags: 0)
  157. Dec 7 19:09:08.587117: | V2_REKEY_IKE_I0 (timeout: EVENT_NULL flags: 0)
  158. Dec 7 19:09:08.587119: | V2_REKEY_IKE_I (timeout: EVENT_v2_RETRANSMIT flags: 0)
  159. Dec 7 19:09:08.587121: | V2_REKEY_CHILD_I0 (timeout: EVENT_NULL flags: 0)
  160. Dec 7 19:09:08.587123: | V2_REKEY_CHILD_I (timeout: EVENT_v2_RETRANSMIT flags: 0)
  161. Dec 7 19:09:08.587125: | V2_CREATE_R (timeout: EVENT_NULL flags: 0)
  162. Dec 7 19:09:08.587127: | V2_REKEY_IKE_R (timeout: EVENT_NULL flags: 0)
  163. Dec 7 19:09:08.587129: | V2_REKEY_CHILD_R (timeout: EVENT_NULL flags: 0)
  164. Dec 7 19:09:08.587132: | V2_IPSEC_I (timeout: EVENT_SA_REPLACE flags: 0)
  165. Dec 7 19:09:08.587134: | V2_IPSEC_R (timeout: EVENT_SA_REPLACE flags: 0)
  166. Dec 7 19:09:08.587136: | IKESA_DEL (timeout: EVENT_RETAIN flags: 0)
  167. Dec 7 19:09:08.587138: | CHILDSA_DEL (timeout: EVENT_NULL flags: 0)
  168. Dec 7 19:09:08.587140: | PARENT_R0 (timeout: EVENT_NULL flags: 0)
  169. Dec 7 19:09:08.587142: | PARENT_I0 (timeout: EVENT_NULL flags: 0)
  170. Dec 7 19:09:08.587196: Using Linux XFRM/NETKEY IPsec interface code on 3.10.0-957.1.3.el7.x86_64
  171. Dec 7 19:09:08.587720: | process 7534 listening for PF_KEY_V2 on file descriptor 14
  172. Dec 7 19:09:08.587724: | kernel_alg_init()
  173. Dec 7 19:09:08.587730: | Hard-wiring new AEAD algorithms
  174. Dec 7 19:09:08.587734: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=18(ESP_AES_GCM_A), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  175. Dec 7 19:09:08.587737: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=19(ESP_AES_GCM_B), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  176. Dec 7 19:09:08.587740: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=20(ESP_AES_GCM_C), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  177. Dec 7 19:09:08.587743: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=14(ESP_AES_CCM_A), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  178. Dec 7 19:09:08.587746: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=15(ESP_AES_CCM_B), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  179. Dec 7 19:09:08.587749: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=16(ESP_AES_CCM_C), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  180. Dec 7 19:09:08.587752: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=23(ESP_NULL_AUTH_AES_GMAC), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  181. Dec 7 19:09:08.587756: | Hard-wiring new INTEG algorithms
  182. Dec 7 19:09:08.587759: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=250(AH_AES_CMAC_96), alg_ivlen=0, alg_minbits=128, alg_maxbits=128
  183. Dec 7 19:09:08.587964: | finish_pfkey_msg: K_SADB_REGISTER message 1 for AH
  184. Dec 7 19:09:08.587970: | 02 07 00 02 02 00 00 00 01 00 00 00 6e 1d 00 00
  185. Dec 7 19:09:08.588295: | starting up helper thread 0
  186. Dec 7 19:09:08.588304: | status value returned by setting the priority of this thread (crypto helper 0) 22
  187. Dec 7 19:09:08.588306: | crypto helper 0 waiting (nothing to do)
  188. Dec 7 19:09:08.588313: | starting up helper thread 1
  189. Dec 7 19:09:08.588317: | status value returned by setting the priority of this thread (crypto helper 1) 22
  190. Dec 7 19:09:08.588319: | crypto helper 1 waiting (nothing to do)
  191. Dec 7 19:09:08.595687: | pfkey_get: ignoring PF_KEY K_SADB_X_GRPSA message 1 for process 0
  192. Dec 7 19:09:08.595704: | pfkey_get: ignoring PF_KEY K_SADB_X_GRPSA message 2 for process 0
  193. Dec 7 19:09:08.595709: | pfkey_get: ignoring PF_KEY K_SADB_X_GRPSA message 3 for process 0
  194. Dec 7 19:09:08.595713: | pfkey_get: ignoring PF_KEY K_SADB_X_GRPSA message 4 for process 0
  195. Dec 7 19:09:08.595717: | pfkey_get: ignoring PF_KEY K_SADB_X_GRPSA message 5 for process 0
  196. Dec 7 19:09:08.595721: | pfkey_get: ignoring PF_KEY K_SADB_X_GRPSA message 6 for process 0
  197. Dec 7 19:09:08.595724: | pfkey_get: K_SADB_REGISTER message 1
  198. Dec 7 19:09:08.595729: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: sadb_msg_len=22 sadb_supported_len=72
  199. Dec 7 19:09:08.595733: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=251(AH_NULL), alg_ivlen=0, alg_minbits=0, alg_maxbits=0
  200. Dec 7 19:09:08.595736: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=2(AH_MD5), alg_ivlen=0, alg_minbits=128, alg_maxbits=128
  201. Dec 7 19:09:08.595739: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=3(AH_SHA), alg_ivlen=0, alg_minbits=160, alg_maxbits=160
  202. Dec 7 19:09:08.595742: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=5(AH_SHA2_256), alg_ivlen=0, alg_minbits=256, alg_maxbits=256
  203. Dec 7 19:09:08.595745: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=6(AH_SHA2_384), alg_ivlen=0, alg_minbits=384, alg_maxbits=384
  204. Dec 7 19:09:08.595748: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=7(AH_SHA2_512), alg_ivlen=0, alg_minbits=512, alg_maxbits=512
  205. Dec 7 19:09:08.595750: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=8(AH_RIPEMD), alg_ivlen=0, alg_minbits=160, alg_maxbits=160
  206. Dec 7 19:09:08.595765: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=9(AH_AES_XCBC_MAC), alg_ivlen=0, alg_minbits=128, alg_maxbits=128
  207. Dec 7 19:09:08.595769: | kernel_alg_register_pfkey(): SADB_SATYPE_AH: sadb_msg_len=22 sadb_supported_len=88
  208. Dec 7 19:09:08.595772: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=11(ESP_NULL), alg_ivlen=0, alg_minbits=0, alg_maxbits=0
  209. Dec 7 19:09:08.595774: | kernel_alg_add(2,15,11) fails because alg combo is invalid
  210. Dec 7 19:09:08.595777: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=2(ESP_DES(UNUSED)), alg_ivlen=8, alg_minbits=64, alg_maxbits=64
  211. Dec 7 19:09:08.595780: | kernel_alg_add(2,15,2) fails because alg combo is invalid
  212. Dec 7 19:09:08.595782: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=3(ESP_3DES), alg_ivlen=8, alg_minbits=192, alg_maxbits=192
  213. Dec 7 19:09:08.595785: | kernel_alg_add(2,15,3) fails because alg combo is invalid
  214. Dec 7 19:09:08.595787: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=6(ESP_CAST), alg_ivlen=8, alg_minbits=40, alg_maxbits=128
  215. Dec 7 19:09:08.595789: | kernel_alg_add(2,15,6) fails because alg combo is invalid
  216. Dec 7 19:09:08.595798: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=7(ESP_BLOWFISH(UNUSED)), alg_ivlen=8, alg_minbits=40, alg_maxbits=448
  217. Dec 7 19:09:08.595801: | kernel_alg_add(2,15,7) fails because alg combo is invalid
  218. Dec 7 19:09:08.595804: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=12(ESP_AES), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  219. Dec 7 19:09:08.595806: | kernel_alg_add(2,15,12) fails because alg combo is invalid
  220. Dec 7 19:09:08.595809: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=252(ESP_SERPENT), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  221. Dec 7 19:09:08.595811: | kernel_alg_add(2,15,252) fails because alg combo is invalid
  222. Dec 7 19:09:08.595814: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=22(ESP_CAMELLIA), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  223. Dec 7 19:09:08.595816: | kernel_alg_add(2,15,22) fails because alg combo is invalid
  224. Dec 7 19:09:08.595818: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=253(ESP_TWOFISH), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  225. Dec 7 19:09:08.595821: | kernel_alg_add(2,15,253) fails because alg combo is invalid
  226. Dec 7 19:09:08.595823: | kernel_alg_add(): satype=2(SADB_SATYPE_AH), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=13(ESP_AES_CTR), alg_ivlen=8, alg_minbits=160, alg_maxbits=288
  227. Dec 7 19:09:08.595826: | kernel_alg_add(2,15,13) fails because alg combo is invalid
  228. Dec 7 19:09:08.595828: | AH registered with kernel.
  229. Dec 7 19:09:08.595832: | finish_pfkey_msg: K_SADB_REGISTER message 2 for ESP
  230. Dec 7 19:09:08.595835: | 02 07 00 03 02 00 00 00 02 00 00 00 6e 1d 00 00
  231. Dec 7 19:09:08.598696: | pfkey_get: K_SADB_REGISTER message 2
  232. Dec 7 19:09:08.598706: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: sadb_msg_len=22 sadb_supported_len=72
  233. Dec 7 19:09:08.598710: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=251(AH_NULL), alg_ivlen=0, alg_minbits=0, alg_maxbits=0
  234. Dec 7 19:09:08.598712: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=251
  235. Dec 7 19:09:08.598715: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=2(AH_MD5), alg_ivlen=0, alg_minbits=128, alg_maxbits=128
  236. Dec 7 19:09:08.598718: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=2
  237. Dec 7 19:09:08.598720: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=3(AH_SHA), alg_ivlen=0, alg_minbits=160, alg_maxbits=160
  238. Dec 7 19:09:08.598723: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=3
  239. Dec 7 19:09:08.598725: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=5(AH_SHA2_256), alg_ivlen=0, alg_minbits=256, alg_maxbits=256
  240. Dec 7 19:09:08.598728: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=5
  241. Dec 7 19:09:08.598730: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=6(AH_SHA2_384), alg_ivlen=0, alg_minbits=384, alg_maxbits=384
  242. Dec 7 19:09:08.598732: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=6
  243. Dec 7 19:09:08.598735: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=7(AH_SHA2_512), alg_ivlen=0, alg_minbits=512, alg_maxbits=512
  244. Dec 7 19:09:08.598737: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=7
  245. Dec 7 19:09:08.598740: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=8(AH_RIPEMD), alg_ivlen=0, alg_minbits=160, alg_maxbits=160
  246. Dec 7 19:09:08.598742: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=8
  247. Dec 7 19:09:08.598745: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=14(SADB_EXT_SUPPORTED_AUTH), alg_id=9(AH_AES_XCBC_MAC), alg_ivlen=0, alg_minbits=128, alg_maxbits=128
  248. Dec 7 19:09:08.598750: | kernel_alg_add(): discarding already setup satype=3, exttype=14, alg_id=9
  249. Dec 7 19:09:08.598753: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: sadb_msg_len=22 sadb_supported_len=88
  250. Dec 7 19:09:08.598756: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=11(ESP_NULL), alg_ivlen=0, alg_minbits=0, alg_maxbits=0
  251. Dec 7 19:09:08.598759: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=2(ESP_DES(UNUSED)), alg_ivlen=8, alg_minbits=64, alg_maxbits=64
  252. Dec 7 19:09:08.598761: | kernel_alg_add(): Ignoring alg_id=2(ESP_DES(UNUSED)) - too weak
  253. Dec 7 19:09:08.598764: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=3(ESP_3DES), alg_ivlen=8, alg_minbits=192, alg_maxbits=192
  254. Dec 7 19:09:08.598766: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=6(ESP_CAST), alg_ivlen=8, alg_minbits=40, alg_maxbits=128
  255. Dec 7 19:09:08.598769: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=7(ESP_BLOWFISH(UNUSED)), alg_ivlen=8, alg_minbits=40, alg_maxbits=448
  256. Dec 7 19:09:08.598771: | kernel_alg_add(): Ignoring alg_id=7(ESP_BLOWFISH(UNUSED)) - too weak
  257. Dec 7 19:09:08.598774: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=12(ESP_AES), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  258. Dec 7 19:09:08.598777: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=252(ESP_SERPENT), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  259. Dec 7 19:09:08.598780: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=22(ESP_CAMELLIA), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  260. Dec 7 19:09:08.598783: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=253(ESP_TWOFISH), alg_ivlen=8, alg_minbits=128, alg_maxbits=256
  261. Dec 7 19:09:08.598785: | kernel_alg_add(): satype=3(SADB_SATYPE_ESP), exttype=15(SADB_EXT_SUPPORTED_ENCRYPT), alg_id=13(ESP_AES_CTR), alg_ivlen=8, alg_minbits=160, alg_maxbits=288
  262. Dec 7 19:09:08.598788: | ESP registered with kernel.
  263. Dec 7 19:09:08.598791: | finish_pfkey_msg: K_SADB_REGISTER message 3 for IPCOMP
  264. Dec 7 19:09:08.598794: | 02 07 00 09 02 00 00 00 03 00 00 00 6e 1d 00 00
  265. Dec 7 19:09:08.602487: | pfkey_get: K_SADB_REGISTER message 3
  266. Dec 7 19:09:08.602498: | IPCOMP registered with kernel.
  267. Dec 7 19:09:08.602513: | Registered AH, ESP and IPCOMP
  268. Dec 7 19:09:08.602518: | event_schedule: new EVENT_SHUNT_SCAN-pe@0x564dee3b9b58
  269. Dec 7 19:09:08.602523: | inserting event EVENT_SHUNT_SCAN, timeout in 20.000 seconds
  270. Dec 7 19:09:08.602529: | setup kernel fd callback
  271. Dec 7 19:09:08.602735: | selinux support is enabled.
  272. Dec 7 19:09:08.603103: systemd watchdog for ipsec service configured with timeout of 200000000 usecs
  273. Dec 7 19:09:08.603108: watchdog: sending probes every 100 secs
  274. Dec 7 19:09:08.603111: | pluto_sd: executing action action: start(2), status 0
  275. Dec 7 19:09:08.603424: | event_schedule: new EVENT_SD_WATCHDOG-pe@0x564dee3c4248
  276. Dec 7 19:09:08.603430: | inserting event EVENT_SD_WATCHDOG, timeout in 100.000 seconds
  277. Dec 7 19:09:08.603606: | unbound context created - setting debug level to 5
  278. Dec 7 19:09:08.603653: | /etc/hosts lookups activated
  279. Dec 7 19:09:08.603681: | /etc/resolv.conf usage activated
  280. Dec 7 19:09:08.603685: | Loading dnssec root key from:/var/lib/unbound/root.key
  281. Dec 7 19:09:08.603688: | No additional dnssec trust anchors defined via dnssec-trusted= option
  282. Dec 7 19:09:08.603691: | Setting up events, loop start
  283. Dec 7 19:09:08.603995: | created addconn helper (pid:7563) using fork+execve
  284. Dec 7 19:09:08.604009: | forked child 7563
  285. Dec 7 19:09:08.604022: | pid table: inserting object 0x564dee3c66c8 (addconn pid 7563) entry 0x564dee3c66d0 into list 0x564dececf600 (older 0x564dececf600 newer 0x564dececf600)
  286. Dec 7 19:09:08.604027: | pid table: inserted object 0x564dee3c66c8 (addconn pid 7563) entry 0x564dee3c66d0 (older 0x564dececf600 newer 0x564dececf600)
  287. Dec 7 19:09:08.604036: | pid table: list entry 0x564dececf600 is HEAD (older 0x564dee3c66d0 newer 0x564dee3c66d0)
  288. Dec 7 19:09:08.608403: | certs and keys locked by 'lsw_add_rsa_secret'
  289. Dec 7 19:09:08.608422: | certs and keys unlocked by 'lsw_add_rsa_secret'
  290. Dec 7 19:09:08.608448: | Added new connection private with policy RSASIG+ENCRYPT+TUNNEL+PFS+OPPORTUNISTIC+GROUP+IKEV2_ALLOW+IKEV2_PROPOSE+IKEV2_ALLOW_NARROWING+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
  291. Dec 7 19:09:08.608947: | setting ID to ID_DER_ASN1_DN: 'CN=192.168.50.3,OU=AIMS,O=Polaris Alpha,ST=Colorado,C=US'
  292. Dec 7 19:09:08.608964: | loaded left certificate 'parsons'
  293. Dec 7 19:09:08.609056: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x564dee39c978
  294. Dec 7 19:09:08.609062: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x564dee3c8008
  295. Dec 7 19:09:08.609064: | get_pluto_gn_from_nss_cert: allocated pluto_gn 0x564dee3c8058
  296. Dec 7 19:09:08.609222: | unreference key: 0x564dee3c7e58 C=US, ST=Colorado, O=Polaris Alpha, OU=AIMS, CN=192.168.50.3 cnt 1--
  297. Dec 7 19:09:08.609231: | counting wild cards for C=US, ST=Colorado, O=Polaris Alpha, OU=AIMS, CN=192.168.50.3 is 0
  298. Dec 7 19:09:08.609235: | counting wild cards for (none) is 15
  299. Dec 7 19:09:08.609294: added connection description "private"
  300. Dec 7 19:09:08.609310: | 0.0.0.0/0===192.168.50.3<192.168.50.3>[C=US, ST=Colorado, O=Polaris Alpha, OU=AIMS, CN=192.168.50.3]...%opportunisticgroup
  301. Dec 7 19:09:08.609316: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: RSASIG+ENCRYPT+TUNNEL+PFS+OPPORTUNISTIC+GROUP+IKEV2_ALLOW+IKEV2_PROPOSE+IKEV2_ALLOW_NARROWING+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
  302. Dec 7 19:09:08.609382: | pluto_sd: executing action action: reloading(4), status 0
  303. Dec 7 19:09:08.609417: listening for IKE messages
  304. Dec 7 19:09:08.609657: | Inspecting interface lo
  305. Dec 7 19:09:08.609662: | found lo with address 127.0.0.1
  306. Dec 7 19:09:08.609665: | Inspecting interface eth0
  307. Dec 7 19:09:08.609668: | found eth0 with address 10.0.2.15
  308. Dec 7 19:09:08.609670: | Inspecting interface eth1
  309. Dec 7 19:09:08.609673: | found eth1 with address 192.168.50.3
  310. Dec 7 19:09:08.609675: | Inspecting interface docker0
  311. Dec 7 19:09:08.609678: | found docker0 with address 172.17.0.1
  312. Dec 7 19:09:08.609708: adding interface docker0/docker0 172.17.0.1:500
  313. Dec 7 19:09:08.609751: | NAT-Traversal: Trying sockopt style NAT-T
  314. Dec 7 19:09:08.609755: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
  315. Dec 7 19:09:08.609757: adding interface docker0/docker0 172.17.0.1:4500
  316. Dec 7 19:09:08.609775: adding interface eth1/eth1 192.168.50.3:500
  317. Dec 7 19:09:08.609789: | NAT-Traversal: Trying sockopt style NAT-T
  318. Dec 7 19:09:08.609793: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
  319. Dec 7 19:09:08.609795: adding interface eth1/eth1 192.168.50.3:4500
  320. Dec 7 19:09:08.609812: adding interface eth0/eth0 10.0.2.15:500
  321. Dec 7 19:09:08.609826: | NAT-Traversal: Trying sockopt style NAT-T
  322. Dec 7 19:09:08.609830: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
  323. Dec 7 19:09:08.609832: adding interface eth0/eth0 10.0.2.15:4500
  324. Dec 7 19:09:08.609848: adding interface lo/lo 127.0.0.1:500
  325. Dec 7 19:09:08.609862: | NAT-Traversal: Trying sockopt style NAT-T
  326. Dec 7 19:09:08.609865: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
  327. Dec 7 19:09:08.609867: adding interface lo/lo 127.0.0.1:4500
  328. Dec 7 19:09:08.609919: | found lo with address 0000:0000:0000:0000:0000:0000:0000:0001
  329. Dec 7 19:09:08.609957: adding interface lo/lo ::1:500
  330. Dec 7 19:09:08.609966: | connect_to_host_pair: 192.168.50.3:500 0.0.0.0:500 -> hp:none
  331. Dec 7 19:09:08.609974: | setup callback for interface lo:500 fd 24
  332. Dec 7 19:09:08.609978: | setup callback for interface lo:4500 fd 23
  333. Dec 7 19:09:08.609982: | setup callback for interface lo:500 fd 22
  334. Dec 7 19:09:08.609985: | setup callback for interface eth0:4500 fd 21
  335. Dec 7 19:09:08.609996: | setup callback for interface eth0:500 fd 20
  336. Dec 7 19:09:08.609999: | setup callback for interface eth1:4500 fd 19
  337. Dec 7 19:09:08.610003: | setup callback for interface eth1:500 fd 18
  338. Dec 7 19:09:08.610006: | setup callback for interface docker0:4500 fd 17
  339. Dec 7 19:09:08.610010: | setup callback for interface docker0:500 fd 16
  340. Dec 7 19:09:08.610015: | certs and keys locked by 'free_preshared_secrets'
  341. Dec 7 19:09:08.610017: forgetting secrets
  342. Dec 7 19:09:08.610022: | certs and keys unlocked by 'free_preshard_secrets'
  343. Dec 7 19:09:08.610039: loading secrets from "/etc/ipsec.secrets"
  344. Dec 7 19:09:08.610060: no secrets filename matched "/etc/ipsec.d/*.secrets"
  345. Dec 7 19:09:08.610083: loading group "/etc/ipsec.d/policies/private"
  346. Dec 7 19:09:08.610097: | 0.0.0.0/0->192.168.50.0/24 0 sport 0 dport 0 private
  347. Dec 7 19:09:08.610104: | pluto_sd: executing action action: ready(5), status 0
  348. Dec 7 19:09:08.610179: | processing: start connection "private" (in whack_route_connection() at rcv_whack.c:106)
  349. Dec 7 19:09:08.610185: | processing: suspend connection "private" (in route_group() at foodgroups.c:437)
  350. Dec 7 19:09:08.610188: | processing: start connection "private#192.168.50.0/24" (in route_group() at foodgroups.c:437)
  351. Dec 7 19:09:08.610194: | could_route called for private#192.168.50.0/24 (kind=CK_TEMPLATE)
  352. Dec 7 19:09:08.610199: | conn private#192.168.50.0/24 mark 0/00000000, 0/00000000 vs
  353. Dec 7 19:09:08.610202: | conn private#192.168.50.0/24 mark 0/00000000, 0/00000000
  354. Dec 7 19:09:08.610204: | conn private#192.168.50.0/24 mark 0/00000000, 0/00000000 vs
  355. Dec 7 19:09:08.610206: | conn private mark 0/00000000, 0/00000000
  356. Dec 7 19:09:08.610210: | route owner of "private#192.168.50.0/24" unrouted: NULL; eroute owner: NULL
  357. Dec 7 19:09:08.610214: | route_and_eroute() for proto 0, and source port 0 dest port 0
  358. Dec 7 19:09:08.610217: | conn private#192.168.50.0/24 mark 0/00000000, 0/00000000 vs
  359. Dec 7 19:09:08.610219: | conn private#192.168.50.0/24 mark 0/00000000, 0/00000000
  360. Dec 7 19:09:08.610221: | conn private#192.168.50.0/24 mark 0/00000000, 0/00000000 vs
  361. Dec 7 19:09:08.610223: | conn private mark 0/00000000, 0/00000000
  362. Dec 7 19:09:08.610226: | route owner of "private#192.168.50.0/24" unrouted: NULL; eroute owner: NULL
  363. Dec 7 19:09:08.610229: | route_and_eroute with c: private#192.168.50.0/24 (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #0
  364. Dec 7 19:09:08.610233: | shunt_eroute() called for connection 'private#192.168.50.0/24' to 'add' for rt_kind 'prospective erouted' using protoports 0--0->-0
  365. Dec 7 19:09:08.610238: | netlink_shunt_eroute for proto 0, and source port 0 dest port 0
  366. Dec 7 19:09:08.610243: | priority calculation of connection "private#192.168.50.0/24" is 0x17ffe7
  367. Dec 7 19:09:08.610246: | IPsec Sa SPD priority set to 1572839
  368. Dec 7 19:09:08.610287: | priority calculation of connection "private#192.168.50.0/24" is 0x17ffe7
  369. Dec 7 19:09:08.610290: | route_and_eroute: firewall_notified: true
  370. Dec 7 19:09:08.610293: | running updown command "ipsec _updown" for verb prepare
  371. Dec 7 19:09:08.610295: | command executing prepare-client
  372. Dec 7 19:09:08.610305: | id type with ID_NONE means wildcard match
  373. Dec 7 19:09:08.610312: | trusted_ca_nss: trustee A = 'C=US, ST=Colorado, L=Colorado Springs, O=Polaris Alpha, OU=AIMS, CN=Polaris Alpha WE Dev Root CA'
  374. Dec 7 19:09:08.610318: | trusted_ca_nss: trustor B = 'C=US, ST=Colorado, L=Colorado Springs, O=Polaris Alpha, OU=AIMS, CN=Polaris Alpha WE Dev Root CA'
  375. Dec 7 19:09:08.610338: | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='private#192.168.50.0/24' PLUTO_INTERFACE='eth1' PLUTO_ME='192.168.50.3' PLUTO_MY_ID='C=US, ST=Colorado, O=Polaris Alpha, OU=AIMS, CN=192.168.50.3' PLUTO_MY_CLIENT='0.0.0.0/0' PLUTO_MY_CLIENT_NET='0.0.0.0' PLUTO_MY_CLIENT_MASK='0.0.0.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='none' PLUTO_PEER='0.0.0.0' PLUTO_PEER_ID='(none)' PLUTO_PEER_CLIENT='192.168.50.0/24' PLUTO_PEER_CLIENT_NET='192.168.50.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=US, ST=Colorado, L=Colorado Springs, O=Polaris Alpha, OU=AIMS, CN=Polaris Alpha WE Dev Root CA' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+OPPORTUNISTIC+GROUPINSTANCE+IKEV2_ALLOW+IKEV2_PROPOSE+IKEV2_ALLOW_NARROWING+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_TEMPLATE' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0'
  376. Dec 7 19:09:08.610346: | popen cmd is 1215 chars long
  377. Dec 7 19:09:08.610350: | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='private#192.16:
  378. Dec 7 19:09:08.610353: | cmd( 80):8.50.0/24' PLUTO_INTERFACE='eth1' PLUTO_ME='192.168.50.3' PLUTO_MY_ID='C=US, ST=:
  379. Dec 7 19:09:08.610356: | cmd( 160):Colorado, O=Polaris Alpha, OU=AIMS, CN=192.168.50.3' PLUTO_MY_CLIENT='0.0.0.0/0':
  380. Dec 7 19:09:08.610360: | cmd( 240): PLUTO_MY_CLIENT_NET='0.0.0.0' PLUTO_MY_CLIENT_MASK='0.0.0.0' PLUTO_MY_PORT='0' :
  381. Dec 7 19:09:08.610363: | cmd( 320):PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='none' PLUTO_PEER='0.:
  382. Dec 7 19:09:08.610366: | cmd( 400):0.0.0' PLUTO_PEER_ID='(none)' PLUTO_PEER_CLIENT='192.168.50.0/24' PLUTO_PEER_CLI:
  383. Dec 7 19:09:08.610369: | cmd( 480):ENT_NET='192.168.50.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0:
  384. Dec 7 19:09:08.610372: | cmd( 560):' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=US, ST=Colorado, L=Colorado Springs, :
  385. Dec 7 19:09:08.610375: | cmd( 640):O=Polaris Alpha, OU=AIMS, CN=Polaris Alpha WE Dev Root CA' PLUTO_STACK='netkey' :
  386. Dec 7 19:09:08.610378: | cmd( 720):PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+OPPORTUNISTIC+GRO:
  387. Dec 7 19:09:08.610381: | cmd( 800):UPINSTANCE+IKEV2_ALLOW+IKEV2_PROPOSE+IKEV2_ALLOW_NARROWING+SAREF_TRACK+IKE_FRAG_:
  388. Dec 7 19:09:08.610384: | cmd( 880):ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_TEMPLATE' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_F:
  389. Dec 7 19:09:08.610387: | cmd( 960):AILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='':
  390. Dec 7 19:09:08.610389: | cmd(1040): PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGU:
  391. Dec 7 19:09:08.610391: | cmd(1120):RED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 ips:
  392. Dec 7 19:09:08.610393: | cmd(1200):ec _updown 2>&1:
  393. Dec 7 19:09:08.627300: | running updown command "ipsec _updown" for verb route
  394. Dec 7 19:09:08.627313: | command executing route-client
  395. Dec 7 19:09:08.627326: | id type with ID_NONE means wildcard match
  396. Dec 7 19:09:08.627332: | trusted_ca_nss: trustee A = 'C=US, ST=Colorado, L=Colorado Springs, O=Polaris Alpha, OU=AIMS, CN=Polaris Alpha WE Dev Root CA'
  397. Dec 7 19:09:08.627336: | trusted_ca_nss: trustor B = 'C=US, ST=Colorado, L=Colorado Springs, O=Polaris Alpha, OU=AIMS, CN=Polaris Alpha WE Dev Root CA'
  398. Dec 7 19:09:08.627355: | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='private#192.168.50.0/24' PLUTO_INTERFACE='eth1' PLUTO_ME='192.168.50.3' PLUTO_MY_ID='C=US, ST=Colorado, O=Polaris Alpha, OU=AIMS, CN=192.168.50.3' PLUTO_MY_CLIENT='0.0.0.0/0' PLUTO_MY_CLIENT_NET='0.0.0.0' PLUTO_MY_CLIENT_MASK='0.0.0.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='none' PLUTO_PEER='0.0.0.0' PLUTO_PEER_ID='(none)' PLUTO_PEER_CLIENT='192.168.50.0/24' PLUTO_PEER_CLIENT_NET='192.168.50.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=US, ST=Colorado, L=Colorado Springs, O=Polaris Alpha, OU=AIMS, CN=Polaris Alpha WE Dev Root CA' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+OPPORTUNISTIC+GROUPINSTANCE+IKEV2_ALLOW+IKEV2_PROPOSE+IKEV2_ALLOW_NARROWING+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_TEMPLATE' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLU
  399. Dec 7 19:09:08.627359: | popen cmd is 1213 chars long
  400. Dec 7 19:09:08.627361: | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='private#192.168.:
  401. Dec 7 19:09:08.627370: | cmd( 80):50.0/24' PLUTO_INTERFACE='eth1' PLUTO_ME='192.168.50.3' PLUTO_MY_ID='C=US, ST=Co:
  402. Dec 7 19:09:08.627372: | cmd( 160):lorado, O=Polaris Alpha, OU=AIMS, CN=192.168.50.3' PLUTO_MY_CLIENT='0.0.0.0/0' P:
  403. Dec 7 19:09:08.627375: | cmd( 240):LUTO_MY_CLIENT_NET='0.0.0.0' PLUTO_MY_CLIENT_MASK='0.0.0.0' PLUTO_MY_PORT='0' PL:
  404. Dec 7 19:09:08.627377: | cmd( 320):UTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='none' PLUTO_PEER='0.0.:
  405. Dec 7 19:09:08.627379: | cmd( 400):0.0' PLUTO_PEER_ID='(none)' PLUTO_PEER_CLIENT='192.168.50.0/24' PLUTO_PEER_CLIEN:
  406. Dec 7 19:09:08.627381: | cmd( 480):T_NET='192.168.50.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' :
  407. Dec 7 19:09:08.627383: | cmd( 560):PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=US, ST=Colorado, L=Colorado Springs, O=:
  408. Dec 7 19:09:08.627385: | cmd( 640):Polaris Alpha, OU=AIMS, CN=Polaris Alpha WE Dev Root CA' PLUTO_STACK='netkey' PL:
  409. Dec 7 19:09:08.627388: | cmd( 720):UTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+OPPORTUNISTIC+GROUP:
  410. Dec 7 19:09:08.627390: | cmd( 800):INSTANCE+IKEV2_ALLOW+IKEV2_PROPOSE+IKEV2_ALLOW_NARROWING+SAREF_TRACK+IKE_FRAG_AL:
  411. Dec 7 19:09:08.627392: | cmd( 880):LOW+ESN_NO' PLUTO_CONN_KIND='CK_TEMPLATE' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAI:
  412. Dec 7 19:09:08.627394: | cmd( 960):LED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' P:
  413. Dec 7 19:09:08.627396: | cmd(1040):LUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURE:
  414. Dec 7 19:09:08.627398: | cmd(1120):D='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x0 SPI_OUT=0x0 ipsec:
  415. Dec 7 19:09:08.627401: | cmd(1200): _updown 2>&1:
  416. Dec 7 19:09:08.641387: | processing: suspend connection "private#192.168.50.0/24" (in route_group() at foodgroups.c:441)
  417. Dec 7 19:09:08.641409: | processing: start connection "private" (in route_group() at foodgroups.c:441)
  418. Dec 7 19:09:08.641413: | processing: stop connection "private" (in whack_route_connection() at rcv_whack.c:116)
  419. Dec 7 19:09:08.641451: | waitpid returned nothing left to do (all child processes are busy)
  420. Dec 7 19:09:08.641455: | waitpid returned nothing left to do (all child processes are busy)
  421. Dec 7 19:09:08.641748: | waitpid returned pid 7563 (exited with status 0)
  422. Dec 7 19:09:08.641759: | serialno table: hash serialno #0 to head 0x564dececafe0
  423. Dec 7 19:09:08.641762: | serialno table: hash serialno #0 to head 0x564dececafe0
  424. Dec 7 19:09:08.641765: | reaped addconn helper child (status 0)
  425. Dec 7 19:09:08.641768: | pid table: removing object 0x564dee3c66c8 (addconn pid 7563) entry 0x564dee3c66d0 (older 0x564dececf600 newer 0x564dececf600)
  426. Dec 7 19:09:08.641772: | pid table: empty
  427. Dec 7 19:09:08.641777: | waitpid returned ECHILD (no child processes left)
  428. Dec 7 19:09:15.712038: | kernel_process_msg_cb process netlink message
  429. Dec 7 19:09:15.712149: | netlink_get: XFRM_MSG_ACQUIRE message
  430. Dec 7 19:09:15.712165: | xfrm netlink msg len 376
  431. Dec 7 19:09:15.712175: | xfrm acquire rtattribute type 5
  432. Dec 7 19:09:15.712184: | xfrm acquire rtattribute type 16
  433. Dec 7 19:09:15.712230: | add bare shunt 0x564dee3cec28 192.168.50.3/32:44927 --17--> 192.168.50.2/32:1025 => %hold 0 %acquire-netlink
  434. Dec 7 19:09:15.712254: initiate on demand from 192.168.50.3:44927 to 192.168.50.2:1025 proto=17 because: acquire
  435. Dec 7 19:09:15.712271: | find_connection: looking for policy for connection: 192.168.50.3:17/44927 -> 192.168.50.2:17/1025
  436. Dec 7 19:09:15.712324: | find_connection: conn "private#192.168.50.0/24" has compatible peers: 0.0.0.0/0 -> 192.168.50.0/24 [pri: 8]
  437. Dec 7 19:09:15.712341: | find_connection: first OK "private#192.168.50.0/24" [pri:8]{0x564dee3ce648} (child none)
  438. Dec 7 19:09:15.712353: | find_connection: concluding with "private#192.168.50.0/24" [pri:8]{0x564dee3ce648} kind=CK_TEMPLATE
  439. Dec 7 19:09:15.712365: | creating new instance from "private#192.168.50.0/24"
  440. Dec 7 19:09:15.712387: | shunt widened for protoports since conn does not limit protocols
  441. Dec 7 19:09:15.712400: | going to initiate opportunistic, first installing hold negotiationshunt
  442. Dec 7 19:09:15.712437: | priority calculation of connection "private#192.168.50.0/24" is 0x17ffe7
  443. Dec 7 19:09:15.712463: | oe-negotiating eroute 192.168.50.3/32:0 --0-> 192.168.50.2/32:0 => %hold (raw_eroute)
  444. Dec 7 19:09:15.712482: | netlink_raw_eroute: SPI_HOLD implemented as no-op
  445. Dec 7 19:09:15.712492: | raw_eroute result=success
  446. Dec 7 19:09:15.712502: | added bare (possibly wided) passthrough negotiationshunt succeeded (violating API)
  447. Dec 7 19:09:15.712522: | add bare shunt 0x564dee3cecf8 192.168.50.3/32:0 --0--> 192.168.50.2/32:0 => %hold 0 oe-negotiating
  448. Dec 7 19:09:15.712532: | fiddle_bare_shunt called
  449. Dec 7 19:09:15.712541: | fiddle_bare_shunt with transport_proto 17
  450. Dec 7 19:09:15.712551: | removing specific host-to-host bare shunt
  451. Dec 7 19:09:15.712564: | delete bare kernel shunt - was replaced with negotiationshunt eroute 192.168.50.3/32:44927 --17-> 192.168.50.2/32:1025 => %hold (raw_eroute)
  452. Dec 7 19:09:15.712574: | netlink_raw_eroute: SPI_PASS
  453. Dec 7 19:09:15.712632: | raw_eroute result=success
  454. Dec 7 19:09:15.712647: | raw_eroute with op='delete' for transport_proto='17' kernel shunt succeeded, bare shunt lookup succeeded
  455. Dec 7 19:09:15.712661: | delete bare shunt 0x564dee3cec28 192.168.50.3/32:44927 --17--> 192.168.50.2/32:1025 => %hold 0 %acquire-netlink
  456. Dec 7 19:09:15.712673: | success taking down narrow bare shunt
  457. Dec 7 19:09:15.712687: | find_host_pair: comparing 192.168.50.3:500 to 0.0.0.0:500
  458. Dec 7 19:09:15.712713: | find_host_pair: comparing 192.168.50.3:500 to 0.0.0.0:500
  459. Dec 7 19:09:15.712720: | find_host_pair: comparing 192.168.50.3:500 to 0.0.0.0:500
  460. Dec 7 19:09:15.712728: | find_host_pair: comparing 192.168.50.3:500 to 0.0.0.0:500
  461. Dec 7 19:09:15.712735: | find_host_pair: comparing 192.168.50.3:500 to 0.0.0.0:500
  462. Dec 7 19:09:15.712742: | find_host_pair: comparing 192.168.50.3:500 to 0.0.0.0:500
  463. Dec 7 19:09:15.712749: | checking private
  464. Dec 7 19:09:15.712755: | checking private#192.168.50.0/24
  465. Dec 7 19:09:15.712762: | find_host_pair: comparing 192.168.50.3:500 to 0.0.0.0:500
  466. Dec 7 19:09:15.712768: | checking private
  467. Dec 7 19:09:15.712774: | checking private#192.168.50.0/24
  468. Dec 7 19:09:15.712781: | find_host_pair: comparing 192.168.50.3:500 to 0.0.0.0:500
  469. Dec 7 19:09:15.712788: | find_host_pair: comparing 192.168.50.3:500 to 0.0.0.0:500
  470. Dec 7 19:09:15.712814: | find_host_pair: comparing 192.168.50.3:500 to 0.0.0.0:500
  471. Dec 7 19:09:15.712823: | connect_to_host_pair: 192.168.50.3:500 192.168.50.2:500 -> hp:none
  472. Dec 7 19:09:15.712832: | oppo instantiate d="private#192.168.50.0/24" from c="private#192.168.50.0/24" with c->routing prospective erouted, d->routing unrouted
  473. Dec 7 19:09:15.712856: | new oppo instance: 0.0.0.0/0===192.168.50.3<192.168.50.3>[C=US, ST=Colorado, O=Polaris Alpha, OU=AIMS, CN=192.168.50.3]...192.168.50.2===192.168.50.0/24
  474. Dec 7 19:09:15.712878: | oppo_instantiate() instantiated "[1] ...192.168.50.2"private#192.168.50.0/24: 192.168.50.3/32===192.168.50.3<192.168.50.3>[C=US, ST=Colorado, O=Polaris Alpha, OU=AIMS, CN=192.168.50.3]...192.168.50.2
  475. Dec 7 19:09:15.712885: | assigning negotiation_shunt to connection
  476. Dec 7 19:09:15.712892: | assign hold, routing was unrouted, needs to be unrouted HOLD
  477. Dec 7 19:09:15.712898: | assign_holdpass() removing bare shunt
  478. Dec 7 19:09:15.712907: | delete bare shunt 0x564dee3cecf8 192.168.50.3/32:0 --0--> 192.168.50.2/32:0 => %hold 0 oe-negotiating
  479. Dec 7 19:09:15.712914: | assign_holdpass() done - returning success
  480. Dec 7 19:09:15.712920: | assign_holdpass succeeded
  481. Dec 7 19:09:15.712927: | initiate on demand from 192.168.50.3:0 to 192.168.50.2:0 proto=17 because: acquire
  482. Dec 7 19:09:15.712947: | creating state object #1 at 0x564dee3cf5b8
  483. Dec 7 19:09:15.712956: | parent state #1: new => STATE_UNDEFINED(ignore)
  484. Dec 7 19:09:15.713004: | processing: start state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in initialize_new_state() at ipsec_doi.c:490)
  485. Dec 7 19:09:15.713013: | inserting state object #1
  486. Dec 7 19:09:15.713023: | serialno list: inserting object 0x564dee3cf5b8 (state #1) entry 0x564dee3cfd60 into list 0x564deced80c0 (older 0x564deced80c0 newer 0x564deced80c0)
  487. Dec 7 19:09:15.713043: | serialno list: inserted object 0x564dee3cf5b8 (state #1) entry 0x564dee3cfd60 (older 0x564deced80c0 newer 0x564deced80c0)
  488. Dec 7 19:09:15.713051: | serialno list: list entry 0x564deced80c0 is HEAD (older 0x564dee3cfd60 newer 0x564dee3cfd60)
  489. Dec 7 19:09:15.713061: | serialno table: inserting object 0x564dee3cf5b8 (state #1) entry 0x564dee3cfd80 into list 0x564dececb000 (older 0x564dececb000 newer 0x564dececb000)
  490. Dec 7 19:09:15.713072: | serialno table: inserted object 0x564dee3cf5b8 (state #1) entry 0x564dee3cfd80 (older 0x564dececb000 newer 0x564dececb000)
  491. Dec 7 19:09:15.713080: | serialno table: list entry 0x564dececb000 is HEAD (older 0x564dee3cfd80 newer 0x564dee3cfd80)
  492. Dec 7 19:09:15.713095: | processing: [RE]START state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in initialize_new_state() at ipsec_doi.c:510)
  493. Dec 7 19:09:15.713104: | parent state #1: STATE_UNDEFINED(ignore) => STATE_PARENT_I1(half-open-ike)
  494. Dec 7 19:09:15.713111: | ignore states: 0
  495. Dec 7 19:09:15.713117: | half-open-ike states: 1
  496. Dec 7 19:09:15.713122: | open-ike states: 0
  497. Dec 7 19:09:15.713128: | established-anonymous-ike states: 0
  498. Dec 7 19:09:15.713134: | established-authenticated-ike states: 0
  499. Dec 7 19:09:15.713140: | anonymous-ipsec states: 0
  500. Dec 7 19:09:15.713146: | authenticated-ipsec states: 0
  501. Dec 7 19:09:15.713152: | informational states: 0
  502. Dec 7 19:09:15.713158: | unknown states: 0
  503. Dec 7 19:09:15.713164: | category states: 1 count states: 1
  504. Dec 7 19:09:15.713179: | Queuing pending IPsec SA negotiating with 192.168.50.2 "private#192.168.50.0/24"[1] ...192.168.50.2 IKE SA #1 "private#192.168.50.0/24"[1] ...192.168.50.2
  505. Dec 7 19:09:15.713198: | selecting default local IKE proposals for private#192.168.50.0/24 (IKE SA initiator selecting KE)
  506. Dec 7 19:09:15.713236: "private#192.168.50.0/24"[1] ...192.168.50.2 #1: local IKE proposals for private#192.168.50.0/24 (IKE SA initiator selecting KE): 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256,HMAC_SHA1;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256 2:IKE:ENCR=AES_GCM_C_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256,HMAC_SHA1;INTEG=NONE;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256 3:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512,HMAC_SHA2_256,HMAC_SHA1;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128,HMAC_SHA1_96;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256 4:IKE:ENCR=AES_CBC_128;PRF=HMAC_SHA2_512,HMAC_SHA2_256,HMAC_SHA1;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128,HMAC_SHA1_96;DH=MODP2048,MODP3072,MODP4096,MODP8192,ECP_256 (default)
  507. Dec 7 19:09:15.713261: | adding ikev2_outI1 KE work-order 1 for state #1
  508. Dec 7 19:09:15.713268: | state #1 requesting to delete non existing event
  509. Dec 7 19:09:15.713275: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x564dee3d0b58
  510. Dec 7 19:09:15.713286: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60.000 seconds for #1
  511. Dec 7 19:09:15.713300: | backlog: inserting object 0x564dee3cff88 (work-order 1 state #1) entry 0x564dee3cff90 into list 0x564deced8fc0 (older 0x564deced8fc0 newer 0x564deced8fc0)
  512. Dec 7 19:09:15.713310: | backlog: inserted object 0x564dee3cff88 (work-order 1 state #1) entry 0x564dee3cff90 (older 0x564deced8fc0 newer 0x564deced8fc0)
  513. Dec 7 19:09:15.713318: | backlog: list entry 0x564deced8fc0 is HEAD (older 0x564dee3cff90 newer 0x564dee3cff90)
  514. Dec 7 19:09:15.713342: | processing: RESET state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in ikev2_parent_outI1() at ikev2_parent.c:823)
  515. Dec 7 19:09:15.713352: | initiate on demand using RSASIG from 192.168.50.3 to 192.168.50.2
  516. Dec 7 19:09:15.713386: | crypto helper 0 resuming
  517. Dec 7 19:09:15.713399: | backlog: removing object 0x564dee3cff88 (work-order 1 state #1) entry 0x564dee3cff90 (older 0x564deced8fc0 newer 0x564deced8fc0)
  518. Dec 7 19:09:15.713406: | backlog: empty
  519. Dec 7 19:09:15.713414: | crypto helper 0 starting work-order 1 for state #1
  520. Dec 7 19:09:15.713422: | crypto helper 0 doing build KE and nonce; request ID 1
  521. Dec 7 19:09:15.715800: | crypto helper 0 finished build KE and nonce; request ID 1 time elapsed 2365 usec
  522. Dec 7 19:09:15.715844: | crypto helper 0 sending results from work-order 1 for state #1 to event queue
  523. Dec 7 19:09:15.715854: | scheduling now-event sending helper answer for #1
  524. Dec 7 19:09:15.715886: | crypto helper 0 waiting (nothing to do)
  525. Dec 7 19:09:15.715920: | executing now-event sending helper answer for 1
  526. Dec 7 19:09:15.715930: | serialno table: hash serialno #1 to head 0x564dececb000
  527. Dec 7 19:09:15.715937: | serialno table: hash serialno #1 to head 0x564dececb000
  528. Dec 7 19:09:15.715955: | processing: start state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in schedule_event_now_cb() at server.c:594)
  529. Dec 7 19:09:15.715962: | crypto helper 0 replies to request ID 1
  530. Dec 7 19:09:15.715969: | calling continuation function 0x564decbeb9b0
  531. Dec 7 19:09:15.715980: | ikev2_parent_outI1_continue for #1
  532. Dec 7 19:09:15.716091: | **emit ISAKMP Message:
  533. Dec 7 19:09:15.716105: | initiator cookie:
  534. Dec 7 19:09:15.716111: | af 26 30 ff 4b 80 f5 5b
  535. Dec 7 19:09:15.716117: | responder cookie:
  536. Dec 7 19:09:15.716123: | 00 00 00 00 00 00 00 00
  537. Dec 7 19:09:15.716131: | next payload type: ISAKMP_NEXT_v2SA (0x21)
  538. Dec 7 19:09:15.716138: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
  539. Dec 7 19:09:15.716145: | exchange type: ISAKMP_v2_SA_INIT (0x22)
  540. Dec 7 19:09:15.716152: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
  541. Dec 7 19:09:15.716159: | message ID: 00 00 00 00
  542. Dec 7 19:09:15.716167: | next payload type: saving message location 'ISAKMP Message' 'next payload type'
  543. Dec 7 19:09:15.716175: | already determined local IKE proposals for private#192.168.50.0/24 (IKE SA initiator emitting local proposals)
  544. Dec 7 19:09:15.716182: | Emitting ikev2_proposals ...
  545. Dec 7 19:09:15.716189: | ***emit IKEv2 Security Association Payload:
  546. Dec 7 19:09:15.716195: | next payload type: ISAKMP_NEXT_v2KE (0x22)
  547. Dec 7 19:09:15.716202: | flags: none (0x0)
  548. Dec 7 19:09:15.716211: | next payload type: previous 'ISAKMP Message' 'next payload type' matches 'IKEv2 Security Association Payload' (33:ISAKMP_NEXT_v2SA)
  549. Dec 7 19:09:15.716218: | next payload type: saving payload location 'IKEv2 Security Association Payload' 'next payload type'
  550. Dec 7 19:09:15.716226: | ****emit IKEv2 Proposal Substructure Payload:
  551. Dec 7 19:09:15.716233: | last proposal: v2_PROPOSAL_NON_LAST (0x2)
  552. Dec 7 19:09:15.716239: | prop #: 1 (0x1)
  553. Dec 7 19:09:15.716246: | proto ID: IKEv2_SEC_PROTO_IKE (0x1)
  554. Dec 7 19:09:15.716252: | spi size: 0 (0x0)
  555. Dec 7 19:09:15.716258: | # transforms: 9 (0x9)
  556. Dec 7 19:09:15.716265: | *****emit IKEv2 Transform Substructure Payload:
  557. Dec 7 19:09:15.716271: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  558. Dec 7 19:09:15.716278: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
  559. Dec 7 19:09:15.716285: | IKEv2 transform ID: AES_GCM_C (0x14)
  560. Dec 7 19:09:15.716292: | ******emit IKEv2 Attribute Substructure Payload:
  561. Dec 7 19:09:15.716298: | af+type: IKEv2_KEY_LENGTH (0x800e)
  562. Dec 7 19:09:15.716305: | length/value: 256 (0x100)
  563. Dec 7 19:09:15.716312: | emitting length of IKEv2 Transform Substructure Payload: 12
  564. Dec 7 19:09:15.716318: | *****emit IKEv2 Transform Substructure Payload:
  565. Dec 7 19:09:15.716324: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  566. Dec 7 19:09:15.716330: | IKEv2 transform type: TRANS_TYPE_PRF (0x2)
  567. Dec 7 19:09:15.716337: | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
  568. Dec 7 19:09:15.716344: | emitting length of IKEv2 Transform Substructure Payload: 8
  569. Dec 7 19:09:15.716350: | *****emit IKEv2 Transform Substructure Payload:
  570. Dec 7 19:09:15.716356: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  571. Dec 7 19:09:15.716362: | IKEv2 transform type: TRANS_TYPE_PRF (0x2)
  572. Dec 7 19:09:15.716368: | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5)
  573. Dec 7 19:09:15.716374: | emitting length of IKEv2 Transform Substructure Payload: 8
  574. Dec 7 19:09:15.716380: | *****emit IKEv2 Transform Substructure Payload:
  575. Dec 7 19:09:15.716387: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  576. Dec 7 19:09:15.716406: | IKEv2 transform type: TRANS_TYPE_PRF (0x2)
  577. Dec 7 19:09:15.716412: | IKEv2 transform ID: PRF_HMAC_SHA1 (0x2)
  578. Dec 7 19:09:15.716419: | emitting length of IKEv2 Transform Substructure Payload: 8
  579. Dec 7 19:09:15.716425: | *****emit IKEv2 Transform Substructure Payload:
  580. Dec 7 19:09:15.716431: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  581. Dec 7 19:09:15.716437: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  582. Dec 7 19:09:15.716444: | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
  583. Dec 7 19:09:15.716450: | emitting length of IKEv2 Transform Substructure Payload: 8
  584. Dec 7 19:09:15.716456: | *****emit IKEv2 Transform Substructure Payload:
  585. Dec 7 19:09:15.716462: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  586. Dec 7 19:09:15.716468: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  587. Dec 7 19:09:15.716474: | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf)
  588. Dec 7 19:09:15.716480: | emitting length of IKEv2 Transform Substructure Payload: 8
  589. Dec 7 19:09:15.716486: | *****emit IKEv2 Transform Substructure Payload:
  590. Dec 7 19:09:15.716493: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  591. Dec 7 19:09:15.716499: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  592. Dec 7 19:09:15.716505: | IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10)
  593. Dec 7 19:09:15.716511: | emitting length of IKEv2 Transform Substructure Payload: 8
  594. Dec 7 19:09:15.716517: | *****emit IKEv2 Transform Substructure Payload:
  595. Dec 7 19:09:15.716523: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  596. Dec 7 19:09:15.716529: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  597. Dec 7 19:09:15.716535: | IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12)
  598. Dec 7 19:09:15.716541: | emitting length of IKEv2 Transform Substructure Payload: 8
  599. Dec 7 19:09:15.716547: | *****emit IKEv2 Transform Substructure Payload:
  600. Dec 7 19:09:15.716553: | last transform: v2_TRANSFORM_LAST (0x0)
  601. Dec 7 19:09:15.716559: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  602. Dec 7 19:09:15.716565: | IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13)
  603. Dec 7 19:09:15.716571: | emitting length of IKEv2 Transform Substructure Payload: 8
  604. Dec 7 19:09:15.716578: | emitting length of IKEv2 Proposal Substructure Payload: 84
  605. Dec 7 19:09:15.716584: | ****emit IKEv2 Proposal Substructure Payload:
  606. Dec 7 19:09:15.716591: | last proposal: v2_PROPOSAL_NON_LAST (0x2)
  607. Dec 7 19:09:15.716597: | prop #: 2 (0x2)
  608. Dec 7 19:09:15.716602: | proto ID: IKEv2_SEC_PROTO_IKE (0x1)
  609. Dec 7 19:09:15.716608: | spi size: 0 (0x0)
  610. Dec 7 19:09:15.716614: | # transforms: 9 (0x9)
  611. Dec 7 19:09:15.716620: | *****emit IKEv2 Transform Substructure Payload:
  612. Dec 7 19:09:15.716626: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  613. Dec 7 19:09:15.716633: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
  614. Dec 7 19:09:15.716639: | IKEv2 transform ID: AES_GCM_C (0x14)
  615. Dec 7 19:09:15.716645: | ******emit IKEv2 Attribute Substructure Payload:
  616. Dec 7 19:09:15.716651: | af+type: IKEv2_KEY_LENGTH (0x800e)
  617. Dec 7 19:09:15.716657: | length/value: 128 (0x80)
  618. Dec 7 19:09:15.716663: | emitting length of IKEv2 Transform Substructure Payload: 12
  619. Dec 7 19:09:15.716669: | *****emit IKEv2 Transform Substructure Payload:
  620. Dec 7 19:09:15.716675: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  621. Dec 7 19:09:15.716681: | IKEv2 transform type: TRANS_TYPE_PRF (0x2)
  622. Dec 7 19:09:15.716687: | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
  623. Dec 7 19:09:15.716693: | emitting length of IKEv2 Transform Substructure Payload: 8
  624. Dec 7 19:09:15.716699: | *****emit IKEv2 Transform Substructure Payload:
  625. Dec 7 19:09:15.716705: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  626. Dec 7 19:09:15.716711: | IKEv2 transform type: TRANS_TYPE_PRF (0x2)
  627. Dec 7 19:09:15.716717: | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5)
  628. Dec 7 19:09:15.716723: | emitting length of IKEv2 Transform Substructure Payload: 8
  629. Dec 7 19:09:15.716729: | *****emit IKEv2 Transform Substructure Payload:
  630. Dec 7 19:09:15.716735: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  631. Dec 7 19:09:15.716746: | IKEv2 transform type: TRANS_TYPE_PRF (0x2)
  632. Dec 7 19:09:15.716752: | IKEv2 transform ID: PRF_HMAC_SHA1 (0x2)
  633. Dec 7 19:09:15.716758: | emitting length of IKEv2 Transform Substructure Payload: 8
  634. Dec 7 19:09:15.716764: | *****emit IKEv2 Transform Substructure Payload:
  635. Dec 7 19:09:15.716771: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  636. Dec 7 19:09:15.716777: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  637. Dec 7 19:09:15.716783: | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
  638. Dec 7 19:09:15.716789: | emitting length of IKEv2 Transform Substructure Payload: 8
  639. Dec 7 19:09:15.716795: | *****emit IKEv2 Transform Substructure Payload:
  640. Dec 7 19:09:15.716801: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  641. Dec 7 19:09:15.716807: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  642. Dec 7 19:09:15.716814: | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf)
  643. Dec 7 19:09:15.716820: | emitting length of IKEv2 Transform Substructure Payload: 8
  644. Dec 7 19:09:15.716826: | *****emit IKEv2 Transform Substructure Payload:
  645. Dec 7 19:09:15.716832: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  646. Dec 7 19:09:15.716838: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  647. Dec 7 19:09:15.716844: | IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10)
  648. Dec 7 19:09:15.716850: | emitting length of IKEv2 Transform Substructure Payload: 8
  649. Dec 7 19:09:15.716856: | *****emit IKEv2 Transform Substructure Payload:
  650. Dec 7 19:09:15.716862: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  651. Dec 7 19:09:15.716868: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  652. Dec 7 19:09:15.716874: | IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12)
  653. Dec 7 19:09:15.716880: | emitting length of IKEv2 Transform Substructure Payload: 8
  654. Dec 7 19:09:15.716886: | *****emit IKEv2 Transform Substructure Payload:
  655. Dec 7 19:09:15.716892: | last transform: v2_TRANSFORM_LAST (0x0)
  656. Dec 7 19:09:15.716899: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  657. Dec 7 19:09:15.716905: | IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13)
  658. Dec 7 19:09:15.716911: | emitting length of IKEv2 Transform Substructure Payload: 8
  659. Dec 7 19:09:15.716917: | emitting length of IKEv2 Proposal Substructure Payload: 84
  660. Dec 7 19:09:15.716923: | ****emit IKEv2 Proposal Substructure Payload:
  661. Dec 7 19:09:15.716930: | last proposal: v2_PROPOSAL_NON_LAST (0x2)
  662. Dec 7 19:09:15.716935: | prop #: 3 (0x3)
  663. Dec 7 19:09:15.716941: | proto ID: IKEv2_SEC_PROTO_IKE (0x1)
  664. Dec 7 19:09:15.716947: | spi size: 0 (0x0)
  665. Dec 7 19:09:15.716953: | # transforms: 12 (0xc)
  666. Dec 7 19:09:15.716959: | *****emit IKEv2 Transform Substructure Payload:
  667. Dec 7 19:09:15.716965: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  668. Dec 7 19:09:15.716972: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
  669. Dec 7 19:09:15.716978: | IKEv2 transform ID: AES_CBC (0xc)
  670. Dec 7 19:09:15.716984: | ******emit IKEv2 Attribute Substructure Payload:
  671. Dec 7 19:09:15.716990: | af+type: IKEv2_KEY_LENGTH (0x800e)
  672. Dec 7 19:09:15.716996: | length/value: 256 (0x100)
  673. Dec 7 19:09:15.717002: | emitting length of IKEv2 Transform Substructure Payload: 12
  674. Dec 7 19:09:15.717008: | *****emit IKEv2 Transform Substructure Payload:
  675. Dec 7 19:09:15.717014: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  676. Dec 7 19:09:15.717020: | IKEv2 transform type: TRANS_TYPE_PRF (0x2)
  677. Dec 7 19:09:15.717026: | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
  678. Dec 7 19:09:15.717033: | emitting length of IKEv2 Transform Substructure Payload: 8
  679. Dec 7 19:09:15.717039: | *****emit IKEv2 Transform Substructure Payload:
  680. Dec 7 19:09:15.717045: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  681. Dec 7 19:09:15.717051: | IKEv2 transform type: TRANS_TYPE_PRF (0x2)
  682. Dec 7 19:09:15.717057: | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5)
  683. Dec 7 19:09:15.717063: | emitting length of IKEv2 Transform Substructure Payload: 8
  684. Dec 7 19:09:15.717069: | *****emit IKEv2 Transform Substructure Payload:
  685. Dec 7 19:09:15.717075: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  686. Dec 7 19:09:15.717081: | IKEv2 transform type: TRANS_TYPE_PRF (0x2)
  687. Dec 7 19:09:15.717092: | IKEv2 transform ID: PRF_HMAC_SHA1 (0x2)
  688. Dec 7 19:09:15.717098: | emitting length of IKEv2 Transform Substructure Payload: 8
  689. Dec 7 19:09:15.717104: | *****emit IKEv2 Transform Substructure Payload:
  690. Dec 7 19:09:15.717110: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  691. Dec 7 19:09:15.717116: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
  692. Dec 7 19:09:15.717123: | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe)
  693. Dec 7 19:09:15.717129: | emitting length of IKEv2 Transform Substructure Payload: 8
  694. Dec 7 19:09:15.717135: | *****emit IKEv2 Transform Substructure Payload:
  695. Dec 7 19:09:15.717141: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  696. Dec 7 19:09:15.717147: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
  697. Dec 7 19:09:15.717153: | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc)
  698. Dec 7 19:09:15.717159: | emitting length of IKEv2 Transform Substructure Payload: 8
  699. Dec 7 19:09:15.717165: | *****emit IKEv2 Transform Substructure Payload:
  700. Dec 7 19:09:15.717171: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  701. Dec 7 19:09:15.717177: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
  702. Dec 7 19:09:15.717184: | IKEv2 transform ID: AUTH_HMAC_SHA1_96 (0x2)
  703. Dec 7 19:09:15.717190: | emitting length of IKEv2 Transform Substructure Payload: 8
  704. Dec 7 19:09:15.717196: | *****emit IKEv2 Transform Substructure Payload:
  705. Dec 7 19:09:15.717202: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  706. Dec 7 19:09:15.717208: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  707. Dec 7 19:09:15.717214: | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
  708. Dec 7 19:09:15.717220: | emitting length of IKEv2 Transform Substructure Payload: 8
  709. Dec 7 19:09:15.717226: | *****emit IKEv2 Transform Substructure Payload:
  710. Dec 7 19:09:15.717232: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  711. Dec 7 19:09:15.717238: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  712. Dec 7 19:09:15.717245: | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf)
  713. Dec 7 19:09:15.717251: | emitting length of IKEv2 Transform Substructure Payload: 8
  714. Dec 7 19:09:15.717257: | *****emit IKEv2 Transform Substructure Payload:
  715. Dec 7 19:09:15.717263: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  716. Dec 7 19:09:15.717269: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  717. Dec 7 19:09:15.717275: | IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10)
  718. Dec 7 19:09:15.717281: | emitting length of IKEv2 Transform Substructure Payload: 8
  719. Dec 7 19:09:15.717287: | *****emit IKEv2 Transform Substructure Payload:
  720. Dec 7 19:09:15.717293: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  721. Dec 7 19:09:15.717299: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  722. Dec 7 19:09:15.717305: | IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12)
  723. Dec 7 19:09:15.717311: | emitting length of IKEv2 Transform Substructure Payload: 8
  724. Dec 7 19:09:15.717317: | *****emit IKEv2 Transform Substructure Payload:
  725. Dec 7 19:09:15.717323: | last transform: v2_TRANSFORM_LAST (0x0)
  726. Dec 7 19:09:15.717330: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  727. Dec 7 19:09:15.717336: | IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13)
  728. Dec 7 19:09:15.717342: | emitting length of IKEv2 Transform Substructure Payload: 8
  729. Dec 7 19:09:15.717348: | emitting length of IKEv2 Proposal Substructure Payload: 108
  730. Dec 7 19:09:15.717354: | ****emit IKEv2 Proposal Substructure Payload:
  731. Dec 7 19:09:15.717361: | last proposal: v2_PROPOSAL_LAST (0x0)
  732. Dec 7 19:09:15.717366: | prop #: 4 (0x4)
  733. Dec 7 19:09:15.717373: | proto ID: IKEv2_SEC_PROTO_IKE (0x1)
  734. Dec 7 19:09:15.717378: | spi size: 0 (0x0)
  735. Dec 7 19:09:15.717384: | # transforms: 12 (0xc)
  736. Dec 7 19:09:15.717390: | *****emit IKEv2 Transform Substructure Payload:
  737. Dec 7 19:09:15.717396: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  738. Dec 7 19:09:15.717403: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
  739. Dec 7 19:09:15.717409: | IKEv2 transform ID: AES_CBC (0xc)
  740. Dec 7 19:09:15.717415: | ******emit IKEv2 Attribute Substructure Payload:
  741. Dec 7 19:09:15.717421: | af+type: IKEv2_KEY_LENGTH (0x800e)
  742. Dec 7 19:09:15.717427: | length/value: 128 (0x80)
  743. Dec 7 19:09:15.717437: | emitting length of IKEv2 Transform Substructure Payload: 12
  744. Dec 7 19:09:15.717443: | *****emit IKEv2 Transform Substructure Payload:
  745. Dec 7 19:09:15.717450: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  746. Dec 7 19:09:15.717456: | IKEv2 transform type: TRANS_TYPE_PRF (0x2)
  747. Dec 7 19:09:15.717462: | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
  748. Dec 7 19:09:15.717468: | emitting length of IKEv2 Transform Substructure Payload: 8
  749. Dec 7 19:09:15.717474: | *****emit IKEv2 Transform Substructure Payload:
  750. Dec 7 19:09:15.717480: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  751. Dec 7 19:09:15.717486: | IKEv2 transform type: TRANS_TYPE_PRF (0x2)
  752. Dec 7 19:09:15.717492: | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5)
  753. Dec 7 19:09:15.717498: | emitting length of IKEv2 Transform Substructure Payload: 8
  754. Dec 7 19:09:15.717504: | *****emit IKEv2 Transform Substructure Payload:
  755. Dec 7 19:09:15.717510: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  756. Dec 7 19:09:15.717516: | IKEv2 transform type: TRANS_TYPE_PRF (0x2)
  757. Dec 7 19:09:15.717522: | IKEv2 transform ID: PRF_HMAC_SHA1 (0x2)
  758. Dec 7 19:09:15.717528: | emitting length of IKEv2 Transform Substructure Payload: 8
  759. Dec 7 19:09:15.717534: | *****emit IKEv2 Transform Substructure Payload:
  760. Dec 7 19:09:15.717541: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  761. Dec 7 19:09:15.717547: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
  762. Dec 7 19:09:15.717553: | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe)
  763. Dec 7 19:09:15.717559: | emitting length of IKEv2 Transform Substructure Payload: 8
  764. Dec 7 19:09:15.717565: | *****emit IKEv2 Transform Substructure Payload:
  765. Dec 7 19:09:15.717571: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  766. Dec 7 19:09:15.717577: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
  767. Dec 7 19:09:15.717583: | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc)
  768. Dec 7 19:09:15.717589: | emitting length of IKEv2 Transform Substructure Payload: 8
  769. Dec 7 19:09:15.717595: | *****emit IKEv2 Transform Substructure Payload:
  770. Dec 7 19:09:15.717601: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  771. Dec 7 19:09:15.717607: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
  772. Dec 7 19:09:15.717613: | IKEv2 transform ID: AUTH_HMAC_SHA1_96 (0x2)
  773. Dec 7 19:09:15.717620: | emitting length of IKEv2 Transform Substructure Payload: 8
  774. Dec 7 19:09:15.717640: | *****emit IKEv2 Transform Substructure Payload:
  775. Dec 7 19:09:15.717645: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  776. Dec 7 19:09:15.717649: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  777. Dec 7 19:09:15.717654: | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
  778. Dec 7 19:09:15.717659: | emitting length of IKEv2 Transform Substructure Payload: 8
  779. Dec 7 19:09:15.717663: | *****emit IKEv2 Transform Substructure Payload:
  780. Dec 7 19:09:15.717668: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  781. Dec 7 19:09:15.717673: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  782. Dec 7 19:09:15.717677: | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf)
  783. Dec 7 19:09:15.717682: | emitting length of IKEv2 Transform Substructure Payload: 8
  784. Dec 7 19:09:15.717686: | *****emit IKEv2 Transform Substructure Payload:
  785. Dec 7 19:09:15.717691: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  786. Dec 7 19:09:15.717695: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  787. Dec 7 19:09:15.717700: | IKEv2 transform ID: OAKLEY_GROUP_MODP4096 (0x10)
  788. Dec 7 19:09:15.717705: | emitting length of IKEv2 Transform Substructure Payload: 8
  789. Dec 7 19:09:15.717709: | *****emit IKEv2 Transform Substructure Payload:
  790. Dec 7 19:09:15.717714: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  791. Dec 7 19:09:15.717718: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  792. Dec 7 19:09:15.717723: | IKEv2 transform ID: OAKLEY_GROUP_MODP8192 (0x12)
  793. Dec 7 19:09:15.717728: | emitting length of IKEv2 Transform Substructure Payload: 8
  794. Dec 7 19:09:15.717732: | *****emit IKEv2 Transform Substructure Payload:
  795. Dec 7 19:09:15.717737: | last transform: v2_TRANSFORM_LAST (0x0)
  796. Dec 7 19:09:15.717741: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  797. Dec 7 19:09:15.717751: | IKEv2 transform ID: OAKLEY_GROUP_ECP_256 (0x13)
  798. Dec 7 19:09:15.717756: | emitting length of IKEv2 Transform Substructure Payload: 8
  799. Dec 7 19:09:15.717761: | emitting length of IKEv2 Proposal Substructure Payload: 108
  800. Dec 7 19:09:15.717765: | emitting length of IKEv2 Security Association Payload: 388
  801. Dec 7 19:09:15.717771: | ***emit IKEv2 Key Exchange Payload:
  802. Dec 7 19:09:15.717776: | next payload type: ISAKMP_NEXT_v2Ni (0x28)
  803. Dec 7 19:09:15.717781: | flags: none (0x0)
  804. Dec 7 19:09:15.717785: | DH group: OAKLEY_GROUP_MODP2048 (0xe)
  805. Dec 7 19:09:15.717791: | next payload type: previous 'IKEv2 Security Association Payload' 'next payload type' matches 'IKEv2 Key Exchange Payload' (34:ISAKMP_NEXT_v2KE)
  806. Dec 7 19:09:15.717796: | next payload type: saving payload location 'IKEv2 Key Exchange Payload' 'next payload type'
  807. Dec 7 19:09:15.717802: | emitting 256 raw bytes of ikev2 g^x into IKEv2 Key Exchange Payload
  808. Dec 7 19:09:15.717808: | ikev2 g^x e6 14 db ee 26 6e 5b 92 9c 54 5b ba f8 e8 07 58
  809. Dec 7 19:09:15.717812: | ikev2 g^x 92 d1 5b a0 38 96 79 14 05 31 06 20 c8 4f 11 33
  810. Dec 7 19:09:15.717817: | ikev2 g^x d5 c5 85 1b f8 d4 9d 40 66 84 19 44 01 75 ef 07
  811. Dec 7 19:09:15.717821: | ikev2 g^x d9 bc f7 83 c0 90 6d 97 cb 76 09 da 2d d3 f8 8d
  812. Dec 7 19:09:15.717826: | ikev2 g^x b5 a3 eb b7 ec a8 15 ed 1a 6f 9e c6 92 18 38 2b
  813. Dec 7 19:09:15.717830: | ikev2 g^x 4b 77 e9 18 9b b6 7e d1 bf 02 7c 9d af 8f 72 56
  814. Dec 7 19:09:15.717835: | ikev2 g^x ea 1c 74 56 af 81 17 d7 24 85 fa 53 5e 27 ab 7d
  815. Dec 7 19:09:15.717839: | ikev2 g^x 13 f8 b1 ca aa 67 72 b0 34 93 61 51 df 5f 6d fb
  816. Dec 7 19:09:15.717843: | ikev2 g^x 46 48 44 a4 ec e4 04 ff c0 47 7b de 3d e1 32 5b
  817. Dec 7 19:09:15.717848: | ikev2 g^x 83 80 a1 be 9e 62 c8 2c 69 79 cf d2 32 aa cb c0
  818. Dec 7 19:09:15.717852: | ikev2 g^x 84 c3 d2 db 68 98 88 a7 28 64 50 ca 05 25 c7 d4
  819. Dec 7 19:09:15.717857: | ikev2 g^x 4a 92 89 27 fe 68 2a 77 84 6a 49 57 11 77 7a 17
  820. Dec 7 19:09:15.717861: | ikev2 g^x 1c 6d 39 05 84 79 e8 fe 0f e0 9f 69 4f 71 2f 49
  821. Dec 7 19:09:15.717866: | ikev2 g^x 90 e4 25 b6 30 13 96 73 d8 15 a3 f1 27 8d ed 81
  822. Dec 7 19:09:15.717870: | ikev2 g^x 0e 7e c7 86 c4 35 bc 94 30 08 02 c5 f0 9b cb 5d
  823. Dec 7 19:09:15.717875: | ikev2 g^x 2d 10 81 1a 3c 32 2e 09 92 c8 6b 7c ad 20 04 c8
  824. Dec 7 19:09:15.717880: | emitting length of IKEv2 Key Exchange Payload: 264
  825. Dec 7 19:09:15.717885: | ***emit IKEv2 Nonce Payload:
  826. Dec 7 19:09:15.717889: | next payload type: ISAKMP_NEXT_v2N (0x29)
  827. Dec 7 19:09:15.717894: | flags: none (0x0)
  828. Dec 7 19:09:15.717900: | next payload type: previous 'IKEv2 Key Exchange Payload' 'next payload type' matches 'IKEv2 Nonce Payload' (40:ISAKMP_NEXT_v2Ni)
  829. Dec 7 19:09:15.717905: | next payload type: saving payload location 'IKEv2 Nonce Payload' 'next payload type'
  830. Dec 7 19:09:15.717910: | emitting 32 raw bytes of IKEv2 nonce into IKEv2 Nonce Payload
  831. Dec 7 19:09:15.717915: | IKEv2 nonce db 95 97 ce 32 17 f6 c8 27 37 f7 10 30 6f 43 37
  832. Dec 7 19:09:15.717920: | IKEv2 nonce 6c ed a6 7b 4e ff c3 14 90 18 e1 e7 74 ac 36 b6
  833. Dec 7 19:09:15.717924: | emitting length of IKEv2 Nonce Payload: 36
  834. Dec 7 19:09:15.717929: | Adding a v2N Payload
  835. Dec 7 19:09:15.717934: | ***emit IKEv2 Notify Payload:
  836. Dec 7 19:09:15.717939: | next payload type: ISAKMP_NEXT_v2N (0x29)
  837. Dec 7 19:09:15.717943: | flags: none (0x0)
  838. Dec 7 19:09:15.717948: | Protocol ID: PROTO_v2_RESERVED (0x0)
  839. Dec 7 19:09:15.717952: | SPI size: 0 (0x0)
  840. Dec 7 19:09:15.717958: | Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e)
  841. Dec 7 19:09:15.717964: | next payload type: previous 'IKEv2 Nonce Payload' 'next payload type' matches 'IKEv2 Notify Payload' (41:ISAKMP_NEXT_v2N)
  842. Dec 7 19:09:15.717969: | next payload type: saving payload location 'IKEv2 Notify Payload' 'next payload type'
  843. Dec 7 19:09:15.717974: | emitting 0 raw bytes of Notify data into IKEv2 Notify Payload
  844. Dec 7 19:09:15.717978: | Notify data
  845. Dec 7 19:09:15.717983: | emitting length of IKEv2 Notify Payload: 8
  846. Dec 7 19:09:15.717993: | Adding a v2N Payload
  847. Dec 7 19:09:15.717998: | ***emit IKEv2 Notify Payload:
  848. Dec 7 19:09:15.718002: | next payload type: ISAKMP_NEXT_v2N (0x29)
  849. Dec 7 19:09:15.718007: | flags: none (0x0)
  850. Dec 7 19:09:15.718011: | Protocol ID: PROTO_v2_RESERVED (0x0)
  851. Dec 7 19:09:15.718016: | SPI size: 0 (0x0)
  852. Dec 7 19:09:15.718020: | Notify Message Type: v2N_SIGNATURE_HASH_ALGORITHMS (0x402f)
  853. Dec 7 19:09:15.718026: | next payload type: previous 'IKEv2 Notify Payload' 'next payload type' matches 'IKEv2 Notify Payload' (41:ISAKMP_NEXT_v2N)
  854. Dec 7 19:09:15.718031: | next payload type: saving payload location 'IKEv2 Notify Payload' 'next payload type'
  855. Dec 7 19:09:15.718036: | emitting 2 raw bytes of Notify data into IKEv2 Notify Payload
  856. Dec 7 19:09:15.718041: | Notify data 00 01
  857. Dec 7 19:09:15.718045: | emitting length of IKEv2 Notify Payload: 10
  858. Dec 7 19:09:15.718051: | NAT-Traversal support [enabled] add v2N payloads.
  859. Dec 7 19:09:15.718057: | natd_hash: Warning, rcookie is zero !!
  860. Dec 7 19:09:15.718081: | natd_hash: hasher=0x564deceb7720(20)
  861. Dec 7 19:09:15.718087: | natd_hash: icookie= af 26 30 ff 4b 80 f5 5b
  862. Dec 7 19:09:15.718091: | natd_hash: rcookie= 00 00 00 00 00 00 00 00
  863. Dec 7 19:09:15.718096: | natd_hash: ip= c0 a8 32 03
  864. Dec 7 19:09:15.718100: | natd_hash: port=500
  865. Dec 7 19:09:15.718105: | natd_hash: hash= 87 e4 8d f3 e5 da d4 8b 8c 78 b2 f7 7f dc 9f bf
  866. Dec 7 19:09:15.718110: | natd_hash: hash= 5d 93 24 9d
  867. Dec 7 19:09:15.718114: | Adding a v2N Payload
  868. Dec 7 19:09:15.718119: | ***emit IKEv2 Notify Payload:
  869. Dec 7 19:09:15.718123: | next payload type: ISAKMP_NEXT_v2N (0x29)
  870. Dec 7 19:09:15.718128: | flags: none (0x0)
  871. Dec 7 19:09:15.718133: | Protocol ID: PROTO_v2_RESERVED (0x0)
  872. Dec 7 19:09:15.718137: | SPI size: 0 (0x0)
  873. Dec 7 19:09:15.718143: | Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004)
  874. Dec 7 19:09:15.718149: | next payload type: previous 'IKEv2 Notify Payload' 'next payload type' matches 'IKEv2 Notify Payload' (41:ISAKMP_NEXT_v2N)
  875. Dec 7 19:09:15.718153: | next payload type: saving payload location 'IKEv2 Notify Payload' 'next payload type'
  876. Dec 7 19:09:15.718159: | emitting 20 raw bytes of Notify data into IKEv2 Notify Payload
  877. Dec 7 19:09:15.718164: | Notify data 87 e4 8d f3 e5 da d4 8b 8c 78 b2 f7 7f dc 9f bf
  878. Dec 7 19:09:15.718168: | Notify data 5d 93 24 9d
  879. Dec 7 19:09:15.718173: | emitting length of IKEv2 Notify Payload: 28
  880. Dec 7 19:09:15.718177: | natd_hash: Warning, rcookie is zero !!
  881. Dec 7 19:09:15.718188: | natd_hash: hasher=0x564deceb7720(20)
  882. Dec 7 19:09:15.718193: | natd_hash: icookie= af 26 30 ff 4b 80 f5 5b
  883. Dec 7 19:09:15.718198: | natd_hash: rcookie= 00 00 00 00 00 00 00 00
  884. Dec 7 19:09:15.718202: | natd_hash: ip= c0 a8 32 02
  885. Dec 7 19:09:15.718206: | natd_hash: port=500
  886. Dec 7 19:09:15.718211: | natd_hash: hash= 0c db 0c f0 72 3d d8 82 cf df 53 b0 ce 85 1f b1
  887. Dec 7 19:09:15.718215: | natd_hash: hash= d7 67 ff 7b
  888. Dec 7 19:09:15.718219: | Adding a v2N Payload
  889. Dec 7 19:09:15.718224: | ***emit IKEv2 Notify Payload:
  890. Dec 7 19:09:15.718229: | next payload type: ISAKMP_NEXT_v2NONE (0x0)
  891. Dec 7 19:09:15.718233: | flags: none (0x0)
  892. Dec 7 19:09:15.718238: | Protocol ID: PROTO_v2_RESERVED (0x0)
  893. Dec 7 19:09:15.718242: | SPI size: 0 (0x0)
  894. Dec 7 19:09:15.718247: | Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005)
  895. Dec 7 19:09:15.718252: | next payload type: previous 'IKEv2 Notify Payload' 'next payload type' matches 'IKEv2 Notify Payload' (41:ISAKMP_NEXT_v2N)
  896. Dec 7 19:09:15.718257: | next payload type: saving payload location 'IKEv2 Notify Payload' 'next payload type'
  897. Dec 7 19:09:15.718262: | emitting 20 raw bytes of Notify data into IKEv2 Notify Payload
  898. Dec 7 19:09:15.718267: | Notify data 0c db 0c f0 72 3d d8 82 cf df 53 b0 ce 85 1f b1
  899. Dec 7 19:09:15.718271: | Notify data d7 67 ff 7b
  900. Dec 7 19:09:15.718276: | emitting length of IKEv2 Notify Payload: 28
  901. Dec 7 19:09:15.718280: | emitting length of ISAKMP Message: 790
  902. Dec 7 19:09:15.718291: | processing: stop state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in ikev2_parent_outI1_common() at ikev2_parent.c:1089)
  903. Dec 7 19:09:15.718301: | serialno table: hash serialno #0 to head 0x564dececafe0
  904. Dec 7 19:09:15.718306: | serialno table: hash serialno #0 to head 0x564dececafe0
  905. Dec 7 19:09:15.718318: | processing: start state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in complete_v2_state_transition() at ikev2.c:2787)
  906. Dec 7 19:09:15.718325: | #1 complete v2 state transition from STATE_PARENT_I1 with STF_OK
  907. Dec 7 19:09:15.718333: | IKEv2: transition from state STATE_IKEv2_BASE to state STATE_PARENT_I1
  908. Dec 7 19:09:15.718341: | message ID #1 STATE_PARENT_I1 private#192.168.50.0/24 pst #1 st_msgid_nextuse(before=0) 1 st_msgid_lastack 4294967295 st_msgid_lastrecv 4294967295 md is a request
  909. Dec 7 19:09:15.718347: | sending V2 new request packet to 192.168.50.2:500 (from port 500)
  910. Dec 7 19:09:15.718361: | sending 790 bytes for STATE_IKEv2_BASE through eth1:500 to 192.168.50.2:500 (using #1)
  911. Dec 7 19:09:15.718366: | af 26 30 ff 4b 80 f5 5b 00 00 00 00 00 00 00 00
  912. Dec 7 19:09:15.718371: | 21 20 22 08 00 00 00 00 00 00 03 16 22 00 01 84
  913. Dec 7 19:09:15.718375: | 02 00 00 54 01 01 00 09 03 00 00 0c 01 00 00 14
  914. Dec 7 19:09:15.718379: | 80 0e 01 00 03 00 00 08 02 00 00 07 03 00 00 08
  915. Dec 7 19:09:15.718384: | 02 00 00 05 03 00 00 08 02 00 00 02 03 00 00 08
  916. Dec 7 19:09:15.718388: | 04 00 00 0e 03 00 00 08 04 00 00 0f 03 00 00 08
  917. Dec 7 19:09:15.718393: | 04 00 00 10 03 00 00 08 04 00 00 12 00 00 00 08
  918. Dec 7 19:09:15.718397: | 04 00 00 13 02 00 00 54 02 01 00 09 03 00 00 0c
  919. Dec 7 19:09:15.718401: | 01 00 00 14 80 0e 00 80 03 00 00 08 02 00 00 07
  920. Dec 7 19:09:15.718406: | 03 00 00 08 02 00 00 05 03 00 00 08 02 00 00 02
  921. Dec 7 19:09:15.718410: | 03 00 00 08 04 00 00 0e 03 00 00 08 04 00 00 0f
  922. Dec 7 19:09:15.718414: | 03 00 00 08 04 00 00 10 03 00 00 08 04 00 00 12
  923. Dec 7 19:09:15.718419: | 00 00 00 08 04 00 00 13 02 00 00 6c 03 01 00 0c
  924. Dec 7 19:09:15.718423: | 03 00 00 0c 01 00 00 0c 80 0e 01 00 03 00 00 08
  925. Dec 7 19:09:15.718428: | 02 00 00 07 03 00 00 08 02 00 00 05 03 00 00 08
  926. Dec 7 19:09:15.718432: | 02 00 00 02 03 00 00 08 03 00 00 0e 03 00 00 08
  927. Dec 7 19:09:15.718436: | 03 00 00 0c 03 00 00 08 03 00 00 02 03 00 00 08
  928. Dec 7 19:09:15.718441: | 04 00 00 0e 03 00 00 08 04 00 00 0f 03 00 00 08
  929. Dec 7 19:09:15.718445: | 04 00 00 10 03 00 00 08 04 00 00 12 00 00 00 08
  930. Dec 7 19:09:15.718449: | 04 00 00 13 00 00 00 6c 04 01 00 0c 03 00 00 0c
  931. Dec 7 19:09:15.718454: | 01 00 00 0c 80 0e 00 80 03 00 00 08 02 00 00 07
  932. Dec 7 19:09:15.718458: | 03 00 00 08 02 00 00 05 03 00 00 08 02 00 00 02
  933. Dec 7 19:09:15.718462: | 03 00 00 08 03 00 00 0e 03 00 00 08 03 00 00 0c
  934. Dec 7 19:09:15.718467: | 03 00 00 08 03 00 00 02 03 00 00 08 04 00 00 0e
  935. Dec 7 19:09:15.718471: | 03 00 00 08 04 00 00 0f 03 00 00 08 04 00 00 10
  936. Dec 7 19:09:15.718476: | 03 00 00 08 04 00 00 12 00 00 00 08 04 00 00 13
  937. Dec 7 19:09:15.718480: | 28 00 01 08 00 0e 00 00 e6 14 db ee 26 6e 5b 92
  938. Dec 7 19:09:15.718484: | 9c 54 5b ba f8 e8 07 58 92 d1 5b a0 38 96 79 14
  939. Dec 7 19:09:15.718489: | 05 31 06 20 c8 4f 11 33 d5 c5 85 1b f8 d4 9d 40
  940. Dec 7 19:09:15.718493: | 66 84 19 44 01 75 ef 07 d9 bc f7 83 c0 90 6d 97
  941. Dec 7 19:09:15.718497: | cb 76 09 da 2d d3 f8 8d b5 a3 eb b7 ec a8 15 ed
  942. Dec 7 19:09:15.718502: | 1a 6f 9e c6 92 18 38 2b 4b 77 e9 18 9b b6 7e d1
  943. Dec 7 19:09:15.718506: | bf 02 7c 9d af 8f 72 56 ea 1c 74 56 af 81 17 d7
  944. Dec 7 19:09:15.718511: | 24 85 fa 53 5e 27 ab 7d 13 f8 b1 ca aa 67 72 b0
  945. Dec 7 19:09:15.718515: | 34 93 61 51 df 5f 6d fb 46 48 44 a4 ec e4 04 ff
  946. Dec 7 19:09:15.718519: | c0 47 7b de 3d e1 32 5b 83 80 a1 be 9e 62 c8 2c
  947. Dec 7 19:09:15.718524: | 69 79 cf d2 32 aa cb c0 84 c3 d2 db 68 98 88 a7
  948. Dec 7 19:09:15.718528: | 28 64 50 ca 05 25 c7 d4 4a 92 89 27 fe 68 2a 77
  949. Dec 7 19:09:15.718532: | 84 6a 49 57 11 77 7a 17 1c 6d 39 05 84 79 e8 fe
  950. Dec 7 19:09:15.718540: | 0f e0 9f 69 4f 71 2f 49 90 e4 25 b6 30 13 96 73
  951. Dec 7 19:09:15.718545: | d8 15 a3 f1 27 8d ed 81 0e 7e c7 86 c4 35 bc 94
  952. Dec 7 19:09:15.718549: | 30 08 02 c5 f0 9b cb 5d 2d 10 81 1a 3c 32 2e 09
  953. Dec 7 19:09:15.718554: | 92 c8 6b 7c ad 20 04 c8 29 00 00 24 db 95 97 ce
  954. Dec 7 19:09:15.718558: | 32 17 f6 c8 27 37 f7 10 30 6f 43 37 6c ed a6 7b
  955. Dec 7 19:09:15.718562: | 4e ff c3 14 90 18 e1 e7 74 ac 36 b6 29 00 00 08
  956. Dec 7 19:09:15.718567: | 00 00 40 2e 29 00 00 0a 00 00 40 2f 00 01 29 00
  957. Dec 7 19:09:15.718571: | 00 1c 00 00 40 04 87 e4 8d f3 e5 da d4 8b 8c 78
  958. Dec 7 19:09:15.718575: | b2 f7 7f dc 9f bf 5d 93 24 9d 00 00 00 1c 00 00
  959. Dec 7 19:09:15.718580: | 40 05 0c db 0c f0 72 3d d8 82 cf df 53 b0 ce 85
  960. Dec 7 19:09:15.718584: | 1f b1 d7 67 ff 7b
  961. Dec 7 19:09:15.718722: | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
  962. Dec 7 19:09:15.718740: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x564dee3d0b58
  963. Dec 7 19:09:15.718747: | success_v2_state_transition scheduling EVENT_v2_RETRANSMIT of c->r_interval=500ms
  964. Dec 7 19:09:15.718756: | event_schedule: new EVENT_v2_RETRANSMIT-pe@0x564dee3d0b58
  965. Dec 7 19:09:15.718763: | inserting event EVENT_v2_RETRANSMIT, timeout in 0.500 seconds for #1
  966. Dec 7 19:09:15.718773: | #1 STATE_PARENT_I1: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 992.645
  967. Dec 7 19:09:15.718783: | processing: stop state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in schedule_event_now_cb() at server.c:597)
  968. Dec 7 19:09:15.718789: | serialno table: hash serialno #0 to head 0x564dececafe0
  969. Dec 7 19:09:15.718794: | serialno table: hash serialno #0 to head 0x564dececafe0
  970. Dec 7 19:09:15.725494: | *received 447 bytes from 192.168.50.2:500 on eth1 (port=500)
  971. Dec 7 19:09:15.725526: | af 26 30 ff 4b 80 f5 5b 50 e3 a7 bd 0a d5 14 e9
  972. Dec 7 19:09:15.725530: | 21 20 22 20 00 00 00 00 00 00 01 bf 22 00 00 28
  973. Dec 7 19:09:15.725534: | 00 00 00 24 01 01 00 03 03 00 00 0c 01 00 00 14
  974. Dec 7 19:09:15.725537: | 80 0e 01 00 03 00 00 08 02 00 00 07 00 00 00 08
  975. Dec 7 19:09:15.725541: | 04 00 00 0e 28 00 01 08 00 0e 00 00 22 0c c4 07
  976. Dec 7 19:09:15.725544: | d1 74 bb b5 fb ad 84 52 6d b7 25 ec 35 9f b9 35
  977. Dec 7 19:09:15.725548: | a8 aa 77 c0 1a 4d 6b f0 15 f7 d7 70 05 49 a5 fb
  978. Dec 7 19:09:15.725551: | 50 2b 9b 05 87 c7 88 70 bc 62 00 26 51 ff 3c cf
  979. Dec 7 19:09:15.725555: | fe 31 ce e3 7f a0 d4 3e 54 ae e1 f8 0e 45 4e e8
  980. Dec 7 19:09:15.725560: | 1e 88 de 43 32 52 fa a2 e6 37 c5 cf d2 5a 96 78
  981. Dec 7 19:09:15.725566: | 17 65 9c b5 60 25 a3 38 b8 b6 63 44 24 11 05 e7
  982. Dec 7 19:09:15.725571: | bb 7a 17 5e 33 41 bc 2b 01 6b 16 95 06 bd a1 79
  983. Dec 7 19:09:15.725577: | 36 01 c3 a3 9a 7a 3d 62 a3 3e e4 9d 24 29 06 fa
  984. Dec 7 19:09:15.725583: | 0e 65 1e a2 e2 9c d1 50 0c 04 a4 44 18 58 c5 c4
  985. Dec 7 19:09:15.725589: | 83 e1 99 9f b8 ca c4 87 72 3a 8b d8 2a 64 ec 43
  986. Dec 7 19:09:15.725594: | f3 e3 47 97 5a 03 53 cf bc 78 f7 de c6 80 98 b3
  987. Dec 7 19:09:15.725600: | dd ce f7 1e 3e 5d 8a b3 45 16 8c e1 92 c7 ae 07
  988. Dec 7 19:09:15.725606: | 3d 9f ac e2 16 d1 fb ad 31 ba c2 40 1a 91 4b 8f
  989. Dec 7 19:09:15.725611: | 47 f6 18 d0 ac 89 47 3a b6 4a 0a f4 f1 c9 48 8f
  990. Dec 7 19:09:15.725628: | 8f 86 05 5f 27 87 43 63 2b 4e 88 b2 5b df 39 b9
  991. Dec 7 19:09:15.725634: | 5f 2e 91 67 f7 89 03 26 a8 39 79 d6 29 00 00 24
  992. Dec 7 19:09:15.725640: | f0 2a f0 c4 47 41 78 6b 1c d8 53 3e 6d dc c0 fc
  993. Dec 7 19:09:15.725645: | 05 19 15 83 46 34 21 19 01 61 51 8d 44 f6 77 39
  994. Dec 7 19:09:15.725651: | 29 00 00 08 00 00 40 2e 29 00 00 0a 00 00 40 2f
  995. Dec 7 19:09:15.725656: | 00 01 29 00 00 1c 00 00 40 04 fd db ab cd 0c 6f
  996. Dec 7 19:09:15.725660: | 89 38 cb 7c eb 45 1c 8d 69 7f 66 8e fc 83 26 00
  997. Dec 7 19:09:15.725663: | 00 1c 00 00 40 05 2a b4 eb eb 74 40 26 fc 5b 08
  998. Dec 7 19:09:15.725667: | b9 a1 0c 71 1f 3c ef d5 d7 7f 00 00 00 05 04
  999. Dec 7 19:09:15.725692: | processing: start from 192.168.50.2:500 (in process_md() at demux.c:392)
  1000. Dec 7 19:09:15.725699: | **parse ISAKMP Message:
  1001. Dec 7 19:09:15.725704: | initiator cookie:
  1002. Dec 7 19:09:15.725707: | af 26 30 ff 4b 80 f5 5b
  1003. Dec 7 19:09:15.725711: | responder cookie:
  1004. Dec 7 19:09:15.725715: | 50 e3 a7 bd 0a d5 14 e9
  1005. Dec 7 19:09:15.725719: | next payload type: ISAKMP_NEXT_v2SA (0x21)
  1006. Dec 7 19:09:15.725723: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
  1007. Dec 7 19:09:15.725727: | exchange type: ISAKMP_v2_SA_INIT (0x22)
  1008. Dec 7 19:09:15.725732: | flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
  1009. Dec 7 19:09:15.725736: | message ID: 00 00 00 00
  1010. Dec 7 19:09:15.725740: | length: 447 (0x1bf)
  1011. Dec 7 19:09:15.725744: | processing version=2.0 packet with exchange type=ISAKMP_v2_SA_INIT (34)
  1012. Dec 7 19:09:15.725751: | I am receiving an IKEv2 Response ISAKMP_v2_SA_INIT
  1013. Dec 7 19:09:15.725755: | I am the IKE SA Original Initiator
  1014. Dec 7 19:09:15.725766: | icookie table: hash icookie af 26 30 ff 4b 80 f5 5b to 10993388570101360805 slot 0x564decec8ae0
  1015. Dec 7 19:09:15.725771: | parent_init v2 peer and cookies match on #1
  1016. Dec 7 19:09:15.725775: | v2 state object #1 found, in STATE_PARENT_I1
  1017. Dec 7 19:09:15.725779: | rehashing state object #1
  1018. Dec 7 19:09:15.725783: | icookie table: cookies table: re-hashing state #1 cookies
  1019. Dec 7 19:09:15.725788: | found state #1
  1020. Dec 7 19:09:15.725797: | processing: start state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in ikev2_process_packet() at ikev2.c:1538)
  1021. Dec 7 19:09:15.725804: | processing: start connection "private#192.168.50.0/24"[1] ...192.168.50.2 (BACKGROUND) (in ikev2_process_packet() at ikev2.c:1543)
  1022. Dec 7 19:09:15.725808: | #1 is idle
  1023. Dec 7 19:09:15.725812: | #1 idle
  1024. Dec 7 19:09:15.725816: | #1 in state PARENT_I1: sent v2I1, expected v2R1
  1025. Dec 7 19:09:15.725820: | Unpacking clear payload for svm: Initiator: process SA_INIT reply notification
  1026. Dec 7 19:09:15.725824: | Now let's proceed with payload (ISAKMP_NEXT_v2SA)
  1027. Dec 7 19:09:15.725829: | ***parse IKEv2 Security Association Payload:
  1028. Dec 7 19:09:15.725832: | next payload type: ISAKMP_NEXT_v2KE (0x22)
  1029. Dec 7 19:09:15.725836: | flags: none (0x0)
  1030. Dec 7 19:09:15.725840: | length: 40 (0x28)
  1031. Dec 7 19:09:15.725843: | processing payload: ISAKMP_NEXT_v2SA (len=40)
  1032. Dec 7 19:09:15.725847: | Now let's proceed with payload (ISAKMP_NEXT_v2KE)
  1033. Dec 7 19:09:15.725851: | ***parse IKEv2 Key Exchange Payload:
  1034. Dec 7 19:09:15.725855: | next payload type: ISAKMP_NEXT_v2Ni (0x28)
  1035. Dec 7 19:09:15.725859: | flags: none (0x0)
  1036. Dec 7 19:09:15.725862: | length: 264 (0x108)
  1037. Dec 7 19:09:15.725866: | DH group: OAKLEY_GROUP_MODP2048 (0xe)
  1038. Dec 7 19:09:15.725870: | processing payload: ISAKMP_NEXT_v2KE (len=264)
  1039. Dec 7 19:09:15.725873: | Now let's proceed with payload (ISAKMP_NEXT_v2Ni)
  1040. Dec 7 19:09:15.725877: | ***parse IKEv2 Nonce Payload:
  1041. Dec 7 19:09:15.725881: | next payload type: ISAKMP_NEXT_v2N (0x29)
  1042. Dec 7 19:09:15.725884: | flags: none (0x0)
  1043. Dec 7 19:09:15.725888: | length: 36 (0x24)
  1044. Dec 7 19:09:15.725891: | processing payload: ISAKMP_NEXT_v2Ni (len=36)
  1045. Dec 7 19:09:15.725895: | Now let's proceed with payload (ISAKMP_NEXT_v2N)
  1046. Dec 7 19:09:15.725899: | ***parse IKEv2 Notify Payload:
  1047. Dec 7 19:09:15.725903: | next payload type: ISAKMP_NEXT_v2N (0x29)
  1048. Dec 7 19:09:15.725906: | flags: none (0x0)
  1049. Dec 7 19:09:15.725910: | length: 8 (0x8)
  1050. Dec 7 19:09:15.725914: | Protocol ID: PROTO_v2_RESERVED (0x0)
  1051. Dec 7 19:09:15.725917: | SPI size: 0 (0x0)
  1052. Dec 7 19:09:15.725921: | Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e)
  1053. Dec 7 19:09:15.725925: | processing payload: ISAKMP_NEXT_v2N (len=8)
  1054. Dec 7 19:09:15.725929: | Now let's proceed with payload (ISAKMP_NEXT_v2N)
  1055. Dec 7 19:09:15.725932: | ***parse IKEv2 Notify Payload:
  1056. Dec 7 19:09:15.725936: | next payload type: ISAKMP_NEXT_v2N (0x29)
  1057. Dec 7 19:09:15.725939: | flags: none (0x0)
  1058. Dec 7 19:09:15.725943: | length: 10 (0xa)
  1059. Dec 7 19:09:15.725946: | Protocol ID: PROTO_v2_RESERVED (0x0)
  1060. Dec 7 19:09:15.725954: | SPI size: 0 (0x0)
  1061. Dec 7 19:09:15.725958: | Notify Message Type: v2N_SIGNATURE_HASH_ALGORITHMS (0x402f)
  1062. Dec 7 19:09:15.725962: | processing payload: ISAKMP_NEXT_v2N (len=10)
  1063. Dec 7 19:09:15.725965: | Now let's proceed with payload (ISAKMP_NEXT_v2N)
  1064. Dec 7 19:09:15.725969: | ***parse IKEv2 Notify Payload:
  1065. Dec 7 19:09:15.725973: | next payload type: ISAKMP_NEXT_v2N (0x29)
  1066. Dec 7 19:09:15.725976: | flags: none (0x0)
  1067. Dec 7 19:09:15.725980: | length: 28 (0x1c)
  1068. Dec 7 19:09:15.725983: | Protocol ID: PROTO_v2_RESERVED (0x0)
  1069. Dec 7 19:09:15.725987: | SPI size: 0 (0x0)
  1070. Dec 7 19:09:15.725991: | Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004)
  1071. Dec 7 19:09:15.725994: | processing payload: ISAKMP_NEXT_v2N (len=28)
  1072. Dec 7 19:09:15.725998: | Now let's proceed with payload (ISAKMP_NEXT_v2N)
  1073. Dec 7 19:09:15.726002: | ***parse IKEv2 Notify Payload:
  1074. Dec 7 19:09:15.726005: | next payload type: ISAKMP_NEXT_v2CERTREQ (0x26)
  1075. Dec 7 19:09:15.726009: | flags: none (0x0)
  1076. Dec 7 19:09:15.726012: | length: 28 (0x1c)
  1077. Dec 7 19:09:15.726016: | Protocol ID: PROTO_v2_RESERVED (0x0)
  1078. Dec 7 19:09:15.726019: | SPI size: 0 (0x0)
  1079. Dec 7 19:09:15.726023: | Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005)
  1080. Dec 7 19:09:15.726027: | processing payload: ISAKMP_NEXT_v2N (len=28)
  1081. Dec 7 19:09:15.726030: | Now let's proceed with payload (ISAKMP_NEXT_v2CERTREQ)
  1082. Dec 7 19:09:15.726034: | ***parse IKEv2 Certificate Request Payload:
  1083. Dec 7 19:09:15.726038: | next payload type: ISAKMP_NEXT_v2NONE (0x0)
  1084. Dec 7 19:09:15.726042: | flags: none (0x0)
  1085. Dec 7 19:09:15.726045: | length: 5 (0x5)
  1086. Dec 7 19:09:15.726049: | ikev2 cert encoding: CERT_X509_SIGNATURE (0x4)
  1087. Dec 7 19:09:15.726053: | processing payload: ISAKMP_NEXT_v2CERTREQ (len=5)
  1088. Dec 7 19:09:15.726057: | selected state microcode Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH
  1089. Dec 7 19:09:15.726061: | Now lets proceed with state specific processing
  1090. Dec 7 19:09:15.726064: | calling processor Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH
  1091. Dec 7 19:09:15.726083: | parsing 2 raw bytes of IKEv2 Notify Payload into hash value
  1092. Dec 7 19:09:15.726090: | hash value 00 01
  1093. Dec 7 19:09:15.726096: | ikev2 parent inR1: calculating g^{xy} in order to send I2
  1094. Dec 7 19:09:15.726103: | already determined local IKE proposals for private#192.168.50.0/24 (IKE SA initiator accepting remote proposal)
  1095. Dec 7 19:09:15.726108: | Comparing remote proposals against IKE initiator (accepting) 4 local proposals
  1096. Dec 7 19:09:15.726113: | ****parse IKEv2 Proposal Substructure Payload:
  1097. Dec 7 19:09:15.726117: | last proposal: v2_PROPOSAL_LAST (0x0)
  1098. Dec 7 19:09:15.726121: | length: 36 (0x24)
  1099. Dec 7 19:09:15.726124: | prop #: 1 (0x1)
  1100. Dec 7 19:09:15.726128: | proto ID: IKEv2_SEC_PROTO_IKE (0x1)
  1101. Dec 7 19:09:15.726131: | spi size: 0 (0x0)
  1102. Dec 7 19:09:15.726135: | # transforms: 3 (0x3)
  1103. Dec 7 19:09:15.726143: | Comparing remote proposal 1 containing 3 transforms against local proposal [1..1] of 4 local proposals
  1104. Dec 7 19:09:15.726148: | local proposal 1 type ENCR has 1 transforms
  1105. Dec 7 19:09:15.726152: | local proposal 1 type PRF has 3 transforms
  1106. Dec 7 19:09:15.726156: | local proposal 1 type INTEG has 1 transforms
  1107. Dec 7 19:09:15.726160: | local proposal 1 type DH has 5 transforms
  1108. Dec 7 19:09:15.726163: | local proposal 1 type ESN has 0 transforms
  1109. Dec 7 19:09:15.726169: | local proposal 1 transforms: required: ENCR+PRF+DH; optional: INTEG
  1110. Dec 7 19:09:15.726173: | *****parse IKEv2 Transform Substructure Payload:
  1111. Dec 7 19:09:15.726177: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  1112. Dec 7 19:09:15.726180: | length: 12 (0xc)
  1113. Dec 7 19:09:15.726184: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
  1114. Dec 7 19:09:15.726188: | IKEv2 transform ID: AES_GCM_C (0x14)
  1115. Dec 7 19:09:15.726192: | ******parse IKEv2 Attribute Substructure Payload:
  1116. Dec 7 19:09:15.726196: | af+type: IKEv2_KEY_LENGTH (0x800e)
  1117. Dec 7 19:09:15.726200: | length/value: 256 (0x100)
  1118. Dec 7 19:09:15.726208: | remote proposal 1 transform 0 (ENCR=AES_GCM_C_256) matches local proposal 1 type 1 (ENCR) transform 0
  1119. Dec 7 19:09:15.726216: | *****parse IKEv2 Transform Substructure Payload:
  1120. Dec 7 19:09:15.726220: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  1121. Dec 7 19:09:15.726224: | length: 8 (0x8)
  1122. Dec 7 19:09:15.726227: | IKEv2 transform type: TRANS_TYPE_PRF (0x2)
  1123. Dec 7 19:09:15.726231: | IKEv2 transform ID: PRF_HMAC_SHA2_512 (0x7)
  1124. Dec 7 19:09:15.726236: | remote proposal 1 transform 1 (PRF=HMAC_SHA2_512) matches local proposal 1 type 2 (PRF) transform 0
  1125. Dec 7 19:09:15.726240: | *****parse IKEv2 Transform Substructure Payload:
  1126. Dec 7 19:09:15.726244: | last transform: v2_TRANSFORM_LAST (0x0)
  1127. Dec 7 19:09:15.726248: | length: 8 (0x8)
  1128. Dec 7 19:09:15.726251: | IKEv2 transform type: TRANS_TYPE_DH (0x4)
  1129. Dec 7 19:09:15.726255: | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe)
  1130. Dec 7 19:09:15.726260: | remote proposal 1 transform 2 (DH=MODP2048) matches local proposal 1 type 4 (DH) transform 0
  1131. Dec 7 19:09:15.726266: | remote proposal 1 proposed transforms: ENCR+PRF+DH; matched: ENCR+PRF+DH; unmatched: none
  1132. Dec 7 19:09:15.726272: | comparing remote proposal 1 containing ENCR+PRF+DH transforms to local proposal 1; required: ENCR+PRF+DH; optional: INTEG; matched: ENCR+PRF+DH
  1133. Dec 7 19:09:15.726276: | remote proposal 1 matches local proposal 1
  1134. Dec 7 19:09:15.726281: | remote accepted the proposal 1:IKE:ENCR=AES_GCM_C_256;PRF=HMAC_SHA2_512;DH=MODP2048[first-match]
  1135. Dec 7 19:09:15.726285: | converting proposal to internal trans attrs
  1136. Dec 7 19:09:15.726291: | since AEAD, forcing NULL integ to 'NONE'
  1137. Dec 7 19:09:15.726297: | message ID #1 STATE_PARENT_I1 private#192.168.50.0/24 pst #1 st_msgid_nextuse(before=1) 1 st_msgid_lastack 0 st_msgid_lastrecv 4294967295 md is a resonse
  1138. Dec 7 19:09:15.726332: | natd_hash: hasher=0x564deceb7720(20)
  1139. Dec 7 19:09:15.726337: | natd_hash: icookie= af 26 30 ff 4b 80 f5 5b
  1140. Dec 7 19:09:15.726340: | natd_hash: rcookie= 50 e3 a7 bd 0a d5 14 e9
  1141. Dec 7 19:09:15.726344: | natd_hash: ip= c0 a8 32 03
  1142. Dec 7 19:09:15.726347: | natd_hash: port=500
  1143. Dec 7 19:09:15.726351: | natd_hash: hash= 2a b4 eb eb 74 40 26 fc 5b 08 b9 a1 0c 71 1f 3c
  1144. Dec 7 19:09:15.726355: | natd_hash: hash= ef d5 d7 7f
  1145. Dec 7 19:09:15.726363: | natd_hash: hasher=0x564deceb7720(20)
  1146. Dec 7 19:09:15.726367: | natd_hash: icookie= af 26 30 ff 4b 80 f5 5b
  1147. Dec 7 19:09:15.726371: | natd_hash: rcookie= 50 e3 a7 bd 0a d5 14 e9
  1148. Dec 7 19:09:15.726374: | natd_hash: ip= c0 a8 32 02
  1149. Dec 7 19:09:15.726378: | natd_hash: port=500
  1150. Dec 7 19:09:15.726381: | natd_hash: hash= fd db ab cd 0c 6f 89 38 cb 7c eb 45 1c 8d 69 7f
  1151. Dec 7 19:09:15.726385: | natd_hash: hash= 66 8e fc 83
  1152. Dec 7 19:09:15.726389: | NAT_TRAVERSAL encaps using auto-detect
  1153. Dec 7 19:09:15.726393: | NAT_TRAVERSAL this end is NOT behind NAT
  1154. Dec 7 19:09:15.726396: | NAT_TRAVERSAL that end is NOT behind NAT
  1155. Dec 7 19:09:15.726400: | NAT_TRAVERSAL nat_keepalive enabled 192.168.50.2
  1156. Dec 7 19:09:15.726409: | offloading IKEv2 SKEYSEED using prf=HMAC_SHA2_512 integ=NONE cipherkey=AES_GCM_16
  1157. Dec 7 19:09:15.726416: | adding ikev2_inR1outI2 KE work-order 2 for state #1
  1158. Dec 7 19:09:15.726420: | state #1 requesting EVENT_v2_RETRANSMIT to be deleted
  1159. Dec 7 19:09:15.726424: | #1 STATE_PARENT_I1: retransmits: cleared
  1160. Dec 7 19:09:15.726431: | free_event_entry: release EVENT_v2_RETRANSMIT-pe@0x564dee3d0b58
  1161. Dec 7 19:09:15.726436: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x564dee3d0b58
  1162. Dec 7 19:09:15.726444: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60.000 seconds for #1
  1163. Dec 7 19:09:15.726452: | backlog: inserting object 0x564dee3d26d8 (work-order 2 state #1) entry 0x564dee3d26e0 into list 0x564deced8fc0 (older 0x564deced8fc0 newer 0x564deced8fc0)
  1164. Dec 7 19:09:15.726458: | backlog: inserted object 0x564dee3d26d8 (work-order 2 state #1) entry 0x564dee3d26e0 (older 0x564deced8fc0 newer 0x564deced8fc0)
  1165. Dec 7 19:09:15.726463: | backlog: list entry 0x564deced8fc0 is HEAD (older 0x564dee3d26e0 newer 0x564dee3d26e0)
  1166. Dec 7 19:09:15.726478: | suspending state #1 and saving MD
  1167. Dec 7 19:09:15.726487: | #1 is busy; has a suspended MD
  1168. Dec 7 19:09:15.726493: | processing: [RE]START state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in log_stf_suspend() at ikev2.c:2691)
  1169. Dec 7 19:09:15.726500: | "private#192.168.50.0/24"[1] ...192.168.50.2 #1 complete v2 state STATE_PARENT_I1 transition with STF_SUSPEND suspended from complete_v2_state_transition:2763
  1170. Dec 7 19:09:15.726506: | processing: stop from 192.168.50.2:500 (BACKGROUND) (in process_md() at demux.c:394)
  1171. Dec 7 19:09:15.726511: | processing: stop state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in process_md() at demux.c:396)
  1172. Dec 7 19:09:15.726516: | serialno table: hash serialno #0 to head 0x564dececafe0
  1173. Dec 7 19:09:15.726519: | serialno table: hash serialno #0 to head 0x564dececafe0
  1174. Dec 7 19:09:15.726524: | processing: resume connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in process_md() at demux.c:396)
  1175. Dec 7 19:09:15.726530: | processing: stop connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in process_md() at demux.c:397)
  1176. Dec 7 19:09:15.726549: | crypto helper 1 resuming
  1177. Dec 7 19:09:15.726557: | backlog: removing object 0x564dee3d26d8 (work-order 2 state #1) entry 0x564dee3d26e0 (older 0x564deced8fc0 newer 0x564deced8fc0)
  1178. Dec 7 19:09:15.726563: | backlog: empty
  1179. Dec 7 19:09:15.726571: | crypto helper 1 starting work-order 2 for state #1
  1180. Dec 7 19:09:15.726578: | crypto helper 1 doing compute dh (V2); request ID 2
  1181. Dec 7 19:09:15.727642: | calculating skeyseed using prf=sha2_512 integ=none cipherkey-size=32 salt-size=4
  1182. Dec 7 19:09:15.728163: | crypto helper 1 finished compute dh (V2); request ID 2 time elapsed 1585 usec
  1183. Dec 7 19:09:15.728172: | crypto helper 1 sending results from work-order 2 for state #1 to event queue
  1184. Dec 7 19:09:15.728176: | scheduling now-event sending helper answer for #1
  1185. Dec 7 19:09:15.728189: | crypto helper 1 waiting (nothing to do)
  1186. Dec 7 19:09:15.728204: | executing now-event sending helper answer for 1
  1187. Dec 7 19:09:15.728209: | serialno table: hash serialno #1 to head 0x564dececb000
  1188. Dec 7 19:09:15.728213: | serialno table: hash serialno #1 to head 0x564dececb000
  1189. Dec 7 19:09:15.728221: | processing: start state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in schedule_event_now_cb() at server.c:594)
  1190. Dec 7 19:09:15.728225: | crypto helper 1 replies to request ID 2
  1191. Dec 7 19:09:15.728229: | calling continuation function 0x564decbf0ea0
  1192. Dec 7 19:09:15.728237: | ikev2_parent_inR1outI2_continue for #1: calculating g^{xy}, sending I2
  1193. Dec 7 19:09:15.728247: | creating state object #2 at 0x564dee3d32a8
  1194. Dec 7 19:09:15.728252: | parent state #2: new => STATE_UNDEFINED(ignore)
  1195. Dec 7 19:09:15.728257: | duplicating state object #1 "private#192.168.50.0/24"[1] ...192.168.50.2 as #2 for IPSEC SA
  1196. Dec 7 19:09:15.728263: | inserting state object #2
  1197. Dec 7 19:09:15.728268: | serialno list: inserting object 0x564dee3d32a8 (state #2) entry 0x564dee3d3a50 into list 0x564deced80c0 (older 0x564dee3cfd60 newer 0x564dee3cfd60)
  1198. Dec 7 19:09:15.728274: | serialno list: inserted object 0x564dee3d32a8 (state #2) entry 0x564dee3d3a50 (older 0x564dee3cfd60 newer 0x564deced80c0)
  1199. Dec 7 19:09:15.728278: | serialno list: list entry 0x564deced80c0 is HEAD (older 0x564dee3d3a50 newer 0x564dee3cfd60)
  1200. Dec 7 19:09:15.728284: | serialno table: inserting object 0x564dee3d32a8 (state #2) entry 0x564dee3d3a70 into list 0x564dececb020 (older 0x564dececb020 newer 0x564dececb020)
  1201. Dec 7 19:09:15.728289: | serialno table: inserted object 0x564dee3d32a8 (state #2) entry 0x564dee3d3a70 (older 0x564dececb020 newer 0x564dececb020)
  1202. Dec 7 19:09:15.728293: | serialno table: list entry 0x564dececb020 is HEAD (older 0x564dee3d3a70 newer 0x564dee3d3a70)
  1203. Dec 7 19:09:15.728298: | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
  1204. Dec 7 19:09:15.728304: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x564dee3d0b58
  1205. Dec 7 19:09:15.728308: | ikev2_replace_delay() picked up half-open SA ike_life:60
  1206. Dec 7 19:09:15.728313: | event_schedule: new EVENT_SA_EXPIRE-pe@0x564dee3d0b58
  1207. Dec 7 19:09:15.728324: | inserting event EVENT_SA_EXPIRE, timeout in 60.000 seconds for #1
  1208. Dec 7 19:09:15.728330: | parent state #1: STATE_PARENT_I1(half-open-ike) => STATE_PARENT_I2(open-ike)
  1209. Dec 7 19:09:15.728334: | ignore states: 0
  1210. Dec 7 19:09:15.728338: | half-open-ike states: 0
  1211. Dec 7 19:09:15.728341: | open-ike states: 1
  1212. Dec 7 19:09:15.728345: | established-anonymous-ike states: 0
  1213. Dec 7 19:09:15.728348: | established-authenticated-ike states: 0
  1214. Dec 7 19:09:15.728352: | anonymous-ipsec states: 0
  1215. Dec 7 19:09:15.728355: | authenticated-ipsec states: 0
  1216. Dec 7 19:09:15.728359: | informational states: 0
  1217. Dec 7 19:09:15.728362: | unknown states: 0
  1218. Dec 7 19:09:15.728419: | category states: 1 count states: 1
  1219. Dec 7 19:09:15.728434: | **emit ISAKMP Message:
  1220. Dec 7 19:09:15.728439: | initiator cookie:
  1221. Dec 7 19:09:15.728443: | af 26 30 ff 4b 80 f5 5b
  1222. Dec 7 19:09:15.728446: | responder cookie:
  1223. Dec 7 19:09:15.728450: | 50 e3 a7 bd 0a d5 14 e9
  1224. Dec 7 19:09:15.728454: | next payload type: ISAKMP_NEXT_v2SK (0x2e)
  1225. Dec 7 19:09:15.728458: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
  1226. Dec 7 19:09:15.728462: | exchange type: ISAKMP_v2_AUTH (0x23)
  1227. Dec 7 19:09:15.728467: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
  1228. Dec 7 19:09:15.728471: | message ID: 00 00 00 01
  1229. Dec 7 19:09:15.728475: | next payload type: saving message location 'ISAKMP Message' 'next payload type'
  1230. Dec 7 19:09:15.728479: | ***emit IKEv2 Encryption Payload:
  1231. Dec 7 19:09:15.728484: | next payload type: ISAKMP_NEXT_v2IDi (0x23)
  1232. Dec 7 19:09:15.728487: | flags: none (0x0)
  1233. Dec 7 19:09:15.728492: | next payload type: previous 'ISAKMP Message' 'next payload type' matches 'IKEv2 Encryption Payload' (46:ISAKMP_NEXT_v2SK)
  1234. Dec 7 19:09:15.728496: | next payload type: saving payload location 'IKEv2 Encryption Payload' 'next payload type'
  1235. Dec 7 19:09:15.728508: | emitting 8 raw bytes of IV into IKEv2 Encryption Payload
  1236. Dec 7 19:09:15.728512: | IV c5 40 31 2c 56 c4 87 e6
  1237. Dec 7 19:09:15.728519: | IKEv2 CERT: send a certificate?
  1238. Dec 7 19:09:15.728523: | IKEv2 CERT: OK to send a certificate
  1239. Dec 7 19:09:15.728527: | IDr payload will NOT be sent
  1240. Dec 7 19:09:15.728547: | *****emit IKEv2 Identification - Initiator - Payload:
  1241. Dec 7 19:09:15.728552: | next payload type: ISAKMP_NEXT_v2NONE (0x0)
  1242. Dec 7 19:09:15.728556: | flags: none (0x0)
  1243. Dec 7 19:09:15.728560: | ID type: ID_DER_ASN1_DN (0x9)
  1244. Dec 7 19:09:15.728565: | next payload type: previous 'IKEv2 Encryption Payload' 'next payload type' matches 'IKEv2 Identification - Initiator - Payload' (35:ISAKMP_NEXT_v2IDi)
  1245. Dec 7 19:09:15.728569: | next payload type: saving payload location 'IKEv2 Identification - Initiator - Payload' 'next payload type'
  1246. Dec 7 19:09:15.728574: | emitting 96 raw bytes of my identity into IKEv2 Identification - Initiator - Payload
  1247. Dec 7 19:09:15.728578: | my identity 30 5e 31 0b 30 09 06 03 55 04 06 13 02 55 53 31
  1248. Dec 7 19:09:15.728582: | my identity 11 30 0f 06 03 55 04 08 0c 08 43 6f 6c 6f 72 61
  1249. Dec 7 19:09:15.728586: | my identity 64 6f 31 16 30 14 06 03 55 04 0a 0c 0d 50 6f 6c
  1250. Dec 7 19:09:15.728589: | my identity 61 72 69 73 20 41 6c 70 68 61 31 0d 30 0b 06 03
  1251. Dec 7 19:09:15.728593: | my identity 55 04 0b 0c 04 41 49 4d 53 31 15 30 13 06 03 55
  1252. Dec 7 19:09:15.728596: | my identity 04 03 0c 0c 31 39 32 2e 31 36 38 2e 35 30 2e 33
  1253. Dec 7 19:09:15.728600: | emitting length of IKEv2 Identification - Initiator - Payload: 104
  1254. Dec 7 19:09:15.728612: | Sending [CERT] of certificate: CN=192.168.50.3,OU=AIMS,O=Polaris Alpha,ST=Colorado,C=US
  1255. Dec 7 19:09:15.728617: | *****emit IKEv2 Certificate Payload:
  1256. Dec 7 19:09:15.728621: | next payload type: ISAKMP_NEXT_v2NONE (0x0)
  1257. Dec 7 19:09:15.728624: | flags: none (0x0)
  1258. Dec 7 19:09:15.728628: | ikev2 cert encoding: CERT_X509_SIGNATURE (0x4)
  1259. Dec 7 19:09:15.728633: | next payload type: setting 'IKEv2 Identification - Initiator - Payload' 'next payload type' to IKEv2 Certificate Payload (37:ISAKMP_NEXT_v2CERT)
  1260. Dec 7 19:09:15.728637: | next payload type: saving payload location 'IKEv2 Certificate Payload' 'next payload type'
  1261. Dec 7 19:09:15.728647: | emitting 1155 raw bytes of CERT into IKEv2 Certificate Payload
  1262. Dec 7 19:09:15.728651: | CERT 30 82 04 7f 30 82 02 67 a0 03 02 01 02 02 02 10
  1263. Dec 7 19:09:15.728654: | CERT 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00
  1264. Dec 7 19:09:15.728658: | CERT 30 81 89 31 0b 30 09 06 03 55 04 06 13 02 55 53
  1265. Dec 7 19:09:15.728662: | CERT 31 11 30 0f 06 03 55 04 08 0c 08 43 6f 6c 6f 72
  1266. Dec 7 19:09:15.728665: | CERT 61 64 6f 31 19 30 17 06 03 55 04 07 0c 10 43 6f
  1267. Dec 7 19:09:15.728669: | CERT 6c 6f 72 61 64 6f 20 53 70 72 69 6e 67 73 31 16
  1268. Dec 7 19:09:15.728672: | CERT 30 14 06 03 55 04 0a 0c 0d 50 6f 6c 61 72 69 73
  1269. Dec 7 19:09:15.728676: | CERT 20 41 6c 70 68 61 31 0d 30 0b 06 03 55 04 0b 0c
  1270. Dec 7 19:09:15.728679: | CERT 04 41 49 4d 53 31 25 30 23 06 03 55 04 03 0c 1c
  1271. Dec 7 19:09:15.728683: | CERT 50 6f 6c 61 72 69 73 20 41 6c 70 68 61 20 57 45
  1272. Dec 7 19:09:15.728686: | CERT 20 44 65 76 20 52 6f 6f 74 20 43 41 30 1e 17 0d
  1273. Dec 7 19:09:15.728690: | CERT 31 38 31 32 30 37 30 30 30 34 35 30 5a 17 0d 32
  1274. Dec 7 19:09:15.728694: | CERT 38 31 32 30 34 30 30 30 34 35 30 5a 30 5e 31 0b
  1275. Dec 7 19:09:15.728697: | CERT 30 09 06 03 55 04 06 13 02 55 53 31 11 30 0f 06
  1276. Dec 7 19:09:15.728701: | CERT 03 55 04 08 0c 08 43 6f 6c 6f 72 61 64 6f 31 16
  1277. Dec 7 19:09:15.728704: | CERT 30 14 06 03 55 04 0a 0c 0d 50 6f 6c 61 72 69 73
  1278. Dec 7 19:09:15.728708: | CERT 20 41 6c 70 68 61 31 0d 30 0b 06 03 55 04 0b 0c
  1279. Dec 7 19:09:15.728711: | CERT 04 41 49 4d 53 31 15 30 13 06 03 55 04 03 0c 0c
  1280. Dec 7 19:09:15.728715: | CERT 31 39 32 2e 31 36 38 2e 35 30 2e 33 30 82 01 22
  1281. Dec 7 19:09:15.728718: | CERT 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03
  1282. Dec 7 19:09:15.728722: | CERT 82 01 0f 00 30 82 01 0a 02 82 01 01 00 d2 4e 5f
  1283. Dec 7 19:09:15.728725: | CERT 14 bf b4 a2 6c b9 4a 96 51 a6 22 cb 2e a3 18 ac
  1284. Dec 7 19:09:15.728729: | CERT 66 2e a6 8e 17 65 1c 0a a0 1d 5b 48 5e 1f 29 2d
  1285. Dec 7 19:09:15.728733: | CERT 60 e8 2c 10 06 d2 57 ca 92 d2 99 fb 9a 0e 10 b2
  1286. Dec 7 19:09:15.728736: | CERT d1 29 e1 e6 bc 62 30 8a 31 ee cd a0 70 9d 02 d2
  1287. Dec 7 19:09:15.728740: | CERT fe fd 9e 3f 54 3c 12 b6 13 e4 77 ab ac 5b b3 62
  1288. Dec 7 19:09:15.728743: | CERT 24 72 33 a7 73 4d bc cf 2d be e9 b8 82 e9 20 d0
  1289. Dec 7 19:09:15.728747: | CERT 44 be 2b 57 5e b6 89 01 f0 c3 ca 00 16 1f 12 50
  1290. Dec 7 19:09:15.728750: | CERT fb 3b 80 b6 7a 13 8d e1 ea b3 e4 bb 1b bf b3 a9
  1291. Dec 7 19:09:15.728754: | CERT 12 7f 9b 94 a9 dd 4e da 79 3a 04 6c 84 46 53 6b
  1292. Dec 7 19:09:15.728757: | CERT 12 f1 a0 53 16 ed 79 f4 63 2e 9b 84 e3 9b 1b d8
  1293. Dec 7 19:09:15.728761: | CERT 57 b6 3a 0a 8d 3c 71 58 b5 e3 89 c5 1d 91 5e ec
  1294. Dec 7 19:09:15.728764: | CERT 02 14 0d eb ab f9 da 06 82 78 49 ce 88 82 80 a6
  1295. Dec 7 19:09:15.728768: | CERT de b7 05 52 f8 f4 d6 c9 aa d5 0d 9c 2d fe a5 be
  1296. Dec 7 19:09:15.728772: | CERT 45 a5 56 00 f9 39 b9 22 3f 57 a1 02 5a b8 7f fd
  1297. Dec 7 19:09:15.728775: | CERT 61 ef 20 e4 b8 b4 b9 40 49 eb c0 89 bf 4c 8e 3e
  1298. Dec 7 19:09:15.728779: | CERT 7e fe c9 ee 60 28 03 5c 91 51 df 2b 3b 02 03 01
  1299. Dec 7 19:09:15.728782: | CERT 00 01 a3 1b 30 19 30 17 06 03 55 1d 11 04 10 30
  1300. Dec 7 19:09:15.728786: | CERT 0e 82 06 6b 76 6f 74 68 65 87 04 c0 a8 32 03 30
  1301. Dec 7 19:09:15.728789: | CERT 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82
  1302. Dec 7 19:09:15.728793: | CERT 02 01 00 c2 e6 22 3b 8b b0 43 15 28 f3 90 2c 28
  1303. Dec 7 19:09:15.728796: | CERT 6b 6d 89 f7 f6 86 8c 66 05 af 58 a3 71 47 ef ce
  1304. Dec 7 19:09:15.728800: | CERT 37 db ee 9b 83 b9 03 d2 23 1f fc e6 4e da b0 85
  1305. Dec 7 19:09:15.728804: | CERT 23 0d e5 3b 0e 0f 83 47 ab 10 59 4d c2 1e ea b7
  1306. Dec 7 19:09:15.728807: | CERT e1 b8 38 6f 6b fb aa 09 31 7d b4 6d f4 cc b0 ab
  1307. Dec 7 19:09:15.728811: | CERT b0 ba 0c f6 a3 83 73 a7 47 56 d2 c0 ed fa 0b fc
  1308. Dec 7 19:09:15.728814: | CERT 78 2c 54 a8 00 8a 52 01 f4 e9 57 15 6d 88 2b af
  1309. Dec 7 19:09:15.728818: | CERT 72 e4 97 32 20 bd fd fe 27 ee 34 2a 9e 2a 63 96
  1310. Dec 7 19:09:15.728824: | CERT 35 05 26 bd aa 68 27 99 40 d4 83 62 ad 4c d8 14
  1311. Dec 7 19:09:15.728828: | CERT 2b d4 6a 55 23 5d 10 f9 f8 1d 99 44 97 03 e1 b1
  1312. Dec 7 19:09:15.728831: | CERT 0f 40 1b 09 ff d9 0d 5b e9 9a 82 c1 d1 d7 57 8c
  1313. Dec 7 19:09:15.728835: | CERT c8 7a ff 35 f4 42 e1 27 49 46 66 3c 33 2c 54 e2
  1314. Dec 7 19:09:15.728838: | CERT 66 0c c9 b0 b1 26 ee d0 ce c1 4c 1f 8d 5a 40 d3
  1315. Dec 7 19:09:15.728842: | CERT e1 38 49 97 33 03 f8 e6 e1 2d 8e bc e7 05 e9 b4
  1316. Dec 7 19:09:15.728845: | CERT 84 81 cb 5f 62 41 f1 5b 35 79 ec 18 40 a7 ee bf
  1317. Dec 7 19:09:15.728849: | CERT 4f c7 88 63 76 45 3a 34 bf 7b 51 45 8e 4e 9c f2
  1318. Dec 7 19:09:15.728852: | CERT 1a 39 3e 0d 6d a2 9a 8b f1 e0 f2 ad 85 8e 6b 52
  1319. Dec 7 19:09:15.728856: | CERT bb 90 21 18 6f 7f e2 11 80 1d 63 76 b8 dd 1f 72
  1320. Dec 7 19:09:15.728860: | CERT 18 8d 98 69 e3 62 b8 73 3f 7c dc dc 19 3f 38 47
  1321. Dec 7 19:09:15.728863: | CERT 30 15 a2 48 b3 7b 58 9c 18 3b 10 12 b0 7b 72 f6
  1322. Dec 7 19:09:15.728867: | CERT d1 4d a7 f8 ff 5b a3 86 04 5c 74 d0 46 17 61 0f
  1323. Dec 7 19:09:15.728870: | CERT d2 a2 87 d0 36 97 fb 43 e5 7e 69 14 87 e4 20 5b
  1324. Dec 7 19:09:15.728874: | CERT 98 a2 9b 91 f2 20 f9 21 4c 40 92 2f 60 93 7e 41
  1325. Dec 7 19:09:15.728877: | CERT 30 2b 82 c6 64 12 69 72 40 21 38 45 0c 0b 73 aa
  1326. Dec 7 19:09:15.728881: | CERT bf ac 47 14 05 48 e5 c2 7c 13 88 64 bd 89 ad 39
  1327. Dec 7 19:09:15.728884: | CERT a2 e6 34 ef 50 43 48 89 74 de ba 95 8e 89 e6 70
  1328. Dec 7 19:09:15.728888: | CERT 6c 61 a9 ba eb b2 c9 12 6d ca 91 df cc 15 3b 26
  1329. Dec 7 19:09:15.728892: | CERT aa 9f 5a e6 91 29 59 41 08 b7 e9 00 73 54 e1 2e
  1330. Dec 7 19:09:15.728895: | CERT 9f a9 c8 f7 5f d0 cf 01 c7 17 84 c0 17 c6 6c 99
  1331. Dec 7 19:09:15.728899: | CERT be 79 a6 8b 9c e8 43 ea 7d 90 ef 79 8c e4 f5 d7
  1332. Dec 7 19:09:15.728902: | CERT 49 25 0c 3a bb 68 5a ce 0f 60 4d fa 37 b3 8a ff
  1333. Dec 7 19:09:15.728906: | CERT 2b 51 ac 59 39 4b a1 43 45 46 9e e9 01 d8 80 95
  1334. Dec 7 19:09:15.728909: | CERT 9d 00 60
  1335. Dec 7 19:09:15.728913: | emitting length of IKEv2 Certificate Payload: 1160
  1336. Dec 7 19:09:15.728917: | IKEv2 CERTREQ: send a cert request?
  1337. Dec 7 19:09:15.728921: | IKEv2 CERTREQ: OK to send a certificate request
  1338. Dec 7 19:09:15.728930: | Sending [CERTREQ] of C=US, ST=Colorado, L=Colorado Springs, O=Polaris Alpha, OU=AIMS, CN=Polaris Alpha WE Dev Root CA
  1339. Dec 7 19:09:15.728934: | connection->kind is not CK_PERMANENT (instance), so collect CAs
  1340. Dec 7 19:09:15.728940: | find_host_pair: comparing 192.168.50.3:500 to 192.168.50.2:500
  1341. Dec 7 19:09:15.728956: | find_host_pair: comparing 192.168.50.3:500 to 0.0.0.0:500
  1342. Dec 7 19:09:15.728966: | Not a roadwarrior instance, sending empty CA in CERTREQ
  1343. Dec 7 19:09:15.728971: | *****emit IKEv2 Certificate Request Payload:
  1344. Dec 7 19:09:15.728975: | next payload type: ISAKMP_NEXT_v2NONE (0x0)
  1345. Dec 7 19:09:15.728979: | flags: none (0x0)
  1346. Dec 7 19:09:15.728983: | ikev2 cert encoding: CERT_X509_SIGNATURE (0x4)
  1347. Dec 7 19:09:15.728987: | next payload type: setting 'IKEv2 Certificate Payload' 'next payload type' to IKEv2 Certificate Request Payload (38:ISAKMP_NEXT_v2CERTREQ)
  1348. Dec 7 19:09:15.728991: | next payload type: saving payload location 'IKEv2 Certificate Request Payload' 'next payload type'
  1349. Dec 7 19:09:15.728995: | emitting length of IKEv2 Certificate Request Payload: 5
  1350. Dec 7 19:09:15.728999: | not sending INITIAL_CONTACT
  1351. Dec 7 19:09:15.729006: | serialno table: hash serialno #1 to head 0x564dececb000
  1352. Dec 7 19:09:15.729010: | serialno table: hash serialno #1 to head 0x564dececb000
  1353. Dec 7 19:09:15.729014: | *****emit IKEv2 Authentication Payload:
  1354. Dec 7 19:09:15.729018: | next payload type: ISAKMP_NEXT_v2SA (0x21)
  1355. Dec 7 19:09:15.729021: | flags: none (0x0)
  1356. Dec 7 19:09:15.729025: | auth method: IKEv2_AUTH_DIGSIG (0xe)
  1357. Dec 7 19:09:15.729030: | next payload type: setting 'IKEv2 Certificate Request Payload' 'next payload type' to IKEv2 Authentication Payload (39:ISAKMP_NEXT_v2AUTH)
  1358. Dec 7 19:09:15.729034: | next payload type: saving payload location 'IKEv2 Authentication Payload' 'next payload type'
  1359. Dec 7 19:09:15.729044: | emitting 1 raw bytes of Length of the ASN.1 Algorithm Identifier sha1WithRSAEncryption into IKEv2 Authentication Payload
  1360. Dec 7 19:09:15.729049: | Length of the ASN.1 Algorithm Identifier sha1WithRSAEncryption
  1361. Dec 7 19:09:15.729052: | 0f
  1362. Dec 7 19:09:15.729057: | emitting 15 raw bytes of OID of ASN.1 Algorithm Identifier sha1WithRSAEncryption into IKEv2 Authentication Payload
  1363. Dec 7 19:09:15.729061: | OID of ASN.1 Algorithm Identifier sha1WithRSAEncryption
  1364. Dec 7 19:09:15.729064: | 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00
  1365. Dec 7 19:09:15.729074: | started looking for secret for C=US, ST=Colorado, O=Polaris Alpha, OU=AIMS, CN=192.168.50.3->192.168.50.2 of kind PKK_RSA
  1366. Dec 7 19:09:15.729348: | private key for cert parsons not found in local cache; loading from NSS DB
  1367. Dec 7 19:09:15.729826: | certs and keys locked by 'lsw_add_rsa_secret'
  1368. Dec 7 19:09:15.729840: | certs and keys unlocked by 'lsw_add_rsa_secret'
  1369. Dec 7 19:09:15.729845: | searching for certificate PKK_RSA:AwEAAdJOX vs PKK_RSA:AwEAAdJOX
  1370. Dec 7 19:09:15.734966: | emitting 256 raw bytes of rsa signature into IKEv2 Authentication Payload
  1371. Dec 7 19:09:15.734998: | rsa signature 5a 88 f0 4f cb 7e 9e 7e 79 d6 0e d7 87 08 1d 43
  1372. Dec 7 19:09:15.735003: | rsa signature c2 4a ed c9 eb 39 75 f0 db 3f c9 92 22 41 4c 6f
  1373. Dec 7 19:09:15.735007: | rsa signature 61 63 a2 ed a0 a3 c7 a1 1b 7f 33 31 88 d0 88 52
  1374. Dec 7 19:09:15.735010: | rsa signature 73 34 08 95 99 ce b3 f6 78 f6 be dc 9f ab 2f 38
  1375. Dec 7 19:09:15.735014: | rsa signature d6 ce 3a f3 2b ac 04 00 89 33 9f 1d 97 50 72 25
  1376. Dec 7 19:09:15.735017: | rsa signature f5 11 06 07 b9 44 89 f8 e2 7b 32 3c c9 6d d6 be
  1377. Dec 7 19:09:15.735021: | rsa signature 1e 23 d4 75 34 59 ab 37 8e 5f cf fd 3f d4 e0 78
  1378. Dec 7 19:09:15.735025: | rsa signature 0e ba 73 67 ee 67 4c 8d 46 52 e3 09 2d 20 3a 99
  1379. Dec 7 19:09:15.735028: | rsa signature fa f8 2c 19 b4 c9 68 37 30 1c 19 d1 d5 ec 96 4a
  1380. Dec 7 19:09:15.735032: | rsa signature d7 94 dd 76 8f 49 dd ec 96 15 2d 0f 08 d0 f1 e6
  1381. Dec 7 19:09:15.735036: | rsa signature 72 83 f1 85 df ed c8 94 03 6e 87 30 ab 43 f4 23
  1382. Dec 7 19:09:15.735039: | rsa signature 65 8e 65 a4 5a 43 24 4d 4a b3 4d a4 9a 06 fc 7c
  1383. Dec 7 19:09:15.735043: | rsa signature 3f b5 8c 98 c5 80 13 f1 ea c9 22 0e 85 d7 e1 a7
  1384. Dec 7 19:09:15.735046: | rsa signature 78 1f 26 41 e9 17 be 58 a5 00 ac b8 0a 46 71 a3
  1385. Dec 7 19:09:15.735050: | rsa signature 20 48 b0 f4 05 c0 a2 33 30 b5 c0 96 43 b3 0a 3f
  1386. Dec 7 19:09:15.735056: | rsa signature 1c 4c 9c 6c 5a f0 d4 18 e3 7b dd 6d 37 ac f4 7e
  1387. Dec 7 19:09:15.735061: | emitting length of IKEv2 Authentication Payload: 280
  1388. Dec 7 19:09:15.735066: | getting first pending from state #1
  1389. Dec 7 19:09:15.735101: | netlink_get_spi: allocated 0xed6c8164 for esp.0@192.168.50.3
  1390. Dec 7 19:09:15.735107: | selecting default local ESP/AH proposals for private#192.168.50.0/24 (IKE SA initiator emitting ESP/AH proposals)
  1391. Dec 7 19:09:15.735137: "private#192.168.50.0/24"[1] ...192.168.50.2 #1: local ESP/AH proposals for private#192.168.50.0/24 (IKE SA initiator emitting ESP/AH proposals): 1:ESP:ENCR=AES_GCM_C_256;INTEG=NONE;ESN=DISABLED 2:ESP:ENCR=AES_GCM_C_128;INTEG=NONE;ESN=DISABLED 3:ESP:ENCR=AES_CBC_256;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;ESN=DISABLED 4:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256,HMAC_SHA2_256_128;ESN=DISABLED 5:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA1_96;ESN=DISABLED (default)
  1392. Dec 7 19:09:15.735143: | Emitting ikev2_proposals ...
  1393. Dec 7 19:09:15.735148: | *****emit IKEv2 Security Association Payload:
  1394. Dec 7 19:09:15.735153: | next payload type: ISAKMP_NEXT_v2TSi (0x2c)
  1395. Dec 7 19:09:15.735157: | flags: none (0x0)
  1396. Dec 7 19:09:15.735163: | next payload type: previous 'IKEv2 Authentication Payload' 'next payload type' matches 'IKEv2 Security Association Payload' (33:ISAKMP_NEXT_v2SA)
  1397. Dec 7 19:09:15.735167: | next payload type: saving payload location 'IKEv2 Security Association Payload' 'next payload type'
  1398. Dec 7 19:09:15.735181: | ******emit IKEv2 Proposal Substructure Payload:
  1399. Dec 7 19:09:15.735186: | last proposal: v2_PROPOSAL_NON_LAST (0x2)
  1400. Dec 7 19:09:15.735189: | prop #: 1 (0x1)
  1401. Dec 7 19:09:15.735193: | proto ID: IKEv2_SEC_PROTO_ESP (0x3)
  1402. Dec 7 19:09:15.735197: | spi size: 4 (0x4)
  1403. Dec 7 19:09:15.735200: | # transforms: 2 (0x2)
  1404. Dec 7 19:09:15.735205: | emitting 4 raw bytes of our spi into IKEv2 Proposal Substructure Payload
  1405. Dec 7 19:09:15.735209: | our spi ed 6c 81 64
  1406. Dec 7 19:09:15.735213: | *******emit IKEv2 Transform Substructure Payload:
  1407. Dec 7 19:09:15.735217: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  1408. Dec 7 19:09:15.735220: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
  1409. Dec 7 19:09:15.735224: | IKEv2 transform ID: AES_GCM_C (0x14)
  1410. Dec 7 19:09:15.735228: | ********emit IKEv2 Attribute Substructure Payload:
  1411. Dec 7 19:09:15.735232: | af+type: IKEv2_KEY_LENGTH (0x800e)
  1412. Dec 7 19:09:15.735236: | length/value: 256 (0x100)
  1413. Dec 7 19:09:15.735240: | emitting length of IKEv2 Transform Substructure Payload: 12
  1414. Dec 7 19:09:15.735244: | *******emit IKEv2 Transform Substructure Payload:
  1415. Dec 7 19:09:15.735248: | last transform: v2_TRANSFORM_LAST (0x0)
  1416. Dec 7 19:09:15.735252: | IKEv2 transform type: TRANS_TYPE_ESN (0x5)
  1417. Dec 7 19:09:15.735255: | IKEv2 transform ID: ESN_DISABLED (0x0)
  1418. Dec 7 19:09:15.735259: | emitting length of IKEv2 Transform Substructure Payload: 8
  1419. Dec 7 19:09:15.735263: | emitting length of IKEv2 Proposal Substructure Payload: 32
  1420. Dec 7 19:09:15.735267: | ******emit IKEv2 Proposal Substructure Payload:
  1421. Dec 7 19:09:15.735271: | last proposal: v2_PROPOSAL_NON_LAST (0x2)
  1422. Dec 7 19:09:15.735275: | prop #: 2 (0x2)
  1423. Dec 7 19:09:15.735278: | proto ID: IKEv2_SEC_PROTO_ESP (0x3)
  1424. Dec 7 19:09:15.735282: | spi size: 4 (0x4)
  1425. Dec 7 19:09:15.735285: | # transforms: 2 (0x2)
  1426. Dec 7 19:09:15.735289: | emitting 4 raw bytes of our spi into IKEv2 Proposal Substructure Payload
  1427. Dec 7 19:09:15.735293: | our spi ed 6c 81 64
  1428. Dec 7 19:09:15.735296: | *******emit IKEv2 Transform Substructure Payload:
  1429. Dec 7 19:09:15.735300: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  1430. Dec 7 19:09:15.735304: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
  1431. Dec 7 19:09:15.735308: | IKEv2 transform ID: AES_GCM_C (0x14)
  1432. Dec 7 19:09:15.735312: | ********emit IKEv2 Attribute Substructure Payload:
  1433. Dec 7 19:09:15.735315: | af+type: IKEv2_KEY_LENGTH (0x800e)
  1434. Dec 7 19:09:15.735319: | length/value: 128 (0x80)
  1435. Dec 7 19:09:15.735323: | emitting length of IKEv2 Transform Substructure Payload: 12
  1436. Dec 7 19:09:15.735326: | *******emit IKEv2 Transform Substructure Payload:
  1437. Dec 7 19:09:15.735330: | last transform: v2_TRANSFORM_LAST (0x0)
  1438. Dec 7 19:09:15.735334: | IKEv2 transform type: TRANS_TYPE_ESN (0x5)
  1439. Dec 7 19:09:15.735337: | IKEv2 transform ID: ESN_DISABLED (0x0)
  1440. Dec 7 19:09:15.735341: | emitting length of IKEv2 Transform Substructure Payload: 8
  1441. Dec 7 19:09:15.735345: | emitting length of IKEv2 Proposal Substructure Payload: 32
  1442. Dec 7 19:09:15.735349: | ******emit IKEv2 Proposal Substructure Payload:
  1443. Dec 7 19:09:15.735352: | last proposal: v2_PROPOSAL_NON_LAST (0x2)
  1444. Dec 7 19:09:15.735356: | prop #: 3 (0x3)
  1445. Dec 7 19:09:15.735360: | proto ID: IKEv2_SEC_PROTO_ESP (0x3)
  1446. Dec 7 19:09:15.735363: | spi size: 4 (0x4)
  1447. Dec 7 19:09:15.735367: | # transforms: 4 (0x4)
  1448. Dec 7 19:09:15.735371: | emitting 4 raw bytes of our spi into IKEv2 Proposal Substructure Payload
  1449. Dec 7 19:09:15.735374: | our spi ed 6c 81 64
  1450. Dec 7 19:09:15.735378: | *******emit IKEv2 Transform Substructure Payload:
  1451. Dec 7 19:09:15.735381: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  1452. Dec 7 19:09:15.735385: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
  1453. Dec 7 19:09:15.735389: | IKEv2 transform ID: AES_CBC (0xc)
  1454. Dec 7 19:09:15.735392: | ********emit IKEv2 Attribute Substructure Payload:
  1455. Dec 7 19:09:15.735396: | af+type: IKEv2_KEY_LENGTH (0x800e)
  1456. Dec 7 19:09:15.735400: | length/value: 256 (0x100)
  1457. Dec 7 19:09:15.735403: | emitting length of IKEv2 Transform Substructure Payload: 12
  1458. Dec 7 19:09:15.735411: | *******emit IKEv2 Transform Substructure Payload:
  1459. Dec 7 19:09:15.735415: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  1460. Dec 7 19:09:15.735418: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
  1461. Dec 7 19:09:15.735422: | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe)
  1462. Dec 7 19:09:15.735426: | emitting length of IKEv2 Transform Substructure Payload: 8
  1463. Dec 7 19:09:15.735430: | *******emit IKEv2 Transform Substructure Payload:
  1464. Dec 7 19:09:15.735433: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  1465. Dec 7 19:09:15.735437: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
  1466. Dec 7 19:09:15.735441: | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc)
  1467. Dec 7 19:09:15.735444: | emitting length of IKEv2 Transform Substructure Payload: 8
  1468. Dec 7 19:09:15.735448: | *******emit IKEv2 Transform Substructure Payload:
  1469. Dec 7 19:09:15.735452: | last transform: v2_TRANSFORM_LAST (0x0)
  1470. Dec 7 19:09:15.735455: | IKEv2 transform type: TRANS_TYPE_ESN (0x5)
  1471. Dec 7 19:09:15.735459: | IKEv2 transform ID: ESN_DISABLED (0x0)
  1472. Dec 7 19:09:15.735463: | emitting length of IKEv2 Transform Substructure Payload: 8
  1473. Dec 7 19:09:15.735466: | emitting length of IKEv2 Proposal Substructure Payload: 48
  1474. Dec 7 19:09:15.735470: | ******emit IKEv2 Proposal Substructure Payload:
  1475. Dec 7 19:09:15.735474: | last proposal: v2_PROPOSAL_NON_LAST (0x2)
  1476. Dec 7 19:09:15.735477: | prop #: 4 (0x4)
  1477. Dec 7 19:09:15.735481: | proto ID: IKEv2_SEC_PROTO_ESP (0x3)
  1478. Dec 7 19:09:15.735484: | spi size: 4 (0x4)
  1479. Dec 7 19:09:15.735488: | # transforms: 4 (0x4)
  1480. Dec 7 19:09:15.735492: | emitting 4 raw bytes of our spi into IKEv2 Proposal Substructure Payload
  1481. Dec 7 19:09:15.735495: | our spi ed 6c 81 64
  1482. Dec 7 19:09:15.735499: | *******emit IKEv2 Transform Substructure Payload:
  1483. Dec 7 19:09:15.735503: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  1484. Dec 7 19:09:15.735506: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
  1485. Dec 7 19:09:15.735510: | IKEv2 transform ID: AES_CBC (0xc)
  1486. Dec 7 19:09:15.735514: | ********emit IKEv2 Attribute Substructure Payload:
  1487. Dec 7 19:09:15.735517: | af+type: IKEv2_KEY_LENGTH (0x800e)
  1488. Dec 7 19:09:15.735521: | length/value: 128 (0x80)
  1489. Dec 7 19:09:15.735525: | emitting length of IKEv2 Transform Substructure Payload: 12
  1490. Dec 7 19:09:15.735528: | *******emit IKEv2 Transform Substructure Payload:
  1491. Dec 7 19:09:15.735532: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  1492. Dec 7 19:09:15.735536: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
  1493. Dec 7 19:09:15.735539: | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe)
  1494. Dec 7 19:09:15.735543: | emitting length of IKEv2 Transform Substructure Payload: 8
  1495. Dec 7 19:09:15.735547: | *******emit IKEv2 Transform Substructure Payload:
  1496. Dec 7 19:09:15.735550: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  1497. Dec 7 19:09:15.735554: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
  1498. Dec 7 19:09:15.735558: | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc)
  1499. Dec 7 19:09:15.735561: | emitting length of IKEv2 Transform Substructure Payload: 8
  1500. Dec 7 19:09:15.735565: | *******emit IKEv2 Transform Substructure Payload:
  1501. Dec 7 19:09:15.735569: | last transform: v2_TRANSFORM_LAST (0x0)
  1502. Dec 7 19:09:15.735573: | IKEv2 transform type: TRANS_TYPE_ESN (0x5)
  1503. Dec 7 19:09:15.735576: | IKEv2 transform ID: ESN_DISABLED (0x0)
  1504. Dec 7 19:09:15.735580: | emitting length of IKEv2 Transform Substructure Payload: 8
  1505. Dec 7 19:09:15.735583: | emitting length of IKEv2 Proposal Substructure Payload: 48
  1506. Dec 7 19:09:15.735587: | ******emit IKEv2 Proposal Substructure Payload:
  1507. Dec 7 19:09:15.735591: | last proposal: v2_PROPOSAL_LAST (0x0)
  1508. Dec 7 19:09:15.735595: | prop #: 5 (0x5)
  1509. Dec 7 19:09:15.735598: | proto ID: IKEv2_SEC_PROTO_ESP (0x3)
  1510. Dec 7 19:09:15.735602: | spi size: 4 (0x4)
  1511. Dec 7 19:09:15.735605: | # transforms: 3 (0x3)
  1512. Dec 7 19:09:15.735609: | emitting 4 raw bytes of our spi into IKEv2 Proposal Substructure Payload
  1513. Dec 7 19:09:15.735626: | our spi ed 6c 81 64
  1514. Dec 7 19:09:15.735630: | *******emit IKEv2 Transform Substructure Payload:
  1515. Dec 7 19:09:15.735640: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  1516. Dec 7 19:09:15.735644: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1)
  1517. Dec 7 19:09:15.735647: | IKEv2 transform ID: AES_CBC (0xc)
  1518. Dec 7 19:09:15.735651: | ********emit IKEv2 Attribute Substructure Payload:
  1519. Dec 7 19:09:15.735655: | af+type: IKEv2_KEY_LENGTH (0x800e)
  1520. Dec 7 19:09:15.735658: | length/value: 128 (0x80)
  1521. Dec 7 19:09:15.735662: | emitting length of IKEv2 Transform Substructure Payload: 12
  1522. Dec 7 19:09:15.735666: | *******emit IKEv2 Transform Substructure Payload:
  1523. Dec 7 19:09:15.735670: | last transform: v2_TRANSFORM_NON_LAST (0x3)
  1524. Dec 7 19:09:15.735673: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3)
  1525. Dec 7 19:09:15.735677: | IKEv2 transform ID: AUTH_HMAC_SHA1_96 (0x2)
  1526. Dec 7 19:09:15.735681: | emitting length of IKEv2 Transform Substructure Payload: 8
  1527. Dec 7 19:09:15.735684: | *******emit IKEv2 Transform Substructure Payload:
  1528. Dec 7 19:09:15.735688: | last transform: v2_TRANSFORM_LAST (0x0)
  1529. Dec 7 19:09:15.735692: | IKEv2 transform type: TRANS_TYPE_ESN (0x5)
  1530. Dec 7 19:09:15.735695: | IKEv2 transform ID: ESN_DISABLED (0x0)
  1531. Dec 7 19:09:15.735699: | emitting length of IKEv2 Transform Substructure Payload: 8
  1532. Dec 7 19:09:15.735703: | emitting length of IKEv2 Proposal Substructure Payload: 40
  1533. Dec 7 19:09:15.735706: | emitting length of IKEv2 Security Association Payload: 204
  1534. Dec 7 19:09:15.735715: | *****emit IKEv2 Traffic Selector - Initiator - Payload:
  1535. Dec 7 19:09:15.735719: | next payload type: ISAKMP_NEXT_v2TSr (0x2d)
  1536. Dec 7 19:09:15.735723: | flags: none (0x0)
  1537. Dec 7 19:09:15.735726: | number of TS: 1 (0x1)
  1538. Dec 7 19:09:15.735731: | next payload type: previous 'IKEv2 Security Association Payload' 'next payload type' matches 'IKEv2 Traffic Selector - Initiator - Payload' (44:ISAKMP_NEXT_v2TSi)
  1539. Dec 7 19:09:15.735735: | next payload type: saving payload location 'IKEv2 Traffic Selector - Initiator - Payload' 'next payload type'
  1540. Dec 7 19:09:15.735740: | ******emit IKEv2 Traffic Selector:
  1541. Dec 7 19:09:15.735744: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7)
  1542. Dec 7 19:09:15.735747: | IP Protocol ID: 0 (0x0)
  1543. Dec 7 19:09:15.735751: | start port: 0 (0x0)
  1544. Dec 7 19:09:15.735755: | end port: 65535 (0xffff)
  1545. Dec 7 19:09:15.735759: | emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector
  1546. Dec 7 19:09:15.735763: | ipv4 start c0 a8 32 03
  1547. Dec 7 19:09:15.735767: | emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector
  1548. Dec 7 19:09:15.735770: | ipv4 end c0 a8 32 03
  1549. Dec 7 19:09:15.735774: | emitting length of IKEv2 Traffic Selector: 16
  1550. Dec 7 19:09:15.735778: | emitting length of IKEv2 Traffic Selector - Initiator - Payload: 24
  1551. Dec 7 19:09:15.735782: | *****emit IKEv2 Traffic Selector - Responder - Payload:
  1552. Dec 7 19:09:15.735786: | next payload type: ISAKMP_NEXT_v2NONE (0x0)
  1553. Dec 7 19:09:15.735789: | flags: none (0x0)
  1554. Dec 7 19:09:15.735793: | number of TS: 1 (0x1)
  1555. Dec 7 19:09:15.735798: | next payload type: previous 'IKEv2 Traffic Selector - Initiator - Payload' 'next payload type' matches 'IKEv2 Traffic Selector - Responder - Payload' (45:ISAKMP_NEXT_v2TSr)
  1556. Dec 7 19:09:15.735802: | next payload type: saving payload location 'IKEv2 Traffic Selector - Responder - Payload' 'next payload type'
  1557. Dec 7 19:09:15.735806: | ******emit IKEv2 Traffic Selector:
  1558. Dec 7 19:09:15.735809: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7)
  1559. Dec 7 19:09:15.735813: | IP Protocol ID: 0 (0x0)
  1560. Dec 7 19:09:15.735817: | start port: 0 (0x0)
  1561. Dec 7 19:09:15.735822: | end port: 65535 (0xffff)
  1562. Dec 7 19:09:15.735828: | emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector
  1563. Dec 7 19:09:15.735834: | ipv4 start c0 a8 32 02
  1564. Dec 7 19:09:15.735839: | emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector
  1565. Dec 7 19:09:15.735844: | ipv4 end c0 a8 32 02
  1566. Dec 7 19:09:15.735849: | emitting length of IKEv2 Traffic Selector: 16
  1567. Dec 7 19:09:15.735854: | emitting length of IKEv2 Traffic Selector - Responder - Payload: 24
  1568. Dec 7 19:09:15.735863: | Initiator child policy is tunnel mode, NOT sending v2N_USE_TRANSPORT_MODE
  1569. Dec 7 19:09:15.735876: | serialno table: hash serialno #1 to head 0x564dececb000
  1570. Dec 7 19:09:15.735882: | serialno table: hash serialno #1 to head 0x564dececb000
  1571. Dec 7 19:09:15.735888: | emitting 1 raw bytes of padding and length into cleartext
  1572. Dec 7 19:09:15.735893: | padding and length 00
  1573. Dec 7 19:09:15.735901: | serialno table: hash serialno #1 to head 0x564dececb000
  1574. Dec 7 19:09:15.735907: | serialno table: hash serialno #1 to head 0x564dececb000
  1575. Dec 7 19:09:15.735914: | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload
  1576. Dec 7 19:09:15.735920: | emitting length of IKEv2 Encryption Payload: 1830
  1577. Dec 7 19:09:15.735926: | emitting length of ISAKMP Message: 1858
  1578. Dec 7 19:09:15.735932: | serialno table: hash serialno #1 to head 0x564dececb000
  1579. Dec 7 19:09:15.735938: | serialno table: hash serialno #1 to head 0x564dececb000
  1580. Dec 7 19:09:15.735944: | serialno table: hash serialno #1 to head 0x564dececb000
  1581. Dec 7 19:09:15.735949: | serialno table: hash serialno #1 to head 0x564dececb000
  1582. Dec 7 19:09:15.735955: | **emit ISAKMP Message:
  1583. Dec 7 19:09:15.735960: | initiator cookie:
  1584. Dec 7 19:09:15.735965: | af 26 30 ff 4b 80 f5 5b
  1585. Dec 7 19:09:15.735970: | responder cookie:
  1586. Dec 7 19:09:15.735975: | 50 e3 a7 bd 0a d5 14 e9
  1587. Dec 7 19:09:15.735980: | next payload type: ISAKMP_NEXT_v2SKF (0x35)
  1588. Dec 7 19:09:15.735986: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
  1589. Dec 7 19:09:15.735992: | exchange type: ISAKMP_v2_AUTH (0x23)
  1590. Dec 7 19:09:15.735998: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
  1591. Dec 7 19:09:15.736004: | message ID: 00 00 00 01
  1592. Dec 7 19:09:15.736010: | next payload type: saving message location 'ISAKMP Message' 'next payload type'
  1593. Dec 7 19:09:15.736016: | ***emit IKEv2 Encrypted Fragment:
  1594. Dec 7 19:09:15.736022: | next payload type: ISAKMP_NEXT_v2IDi (0x23)
  1595. Dec 7 19:09:15.736028: | flags: none (0x0)
  1596. Dec 7 19:09:15.736033: | fragment number: 1 (0x1)
  1597. Dec 7 19:09:15.736037: | total fragments: 4 (0x4)
  1598. Dec 7 19:09:15.736043: | next payload type: previous 'ISAKMP Message' 'next payload type' matches 'IKEv2 Encrypted Fragment' (53:ISAKMP_NEXT_v2SKF)
  1599. Dec 7 19:09:15.736049: | next payload type: saving payload location 'IKEv2 Encrypted Fragment' 'next payload type'
  1600. Dec 7 19:09:15.736064: | emitting 8 raw bytes of IV into IKEv2 Encrypted Fragment
  1601. Dec 7 19:09:15.736071: | IV 35 c5 e2 aa e9 0b 36 f6
  1602. Dec 7 19:09:15.736078: | emitting 478 raw bytes of cleartext fragment into cleartext
  1603. Dec 7 19:09:15.736084: | cleartext fragment 25 00 00 68 09 00 00 00 30 5e 31 0b 30 09 06 03
  1604. Dec 7 19:09:15.736089: | cleartext fragment 55 04 06 13 02 55 53 31 11 30 0f 06 03 55 04 08
  1605. Dec 7 19:09:15.736095: | cleartext fragment 0c 08 43 6f 6c 6f 72 61 64 6f 31 16 30 14 06 03
  1606. Dec 7 19:09:15.736100: | cleartext fragment 55 04 0a 0c 0d 50 6f 6c 61 72 69 73 20 41 6c 70
  1607. Dec 7 19:09:15.736105: | cleartext fragment 68 61 31 0d 30 0b 06 03 55 04 0b 0c 04 41 49 4d
  1608. Dec 7 19:09:15.736110: | cleartext fragment 53 31 15 30 13 06 03 55 04 03 0c 0c 31 39 32 2e
  1609. Dec 7 19:09:15.736116: | cleartext fragment 31 36 38 2e 35 30 2e 33 26 00 04 88 04 30 82 04
  1610. Dec 7 19:09:15.736122: | cleartext fragment 7f 30 82 02 67 a0 03 02 01 02 02 02 10 01 30 0d
  1611. Dec 7 19:09:15.736127: | cleartext fragment 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 89
  1612. Dec 7 19:09:15.736133: | cleartext fragment 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 11 30
  1613. Dec 7 19:09:15.736138: | cleartext fragment 0f 06 03 55 04 08 0c 08 43 6f 6c 6f 72 61 64 6f
  1614. Dec 7 19:09:15.736144: | cleartext fragment 31 19 30 17 06 03 55 04 07 0c 10 43 6f 6c 6f 72
  1615. Dec 7 19:09:15.736150: | cleartext fragment 61 64 6f 20 53 70 72 69 6e 67 73 31 16 30 14 06
  1616. Dec 7 19:09:15.736156: | cleartext fragment 03 55 04 0a 0c 0d 50 6f 6c 61 72 69 73 20 41 6c
  1617. Dec 7 19:09:15.736162: | cleartext fragment 70 68 61 31 0d 30 0b 06 03 55 04 0b 0c 04 41 49
  1618. Dec 7 19:09:15.736167: | cleartext fragment 4d 53 31 25 30 23 06 03 55 04 03 0c 1c 50 6f 6c
  1619. Dec 7 19:09:15.736180: | cleartext fragment 61 72 69 73 20 41 6c 70 68 61 20 57 45 20 44 65
  1620. Dec 7 19:09:15.736186: | cleartext fragment 76 20 52 6f 6f 74 20 43 41 30 1e 17 0d 31 38 31
  1621. Dec 7 19:09:15.736191: | cleartext fragment 32 30 37 30 30 30 34 35 30 5a 17 0d 32 38 31 32
  1622. Dec 7 19:09:15.736197: | cleartext fragment 30 34 30 30 30 34 35 30 5a 30 5e 31 0b 30 09 06
  1623. Dec 7 19:09:15.736203: | cleartext fragment 03 55 04 06 13 02 55 53 31 11 30 0f 06 03 55 04
  1624. Dec 7 19:09:15.736209: | cleartext fragment 08 0c 08 43 6f 6c 6f 72 61 64 6f 31 16 30 14 06
  1625. Dec 7 19:09:15.736215: | cleartext fragment 03 55 04 0a 0c 0d 50 6f 6c 61 72 69 73 20 41 6c
  1626. Dec 7 19:09:15.736221: | cleartext fragment 70 68 61 31 0d 30 0b 06 03 55 04 0b 0c 04 41 49
  1627. Dec 7 19:09:15.736227: | cleartext fragment 4d 53 31 15 30 13 06 03 55 04 03 0c 0c 31 39 32
  1628. Dec 7 19:09:15.736234: | cleartext fragment 2e 31 36 38 2e 35 30 2e 33 30 82 01 22 30 0d 06
  1629. Dec 7 19:09:15.736240: | cleartext fragment 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f
  1630. Dec 7 19:09:15.736246: | cleartext fragment 00 30 82 01 0a 02 82 01 01 00 d2 4e 5f 14 bf b4
  1631. Dec 7 19:09:15.736252: | cleartext fragment a2 6c b9 4a 96 51 a6 22 cb 2e a3 18 ac 66 2e a6
  1632. Dec 7 19:09:15.736258: | cleartext fragment 8e 17 65 1c 0a a0 1d 5b 48 5e 1f 29 2d 60
  1633. Dec 7 19:09:15.736265: | emitting 1 raw bytes of padding and length into cleartext
  1634. Dec 7 19:09:15.736271: | padding and length 00
  1635. Dec 7 19:09:15.736277: | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encrypted Fragment
  1636. Dec 7 19:09:15.736283: | emitting length of IKEv2 Encrypted Fragment: 511
  1637. Dec 7 19:09:15.736289: | emitting length of ISAKMP Message: 539
  1638. Dec 7 19:09:15.736318: | serialno table: hash serialno #1 to head 0x564dececb000
  1639. Dec 7 19:09:15.736326: | serialno table: hash serialno #1 to head 0x564dececb000
  1640. Dec 7 19:09:15.736332: | **emit ISAKMP Message:
  1641. Dec 7 19:09:15.736338: | initiator cookie:
  1642. Dec 7 19:09:15.736343: | af 26 30 ff 4b 80 f5 5b
  1643. Dec 7 19:09:15.736349: | responder cookie:
  1644. Dec 7 19:09:15.736354: | 50 e3 a7 bd 0a d5 14 e9
  1645. Dec 7 19:09:15.736360: | next payload type: ISAKMP_NEXT_v2SKF (0x35)
  1646. Dec 7 19:09:15.736366: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
  1647. Dec 7 19:09:15.736373: | exchange type: ISAKMP_v2_AUTH (0x23)
  1648. Dec 7 19:09:15.736378: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
  1649. Dec 7 19:09:15.736384: | message ID: 00 00 00 01
  1650. Dec 7 19:09:15.736391: | next payload type: saving message location 'ISAKMP Message' 'next payload type'
  1651. Dec 7 19:09:15.736396: | ***emit IKEv2 Encrypted Fragment:
  1652. Dec 7 19:09:15.736400: | next payload type: ISAKMP_NEXT_v2NONE (0x0)
  1653. Dec 7 19:09:15.736403: | flags: none (0x0)
  1654. Dec 7 19:09:15.736407: | fragment number: 2 (0x2)
  1655. Dec 7 19:09:15.736410: | total fragments: 4 (0x4)
  1656. Dec 7 19:09:15.736415: | next payload type: previous 'ISAKMP Message' 'next payload type' matches 'IKEv2 Encrypted Fragment' (53:ISAKMP_NEXT_v2SKF)
  1657. Dec 7 19:09:15.736419: | next payload type: saving payload location 'IKEv2 Encrypted Fragment' 'next payload type'
  1658. Dec 7 19:09:15.736426: | emitting 8 raw bytes of IV into IKEv2 Encrypted Fragment
  1659. Dec 7 19:09:15.736430: | IV 60 b3 86 4f c4 ed 81 5e
  1660. Dec 7 19:09:15.736434: | emitting 478 raw bytes of cleartext fragment into cleartext
  1661. Dec 7 19:09:15.736438: | cleartext fragment e8 2c 10 06 d2 57 ca 92 d2 99 fb 9a 0e 10 b2 d1
  1662. Dec 7 19:09:15.736442: | cleartext fragment 29 e1 e6 bc 62 30 8a 31 ee cd a0 70 9d 02 d2 fe
  1663. Dec 7 19:09:15.736445: | cleartext fragment fd 9e 3f 54 3c 12 b6 13 e4 77 ab ac 5b b3 62 24
  1664. Dec 7 19:09:15.736449: | cleartext fragment 72 33 a7 73 4d bc cf 2d be e9 b8 82 e9 20 d0 44
  1665. Dec 7 19:09:15.736453: | cleartext fragment be 2b 57 5e b6 89 01 f0 c3 ca 00 16 1f 12 50 fb
  1666. Dec 7 19:09:15.736456: | cleartext fragment 3b 80 b6 7a 13 8d e1 ea b3 e4 bb 1b bf b3 a9 12
  1667. Dec 7 19:09:15.736460: | cleartext fragment 7f 9b 94 a9 dd 4e da 79 3a 04 6c 84 46 53 6b 12
  1668. Dec 7 19:09:15.736470: | cleartext fragment f1 a0 53 16 ed 79 f4 63 2e 9b 84 e3 9b 1b d8 57
  1669. Dec 7 19:09:15.736474: | cleartext fragment b6 3a 0a 8d 3c 71 58 b5 e3 89 c5 1d 91 5e ec 02
  1670. Dec 7 19:09:15.736477: | cleartext fragment 14 0d eb ab f9 da 06 82 78 49 ce 88 82 80 a6 de
  1671. Dec 7 19:09:15.736481: | cleartext fragment b7 05 52 f8 f4 d6 c9 aa d5 0d 9c 2d fe a5 be 45
  1672. Dec 7 19:09:15.736485: | cleartext fragment a5 56 00 f9 39 b9 22 3f 57 a1 02 5a b8 7f fd 61
  1673. Dec 7 19:09:15.736488: | cleartext fragment ef 20 e4 b8 b4 b9 40 49 eb c0 89 bf 4c 8e 3e 7e
  1674. Dec 7 19:09:15.736492: | cleartext fragment fe c9 ee 60 28 03 5c 91 51 df 2b 3b 02 03 01 00
  1675. Dec 7 19:09:15.736496: | cleartext fragment 01 a3 1b 30 19 30 17 06 03 55 1d 11 04 10 30 0e
  1676. Dec 7 19:09:15.736499: | cleartext fragment 82 06 6b 76 6f 74 68 65 87 04 c0 a8 32 03 30 0d
  1677. Dec 7 19:09:15.736503: | cleartext fragment 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 02
  1678. Dec 7 19:09:15.736507: | cleartext fragment 01 00 c2 e6 22 3b 8b b0 43 15 28 f3 90 2c 28 6b
  1679. Dec 7 19:09:15.736510: | cleartext fragment 6d 89 f7 f6 86 8c 66 05 af 58 a3 71 47 ef ce 37
  1680. Dec 7 19:09:15.736514: | cleartext fragment db ee 9b 83 b9 03 d2 23 1f fc e6 4e da b0 85 23
  1681. Dec 7 19:09:15.736518: | cleartext fragment 0d e5 3b 0e 0f 83 47 ab 10 59 4d c2 1e ea b7 e1
  1682. Dec 7 19:09:15.736522: | cleartext fragment b8 38 6f 6b fb aa 09 31 7d b4 6d f4 cc b0 ab b0
  1683. Dec 7 19:09:15.736525: | cleartext fragment ba 0c f6 a3 83 73 a7 47 56 d2 c0 ed fa 0b fc 78
  1684. Dec 7 19:09:15.736529: | cleartext fragment 2c 54 a8 00 8a 52 01 f4 e9 57 15 6d 88 2b af 72
  1685. Dec 7 19:09:15.736533: | cleartext fragment e4 97 32 20 bd fd fe 27 ee 34 2a 9e 2a 63 96 35
  1686. Dec 7 19:09:15.736536: | cleartext fragment 05 26 bd aa 68 27 99 40 d4 83 62 ad 4c d8 14 2b
  1687. Dec 7 19:09:15.736540: | cleartext fragment d4 6a 55 23 5d 10 f9 f8 1d 99 44 97 03 e1 b1 0f
  1688. Dec 7 19:09:15.736544: | cleartext fragment 40 1b 09 ff d9 0d 5b e9 9a 82 c1 d1 d7 57 8c c8
  1689. Dec 7 19:09:15.736547: | cleartext fragment 7a ff 35 f4 42 e1 27 49 46 66 3c 33 2c 54 e2 66
  1690. Dec 7 19:09:15.736551: | cleartext fragment 0c c9 b0 b1 26 ee d0 ce c1 4c 1f 8d 5a 40
  1691. Dec 7 19:09:15.736555: | emitting 1 raw bytes of padding and length into cleartext
  1692. Dec 7 19:09:15.736559: | padding and length 00
  1693. Dec 7 19:09:15.736563: | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encrypted Fragment
  1694. Dec 7 19:09:15.736567: | emitting length of IKEv2 Encrypted Fragment: 511
  1695. Dec 7 19:09:15.736571: | emitting length of ISAKMP Message: 539
  1696. Dec 7 19:09:15.736583: | serialno table: hash serialno #1 to head 0x564dececb000
  1697. Dec 7 19:09:15.736588: | serialno table: hash serialno #1 to head 0x564dececb000
  1698. Dec 7 19:09:15.736592: | **emit ISAKMP Message:
  1699. Dec 7 19:09:15.736595: | initiator cookie:
  1700. Dec 7 19:09:15.736599: | af 26 30 ff 4b 80 f5 5b
  1701. Dec 7 19:09:15.736602: | responder cookie:
  1702. Dec 7 19:09:15.736606: | 50 e3 a7 bd 0a d5 14 e9
  1703. Dec 7 19:09:15.736611: | next payload type: ISAKMP_NEXT_v2SKF (0x35)
  1704. Dec 7 19:09:15.736621: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
  1705. Dec 7 19:09:15.736632: | exchange type: ISAKMP_v2_AUTH (0x23)
  1706. Dec 7 19:09:15.736639: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
  1707. Dec 7 19:09:15.736646: | message ID: 00 00 00 01
  1708. Dec 7 19:09:15.736653: | next payload type: saving message location 'ISAKMP Message' 'next payload type'
  1709. Dec 7 19:09:15.736660: | ***emit IKEv2 Encrypted Fragment:
  1710. Dec 7 19:09:15.736666: | next payload type: ISAKMP_NEXT_v2NONE (0x0)
  1711. Dec 7 19:09:15.736672: | flags: none (0x0)
  1712. Dec 7 19:09:15.736680: | fragment number: 3 (0x3)
  1713. Dec 7 19:09:15.736685: | total fragments: 4 (0x4)
  1714. Dec 7 19:09:15.736692: | next payload type: previous 'ISAKMP Message' 'next payload type' matches 'IKEv2 Encrypted Fragment' (53:ISAKMP_NEXT_v2SKF)
  1715. Dec 7 19:09:15.736698: | next payload type: saving payload location 'IKEv2 Encrypted Fragment' 'next payload type'
  1716. Dec 7 19:09:15.736706: | emitting 8 raw bytes of IV into IKEv2 Encrypted Fragment
  1717. Dec 7 19:09:15.736720: | IV 07 f1 e4 e8 1f fa 68 c7
  1718. Dec 7 19:09:15.736727: | emitting 478 raw bytes of cleartext fragment into cleartext
  1719. Dec 7 19:09:15.736732: | cleartext fragment d3 e1 38 49 97 33 03 f8 e6 e1 2d 8e bc e7 05 e9
  1720. Dec 7 19:09:15.736738: | cleartext fragment b4 84 81 cb 5f 62 41 f1 5b 35 79 ec 18 40 a7 ee
  1721. Dec 7 19:09:15.736744: | cleartext fragment bf 4f c7 88 63 76 45 3a 34 bf 7b 51 45 8e 4e 9c
  1722. Dec 7 19:09:15.736750: | cleartext fragment f2 1a 39 3e 0d 6d a2 9a 8b f1 e0 f2 ad 85 8e 6b
  1723. Dec 7 19:09:15.736755: | cleartext fragment 52 bb 90 21 18 6f 7f e2 11 80 1d 63 76 b8 dd 1f
  1724. Dec 7 19:09:15.736761: | cleartext fragment 72 18 8d 98 69 e3 62 b8 73 3f 7c dc dc 19 3f 38
  1725. Dec 7 19:09:15.736768: | cleartext fragment 47 30 15 a2 48 b3 7b 58 9c 18 3b 10 12 b0 7b 72
  1726. Dec 7 19:09:15.736774: | cleartext fragment f6 d1 4d a7 f8 ff 5b a3 86 04 5c 74 d0 46 17 61
  1727. Dec 7 19:09:15.736780: | cleartext fragment 0f d2 a2 87 d0 36 97 fb 43 e5 7e 69 14 87 e4 20
  1728. Dec 7 19:09:15.736786: | cleartext fragment 5b 98 a2 9b 91 f2 20 f9 21 4c 40 92 2f 60 93 7e
  1729. Dec 7 19:09:15.736793: | cleartext fragment 41 30 2b 82 c6 64 12 69 72 40 21 38 45 0c 0b 73
  1730. Dec 7 19:09:15.736798: | cleartext fragment aa bf ac 47 14 05 48 e5 c2 7c 13 88 64 bd 89 ad
  1731. Dec 7 19:09:15.736804: | cleartext fragment 39 a2 e6 34 ef 50 43 48 89 74 de ba 95 8e 89 e6
  1732. Dec 7 19:09:15.736810: | cleartext fragment 70 6c 61 a9 ba eb b2 c9 12 6d ca 91 df cc 15 3b
  1733. Dec 7 19:09:15.736816: | cleartext fragment 26 aa 9f 5a e6 91 29 59 41 08 b7 e9 00 73 54 e1
  1734. Dec 7 19:09:15.736823: | cleartext fragment 2e 9f a9 c8 f7 5f d0 cf 01 c7 17 84 c0 17 c6 6c
  1735. Dec 7 19:09:15.736829: | cleartext fragment 99 be 79 a6 8b 9c e8 43 ea 7d 90 ef 79 8c e4 f5
  1736. Dec 7 19:09:15.736835: | cleartext fragment d7 49 25 0c 3a bb 68 5a ce 0f 60 4d fa 37 b3 8a
  1737. Dec 7 19:09:15.736840: | cleartext fragment ff 2b 51 ac 59 39 4b a1 43 45 46 9e e9 01 d8 80
  1738. Dec 7 19:09:15.736846: | cleartext fragment 95 9d 00 60 27 00 00 05 04 21 00 01 18 0e 00 00
  1739. Dec 7 19:09:15.736851: | cleartext fragment 00 0f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05
  1740. Dec 7 19:09:15.736857: | cleartext fragment 00 5a 88 f0 4f cb 7e 9e 7e 79 d6 0e d7 87 08 1d
  1741. Dec 7 19:09:15.736864: | cleartext fragment 43 c2 4a ed c9 eb 39 75 f0 db 3f c9 92 22 41 4c
  1742. Dec 7 19:09:15.736870: | cleartext fragment 6f 61 63 a2 ed a0 a3 c7 a1 1b 7f 33 31 88 d0 88
  1743. Dec 7 19:09:15.736876: | cleartext fragment 52 73 34 08 95 99 ce b3 f6 78 f6 be dc 9f ab 2f
  1744. Dec 7 19:09:15.736881: | cleartext fragment 38 d6 ce 3a f3 2b ac 04 00 89 33 9f 1d 97 50 72
  1745. Dec 7 19:09:15.736888: | cleartext fragment 25 f5 11 06 07 b9 44 89 f8 e2 7b 32 3c c9 6d d6
  1746. Dec 7 19:09:15.736894: | cleartext fragment be 1e 23 d4 75 34 59 ab 37 8e 5f cf fd 3f d4 e0
  1747. Dec 7 19:09:15.736900: | cleartext fragment 78 0e ba 73 67 ee 67 4c 8d 46 52 e3 09 2d 20 3a
  1748. Dec 7 19:09:15.736906: | cleartext fragment 99 fa f8 2c 19 b4 c9 68 37 30 1c 19 d1 d5
  1749. Dec 7 19:09:15.736913: | emitting 1 raw bytes of padding and length into cleartext
  1750. Dec 7 19:09:15.736920: | padding and length 00
  1751. Dec 7 19:09:15.736926: | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encrypted Fragment
  1752. Dec 7 19:09:15.736930: | emitting length of IKEv2 Encrypted Fragment: 511
  1753. Dec 7 19:09:15.736934: | emitting length of ISAKMP Message: 539
  1754. Dec 7 19:09:15.736950: | serialno table: hash serialno #1 to head 0x564dececb000
  1755. Dec 7 19:09:15.736956: | serialno table: hash serialno #1 to head 0x564dececb000
  1756. Dec 7 19:09:15.736960: | **emit ISAKMP Message:
  1757. Dec 7 19:09:15.736964: | initiator cookie:
  1758. Dec 7 19:09:15.736967: | af 26 30 ff 4b 80 f5 5b
  1759. Dec 7 19:09:15.736971: | responder cookie:
  1760. Dec 7 19:09:15.736974: | 50 e3 a7 bd 0a d5 14 e9
  1761. Dec 7 19:09:15.736978: | next payload type: ISAKMP_NEXT_v2SKF (0x35)
  1762. Dec 7 19:09:15.736982: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
  1763. Dec 7 19:09:15.736986: | exchange type: ISAKMP_v2_AUTH (0x23)
  1764. Dec 7 19:09:15.736996: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8)
  1765. Dec 7 19:09:15.737001: | message ID: 00 00 00 01
  1766. Dec 7 19:09:15.737005: | next payload type: saving message location 'ISAKMP Message' 'next payload type'
  1767. Dec 7 19:09:15.737009: | ***emit IKEv2 Encrypted Fragment:
  1768. Dec 7 19:09:15.737013: | next payload type: ISAKMP_NEXT_v2NONE (0x0)
  1769. Dec 7 19:09:15.737017: | flags: none (0x0)
  1770. Dec 7 19:09:15.737020: | fragment number: 4 (0x4)
  1771. Dec 7 19:09:15.737024: | total fragments: 4 (0x4)
  1772. Dec 7 19:09:15.737028: | next payload type: previous 'ISAKMP Message' 'next payload type' matches 'IKEv2 Encrypted Fragment' (53:ISAKMP_NEXT_v2SKF)
  1773. Dec 7 19:09:15.737032: | next payload type: saving payload location 'IKEv2 Encrypted Fragment' 'next payload type'
  1774. Dec 7 19:09:15.737043: | emitting 8 raw bytes of IV into IKEv2 Encrypted Fragment
  1775. Dec 7 19:09:15.737047: | IV 7b 44 04 67 c2 ed 71 ef
  1776. Dec 7 19:09:15.737051: | emitting 367 raw bytes of cleartext fragment into cleartext
  1777. Dec 7 19:09:15.737055: | cleartext fragment ec 96 4a d7 94 dd 76 8f 49 dd ec 96 15 2d 0f 08
  1778. Dec 7 19:09:15.737059: | cleartext fragment d0 f1 e6 72 83 f1 85 df ed c8 94 03 6e 87 30 ab
  1779. Dec 7 19:09:15.737062: | cleartext fragment 43 f4 23 65 8e 65 a4 5a 43 24 4d 4a b3 4d a4 9a
  1780. Dec 7 19:09:15.737066: | cleartext fragment 06 fc 7c 3f b5 8c 98 c5 80 13 f1 ea c9 22 0e 85
  1781. Dec 7 19:09:15.737069: | cleartext fragment d7 e1 a7 78 1f 26 41 e9 17 be 58 a5 00 ac b8 0a
  1782. Dec 7 19:09:15.737073: | cleartext fragment 46 71 a3 20 48 b0 f4 05 c0 a2 33 30 b5 c0 96 43
  1783. Dec 7 19:09:15.737077: | cleartext fragment b3 0a 3f 1c 4c 9c 6c 5a f0 d4 18 e3 7b dd 6d 37
  1784. Dec 7 19:09:15.737081: | cleartext fragment ac f4 7e 2c 00 00 cc 02 00 00 20 01 03 04 02 ed
  1785. Dec 7 19:09:15.737084: | cleartext fragment 6c 81 64 03 00 00 0c 01 00 00 14 80 0e 01 00 00
  1786. Dec 7 19:09:15.737088: | cleartext fragment 00 00 08 05 00 00 00 02 00 00 20 02 03 04 02 ed
  1787. Dec 7 19:09:15.737092: | cleartext fragment 6c 81 64 03 00 00 0c 01 00 00 14 80 0e 00 80 00
  1788. Dec 7 19:09:15.737096: | cleartext fragment 00 00 08 05 00 00 00 02 00 00 30 03 03 04 04 ed
  1789. Dec 7 19:09:15.737099: | cleartext fragment 6c 81 64 03 00 00 0c 01 00 00 0c 80 0e 01 00 03
  1790. Dec 7 19:09:15.737103: | cleartext fragment 00 00 08 03 00 00 0e 03 00 00 08 03 00 00 0c 00
  1791. Dec 7 19:09:15.737107: | cleartext fragment 00 00 08 05 00 00 00 02 00 00 30 04 03 04 04 ed
  1792. Dec 7 19:09:15.737111: | cleartext fragment 6c 81 64 03 00 00 0c 01 00 00 0c 80 0e 00 80 03
  1793. Dec 7 19:09:15.737114: | cleartext fragment 00 00 08 03 00 00 0e 03 00 00 08 03 00 00 0c 00
  1794. Dec 7 19:09:15.737118: | cleartext fragment 00 00 08 05 00 00 00 00 00 00 28 05 03 04 03 ed
  1795. Dec 7 19:09:15.737122: | cleartext fragment 6c 81 64 03 00 00 0c 01 00 00 0c 80 0e 00 80 03
  1796. Dec 7 19:09:15.737126: | cleartext fragment 00 00 08 03 00 00 02 00 00 00 08 05 00 00 00 2d
  1797. Dec 7 19:09:15.737130: | cleartext fragment 00 00 18 01 00 00 00 07 00 00 10 00 00 ff ff c0
  1798. Dec 7 19:09:15.737133: | cleartext fragment a8 32 03 c0 a8 32 03 00 00 00 18 01 00 00 00 07
  1799. Dec 7 19:09:15.737137: | cleartext fragment 00 00 10 00 00 ff ff c0 a8 32 02 c0 a8 32 02
  1800. Dec 7 19:09:15.737141: | emitting 1 raw bytes of padding and length into cleartext
  1801. Dec 7 19:09:15.737145: | padding and length 00
  1802. Dec 7 19:09:15.737149: | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encrypted Fragment
  1803. Dec 7 19:09:15.737153: | emitting length of IKEv2 Encrypted Fragment: 400
  1804. Dec 7 19:09:15.737157: | emitting length of ISAKMP Message: 428
  1805. Dec 7 19:09:15.737174: | processing: suspend state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in complete_v2_state_transition() at ikev2.c:2787)
  1806. Dec 7 19:09:15.737182: | processing: start state #2 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in complete_v2_state_transition() at ikev2.c:2787)
  1807. Dec 7 19:09:15.737187: | #2 complete v2 state transition from STATE_UNDEFINED with STF_OK
  1808. Dec 7 19:09:15.737192: | serialno table: hash serialno #1 to head 0x564dececb000
  1809. Dec 7 19:09:15.737205: | serialno table: hash serialno #1 to head 0x564dececb000
  1810. Dec 7 19:09:15.737210: | IKEv2: transition from state STATE_PARENT_I1 to state STATE_PARENT_I2
  1811. Dec 7 19:09:15.737215: | child state #2: STATE_UNDEFINED(ignore) => STATE_PARENT_I2(open-ike)
  1812. Dec 7 19:09:15.737219: | ignore states: 0
  1813. Dec 7 19:09:15.737223: | half-open-ike states: 0
  1814. Dec 7 19:09:15.737227: | open-ike states: 2
  1815. Dec 7 19:09:15.737231: | established-anonymous-ike states: 0
  1816. Dec 7 19:09:15.737234: | established-authenticated-ike states: 0
  1817. Dec 7 19:09:15.737238: | anonymous-ipsec states: 0
  1818. Dec 7 19:09:15.737241: | authenticated-ipsec states: 0
  1819. Dec 7 19:09:15.737245: | informational states: 0
  1820. Dec 7 19:09:15.737249: | unknown states: 0
  1821. Dec 7 19:09:15.737252: | category states: 2 count states: 2
  1822. Dec 7 19:09:15.737257: | serialno table: hash serialno #1 to head 0x564dececb000
  1823. Dec 7 19:09:15.737261: | serialno table: hash serialno #1 to head 0x564dececb000
  1824. Dec 7 19:09:15.737266: | message ID #2 STATE_PARENT_I2 private#192.168.50.0/24 pst #1 st_msgid_nextuse(before=1) 2 st_msgid_lastack 0 st_msgid_lastrecv 4294967295 md is a resonse
  1825. Dec 7 19:09:15.737283: | sending V2 reply packet to 192.168.50.2:500 (from port 500)
  1826. Dec 7 19:09:15.737288: | sending fragments ...
  1827. Dec 7 19:09:15.737296: | sending 539 bytes for STATE_PARENT_I1 through eth1:500 to 192.168.50.2:500 (using #1)
  1828. Dec 7 19:09:15.737300: | af 26 30 ff 4b 80 f5 5b 50 e3 a7 bd 0a d5 14 e9
  1829. Dec 7 19:09:15.737304: | 35 20 23 08 00 00 00 01 00 00 02 1b 23 00 01 ff
  1830. Dec 7 19:09:15.737307: | 00 01 00 04 35 c5 e2 aa e9 0b 36 f6 e1 18 97 ac
  1831. Dec 7 19:09:15.737311: | 43 d9 bd b4 a2 32 9a b3 c6 f2 93 c0 d3 a8 0a 35
  1832. Dec 7 19:09:15.737314: | da e5 53 46 c2 0b 39 ee 6b d7 cf cd 2a f6 20 6a
  1833. Dec 7 19:09:15.737318: | 93 75 37 b9 d2 43 0d 3c 18 ec 36 52 e9 10 d3 33
  1834. Dec 7 19:09:15.737322: | 93 20 14 91 20 5b 90 71 34 dd f5 74 b9 71 3f 5e
  1835. Dec 7 19:09:15.737325: | 14 35 0d 14 ab eb 89 a6 b2 f9 ec cd c4 ae 76 c4
  1836. Dec 7 19:09:15.737330: | 4c 85 5d 06 87 4d 70 72 3f e0 4f 88 a2 36 db b1
  1837. Dec 7 19:09:15.737333: | ca be 58 08 57 48 a6 c5 f0 35 86 02 75 6e 0e e1
  1838. Dec 7 19:09:15.737337: | 08 c8 37 f2 68 1d 0d 0d 9f 33 fd 1d dc 80 1e 6a
  1839. Dec 7 19:09:15.737340: | 0c c6 d5 43 d6 e5 d2 d7 e8 cf 3a e6 1c d8 0f 4a
  1840. Dec 7 19:09:15.737344: | b3 fc 88 8f 1e fe 73 b5 d6 54 99 4c 39 ca 5d 8f
  1841. Dec 7 19:09:15.737347: | 06 fe 4b a9 d8 65 d2 df fe 0b a8 5e 1d 93 ca 4e
  1842. Dec 7 19:09:15.737351: | de 33 75 c7 31 80 b3 0c b5 e8 75 a8 d4 3b 44 f0
  1843. Dec 7 19:09:15.737354: | 05 9b e6 06 6c 43 a0 95 33 47 a6 4a a7 df de 45
  1844. Dec 7 19:09:15.737358: | 44 88 2a d8 7f 60 f2 15 b9 93 1f f7 79 53 5b 99
  1845. Dec 7 19:09:15.737361: | 69 e8 6e e3 57 2a d6 9b 57 b5 af 2b fd b5 8c de
  1846. Dec 7 19:09:15.737365: | 36 cc 7d 89 f0 2d 4e c9 0b 4a 28 d6 69 9f d1 0b
  1847. Dec 7 19:09:15.737369: | 9a 7f f2 93 b0 f5 d5 4b 77 41 bb d4 1c 95 2d 63
  1848. Dec 7 19:09:15.737372: | 13 4d 8c ff 3e 25 3a 25 f4 a8 58 43 bd 0e 4c dc
  1849. Dec 7 19:09:15.737376: | 3e 60 5b ea bd e0 59 2a cb c5 7e ef 5f 7c dd b3
  1850. Dec 7 19:09:15.737379: | 8d 17 94 ea 13 43 4f d1 46 ba ac ab 1e f1 47 d9
  1851. Dec 7 19:09:15.737383: | db 1e 88 c3 9f 8f 61 15 f6 4e b3 90 9a 47 c4 9e
  1852. Dec 7 19:09:15.737386: | 76 ea 76 02 50 55 bc b5 25 35 f2 e1 d9 f4 25 10
  1853. Dec 7 19:09:15.737390: | ce c5 2d 33 6b b9 db 72 99 8c 54 11 85 23 d8 52
  1854. Dec 7 19:09:15.737393: | 4b 39 24 a0 13 06 ad 8d ac c2 81 b1 58 45 96 90
  1855. Dec 7 19:09:15.737397: | d9 0f 21 42 72 cb 1d 00 6f be 79 32 d1 40 01 f7
  1856. Dec 7 19:09:15.737400: | fe b8 0b 7b ad 85 c8 ee 11 6e 85 38 fe 13 f4 87
  1857. Dec 7 19:09:15.737404: | d2 a4 20 d7 78 0d 91 2e 4c ba da b9 ef 92 09 17
  1858. Dec 7 19:09:15.737408: | a3 e1 2e f5 c0 cf 32 20 5e 90 b7 f7 e8 05 28 f4
  1859. Dec 7 19:09:15.737411: | 21 0b 2f 13 a6 2f 24 aa bd 2c 4f 09 1b eb fd 6a
  1860. Dec 7 19:09:15.737415: | 0b 13 e0 76 44 3b 1e 81 e1 77 e7 7e de 2c 54 35
  1861. Dec 7 19:09:15.737419: | c0 2f e2 0e b9 e3 47 d0 13 18 a3
  1862. Dec 7 19:09:15.737559: | sending 539 bytes for STATE_PARENT_I1 through eth1:500 to 192.168.50.2:500 (using #1)
  1863. Dec 7 19:09:15.737577: | af 26 30 ff 4b 80 f5 5b 50 e3 a7 bd 0a d5 14 e9
  1864. Dec 7 19:09:15.737581: | 35 20 23 08 00 00 00 01 00 00 02 1b 00 00 01 ff
  1865. Dec 7 19:09:15.737584: | 00 02 00 04 60 b3 86 4f c4 ed 81 5e 99 d1 2f 3e
  1866. Dec 7 19:09:15.737588: | 2c 5d ab bb de 1b 65 d9 09 3b ec 4b e0 f8 f9 ba
  1867. Dec 7 19:09:15.737591: | 5f 31 3c 85 2c ac e1 8b 99 7e 6a 16 80 0a e3 1a
  1868. Dec 7 19:09:15.737595: | bd 35 ed de 3f 01 38 b3 53 2d be ef bd be f3 5e
  1869. Dec 7 19:09:15.737598: | b8 f8 50 b1 a7 7c 53 d5 77 72 75 61 15 99 50 9e
  1870. Dec 7 19:09:15.737602: | 12 a2 1c 12 ea 35 b3 35 bd 7e 88 9e b6 7b f7 0d
  1871. Dec 7 19:09:15.737605: | 2e 1b cd f7 e1 ea b9 89 33 f7 4e 92 92 50 43 12
  1872. Dec 7 19:09:15.737609: | 4c 9e ba 04 fb 4e 72 70 21 81 50 ee d7 27 f9 92
  1873. Dec 7 19:09:15.737612: | 8e 39 53 fd b6 b4 d9 36 e4 66 98 9f 07 cc e1 36
  1874. Dec 7 19:09:15.737616: | 00 b7 1d 4e cd c8 a8 6a 4c a2 86 cf 5d af 22 0a
  1875. Dec 7 19:09:15.737619: | 6f 96 93 b4 ad fd 3a e3 2e 1e ba 0e a0 cb 84 f0
  1876. Dec 7 19:09:15.737623: | 6f d0 b2 27 80 bc e5 3b 25 80 b1 ca 31 e5 ba 3b
  1877. Dec 7 19:09:15.737627: | dd 65 cd 5d ad 1c 3c f3 a0 88 20 7a 4f a9 b5 e4
  1878. Dec 7 19:09:15.737630: | 54 be f3 5d 91 a7 c7 6c 7b 79 e0 52 51 8a e4 23
  1879. Dec 7 19:09:15.737634: | f8 a9 f5 0f 0a e2 ec e0 50 1c 9d df 38 ef f1 2c
  1880. Dec 7 19:09:15.737637: | a0 e7 fb 79 8f 16 3e 59 64 d7 0e 11 6e a1 89 a7
  1881. Dec 7 19:09:15.737641: | ef de 30 82 39 69 c6 23 d6 03 0d ef 5a 13 4a 34
  1882. Dec 7 19:09:15.737644: | d8 62 2e 58 79 95 99 94 d0 5a 19 f4 b8 b2 5c 56
  1883. Dec 7 19:09:15.737648: | 5d 0f 25 a5 42 09 bf 6d e1 5f dc 98 a3 ec 43 e7
  1884. Dec 7 19:09:15.737651: | 4d d2 e3 ae 4f ee fe 9b 66 eb f6 ee 06 38 6d 1b
  1885. Dec 7 19:09:15.737655: | db c3 c7 dd ba 94 63 da 12 86 e3 e2 1e 2d a2 d1
  1886. Dec 7 19:09:15.737658: | 3b c4 57 83 44 75 9a 81 5c 56 9d 1d 95 0a 81 ba
  1887. Dec 7 19:09:15.737662: | e5 f8 fa e2 a7 69 b3 81 01 59 e4 03 8f de ff f5
  1888. Dec 7 19:09:15.737665: | f0 70 12 eb f1 f5 5b f6 19 67 88 7d 4e 88 49 3f
  1889. Dec 7 19:09:15.737669: | dc a0 cf 05 ef 5d 95 d6 99 6f 66 e9 ab 4f 3d 8c
  1890. Dec 7 19:09:15.737672: | e7 a3 b1 e2 35 8f 49 a1 4d 38 9b 21 05 24 d0 78
  1891. Dec 7 19:09:15.737676: | fe 67 a4 89 09 95 ab a0 b1 f3 57 1e c3 ca de f4
  1892. Dec 7 19:09:15.737679: | 49 08 7c d0 1c 79 3c 95 52 2f e9 2b 19 77 29 7d
  1893. Dec 7 19:09:15.737683: | ac 9b e7 c3 06 65 8d 76 f4 5b e8 65 27 cb 62 46
  1894. Dec 7 19:09:15.737687: | 9c 93 1b a1 0e 26 c8 39 52 de 38 0d ea 33 9e 0f
  1895. Dec 7 19:09:15.737690: | 4e 50 0f 68 3f c7 5c 31 b0 5e c9 82 86 aa 3c cf
  1896. Dec 7 19:09:15.737694: | b0 d0 5d 76 81 0b 8a 5c 95 c6 74
  1897. Dec 7 19:09:15.737712: | sending 539 bytes for STATE_PARENT_I1 through eth1:500 to 192.168.50.2:500 (using #1)
  1898. Dec 7 19:09:15.737716: | af 26 30 ff 4b 80 f5 5b 50 e3 a7 bd 0a d5 14 e9
  1899. Dec 7 19:09:15.737720: | 35 20 23 08 00 00 00 01 00 00 02 1b 00 00 01 ff
  1900. Dec 7 19:09:15.737724: | 00 03 00 04 07 f1 e4 e8 1f fa 68 c7 9f 50 ef 60
  1901. Dec 7 19:09:15.737727: | 66 c5 9c af 13 55 f0 ec 39 29 ef c7 d7 5d 0a 63
  1902. Dec 7 19:09:15.737731: | 89 ea 7e 9a 48 17 74 25 df dd 37 2c 1c 7d 4e 91
  1903. Dec 7 19:09:15.737734: | d9 bb 4b af c4 59 e5 63 13 83 2d 47 f9 9f b3 34
  1904. Dec 7 19:09:15.737738: | 46 a3 be fa 00 03 c8 88 6d a7 98 33 cb 1e 13 ed
  1905. Dec 7 19:09:15.737741: | cc 9a 36 0c 5e e9 d8 60 a1 5f 14 6f 7a 63 40 03
  1906. Dec 7 19:09:15.737745: | b0 34 38 ef 6c f4 8c 77 c3 b4 eb 26 72 67 cb 32
  1907. Dec 7 19:09:15.737748: | 37 e8 85 ce 51 88 33 56 70 3e 5d d4 75 cc 48 c7
  1908. Dec 7 19:09:15.737752: | 1b b5 c6 e9 86 30 df c1 e8 a9 96 26 2e d9 8c 46
  1909. Dec 7 19:09:15.737755: | f6 d5 1f 82 b0 3a 83 32 7f 1e 7e 4a e1 34 f2 7f
  1910. Dec 7 19:09:15.737759: | 5d d8 19 2b c1 16 5c 57 09 56 c7 b2 86 4f fc f4
  1911. Dec 7 19:09:15.737762: | f5 1d 71 a4 0e ef 67 1a 95 5b 35 32 3b 24 f0 8f
  1912. Dec 7 19:09:15.737766: | 25 5c 04 f9 5d 0d 9a 8c 2b 4e 8e c0 12 f7 3f 35
  1913. Dec 7 19:09:15.737769: | 04 e9 e7 27 dc 0e 90 29 fb 0e 92 4f 78 87 ce 83
  1914. Dec 7 19:09:15.737776: | a5 bb c6 80 c7 ac af e9 bb 27 25 ea 94 bf 36 97
  1915. Dec 7 19:09:15.737780: | 33 14 92 3b c0 61 74 38 3d 13 b1 8e 7e a2 39 14
  1916. Dec 7 19:09:15.737784: | 85 78 88 cf fb c7 b3 dc bb d7 ee ec 37 38 19 6d
  1917. Dec 7 19:09:15.737787: | bd a2 11 85 1e a8 27 8d 03 68 27 59 dd 60 59 e4
  1918. Dec 7 19:09:15.737791: | da d9 17 c3 44 33 ab 2e 98 b0 09 75 81 8c 73 f2
  1919. Dec 7 19:09:15.737794: | 54 ac 63 78 20 15 74 46 ed 2f 22 5c 8a b6 bd aa
  1920. Dec 7 19:09:15.737798: | fa 09 aa 06 18 0f cc 7c f5 a6 9b ab e9 ca aa 90
  1921. Dec 7 19:09:15.737801: | 10 63 1b 17 84 9c c1 71 47 8e c3 7f 43 82 b6 37
  1922. Dec 7 19:09:15.737805: | d7 2d 07 73 06 8f e4 83 46 1e 13 22 1a 87 f9 0d
  1923. Dec 7 19:09:15.737808: | 3c 33 44 4c 84 1a 0d 23 a4 1a d0 4c 30 2a 6f c7
  1924. Dec 7 19:09:15.737812: | 21 49 8c a9 1c ab 1d c1 d0 73 4b 1a 97 f2 b4 a9
  1925. Dec 7 19:09:15.737815: | b4 bd ce 2b de 10 26 0f 73 5d e2 30 fd e7 1e 04
  1926. Dec 7 19:09:15.737819: | ba 25 a0 04 ec dc e7 5e 3d 62 3e 7e ba 97 87 fc
  1927. Dec 7 19:09:15.737822: | 27 84 bd f7 b1 4b 39 42 f3 07 f3 26 d8 62 5e b7
  1928. Dec 7 19:09:15.737826: | 7e 79 a8 e4 0f 88 11 31 4a c2 de 9b 2c fa c2 78
  1929. Dec 7 19:09:15.737829: | 98 da e9 a6 23 30 98 b0 b2 2c ca 89 86 dd 00 6b
  1930. Dec 7 19:09:15.737833: | 31 d7 26 6b 21 b1 20 00 d1 d5 a7 59 82 45 22 e2
  1931. Dec 7 19:09:15.737836: | ae 46 53 8d d5 c5 06 60 ce e1 44
  1932. Dec 7 19:09:15.737848: | sending 428 bytes for STATE_PARENT_I1 through eth1:500 to 192.168.50.2:500 (using #1)
  1933. Dec 7 19:09:15.737852: | af 26 30 ff 4b 80 f5 5b 50 e3 a7 bd 0a d5 14 e9
  1934. Dec 7 19:09:15.737856: | 35 20 23 08 00 00 00 01 00 00 01 ac 00 00 01 90
  1935. Dec 7 19:09:15.737860: | 00 04 00 04 7b 44 04 67 c2 ed 71 ef b4 8e 6c 55
  1936. Dec 7 19:09:15.737863: | 78 a6 c8 d7 f9 50 35 82 f8 8e 9a 93 2c 85 7e bb
  1937. Dec 7 19:09:15.737867: | 12 d5 b2 56 54 f5 78 b2 ae f7 22 c8 1a cc b3 6c
  1938. Dec 7 19:09:15.737870: | bb 41 19 c3 61 a9 d4 99 71 8b 71 21 42 2b 7c 9d
  1939. Dec 7 19:09:15.737874: | b9 ad 6c 6f 36 12 d1 f6 e5 d7 89 20 9f 5f 10 db
  1940. Dec 7 19:09:15.737877: | 38 ed cf 07 e8 8a 19 4b 7d 69 2f 4a c8 5c bc bb
  1941. Dec 7 19:09:15.737881: | a1 3e ad c1 0a e0 71 80 bc 54 79 eb ba 18 c7 20
  1942. Dec 7 19:09:15.737884: | 02 31 5c f0 fe fe 6a cb de 4f 23 18 07 ea 7c 7f
  1943. Dec 7 19:09:15.737888: | bf 7c 1e 1e 3b 61 66 c8 d9 df f2 b2 86 68 a7 33
  1944. Dec 7 19:09:15.737891: | 13 01 90 39 0f 3d 20 69 44 0f f3 2b 4a 5e 93 98
  1945. Dec 7 19:09:15.737895: | 6b e1 a8 c4 7c f9 5c 28 08 a6 89 dd 46 ee 3e 45
  1946. Dec 7 19:09:15.737898: | 26 72 83 34 77 68 85 75 36 08 b7 42 b0 3a 50 e2
  1947. Dec 7 19:09:15.737902: | b7 36 c4 d7 63 c6 ac d3 f5 0a 79 a3 16 50 4a 32
  1948. Dec 7 19:09:15.737905: | 9e 86 31 fe 73 18 43 8b 8b d8 15 35 32 ae e3 81
  1949. Dec 7 19:09:15.737909: | 20 54 4a 38 79 fd cf e7 43 c6 9e 0d e0 a9 05 9b
  1950. Dec 7 19:09:15.737912: | 6e 55 f7 20 66 41 ac 9e d6 85 4d d3 bf 83 18 66
  1951. Dec 7 19:09:15.737916: | 3f 29 b3 5c 86 d0 99 70 27 60 6e 07 55 a1 6f e8
  1952. Dec 7 19:09:15.737919: | 22 be 14 cd d9 98 ad bf c9 96 d8 1e 61 73 b5 e5
  1953. Dec 7 19:09:15.737923: | 8a d4 de 26 b2 1a a0 a3 fb 80 45 63 8d ab f5 d9
  1954. Dec 7 19:09:15.737927: | 7c 39 e7 88 22 6f ff 1b 7a 51 6a 4e 7a 48 e2 14
  1955. Dec 7 19:09:15.737930: | 13 e2 94 f6 5c bf 93 94 f4 4f 9c d5 58 ac 74 9b
  1956. Dec 7 19:09:15.737934: | a6 c0 f9 a4 36 09 12 ca c5 b3 da 87 c2 f1 16 47
  1957. Dec 7 19:09:15.737937: | 44 a3 43 7a 1f e3 27 d9 24 e3 96 ff bf a3 8f af
  1958. Dec 7 19:09:15.737941: | 19 5b 65 0d 8a 72 8d e7 0c 49 52 3e ad ab 91 bd
  1959. Dec 7 19:09:15.737944: | 28 bf ff da 15 38 d4 2b df 66 5c 94
  1960. Dec 7 19:09:15.737955: | sent 4 fragments
  1961. Dec 7 19:09:15.737961: | state #2 requesting to delete non existing event
  1962. Dec 7 19:09:15.737966: | success_v2_state_transition scheduling EVENT_v2_RETRANSMIT of c->r_interval=500ms
  1963. Dec 7 19:09:15.737974: | event_schedule: new EVENT_v2_RETRANSMIT-pe@0x564dee3d3c78
  1964. Dec 7 19:09:15.737980: | inserting event EVENT_v2_RETRANSMIT, timeout in 0.500 seconds for #2
  1965. Dec 7 19:09:15.737995: | #2 STATE_PARENT_I2: retransmits: first event in 0.5 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 992.664
  1966. Dec 7 19:09:15.738007: | processing: stop state #2 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in schedule_event_now_cb() at server.c:597)
  1967. Dec 7 19:09:15.738012: | serialno table: hash serialno #0 to head 0x564dececafe0
  1968. Dec 7 19:09:15.738016: | serialno table: hash serialno #0 to head 0x564dececafe0
  1969. Dec 7 19:09:15.754189: | *received 65 bytes from 192.168.50.2:500 on eth1 (port=500)
  1970. Dec 7 19:09:15.754215: | af 26 30 ff 4b 80 f5 5b 50 e3 a7 bd 0a d5 14 e9
  1971. Dec 7 19:09:15.754218: | 2e 20 23 20 00 00 00 01 00 00 00 41 29 00 00 25
  1972. Dec 7 19:09:15.754220: | 8b 5c 43 4f eb 99 66 39 91 b0 b9 2f 50 cc c7 90
  1973. Dec 7 19:09:15.754222: | 9e cc e8 92 eb 9f 87 a9 1b 90 9b 62 c6 7c ab a9
  1974. Dec 7 19:09:15.754225: | 75
  1975. Dec 7 19:09:15.754229: | processing: start from 192.168.50.2:500 (in process_md() at demux.c:392)
  1976. Dec 7 19:09:15.754233: | **parse ISAKMP Message:
  1977. Dec 7 19:09:15.754236: | initiator cookie:
  1978. Dec 7 19:09:15.754238: | af 26 30 ff 4b 80 f5 5b
  1979. Dec 7 19:09:15.754240: | responder cookie:
  1980. Dec 7 19:09:15.754243: | 50 e3 a7 bd 0a d5 14 e9
  1981. Dec 7 19:09:15.754246: | next payload type: ISAKMP_NEXT_v2SK (0x2e)
  1982. Dec 7 19:09:15.754248: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
  1983. Dec 7 19:09:15.754251: | exchange type: ISAKMP_v2_AUTH (0x23)
  1984. Dec 7 19:09:15.754254: | flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20)
  1985. Dec 7 19:09:15.754257: | message ID: 00 00 00 01
  1986. Dec 7 19:09:15.754259: | length: 65 (0x41)
  1987. Dec 7 19:09:15.754262: | processing version=2.0 packet with exchange type=ISAKMP_v2_AUTH (35)
  1988. Dec 7 19:09:15.754265: | I am receiving an IKEv2 Response ISAKMP_v2_AUTH
  1989. Dec 7 19:09:15.754267: | I am the IKE SA Original Initiator
  1990. Dec 7 19:09:15.754274: | cookies table: hash icookie af 26 30 ff 4b 80 f5 5b rcookie 50 e3 a7 bd 0a d5 14 e9 to 849541088340921400 slot 0x564decec4d60
  1991. Dec 7 19:09:15.754277: | v2 peer, cookies and msgid match on #2
  1992. Dec 7 19:09:15.754280: | v2 state object #2 found, in STATE_PARENT_I2
  1993. Dec 7 19:09:15.754282: | found state #2
  1994. Dec 7 19:09:15.754288: | processing: start state #2 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in ikev2_process_packet() at ikev2.c:1538)
  1995. Dec 7 19:09:15.754292: | processing: start connection "private#192.168.50.0/24"[1] ...192.168.50.2 (BACKGROUND) (in ikev2_process_packet() at ikev2.c:1543)
  1996. Dec 7 19:09:15.754296: | serialno table: hash serialno #1 to head 0x564dececb000
  1997. Dec 7 19:09:15.754298: | serialno table: hash serialno #1 to head 0x564dececb000
  1998. Dec 7 19:09:15.754301: | #2 is idle
  1999. Dec 7 19:09:15.754303: | #2 idle
  2000. Dec 7 19:09:15.754306: | #2 in state PARENT_I2: sent v2I2, expected v2R2
  2001. Dec 7 19:09:15.754309: | Unpacking clear payload for svm: Initiator: process INVALID_SYNTAX AUTH notification
  2002. Dec 7 19:09:15.754312: | Now let's proceed with payload (ISAKMP_NEXT_v2SK)
  2003. Dec 7 19:09:15.754315: | ***parse IKEv2 Encryption Payload:
  2004. Dec 7 19:09:15.754317: | next payload type: ISAKMP_NEXT_v2N (0x29)
  2005. Dec 7 19:09:15.754319: | flags: none (0x0)
  2006. Dec 7 19:09:15.754322: | length: 37 (0x25)
  2007. Dec 7 19:09:15.754324: | processing payload: ISAKMP_NEXT_v2SK (len=37)
  2008. Dec 7 19:09:15.754327: | serialno table: hash serialno #1 to head 0x564dececb000
  2009. Dec 7 19:09:15.754329: | serialno table: hash serialno #1 to head 0x564dececb000
  2010. Dec 7 19:09:15.754352: | #2 ikev2 ISAKMP_v2_AUTH decrypt success
  2011. Dec 7 19:09:15.754355: | Now let's proceed with payload (ISAKMP_NEXT_v2N)
  2012. Dec 7 19:09:15.754358: | **parse IKEv2 Notify Payload:
  2013. Dec 7 19:09:15.754360: | next payload type: ISAKMP_NEXT_v2NONE (0x0)
  2014. Dec 7 19:09:15.754363: | flags: none (0x0)
  2015. Dec 7 19:09:15.754365: | length: 8 (0x8)
  2016. Dec 7 19:09:15.754367: | Protocol ID: PROTO_v2_RESERVED (0x0)
  2017. Dec 7 19:09:15.754370: | SPI size: 0 (0x0)
  2018. Dec 7 19:09:15.754372: | Notify Message Type: v2N_AUTHENTICATION_FAILED (0x18)
  2019. Dec 7 19:09:15.754375: | processing payload: ISAKMP_NEXT_v2N (len=8)
  2020. Dec 7 19:09:15.754388: | selected state microcode Initiator: process AUTHENTICATION_FAILED AUTH notification
  2021. Dec 7 19:09:15.754391: | Now lets proceed with state specific processing
  2022. Dec 7 19:09:15.754393: | calling processor Initiator: process AUTHENTICATION_FAILED AUTH notification
  2023. Dec 7 19:09:15.754397: "private#192.168.50.0/24"[1] ...192.168.50.2 #2: IKE SA authentication request rejected: AUTHENTICATION_FAILED
  2024. Dec 7 19:09:15.754401: "private#192.168.50.0/24"[1] ...192.168.50.2 #2: scheduling retry attempt 1 of an unlimited number
  2025. Dec 7 19:09:15.754405: | serialno table: hash serialno #1 to head 0x564dececb000
  2026. Dec 7 19:09:15.754407: | serialno table: hash serialno #1 to head 0x564dececb000
  2027. Dec 7 19:09:15.754415: | free_event_entry: release EVENT_v2_RETRANSMIT-pe@0x564dee3d3c78
  2028. Dec 7 19:09:15.754418: | event_schedule: new EVENT_v2_RETRANSMIT-pe@0x564dee3d3c78
  2029. Dec 7 19:09:15.754422: | inserting event EVENT_v2_RETRANSMIT, timeout in 59.983 seconds for #2
  2030. Dec 7 19:09:15.754427: "private#192.168.50.0/24"[1] ...192.168.50.2 #2: STATE_PARENT_I2: suppressing retransmits; will wait 59.983 seconds for retry
  2031. Dec 7 19:09:15.754430: | complete v2 state transition with STF_IGNORE
  2032. Dec 7 19:09:15.754434: | processing: stop from 192.168.50.2:500 (BACKGROUND) (in process_md() at demux.c:394)
  2033. Dec 7 19:09:15.754438: | processing: stop state #2 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in process_md() at demux.c:396)
  2034. Dec 7 19:09:15.754440: | serialno table: hash serialno #0 to head 0x564dececafe0
  2035. Dec 7 19:09:15.754443: | serialno table: hash serialno #0 to head 0x564dececafe0
  2036. Dec 7 19:09:15.754446: | processing: resume connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in process_md() at demux.c:396)
  2037. Dec 7 19:09:15.754449: | processing: stop connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in process_md() at demux.c:397)
  2038. Dec 7 19:09:15.754460: | *received 65 bytes from 192.168.50.2:500 on eth1 (port=500)
  2039. Dec 7 19:09:15.754463: | af 26 30 ff 4b 80 f5 5b 50 e3 a7 bd 0a d5 14 e9
  2040. Dec 7 19:09:15.754466: | 2e 20 25 00 00 00 00 00 00 00 00 41 2a 00 00 25
  2041. Dec 7 19:09:15.754468: | 95 00 95 be 62 3c de df 97 d4 98 ea 61 ab 67 c5
  2042. Dec 7 19:09:15.754470: | 54 49 4d 50 81 ef 99 26 dd ba 0c 3b 7a dd 55 ae
  2043. Dec 7 19:09:15.754472: | d5
  2044. Dec 7 19:09:15.754475: | processing: start from 192.168.50.2:500 (in process_md() at demux.c:392)
  2045. Dec 7 19:09:15.754478: | **parse ISAKMP Message:
  2046. Dec 7 19:09:15.754480: | initiator cookie:
  2047. Dec 7 19:09:15.754482: | af 26 30 ff 4b 80 f5 5b
  2048. Dec 7 19:09:15.754484: | responder cookie:
  2049. Dec 7 19:09:15.754487: | 50 e3 a7 bd 0a d5 14 e9
  2050. Dec 7 19:09:15.754489: | next payload type: ISAKMP_NEXT_v2SK (0x2e)
  2051. Dec 7 19:09:15.754492: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
  2052. Dec 7 19:09:15.754494: | exchange type: ISAKMP_v2_INFORMATIONAL (0x25)
  2053. Dec 7 19:09:15.754496: | flags: none (0x0)
  2054. Dec 7 19:09:15.754499: | message ID: 00 00 00 00
  2055. Dec 7 19:09:15.754501: | length: 65 (0x41)
  2056. Dec 7 19:09:15.754504: | processing version=2.0 packet with exchange type=ISAKMP_v2_INFORMATIONAL (37)
  2057. Dec 7 19:09:15.754506: | I am receiving an IKEv2 Request ISAKMP_v2_INFORMATIONAL
  2058. Dec 7 19:09:15.754509: | I am the IKE SA Original Initiator
  2059. Dec 7 19:09:15.754514: | cookies table: hash icookie af 26 30 ff 4b 80 f5 5b rcookie 50 e3 a7 bd 0a d5 14 e9 to 849541088340921400 slot 0x564decec4d60
  2060. Dec 7 19:09:15.754517: | parent v2 peer and cookies match on #1
  2061. Dec 7 19:09:15.754519: | v2 state object #1 found, in STATE_PARENT_I2
  2062. Dec 7 19:09:15.754522: | processing: start state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in processed_retransmit() at ikev2.c:1187)
  2063. Dec 7 19:09:15.754525: | found state #1
  2064. Dec 7 19:09:15.754528: | processing: [RE]START state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in ikev2_process_packet() at ikev2.c:1538)
  2065. Dec 7 19:09:15.754531: | processing: start connection "private#192.168.50.0/24"[1] ...192.168.50.2 (BACKGROUND) (in ikev2_process_packet() at ikev2.c:1543)
  2066. Dec 7 19:09:15.754541: | #1 is idle
  2067. Dec 7 19:09:15.754543: | #1 idle
  2068. Dec 7 19:09:15.754546: | #1 in state PARENT_I2: sent v2I2, expected v2R2
  2069. Dec 7 19:09:15.754548: | selected state microcode roof
  2070. Dec 7 19:09:15.754550: | no useful state microcode entry found
  2071. Dec 7 19:09:15.754554: "private#192.168.50.0/24"[1] ...192.168.50.2 #1: responding to INFORMATIONAL message (ID 0) from 192.168.50.2:500 with encrypted notification INVALID_IKE_SPI
  2072. Dec 7 19:09:15.754557: | Opening output PBS encrypted notification
  2073. Dec 7 19:09:15.754560: | **emit ISAKMP Message:
  2074. Dec 7 19:09:15.754562: | initiator cookie:
  2075. Dec 7 19:09:15.754564: | af 26 30 ff 4b 80 f5 5b
  2076. Dec 7 19:09:15.754567: | responder cookie:
  2077. Dec 7 19:09:15.754569: | 50 e3 a7 bd 0a d5 14 e9
  2078. Dec 7 19:09:15.754571: | next payload type: ISAKMP_NEXT_NONE (0x0)
  2079. Dec 7 19:09:15.754574: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20)
  2080. Dec 7 19:09:15.754576: | exchange type: ISAKMP_v2_INFORMATIONAL (0x25)
  2081. Dec 7 19:09:15.754579: | flags: ISAKMP_FLAG_v2_IKE_INIT+ISAKMP_FLAG_v2_MSG_RESPONSE (0x28)
  2082. Dec 7 19:09:15.754581: | message ID: 00 00 00 00
  2083. Dec 7 19:09:15.754584: | next payload type: saving message location 'ISAKMP Message' 'next payload type'
  2084. Dec 7 19:09:15.754587: | ***emit IKEv2 Encryption Payload:
  2085. Dec 7 19:09:15.754590: | next payload type: ISAKMP_NEXT_v2NONE (0x0)
  2086. Dec 7 19:09:15.754592: | flags: none (0x0)
  2087. Dec 7 19:09:15.754595: | next payload type: setting 'ISAKMP Message' 'next payload type' to IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK)
  2088. Dec 7 19:09:15.754598: | next payload type: saving payload location 'IKEv2 Encryption Payload' 'next payload type'
  2089. Dec 7 19:09:15.754608: | emitting 8 raw bytes of IV into IKEv2 Encryption Payload
  2090. Dec 7 19:09:15.754611: | IV dc 57 05 18 5e 95 7a 0e
  2091. Dec 7 19:09:15.754615: | Adding a v2N Payload
  2092. Dec 7 19:09:15.754618: | ****emit IKEv2 Notify Payload:
  2093. Dec 7 19:09:15.754621: | next payload type: ISAKMP_NEXT_v2NONE (0x0)
  2094. Dec 7 19:09:15.754624: | flags: none (0x0)
  2095. Dec 7 19:09:15.754627: | Protocol ID: PROTO_v2_RESERVED (0x0)
  2096. Dec 7 19:09:15.754630: | SPI size: 0 (0x0)
  2097. Dec 7 19:09:15.754634: | Notify Message Type: v2N_INVALID_IKE_SPI (0x4)
  2098. Dec 7 19:09:15.754638: | next payload type: setting 'IKEv2 Encryption Payload' 'next payload type' to IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N)
  2099. Dec 7 19:09:15.754641: | next payload type: saving payload location 'IKEv2 Notify Payload' 'next payload type'
  2100. Dec 7 19:09:15.754644: | emitting length of IKEv2 Notify Payload: 8
  2101. Dec 7 19:09:15.754648: | adding 1 bytes of padding (including 1 byte padding-length)
  2102. Dec 7 19:09:15.754651: | emitting 1 raw bytes of padding and length into IKEv2 Encryption Payload
  2103. Dec 7 19:09:15.754659: | padding and length 00
  2104. Dec 7 19:09:15.754662: | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload
  2105. Dec 7 19:09:15.754666: | emitting length of IKEv2 Encryption Payload: 37
  2106. Dec 7 19:09:15.754669: | emitting length of ISAKMP Message: 65
  2107. Dec 7 19:09:15.754682: | sending 65 bytes for v2 notify through eth1:500 to 192.168.50.2:500 (using #1)
  2108. Dec 7 19:09:15.754686: | af 26 30 ff 4b 80 f5 5b 50 e3 a7 bd 0a d5 14 e9
  2109. Dec 7 19:09:15.754690: | 2e 20 25 28 00 00 00 00 00 00 00 41 29 00 00 25
  2110. Dec 7 19:09:15.754693: | dc 57 05 18 5e 95 7a 0e 92 45 9d c4 13 04 2e 5c
  2111. Dec 7 19:09:15.754695: | 9e ff bd e3 b0 41 ae cb 69 23 a9 b6 76 85 4d ec
  2112. Dec 7 19:09:15.754698: | d9
  2113. Dec 7 19:09:15.754772: | processing: stop from 192.168.50.2:500 (BACKGROUND) (in process_md() at demux.c:394)
  2114. Dec 7 19:09:15.754784: | processing: stop state #1 connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in process_md() at demux.c:396)
  2115. Dec 7 19:09:15.754792: | serialno table: hash serialno #0 to head 0x564dececafe0
  2116. Dec 7 19:09:15.754797: | serialno table: hash serialno #0 to head 0x564dececafe0
  2117. Dec 7 19:09:15.754803: | processing: resume connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in process_md() at demux.c:396)
  2118. Dec 7 19:09:15.754809: | processing: stop connection "private#192.168.50.0/24"[1] ...192.168.50.2 (in process_md() at demux.c:397)
  2119. ------
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!