API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 14th, 2016
194
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 48.73 KB | None | 0 0
raw download clone embed print report
  1. 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R NOTICE IKE Exchange started (IKE SA Auth, Responder): \
  2. Goal: Create new IKE SA \
  3. Local Address: 85.233.76.57:500 \
  4. Peer Address: 217.118.93.131:9853 \
  5. IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
  6. Message-ID: 00000001
  7. 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
  8. ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  9. 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO CM Received certificate [X509]: \
  10. Subject: C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  11. Issuer: CN=RMIS \
  12. KeyAlg: GOST R 34.10-2001 \
  13. Sn: 2F643E29000000002CF9
  14. 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO CM Peer certificate is selected: \
  15. [income] C=RU,O=Med,CN=usr19500,E=linux@cg.ru / 2F643E29000000002CF9 / GOST R 34.10-2001 \
  16. [Root CA, trusted] CN=RMIS \
  17. Search params: \
  18. id_remote: (DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  19. LSP rule: 'usr19500_auth_ike_sign_gost2001' - 'cert_remote' is empty, CRL processing: disabled
  20. 2016.10.14 15:52:49 8C5852060596DB22 NOTICE IKE IKEv2 SA deleted: \
  21. Reason: INITIAL-CONTACT Notification from peer \
  22. Peer Address: 217.198.1.70:4500 \
  23. IKE SPIs: FA42EEC2607DC7A4:8C5852060596DB22 \
  24. Succesor: None \
  25. Statistics: \
  26. Total bytes sent/received: 11143/26636 \
  27. Encrypted bytes sent/received: 3016/18472 \
  28. Total messages sent/received: 140/143 \
  29. Messages retransmitted/Old messages received: 0/3 \
  30. Invalid messages received: 0 \
  31. Number of times peer address updated: 1 \
  32. Total exchanges initiated/responded to: 0/140 \
  33. Unsuccessful exchanges initiated/responded to: 0/0 \
  34. IPsec exchanges initiated/responded to: 0/0
  35. 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
  36. ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  37. 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO CM Local certificate is selected: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
  38. LSP rule: 'usr19500_auth_ike_sign_gost2001', id_local: DN from certificate
  39. 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_gost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  40. 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO CM Certificate will be sent [X509]: \
  41. Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
  42. Issuer: CN=RMIS \
  43. KeyAlg: GOST R 34.10-2001 \
  44. Sn: 40C55F85000000002911
  45. 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000001 IKEv2 I<=R(IKE SA Auth)[860] \
  46. E[832](IV[8]=FFA36C...F035B7, ICV[12]=3B72EC...0562C5){\
  47. IDr[83](DN){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
  48. CERT[595](X.509 Cert){308202...039C0D}, \
  49. AUTH[72](GOST3410.2001-Sig){2E910B...740F36}, \
  50. N[8](INITIAL_CONTACT), \
  51. N[8](IKEV2_MESSAGE_ID_SYNC_SUPPORTED), \
  52. N[12](SET_WINDOW_SIZE){64}, \
  53. N[28](QCD_TOKEN){850CDC...0B8E05}}
  54. 2016.10.14 15:52:49 56A7D4474AAD413B NOTICE IKE IKEv2 SA created: \
  55. Reason: Request from peer \
  56. Origin: New SA \
  57. Role: Responder \
  58. Local Address: 85.233.76.57:4500 \
  59. Peer Address: 217.118.93.131:9853 (originally 217.118.93.131:22709) \
  60. IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
  61. Goal: PMPv2 (Initial contact) \
  62. Peer Type: Zastava \
  63. Peer Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  64. My Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
  65. Crypto params: Group=GOST3410.2001VKO, Encryption=GOST28147.89-CBC, Integrity=GOST3411.94-HMAC96, PRF=GOST3411.94-HMAC \
  66. NAT Traversal: Supported, NAT detected \
  67. Lifetime: 28800 sec., 4096 Kb. \
  68. Features: MID Sync \
  69. Rule: rule_isakmp3_auth_ike_sign_gost2001_SMC
  70. 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R NOTICE IKE Exchange completed (IKE SA Auth, Responder): \
  71. Goal: Create new IKE SA \
  72. Local Address: 85.233.76.57:4500 \
  73. Peer Address: 217.118.93.131:9853 \
  74. IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
  75. Message-ID: 00000001
  76. 2016.10.14 15:52:49 56A7D4474AAD413B.00000002,R INFO IKE Rcvd message: 217.118.93.131:9853->85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000002 IKEv2 I->R(Informational)[284] \
  77. E[256](IV[8]=38A6FB...4A4EED, ICV[12]=4E3AE1...A94291){\
  78. CP[226](REQUEST){PMP.Version=3, PMP.Version=4, PMP.Agent[28]="CLIENT 6.1.16519 WINXX/amd64", LSP.Hash[32]="802946639BB6151F4B3A4889720AD249", Update[14]="pmp_timeout=10", Update[21]="update_state=uptodate", Update[95]="update_msg=[uptodate] File not present: C:\Windows\TEMP\ELVIS+\ZASTAVA Client\vpndmn_update.ini"}}
  79. 2016.10.14 15:52:49 56A7D4474AAD413B.00000002,R NOTICE IKE Exchange started (Informational, Responder): \
  80. Goal: Check/Update LSP \
  81. Local Address: 85.233.76.57:4500 \
  82. Peer Address: 217.118.93.131:9853 \
  83. IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
  84. Message-ID: 00000002
  85. 2016.10.14 15:52:49 56A7D4474AAD413B.00000002,R ERROR JK [21675:b44ffb70] [error] ajp_get_reply::jk_ajp_common.c (2123): (policy_worker) Tomcat is down or refused connection. No response has been sent to the client (yet)
  86. 2016.10.14 15:52:49 ERROR DRV bond0.2104:DROP ICMP 96 <0:22572> 10.196.1.137 <= 10.196.1.226. Filter not found.
  87. 2016.10.14 15:52:49 56A7D4474AAD413B.00000002,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000002 IKEv2 I<=R(Informational)[108] \
  88. E[80](IV[8]=BFD861...87D0DE, ICV[12]=E26E8A...98788D){\
  89. CP[48](REPLY){PMP.Version=3, JK.Cookie[32]="95D14A34771B429DC5879B9DA7913668"}}
  90. 2016.10.14 15:52:49 56A7D4474AAD413B.00000002,R NOTICE IKE Exchange completed (Informational, Responder): \
  91. Goal: Check/Update LSP \
  92. Local Address: 85.233.76.57:4500 \
  93. Peer Address: 217.118.93.131:9853 \
  94. IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
  95. Message-ID: 00000002
  96. 2016.10.14 15:52:50 B88937C3BF347F67.00000000 INFO IKE Re-sent message: 10.108.43.172:500<-85.233.76.57:500 B88937C3BF347F67.0000000000000000.00000000 IKEv1 (Main Mode)[262]
  97. 2016.10.14 15:52:50 6ED4304F0372728D.00000000 ERROR IKE Exchange failed (Main Mode, Initiator): \
  98. Reason: Exchange timeout \
  99. Goal: Create new IKE SA \
  100. Local Address: 85.233.76.57:500 \
  101. Peer Address: 11.11.5.197:500 \
  102. IKE SPIs: 6ED4304F0372728D:0000000000000000 \
  103. Message-ID: 00000000
  104. 2016.10.14 15:52:50 C0D2C39F0D035FFE NOTICE IKE Start creating new IKEv1 SA: \
  105. Reason: Request from system \
  106. Origin: New SA \
  107. Role: Initiator \
  108. Local Address: 85.233.76.57:4500 \
  109. Peer Address: 11.11.5.197:4500 (originally 11.11.5.197:500) \
  110. IKE SPIs: C0D2C39F0D035FFE:0000000000000000 \
  111. Goal: IPsec
  112. 2016.10.14 15:52:50 C0D2C39F0D035FFE.00000000 NOTICE IKE Exchange started (Main Mode, Initiator): \
  113. Goal: Create new IKE SA \
  114. Local Address: 85.233.76.57:4500 \
  115. Peer Address: 11.11.5.197:4500 \
  116. IKE SPIs: C0D2C39F0D035FFE:0000000000000000 \
  117. Message-ID: 00000000
  118. 2016.10.14 15:52:50 C0D2C39F0D035FFE.00000000 INFO IKE Sent message: 11.11.5.197:4500<-85.233.76.57:4500 #C0D2C39F0D035FFE.0000000000000000.00000000 IKEv1 (Main Mode)[262] \
  119. SA[56]{\
  120. P[44](#1:ISAKMP::1){\
  121. T[36](#1:IKE){Auth=GOST3410.2001-Sig, Encryption=GOST28147.89-CBC, Hash=GOST3411.94, Group=GOST3410.2001VKO, Life.Type=Sec, Life.Duration=28800}}}, \
  122. V[26]{Zastava 6.0}, \
  123. V[20]{TWS}, \
  124. V[20]{NAT-T RFC3947}, \
  125. V[20]{NAT-T draft-nat-t-ike-03}, \
  126. V[20]{NAT-T draft-nat-t-ike-02n}, \
  127. V[20]{NAT-T draft-nat-t-ike-02}, \
  128. V[12]{XAUTH}, \
  129. V[20]{IKE Fragmentation}, \
  130. V[20]{DPD}
  131. 2016.10.14 15:52:50 6ED4304F0372728D WARN IKE Failed to create IKEv1 SA: \
  132. Reason: Exchange timeout \
  133. Peer Address: 11.11.5.197:500 \
  134. IKE SPIs: 6ED4304F0372728D:0000000000000000 \
  135. Attempts in progress: 1
  136. 2016.10.14 15:52:50 56A7D4474AAD413B.00000003,R INFO IKE Rcvd message: 217.118.93.131:9853->85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000003 IKEv2 I->R(Informational)[68] \
  137. E[40](IV[8]=964EA3...E97CD7, ICV[12]=C15ACA...C98660){\
  138. D[8](IKE)}
  139. 2016.10.14 15:52:50 56A7D4474AAD413B.00000003,R NOTICE IKE Exchange started (Informational, Responder): \
  140. Goal: Delete IKE SA \
  141. Local Address: 85.233.76.57:4500 \
  142. Peer Address: 217.118.93.131:9853 \
  143. IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
  144. Message-ID: 00000003
  145. 2016.10.14 15:52:50 56A7D4474AAD413B.00000003,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000003 IKEv2 I<=R(Informational)[60] \
  146. E[32](IV[8]=8FD7A0...A822A8, ICV[12]=58206F...3093A0){}
  147. 2016.10.14 15:52:50 56A7D4474AAD413B.00000003,R NOTICE IKE Exchange completed (Informational, Responder): \
  148. Goal: Delete IKE SA \
  149. Local Address: 85.233.76.57:4500 \
  150. Peer Address: 217.118.93.131:9853 \
  151. IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
  152. Message-ID: 00000003 \
  153. Result: IKE SA deleted (request from peer)
  154. 2016.10.14 15:52:50 56A7D4474AAD413B NOTICE IKE IKEv2 SA deleted: \
  155. Reason: DELETE Payload from peer \
  156. Peer Address: 217.118.93.131:9853 \
  157. IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
  158. Succesor: None \
  159. Statistics: \
  160. Total bytes sent/received: 1383/1608 \
  161. Encrypted bytes sent/received: 872/1056 \
  162. Total messages sent/received: 4/4 \
  163. Messages retransmitted/Old messages received: 0/0 \
  164. Invalid messages received: 0 \
  165. Number of times peer address updated: 1 \
  166. Total exchanges initiated/responded to: 0/4 \
  167. Unsuccessful exchanges initiated/responded to: 0/0 \
  168. IPsec exchanges initiated/responded to: 0/0
  169. 2016.10.14 15:52:50 WARN IKE Rcvd message outside any existing IKE SA: 217.118.93.131:9853->85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000004 IKEv2 I->R(Informational)[68]
  170. 2016.10.14 15:52:50 WARN IKE Rcvd message outside any existing IKE SA: 217.118.93.131:9853->85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000005 IKEv2 I->R(Informational)[68]
  171. 2016.10.14 15:52:50 ERROR DRV bond0.2104:DROP ICMP 96 <0:22568> 10.196.1.137 <= 10.196.1.227. Filter not found.
  172. 2016.10.14 15:52:50 26FFF86AD6D2D846 NOTICE IKE Start creating new IKEv2 SA: \
  173. Reason: Request from peer \
  174. Origin: New SA \
  175. Role: Responder \
  176. Local Address: 85.233.76.57:500 \
  177. Peer Address: 217.118.93.131:22709 \
  178. IKE SPIs: F61F556BBD68E265:26FFF86AD6D2D846 \
  179. Goal: PMPv2
  180. 2016.10.14 15:52:50 ERROR DRV bond0.2104:DROP ICMP 96 <0:22565> 10.196.1.137 <= 10.196.1.227. Filter not found.
  181. 2016.10.14 15:52:50 C4A5E8BDFD25BD5E NOTICE IKE Start creating new IKEv1 SA: \
  182. Reason: Request from peer \
  183. Origin: New SA \
  184. Role: Responder \
  185. Local Address: 85.233.76.57:500 \
  186. Peer Address: 10.36.36.22:500 \
  187. IKE SPIs: 3811B177F30A9BCE:C4A5E8BDFD25BD5E \
  188. Goal: Generic
  189. 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R NOTICE IKE Exchange started (IKE SA Auth, Responder): \
  190. Goal: Create new IKE SA \
  191. Local Address: 85.233.76.57:500 \
  192. Peer Address: 217.118.93.131:9853 \
  193. IKE SPIs: F61F556BBD68E265:26FFF86AD6D2D846 \
  194. Message-ID: 00000001
  195. 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_gost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  196. 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO CM Received certificate [X509]: \
  197. Subject: C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  198. Issuer: CN=RMIS \
  199. KeyAlg: GOST R 34.10-2001 \
  200. Sn: 2F643E29000000002CF9
  201. 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO CM Peer certificate is selected: \
  202. [income] C=RU,O=Med,CN=usr19500,E=linux@cg.ru / 2F643E29000000002CF9 / GOST R 34.10-2001 \
  203. [Root CA, trusted] CN=RMIS \
  204. Search params: \
  205. id_remote: (DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  206. LSP rule: 'usr19500_auth_ike_sign_gost2001' - 'cert_remote' is empty, CRL processing: disabled
  207. 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_gost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  208. 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO CM Local certificate is selected: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
  209. LSP rule: 'usr19500_auth_ike_sign_gost2001', id_local: DN from certificate
  210. 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_gost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  211. 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO CM Certificate will be sent [X509]: \
  212. Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
  213. Issuer: CN=RMIS \
  214. KeyAlg: GOST R 34.10-2001 \
  215. Sn: 40C55F85000000002911
  216. 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #F61F556BBD68E265.26FFF86AD6D2D846.00000001 IKEv2 I<=R(IKE SA Auth)[860] \
  217. E[832](IV[8]=395215...32F876, ICV[12]=D5BF56...6433A7){\
  218. IDr[83](DN){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
  219. CERT[595](X.509 Cert){308202...039C0D}, \
  220. AUTH[72](GOST3410.2001-Sig){D50154...685084}, \
  221. N[8](INITIAL_CONTACT), \
  222. N[8](IKEV2_MESSAGE_ID_SYNC_SUPPORTED), \
  223. N[12](SET_WINDOW_SIZE){64}, \
  224. N[28](QCD_TOKEN){26E35E...AE9850}}
  225. 2016.10.14 15:52:50 26FFF86AD6D2D846 NOTICE IKE IKEv2 SA created: \
  226. Reason: Request from peer \
  227. Origin: New SA \
  228. Role: Responder \
  229. Local Address: 85.233.76.57:4500 \
  230. Peer Address: 217.118.93.131:9853 (originally 217.118.93.131:22709) \
  231. IKE SPIs: F61F556BBD68E265:26FFF86AD6D2D846 \
  232. Goal: PMPv2 (Initial contact) \
  233. Peer Type: Zastava \
  234. Peer Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  235. My Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
  236. Crypto params: Group=GOST3410.2001VKO, Encryption=GOST28147.89-CBC, Integrity=GOST3411.94-HMAC96, PRF=GOST3411.94-HMAC \
  237. NAT Traversal: Supported, NAT detected \
  238. Lifetime: 28800 sec., 4096 Kb. \
  239. Features: MID Sync \
  240. Rule: rule_isakmp3_auth_ike_sign_gost2001_SMC
  241. 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R NOTICE IKE Exchange completed (IKE SA Auth, Responder): \
  242. Goal: Create new IKE SA \
  243. Local Address: 85.233.76.57:4500 \
  244. Peer Address: 217.118.93.131:9853 \
  245. IKE SPIs: F61F556BBD68E265:26FFF86AD6D2D846 \
  246. Message-ID: 00000001
  247. 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO LP Auth rule found: rule_isakmp841->user9061_auth_ike_sign_gost2001(ok)
  248. 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO CM Received certificate [X509]: \
  249. Subject: C=RU,ST=Татарстан,O=Медицина,CN=user9061,E=linux@cg.ru \
  250. Issuer: CN=RMIS \
  251. KeyAlg: GOST R 34.10-2001 \
  252. Sn: 3CA578680000000002BE
  253. 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO CM Peer certificate is selected: \
  254. [income] C=RU,ST=Татарстан,O=Медицина,CN=user9061,E=linux@cg.ru / 3CA578680000000002BE / GOST R 34.10-2001 \
  255. [Root CA, trusted] CN=RMIS \
  256. Search params: \
  257. id_remote: (DN) C=RU,ST=Татарстан,O=Медицина,CN=user9061,E=linux@cg.ru \
  258. LSP rule: 'user9061_auth_ike_sign_gost2001', CRL processing: disabled
  259. 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO LP Auth rule found: rule_isakmp841->user9061_auth_ike_sign_gost2001(ok)
  260. 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO CM Local certificate is selected: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
  261. LSP rule: 'user9061_auth_ike_sign_gost2001', id_local: DN from certificate
  262. 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO LP Auth rule found: rule_isakmp841->user9061_auth_ike_sign_gost2001(ok)
  263. 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO CM Certificate will be sent [X509]: \
  264. Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
  265. Issuer: CN=RMIS \
  266. KeyAlg: GOST R 34.10-2001 \
  267. Sn: 40C55F85000000002911
  268. 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO IKE Sent message: 10.36.36.22:500<-85.233.76.57:500 3811B177F30A9BCE.C4A5E8BDFD25BD5E.00000000 IKEv1* (Main Mode)[836] \
  269. ID[83](DN::){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
  270. CERT[595](X.509 Cert){308202...039C0D}, \
  271. SIGN[68]{75EB6D...89859D}, \
  272. N[56](ISAKMP:3811B177F30A9BCE.C4A5E8BDFD25BD5E:RESPONDER-LIFETIME){10=1, Life.Type=Sec, Life.Duration=28800, Life.Type=Kb, Life.Duration=4096}
  273. 2016.10.14 15:52:50 C4A5E8BDFD25BD5E NOTICE IKE IKEv1 SA created: \
  274. Reason: Request from peer \
  275. Origin: New SA \
  276. ..............
  277.  
  278. 2016.10.14 15:53:55 220B0DAC396EF75E NOTICE IKE Start creating new IKEv2 SA: \
  279. Reason: Request from peer \
  280. Origin: New SA \
  281. Role: Responder \
  282. Local Address: 85.233.76.57:500 \
  283. Peer Address: 217.118.93.131:22709 \
  284. IKE SPIs: E4E3CCC9C921DF10:220B0DAC396EF75E \
  285. Goal: Generic
  286. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R NOTICE IKE Exchange started (IKE SA Auth, Responder): \
  287. Goal: Create new IKE SA \
  288. Local Address: 85.233.76.57:500 \
  289. Peer Address: 217.118.93.131:9853 \
  290. IKE SPIs: E4E3CCC9C921DF10:220B0DAC396EF75E \
  291. Message-ID: 00000001
  292. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
  293. ost2001_SMC->usr19500_auth_ike_sign_gost2001(!goal), rule_isakmp841->usr19500_auth_ike_sign_gost2001(ok)
  294. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO CM Received certificate [X509]: \
  295. Subject: C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  296. Issuer: CN=RMIS \
  297. KeyAlg: GOST R 34.10-2001 \
  298. Sn: 2F643E29000000002CF9
  299. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO CM Peer certificate is selected: \
  300. [income] C=RU,O=Med,CN=usr19500,E=linux@cg.ru / 2F643E29000000002CF9 / GOST R 34.10-2001 \
  301. [Root CA, trusted] CN=RMIS \
  302. Search params: \
  303. id_remote: (DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  304. LSP rule: 'usr19500_auth_ike_sign_gost2001' - 'cert_remote' is empty, CRL processing: disabled
  305. 2016.10.14 15:53:55 26FFF86AD6D2D846 NOTICE IKE IKEv2 SA deleted: \
  306. Reason: INITIAL-CONTACT Notification from peer \
  307. Peer Address: 217.118.93.131:9853 \
  308. IKE SPIs: F61F556BBD68E265:26FFF86AD6D2D846 \
  309. Succesor: None \
  310. Statistics: \
  311. Total bytes sent/received: 1783/2892 \
  312. Encrypted bytes sent/received: 936/1848 \
  313. Total messages sent/received: 10/11 \
  314. Messages retransmitted/Old messages received: 0/1 \
  315. Invalid messages received: 0 \
  316. Number of times peer address updated: 1 \
  317. Total exchanges initiated/responded to: 0/10 \
  318. Unsuccessful exchanges initiated/responded to: 0/0 \
  319. IPsec exchanges initiated/responded to: 0/0
  320. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO LPCFG LOG_MSG_LP_CFG_INFO: Searching filter for sel
  321. ector(1): 11.11.0.24:tcp:49180, 11.11.0.24 -> 10.196.1.194:tcp:80, 10.196.1.192-10.196.1.223 ifid: bond0.2340(1) 85.233
  322. .76.57 \
  323. result: ok, rule: filt826(ikecfg_serv)->rule_ipsec827 filter found: filt826(ikecfg_serv)->rule_ipsec827
  324. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO LPCFG LOG_MSG_LP_CFG_INFO: lpRateIPsecSaTransform: 02000000:ESP, cipher=GOST28147.89DIVER-CBC(20410002), integrity=GOST3411.94-HMAC96(00320046), compression=null, DH group=null - MAX_RATING: rule: rule_ipsec827->proto_esp830
  325. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_gost2001_SMC->usr19500_auth_ike_sign_gost2001(!goal), rule_isakmp841->usr19500_auth_ike_sign_gost2001(ok)
  326. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO CM Local certificate is selected: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
  327. LSP rule: 'usr19500_auth_ike_sign_gost2001', id_local: DN from certificate
  328. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_gost2001_SMC->usr19500_auth_ike_sign_gost2001(!goal), rule_isakmp841->usr19500_auth_ike_sign_gost2001(ok)
  329. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO CM Certificate will be sent [X509]: \
  330. Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
  331. Issuer: CN=RMIS \
  332. KeyAlg: GOST R 34.10-2001 \
  333. Sn: 40C55F85000000002911
  334. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO LPSADB PUSH_BUNDLE_OK filt826(ikecfg_serv) \
  335. Local selector: 10.196.1.192..10.196.1.223|0..255 \
  336. Peer selector: 11.11.0.24|0..255 \
  337. IPsec contexts: [1220812/1220813]
  338. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R NOTICE LPSADB IPsec SAs bundle created (#152601): \
  339. Selector: 11.11.0.24 -> 10.196.1.192-10.196.1.223 \
  340. Mode: Tunnel with UDP-encapsulation (217.118.93.131:9853) Responder, IKE-CFG server: 11.11.0.24 \
  341. Rule: filt826(ikecfg_serv)->rule_ipsec827 \
  342. PFS: from IKE SA \
  343. ESP params (#610406): \
  344. SPI(in/out): 4E02B2F4/B12837D3 \
  345. Encryption: GOST28147.89DIVER-CBC \
  346. Authentication: GOST3411.94-HMAC96 \
  347. Expire traffic: 0(0) kB \
  348. Life time: 28800(28686) sec \
  349. Rule: proto_esp830
  350. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #E4E3CCC9C921DF10.220B0DAC396EF75E.00000001 IKEv2 I<=R(IKE SA Auth)[988] \
  351. E[960](IV[8]=246E0C...D050F8, ICV[12]=34B883...605695){\
  352. IDr[83](DN){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
  353. CERT[595](X.509 Cert){308202...039C0D}, \
  354. AUTH[72](GOST3410.2001-Sig){8F2EB8...9F511B}, \
  355. N[8](INITIAL_CONTACT), \
  356. N[8](IKEV2_MESSAGE_ID_SYNC_SUPPORTED), \
  357. N[12](SET_WINDOW_SIZE){64}, \
  358. CP[16](REPLY){IP4.Address[4]=11.11.0.24}, \
  359. SA[40]{\
  360. P[36](#1:ESP:4E02B2F4:3){\
  361. Encryption=GOST28147.89DIVER-CBC, \
  362. Integrity=GOST3411.94-HMAC96, \
  363. ESN=Off}}, \
  364. TSi[24](:1){11.11.0.24}, \
  365. TSr[24](:1){10.196.1.192-10.196.1.223}, \
  366. N[8](ADDITIONAL_TS_POSSIBLE), \
  367. N[8](ESP_TFC_PADDING_NOT_SUPPORTED), \
  368. N[8](NON_FIRST_FRAGMENTS_ALSO), \
  369. N[28](QCD_TOKEN){98914E...C6B6C4}}
  370. 2016.10.14 15:53:55 220B0DAC396EF75E NOTICE IKE IKEv2 SA created: \
  371. Reason: Request from peer \
  372. Origin: New SA \
  373. Role: Responder \
  374. Local Address: 85.233.76.57:4500 \
  375. Peer Address: 217.118.93.131:9853 (originally 217.118.93.131:22709) \
  376. IKE SPIs: E4E3CCC9C921DF10:220B0DAC396EF75E \
  377. Goal: IPsec (Initial contact) \
  378. Peer Type: Zastava \
  379. Peer Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  380. My Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
  381. Crypto params: Group=GOST3410.2001VKO, Encryption=GOST28147.89-CBC, Integrity=GOST3411.94-HMAC96, PRF=GOST3411.94-HMAC \
  382. NAT Traversal: Supported, NAT detected \
  383. Lifetime: 28800 sec., 4096 Kb. \
  384. Features: MID Sync \
  385. Rule: rule_isakmp841
  386. 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R NOTICE IKE Exchange completed (IKE SA Auth, Responder): \
  387. Goal: Create new IKE SA \
  388. Local Address: 85.233.76.57:4500 \
  389. Peer Address: 217.118.93.131:9853 \
  390. IKE SPIs: E4E3CCC9C921DF10:220B0DAC396EF75E \
  391. Message-ID: 00000001 \
  392. Result: Network parameters: \
  393. Requested by client: IP4.Address, IP4.DNS \
  394. Assigned to client: IP4.Address=11.11.0.24
  395. 2016.10.14 15:53:56 306A7AE6A4E11D87 NOTICE IKE IKEv1 SA deleted: \
  396. Reason: Lifetime expired \
  397. Peer Address: 10.169.94.249:1348 \
  398. IKE SPIs: 75A0159D9AB1BAD4:306A7AE6A4E11D87 \
  399. Succesor: None \
  400. Statistics: \
  401. Total bytes sent/received: 1638/1914 \
  402. Encrypted bytes sent/received: 1104/1256 \
  403. Total messages sent/received: 6/7 \
  404. Messages retransmitted/Old messages received: 0/0 \
  405. Invalid messages received: 0 \
  406. Number of times peer address updated: 0 \
  407. Total exchanges initiated/responded to: 1/3 \
  408. Unsuccessful exchanges initiated/responded to: 0/1 \
  409. IPsec exchanges initiated/responded to: 0/2
  410. 2016.10.14 15:53:56 E613ED5546E64089.00000000 INFO IKE Re-sent message: 11.11.5.61:500<-85.233.76.57:500 E613ED5546E64089.0000000000000000.00000000 IKEv1 (Main Mode)[262] 2016.10.14 15:53:56 8CF2F79ABB35DAFE.AB341474 NOTICE IKE Exchange started (Informational, Initiator): \ Goal: Check liveness \ Local Address: 85.233.76.57:500 \ Peer Address: 10.6.24.9:500 \ IKE SPIs: 6B9659BA1CEA8598:8CF2F79ABB35DAFE \ Message-ID: AB341474 2016.10.14 15:53:56 8CF2F79ABB35DAFE.AB341474 INFO IKE Sent message: 10.6.24.9:500<-85.233.76.57:500 6B9659BA1CEA8598.8CF2F79ABB35DAFE.AB341474 IKEv1* (Informational)[100] \ HASH[36]{D0EF57...666DB3}, \ N[32](ISAKMP:6B9659BA1CEA8598.8CF2F79ABB35DAFE:R-U-THERE){2098050348} 2016.10.14 15:53:56 8CF2F79ABB35DAFE.AB341474 NOTICE IKE Exchange completed (Informational, Initiator): \ Goal: Check liveness \ Local Address: 85.233.76.57:500 \ Peer Address: 10.6.24.9:500 \ IKE SPIs: 6B9659BA1CEA8598:8CF2F79ABB35DAFE \ Message-ID: AB341474 2016.10.14 15:53:56 8CF2F79ABB35DAFE.01E9E101 INFO IKE Rcvd message: 10.6.24.9:500->85.233.76.57:500 6B9659BA1CEA8598.8CF2F79ABB35DAFE.01E9E101 IKEv1* (Informational)[100] \ HASH[36]{D2D79E...42BB88}, \ N[32](ISAKMP:6B9659BA1CEA8598.8CF2F79ABB35DAFE:R-U-THERE-ACK){2098050348} 2016.10.14 15:53:56 8CF2F79ABB35DAFE.01E9E101 NOTICE IKE Exchange started (Informational, Responder): \ Goal: Check liveness \ Local Address: 85.233.76.57:500 \ Peer Address: 10.6.24.9:500 \ IKE SPIs: 6B9659BA1CEA8598:8CF2F79ABB35DAFE \ Message-ID: 01E9E101 2016.10.14 15:53:56 8CF2F79ABB35DAFE.01E9E101 NOTICE IKE Exchange completed (Informational, Responder): \ Goal: Check liveness \ Local Address: 85.233.76.57:500 \ Peer Address: 10.6.24.9:500 \ IKE SPIs: 6B9659BA1CEA8598:8CF2F79ABB35DAFE \ Message-ID: 01E9E101 \ Result: Peer alive 2016
  411.  
  412.  
  413. ...............
  414.  
  415. 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R NOTICE IKE Exchange started (IKE SA Auth, Responder): \
  416. Goal: Create new IKE SA \
  417. Local Address: 85.233.76.57:500 \
  418. Peer Address: 217.118.93.131:9853 \
  419. IKE SPIs: 8A25E924BF559861:CA5D85B39708E612 \
  420. Message-ID: 00000001
  421. 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
  422. ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  423. 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO CM Received certificate [X509]: \
  424. Subject: C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  425. Issuer: CN=RMIS \
  426. KeyAlg: GOST R 34.10-2001 \
  427. Sn: 2F643E29000000002CF9
  428. 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO CM Peer certificate is selected: \
  429. [income] C=RU,O=Med,CN=usr19500,E=linux@cg.ru / 2F643E29000000002CF9 / GOST R 34.10-2001 \
  430. [Root CA, trusted] CN=RMIS \
  431. Search params: \
  432. id_remote: (DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  433. LSP rule: 'usr19500_auth_ike_sign_gost2001' - 'cert_remote' is empty, CRL processing: disabled
  434. 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
  435. ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  436. 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO CM Local certificate is selected: C=RU,O=Med,CN=
  437. gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
  438. LSP rule: 'usr19500_auth_ike_sign_gost2001', id_local: DN from certificate
  439. 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
  440. ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  441. 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO CM Certificate will be sent [X509]: \
  442. Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
  443. Issuer: CN=RMIS \
  444. KeyAlg: GOST R 34.10-2001 \
  445. Sn: 40C55F85000000002911
  446. 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.
  447. 57:4500 #8A25E924BF559861.CA5D85B39708E612.00000001 IKEv2 I<=R(IKE SA Auth)[852] \
  448. E[824](IV[8]=FDBF3C...E510B1, ICV[12]=7A315E...768C82){\
  449. IDr[83](DN){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
  450. CERT[595](X.509 Cert){308202...039C0D}, \
  451. AUTH[72](GOST3410.2001-Sig){15884E...9ED28B}, \
  452. N[8](IKEV2_MESSAGE_ID_SYNC_SUPPORTED), \
  453. N[12](SET_WINDOW_SIZE){64}, \
  454. N[28](QCD_TOKEN){28063D...104107}}
  455. 2016.10.14 15:54:04 CA5D85B39708E612 NOTICE IKE IKEv2 SA created: \
  456. Reason: Request from peer \
  457. Origin: New SA \
  458. Role: Responder \
  459. Local Address: 85.233.76.57:4500 \
  460. Peer Address: 217.118.93.131:9853 (originally 217.118.93.131:22709) \
  461. IKE SPIs: 8A25E924BF559861:CA5D85B39708E612 \
  462. Goal: PMPv2 \
  463. Peer Type: Zastava \
  464. Peer Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  465. My Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
  466. Crypto params: Group=GOST3410.2001VKO, Encryption=GOST28147.89-CBC, Integrity=GOST3411.94-HMAC96, PRF=GOST3411.94-HMAC \
  467. NAT Traversal: Supported, NAT detected \
  468. Lifetime: 28800 sec., 4096 Kb. \
  469. Features: MID Sync \
  470. Rule: rule_isakmp3_auth_ike_sign_gost2001_SMC
  471. 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R NOTICE IKE Exchange completed (IKE SA Auth, Responder): \
  472. Goal: Create new IKE SA \
  473. Local Address: 85.233.76.57:4500 \
  474. Peer Address: 217.118.93.131:9853 \
  475. IKE SPIs: 8A25E924BF559861:CA5D85B39708E612 \
  476. Message-ID: 00000001
  477. 2016.10.14 15:54:04 CA5D85B39708E612.00000002,R INFO IKE Rcvd message: 217.118.93.131:9853->85.233.76.57:4500 #8A25E924BF559861.CA5D85B39708E612.00000002 IKEv2 I->R(Informational)[180] \
  478. E[152](IV[8]=940D03...C60E2E, ICV[12]=802050...FBAB16){\
  479. CP[120](REQUEST){PMP.Version=3, PMP.Version=4, PMP.Agent[28]="CLIENT 6.1.16519 WINXX/amd64", JK.Cookie[32]="95D14A34771B429DC5879B9DA7913668", LSP.Hash[32]="802946639BB6151F4B3A4889720AD249"}}
  480. 2016.10.14 15:54:04 CA5D85B39708E612.00000002,R NOTICE IKE Exchange started (Informational, Responder): \
  481. Goal: Check/Update LSP \
  482. Local Address: 85.233.76.57:4500 \
  483. Peer Address: 217.118.93.131:9853 \
  484. IKE SPIs: 8A25E924BF559861:CA5D85B39708E612 \
  485. Message-ID: 00000002
  486. 2016.10.14 15:54:04 CA5D85B39708E612.00000002,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #8A25E924BF559861.CA5D85B39708E612.00000002 IKEv2 I<=R(Informational)[68] \
  487. E[40](IV[8]=104BAD...B10E13, ICV[12]=D70268...2BBC58){\
  488. CP[12](REPLY){PMP.Version=3}}
  489. 2016.10.14 15:54:04 CA5D85B39708E612.00000002,R NOTICE IKE Exchange completed (Informational, Responder): \
  490. Goal: Check/Update LSP \
  491. Local Address: 85.233.76.57:4500 \
  492. Peer Address: 217.118.93.131:9853 \
  493. IKE SPIs: 8A25E924BF559861:CA5D85B39708E612 \
  494. Message-ID: 00000002
  495.  
  496. ...........
  497.  
  498. 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R NOTICE IKE Exchange started (IKE SA Auth, Responder): \
  499. Goal: Create new IKE SA \
  500. Local Address: 85.233.76.57:500 \
  501. Peer Address: 217.118.93.131:9853 \
  502. IKE SPIs: EC63F73AAA294C2D:58F4C055F71716E6 \
  503. Message-ID: 00000001
  504. 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
  505. ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  506. 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO CM Received certificate [X509]: \
  507. Subject: C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  508. Issuer: CN=RMIS \
  509. KeyAlg: GOST R 34.10-2001 \
  510. Sn: 2F643E29000000002CF9
  511. 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO CM Peer certificate is selected: \
  512. [income] C=RU,O=Med,CN=usr19500,E=linux@cg.ru / 2F643E29000000002CF9 / GOST R 34.10-2001 \
  513. [Root CA, trusted] CN=RMIS \
  514. Search params: \
  515. id_remote: (DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  516. LSP rule: 'usr19500_auth_ike_sign_gost2001' - 'cert_remote' is empty, CRL processing: disabled
  517. 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
  518. ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  519. 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO CM Local certificate is selected: C=RU,O=Med,CN=
  520. gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
  521. LSP rule: 'usr19500_auth_ike_sign_gost2001', id_local: DN from certificate
  522. 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
  523. ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  524. 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO CM Certificate will be sent [X509]: \
  525. Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
  526. Issuer: CN=RMIS \
  527. KeyAlg: GOST R 34.10-2001 \
  528. Sn: 40C55F85000000002911
  529. 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.
  530. 57:4500 #EC63F73AAA294C2D.58F4C055F71716E6.00000001 IKEv2 I<=R(IKE SA Auth)[860] \
  531. E[832](IV[8]=308856...E80036, ICV[12]=5BC8CD...FFE891){\
  532. IDr[83](DN){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
  533. CERT[595](X.509 Cert){308202...039C0D}, \
  534. AUTH[72](GOST3410.2001-Sig){78CFB8...9DE242}, \
  535. N[8](INITIAL_CONTACT), \
  536. N[8](IKEV2_MESSAGE_ID_SYNC_SUPPORTED), \
  537. N[12](SET_WINDOW_SIZE){64}, \
  538. N[28](QCD_TOKEN){76F6F8...082482}}
  539. 2016.10.14 15:55:23 58F4C055F71716E6 NOTICE IKE IKEv2 SA created: \
  540. Reason: Request from peer \
  541. Origin: New SA \
  542. Role: Responder \
  543. Local Address: 85.233.76.57:4500 \
  544. Peer Address: 217.118.93.131:9853 (originally 217.118.93.131:22709) \
  545. IKE SPIs: EC63F73AAA294C2D:58F4C055F71716E6 \
  546. Goal: PMPv2 (Initial contact) \
  547. Peer Type: Zastava \
  548. Peer Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  549. My Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
  550. Crypto params: Group=GOST3410.2001VKO, Encryption=GOST28147.89-CBC, Integrity=GOST3411.94-HMAC96, PRF=GOST3411.94-HMAC \
  551. NAT Traversal: Supported, NAT detected \
  552. Lifetime: 28800 sec., 4096 Kb. \
  553. Features: MID Sync \
  554. Rule: rule_isakmp3_auth_ike_sign_gost2001_SMC
  555. 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R NOTICE IKE Exchange completed (IKE SA Auth, Responder): \
  556. Goal: Create new IKE SA \
  557. Local Address: 85.233.76.57:4500 \
  558. Peer Address: 217.118.93.131:9853 \
  559. IKE SPIs: EC63F73AAA294C2D:58F4C055F71716E6 \
  560. Message-ID: 00000001
  561. 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R NOTICE IKE Exchange started (IKE SA Auth, Responder): \
  562. Goal: Create new IKE SA \
  563. Local Address: 85.233.76.57:500 \
  564. Peer Address: 217.118.93.131:9853 \
  565. IKE SPIs: 764A0D56B4BBD045:46E194A3555F8A52 \
  566. Message-ID: 00000001
  567. 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
  568. ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  569. 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO CM Received certificate [X509]: \
  570. Subject: C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  571. Issuer: CN=RMIS \
  572. KeyAlg: GOST R 34.10-2001 \
  573. Sn: 2F643E29000000002CF9
  574. 2016.10.14 15:55:24 INFO DRV bond0.2104:PASS TCP 1310 10.41.19.39:35682 <= 10.196.1.194:80. Rule "
  575. filt788" action.
  576. 2016.10.14 15:55:24 E40F6CD760D0DEE8.0000000000000000.00000000 INFO DRV bond0.2340:ENCAP TCP 1310 10.
  577. 196.1.194:80 => 10.41.19.39:35682. SA[2F5A7738] Rule "filt783" action.
  578. 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO CM Peer certificate is selected: \
  579. [income] C=RU,O=Med,CN=usr19500,E=linux@cg.ru / 2F643E29000000002CF9 / GOST R 34.10-2001 \
  580. [Root CA, trusted] CN=RMIS \
  581. Search params: \
  582. id_remote: (DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  583. LSP rule: 'usr19500_auth_ike_sign_gost2001' - 'cert_remote' is empty, CRL processing: disabled
  584. 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
  585. ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  586. 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO CM Local certificate is selected: C=RU,O=Med,CN=
  587. gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
  588. LSP rule: 'usr19500_auth_ike_sign_gost2001', id_local: DN from certificate
  589. 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
  590. ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
  591. 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO CM Certificate will be sent [X509]: \
  592. Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
  593. Issuer: CN=RMIS \
  594. KeyAlg: GOST R 34.10-2001 \
  595. Sn: 40C55F85000000002911
  596. 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.
  597. 57:4500 #764A0D56B4BBD045.46E194A3555F8A52.00000001 IKEv2 I<=R(IKE SA Auth)[860] \
  598. E[832](IV[8]=0856E2...8008C3, ICV[12]=450B87...4BCC31){\
  599. IDr[83](DN){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
  600. CERT[595](X.509 Cert){308202...039C0D}, \
  601. AUTH[72](GOST3410.2001-Sig){99B1A9...421BDA}, \
  602. N[8](INITIAL_CONTACT), \
  603. N[8](IKEV2_MESSAGE_ID_SYNC_SUPPORTED), \
  604. N[12](SET_WINDOW_SIZE){64}, \
  605. N[28](QCD_TOKEN){570E8A...82D1F0}}
  606. 2016.10.14 15:55:24 46E194A3555F8A52 NOTICE IKE IKEv2 SA created: \
  607. Reason: Request from peer \
  608. Origin: New SA \
  609. Role: Responder \
  610. Local Address: 85.233.76.57:4500 \
  611. Peer Address: 217.118.93.131:9853 (originally 217.118.93.131:22709) \
  612. IKE SPIs: 764A0D56B4BBD045:46E194A3555F8A52 \
  613. Goal: PMPv2 (Initial contact) \
  614. Peer Type: Zastava \
  615. Peer Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
  616. My Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
  617. Crypto params: Group=GOST3410.2001VKO, Encryption=GOST28147.89-CBC, Integrity=GOST3411.94-HMAC96, PRF=GOST3411.94-HMAC \
  618. NAT Traversal: Supported, NAT detected \
  619. Lifetime: 28800 sec., 4096 Kb. \
  620. Features: MID Sync \
  621. Rule: rule_isakmp3_auth_ike_sign_gost2001_SMC
  622. 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R NOTICE IKE Exchange completed (IKE SA Auth, Responder): \
  623. Goal: Create new IKE SA \
  624. Local Address: 85.233.76.57:4500 \
  625. Peer Address: 217.118.93.131:9853 \
  626. IKE SPIs: 764A0D56B4BBD045:46E194A3555F8A52 \
  627. Message-ID: 00000001
  628. 2016.10.14 15:55:24 E40F6CD760D0DEE8.0000000000000000.00000000 INFO DRV bond0.2340:DECAP TCP 40 10.196.1.194:80 <= 10.41.19.39:35682. SA[FBA1462D] Rule "filt783" action.
  629. 2016.10.14 15:55:24 INFO DRV bond0.2104:PASS TCP 40 10.41.19.39:35682 => 10.196.1.194:80. Rule "filt788" action.
  630. 2016.10.14 15:55:24 46E194A3555F8A52.00000002,R INFO IKE Rcvd message: 217.118.93.131:9853->85.233.76.57:4500 #764A0D56B4BBD045.46E194A3555F8A52.00000002 IKEv2 I->R(Informational)[284] \
  631. E[256](IV[8]=19E76B...E1E693, ICV[12]=7647A8...A6A12F){\
  632. CP[226](REQUEST){PMP.Version=3, PMP.Version=4, PMP.Agent[28]="CLIENT 6.1.16519 WINXX/amd64", LSP.Hash[32]="802946639BB6151F4B3A4889720AD249", Update[14]="pmp_timeout=10", Update[21]="update_state=uptodate", Update[95]="update_msg=[uptodate] File not present: C:\Windows\TEMP\ELVIS+\ZASTAVA Client\vpndmn_update.ini"}}
  633. 2016.10.14 15:55:24 46E194A3555F8A52.00000002,R NOTICE IKE Exchange started (Informational, Responder): \
  634. Goal: Check/Update LSP \
  635. Local Address: 85.233.76.57:4500 \
  636. Peer Address: 217.118.93.131:9853 \
  637. IKE SPIs: 764A0D56B4BBD045:46E194A3555F8A52 \
  638. Message-ID: 00000002
  639. 2016.10.14 15:55:24 46E194A3555F8A52.00000002,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #764A0D56B4BBD045.46E194A3555F8A52.00000002 IKEv2 I<=R(Informational)[108] \
  640. E[80](IV[8]=586618...8B23B1, ICV[12]=EB8F1F...32D03C){\
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!