Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R NOTICE IKE Exchange started (IKE SA Auth, Responder): \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
- Message-ID: 00000001
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
- ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO CM Received certificate [X509]: \
- Subject: C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 2F643E29000000002CF9
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO CM Peer certificate is selected: \
- [income] C=RU,O=Med,CN=usr19500,E=linux@cg.ru / 2F643E29000000002CF9 / GOST R 34.10-2001 \
- [Root CA, trusted] CN=RMIS \
- Search params: \
- id_remote: (DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- LSP rule: 'usr19500_auth_ike_sign_gost2001' - 'cert_remote' is empty, CRL processing: disabled
- 2016.10.14 15:52:49 8C5852060596DB22 NOTICE IKE IKEv2 SA deleted: \
- Reason: INITIAL-CONTACT Notification from peer \
- Peer Address: 217.198.1.70:4500 \
- IKE SPIs: FA42EEC2607DC7A4:8C5852060596DB22 \
- Succesor: None \
- Statistics: \
- Total bytes sent/received: 11143/26636 \
- Encrypted bytes sent/received: 3016/18472 \
- Total messages sent/received: 140/143 \
- Messages retransmitted/Old messages received: 0/3 \
- Invalid messages received: 0 \
- Number of times peer address updated: 1 \
- Total exchanges initiated/responded to: 0/140 \
- Unsuccessful exchanges initiated/responded to: 0/0 \
- IPsec exchanges initiated/responded to: 0/0
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
- ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO CM Local certificate is selected: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
- LSP rule: 'usr19500_auth_ike_sign_gost2001', id_local: DN from certificate
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_gost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO CM Certificate will be sent [X509]: \
- Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 40C55F85000000002911
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000001 IKEv2 I<=R(IKE SA Auth)[860] \
- E[832](IV[8]=FFA36C...F035B7, ICV[12]=3B72EC...0562C5){\
- IDr[83](DN){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
- CERT[595](X.509 Cert){308202...039C0D}, \
- AUTH[72](GOST3410.2001-Sig){2E910B...740F36}, \
- N[8](INITIAL_CONTACT), \
- N[8](IKEV2_MESSAGE_ID_SYNC_SUPPORTED), \
- N[12](SET_WINDOW_SIZE){64}, \
- N[28](QCD_TOKEN){850CDC...0B8E05}}
- 2016.10.14 15:52:49 56A7D4474AAD413B NOTICE IKE IKEv2 SA created: \
- Reason: Request from peer \
- Origin: New SA \
- Role: Responder \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 (originally 217.118.93.131:22709) \
- IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
- Goal: PMPv2 (Initial contact) \
- Peer Type: Zastava \
- Peer Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- My Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
- Crypto params: Group=GOST3410.2001VKO, Encryption=GOST28147.89-CBC, Integrity=GOST3411.94-HMAC96, PRF=GOST3411.94-HMAC \
- NAT Traversal: Supported, NAT detected \
- Lifetime: 28800 sec., 4096 Kb. \
- Features: MID Sync \
- Rule: rule_isakmp3_auth_ike_sign_gost2001_SMC
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000001,R NOTICE IKE Exchange completed (IKE SA Auth, Responder): \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
- Message-ID: 00000001
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000002,R INFO IKE Rcvd message: 217.118.93.131:9853->85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000002 IKEv2 I->R(Informational)[284] \
- E[256](IV[8]=38A6FB...4A4EED, ICV[12]=4E3AE1...A94291){\
- CP[226](REQUEST){PMP.Version=3, PMP.Version=4, PMP.Agent[28]="CLIENT 6.1.16519 WINXX/amd64", LSP.Hash[32]="802946639BB6151F4B3A4889720AD249", Update[14]="pmp_timeout=10", Update[21]="update_state=uptodate", Update[95]="update_msg=[uptodate] File not present: C:\Windows\TEMP\ELVIS+\ZASTAVA Client\vpndmn_update.ini"}}
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000002,R NOTICE IKE Exchange started (Informational, Responder): \
- Goal: Check/Update LSP \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
- Message-ID: 00000002
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000002,R ERROR JK [21675:b44ffb70] [error] ajp_get_reply::jk_ajp_common.c (2123): (policy_worker) Tomcat is down or refused connection. No response has been sent to the client (yet)
- 2016.10.14 15:52:49 ERROR DRV bond0.2104:DROP ICMP 96 <0:22572> 10.196.1.137 <= 10.196.1.226. Filter not found.
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000002,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000002 IKEv2 I<=R(Informational)[108] \
- E[80](IV[8]=BFD861...87D0DE, ICV[12]=E26E8A...98788D){\
- CP[48](REPLY){PMP.Version=3, JK.Cookie[32]="95D14A34771B429DC5879B9DA7913668"}}
- 2016.10.14 15:52:49 56A7D4474AAD413B.00000002,R NOTICE IKE Exchange completed (Informational, Responder): \
- Goal: Check/Update LSP \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
- Message-ID: 00000002
- 2016.10.14 15:52:50 B88937C3BF347F67.00000000 INFO IKE Re-sent message: 10.108.43.172:500<-85.233.76.57:500 B88937C3BF347F67.0000000000000000.00000000 IKEv1 (Main Mode)[262]
- 2016.10.14 15:52:50 6ED4304F0372728D.00000000 ERROR IKE Exchange failed (Main Mode, Initiator): \
- Reason: Exchange timeout \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:500 \
- Peer Address: 11.11.5.197:500 \
- IKE SPIs: 6ED4304F0372728D:0000000000000000 \
- Message-ID: 00000000
- 2016.10.14 15:52:50 C0D2C39F0D035FFE NOTICE IKE Start creating new IKEv1 SA: \
- Reason: Request from system \
- Origin: New SA \
- Role: Initiator \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 11.11.5.197:4500 (originally 11.11.5.197:500) \
- IKE SPIs: C0D2C39F0D035FFE:0000000000000000 \
- Goal: IPsec
- 2016.10.14 15:52:50 C0D2C39F0D035FFE.00000000 NOTICE IKE Exchange started (Main Mode, Initiator): \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 11.11.5.197:4500 \
- IKE SPIs: C0D2C39F0D035FFE:0000000000000000 \
- Message-ID: 00000000
- 2016.10.14 15:52:50 C0D2C39F0D035FFE.00000000 INFO IKE Sent message: 11.11.5.197:4500<-85.233.76.57:4500 #C0D2C39F0D035FFE.0000000000000000.00000000 IKEv1 (Main Mode)[262] \
- SA[56]{\
- P[44](#1:ISAKMP::1){\
- T[36](#1:IKE){Auth=GOST3410.2001-Sig, Encryption=GOST28147.89-CBC, Hash=GOST3411.94, Group=GOST3410.2001VKO, Life.Type=Sec, Life.Duration=28800}}}, \
- V[26]{Zastava 6.0}, \
- V[20]{TWS}, \
- V[20]{NAT-T RFC3947}, \
- V[20]{NAT-T draft-nat-t-ike-03}, \
- V[20]{NAT-T draft-nat-t-ike-02n}, \
- V[20]{NAT-T draft-nat-t-ike-02}, \
- V[12]{XAUTH}, \
- V[20]{IKE Fragmentation}, \
- V[20]{DPD}
- 2016.10.14 15:52:50 6ED4304F0372728D WARN IKE Failed to create IKEv1 SA: \
- Reason: Exchange timeout \
- Peer Address: 11.11.5.197:500 \
- IKE SPIs: 6ED4304F0372728D:0000000000000000 \
- Attempts in progress: 1
- 2016.10.14 15:52:50 56A7D4474AAD413B.00000003,R INFO IKE Rcvd message: 217.118.93.131:9853->85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000003 IKEv2 I->R(Informational)[68] \
- E[40](IV[8]=964EA3...E97CD7, ICV[12]=C15ACA...C98660){\
- D[8](IKE)}
- 2016.10.14 15:52:50 56A7D4474AAD413B.00000003,R NOTICE IKE Exchange started (Informational, Responder): \
- Goal: Delete IKE SA \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
- Message-ID: 00000003
- 2016.10.14 15:52:50 56A7D4474AAD413B.00000003,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000003 IKEv2 I<=R(Informational)[60] \
- E[32](IV[8]=8FD7A0...A822A8, ICV[12]=58206F...3093A0){}
- 2016.10.14 15:52:50 56A7D4474AAD413B.00000003,R NOTICE IKE Exchange completed (Informational, Responder): \
- Goal: Delete IKE SA \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
- Message-ID: 00000003 \
- Result: IKE SA deleted (request from peer)
- 2016.10.14 15:52:50 56A7D4474AAD413B NOTICE IKE IKEv2 SA deleted: \
- Reason: DELETE Payload from peer \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 124C5406137CBA18:56A7D4474AAD413B \
- Succesor: None \
- Statistics: \
- Total bytes sent/received: 1383/1608 \
- Encrypted bytes sent/received: 872/1056 \
- Total messages sent/received: 4/4 \
- Messages retransmitted/Old messages received: 0/0 \
- Invalid messages received: 0 \
- Number of times peer address updated: 1 \
- Total exchanges initiated/responded to: 0/4 \
- Unsuccessful exchanges initiated/responded to: 0/0 \
- IPsec exchanges initiated/responded to: 0/0
- 2016.10.14 15:52:50 WARN IKE Rcvd message outside any existing IKE SA: 217.118.93.131:9853->85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000004 IKEv2 I->R(Informational)[68]
- 2016.10.14 15:52:50 WARN IKE Rcvd message outside any existing IKE SA: 217.118.93.131:9853->85.233.76.57:4500 #124C5406137CBA18.56A7D4474AAD413B.00000005 IKEv2 I->R(Informational)[68]
- 2016.10.14 15:52:50 ERROR DRV bond0.2104:DROP ICMP 96 <0:22568> 10.196.1.137 <= 10.196.1.227. Filter not found.
- 2016.10.14 15:52:50 26FFF86AD6D2D846 NOTICE IKE Start creating new IKEv2 SA: \
- Reason: Request from peer \
- Origin: New SA \
- Role: Responder \
- Local Address: 85.233.76.57:500 \
- Peer Address: 217.118.93.131:22709 \
- IKE SPIs: F61F556BBD68E265:26FFF86AD6D2D846 \
- Goal: PMPv2
- 2016.10.14 15:52:50 ERROR DRV bond0.2104:DROP ICMP 96 <0:22565> 10.196.1.137 <= 10.196.1.227. Filter not found.
- 2016.10.14 15:52:50 C4A5E8BDFD25BD5E NOTICE IKE Start creating new IKEv1 SA: \
- Reason: Request from peer \
- Origin: New SA \
- Role: Responder \
- Local Address: 85.233.76.57:500 \
- Peer Address: 10.36.36.22:500 \
- IKE SPIs: 3811B177F30A9BCE:C4A5E8BDFD25BD5E \
- Goal: Generic
- 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R NOTICE IKE Exchange started (IKE SA Auth, Responder): \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: F61F556BBD68E265:26FFF86AD6D2D846 \
- Message-ID: 00000001
- 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_gost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO CM Received certificate [X509]: \
- Subject: C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 2F643E29000000002CF9
- 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO CM Peer certificate is selected: \
- [income] C=RU,O=Med,CN=usr19500,E=linux@cg.ru / 2F643E29000000002CF9 / GOST R 34.10-2001 \
- [Root CA, trusted] CN=RMIS \
- Search params: \
- id_remote: (DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- LSP rule: 'usr19500_auth_ike_sign_gost2001' - 'cert_remote' is empty, CRL processing: disabled
- 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_gost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO CM Local certificate is selected: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
- LSP rule: 'usr19500_auth_ike_sign_gost2001', id_local: DN from certificate
- 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_gost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO CM Certificate will be sent [X509]: \
- Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 40C55F85000000002911
- 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #F61F556BBD68E265.26FFF86AD6D2D846.00000001 IKEv2 I<=R(IKE SA Auth)[860] \
- E[832](IV[8]=395215...32F876, ICV[12]=D5BF56...6433A7){\
- IDr[83](DN){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
- CERT[595](X.509 Cert){308202...039C0D}, \
- AUTH[72](GOST3410.2001-Sig){D50154...685084}, \
- N[8](INITIAL_CONTACT), \
- N[8](IKEV2_MESSAGE_ID_SYNC_SUPPORTED), \
- N[12](SET_WINDOW_SIZE){64}, \
- N[28](QCD_TOKEN){26E35E...AE9850}}
- 2016.10.14 15:52:50 26FFF86AD6D2D846 NOTICE IKE IKEv2 SA created: \
- Reason: Request from peer \
- Origin: New SA \
- Role: Responder \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 (originally 217.118.93.131:22709) \
- IKE SPIs: F61F556BBD68E265:26FFF86AD6D2D846 \
- Goal: PMPv2 (Initial contact) \
- Peer Type: Zastava \
- Peer Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- My Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
- Crypto params: Group=GOST3410.2001VKO, Encryption=GOST28147.89-CBC, Integrity=GOST3411.94-HMAC96, PRF=GOST3411.94-HMAC \
- NAT Traversal: Supported, NAT detected \
- Lifetime: 28800 sec., 4096 Kb. \
- Features: MID Sync \
- Rule: rule_isakmp3_auth_ike_sign_gost2001_SMC
- 2016.10.14 15:52:50 26FFF86AD6D2D846.00000001,R NOTICE IKE Exchange completed (IKE SA Auth, Responder): \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: F61F556BBD68E265:26FFF86AD6D2D846 \
- Message-ID: 00000001
- 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO LP Auth rule found: rule_isakmp841->user9061_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO CM Received certificate [X509]: \
- Subject: C=RU,ST=Татарстан,O=Медицина,CN=user9061,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 3CA578680000000002BE
- 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO CM Peer certificate is selected: \
- [income] C=RU,ST=Татарстан,O=Медицина,CN=user9061,E=linux@cg.ru / 3CA578680000000002BE / GOST R 34.10-2001 \
- [Root CA, trusted] CN=RMIS \
- Search params: \
- id_remote: (DN) C=RU,ST=Татарстан,O=Медицина,CN=user9061,E=linux@cg.ru \
- LSP rule: 'user9061_auth_ike_sign_gost2001', CRL processing: disabled
- 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO LP Auth rule found: rule_isakmp841->user9061_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO CM Local certificate is selected: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
- LSP rule: 'user9061_auth_ike_sign_gost2001', id_local: DN from certificate
- 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO LP Auth rule found: rule_isakmp841->user9061_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO CM Certificate will be sent [X509]: \
- Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 40C55F85000000002911
- 2016.10.14 15:52:50 C4A5E8BDFD25BD5E.00000000 INFO IKE Sent message: 10.36.36.22:500<-85.233.76.57:500 3811B177F30A9BCE.C4A5E8BDFD25BD5E.00000000 IKEv1* (Main Mode)[836] \
- ID[83](DN::){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
- CERT[595](X.509 Cert){308202...039C0D}, \
- SIGN[68]{75EB6D...89859D}, \
- N[56](ISAKMP:3811B177F30A9BCE.C4A5E8BDFD25BD5E:RESPONDER-LIFETIME){10=1, Life.Type=Sec, Life.Duration=28800, Life.Type=Kb, Life.Duration=4096}
- 2016.10.14 15:52:50 C4A5E8BDFD25BD5E NOTICE IKE IKEv1 SA created: \
- Reason: Request from peer \
- Origin: New SA \
- ..............
- 2016.10.14 15:53:55 220B0DAC396EF75E NOTICE IKE Start creating new IKEv2 SA: \
- Reason: Request from peer \
- Origin: New SA \
- Role: Responder \
- Local Address: 85.233.76.57:500 \
- Peer Address: 217.118.93.131:22709 \
- IKE SPIs: E4E3CCC9C921DF10:220B0DAC396EF75E \
- Goal: Generic
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R NOTICE IKE Exchange started (IKE SA Auth, Responder): \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: E4E3CCC9C921DF10:220B0DAC396EF75E \
- Message-ID: 00000001
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
- ost2001_SMC->usr19500_auth_ike_sign_gost2001(!goal), rule_isakmp841->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO CM Received certificate [X509]: \
- Subject: C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 2F643E29000000002CF9
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO CM Peer certificate is selected: \
- [income] C=RU,O=Med,CN=usr19500,E=linux@cg.ru / 2F643E29000000002CF9 / GOST R 34.10-2001 \
- [Root CA, trusted] CN=RMIS \
- Search params: \
- id_remote: (DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- LSP rule: 'usr19500_auth_ike_sign_gost2001' - 'cert_remote' is empty, CRL processing: disabled
- 2016.10.14 15:53:55 26FFF86AD6D2D846 NOTICE IKE IKEv2 SA deleted: \
- Reason: INITIAL-CONTACT Notification from peer \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: F61F556BBD68E265:26FFF86AD6D2D846 \
- Succesor: None \
- Statistics: \
- Total bytes sent/received: 1783/2892 \
- Encrypted bytes sent/received: 936/1848 \
- Total messages sent/received: 10/11 \
- Messages retransmitted/Old messages received: 0/1 \
- Invalid messages received: 0 \
- Number of times peer address updated: 1 \
- Total exchanges initiated/responded to: 0/10 \
- Unsuccessful exchanges initiated/responded to: 0/0 \
- IPsec exchanges initiated/responded to: 0/0
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO LPCFG LOG_MSG_LP_CFG_INFO: Searching filter for sel
- ector(1): 11.11.0.24:tcp:49180, 11.11.0.24 -> 10.196.1.194:tcp:80, 10.196.1.192-10.196.1.223 ifid: bond0.2340(1) 85.233
- .76.57 \
- result: ok, rule: filt826(ikecfg_serv)->rule_ipsec827 filter found: filt826(ikecfg_serv)->rule_ipsec827
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO LPCFG LOG_MSG_LP_CFG_INFO: lpRateIPsecSaTransform: 02000000:ESP, cipher=GOST28147.89DIVER-CBC(20410002), integrity=GOST3411.94-HMAC96(00320046), compression=null, DH group=null - MAX_RATING: rule: rule_ipsec827->proto_esp830
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_gost2001_SMC->usr19500_auth_ike_sign_gost2001(!goal), rule_isakmp841->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO CM Local certificate is selected: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
- LSP rule: 'usr19500_auth_ike_sign_gost2001', id_local: DN from certificate
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_gost2001_SMC->usr19500_auth_ike_sign_gost2001(!goal), rule_isakmp841->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO CM Certificate will be sent [X509]: \
- Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 40C55F85000000002911
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO LPSADB PUSH_BUNDLE_OK filt826(ikecfg_serv) \
- Local selector: 10.196.1.192..10.196.1.223|0..255 \
- Peer selector: 11.11.0.24|0..255 \
- IPsec contexts: [1220812/1220813]
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R NOTICE LPSADB IPsec SAs bundle created (#152601): \
- Selector: 11.11.0.24 -> 10.196.1.192-10.196.1.223 \
- Mode: Tunnel with UDP-encapsulation (217.118.93.131:9853) Responder, IKE-CFG server: 11.11.0.24 \
- Rule: filt826(ikecfg_serv)->rule_ipsec827 \
- PFS: from IKE SA \
- ESP params (#610406): \
- SPI(in/out): 4E02B2F4/B12837D3 \
- Encryption: GOST28147.89DIVER-CBC \
- Authentication: GOST3411.94-HMAC96 \
- Expire traffic: 0(0) kB \
- Life time: 28800(28686) sec \
- Rule: proto_esp830
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #E4E3CCC9C921DF10.220B0DAC396EF75E.00000001 IKEv2 I<=R(IKE SA Auth)[988] \
- E[960](IV[8]=246E0C...D050F8, ICV[12]=34B883...605695){\
- IDr[83](DN){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
- CERT[595](X.509 Cert){308202...039C0D}, \
- AUTH[72](GOST3410.2001-Sig){8F2EB8...9F511B}, \
- N[8](INITIAL_CONTACT), \
- N[8](IKEV2_MESSAGE_ID_SYNC_SUPPORTED), \
- N[12](SET_WINDOW_SIZE){64}, \
- CP[16](REPLY){IP4.Address[4]=11.11.0.24}, \
- SA[40]{\
- P[36](#1:ESP:4E02B2F4:3){\
- Encryption=GOST28147.89DIVER-CBC, \
- Integrity=GOST3411.94-HMAC96, \
- ESN=Off}}, \
- TSi[24](:1){11.11.0.24}, \
- TSr[24](:1){10.196.1.192-10.196.1.223}, \
- N[8](ADDITIONAL_TS_POSSIBLE), \
- N[8](ESP_TFC_PADDING_NOT_SUPPORTED), \
- N[8](NON_FIRST_FRAGMENTS_ALSO), \
- N[28](QCD_TOKEN){98914E...C6B6C4}}
- 2016.10.14 15:53:55 220B0DAC396EF75E NOTICE IKE IKEv2 SA created: \
- Reason: Request from peer \
- Origin: New SA \
- Role: Responder \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 (originally 217.118.93.131:22709) \
- IKE SPIs: E4E3CCC9C921DF10:220B0DAC396EF75E \
- Goal: IPsec (Initial contact) \
- Peer Type: Zastava \
- Peer Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- My Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
- Crypto params: Group=GOST3410.2001VKO, Encryption=GOST28147.89-CBC, Integrity=GOST3411.94-HMAC96, PRF=GOST3411.94-HMAC \
- NAT Traversal: Supported, NAT detected \
- Lifetime: 28800 sec., 4096 Kb. \
- Features: MID Sync \
- Rule: rule_isakmp841
- 2016.10.14 15:53:55 220B0DAC396EF75E.00000001,R NOTICE IKE Exchange completed (IKE SA Auth, Responder): \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: E4E3CCC9C921DF10:220B0DAC396EF75E \
- Message-ID: 00000001 \
- Result: Network parameters: \
- Requested by client: IP4.Address, IP4.DNS \
- Assigned to client: IP4.Address=11.11.0.24
- 2016.10.14 15:53:56 306A7AE6A4E11D87 NOTICE IKE IKEv1 SA deleted: \
- Reason: Lifetime expired \
- Peer Address: 10.169.94.249:1348 \
- IKE SPIs: 75A0159D9AB1BAD4:306A7AE6A4E11D87 \
- Succesor: None \
- Statistics: \
- Total bytes sent/received: 1638/1914 \
- Encrypted bytes sent/received: 1104/1256 \
- Total messages sent/received: 6/7 \
- Messages retransmitted/Old messages received: 0/0 \
- Invalid messages received: 0 \
- Number of times peer address updated: 0 \
- Total exchanges initiated/responded to: 1/3 \
- Unsuccessful exchanges initiated/responded to: 0/1 \
- IPsec exchanges initiated/responded to: 0/2
- 2016.10.14 15:53:56 E613ED5546E64089.00000000 INFO IKE Re-sent message: 11.11.5.61:500<-85.233.76.57:500 E613ED5546E64089.0000000000000000.00000000 IKEv1 (Main Mode)[262] 2016.10.14 15:53:56 8CF2F79ABB35DAFE.AB341474 NOTICE IKE Exchange started (Informational, Initiator): \ Goal: Check liveness \ Local Address: 85.233.76.57:500 \ Peer Address: 10.6.24.9:500 \ IKE SPIs: 6B9659BA1CEA8598:8CF2F79ABB35DAFE \ Message-ID: AB341474 2016.10.14 15:53:56 8CF2F79ABB35DAFE.AB341474 INFO IKE Sent message: 10.6.24.9:500<-85.233.76.57:500 6B9659BA1CEA8598.8CF2F79ABB35DAFE.AB341474 IKEv1* (Informational)[100] \ HASH[36]{D0EF57...666DB3}, \ N[32](ISAKMP:6B9659BA1CEA8598.8CF2F79ABB35DAFE:R-U-THERE){2098050348} 2016.10.14 15:53:56 8CF2F79ABB35DAFE.AB341474 NOTICE IKE Exchange completed (Informational, Initiator): \ Goal: Check liveness \ Local Address: 85.233.76.57:500 \ Peer Address: 10.6.24.9:500 \ IKE SPIs: 6B9659BA1CEA8598:8CF2F79ABB35DAFE \ Message-ID: AB341474 2016.10.14 15:53:56 8CF2F79ABB35DAFE.01E9E101 INFO IKE Rcvd message: 10.6.24.9:500->85.233.76.57:500 6B9659BA1CEA8598.8CF2F79ABB35DAFE.01E9E101 IKEv1* (Informational)[100] \ HASH[36]{D2D79E...42BB88}, \ N[32](ISAKMP:6B9659BA1CEA8598.8CF2F79ABB35DAFE:R-U-THERE-ACK){2098050348} 2016.10.14 15:53:56 8CF2F79ABB35DAFE.01E9E101 NOTICE IKE Exchange started (Informational, Responder): \ Goal: Check liveness \ Local Address: 85.233.76.57:500 \ Peer Address: 10.6.24.9:500 \ IKE SPIs: 6B9659BA1CEA8598:8CF2F79ABB35DAFE \ Message-ID: 01E9E101 2016.10.14 15:53:56 8CF2F79ABB35DAFE.01E9E101 NOTICE IKE Exchange completed (Informational, Responder): \ Goal: Check liveness \ Local Address: 85.233.76.57:500 \ Peer Address: 10.6.24.9:500 \ IKE SPIs: 6B9659BA1CEA8598:8CF2F79ABB35DAFE \ Message-ID: 01E9E101 \ Result: Peer alive 2016
- ...............
- 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R NOTICE IKE Exchange started (IKE SA Auth, Responder): \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 8A25E924BF559861:CA5D85B39708E612 \
- Message-ID: 00000001
- 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
- ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO CM Received certificate [X509]: \
- Subject: C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 2F643E29000000002CF9
- 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO CM Peer certificate is selected: \
- [income] C=RU,O=Med,CN=usr19500,E=linux@cg.ru / 2F643E29000000002CF9 / GOST R 34.10-2001 \
- [Root CA, trusted] CN=RMIS \
- Search params: \
- id_remote: (DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- LSP rule: 'usr19500_auth_ike_sign_gost2001' - 'cert_remote' is empty, CRL processing: disabled
- 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
- ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO CM Local certificate is selected: C=RU,O=Med,CN=
- gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
- LSP rule: 'usr19500_auth_ike_sign_gost2001', id_local: DN from certificate
- 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
- ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO CM Certificate will be sent [X509]: \
- Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 40C55F85000000002911
- 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.
- 57:4500 #8A25E924BF559861.CA5D85B39708E612.00000001 IKEv2 I<=R(IKE SA Auth)[852] \
- E[824](IV[8]=FDBF3C...E510B1, ICV[12]=7A315E...768C82){\
- IDr[83](DN){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
- CERT[595](X.509 Cert){308202...039C0D}, \
- AUTH[72](GOST3410.2001-Sig){15884E...9ED28B}, \
- N[8](IKEV2_MESSAGE_ID_SYNC_SUPPORTED), \
- N[12](SET_WINDOW_SIZE){64}, \
- N[28](QCD_TOKEN){28063D...104107}}
- 2016.10.14 15:54:04 CA5D85B39708E612 NOTICE IKE IKEv2 SA created: \
- Reason: Request from peer \
- Origin: New SA \
- Role: Responder \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 (originally 217.118.93.131:22709) \
- IKE SPIs: 8A25E924BF559861:CA5D85B39708E612 \
- Goal: PMPv2 \
- Peer Type: Zastava \
- Peer Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- My Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
- Crypto params: Group=GOST3410.2001VKO, Encryption=GOST28147.89-CBC, Integrity=GOST3411.94-HMAC96, PRF=GOST3411.94-HMAC \
- NAT Traversal: Supported, NAT detected \
- Lifetime: 28800 sec., 4096 Kb. \
- Features: MID Sync \
- Rule: rule_isakmp3_auth_ike_sign_gost2001_SMC
- 2016.10.14 15:54:04 CA5D85B39708E612.00000001,R NOTICE IKE Exchange completed (IKE SA Auth, Responder): \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 8A25E924BF559861:CA5D85B39708E612 \
- Message-ID: 00000001
- 2016.10.14 15:54:04 CA5D85B39708E612.00000002,R INFO IKE Rcvd message: 217.118.93.131:9853->85.233.76.57:4500 #8A25E924BF559861.CA5D85B39708E612.00000002 IKEv2 I->R(Informational)[180] \
- E[152](IV[8]=940D03...C60E2E, ICV[12]=802050...FBAB16){\
- CP[120](REQUEST){PMP.Version=3, PMP.Version=4, PMP.Agent[28]="CLIENT 6.1.16519 WINXX/amd64", JK.Cookie[32]="95D14A34771B429DC5879B9DA7913668", LSP.Hash[32]="802946639BB6151F4B3A4889720AD249"}}
- 2016.10.14 15:54:04 CA5D85B39708E612.00000002,R NOTICE IKE Exchange started (Informational, Responder): \
- Goal: Check/Update LSP \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 8A25E924BF559861:CA5D85B39708E612 \
- Message-ID: 00000002
- 2016.10.14 15:54:04 CA5D85B39708E612.00000002,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #8A25E924BF559861.CA5D85B39708E612.00000002 IKEv2 I<=R(Informational)[68] \
- E[40](IV[8]=104BAD...B10E13, ICV[12]=D70268...2BBC58){\
- CP[12](REPLY){PMP.Version=3}}
- 2016.10.14 15:54:04 CA5D85B39708E612.00000002,R NOTICE IKE Exchange completed (Informational, Responder): \
- Goal: Check/Update LSP \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 8A25E924BF559861:CA5D85B39708E612 \
- Message-ID: 00000002
- ...........
- 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R NOTICE IKE Exchange started (IKE SA Auth, Responder): \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: EC63F73AAA294C2D:58F4C055F71716E6 \
- Message-ID: 00000001
- 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
- ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO CM Received certificate [X509]: \
- Subject: C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 2F643E29000000002CF9
- 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO CM Peer certificate is selected: \
- [income] C=RU,O=Med,CN=usr19500,E=linux@cg.ru / 2F643E29000000002CF9 / GOST R 34.10-2001 \
- [Root CA, trusted] CN=RMIS \
- Search params: \
- id_remote: (DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- LSP rule: 'usr19500_auth_ike_sign_gost2001' - 'cert_remote' is empty, CRL processing: disabled
- 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
- ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO CM Local certificate is selected: C=RU,O=Med,CN=
- gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
- LSP rule: 'usr19500_auth_ike_sign_gost2001', id_local: DN from certificate
- 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
- ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO CM Certificate will be sent [X509]: \
- Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 40C55F85000000002911
- 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.
- 57:4500 #EC63F73AAA294C2D.58F4C055F71716E6.00000001 IKEv2 I<=R(IKE SA Auth)[860] \
- E[832](IV[8]=308856...E80036, ICV[12]=5BC8CD...FFE891){\
- IDr[83](DN){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
- CERT[595](X.509 Cert){308202...039C0D}, \
- AUTH[72](GOST3410.2001-Sig){78CFB8...9DE242}, \
- N[8](INITIAL_CONTACT), \
- N[8](IKEV2_MESSAGE_ID_SYNC_SUPPORTED), \
- N[12](SET_WINDOW_SIZE){64}, \
- N[28](QCD_TOKEN){76F6F8...082482}}
- 2016.10.14 15:55:23 58F4C055F71716E6 NOTICE IKE IKEv2 SA created: \
- Reason: Request from peer \
- Origin: New SA \
- Role: Responder \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 (originally 217.118.93.131:22709) \
- IKE SPIs: EC63F73AAA294C2D:58F4C055F71716E6 \
- Goal: PMPv2 (Initial contact) \
- Peer Type: Zastava \
- Peer Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- My Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
- Crypto params: Group=GOST3410.2001VKO, Encryption=GOST28147.89-CBC, Integrity=GOST3411.94-HMAC96, PRF=GOST3411.94-HMAC \
- NAT Traversal: Supported, NAT detected \
- Lifetime: 28800 sec., 4096 Kb. \
- Features: MID Sync \
- Rule: rule_isakmp3_auth_ike_sign_gost2001_SMC
- 2016.10.14 15:55:23 58F4C055F71716E6.00000001,R NOTICE IKE Exchange completed (IKE SA Auth, Responder): \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: EC63F73AAA294C2D:58F4C055F71716E6 \
- Message-ID: 00000001
- 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R NOTICE IKE Exchange started (IKE SA Auth, Responder): \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 764A0D56B4BBD045:46E194A3555F8A52 \
- Message-ID: 00000001
- 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
- ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO CM Received certificate [X509]: \
- Subject: C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 2F643E29000000002CF9
- 2016.10.14 15:55:24 INFO DRV bond0.2104:PASS TCP 1310 10.41.19.39:35682 <= 10.196.1.194:80. Rule "
- filt788" action.
- 2016.10.14 15:55:24 E40F6CD760D0DEE8.0000000000000000.00000000 INFO DRV bond0.2340:ENCAP TCP 1310 10.
- 196.1.194:80 => 10.41.19.39:35682. SA[2F5A7738] Rule "filt783" action.
- 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO CM Peer certificate is selected: \
- [income] C=RU,O=Med,CN=usr19500,E=linux@cg.ru / 2F643E29000000002CF9 / GOST R 34.10-2001 \
- [Root CA, trusted] CN=RMIS \
- Search params: \
- id_remote: (DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- LSP rule: 'usr19500_auth_ike_sign_gost2001' - 'cert_remote' is empty, CRL processing: disabled
- 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
- ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO CM Local certificate is selected: C=RU,O=Med,CN=
- gate1_1,E=linux@cg.ru / 40C55F85000000002911 / GOST R 34.10-2001 \
- LSP rule: 'usr19500_auth_ike_sign_gost2001', id_local: DN from certificate
- 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO LP Auth rule found: rule_isakmp3_auth_ike_sign_g
- ost2001_SMC->usr19500_auth_ike_sign_gost2001(ok)
- 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO CM Certificate will be sent [X509]: \
- Subject: C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
- Issuer: CN=RMIS \
- KeyAlg: GOST R 34.10-2001 \
- Sn: 40C55F85000000002911
- 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.
- 57:4500 #764A0D56B4BBD045.46E194A3555F8A52.00000001 IKEv2 I<=R(IKE SA Auth)[860] \
- E[832](IV[8]=0856E2...8008C3, ICV[12]=450B87...4BCC31){\
- IDr[83](DN){C=RU,O=Med,CN=gate1_1,E=linux@cg.ru}, \
- CERT[595](X.509 Cert){308202...039C0D}, \
- AUTH[72](GOST3410.2001-Sig){99B1A9...421BDA}, \
- N[8](INITIAL_CONTACT), \
- N[8](IKEV2_MESSAGE_ID_SYNC_SUPPORTED), \
- N[12](SET_WINDOW_SIZE){64}, \
- N[28](QCD_TOKEN){570E8A...82D1F0}}
- 2016.10.14 15:55:24 46E194A3555F8A52 NOTICE IKE IKEv2 SA created: \
- Reason: Request from peer \
- Origin: New SA \
- Role: Responder \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 (originally 217.118.93.131:22709) \
- IKE SPIs: 764A0D56B4BBD045:46E194A3555F8A52 \
- Goal: PMPv2 (Initial contact) \
- Peer Type: Zastava \
- Peer Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=usr19500,E=linux@cg.ru \
- My Auth: Method=Signature, Algorithm=GOST3410.2001, ID=(DN) C=RU,O=Med,CN=gate1_1,E=linux@cg.ru \
- Crypto params: Group=GOST3410.2001VKO, Encryption=GOST28147.89-CBC, Integrity=GOST3411.94-HMAC96, PRF=GOST3411.94-HMAC \
- NAT Traversal: Supported, NAT detected \
- Lifetime: 28800 sec., 4096 Kb. \
- Features: MID Sync \
- Rule: rule_isakmp3_auth_ike_sign_gost2001_SMC
- 2016.10.14 15:55:24 46E194A3555F8A52.00000001,R NOTICE IKE Exchange completed (IKE SA Auth, Responder): \
- Goal: Create new IKE SA \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 764A0D56B4BBD045:46E194A3555F8A52 \
- Message-ID: 00000001
- 2016.10.14 15:55:24 E40F6CD760D0DEE8.0000000000000000.00000000 INFO DRV bond0.2340:DECAP TCP 40 10.196.1.194:80 <= 10.41.19.39:35682. SA[FBA1462D] Rule "filt783" action.
- 2016.10.14 15:55:24 INFO DRV bond0.2104:PASS TCP 40 10.41.19.39:35682 => 10.196.1.194:80. Rule "filt788" action.
- 2016.10.14 15:55:24 46E194A3555F8A52.00000002,R INFO IKE Rcvd message: 217.118.93.131:9853->85.233.76.57:4500 #764A0D56B4BBD045.46E194A3555F8A52.00000002 IKEv2 I->R(Informational)[284] \
- E[256](IV[8]=19E76B...E1E693, ICV[12]=7647A8...A6A12F){\
- CP[226](REQUEST){PMP.Version=3, PMP.Version=4, PMP.Agent[28]="CLIENT 6.1.16519 WINXX/amd64", LSP.Hash[32]="802946639BB6151F4B3A4889720AD249", Update[14]="pmp_timeout=10", Update[21]="update_state=uptodate", Update[95]="update_msg=[uptodate] File not present: C:\Windows\TEMP\ELVIS+\ZASTAVA Client\vpndmn_update.ini"}}
- 2016.10.14 15:55:24 46E194A3555F8A52.00000002,R NOTICE IKE Exchange started (Informational, Responder): \
- Goal: Check/Update LSP \
- Local Address: 85.233.76.57:4500 \
- Peer Address: 217.118.93.131:9853 \
- IKE SPIs: 764A0D56B4BBD045:46E194A3555F8A52 \
- Message-ID: 00000002
- 2016.10.14 15:55:24 46E194A3555F8A52.00000002,R INFO IKE Sent message: 217.118.93.131:9853<-85.233.76.57:4500 #764A0D56B4BBD045.46E194A3555F8A52.00000002 IKEv2 I<=R(Informational)[108] \
- E[80](IV[8]=586618...8B23B1, ICV[12]=EB8F1F...32D03C){\
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement