|
List Info
Thread: Re: status of rightprotoport=17/%any with xlt2pd, XP and Mac OS X?
|
|
| Re: status of rightprotoport=17/%any
with xlt2pd, XP and Mac OS X? |
 
Netherlands |
2007-04-12 17:42:57 |
On Thu, 12 Apr 2007, Clifford T. Matthews wrote:
> This one doesn't:
This is completely different from the bug I was
expecting...
Mcr: note that this is another issue of:
> Apr 12 13:58:29 first pluto[4245]: | refine_connection:
picking new best sbnyc-l2tpX509-int (wild=15,
peer_pathlen=0/our=0)
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[1] 192.168.10.29 #1: switched
from "sbnyc-l2tpX509-int" to
"sbnyc-l2tpX509-int"
where a conn switches into itself. Full logs about the two
conns confusing each other, and the remote hanging
up on us follows below.
> Apr 12 13:58:17 first pluto[4245]: Starting Pluto
(Openswan Version 2.4.7 PLUTO_SENDS_VENDORID
PLUTO_USES_KEYRR; Vendor ID OEZ~BaB]r134p_)
> Apr 12 13:58:29 first pluto[4245]: packet from
192.168.10.29:500: ignoring Vendor ID payload [MS NT5
ISAKMPOAKLEY 00000004]
> Apr 12 13:58:29 first pluto[4245]: packet from
192.168.10.29:500: ignoring Vendor ID payload
[FRAGMENTATION]
> Apr 12 13:58:29 first pluto[4245]: packet from
192.168.10.29:500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
> Apr 12 13:58:29 first pluto[4245]: packet from
192.168.10.29:500: ignoring Vendor ID payload
[Vid-Initial-Contact]
> Apr 12 13:58:29 first pluto[4245]: |
find_host_connection called from main_inI1_outR1
> Apr 12 13:58:29 first pluto[4245]: | find_host_pair:
comparing to 192.168.10.1:500 0.0.0.0:500
> Apr 12 13:58:29 first pluto[4245]: | find_host_pair:
comparing to 216.254.70.239:500 0.0.0.0:500
> Apr 12 13:58:29 first pluto[4245]: |
find_host_pair_conn (find_host_connection2):
192.168.10.1:500 192.168.10.29:500 -> hp:none
> Apr 12 13:58:29 first pluto[4245]: |
find_host_connection called from main_inI1_outR1
> Apr 12 13:58:29 first pluto[4245]: | find_host_pair:
comparing to 192.168.10.1:500 0.0.0.0:500
> Apr 12 13:58:29 first pluto[4245]: |
find_host_pair_conn (find_host_connection2):
192.168.10.1:500 %any:500 -> hp:sbnyc-l2tpX509-int
> Apr 12 13:58:29 first pluto[4245]: | find_host_pair:
comparing to 192.168.10.1:500 0.0.0.0:500
> Apr 12 13:58:29 first pluto[4245]: | find_host_pair:
comparing to 216.254.70.239:500 0.0.0.0:500
> Apr 12 13:58:29 first pluto[4245]: |
connect_to_host_pair: 192.168.10.1:500 192.168.10.29:500
-> hp:none
> Apr 12 13:58:29 first pluto[4245]: | processing
connection sbnyc-l2tpX509-int[1] 192.168.10.29
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[1] 192.168.10.29 #1:
responding to Main Mode from unknown peer 192.168.10.29
> Apr 12 13:58:29 first pluto[4245]: | sender checking
NAT-t: 1 and 106
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[1] 192.168.10.29 #1:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[1] 192.168.10.29 #1:
STATE_MAIN_R1: sent MR1, expecting MI2
> Apr 12 13:58:29 first pluto[4245]: | processing
connection sbnyc-l2tpX509-int[1] 192.168.10.29
> Apr 12 13:58:29 first pluto[4245]: | inI2: checking
NAT-t: 1 and 4
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[1] 192.168.10.29 #1:
NAT-Traversal: Result using
draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected
> Apr 12 13:58:29 first pluto[4245]: | main inI2_outR2:
calculated ke+nonce, sending R2
> Apr 12 13:58:29 first pluto[4245]: | processing
connection sbnyc-l2tpX509-int[1] 192.168.10.29
> Apr 12 13:58:29 first pluto[4245]: |
find_host_connection called from collect_rw_ca_candidates
> Apr 12 13:58:29 first pluto[4245]: | find_host_pair:
comparing to 192.168.10.1:500 192.168.10.29:500
> Apr 12 13:58:29 first pluto[4245]: | find_host_pair:
comparing to 192.168.10.1:500 0.0.0.0:500
> Apr 12 13:58:29 first pluto[4245]: |
find_host_pair_conn (find_host_connection2):
192.168.10.1:500 %any:500 -> hp:sbnyc-l2tpX509-int
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[1] 192.168.10.29 #1:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[1] 192.168.10.29 #1:
STATE_MAIN_R2: sent MR2, expecting MI3
> Apr 12 13:58:29 first pluto[4245]: | processing
connection sbnyc-l2tpX509-int[1] 192.168.10.29
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[1] 192.168.10.29 #1: Main
mode peer ID is ID_DER_ASN1_DN: 'C=US, O=stolenbases.com,
OU=first, CN=ctm, E=ctm stolenbases.com'
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[1] 192.168.10.29 #1: no crl
from issuer "C=US, O=stolenbases.com, OU=first,
CN=CA" found (strict=no)
> Apr 12 13:58:29 first pluto[4245]: | refine_connection:
starting with sbnyc-l2tpX509-int
> Apr 12 13:58:29 first pluto[4245]: | match_id
a=C=US, O=stolenbases.com, OU=first, CN=ctm, E=ctmstolenbases.com
> Apr 12 13:58:29 first pluto[4245]: |
b=192.168.10.29
> Apr 12 13:58:29 first pluto[4245]: | results fail
> Apr 12 13:58:29 first pluto[4245]: | trusted_ca
called with a=C=US, O=stolenbases.com, OU=first, CN=CA
b=C=US, O=stolenbases.com, OU=first, CN=CA
> Apr 12 13:58:29 first pluto[4245]: | trusted_ca
called with a=C=US, O=stolenbases.com, OU=first, CN=CA
b=C=US, O=stolenbases.com, OU=first, CN=CA
> Apr 12 13:58:29 first pluto[4245]: | refine_connection:
checking sbnyc-l2tpX509-int against sbnyc-l2tpX509-int,
best=(none) with match=0(id=0/ca=1/reqca=1)
> Apr 12 13:58:29 first pluto[4245]: | find_host_pair:
comparing to 192.168.10.1:500 0.0.0.0:500
> Apr 12 13:58:29 first pluto[4245]: |
find_host_pair_conn (refine_host_connection):
192.168.10.1:500 %any:500 -> hp:sbnyc-l2tpX509-int
> Apr 12 13:58:29 first pluto[4245]: | match_id
a=C=US, O=stolenbases.com, OU=first, CN=ctm, E=ctmstolenbases.com
> Apr 12 13:58:29 first pluto[4245]: |
b=(none)
> Apr 12 13:58:29 first pluto[4245]: | results
matched
> Apr 12 13:58:29 first pluto[4245]: | trusted_ca
called with a=C=US, O=stolenbases.com, OU=first, CN=CA
b=C=US, O=stolenbases.com, OU=first, CN=CA
> Apr 12 13:58:29 first pluto[4245]: | trusted_ca
called with a=C=US, O=stolenbases.com, OU=first, CN=CA
b=C=US, O=stolenbases.com, OU=first, CN=CA
> Apr 12 13:58:29 first pluto[4245]: | refine_connection:
checking sbnyc-l2tpX509-int against sbnyc-l2tpX509-int,
best=(none) with match=1(id=1/ca=1/reqca=1)
> Apr 12 13:58:29 first pluto[4245]: | refine_connection:
checked sbnyc-l2tpX509-int against sbnyc-l2tpX509-int, now
for see if best
> Apr 12 13:58:29 first pluto[4245]: | refine_connection:
picking new best sbnyc-l2tpX509-int (wild=15,
peer_pathlen=0/our=0)
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[1] 192.168.10.29 #1: switched
from "sbnyc-l2tpX509-int" to
"sbnyc-l2tpX509-int"
> Apr 12 13:58:29 first pluto[4245]: | match_id
a=C=US, O=stolenbases.com, OU=first, CN=ctm, E=ctmstolenbases.com
> Apr 12 13:58:29 first pluto[4245]: |
b=(none)
> Apr 12 13:58:29 first pluto[4245]: | results
matched
> Apr 12 13:58:29 first pluto[4245]: | find_host_pair:
comparing to 192.168.10.1:500 0.0.0.0:500
> Apr 12 13:58:29 first pluto[4245]: | find_host_pair:
comparing to 192.168.10.1:500 192.168.10.29:500
> Apr 12 13:58:29 first pluto[4245]: |
connect_to_host_pair: 192.168.10.1:500 192.168.10.29:500
-> hp:sbnyc-l2tpX509-int
> Apr 12 13:58:29 first pluto[4245]: | processing
connection sbnyc-l2tpX509-int[2] 192.168.10.29
> Apr 12 13:58:29 first pluto[4245]: | processing
connection sbnyc-l2tpX509-int[1] 192.168.10.29
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[2] 192.168.10.29 #1: deleting
connection "sbnyc-l2tpX509-int" instance with peer
192.168.10.29 {isakmp=#0/ipsec=#0}
> Apr 12 13:58:29 first pluto[4245]: | trusted_ca
called with a=C=US, O=stolenbases.com, OU=first, CN=CA
b=C=US, O=stolenbases.com, OU=first, CN=CA
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[2] 192.168.10.29 #1: I am
sending my cert
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[2] 192.168.10.29 #1:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[2] 192.168.10.29 #1:
STATE_MAIN_R3: sent MR3, ISAKMP SA established
{auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192
prf=oakley_sha group=modp2048}
> Apr 12 13:58:29 first pluto[4245]: | processing
connection sbnyc-l2tpX509-int[2] 192.168.10.29
> Apr 12 13:58:29 first pluto[4245]: |
find_client_connection starting with sbnyc-l2tpX509-int
> Apr 12 13:58:29 first pluto[4245]: | looking for
192.168.10.1/32:17/1701 -> 192.168.10.29/32:17/1701
> Apr 12 13:58:29 first pluto[4245]: | concrete
checking against sr#0 192.168.10.1/32 -> 0.0.0.0/32
> Apr 12 13:58:29 first pluto[4245]: | match_id
a=C=US, O=stolenbases.com, OU=first, CN=ctm, E=ctmstolenbases.com
> Apr 12 13:58:29 first pluto[4245]: |
b=C=US, O=stolenbases.com, OU=first, CN=ctm, E=ctmstolenbases.com
> Apr 12 13:58:29 first pluto[4245]: | results
matched
> Apr 12 13:58:29 first pluto[4245]: | trusted_ca
called with a=C=US, O=stolenbases.com, OU=first, CN=CA
b=C=US, O=stolenbases.com, OU=first, CN=CA
> Apr 12 13:58:29 first pluto[4245]: | fc_try trying
sbnyc-l2tpX509-int:192.168.10.1/32:17/1701 ->
192.168.10.29/32:17/0 vs
sbnyc-l2tpX509-int:192.168.10.1/32:17/1701 ->
0.0.0.0/32:17/0
> Apr 12 13:58:29 first pluto[4245]: | fc_try
concluding with sbnyc-l2tpX509-int [128]
> Apr 12 13:58:29 first pluto[4245]: | fc_try
sbnyc-l2tpX509-int gives sbnyc-l2tpX509-int
> Apr 12 13:58:29 first pluto[4245]: | concluding with
d = sbnyc-l2tpX509-int
> Apr 12 13:58:29 first pluto[4245]: | processing
connection sbnyc-l2tpX509-int[2] 192.168.10.29
> Apr 12 13:58:29 first pluto[4245]: | quick inI1_outR1:
calculated ke+nonce, sending R1
> Apr 12 13:58:29 first pluto[4245]: | processing
connection sbnyc-l2tpX509-int[2] 192.168.10.29
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[2] 192.168.10.29 #2:
responding to Quick Mode {msgid:dcbe9fe6}
> Apr 12 13:58:29 first pluto[4245]: | finished
processing quick inI1
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[2] 192.168.10.29 #2:
transition from state STATE_QUICK_R0 to state
STATE_QUICK_R1
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[2] 192.168.10.29 #2:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed,
expecting QI2
> Apr 12 13:58:29 first pluto[4245]: | processing
connection sbnyc-l2tpX509-int[2] 192.168.10.29
> Apr 12 13:58:29 first pluto[4245]: | route_and_eroute
with c: sbnyc-l2tpX509-int (next: none) ero:null esr:{(nil)}
ro:null rosr:{(nil)} and state: 2
> Apr 12 13:58:29 first pluto[4245]: | trusted_ca
called with a=C=US, O=stolenbases.com, OU=first, CN=CA
b=C=US, O=stolenbases.com, OU=first, CN=CA
> Apr 12 13:58:29 first last message repeated 2 times
> Apr 12 13:58:29 first pluto[4245]: | inI2: instance
sbnyc-l2tpX509-int[2], setting newest_ipsec_sa to #2 (was
#0) (spd.eroute=#2)
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[2] 192.168.10.29 #2:
transition from state STATE_QUICK_R1 to state
STATE_QUICK_R2
> Apr 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[2] 192.168.10.29 #2:
STATE_QUICK_R2: IPsec SA established {ESP=>0x277fff6e
<0x2a4299c4 xfrm=3DES_0-HMAC_MD5 NATD=none DPD=none}
So the connection comes up
> Apr 12 13:58:49 first pluto[4245]: | processing
connection sbnyc-l2tpX509-int[2] 192.168.10.29
> Apr 12 13:59:04 first last message repeated 3 times
But the other instance is still stuck somewhere
> Apr 12 13:59:04 first pluto[4245]:
"sbnyc-l2tpX509-int"[2] 192.168.10.29 #1: received
Delete SA(0x277fff6e) payload: deleting IPSEC State #2
And as a result, Windows seems to hang up on us.
Clifford, Could you also enable OAKLEY.LOG on the Windows
machine and get us that logs as well?
Paul
_______________________________________________
Usersopenswan.org
http
://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with
Openswan:
http://www.amazon.com/gp/product/1904811
256/104-3099591-2946327?n=283155
|
|
| Re: status of rightprotoport=17/%any
with xlt2pd, XP and Mac OS X? |
|
2007-04-13 07:57:18 |
>>>>> "Paul" == Paul Wouters
<paulxelerance.com> writes:
Paul> On Thu, 12 Apr 2007, Clifford T. Matthews
wrote:
>> This one doesn't:
Paul> This is completely different from the bug I was
expecting...
Paul> Mcr: note that this is another issue of:
>> Apr 12 13:58:29 first pluto[4245]: |
refine_connection: picking
>> new best sbnyc-l2tpX509-int (wild=15,
peer_pathlen=0/our=0) Apr
>> 12 13:58:29 first pluto[4245]:
"sbnyc-l2tpX509-int"[1]
>> 192.168.10.29 #1: switched from
"sbnyc-l2tpX509-int" to
>> "sbnyc-l2tpX509-int"
[SNIP]
Paul> So the connection comes up
>> Apr 12 13:58:49 first pluto[4245]: | processing
connection
>> sbnyc-l2tpX509-int[2] 192.168.10.29 Apr 12
13:59:04 first last
>> message repeated 3 times
Paul> But the other instance is still stuck
somewhere
>> Apr 12 13:59:04 first pluto[4245]:
"sbnyc-l2tpX509-int"[2]
>> 192.168.10.29 #1: received Delete
SA(0x277fff6e) payload:
>> deleting IPSEC State #2
Paul> And as a result, Windows seems to hang up on
us.
Paul> Clifford, Could you also enable OAKLEY.LOG on
the Windows
Paul> machine and get us that logs as well?
I've included an oakley.log that has a successful connection
using
17/1701 followed by an unsuccessful one using 17/%any.
BTW, yesterday I was running with plutodebug=all and
visually
comparing the output of successes vs. failures and I saw a
difference in debug lines that began with "fc_try
trying". For example,
Successful (I think)
Apr 11 13:09:37 first pluto[25500]: | fc_try trying
sbnyc-l2tpX509-int:192.168.10.1/32:17/1701 ->
192.168.10.29/32:17/1701 vs
sbnyc-l2tpX509-int:192.168.10.1/32:17/1701 ->
192.168.10.29/32:17/1701
Apr 11 13:09:37 first pluto[25500]: | fc_try concluding
with sbnyc-l2tpX509-int [128]
Apr 11 13:09:37 first pluto[25500]: | fc_try
sbnyc-l2tpX509-int gives sbnyc-l2tpX509-int
Apr 11 13:09:37 first pluto[25500]: | concluding with d =
sbnyc-l2tpX509-int
Apr 11 13:09:37 first pluto[25500]: | duplicating state
object #1
Apr 11 13:09:37 first pluto[25500]: | creating state object
#3 at 0x555555824f70
Apr 11 13:09:37 first pluto[25500]: | processing connection
sbnyc-l2tpX509-int[2] 192.168.10.29
versus
Unsuccessful (I think)
Apr 11 12:01:21 first pluto[25111]: | fc_try trying
sbnyc-l2tpX509-int:192.168.10.1/32:17/1701 ->
192.168.10.29/32:17/0 vs
sbnyc-l2tpX509-int:192.168.10.1/32:17/1701 ->
0.0.0.0/32:17/0
Apr 11 12:01:21 first pluto[25111]: | fc_try concluding
with sbnyc-l2tpX509-int [128]
Apr 11 12:01:21 first pluto[25111]: | fc_try
sbnyc-l2tpX509-int gives sbnyc-l2tpX509-int
Apr 11 12:01:21 first pluto[25111]: | concluding with d =
sbnyc-l2tpX509-int
Apr 11 12:01:21 first pluto[25111]: | duplicating state
object #1
Apr 11 12:01:21 first pluto[25111]: | creating state object
#2 at 0x555555824b20
Apr 11 12:01:21 first pluto[25111]: | processing connection
sbnyc-l2tpX509-int[2] 192.168.10.29
I don't presume to believe that the above will be useful to
you, but I
figure if it's not, it's easily ignored. It's all voodoo to
me.
--Cliff
4-13: 06:26:34:984:df8 Initialization OK
4-13: 06:27:14:656:308 QM PolicyName: L2TP Optional
Encryption Quick Mode Policy dwFlags 0
4-13: 06:27:14:656:308 QMOffer[0] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:656:308 QMOffer[0] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:656:308 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:27:14:656:308 QMOffer[1] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:656:308 QMOffer[1] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:656:308 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: SHA
4-13: 06:27:14:656:308 QMOffer[2] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:656:308 QMOffer[2] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:656:308 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:14:656:308 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: 0
4-13: 06:27:14:656:308 QMOffer[3] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:656:308 QMOffer[3] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:656:308 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:14:656:308 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: 0
4-13: 06:27:14:656:308 QMOffer[4] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:656:308 QMOffer[4] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:656:308 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:14:656:308 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: SHA
4-13: 06:27:14:656:308 QMOffer[5] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:656:308 QMOffer[5] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:656:308 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:14:656:308 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:27:14:656:308 QMOffer[6] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:656:308 QMOffer[6] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:656:308 Algo[0] Operation: ESP Algo: DES
CBC HMAC: MD5
4-13: 06:27:14:656:308 QMOffer[7] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:656:308 QMOffer[7] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:671:308 Algo[0] Operation: ESP Algo: DES
CBC HMAC: SHA
4-13: 06:27:14:671:308 QMOffer[8] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:671:308 QMOffer[8] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:671:308 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:14:671:308 Algo[1] Operation: ESP Algo: DES
CBC HMAC: 0
4-13: 06:27:14:671:308 QMOffer[9] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:671:308 QMOffer[9] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:671:308 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:14:671:308 Algo[1] Operation: ESP Algo: DES
CBC HMAC: 0
4-13: 06:27:14:671:308 QMOffer[10] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:671:308 QMOffer[10] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:671:308 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:14:671:308 Algo[1] Operation: ESP Algo: DES
CBC HMAC: SHA
4-13: 06:27:14:671:308 QMOffer[11] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:671:308 QMOffer[11] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:671:308 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:14:671:308 Algo[1] Operation: ESP Algo: DES
CBC HMAC: MD5
4-13: 06:27:14:671:308 QMOffer[12] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:671:308 QMOffer[12] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:671:308 Algo[0] Operation: ESP Algo: NULL
DES HMAC: SHA
4-13: 06:27:14:671:308 QMOffer[13] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:671:308 QMOffer[13] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:671:308 Algo[0] Operation: ESP Algo: NULL
DES HMAC: MD5
4-13: 06:27:14:671:308 QMOffer[14] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:671:308 QMOffer[14] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:671:308 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:14:671:308 QMOffer[15] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:671:308 QMOffer[15] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:671:308 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:14:671:308 Internal Acquire: op=00000001
src=192.168.10.29.1701 dst=192.168.10.1.1701 proto = 17,
SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 0,
TunnelEndpt=0.0.0.0 Inbound TunnelEndpt=0.0.0.0,
InitiateEvent=000003A8, IKE SrcPort=500 IKE DstPort=500
4-13: 06:27:14:671:2c8 Filter to match: Src 192.168.10.1
Dst 192.168.10.29
4-13: 06:27:14:671:2c8 MM PolicyName: L2TP Main Mode
Policy
4-13: 06:27:14:671:2c8 MMPolicy dwFlags 8 SoftSAExpireTime
28800
4-13: 06:27:14:671:2c8 MMOffer[0] LifetimeSec 28800 QMLimit
0 DHGroup 268435457
4-13: 06:27:14:671:2c8 MMOffer[0] Encrypt: Triple DES CBC
Hash: SHA
4-13: 06:27:14:671:2c8 MMOffer[1] LifetimeSec 28800 QMLimit
0 DHGroup 2
4-13: 06:27:14:671:2c8 MMOffer[1] Encrypt: Triple DES CBC
Hash: SHA
4-13: 06:27:14:671:2c8 MMOffer[2] LifetimeSec 28800 QMLimit
0 DHGroup 2
4-13: 06:27:14:671:2c8 MMOffer[2] Encrypt: Triple DES CBC
Hash: MD5
4-13: 06:27:14:671:2c8 MMOffer[3] LifetimeSec 28800 QMLimit
0 DHGroup 1
4-13: 06:27:14:671:2c8 MMOffer[3] Encrypt: DES CBC Hash:
SHA
4-13: 06:27:14:671:2c8 MMOffer[4] LifetimeSec 28800 QMLimit
0 DHGroup 1
4-13: 06:27:14:671:2c8 MMOffer[4] Encrypt: DES CBC Hash:
MD5
4-13: 06:27:14:687:2c8 Auth[0]:RSA Sig C=US,
O=stolenbases.com, OU=first, CN=CA AuthFlags 0
4-13: 06:27:14:687:2c8 QM PolicyName: L2TP Optional
Encryption Quick Mode Policy dwFlags 0
4-13: 06:27:14:687:2c8 QMOffer[0] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[0] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:27:14:687:2c8 QMOffer[1] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[1] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: SHA
4-13: 06:27:14:687:2c8 QMOffer[2] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[2] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:14:687:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: 0
4-13: 06:27:14:687:2c8 QMOffer[3] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[3] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:14:687:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: 0
4-13: 06:27:14:687:2c8 QMOffer[4] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[4] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:14:687:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: SHA
4-13: 06:27:14:687:2c8 QMOffer[5] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[5] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:14:687:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:27:14:687:2c8 QMOffer[6] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[6] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: ESP Algo: DES
CBC HMAC: MD5
4-13: 06:27:14:687:2c8 QMOffer[7] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[7] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: ESP Algo: DES
CBC HMAC: SHA
4-13: 06:27:14:687:2c8 QMOffer[8] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[8] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:14:687:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: 0
4-13: 06:27:14:687:2c8 QMOffer[9] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[9] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:14:687:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: 0
4-13: 06:27:14:687:2c8 QMOffer[10] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[10] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:14:687:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: SHA
4-13: 06:27:14:687:2c8 QMOffer[11] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[11] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:14:687:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: MD5
4-13: 06:27:14:687:2c8 QMOffer[12] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[12] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: ESP Algo: NULL
DES HMAC: SHA
4-13: 06:27:14:687:2c8 QMOffer[13] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[13] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: ESP Algo: NULL
DES HMAC: MD5
4-13: 06:27:14:687:2c8 QMOffer[14] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[14] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:14:687:2c8 QMOffer[15] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:14:687:2c8 QMOffer[15] dwFlags 0 dwPFSGroup 0
4-13: 06:27:14:687:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:14:687:2c8 Starting Negotiation: src =
192.168.10.29.0500, dst = 192.168.10.1.0500, proto = 17,
context = 00000000, ProxySrc = 192.168.10.29.1701, ProxyDst
= 192.168.10.1.1701 SrcMask = 0.0.0.0 DstMask = 0.0.0.0
4-13: 06:27:14:687:2c8 constructing ISAKMP Header
4-13: 06:27:14:687:2c8 constructing SA (ISAKMP)
4-13: 06:27:14:687:2c8 Constructing Vendor MS NT5
ISAKMPOAKLEY
4-13: 06:27:14:687:2c8 Constructing Vendor FRAGMENTATION
4-13: 06:27:14:687:2c8 Constructing Vendor
draft-ietf-ipsec-nat-t-ike-02
4-13: 06:27:14:687:2c8 Constructing Vendor
Vid-Initial-Contact
4-13: 06:27:14:687:2c8
4-13: 06:27:14:687:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 2.500
4-13: 06:27:14:703:2c8 ISAKMP Header: (V1.0), len = 312
4-13: 06:27:14:703:2c8 I-COOKIE e7a8d50bc9bfc7d4
4-13: 06:27:14:703:2c8 R-COOKIE 0000000000000000
4-13: 06:27:14:703:2c8 exchange: Oakley Main Mode
4-13: 06:27:14:703:2c8 flags: 0
4-13: 06:27:14:703:2c8 next payload: SA
4-13: 06:27:14:703:2c8 message ID: 00000000
4-13: 06:27:14:703:2c8 Ports S:f401 D:f401
4-13: 06:27:14:703:2c8 Activating InitiateEvent 000003A8
4-13: 06:27:14:703:2c8
4-13: 06:27:14:703:2c8 Receive: (get) SA = 0x000c40d8 from
192.168.10.1.500
4-13: 06:27:14:703:2c8 ISAKMP Header: (V1.0), len = 140
4-13: 06:27:14:703:2c8 I-COOKIE e7a8d50bc9bfc7d4
4-13: 06:27:14:703:2c8 R-COOKIE d5de928afd6f6c97
4-13: 06:27:14:703:2c8 exchange: Oakley Main Mode
4-13: 06:27:14:703:2c8 flags: 0
4-13: 06:27:14:703:2c8 next payload: SA
4-13: 06:27:14:703:2c8 message ID: 00000000
4-13: 06:27:14:703:2c8 processing payload SA
4-13: 06:27:14:703:2c8 Received Phase 1 Transform 1
4-13: 06:27:14:703:2c8 Encryption Alg Triple DES
CBC(5)
4-13: 06:27:14:703:2c8 Hash Alg SHA(2)
4-13: 06:27:14:703:2c8 Oakley Group 14
4-13: 06:27:14:703:2c8 Auth Method RSA Signature with
Certificates(3)
4-13: 06:27:14:703:2c8 Life type in Seconds
4-13: 06:27:14:703:2c8 Life duration of 28800
4-13: 06:27:14:703:2c8 Phase 1 SA accepted: transform=1
4-13: 06:27:14:703:2c8 SA - Oakley proposal accepted
4-13: 06:27:14:703:2c8 processing payload VENDOR ID
4-13: 06:27:14:703:2c8 processing payload VENDOR ID
4-13: 06:27:14:703:2c8 processing payload VENDOR ID
4-13: 06:27:14:703:2c8 Received VendorId
draft-ietf-ipsec-nat-t-ike-02
4-13: 06:27:14:703:2c8 ClearFragList
4-13: 06:27:14:703:2c8 constructing ISAKMP Header
4-13: 06:27:14:921:2c8 constructing KE
4-13: 06:27:14:921:2c8 constructing NONCE (ISAKMP)
4-13: 06:27:14:921:2c8 Constructing NatDisc
4-13: 06:27:14:921:2c8
4-13: 06:27:14:921:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 2.500
4-13: 06:27:14:921:2c8 ISAKMP Header: (V1.0), len = 360
4-13: 06:27:14:921:2c8 I-COOKIE e7a8d50bc9bfc7d4
4-13: 06:27:14:921:2c8 R-COOKIE d5de928afd6f6c97
4-13: 06:27:14:921:2c8 exchange: Oakley Main Mode
4-13: 06:27:14:921:2c8 flags: 0
4-13: 06:27:14:921:2c8 next payload: KE
4-13: 06:27:14:921:2c8 message ID: 00000000
4-13: 06:27:14:921:2c8 Ports S:f401 D:f401
4-13: 06:27:14:937:2c8
4-13: 06:27:14:937:2c8 Receive: (get) SA = 0x000c40d8 from
192.168.10.1.500
4-13: 06:27:14:937:2c8 ISAKMP Header: (V1.0), len = 432
4-13: 06:27:14:937:2c8 I-COOKIE e7a8d50bc9bfc7d4
4-13: 06:27:14:937:2c8 R-COOKIE d5de928afd6f6c97
4-13: 06:27:14:937:2c8 exchange: Oakley Main Mode
4-13: 06:27:14:937:2c8 flags: 0
4-13: 06:27:14:937:2c8 next payload: KE
4-13: 06:27:14:937:2c8 message ID: 00000000
4-13: 06:27:14:937:2c8 processing payload KE
4-13: 06:27:15:0:2c8 processing payload NONCE
4-13: 06:27:15:0:2c8 processing payload CRP
4-13: 06:27:15:0:2c8 C=US, O=stolenbases.com, OU=first,
CN=CA
4-13: 06:27:15:0:2c8 processing payload NATDISC
4-13: 06:27:15:0:2c8 Processing NatHash
4-13: 06:27:15:0:2c8 Nat hash
f2caf060a27c73d4ec4a681cdf3a45fd
4-13: 06:27:15:0:2c8 4e3b9e0b
4-13: 06:27:15:0:2c8 SA StateMask2 e
4-13: 06:27:15:0:2c8 processing payload NATDISC
4-13: 06:27:15:0:2c8 Processing NatHash
4-13: 06:27:15:0:2c8 Nat hash
df9556ceb67802117866c1ae1197927e
4-13: 06:27:15:0:2c8 71e1ff57
4-13: 06:27:15:0:2c8 SA StateMask2 8e
4-13: 06:27:15:0:2c8 ClearFragList
4-13: 06:27:15:0:2c8 constructing ISAKMP Header
4-13: 06:27:15:0:2c8 constructing ID
4-13: 06:27:15:0:2c8 Looking for IPSec only cert
4-13: 06:27:15:15:2c8 failed to get chain 80092004
4-13: 06:27:15:15:2c8 Looking for any cert
4-13: 06:27:15:46:2c8 Cert Trustes. 0 100
4-13: 06:27:15:46:2c8 Cert SHA Thumbprint
ac2ea25612aae75cf375b19cba6a1f13
4-13: 06:27:15:46:2c8 8bc9b17e
4-13: 06:27:15:78:2c8 Cert SHA Thumbprint
ac2ea25612aae75cf375b19cba6a1f13
4-13: 06:27:15:78:2c8 8bc9b17e
4-13: 06:27:15:78:2c8 SubjectName: C=US, O=stolenbases.com,
OU=first, CN=ctm, E=ctmstolenbases.com
4-13: 06:27:15:78:2c8 Cert Serialnumber 08
4-13: 06:27:15:78:2c8 Cert SHA Thumbprint
ac2ea25612aae75cf375b19cba6a1f13
4-13: 06:27:15:78:2c8 8bc9b17e
4-13: 06:27:15:78:2c8 SubjectName: C=US, O=stolenbases.com,
OU=first, CN=CA
4-13: 06:27:15:78:2c8 Cert Serialnumber 00
4-13: 06:27:15:78:2c8 Cert SHA Thumbprint
69e984d1579a6ee30845a24d392805c4
4-13: 06:27:15:78:2c8 dd7fbf95
4-13: 06:27:15:78:2c8 Not storing My cert chain in SA.
4-13: 06:27:15:78:2c8 MM ID Type 9
4-13: 06:27:15:78:2c8 MM ID
3069310b300906035504061302555331
4-13: 06:27:15:78:2c8 183016060355040a0c0f73746f6c656e
4-13: 06:27:15:78:2c8 62617365732e636f6d310e300c060355
4-13: 06:27:15:78:2c8 040b0c056669727374310c300a060355
4-13: 06:27:15:78:2c8 04030c0363746d3122302006092a8648
4-13: 06:27:15:78:2c8 86f70d010901161363746d4073746f6c
4-13: 06:27:15:78:2c8 656e62617365732e636f6d
4-13: 06:27:15:78:2c8 constructing CERT
4-13: 06:27:15:78:2c8 Construct SIG
4-13: 06:27:15:78:2c8 Constructing Cert Request
4-13: 06:27:15:78:2c8 C=US, O=stolenbases.com, OU=first,
CN=CA
4-13: 06:27:15:78:2c8
4-13: 06:27:15:78:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 2.500
4-13: 06:27:15:78:2c8 ISAKMP Header: (V1.0), len = 1180
4-13: 06:27:15:78:2c8 I-COOKIE e7a8d50bc9bfc7d4
4-13: 06:27:15:78:2c8 R-COOKIE d5de928afd6f6c97
4-13: 06:27:15:78:2c8 exchange: Oakley Main Mode
4-13: 06:27:15:78:2c8 flags: 1 ( encrypted )
4-13: 06:27:15:78:2c8 next payload: ID
4-13: 06:27:15:78:2c8 message ID: 00000000
4-13: 06:27:15:78:2c8 Ports S:f401 D:f401
4-13: 06:27:15:109:2c8
4-13: 06:27:15:109:2c8 Receive: (get) SA = 0x000c40d8 from
192.168.10.1.500
4-13: 06:27:15:109:2c8 ISAKMP Header: (V1.0), len = 1116
4-13: 06:27:15:109:2c8 I-COOKIE e7a8d50bc9bfc7d4
4-13: 06:27:15:109:2c8 R-COOKIE d5de928afd6f6c97
4-13: 06:27:15:109:2c8 exchange: Oakley Main Mode
4-13: 06:27:15:109:2c8 flags: 1 ( encrypted )
4-13: 06:27:15:109:2c8 next payload: ID
4-13: 06:27:15:109:2c8 message ID: 00000000
4-13: 06:27:15:109:2c8 processing payload ID
4-13: 06:27:15:109:2c8 processing payload CERT
4-13: 06:27:15:109:2c8 processing payload SIG
4-13: 06:27:15:109:2c8 Verifying CertStore
4-13: 06:27:15:109:2c8 SubjectName: C=US,
O=stolenbases.com, OU=first, OU=CA, CN=vpn.stolenbases.com
4-13: 06:27:15:109:2c8 Cert Serialnumber 24
4-13: 06:27:15:109:2c8 Cert SHA Thumbprint
27e94f6d273c9f63e51ad7d57e9f4744
4-13: 06:27:15:109:2c8 c4ab4079
4-13: 06:27:15:109:2c8 Cert Trustes. 0 100
4-13: 06:27:15:109:2c8 SubjectName: C=US,
O=stolenbases.com, OU=first, OU=CA, CN=vpn.stolenbases.com
4-13: 06:27:15:109:2c8 Cert Serialnumber 24
4-13: 06:27:15:109:2c8 Cert SHA Thumbprint
27e94f6d273c9f63e51ad7d57e9f4744
4-13: 06:27:15:109:2c8 c4ab4079
4-13: 06:27:15:109:2c8 SubjectName: C=US,
O=stolenbases.com, OU=first, CN=CA
4-13: 06:27:15:109:2c8 Cert Serialnumber 00
4-13: 06:27:15:109:2c8 Cert SHA Thumbprint
69e984d1579a6ee30845a24d392805c4
4-13: 06:27:15:109:2c8 dd7fbf95
4-13: 06:27:15:109:2c8 Not storing Peer's cert chain in
SA.
4-13: 06:27:15:109:2c8 Cert SHA Thumbprint
27e94f6d273c9f63e51ad7d57e9f4744
4-13: 06:27:15:109:2c8 c4ab4079
4-13: 06:27:15:109:2c8 Signature validated
4-13: 06:27:15:109:2c8 ClearFragList
4-13: 06:27:15:109:2c8 MM established. SA: 000C40D8
4-13: 06:27:15:109:2c8 QM PolicyName: L2TP Optional
Encryption Quick Mode Policy dwFlags 0
4-13: 06:27:15:109:2c8 QMOffer[0] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[0] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:27:15:109:2c8 QMOffer[1] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[1] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: SHA
4-13: 06:27:15:109:2c8 QMOffer[2] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[2] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:15:109:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: 0
4-13: 06:27:15:109:2c8 QMOffer[3] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[3] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:15:109:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: 0
4-13: 06:27:15:109:2c8 QMOffer[4] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[4] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:15:109:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: SHA
4-13: 06:27:15:109:2c8 QMOffer[5] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[5] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:15:109:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:27:15:109:2c8 QMOffer[6] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[6] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: ESP Algo: DES
CBC HMAC: MD5
4-13: 06:27:15:109:2c8 QMOffer[7] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[7] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: ESP Algo: DES
CBC HMAC: SHA
4-13: 06:27:15:109:2c8 QMOffer[8] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[8] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:15:109:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: 0
4-13: 06:27:15:109:2c8 QMOffer[9] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[9] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:15:109:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: 0
4-13: 06:27:15:109:2c8 QMOffer[10] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[10] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:15:109:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: SHA
4-13: 06:27:15:109:2c8 QMOffer[11] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[11] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:15:109:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: MD5
4-13: 06:27:15:109:2c8 QMOffer[12] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[12] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: ESP Algo: NULL
DES HMAC: SHA
4-13: 06:27:15:109:2c8 QMOffer[13] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[13] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: ESP Algo: NULL
DES HMAC: MD5
4-13: 06:27:15:109:2c8 QMOffer[14] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[14] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:27:15:109:2c8 QMOffer[15] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:27:15:109:2c8 QMOffer[15] dwFlags 0 dwPFSGroup 0
4-13: 06:27:15:109:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:27:15:109:2c8 GetSpi: src = 192.168.10.1.1701, dst
= 192.168.10.29.1701, proto = 17, context = 00000000,
srcMask = 255.255.255.255, destMask = 255.255.255.255,
TunnelFilter 0
4-13: 06:27:15:109:2c8 Setting SPI 1285439835
4-13: 06:27:15:109:2c8 constructing ISAKMP Header
4-13: 06:27:15:109:2c8 constructing HASH (null)
4-13: 06:27:15:109:2c8 constructing SA (IPSEC)
4-13: 06:27:15:109:2c8 constructing NONCE (IPSEC)
4-13: 06:27:15:109:2c8 constructing ID (proxy)
4-13: 06:27:15:109:2c8 constructing ID (proxy)
4-13: 06:27:15:109:2c8 constructing HASH (QM)
4-13: 06:27:15:109:2c8
4-13: 06:27:15:109:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 2.500
4-13: 06:27:15:109:2c8 ISAKMP Header: (V1.0), len = 1300
4-13: 06:27:15:109:2c8 I-COOKIE e7a8d50bc9bfc7d4
4-13: 06:27:15:109:2c8 R-COOKIE d5de928afd6f6c97
4-13: 06:27:15:109:2c8 exchange: Oakley Quick Mode
4-13: 06:27:15:109:2c8 flags: 1 ( encrypted )
4-13: 06:27:15:109:2c8 next payload: HASH
4-13: 06:27:15:109:2c8 message ID: 0038a11e
4-13: 06:27:15:109:2c8 Ports S:f401 D:f401
4-13: 06:27:15:125:2c8
4-13: 06:27:15:125:2c8 Receive: (get) SA = 0x000c40d8 from
192.168.10.1.500
4-13: 06:27:15:125:2c8 ISAKMP Header: (V1.0), len = 164
4-13: 06:27:15:125:2c8 I-COOKIE e7a8d50bc9bfc7d4
4-13: 06:27:15:125:2c8 R-COOKIE d5de928afd6f6c97
4-13: 06:27:15:125:2c8 exchange: Oakley Quick Mode
4-13: 06:27:15:125:2c8 flags: 1 ( encrypted )
4-13: 06:27:15:125:2c8 next payload: HASH
4-13: 06:27:15:125:2c8 message ID: 0038a11e
4-13: 06:27:15:125:2c8 processing HASH (QM)
4-13: 06:27:15:125:2c8 ClearFragList
4-13: 06:27:15:125:2c8 processing payload NONCE
4-13: 06:27:15:125:2c8 processing payload ID
4-13: 06:27:15:125:2c8 processing payload ID
4-13: 06:27:15:125:2c8 processing payload SA
4-13: 06:27:15:125:2c8 Negotiated Proxy ID: Src
192.168.10.29.1701 Dst 192.168.10.1.1701
4-13: 06:27:15:125:2c8 Checking Proposal 1: Proto= ESP(3),
num trans=1 Next=0
4-13: 06:27:15:125:2c8 Checking Transform # 1: ID=Triple
DES CBC(3)
4-13: 06:27:15:125:2c8 SA life type in seconds
4-13: 06:27:15:125:2c8 SA life duration 00000e10
4-13: 06:27:15:125:2c8 SA life type in kilobytes
4-13: 06:27:15:125:2c8 SA life duration 0003d090
4-13: 06:27:15:125:2c8 tunnel mode is Transport Mode(2)
4-13: 06:27:15:125:2c8 HMAC algorithm is MD5(1)
4-13: 06:27:15:125:2c8 Phase 2 SA accepted: proposal=1
transform=1
4-13: 06:27:15:125:2c8 constructing ISAKMP Header
4-13: 06:27:15:125:2c8 constructing HASH (QM)
4-13: 06:27:15:125:2c8 Adding QMs: src =
192.168.10.29.1701, dst = 192.168.10.1.1701, proto = 17,
context = 00000006, my tunnel = 0.0.0.0, peer tunnel =
0.0.0.0, SrcMask = 0.0.0.0, DestMask = 0.0.0.0 Lifetime =
3600 LifetimeKBytes 250000 dwFlags 200 Direction 2 EncapType
1
4-13: 06:27:15:125:2c8 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:27:15:125:2c8 Algo[0] MySpi: 1285439835 PeerSpi:
653533064
4-13: 06:27:15:125:2c8 Encap Ports Src 500 Dst 500
4-13: 06:27:15:125:2c8 Skipping Outbound SA add
4-13: 06:27:15:125:2c8 Adding QMs: src =
192.168.10.29.1701, dst = 192.168.10.1.1701, proto = 17,
context = 00000006, my tunnel = 0.0.0.0, peer tunnel =
0.0.0.0, SrcMask = 0.0.0.0, DestMask = 0.0.0.0 Lifetime =
3600 LifetimeKBytes 250000 dwFlags 200 Direction 3 EncapType
1
4-13: 06:27:15:125:2c8 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:27:15:125:2c8 Algo[0] MySpi: 1285439835 PeerSpi:
653533064
4-13: 06:27:15:125:2c8 Encap Ports Src 500 Dst 500
4-13: 06:27:15:125:2c8 Skipping Inbound SA add
4-13: 06:27:15:125:2c8 isadb_set_status sa:000C40D8
centry:0015B610 status 0
4-13: 06:27:15:125:2c8 isadb_set_status InitiateEvent
000003A8: Setting Status 0
4-13: 06:27:15:125:2c8 Clearing centry 0015B610
InitiateEvent 000003A8
4-13: 06:27:15:125:2c8
4-13: 06:27:15:125:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 4.500
4-13: 06:27:15:125:2c8 ISAKMP Header: (V1.0), len = 52
4-13: 06:27:15:125:2c8 I-COOKIE e7a8d50bc9bfc7d4
4-13: 06:27:15:125:2c8 R-COOKIE d5de928afd6f6c97
4-13: 06:27:15:125:2c8 exchange: Oakley Quick Mode
4-13: 06:27:15:125:2c8 flags: 1 ( encrypted )
4-13: 06:27:15:125:2c8 next payload: HASH
4-13: 06:27:15:125:2c8 message ID: 0038a11e
4-13: 06:27:15:125:3b4 CloseNegHandle 000003A8
4-13: 06:27:15:125:2c8 Ports S:f401 D:f401
4-13: 06:27:15:125:3b4 SE cookie e7a8d50bc9bfc7d4
4-13: 06:27:28:812:2c8 QM Deleted. Notify from driver: Src
192.168.10.29 Dest 192.168.10.1 InSPI 1285439835 OutSpi
653533064 Tunnel 0 TunnelFilter 0
4-13: 06:27:28:812:2c8 constructing ISAKMP Header
4-13: 06:27:28:812:2c8 constructing HASH (null)
4-13: 06:27:28:812:2c8 Construct QM Delete Spi 1285439835
4-13: 06:27:28:812:2c8 constructing HASH (Notify/Delete)
4-13: 06:27:28:812:2c8 Not setting retransmit to downlevel
client. SA 000C40D8 Centry 00000000
4-13: 06:27:28:812:2c8
4-13: 06:27:28:812:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 1.500
4-13: 06:27:28:812:2c8 ISAKMP Header: (V1.0), len = 68
4-13: 06:27:28:812:2c8 I-COOKIE e7a8d50bc9bfc7d4
4-13: 06:27:28:812:2c8 R-COOKIE d5de928afd6f6c97
4-13: 06:27:28:812:2c8 exchange: ISAKMP Informational
Exchange
4-13: 06:27:28:812:2c8 flags: 1 ( encrypted )
4-13: 06:27:28:812:2c8 next payload: HASH
4-13: 06:27:28:812:2c8 message ID: 1e847e57
4-13: 06:27:28:812:2c8 Ports S:f401 D:f401
4-13: 06:27:28:812:2c8 PrivatePeerAddr 0
4-13: 06:27:28:812:3b4 isadb_schedule_kill_oldPolicy_sas:
45ca72bc-9801-454d-85cceff100c824ae 4
4-13: 06:27:28:812:308 isadb_schedule_kill_oldPolicy_sas:
81f66373-d16d-4208-a6371974f2597c4b 3
4-13: 06:27:28:812:568 isadb_schedule_kill_oldPolicy_sas:
28477466-b1d0-46a4-ac53921178746945 2
4-13: 06:27:28:812:2c8 entered kill_old_policy_sas 4
4-13: 06:27:28:812:2c8 SA Dead. sa:000C40D8 status:3619
4-13: 06:27:28:812:2c8 isadb_set_status sa:000C40D8
centry:00000000 status 3619
4-13: 06:27:28:812:2c8 constructing ISAKMP Header
4-13: 06:27:28:812:2c8 constructing HASH (null)
4-13: 06:27:28:812:2c8 constructing DELETE. MM 000C40D8
4-13: 06:27:28:812:2c8 constructing HASH (Notify/Delete)
4-13: 06:27:28:812:2c8 Not setting retransmit to downlevel
client. SA 000C40D8 Centry 00000000
4-13: 06:27:28:812:2c8
4-13: 06:27:28:812:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 1.500
4-13: 06:27:28:812:2c8 ISAKMP Header: (V1.0), len = 84
4-13: 06:27:28:812:2c8 I-COOKIE e7a8d50bc9bfc7d4
4-13: 06:27:28:812:2c8 R-COOKIE d5de928afd6f6c97
4-13: 06:27:28:812:2c8 exchange: ISAKMP Informational
Exchange
4-13: 06:27:28:812:2c8 flags: 1 ( encrypted )
4-13: 06:27:28:812:2c8 next payload: HASH
4-13: 06:27:28:812:2c8 message ID: 588772c9
4-13: 06:27:28:812:2c8 Ports S:f401 D:f401
4-13: 06:27:28:812:2c8
4-13: 06:27:28:812:2c8 Receive: (get) SA = 0x000c40d8 from
192.168.10.1.500
4-13: 06:27:28:812:2c8 ISAKMP Header: (V1.0), len = 68
4-13: 06:27:28:812:2c8 I-COOKIE e7a8d50bc9bfc7d4
4-13: 06:27:28:812:2c8 R-COOKIE d5de928afd6f6c97
4-13: 06:27:28:812:2c8 exchange: ISAKMP Informational
Exchange
4-13: 06:27:28:812:2c8 flags: 1 ( encrypted )
4-13: 06:27:28:812:2c8 next payload: HASH
4-13: 06:27:28:812:2c8 message ID: 96730580
4-13: 06:27:28:812:2c8 processing HASH (Notify/Delete)
4-13: 06:27:28:812:2c8 processing payload DELETE
4-13: 06:27:28:812:2c8 Asked to delete phase2 SPI we don't
own: 653533064 proto=3
4-13: 06:27:28:812:3b4 isadb_schedule_kill_oldPolicy_sas:
75f31f9b-9170-4016-b2aad733915a2c01 1
4-13: 06:27:28:812:2c8 entered kill_old_policy_sas 2
4-13: 06:27:28:812:168 entered kill_old_policy_sas 3
4-13: 06:27:28:812:2c8 entered kill_old_policy_sas 1
4-13: 06:27:28:859:2c8
4-13: 06:27:28:859:2c8 Receive: (get) SA = 0x000c40d8 from
192.168.10.1.500
4-13: 06:27:28:859:2c8 ISAKMP Header: (V1.0), len = 84
4-13: 06:27:28:859:2c8 I-COOKIE e7a8d50bc9bfc7d4
4-13: 06:27:28:859:2c8 R-COOKIE d5de928afd6f6c97
4-13: 06:27:28:859:2c8 exchange: ISAKMP Informational
Exchange
4-13: 06:27:28:859:2c8 flags: 1 ( encrypted )
4-13: 06:27:28:859:2c8 next payload: HASH
4-13: 06:27:28:859:2c8 message ID: b8f044cc
4-13: 06:27:28:859:2c8 processing HASH (Notify/Delete)
4-13: 06:27:28:859:2c8 processing payload DELETE
4-13: 06:28:04:984:2c8 ClearFragList
4-13: 06:30:44:406:568 QM PolicyName: L2TP Optional
Encryption Quick Mode Policy dwFlags 0
4-13: 06:30:44:406:568 QMOffer[0] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[0] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:30:44:406:568 QMOffer[1] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[1] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: SHA
4-13: 06:30:44:406:568 QMOffer[2] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[2] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:406:568 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: 0
4-13: 06:30:44:406:568 QMOffer[3] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[3] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:406:568 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: 0
4-13: 06:30:44:406:568 QMOffer[4] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[4] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:406:568 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: SHA
4-13: 06:30:44:406:568 QMOffer[5] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[5] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:406:568 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:30:44:406:568 QMOffer[6] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[6] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: ESP Algo: DES
CBC HMAC: MD5
4-13: 06:30:44:406:568 QMOffer[7] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[7] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: ESP Algo: DES
CBC HMAC: SHA
4-13: 06:30:44:406:568 QMOffer[8] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[8] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:406:568 Algo[1] Operation: ESP Algo: DES
CBC HMAC: 0
4-13: 06:30:44:406:568 QMOffer[9] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[9] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:406:568 Algo[1] Operation: ESP Algo: DES
CBC HMAC: 0
4-13: 06:30:44:406:568 QMOffer[10] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[10] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:406:568 Algo[1] Operation: ESP Algo: DES
CBC HMAC: SHA
4-13: 06:30:44:406:568 QMOffer[11] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[11] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:406:568 Algo[1] Operation: ESP Algo: DES
CBC HMAC: MD5
4-13: 06:30:44:406:568 QMOffer[12] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[12] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: ESP Algo: NULL
DES HMAC: SHA
4-13: 06:30:44:406:568 QMOffer[13] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[13] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: ESP Algo: NULL
DES HMAC: MD5
4-13: 06:30:44:406:568 QMOffer[14] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[14] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:406:568 QMOffer[15] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:568 QMOffer[15] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:568 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:406:568 Internal Acquire: op=00000001
src=192.168.10.29.1701 dst=192.168.10.1.1701 proto = 17,
SrcMask=255.255.255.255, DstMask=255.255.255.255, Tunnel 0,
TunnelEndpt=0.0.0.0 Inbound TunnelEndpt=0.0.0.0,
InitiateEvent=00000490, IKE SrcPort=500 IKE DstPort=500
4-13: 06:30:44:406:2c8 Filter to match: Src 192.168.10.1
Dst 192.168.10.29
4-13: 06:30:44:406:2c8 MM PolicyName: L2TP Main Mode
Policy
4-13: 06:30:44:406:2c8 MMPolicy dwFlags 8 SoftSAExpireTime
28800
4-13: 06:30:44:406:2c8 MMOffer[0] LifetimeSec 28800 QMLimit
0 DHGroup 268435457
4-13: 06:30:44:406:2c8 MMOffer[0] Encrypt: Triple DES CBC
Hash: SHA
4-13: 06:30:44:406:2c8 MMOffer[1] LifetimeSec 28800 QMLimit
0 DHGroup 2
4-13: 06:30:44:406:2c8 MMOffer[1] Encrypt: Triple DES CBC
Hash: SHA
4-13: 06:30:44:406:2c8 MMOffer[2] LifetimeSec 28800 QMLimit
0 DHGroup 2
4-13: 06:30:44:406:2c8 MMOffer[2] Encrypt: Triple DES CBC
Hash: MD5
4-13: 06:30:44:406:2c8 MMOffer[3] LifetimeSec 28800 QMLimit
0 DHGroup 1
4-13: 06:30:44:406:2c8 MMOffer[3] Encrypt: DES CBC Hash:
SHA
4-13: 06:30:44:406:2c8 MMOffer[4] LifetimeSec 28800 QMLimit
0 DHGroup 1
4-13: 06:30:44:406:2c8 MMOffer[4] Encrypt: DES CBC Hash:
MD5
4-13: 06:30:44:406:2c8 Auth[0]:RSA Sig C=US,
O=stolenbases.com, OU=first, CN=CA AuthFlags 0
4-13: 06:30:44:406:2c8 QM PolicyName: L2TP Optional
Encryption Quick Mode Policy dwFlags 0
4-13: 06:30:44:406:2c8 QMOffer[0] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[0] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:30:44:406:2c8 QMOffer[1] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[1] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: SHA
4-13: 06:30:44:406:2c8 QMOffer[2] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[2] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:406:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: 0
4-13: 06:30:44:406:2c8 QMOffer[3] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[3] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:406:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: 0
4-13: 06:30:44:406:2c8 QMOffer[4] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[4] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:406:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: SHA
4-13: 06:30:44:406:2c8 QMOffer[5] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[5] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:406:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:30:44:406:2c8 QMOffer[6] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[6] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: ESP Algo: DES
CBC HMAC: MD5
4-13: 06:30:44:406:2c8 QMOffer[7] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[7] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: ESP Algo: DES
CBC HMAC: SHA
4-13: 06:30:44:406:2c8 QMOffer[8] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[8] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:406:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: 0
4-13: 06:30:44:406:2c8 QMOffer[9] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[9] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:406:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: 0
4-13: 06:30:44:406:2c8 QMOffer[10] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[10] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:406:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: SHA
4-13: 06:30:44:406:2c8 QMOffer[11] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[11] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:406:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: MD5
4-13: 06:30:44:406:2c8 QMOffer[12] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[12] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: ESP Algo: NULL
DES HMAC: SHA
4-13: 06:30:44:406:2c8 QMOffer[13] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[13] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: ESP Algo: NULL
DES HMAC: MD5
4-13: 06:30:44:406:2c8 QMOffer[14] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[14] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:406:2c8 QMOffer[15] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:406:2c8 QMOffer[15] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:406:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:406:2c8 Starting Negotiation: src =
192.168.10.29.0500, dst = 192.168.10.1.0500, proto = 17,
context = 00000000, ProxySrc = 192.168.10.29.1701, ProxyDst
= 192.168.10.1.1701 SrcMask = 0.0.0.0 DstMask = 0.0.0.0
4-13: 06:30:44:406:2c8 constructing ISAKMP Header
4-13: 06:30:44:406:2c8 constructing SA (ISAKMP)
4-13: 06:30:44:406:2c8 Constructing Vendor MS NT5
ISAKMPOAKLEY
4-13: 06:30:44:406:2c8 Constructing Vendor FRAGMENTATION
4-13: 06:30:44:406:2c8 Constructing Vendor
draft-ietf-ipsec-nat-t-ike-02
4-13: 06:30:44:406:2c8 Constructing Vendor
Vid-Initial-Contact
4-13: 06:30:44:406:2c8
4-13: 06:30:44:406:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 2.500
4-13: 06:30:44:406:2c8 ISAKMP Header: (V1.0), len = 312
4-13: 06:30:44:406:2c8 I-COOKIE e75fbae8e07e53de
4-13: 06:30:44:406:2c8 R-COOKIE 0000000000000000
4-13: 06:30:44:406:2c8 exchange: Oakley Main Mode
4-13: 06:30:44:406:2c8 flags: 0
4-13: 06:30:44:406:2c8 next payload: SA
4-13: 06:30:44:406:2c8 message ID: 00000000
4-13: 06:30:44:406:2c8 Ports S:f401 D:f401
4-13: 06:30:44:406:2c8 Activating InitiateEvent 00000490
4-13: 06:30:44:437:2c8
4-13: 06:30:44:437:2c8 Receive: (get) SA = 0x000c40d8 from
192.168.10.1.500
4-13: 06:30:44:437:2c8 ISAKMP Header: (V1.0), len = 140
4-13: 06:30:44:437:2c8 I-COOKIE e75fbae8e07e53de
4-13: 06:30:44:437:2c8 R-COOKIE a114306f56547b3f
4-13: 06:30:44:437:2c8 exchange: Oakley Main Mode
4-13: 06:30:44:437:2c8 flags: 0
4-13: 06:30:44:437:2c8 next payload: SA
4-13: 06:30:44:437:2c8 message ID: 00000000
4-13: 06:30:44:437:2c8 processing payload SA
4-13: 06:30:44:437:2c8 Received Phase 1 Transform 1
4-13: 06:30:44:437:2c8 Encryption Alg Triple DES
CBC(5)
4-13: 06:30:44:437:2c8 Hash Alg SHA(2)
4-13: 06:30:44:437:2c8 Oakley Group 14
4-13: 06:30:44:437:2c8 Auth Method RSA Signature with
Certificates(3)
4-13: 06:30:44:437:2c8 Life type in Seconds
4-13: 06:30:44:437:2c8 Life duration of 28800
4-13: 06:30:44:437:2c8 Phase 1 SA accepted: transform=1
4-13: 06:30:44:437:2c8 SA - Oakley proposal accepted
4-13: 06:30:44:437:2c8 processing payload VENDOR ID
4-13: 06:30:44:437:2c8 processing payload VENDOR ID
4-13: 06:30:44:437:2c8 processing payload VENDOR ID
4-13: 06:30:44:437:2c8 Received VendorId
draft-ietf-ipsec-nat-t-ike-02
4-13: 06:30:44:437:2c8 ClearFragList
4-13: 06:30:44:437:2c8 constructing ISAKMP Header
4-13: 06:30:44:640:2c8 constructing KE
4-13: 06:30:44:640:2c8 constructing NONCE (ISAKMP)
4-13: 06:30:44:640:2c8 Constructing NatDisc
4-13: 06:30:44:640:2c8
4-13: 06:30:44:640:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 2.500
4-13: 06:30:44:640:2c8 ISAKMP Header: (V1.0), len = 360
4-13: 06:30:44:640:2c8 I-COOKIE e75fbae8e07e53de
4-13: 06:30:44:640:2c8 R-COOKIE a114306f56547b3f
4-13: 06:30:44:640:2c8 exchange: Oakley Main Mode
4-13: 06:30:44:640:2c8 flags: 0
4-13: 06:30:44:640:2c8 next payload: KE
4-13: 06:30:44:640:2c8 message ID: 00000000
4-13: 06:30:44:640:2c8 Ports S:f401 D:f401
4-13: 06:30:44:656:2c8
4-13: 06:30:44:656:2c8 Receive: (get) SA = 0x000c40d8 from
192.168.10.1.500
4-13: 06:30:44:656:2c8 ISAKMP Header: (V1.0), len = 432
4-13: 06:30:44:656:2c8 I-COOKIE e75fbae8e07e53de
4-13: 06:30:44:656:2c8 R-COOKIE a114306f56547b3f
4-13: 06:30:44:656:2c8 exchange: Oakley Main Mode
4-13: 06:30:44:656:2c8 flags: 0
4-13: 06:30:44:656:2c8 next payload: KE
4-13: 06:30:44:656:2c8 message ID: 00000000
4-13: 06:30:44:656:2c8 processing payload KE
4-13: 06:30:44:734:2c8 processing payload NONCE
4-13: 06:30:44:734:2c8 processing payload CRP
4-13: 06:30:44:734:2c8 C=US, O=stolenbases.com, OU=first,
CN=CA
4-13: 06:30:44:734:2c8 processing payload NATDISC
4-13: 06:30:44:734:2c8 Processing NatHash
4-13: 06:30:44:734:2c8 Nat hash
85f0d6cd376630ff3f8f904fd7f4b305
4-13: 06:30:44:734:2c8 e5921f2d
4-13: 06:30:44:734:2c8 SA StateMask2 e
4-13: 06:30:44:734:2c8 processing payload NATDISC
4-13: 06:30:44:734:2c8 Processing NatHash
4-13: 06:30:44:734:2c8 Nat hash
400bac5fbdf4a9f1c03dd29899bac155
4-13: 06:30:44:734:2c8 992a6f69
4-13: 06:30:44:734:2c8 SA StateMask2 8e
4-13: 06:30:44:734:2c8 ClearFragList
4-13: 06:30:44:734:2c8 constructing ISAKMP Header
4-13: 06:30:44:734:2c8 constructing ID
4-13: 06:30:44:734:2c8 Looking for IPSec only cert
4-13: 06:30:44:734:2c8 failed to get chain 80092004
4-13: 06:30:44:734:2c8 Looking for any cert
4-13: 06:30:44:734:2c8 Cert Trustes. 0 100
4-13: 06:30:44:734:2c8 Cert SHA Thumbprint
ac2ea25612aae75cf375b19cba6a1f13
4-13: 06:30:44:734:2c8 8bc9b17e
4-13: 06:30:44:734:2c8 Cert SHA Thumbprint
ac2ea25612aae75cf375b19cba6a1f13
4-13: 06:30:44:734:2c8 8bc9b17e
4-13: 06:30:44:734:2c8 SubjectName: C=US,
O=stolenbases.com, OU=first, CN=ctm, E=ctmstolenbases.com
4-13: 06:30:44:734:2c8 Cert Serialnumber 08
4-13: 06:30:44:734:2c8 Cert SHA Thumbprint
ac2ea25612aae75cf375b19cba6a1f13
4-13: 06:30:44:734:2c8 8bc9b17e
4-13: 06:30:44:734:2c8 SubjectName: C=US,
O=stolenbases.com, OU=first, CN=CA
4-13: 06:30:44:734:2c8 Cert Serialnumber 00
4-13: 06:30:44:734:2c8 Cert SHA Thumbprint
69e984d1579a6ee30845a24d392805c4
4-13: 06:30:44:734:2c8 dd7fbf95
4-13: 06:30:44:734:2c8 Not storing My cert chain in SA.
4-13: 06:30:44:734:2c8 MM ID Type 9
4-13: 06:30:44:734:2c8 MM ID
3069310b300906035504061302555331
4-13: 06:30:44:734:2c8 183016060355040a0c0f73746f6c656e
4-13: 06:30:44:734:2c8 62617365732e636f6d310e300c060355
4-13: 06:30:44:734:2c8 040b0c056669727374310c300a060355
4-13: 06:30:44:734:2c8 04030c0363746d3122302006092a8648
4-13: 06:30:44:734:2c8 86f70d010901161363746d4073746f6c
4-13: 06:30:44:734:2c8 656e62617365732e636f6d
4-13: 06:30:44:734:2c8 constructing CERT
4-13: 06:30:44:734:2c8 Construct SIG
4-13: 06:30:44:734:2c8 Constructing Cert Request
4-13: 06:30:44:734:2c8 C=US, O=stolenbases.com, OU=first,
CN=CA
4-13: 06:30:44:734:2c8
4-13: 06:30:44:734:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 2.500
4-13: 06:30:44:734:2c8 ISAKMP Header: (V1.0), len = 1180
4-13: 06:30:44:734:2c8 I-COOKIE e75fbae8e07e53de
4-13: 06:30:44:734:2c8 R-COOKIE a114306f56547b3f
4-13: 06:30:44:734:2c8 exchange: Oakley Main Mode
4-13: 06:30:44:734:2c8 flags: 1 ( encrypted )
4-13: 06:30:44:734:2c8 next payload: ID
4-13: 06:30:44:734:2c8 message ID: 00000000
4-13: 06:30:44:734:2c8 Ports S:f401 D:f401
4-13: 06:30:44:765:2c8
4-13: 06:30:44:765:2c8 Receive: (get) SA = 0x000c40d8 from
192.168.10.1.500
4-13: 06:30:44:765:2c8 ISAKMP Header: (V1.0), len = 1116
4-13: 06:30:44:765:2c8 I-COOKIE e75fbae8e07e53de
4-13: 06:30:44:765:2c8 R-COOKIE a114306f56547b3f
4-13: 06:30:44:765:2c8 exchange: Oakley Main Mode
4-13: 06:30:44:765:2c8 flags: 1 ( encrypted )
4-13: 06:30:44:765:2c8 next payload: ID
4-13: 06:30:44:765:2c8 message ID: 00000000
4-13: 06:30:44:765:2c8 processing payload ID
4-13: 06:30:44:765:2c8 processing payload CERT
4-13: 06:30:44:765:2c8 processing payload SIG
4-13: 06:30:44:765:2c8 Verifying CertStore
4-13: 06:30:44:765:2c8 SubjectName: C=US,
O=stolenbases.com, OU=first, OU=CA, CN=vpn.stolenbases.com
4-13: 06:30:44:765:2c8 Cert Serialnumber 24
4-13: 06:30:44:765:2c8 Cert SHA Thumbprint
27e94f6d273c9f63e51ad7d57e9f4744
4-13: 06:30:44:765:2c8 c4ab4079
4-13: 06:30:44:765:2c8 Cert Trustes. 0 100
4-13: 06:30:44:765:2c8 SubjectName: C=US,
O=stolenbases.com, OU=first, OU=CA, CN=vpn.stolenbases.com
4-13: 06:30:44:765:2c8 Cert Serialnumber 24
4-13: 06:30:44:765:2c8 Cert SHA Thumbprint
27e94f6d273c9f63e51ad7d57e9f4744
4-13: 06:30:44:765:2c8 c4ab4079
4-13: 06:30:44:765:2c8 SubjectName: C=US,
O=stolenbases.com, OU=first, CN=CA
4-13: 06:30:44:765:2c8 Cert Serialnumber 00
4-13: 06:30:44:765:2c8 Cert SHA Thumbprint
69e984d1579a6ee30845a24d392805c4
4-13: 06:30:44:765:2c8 dd7fbf95
4-13: 06:30:44:765:2c8 Not storing Peer's cert chain in
SA.
4-13: 06:30:44:765:2c8 Cert SHA Thumbprint
27e94f6d273c9f63e51ad7d57e9f4744
4-13: 06:30:44:765:2c8 c4ab4079
4-13: 06:30:44:765:2c8 Signature validated
4-13: 06:30:44:765:2c8 ClearFragList
4-13: 06:30:44:765:2c8 MM established. SA: 000C40D8
4-13: 06:30:44:765:2c8 QM PolicyName: L2TP Optional
Encryption Quick Mode Policy dwFlags 0
4-13: 06:30:44:765:2c8 QMOffer[0] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[0] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:30:44:765:2c8 QMOffer[1] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[1] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: SHA
4-13: 06:30:44:765:2c8 QMOffer[2] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[2] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:765:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: 0
4-13: 06:30:44:765:2c8 QMOffer[3] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[3] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:765:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: 0
4-13: 06:30:44:765:2c8 QMOffer[4] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[4] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:765:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: SHA
4-13: 06:30:44:765:2c8 QMOffer[5] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[5] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:765:2c8 Algo[1] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:30:44:765:2c8 QMOffer[6] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[6] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: ESP Algo: DES
CBC HMAC: MD5
4-13: 06:30:44:765:2c8 QMOffer[7] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[7] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: ESP Algo: DES
CBC HMAC: SHA
4-13: 06:30:44:765:2c8 QMOffer[8] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[8] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:765:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: 0
4-13: 06:30:44:765:2c8 QMOffer[9] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[9] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:765:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: 0
4-13: 06:30:44:765:2c8 QMOffer[10] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[10] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:765:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: SHA
4-13: 06:30:44:765:2c8 QMOffer[11] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[11] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:765:2c8 Algo[1] Operation: ESP Algo: DES
CBC HMAC: MD5
4-13: 06:30:44:765:2c8 QMOffer[12] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[12] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: ESP Algo: NULL
DES HMAC: SHA
4-13: 06:30:44:765:2c8 QMOffer[13] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[13] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: ESP Algo: NULL
DES HMAC: MD5
4-13: 06:30:44:765:2c8 QMOffer[14] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[14] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: AH Algo: SHA
4-13: 06:30:44:765:2c8 QMOffer[15] LifetimeKBytes 250000
LifetimeSec 3600
4-13: 06:30:44:765:2c8 QMOffer[15] dwFlags 0 dwPFSGroup 0
4-13: 06:30:44:765:2c8 Algo[0] Operation: AH Algo: MD5
4-13: 06:30:44:765:2c8 GetSpi: src = 192.168.10.1.1701, dst
= 192.168.10.29.1701, proto = 17, context = 00000000,
srcMask = 255.255.255.255, destMask = 255.255.255.255,
TunnelFilter 0
4-13: 06:30:44:765:2c8 Setting SPI 1954642610
4-13: 06:30:44:765:2c8 constructing ISAKMP Header
4-13: 06:30:44:765:2c8 constructing HASH (null)
4-13: 06:30:44:765:2c8 constructing SA (IPSEC)
4-13: 06:30:44:765:2c8 constructing NONCE (IPSEC)
4-13: 06:30:44:765:2c8 constructing ID (proxy)
4-13: 06:30:44:765:2c8 constructing ID (proxy)
4-13: 06:30:44:765:2c8 constructing HASH (QM)
4-13: 06:30:44:765:2c8
4-13: 06:30:44:765:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 2.500
4-13: 06:30:44:765:2c8 ISAKMP Header: (V1.0), len = 1300
4-13: 06:30:44:765:2c8 I-COOKIE e75fbae8e07e53de
4-13: 06:30:44:765:2c8 R-COOKIE a114306f56547b3f
4-13: 06:30:44:765:2c8 exchange: Oakley Quick Mode
4-13: 06:30:44:765:2c8 flags: 1 ( encrypted )
4-13: 06:30:44:765:2c8 next payload: HASH
4-13: 06:30:44:765:2c8 message ID: 13cba605
4-13: 06:30:44:765:2c8 Ports S:f401 D:f401
4-13: 06:30:44:765:2c8
4-13: 06:30:44:765:2c8 Receive: (get) SA = 0x000c40d8 from
192.168.10.1.500
4-13: 06:30:44:765:2c8 ISAKMP Header: (V1.0), len = 164
4-13: 06:30:44:765:2c8 I-COOKIE e75fbae8e07e53de
4-13: 06:30:44:765:2c8 R-COOKIE a114306f56547b3f
4-13: 06:30:44:765:2c8 exchange: Oakley Quick Mode
4-13: 06:30:44:765:2c8 flags: 1 ( encrypted )
4-13: 06:30:44:765:2c8 next payload: HASH
4-13: 06:30:44:765:2c8 message ID: 13cba605
4-13: 06:30:44:765:2c8 processing HASH (QM)
4-13: 06:30:44:765:2c8 ClearFragList
4-13: 06:30:44:765:2c8 processing payload NONCE
4-13: 06:30:44:765:2c8 processing payload ID
4-13: 06:30:44:765:2c8 processing payload ID
4-13: 06:30:44:765:2c8 processing payload SA
4-13: 06:30:44:765:2c8 Negotiated Proxy ID: Src
192.168.10.29.1701 Dst 192.168.10.1.1701
4-13: 06:30:44:765:2c8 Checking Proposal 1: Proto= ESP(3),
num trans=1 Next=0
4-13: 06:30:44:765:2c8 Checking Transform # 1: ID=Triple
DES CBC(3)
4-13: 06:30:44:781:2c8 SA life type in seconds
4-13: 06:30:44:781:2c8 SA life duration 00000e10
4-13: 06:30:44:781:2c8 SA life type in kilobytes
4-13: 06:30:44:781:2c8 SA life duration 0003d090
4-13: 06:30:44:781:2c8 tunnel mode is Transport Mode(2)
4-13: 06:30:44:781:2c8 HMAC algorithm is MD5(1)
4-13: 06:30:44:781:2c8 Phase 2 SA accepted: proposal=1
transform=1
4-13: 06:30:44:781:2c8 constructing ISAKMP Header
4-13: 06:30:44:781:2c8 constructing HASH (QM)
4-13: 06:30:44:781:2c8 Adding QMs: src =
192.168.10.29.1701, dst = 192.168.10.1.1701, proto = 17,
context = 00000007, my tunnel = 0.0.0.0, peer tunnel =
0.0.0.0, SrcMask = 0.0.0.0, DestMask = 0.0.0.0 Lifetime =
3600 LifetimeKBytes 250000 dwFlags 200 Direction 2 EncapType
1
4-13: 06:30:44:781:2c8 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:30:44:781:2c8 Algo[0] MySpi: 1954642610 PeerSpi:
3018126634
4-13: 06:30:44:781:2c8 Encap Ports Src 500 Dst 500
4-13: 06:30:44:781:2c8 Skipping Outbound SA add
4-13: 06:30:44:781:2c8 Adding QMs: src =
192.168.10.29.1701, dst = 192.168.10.1.1701, proto = 17,
context = 00000007, my tunnel = 0.0.0.0, peer tunnel =
0.0.0.0, SrcMask = 0.0.0.0, DestMask = 0.0.0.0 Lifetime =
3600 LifetimeKBytes 250000 dwFlags 200 Direction 3 EncapType
1
4-13: 06:30:44:781:2c8 Algo[0] Operation: ESP Algo: Triple
DES CBC HMAC: MD5
4-13: 06:30:44:781:2c8 Algo[0] MySpi: 1954642610 PeerSpi:
3018126634
4-13: 06:30:44:781:2c8 Encap Ports Src 500 Dst 500
4-13: 06:30:44:781:2c8 Skipping Inbound SA add
4-13: 06:30:44:781:2c8 isadb_set_status sa:000C40D8
centry:0015B8E0 status 0
4-13: 06:30:44:781:2c8 isadb_set_status InitiateEvent
00000490: Setting Status 0
4-13: 06:30:44:781:2c8 Clearing centry 0015B8E0
InitiateEvent 00000490
4-13: 06:30:44:781:2c8
4-13: 06:30:44:781:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 4.500
4-13: 06:30:44:781:2c8 ISAKMP Header: (V1.0), len = 52
4-13: 06:30:44:781:2c8 I-COOKIE e75fbae8e07e53de
4-13: 06:30:44:781:2c8 R-COOKIE a114306f56547b3f
4-13: 06:30:44:781:2c8 exchange: Oakley Quick Mode
4-13: 06:30:44:781:2c8 flags: 1 ( encrypted )
4-13: 06:30:44:781:2c8 next payload: HASH
4-13: 06:30:44:781:2c8 message ID: 13cba605
4-13: 06:30:44:781:308 CloseNegHandle 00000490
4-13: 06:30:44:781:2c8 Ports S:f401 D:f401
4-13: 06:30:44:781:308 SE cookie e75fbae8e07e53de
4-13: 06:31:19:781:2c8 QM Deleted. Notify from driver: Src
192.168.10.29 Dest 192.168.10.1 InSPI 1954642610 OutSpi
3018126634 Tunnel 0 TunnelFilter 0
4-13: 06:31:19:781:2c8 constructing ISAKMP Header
4-13: 06:31:19:781:2c8 constructing HASH (null)
4-13: 06:31:19:781:2c8 Construct QM Delete Spi 1954642610
4-13: 06:31:19:781:2c8 constructing HASH (Notify/Delete)
4-13: 06:31:19:781:2c8 Not setting retransmit to downlevel
client. SA 000C40D8 Centry 00000000
4-13: 06:31:19:781:2c8
4-13: 06:31:19:781:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 1.500
4-13: 06:31:19:781:2c8 ISAKMP Header: (V1.0), len = 68
4-13: 06:31:19:781:2c8 I-COOKIE e75fbae8e07e53de
4-13: 06:31:19:781:3b4 isadb_schedule_kill_oldPolicy_sas:
5b60b42a-34e8-46b9-9cfc2b3655dc9b16 4
4-13: 06:31:19:781:2c8 R-COOKIE a114306f56547b3f
4-13: 06:31:19:781:2c8 exchange: ISAKMP Informational
Exchange
4-13: 06:31:19:781:2c8 flags: 1 ( encrypted )
4-13: 06:31:19:781:2c8 next payload: HASH
4-13: 06:31:19:781:2c8 message ID: 45a1d4b1
4-13: 06:31:19:781:2c8 Ports S:f401 D:f401
4-13: 06:31:19:781:2c8 PrivatePeerAddr 0
4-13: 06:31:19:781:568 isadb_schedule_kill_oldPolicy_sas:
886c967e-bee7-420b-934fa50815f11e3b 3
4-13: 06:31:19:781:308 isadb_schedule_kill_oldPolicy_sas:
6c0d5ac1-1ec3-4402-bf384f50c2b17a0c 2
4-13: 06:31:19:781:3b4 isadb_schedule_kill_oldPolicy_sas:
6af9fc60-abaa-469d-ad128d3fc663f397 1
4-13: 06:31:19:781:2c8 entered kill_old_policy_sas 4
4-13: 06:31:19:781:2c8 SA Dead. sa:000C40D8 status:3619
4-13: 06:31:19:781:2c8 isadb_set_status sa:000C40D8
centry:00000000 status 3619
4-13: 06:31:19:781:2c8 constructing ISAKMP Header
4-13: 06:31:19:781:2c8 constructing HASH (null)
4-13: 06:31:19:781:2c8 constructing DELETE. MM 000C40D8
4-13: 06:31:19:781:2c8 constructing HASH (Notify/Delete)
4-13: 06:31:19:781:2c8 Not setting retransmit to downlevel
client. SA 000C40D8 Centry 00000000
4-13: 06:31:19:781:2c8
4-13: 06:31:19:781:2c8 Sending: SA = 0x000C40D8 to
192.168.10.1:Type 1.500
4-13: 06:31:19:781:d0 entered kill_old_policy_sas 3
4-13: 06:31:19:781:2c8 ISAKMP Header: (V1.0), len = 84
4-13: 06:31:19:781:2c8 I-COOKIE e75fbae8e07e53de
4-13: 06:31:19:781:2c8 R-COOKIE a114306f56547b3f
4-13: 06:31:19:781:2c8 exchange: ISAKMP Informational
Exchange
4-13: 06:31:19:781:2c8 flags: 1 ( encrypted )
4-13: 06:31:19:781:2c8 next payload: HASH
4-13: 06:31:19:781:2c8 message ID: 5271ae33
4-13: 06:31:19:781:2c8 Ports S:f401 D:f401
4-13: 06:31:19:781:d0
4-13: 06:31:19:781:d0 Receive: (get) SA = 0x000c40d8 from
192.168.10.1.500
4-13: 06:31:19:781:d0 ISAKMP Header: (V1.0), len = 68
4-13: 06:31:19:781:d0 I-COOKIE e75fbae8e07e53de
4-13: 06:31:19:781:d0 R-COOKIE a114306f56547b3f
4-13: 06:31:19:781:d0 exchange: ISAKMP Informational
Exchange
4-13: 06:31:19:781:d0 flags: 1 ( encrypted )
4-13: 06:31:19:781:d0 next payload: HASH
4-13: 06:31:19:781:d0 message ID: bed4bb9e
4-13: 06:31:19:781:d0 processing HASH (Notify/Delete)
4-13: 06:31:19:781:d0 processing payload DELETE
4-13: 06:31:19:781:d0 Asked to delete phase2 SPI we don't
own: 3018126634 proto=3
4-13: 06:31:19:781:d0 entered kill_old_policy_sas 2
4-13: 06:31:19:781:2c8 entered kill_old_policy_sas 1
4-13: 06:31:19:828:2c8
4-13: 06:31:19:828:2c8 Receive: (get) SA = 0x000c40d8 from
192.168.10.1.500
4-13: 06:31:19:828:2c8 ISAKMP Header: (V1.0), len = 84
4-13: 06:31:19:828:2c8 I-COOKIE e75fbae8e07e53de
4-13: 06:31:19:828:2c8 R-COOKIE a114306f56547b3f
4-13: 06:31:19:828:2c8 exchange: ISAKMP Informational
Exchange
4-13: 06:31:19:828:2c8 flags: 1 ( encrypted )
4-13: 06:31:19:828:2c8 next payload: HASH
4-13: 06:31:19:828:2c8 message ID: 42e00ce1
4-13: 06:31:19:828:2c8 processing HASH (Notify/Delete)
4-13: 06:31:19:828:2c8 processing payload DELETE
_______________________________________________
Usersopenswan.org
http
://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with
Openswan:
http://www.amazon.com/gp/product/1904811
256/104-3099591-2946327?n=283155
|
|
[1-2]
|
|