[strongSwan] Can Strongswan be made to work when each endpoint is behind a NAT firewall
David Hooker
david.d.hooker at gmail.com
Mon Aug 2 12:33:05 CEST 2010
Hi List,
Both firewalls have UDP/500, UDP/4500 and ESP passed through to the
strongswan endpoints.
I run a connection like:
config setup
plutostart=yes
plutodebug=all
plutostderrlog=/var/log/pluto.log
charonstart=no
nat_traversal=yes
conn vpn
left=192.168.5.2 #we are behind a NAT box, this is our IP on the private
network
leftsubnet=192.168.5.0/24
leftcert=siteb.crt
leftid="C=xx, ST=yy, O=zz, CN=aa"
right=<public ip> #NAT box in front of peer, it will port forward to peer
rightsubnet=192.168.0.0/24
rightid="C=xx, ST=yy, O=zz, CN=bb"
authby=rsasig
auto=start
ipsec.secrets:
: RSA siteb.key "secret goes here"
But I get "no connection authorized with policy=rsasig". The IP addresses
given in this message look correct.
Can strongswan be made to work when each peer endpoint is behind a firewall?
Thank you for the help last time, as well. :)
Starting Pluto (strongSwan Version 4.2.4 THREADS LIBLDAP SMARTCARD VENDORID
CISCO_QUIRKS)
including NAT-Traversal patch (Version 0.6c)
| pkcs11 module '/usr/lib/opensc-pkcs11.so' loading...
failed to load pkcs11 module '/usr/lib/opensc-pkcs11.so'
| xauth module: using default get_secret() function
| xauth module: using default verify_secret() function
| opening /dev/urandom
| inserting event EVENT_REINIT_SECRET, timeout in 3600 seconds
ike_alg: Activating OAKLEY_AES_CBC encryption: Ok
ike_alg: Activating OAKLEY_BLOWFISH_CBC encryption: Ok
ike_alg: Activating OAKLEY_SERPENT_CBC encryption: Ok
ike_alg: Activating OAKLEY_SHA2_256 hash: Ok
ike_alg: Activating OAKLEY_SHA2_384 hash: Ok
ike_alg: Activating OAKLEY_SHA2_512 hash: Ok
ike_alg: Activating OAKLEY_TWOFISH_CBC encryption: Ok
ike_alg: Activating OAKLEY_TWOFISH_CBC_SSH encryption: Ok
Testing registered IKE encryption algorithms:
OAKLEY_BLOWFISH_CBC self-test not available
OAKLEY_3DES_CBC self-test not available
OAKLEY_AES_CBC self-test not available
OAKLEY_SERPENT_CBC self-test not available
OAKLEY_TWOFISH_CBC self-test not available
OAKLEY_TWOFISH_CBC_SSH self-test not available
Testing registered IKE hash algorithms:
| hash testvector 0: ok
| hash testvector 1: ok
| hash testvector 2: ok
| hash testvector 3: ok
| hash testvector 4: ok
| hash testvector 5: ok
| hash testvector 6: ok
OAKLEY_MD5 hash self-test passed
| hmac testvector 0: ok
| hmac testvector 1: ok
| hmac testvector 2: ok
| hmac testvector 3: ok
| hmac testvector 4: ok
| hmac testvector 5: ok
OAKLEY_MD5 hmac self-test passed
| hash testvector 0: ok
| hash testvector 1: ok
| hash testvector 2: ok
OAKLEY_SHA hash self-test passed
| hmac testvector 0: ok
| hmac testvector 1: ok
| hmac testvector 2: ok
| hmac testvector 3: ok
| hmac testvector 4: ok
| hmac testvector 5: ok
OAKLEY_SHA hmac self-test passed
| hash testvector 0: ok
| hash testvector 1: ok
| hash testvector 2: ok
OAKLEY_SHA2_256 hash self-test passed
| hmac testvector 0: ok
| hmac testvector 1: ok
| hmac testvector 2: ok
| hmac testvector 3: ok
| hmac testvector 4: ok
| hmac testvector 5: ok
OAKLEY_SHA2_256 hmac self-test passed
| hash testvector 0: ok
| hash testvector 1: ok
| hash testvector 2: ok
OAKLEY_SHA2_384 hash self-test passed
| hmac testvector 0: ok
| hmac testvector 1: ok
| hmac testvector 2: ok
| hmac testvector 3: ok
| hmac testvector 4: ok
| hmac testvector 5: ok
OAKLEY_SHA2_384 hmac self-test passed
| hash testvector 0: ok
| hash testvector 1: ok
| hash testvector 2: ok
OAKLEY_SHA2_512 hash self-test passed
| hmac testvector 0: ok
| hmac testvector 1: ok
| hmac testvector 2: ok
| hmac testvector 3: ok
| hmac testvector 4: ok
| hmac testvector 5: ok
OAKLEY_SHA2_512 hmac self-test passed
All crypto self-tests passed
| process 2012 listening for PF_KEY_V2 on file descriptor 4
Using Linux 2.6 IPsec interface code
| finish_pfkey_msg: SADB_REGISTER message 1 for AH
| 02 07 00 02 02 00 00 00 01 00 00 00 dc 07 00 00
| pfkey_get: SADB_REGISTER message 1
| AH registered with kernel.
| finish_pfkey_msg: SADB_REGISTER message 2 for ESP
| 02 07 00 03 02 00 00 00 02 00 00 00 dc 07 00 00
| pfkey_get: SADB_REGISTER message 2
| alg_init(): memset(0xb77cfca0, 0, 2016) memset(0xb77d0480, 0, 2032)
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: sadb_msg_len=18
sadb_supported_len=48
| kernel_alg_add(): satype=3, exttype=14, alg_id=251
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[0], exttype=14,
satype=3, alg_id=251, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, res=0,
ret=1
| kernel_alg_add(): satype=3, exttype=14, alg_id=2
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[1], exttype=14,
satype=3, alg_id=2, alg_ivlen=0, alg_minbits=128, alg_maxbits=128, res=0,
ret=1
| kernel_alg_add(): satype=3, exttype=14, alg_id=3
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[2], exttype=14,
satype=3, alg_id=3, alg_ivlen=0, alg_minbits=160, alg_maxbits=160, res=0,
ret=1
| kernel_alg_add(): satype=3, exttype=14, alg_id=5
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[3], exttype=14,
satype=3, alg_id=5, alg_ivlen=0, alg_minbits=256, alg_maxbits=256, res=0,
ret=1
| kernel_alg_add(): satype=3, exttype=14, alg_id=9
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[4], exttype=14,
satype=3, alg_id=9, alg_ivlen=0, alg_minbits=128, alg_maxbits=128, res=0,
ret=1
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: sadb_msg_len=18
sadb_supported_len=80
| kernel_alg_add(): satype=3, exttype=15, alg_id=11
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[5], exttype=15,
satype=3, alg_id=11, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, res=0, ret=1
| kernel_alg_add(): satype=3, exttype=15, alg_id=2
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[6], exttype=15,
satype=3, alg_id=2, alg_ivlen=8, alg_minbits=64, alg_maxbits=64, res=0,
ret=1
| kernel_alg_add(): satype=3, exttype=15, alg_id=3
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[7], exttype=15,
satype=3, alg_id=3, alg_ivlen=8, alg_minbits=192, alg_maxbits=192, res=0,
ret=1
| kernel_alg_add(): satype=3, exttype=15, alg_id=7
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[8], exttype=15,
satype=3, alg_id=7, alg_ivlen=8, alg_minbits=40, alg_maxbits=448, res=0,
ret=1
| kernel_alg_add(): satype=3, exttype=15, alg_id=12
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[9], exttype=15,
satype=3, alg_id=12, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0,
ret=1
| kernel_alg_add(): satype=3, exttype=15, alg_id=252
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[10], exttype=15,
satype=3, alg_id=252, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0,
ret=1
| kernel_alg_add(): satype=3, exttype=15, alg_id=22
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[11], exttype=15,
satype=3, alg_id=22, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0,
ret=1
| kernel_alg_add(): satype=3, exttype=15, alg_id=253
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[12], exttype=15,
satype=3, alg_id=253, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0,
ret=1
| kernel_alg_add(): satype=3, exttype=15, alg_id=13
| kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[13], exttype=15,
satype=3, alg_id=13, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0,
ret=1
| ESP registered with kernel.
| finish_pfkey_msg: SADB_REGISTER message 3 for IPCOMP
| 02 07 00 09 02 00 00 00 03 00 00 00 dc 07 00 00
| pfkey_get: SADB_REGISTER message 3
| IPCOMP registered with kernel.
Changing to directory '/etc/ipsec.d/cacerts'
loaded CA cert file 'CA.crt' (2220 bytes)
| file content is not binary ASN.1
| -----BEGIN CERTIFICATE-----
| -----END CERTIFICATE-----
| file coded in PEM format
| L0 - certificate:
| 30 82 06 39 30 82 04 21 a0 03 02 01 02 02 09 00
| cd 34 0e af 93 33 45 6d 30 0d 06 09 2a 86 48 86
| f7 0d 01 01 05 05 00 30 70 31 0b 30 09 06 03 55
| 04 06 13 02 41 55 31 20 30 1e 06 03 55 04 0a 13
| 17 4a 6f 74 75 6e 20 41 75 73 74 72 61 6c 69 61
| 20 50 74 79 20 4c 74 64 31 0f 30 0d 06 03 55 04
| 03 13 06 56 50 4e 20 43 41 31 2e 30 2c 06 09 2a
| 86 48 86 f7 0d 01 09 01 16 1f 72 65 63 65 70 74
| 69 6f 6e 5f 62 72 6f 6f 6b 6c 79 6e 40 6a 6f 74
| 75 6e 2e 63 6f 6d 2e 61 75 30 1e 17 0d 31 30 30
| 37 32 36 30 37 32 39 33 30 5a 17 0d 33 30 30 37
| 32 31 30 37 32 39 33 30 5a 30 70 31 0b 30 09 06
| 03 55 04 06 13 02 41 55 31 20 30 1e 06 03 55 04
| 0a 13 17 4a 6f 74 75 6e 20 41 75 73 74 72 61 6c
| 69 61 20 50 74 79 20 4c 74 64 31 0f 30 0d 06 03
| 55 04 03 13 06 56 50 4e 20 43 41 31 2e 30 2c 06
| 09 2a 86 48 86 f7 0d 01 09 01 16 1f 72 65 63 65
| 70 74 69 6f 6e 5f 62 72 6f 6f 6b 6c 79 6e 40 6a
| 6f 74 75 6e 2e 63 6f 6d 2e 61 75 30 82 02 22 30
| 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82
| 02 0f 00 30 82 02 0a 02 82 02 01 00 e8 61 10 92
| f7 0a e1 b2 09 3d 0d 7c 00 96 df 67 3e 51 93 45
| c8 ea 51 c1 fc 33 09 dc 2e ef 6e 87 02 aa 33 f1
| 35 74 f1 b8 96 cd 04 3a b3 aa 99 12 78 93 3c 40
| 08 bc 7d 77 c3 a3 6a 2f 80 ed dc c6 ae 49 cd 46
| b9 41 7e 14 2d 47 dd 65 61 50 4b b1 07 60 7c fb
| d7 c4 59 6d da 63 38 81 2f 17 5f cb ad 56 e8 e0
| ca 62 8c 63 1f 87 5f 87 e4 10 98 dc 09 67 f0 b7
| 5d b7 72 30 89 f0 00 ce d3 7e 3e f1 0c 0a 38 ae
| 63 51 40 7a 8e 51 88 05 fd 1b fa 91 7f 82 ed 95
| fd be 26 0f cf 90 d9 38 c4 58 d4 e5 0a 6e 70 cb
| ce e9 9a 00 91 72 33 0e ad d1 5a 9e bd bd 98 46
| 91 db ad 3a c6 31 6f b8 5e 90 b5 92 3f 02 31 29
| 8d b6 4e 5a 5e a8 10 0e 5e dc fe 81 df ba 47 db
| 8d f5 35 15 0b 7b ca f3 ea 44 93 2a 24 6c b5 a1
| 52 d2 f9 53 f5 d5 5f 35 01 e4 31 76 74 f0 81 31
| 3d 14 36 45 ab dd 29 51 9b 26 69 b5 ea 50 86 e9
| 41 b6 63 f0 92 4c ff 06 ad 19 96 c5 97 66 3f 52
| db 68 d5 77 74 ae 77 f1 b3 8d d5 bc e0 7e c4 44
| fd 72 d2 06 69 f8 7a 82 9d 24 24 9f ad b1 b9 dc
| 25 33 8e bf be e6 bc 1c 3c b1 f7 bf f5 6c 52 22
| cb 50 ee 60 53 65 a2 97 b8 d8 d5 45 aa a1 9c a7
| fe 93 8e e6 c8 26 aa 71 ff 84 2b fd fd e3 e0 e1
| 2e e7 a4 f1 f9 a3 ba 30 cd a9 d2 1f f6 35 36 cc
| 99 f5 e2 be f6 ba c2 45 32 5c 40 84 ed 2b 09 e4
| 1a 8b 73 d3 e8 fa 48 c6 5a 6b e6 c8 25 8e d8 bf
| a4 d1 3f 15 e9 46 4b 12 bb a0 af bd bc 0c c5 40
| 4d 96 88 92 41 30 44 0f b9 89 a5 b7 d1 4f ec 45
| 98 65 57 a8 13 99 47 6f 03 89 48 f6 18 1e 7a f4
| d8 2d c4 4c 33 c6 0b 95 79 fd 8e aa 29 78 0e 2a
| f5 3c 9e a4 ce 41 36 d6 3f b8 41 6f f9 90 92 53
| cf f2 4e cb 59 87 69 79 18 9e 22 04 dd ec b0 b2
| f4 03 81 e5 f5 b7 ce 53 3e 55 14 b9 02 03 01 00
| 01 a3 81 d5 30 81 d2 30 1d 06 03 55 1d 0e 04 16
| 04 14 bd 58 6a 09 8b e1 13 99 8c c3 f8 46 ec e4
| 29 de 94 53 85 74 30 81 a2 06 03 55 1d 23 04 81
| 9a 30 81 97 80 14 bd 58 6a 09 8b e1 13 99 8c c3
| f8 46 ec e4 29 de 94 53 85 74 a1 74 a4 72 30 70
| 31 0b 30 09 06 03 55 04 06 13 02 41 55 31 20 30
| 1e 06 03 55 04 0a 13 17 4a 6f 74 75 6e 20 41 75
| 73 74 72 61 6c 69 61 20 50 74 79 20 4c 74 64 31
| 0f 30 0d 06 03 55 04 03 13 06 56 50 4e 20 43 41
| 31 2e 30 2c 06 09 2a 86 48 86 f7 0d 01 09 01 16
| 1f 72 65 63 65 70 74 69 6f 6e 5f 62 72 6f 6f 6b
| 6c 79 6e 40 6a 6f 74 75 6e 2e 63 6f 6d 2e 61 75
| 82 09 00 cd 34 0e af 93 33 45 6d 30 0c 06 03 55
| 1d 13 04 05 30 03 01 01 ff 30 0d 06 09 2a 86 48
| 86 f7 0d 01 01 05 05 00 03 82 02 01 00 a1 f9 39
| 79 b7 be d0 ed d2 de 90 22 cf ae ec 62 fc 14 5a
| ac bd d7 95 f1 ba 00 ff 6c 6d fd 15 b1 33 f8 73
| 8f 73 2d 1d a2 00 b2 45 cc 51 cb 16 b8 32 99 bc
| 51 78 d4 c8 06 c4 4a d8 b7 8d 13 e1 3e 3b 3c 05
| f7 11 7e da b7 4d ca 45 5e 8d 1e 4e be 84 87 6e
| 0f 6c 47 7a 5b b9 b4 b4 51 57 80 60 3f c1 87 c4
| b4 bc 98 eb 23 a0 33 90 3c 70 2c 2d 88 f0 f5 b6
| 97 f6 2f ff f5 bd 69 da 49 6b 1f c7 f8 22 93 e3
| fc 2f 01 24 46 31 ba d0 3d 83 ac f9 06 fd 7c 89
| 21 6d 92 d9 30 8f e5 fc 7d 74 60 49 9b e0 1c 25
| 8c 6f 97 d5 8a cc 4b 40 76 2f 9b 0e 95 7f da ef
| 64 ce 4d 1a a6 a3 1a 89 9b 1d 0b 02 45 26 16 d1
| 44 3c 07 ec 04 d0 81 43 d5 3c 1f 40 45 44 aa 65
| 3f 82 9b e0 1f cb 52 04 34 04 d6 ab a6 90 28 dd
| 49 b6 29 ec a4 79 f2 87 a7 dd c5 52 08 3c a3 3e
| a4 3c 2c 1a 53 81 3a 89 a7 3d bd 5a 1f d6 64 15
| 25 85 15 49 b5 e5 4b 25 1c d2 0c 12 02 82 7d b8
| fe b7 10 4b 83 78 d2 e1 1c d5 3a 6b 2d 49 aa 35
| 04 3d 3e f2 2a d2 13 92 3b e9 a2 57 d0 47 b0 83
| 77 ea 09 94 c2 8c 76 b9 11 cc 2e 36 e9 63 81 d3
| 00 96 4c 1f c8 e1 f7 e1 db 13 ac f5 f8 16 ec 88
| 05 33 ac 63 17 f0 e8 5c 4e 67 48 d1 80 11 a2 f0
| 0a c8 f4 b8 62 a5 cc d4 0e da de 6b 16 14 cc ca
| 91 bf f1 fc af 21 b2 cb 55 06 2f de a8 5b 49 0f
| 3a a3 76 36 4d 46 9a 21 67 37 03 9e ed 97 cb 5f
| 2c 13 b1 e0 e3 f3 9b 0f 55 ee db b8 f8 ec 39 80
| e0 a5 03 c4 c8 59 16 a2 72 85 f7 c3 14 c9 65 e9
| 30 6e f8 ff 6d ff cf 3c 53 57 56 a0 ca 17 f7 eb
| 04 cf 72 41 89 31 51 1a 15 cc e4 a1 da 9b 1e d5
| 46 17 14 43 a8 64 28 f0 d1 1f 2d ac 91 c9 54 4f
| ae 3d aa be 81 95 d8 e5 9d d4 50 29 e0 6e 1d 0e
| 95 7c b8 2e 0a bc 34 f4 5d 10 d1 19 14
| L1 - tbsCertificate:
| 30 82 04 21 a0 03 02 01 02 02 09 00 cd 34 0e af
| 93 33 45 6d 30 0d 06 09 2a 86 48 86 f7 0d 01 01
| 05 05 00 30 70 31 0b 30 09 06 03 55 04 06 13 02
| 41 55 31 20 30 1e 06 03 55 04 0a 13 17 4a 6f 74
| 75 6e 20 41 75 73 74 72 61 6c 69 61 20 50 74 79
| 20 4c 74 64 31 0f 30 0d 06 03 55 04 03 13 06 56
| 50 4e 20 43 41 31 2e 30 2c 06 09 2a 86 48 86 f7
| 0d 01 09 01 16 1f 72 65 63 65 70 74 69 6f 6e 5f
| 62 72 6f 6f 6b 6c 79 6e 40 6a 6f 74 75 6e 2e 63
| 6f 6d 2e 61 75 30 1e 17 0d 31 30 30 37 32 36 30
| 37 32 39 33 30 5a 17 0d 33 30 30 37 32 31 30 37
| 32 39 33 30 5a 30 70 31 0b 30 09 06 03 55 04 06
| 13 02 41 55 31 20 30 1e 06 03 55 04 0a 13 17 4a
| 6f 74 75 6e 20 41 75 73 74 72 61 6c 69 61 20 50
| 74 79 20 4c 74 64 31 0f 30 0d 06 03 55 04 03 13
| 06 56 50 4e 20 43 41 31 2e 30 2c 06 09 2a 86 48
| 86 f7 0d 01 09 01 16 1f 72 65 63 65 70 74 69 6f
| 6e 5f 62 72 6f 6f 6b 6c 79 6e 40 6a 6f 74 75 6e
| 2e 63 6f 6d 2e 61 75 30 82 02 22 30 0d 06 09 2a
| 86 48 86 f7 0d 01 01 01 05 00 03 82 02 0f 00 30
| 82 02 0a 02 82 02 01 00 e8 61 10 92 f7 0a e1 b2
| 09 3d 0d 7c 00 96 df 67 3e 51 93 45 c8 ea 51 c1
| fc 33 09 dc 2e ef 6e 87 02 aa 33 f1 35 74 f1 b8
| 96 cd 04 3a b3 aa 99 12 78 93 3c 40 08 bc 7d 77
| c3 a3 6a 2f 80 ed dc c6 ae 49 cd 46 b9 41 7e 14
| 2d 47 dd 65 61 50 4b b1 07 60 7c fb d7 c4 59 6d
| da 63 38 81 2f 17 5f cb ad 56 e8 e0 ca 62 8c 63
| 1f 87 5f 87 e4 10 98 dc 09 67 f0 b7 5d b7 72 30
| 89 f0 00 ce d3 7e 3e f1 0c 0a 38 ae 63 51 40 7a
| 8e 51 88 05 fd 1b fa 91 7f 82 ed 95 fd be 26 0f
| cf 90 d9 38 c4 58 d4 e5 0a 6e 70 cb ce e9 9a 00
| 91 72 33 0e ad d1 5a 9e bd bd 98 46 91 db ad 3a
| c6 31 6f b8 5e 90 b5 92 3f 02 31 29 8d b6 4e 5a
| 5e a8 10 0e 5e dc fe 81 df ba 47 db 8d f5 35 15
| 0b 7b ca f3 ea 44 93 2a 24 6c b5 a1 52 d2 f9 53
| f5 d5 5f 35 01 e4 31 76 74 f0 81 31 3d 14 36 45
| ab dd 29 51 9b 26 69 b5 ea 50 86 e9 41 b6 63 f0
| 92 4c ff 06 ad 19 96 c5 97 66 3f 52 db 68 d5 77
| 74 ae 77 f1 b3 8d d5 bc e0 7e c4 44 fd 72 d2 06
| 69 f8 7a 82 9d 24 24 9f ad b1 b9 dc 25 33 8e bf
| be e6 bc 1c 3c b1 f7 bf f5 6c 52 22 cb 50 ee 60
| 53 65 a2 97 b8 d8 d5 45 aa a1 9c a7 fe 93 8e e6
| c8 26 aa 71 ff 84 2b fd fd e3 e0 e1 2e e7 a4 f1
| f9 a3 ba 30 cd a9 d2 1f f6 35 36 cc 99 f5 e2 be
| f6 ba c2 45 32 5c 40 84 ed 2b 09 e4 1a 8b 73 d3
| e8 fa 48 c6 5a 6b e6 c8 25 8e d8 bf a4 d1 3f 15
| e9 46 4b 12 bb a0 af bd bc 0c c5 40 4d 96 88 92
| 41 30 44 0f b9 89 a5 b7 d1 4f ec 45 98 65 57 a8
| 13 99 47 6f 03 89 48 f6 18 1e 7a f4 d8 2d c4 4c
| 33 c6 0b 95 79 fd 8e aa 29 78 0e 2a f5 3c 9e a4
| ce 41 36 d6 3f b8 41 6f f9 90 92 53 cf f2 4e cb
| 59 87 69 79 18 9e 22 04 dd ec b0 b2 f4 03 81 e5
| f5 b7 ce 53 3e 55 14 b9 02 03 01 00 01 a3 81 d5
| 30 81 d2 30 1d 06 03 55 1d 0e 04 16 04 14 bd 58
| 6a 09 8b e1 13 99 8c c3 f8 46 ec e4 29 de 94 53
| 85 74 30 81 a2 06 03 55 1d 23 04 81 9a 30 81 97
| 80 14 bd 58 6a 09 8b e1 13 99 8c c3 f8 46 ec e4
| 29 de 94 53 85 74 a1 74 a4 72 30 70 31 0b 30 09
| 06 03 55 04 06 13 02 41 55 31 20 30 1e 06 03 55
| 04 0a 13 17 4a 6f 74 75 6e 20 41 75 73 74 72 61
| 6c 69 61 20 50 74 79 20 4c 74 64 31 0f 30 0d 06
| 03 55 04 03 13 06 56 50 4e 20 43 41 31 2e 30 2c
| 06 09 2a 86 48 86 f7 0d 01 09 01 16 1f 72 65 63
| 65 70 74 69 6f 6e 5f 62 72 6f 6f 6b 6c 79 6e 40
| 6a 6f 74 75 6e 2e 63 6f 6d 2e 61 75 82 09 00 cd
| 34 0e af 93 33 45 6d 30 0c 06 03 55 1d 13 04 05
| 30 03 01 01 ff
| L2 - DEFAULT v1:
| L3 - version:
| 02
| v3
| L2 - serialNumber:
| 00 cd 34 0e af 93 33 45 6d
| L2 - signature:
| L3 - algorithmIdentifier:
| L4 - algorithm:
| 'sha-1WithRSAEncryption'
| L4 - parameters:
| L2 - issuer:
| 30 70 31 0b 30 09 06 03 55 04 06 13 02 41 55 31
| 20 30 1e 06 03 55 04 0a 13 17 4a 6f 74 75 6e 20
| 41 75 73 74 72 61 6c 69 61 20 50 74 79 20 4c 74
| 64 31 0f 30 0d 06 03 55 04 03 13 06 56 50 4e 20
| 43 41 31 2e 30 2c 06 09 2a 86 48 86 f7 0d 01 09
| 01 16 1f 72 65 63 65 70 74 69 6f 6e 5f 62 72 6f
| 6f 6b 6c 79 6e 40 6a 6f 74 75 6e 2e 63 6f 6d 2e
| 61 75
| 'C=XX, O=company, CN=VPN CA, E=reception_sitea at company.com'
| L2 - validity:
| L3 - notBefore:
| L4 - utcTime:
| 'Jul 26 07:29:30 UTC 2010'
| L3 - notAfter:
| L4 - utcTime:
| 'Jul 21 07:29:30 UTC 2030'
| L2 - subject:
| 30 70 31 0b 30 09 06 03 55 04 06 13 02 41 55 31
| 20 30 1e 06 03 55 04 0a 13 17 4a 6f 74 75 6e 20
| 41 75 73 74 72 61 6c 69 61 20 50 74 79 20 4c 74
| 64 31 0f 30 0d 06 03 55 04 03 13 06 56 50 4e 20
| 43 41 31 2e 30 2c 06 09 2a 86 48 86 f7 0d 01 09
| 01 16 1f 72 65 63 65 70 74 69 6f 6e 5f 62 72 6f
| 6f 6b 6c 79 6e 40 6a 6f 74 75 6e 2e 63 6f 6d 2e
| 61 75
| 'C=XX, O=company, CN=VPN CA, E=reception_sitea at company.com'
| L2 - subjectPublicKeyInfo:
| L3 - algorithm:
| L4 - algorithmIdentifier:
| L5 - algorithm:
| 'rsaEncryption'
| L5 - parameters:
| L3 - subjectPublicKey:
| L4 - RSAPublicKey:
| 30 82 02 0a 02 82 02 01 00 e8 61 10 92 f7 0a e1
| b2 09 3d 0d 7c 00 96 df 67 3e 51 93 45 c8 ea 51
| c1 fc 33 09 dc 2e ef 6e 87 02 aa 33 f1 35 74 f1
| b8 96 cd 04 3a b3 aa 99 12 78 93 3c 40 08 bc 7d
| 77 c3 a3 6a 2f 80 ed dc c6 ae 49 cd 46 b9 41 7e
| 14 2d 47 dd 65 61 50 4b b1 07 60 7c fb d7 c4 59
| 6d da 63 38 81 2f 17 5f cb ad 56 e8 e0 ca 62 8c
| 63 1f 87 5f 87 e4 10 98 dc 09 67 f0 b7 5d b7 72
| 30 89 f0 00 ce d3 7e 3e f1 0c 0a 38 ae 63 51 40
| 7a 8e 51 88 05 fd 1b fa 91 7f 82 ed 95 fd be 26
| 0f cf 90 d9 38 c4 58 d4 e5 0a 6e 70 cb ce e9 9a
| 00 91 72 33 0e ad d1 5a 9e bd bd 98 46 91 db ad
| 3a c6 31 6f b8 5e 90 b5 92 3f 02 31 29 8d b6 4e
| 5a 5e a8 10 0e 5e dc fe 81 df ba 47 db 8d f5 35
| 15 0b 7b ca f3 ea 44 93 2a 24 6c b5 a1 52 d2 f9
| 53 f5 d5 5f 35 01 e4 31 76 74 f0 81 31 3d 14 36
| 45 ab dd 29 51 9b 26 69 b5 ea 50 86 e9 41 b6 63
| f0 92 4c ff 06 ad 19 96 c5 97 66 3f 52 db 68 d5
| 77 74 ae 77 f1 b3 8d d5 bc e0 7e c4 44 fd 72 d2
| 06 69 f8 7a 82 9d 24 24 9f ad b1 b9 dc 25 33 8e
| bf be e6 bc 1c 3c b1 f7 bf f5 6c 52 22 cb 50 ee
| 60 53 65 a2 97 b8 d8 d5 45 aa a1 9c a7 fe 93 8e
| e6 c8 26 aa 71 ff 84 2b fd fd e3 e0 e1 2e e7 a4
| f1 f9 a3 ba 30 cd a9 d2 1f f6 35 36 cc 99 f5 e2
| be f6 ba c2 45 32 5c 40 84 ed 2b 09 e4 1a 8b 73
| d3 e8 fa 48 c6 5a 6b e6 c8 25 8e d8 bf a4 d1 3f
| 15 e9 46 4b 12 bb a0 af bd bc 0c c5 40 4d 96 88
| 92 41 30 44 0f b9 89 a5 b7 d1 4f ec 45 98 65 57
| a8 13 99 47 6f 03 89 48 f6 18 1e 7a f4 d8 2d c4
| 4c 33 c6 0b 95 79 fd 8e aa 29 78 0e 2a f5 3c 9e
| a4 ce 41 36 d6 3f b8 41 6f f9 90 92 53 cf f2 4e
| cb 59 87 69 79 18 9e 22 04 dd ec b0 b2 f4 03 81
| e5 f5 b7 ce 53 3e 55 14 b9 02 03 01 00 01
| L5 - modulus:
| 00 e8 61 10 92 f7 0a e1 b2 09 3d 0d 7c 00 96 df
| 67 3e 51 93 45 c8 ea 51 c1 fc 33 09 dc 2e ef 6e
| 87 02 aa 33 f1 35 74 f1 b8 96 cd 04 3a b3 aa 99
| 12 78 93 3c 40 08 bc 7d 77 c3 a3 6a 2f 80 ed dc
| c6 ae 49 cd 46 b9 41 7e 14 2d 47 dd 65 61 50 4b
| b1 07 60 7c fb d7 c4 59 6d da 63 38 81 2f 17 5f
| cb ad 56 e8 e0 ca 62 8c 63 1f 87 5f 87 e4 10 98
| dc 09 67 f0 b7 5d b7 72 30 89 f0 00 ce d3 7e 3e
| f1 0c 0a 38 ae 63 51 40 7a 8e 51 88 05 fd 1b fa
| 91 7f 82 ed 95 fd be 26 0f cf 90 d9 38 c4 58 d4
| e5 0a 6e 70 cb ce e9 9a 00 91 72 33 0e ad d1 5a
| 9e bd bd 98 46 91 db ad 3a c6 31 6f b8 5e 90 b5
| 92 3f 02 31 29 8d b6 4e 5a 5e a8 10 0e 5e dc fe
| 81 df ba 47 db 8d f5 35 15 0b 7b ca f3 ea 44 93
| 2a 24 6c b5 a1 52 d2 f9 53 f5 d5 5f 35 01 e4 31
| 76 74 f0 81 31 3d 14 36 45 ab dd 29 51 9b 26 69
| b5 ea 50 86 e9 41 b6 63 f0 92 4c ff 06 ad 19 96
| c5 97 66 3f 52 db 68 d5 77 74 ae 77 f1 b3 8d d5
| bc e0 7e c4 44 fd 72 d2 06 69 f8 7a 82 9d 24 24
| 9f ad b1 b9 dc 25 33 8e bf be e6 bc 1c 3c b1 f7
| bf f5 6c 52 22 cb 50 ee 60 53 65 a2 97 b8 d8 d5
| 45 aa a1 9c a7 fe 93 8e e6 c8 26 aa 71 ff 84 2b
| fd fd e3 e0 e1 2e e7 a4 f1 f9 a3 ba 30 cd a9 d2
| 1f f6 35 36 cc 99 f5 e2 be f6 ba c2 45 32 5c 40
| 84 ed 2b 09 e4 1a 8b 73 d3 e8 fa 48 c6 5a 6b e6
| c8 25 8e d8 bf a4 d1 3f 15 e9 46 4b 12 bb a0 af
| bd bc 0c c5 40 4d 96 88 92 41 30 44 0f b9 89 a5
| b7 d1 4f ec 45 98 65 57 a8 13 99 47 6f 03 89 48
| f6 18 1e 7a f4 d8 2d c4 4c 33 c6 0b 95 79 fd 8e
| aa 29 78 0e 2a f5 3c 9e a4 ce 41 36 d6 3f b8 41
| 6f f9 90 92 53 cf f2 4e cb 59 87 69 79 18 9e 22
| 04 dd ec b0 b2 f4 03 81 e5 f5 b7 ce 53 3e 55 14
| b9
| L5 - publicExponent:
| 01 00 01
| L2 - optional extensions:
| L3 - extensions:
| L4 - extension:
| L5 - extnID:
| 'subjectKeyIdentifier'
| L5 - critical:
| FALSE
| L5 - extnValue:
| 04 14 bd 58 6a 09 8b e1 13 99 8c c3 f8 46 ec e4
| 29 de 94 53 85 74
| L6 - keyIdentifier:
| bd 58 6a 09 8b e1 13 99 8c c3 f8 46 ec e4 29 de
| 94 53 85 74
| L4 - extension:
| L5 - extnID:
| 'authorityKeyIdentifier'
| L5 - critical:
| FALSE
| L5 - extnValue:
| 30 81 97 80 14 bd 58 6a 09 8b e1 13 99 8c c3 f8
| 46 ec e4 29 de 94 53 85 74 a1 74 a4 72 30 70 31
| 0b 30 09 06 03 55 04 06 13 02 41 55 31 20 30 1e
| 06 03 55 04 0a 13 17 4a 6f 74 75 6e 20 41 75 73
| 74 72 61 6c 69 61 20 50 74 79 20 4c 74 64 31 0f
| 30 0d 06 03 55 04 03 13 06 56 50 4e 20 43 41 31
| 2e 30 2c 06 09 2a 86 48 86 f7 0d 01 09 01 16 1f
| 72 65 63 65 70 74 69 6f 6e 5f 62 72 6f 6f 6b 6c
| 79 6e 40 6a 6f 74 75 6e 2e 63 6f 6d 2e 61 75 82
| 09 00 cd 34 0e af 93 33 45 6d
| L6 - authorityKeyIdentifier:
| L7 - keyIdentifier:
| 80 14 bd 58 6a 09 8b e1 13 99 8c c3 f8 46 ec e4
| 29 de 94 53 85 74
| L8 - keyIdentifier:
| bd 58 6a 09 8b e1 13 99 8c c3 f8 46 ec e4 29 de
| 94 53 85 74
| L7 - authorityCertIssuer:
| a1 74 a4 72 30 70 31 0b 30 09 06 03 55 04 06 13
| 02 41 55 31 20 30 1e 06 03 55 04 0a 13 17 4a 6f
| 74 75 6e 20 41 75 73 74 72 61 6c 69 61 20 50 74
| 79 20 4c 74 64 31 0f 30 0d 06 03 55 04 03 13 06
| 56 50 4e 20 43 41 31 2e 30 2c 06 09 2a 86 48 86
| f7 0d 01 09 01 16 1f 72 65 63 65 70 74 69 6f 6e
| 5f 62 72 6f 6f 6b 6c 79 6e 40 6a 6f 74 75 6e 2e
| 63 6f 6d 2e 61 75
| L8 - generalNames:
| L9 - generalName:
| L10 - directoryName:
| 30 70 31 0b 30 09 06 03 55 04 06 13 02 41 55 31
| 20 30 1e 06 03 55 04 0a 13 17 4a 6f 74 75 6e 20
| 41 75 73 74 72 61 6c 69 61 20 50 74 79 20 4c 74
| 64 31 0f 30 0d 06 03 55 04 03 13 06 56 50 4e 20
| 43 41 31 2e 30 2c 06 09 2a 86 48 86 f7 0d 01 09
| 01 16 1f 72 65 63 65 70 74 69 6f 6e 5f 62 72 6f
| 6f 6b 6c 79 6e 40 6a 6f 74 75 6e 2e 63 6f 6d 2e
| 61 75
| 'C=XX, O=company, CN=VPN CA, E=reception_sitea at company.com'
| L7 - authorityCertSerialNumber:
| 00 cd 34 0e af 93 33 45 6d
| L4 - extension:
| L5 - extnID:
| 'basicConstraints'
| L5 - critical:
| FALSE
| L5 - extnValue:
| 30 03 01 01 ff
| L6 - basicConstraints:
| L7 - CA:
| ff
| TRUE
| L1 - signatureAlgorithm:
| L2 - algorithmIdentifier:
| L3 - algorithm:
| 'sha-1WithRSAEncryption'
| L3 - parameters:
| L1 - signatureValue:
| 00 a1 f9 39 79 b7 be d0 ed d2 de 90 22 cf ae ec
| 62 fc 14 5a ac bd d7 95 f1 ba 00 ff 6c 6d fd 15
| b1 33 f8 73 8f 73 2d 1d a2 00 b2 45 cc 51 cb 16
| b8 32 99 bc 51 78 d4 c8 06 c4 4a d8 b7 8d 13 e1
| 3e 3b 3c 05 f7 11 7e da b7 4d ca 45 5e 8d 1e 4e
| be 84 87 6e 0f 6c 47 7a 5b b9 b4 b4 51 57 80 60
| 3f c1 87 c4 b4 bc 98 eb 23 a0 33 90 3c 70 2c 2d
| 88 f0 f5 b6 97 f6 2f ff f5 bd 69 da 49 6b 1f c7
| f8 22 93 e3 fc 2f 01 24 46 31 ba d0 3d 83 ac f9
| 06 fd 7c 89 21 6d 92 d9 30 8f e5 fc 7d 74 60 49
| 9b e0 1c 25 8c 6f 97 d5 8a cc 4b 40 76 2f 9b 0e
| 95 7f da ef 64 ce 4d 1a a6 a3 1a 89 9b 1d 0b 02
| 45 26 16 d1 44 3c 07 ec 04 d0 81 43 d5 3c 1f 40
| 45 44 aa 65 3f 82 9b e0 1f cb 52 04 34 04 d6 ab
| a6 90 28 dd 49 b6 29 ec a4 79 f2 87 a7 dd c5 52
| 08 3c a3 3e a4 3c 2c 1a 53 81 3a 89 a7 3d bd 5a
| 1f d6 64 15 25 85 15 49 b5 e5 4b 25 1c d2 0c 12
| 02 82 7d b8 fe b7 10 4b 83 78 d2 e1 1c d5 3a 6b
| 2d 49 aa 35 04 3d 3e f2 2a d2 13 92 3b e9 a2 57
| d0 47 b0 83 77 ea 09 94 c2 8c 76 b9 11 cc 2e 36
| e9 63 81 d3 00 96 4c 1f c8 e1 f7 e1 db 13 ac f5
| f8 16 ec 88 05 33 ac 63 17 f0 e8 5c 4e 67 48 d1
| 80 11 a2 f0 0a c8 f4 b8 62 a5 cc d4 0e da de 6b
| 16 14 cc ca 91 bf f1 fc af 21 b2 cb 55 06 2f de
| a8 5b 49 0f 3a a3 76 36 4d 46 9a 21 67 37 03 9e
| ed 97 cb 5f 2c 13 b1 e0 e3 f3 9b 0f 55 ee db b8
| f8 ec 39 80 e0 a5 03 c4 c8 59 16 a2 72 85 f7 c3
| 14 c9 65 e9 30 6e f8 ff 6d ff cf 3c 53 57 56 a0
| ca 17 f7 eb 04 cf 72 41 89 31 51 1a 15 cc e4 a1
| da 9b 1e d5 46 17 14 43 a8 64 28 f0 d1 1f 2d ac
| 91 c9 54 4f ae 3d aa be 81 95 d8 e5 9d d4 50 29
| e0 6e 1d 0e 95 7c b8 2e 0a bc 34 f4 5d 10 d1 19
| 14
| authcert list locked by 'add_authcert'
| authcert inserted
| authcert list unlocked by 'add_authcert'
Changing to directory '/etc/ipsec.d/aacerts'
Changing to directory '/etc/ipsec.d/ocspcerts'
Changing to directory '/etc/ipsec.d/crls'
loaded crl file 'crl.pem' (1019 bytes)
| file content is not binary ASN.1
| -----BEGIN X509 CRL-----
| -----END X509 CRL-----
| file coded in PEM format
| L0 - certificateList:
| 30 82 02 c9 30 81 b2 02 01 01 30 0d 06 09 2a 86
| 48 86 f7 0d 01 01 05 05 00 30 70 31 0b 30 09 06
| 03 55 04 06 13 02 41 55 31 20 30 1e 06 03 55 04
| 0a 13 17 4a 6f 74 75 6e 20 41 75 73 74 72 61 6c
| 69 61 20 50 74 79 20 4c 74 64 31 0f 30 0d 06 03
| 55 04 03 13 06 56 50 4e 20 43 41 31 2e 30 2c 06
| 09 2a 86 48 86 f7 0d 01 09 01 16 1f 72 65 63 65
| 70 74 69 6f 6e 5f 62 72 6f 6f 6b 6c 79 6e 40 6a
| 6f 74 75 6e 2e 63 6f 6d 2e 61 75 17 0d 31 30 30
| 37 32 36 30 38 33 36 33 39 5a 17 0d 33 30 30 37
| 32 31 30 38 33 36 33 39 5a a0 0e 30 0c 30 0a 06
| 03 55 1d 14 04 03 02 01 01 30 0d 06 09 2a 86 48
| 86 f7 0d 01 01 05 05 00 03 82 02 01 00 07 ae b9
| b2 40 b3 1c 22 39 b4 59 bf 03 1a 2c 9b 96 32 65
| 45 28 19 b0 67 c7 77 72 80 cd 14 58 2d 1f b7 ef
| 9a dc 34 f2 d7 b9 16 91 ae ed e6 d6 a0 0a 55 f7
| 64 ab cc 28 37 e2 bc 5d 9a 1a 54 1f b0 cc e7 6f
| 35 f2 a6 73 61 8e 3d d1 31 6b cc 29 d7 6d 2e f7
| bc f1 c2 36 b1 81 74 c1 5a 2a 34 ed f3 7d 9a a8
| 56 05 62 b2 7c 68 03 40 ec cc 7d 18 b0 51 26 12
| f9 5a c7 ca 8c a2 8e 16 4a f7 d7 d1 bc 42 a9 da
| 31 84 e2 8c ea 64 f1 dc b0 c6 13 6f 73 69 d8 f8
| c1 92 31 13 95 57 e3 6d 12 cd 2c dd 7d f4 09 18
| a0 09 d6 12 10 eb 3c ad 11 78 ec e8 57 a2 96 5c
| f7 66 6b 8b 2a 29 49 39 59 31 c6 c3 7f 3d 13 cf
| 1d 1d de 9d f8 aa ac 61 a0 aa 86 07 6d 71 c4 78
| 5a 43 9e 8c be e7 12 35 6a c1 d5 6f 9e da 63 d9
| 97 b2 9e 25 a8 1b a4 bc eb 54 43 8b 43 48 ff c8
| 1f 60 28 02 5c 8d 77 e4 3b 51 4b a4 48 ce f4 36
| b7 9b 3c 72 0b 0b 99 a8 bb 7e e8 2b 94 47 25 bd
| 86 bb 7b e1 1b 5e 78 25 67 48 cf aa a0 d7 60 79
| 5e c8 7f 2b 71 03 7a 13 a4 80 6d 37 62 7f 1b 53
| 55 87 5f 39 99 7e f7 8f 6a c3 dd d8 b1 3a da 3e
| be 9b 23 cb 59 c6 e0 4c 5a 71 20 c6 cd 9c cf 85
| d9 cb 64 44 d9 1d f2 da 61 60 93 f3 e9 71 c6 3e
| 31 d8 81 ed fb 44 a8 2a 76 1e 76 f1 50 0c 3e 14
| 6e ce d5 32 de f7 a8 3a d4 60 20 4d 22 22 6c dd
| 88 9f d5 2d 15 1f a2 e0 70 5d 22 9c a3 03 3b 54
| c2 ea ad 73 02 9b 32 5d fc 91 1d b9 89 23 4c df
| b2 d4 f2 5c 78 dc a4 db fe 45 78 f3 8d e7 ea a0
| 2a bf 16 32 f8 53 ee 10 01 9f 17 5c f6 49 fb 87
| ff fc 06 92 21 2f e6 ba e7 30 02 b4 69 6d 16 16
| e8 c0 a8 73 a3 86 19 87 35 42 6f d9 1e bd 05 23
| 97 bd d8 bb d1 5c bf ff 5e 4a 4c c9 f4 56 bd e5
| 5e 84 1d bf f7 b4 38 48 69 eb 5e 71 54
| L1 - tbsCertList:
| 30 81 b2 02 01 01 30 0d 06 09 2a 86 48 86 f7 0d
| 01 01 05 05 00 30 70 31 0b 30 09 06 03 55 04 06
| 13 02 41 55 31 20 30 1e 06 03 55 04 0a 13 17 4a
| 6f 74 75 6e 20 41 75 73 74 72 61 6c 69 61 20 50
| 74 79 20 4c 74 64 31 0f 30 0d 06 03 55 04 03 13
| 06 56 50 4e 20 43 41 31 2e 30 2c 06 09 2a 86 48
| 86 f7 0d 01 09 01 16 1f 72 65 63 65 70 74 69 6f
| 6e 5f 62 72 6f 6f 6b 6c 79 6e 40 6a 6f 74 75 6e
| 2e 63 6f 6d 2e 61 75 17 0d 31 30 30 37 32 36 30
| 38 33 36 33 39 5a 17 0d 33 30 30 37 32 31 30 38
| 33 36 33 39 5a a0 0e 30 0c 30 0a 06 03 55 1d 14
| 04 03 02 01 01
| L2 - version:
| 01
| v2
| L2 - signature:
| L3 - algorithmIdentifier:
| L4 - algorithm:
| 'sha-1WithRSAEncryption'
| L4 - parameters:
| L2 - issuer:
| 30 70 31 0b 30 09 06 03 55 04 06 13 02 41 55 31
| 20 30 1e 06 03 55 04 0a 13 17 4a 6f 74 75 6e 20
| 41 75 73 74 72 61 6c 69 61 20 50 74 79 20 4c 74
| 64 31 0f 30 0d 06 03 55 04 03 13 06 56 50 4e 20
| 43 41 31 2e 30 2c 06 09 2a 86 48 86 f7 0d 01 09
| 01 16 1f 72 65 63 65 70 74 69 6f 6e 5f 62 72 6f
| 6f 6b 6c 79 6e 40 6a 6f 74 75 6e 2e 63 6f 6d 2e
| 61 75
| 'C=XX, O=company, CN=VPN CA, E=reception_sitea at company.com'
| L2 - thisUpdate:
| L3 - utcTime:
| 'Jul 26 08:36:39 UTC 2010'
| L2 - nextUpdate:
| L3 - utcTime:
| 'Jul 21 08:36:39 UTC 2030'
| L2 - optional extensions:
| L3 - crlExtensions:
| L4 - extension:
| L5 - extnID:
| 'crlNumber'
| L5 - critical:
| FALSE
| L5 - extnValue:
| 02 01 01
| L6 - crlNumber:
| 01
| L1 - signatureAlgorithm:
| L2 - algorithmIdentifier:
| L3 - algorithm:
| 'sha-1WithRSAEncryption'
| L3 - parameters:
| L1 - signatureValue:
| 00 07 ae b9 b2 40 b3 1c 22 39 b4 59 bf 03 1a 2c
| 9b 96 32 65 45 28 19 b0 67 c7 77 72 80 cd 14 58
| 2d 1f b7 ef 9a dc 34 f2 d7 b9 16 91 ae ed e6 d6
| a0 0a 55 f7 64 ab cc 28 37 e2 bc 5d 9a 1a 54 1f
| b0 cc e7 6f 35 f2 a6 73 61 8e 3d d1 31 6b cc 29
| d7 6d 2e f7 bc f1 c2 36 b1 81 74 c1 5a 2a 34 ed
| f3 7d 9a a8 56 05 62 b2 7c 68 03 40 ec cc 7d 18
| b0 51 26 12 f9 5a c7 ca 8c a2 8e 16 4a f7 d7 d1
| bc 42 a9 da 31 84 e2 8c ea 64 f1 dc b0 c6 13 6f
| 73 69 d8 f8 c1 92 31 13 95 57 e3 6d 12 cd 2c dd
| 7d f4 09 18 a0 09 d6 12 10 eb 3c ad 11 78 ec e8
| 57 a2 96 5c f7 66 6b 8b 2a 29 49 39 59 31 c6 c3
| 7f 3d 13 cf 1d 1d de 9d f8 aa ac 61 a0 aa 86 07
| 6d 71 c4 78 5a 43 9e 8c be e7 12 35 6a c1 d5 6f
| 9e da 63 d9 97 b2 9e 25 a8 1b a4 bc eb 54 43 8b
| 43 48 ff c8 1f 60 28 02 5c 8d 77 e4 3b 51 4b a4
| 48 ce f4 36 b7 9b 3c 72 0b 0b 99 a8 bb 7e e8 2b
| 94 47 25 bd 86 bb 7b e1 1b 5e 78 25 67 48 cf aa
| a0 d7 60 79 5e c8 7f 2b 71 03 7a 13 a4 80 6d 37
| 62 7f 1b 53 55 87 5f 39 99 7e f7 8f 6a c3 dd d8
| b1 3a da 3e be 9b 23 cb 59 c6 e0 4c 5a 71 20 c6
| cd 9c cf 85 d9 cb 64 44 d9 1d f2 da 61 60 93 f3
| e9 71 c6 3e 31 d8 81 ed fb 44 a8 2a 76 1e 76 f1
| 50 0c 3e 14 6e ce d5 32 de f7 a8 3a d4 60 20 4d
| 22 22 6c dd 88 9f d5 2d 15 1f a2 e0 70 5d 22 9c
| a3 03 3b 54 c2 ea ad 73 02 9b 32 5d fc 91 1d b9
| 89 23 4c df b2 d4 f2 5c 78 dc a4 db fe 45 78 f3
| 8d e7 ea a0 2a bf 16 32 f8 53 ee 10 01 9f 17 5c
| f6 49 fb 87 ff fc 06 92 21 2f e6 ba e7 30 02 b4
| 69 6d 16 16 e8 c0 a8 73 a3 86 19 87 35 42 6f d9
| 1e bd 05 23 97 bd d8 bb d1 5c bf ff 5e 4a 4c c9
| f4 56 bd e5 5e 84 1d bf f7 b4 38 48 69 eb 5e 71
| 54
| authcert list locked by 'insert_crl'
| crl issuer cacert found
| signature digest algorithm: 'sha-1WithRSAEncryption'
| digest: 60 1c cb 8f 28 e2 cc 0a 6c af 7a 72 a9 9a a7 78
| 9a a2 ad 16
| signature encryption algorithm: 'sha-1WithRSAEncryption'
| decrypted signature:
| 00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
| ff ff ff ff ff ff ff ff ff ff ff ff 00 30 21 30
| 09 06 05 2b 0e 03 02 1a 05 00 04 14 60 1c cb 8f
| 28 e2 cc 0a 6c af 7a 72 a9 9a a7 78 9a a2 ad 16
| authcert list unlocked by 'insert_crl'
| crl signature is valid
| crl list locked by 'insert_crl'
| crl list unlocked by 'insert_crl'
Changing to directory '/etc/ipsec.d/acerts'
| inserting event EVENT_LOG_DAILY, timeout in 16357 seconds
| next event EVENT_REINIT_SECRET in 3600 seconds
|
| *received whack message
listening for IKE messages
| found lo with address 127.0.0.1
| found eth0 with address 192.168.5.2
adding interface eth0/eth0 192.168.5.2:500
adding interface eth0/eth0 192.168.5.2:4500
adding interface lo/lo 127.0.0.1:500
adding interface lo/lo 127.0.0.1:4500
| could not open /proc/net/if_inet6
| certs and keys locked by 'free_preshared_secrets'
| certs and keys unlocked by 'free_preshard_secrets'
loading secrets from "/etc/ipsec.secrets"
loaded private key file '/etc/ipsec.d/private/siteb.key' (3311 bytes)
| file content is not binary ASN.1
| -----BEGIN RSA PRIVATE KEY-----
| Proc-Type: 4,ENCRYPTED
| DEK-Info: DES-EDE3-CBC,8F3A8EB09015A034
| -----END RSA PRIVATE KEY-----
| decrypting file using 'DES-EDE3-CBC'
| file coded in PEM format
| L0 - RSAPrivateKey:
| L1 - version:
| L1 - modulus:
| L1 - publicExponent:
| L1 - privateExponent:
| L1 - prime1:
| L1 - prime2:
| L1 - exponent1:
| L1 - exponent2:
| L1 - coefficient:
| certs and keys locked by 'process_secret'
| certs and keys unlocked by 'process_secrets'
| next event EVENT_REINIT_SECRET in 3600 seconds
|
| *received whack message
| from whack: got --esp=aes128-sha1, 3des-md5
| alg_info_parse_str() ealg_buf=aes aalg_buf=sha1eklen=128 aklen=0
| enum_search_prefix () calling enum_search(0xb77c8968, "ESP_AES")
| parser_alg_info_add() ealg_getbyname("aes")=12
| enum_search_prefix () calling enum_search(0xb77c8978,
"AUTH_ALGORITHM_HMAC_SHA1")
| parser_alg_info_add() aalg_getbyname("sha1")=2
| __alg_info_esp_add() ealg=12 aalg=2 cnt=1
| alg_info_parse_str() ealg_buf=3des aalg_buf=md5eklen=0 aklen=0
| enum_search_prefix () calling enum_search(0xb77c8968, "ESP_3DES")
| parser_alg_info_add() ealg_getbyname("3des")=3
| enum_search_prefix () calling enum_search(0xb77c8978,
"AUTH_ALGORITHM_HMAC_MD5")
| parser_alg_info_add() aalg_getbyname("md5")=1
| __alg_info_esp_add() ealg=3 aalg=1 cnt=2
| esp string values: 12_128-2, 3_000-1,
| from whack: got --ike=aes128-sha-modp2048
| alg_info_parse_str() ealg_buf=aes aalg_buf=shaeklen=128 aklen=0
| enum_search_prefix () calling enum_search(0xb77c89c8, "OAKLEY_AES")
| enum_search_ppfixi () calling enum_search(0xb77c89c8, "OAKLEY_AES_CBC")
| parser_alg_info_add() ealg_getbyname("aes")=7
| parser_alg_info_add() aalg_getbyname("sha")=2
| enum_search_prefix () calling enum_search(0xb77c89d8,
"OAKLEY_GROUP_MODP2048")
| parser_alg_info_add() modp_getbyname("modp2048")=14
| __alg_info_ike_add() ealg=7 aalg=2 modp_id=14, cnt=1
| ike string values: 7_128-2-14,
loaded host cert file '/etc/ipsec.d/certs/siteb.crt' (2053 bytes)
| file content is not binary ASN.1
| -----BEGIN CERTIFICATE-----
| -----END CERTIFICATE-----
| file coded in PEM format
| L0 - certificate:
| 30 82 05 bf 30 82 03 a7 a0 03 02 01 02 02 01 02
| 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30
| 70 31 0b 30 09 06 03 55 04 06 13 02 41 55 31 20
| 30 1e 06 03 55 04 0a 13 17 4a 6f 74 75 6e 20 41
| 75 73 74 72 61 6c 69 61 20 50 74 79 20 4c 74 64
| 31 0f 30 0d 06 03 55 04 03 13 06 56 50 4e 20 43
| 41 31 2e 30 2c 06 09 2a 86 48 86 f7 0d 01 09 01
| 16 1f 72 65 63 65 70 74 69 6f 6e 5f 62 72 6f 6f
| 6b 6c 79 6e 40 6a 6f 74 75 6e 2e 63 6f 6d 2e 61
| 75 30 1e 17 0d 31 30 30 37 32 36 30 38 31 37 34
| 33 5a 17 0d 33 30 30 37 32 31 30 38 31 37 34 33
| 5a 30 59 31 0b 30 09 06 03 55 04 06 13 02 41 55
| 31 11 30 0f 06 03 55 04 08 13 08 56 69 63 74 6f
| 72 69 61 31 20 30 1e 06 03 55 04 0a 13 17 4a 6f
| 74 75 6e 20 41 75 73 74 72 61 6c 69 61 20 50 74
| 79 20 4c 74 64 31 15 30 13 06 03 55 04 03 13 0c
| 44 65 72 72 69 6d 75 74 20 56 50 4e 30 82 02 22
| 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03
| 82 02 0f 00 30 82 02 0a 02 82 02 01 00 b7 75 9e
| 38 cf d7 0d 17 56 89 24 e6 2e 52 c1 50 39 b4 87
| 16 30 02 88 82 c3 da 59 9b 0a 69 f7 71 e5 71 ca
| ac a3 2f c7 45 b2 73 1a be 81 dd 15 ad 71 f8 62
| b8 90 6f 76 fb 87 22 be 06 15 69 5c f5 55 0d d4
| 10 70 6a f3 02 b4 5c 3e 9f a9 c2 45 d6 3d 83 85
| 0c 05 7c 66 d0 d6 29 9a db 50 f7 78 bc 8d 55 bb
| 21 12 ce dd 32 90 55 ee 7f 82 cb 92 6a be 28 8e
| 6e 2e f3 87 4c fa 2e 94 39 20 14 9a 40 84 bf 28
| a2 3c 29 07 cb 24 2b f9 9b e5 4c 62 61 2f 30 7d
| d1 af b4 d0 de 87 13 4e 07 c6 c6 e6 ab dc b9 ab
| b7 70 d9 06 f1 71 e5 f2 fa d3 15 f2 10 e3 c0 50
| 84 b9 ef a1 5a 84 da dd 02 06 97 a4 e4 5c 0c da
| 4e 48 03 57 e2 aa a8 30 1f 11 61 e1 5f 05 cc 31
| 98 75 a6 4d 9f d7 15 bc 99 6e 2d e6 b4 69 e2 48
| 12 5c 31 a7 ce 78 6b 59 ae 88 f6 2c 32 94 85 14
| 24 10 ec a1 56 51 a9 af 31 f0 b3 ad 66 9e c8 bf
| 92 d4 c0 96 fc e5 f4 54 68 92 71 7a 36 32 45 de
| b7 d0 90 5e 90 2f 87 de c6 bc 15 2a 4e f6 36 71
| 6c c2 76 7a a9 82 66 e4 f9 7c 11 5a 06 b5 5c ef
| 4a 19 f1 19 e7 98 54 5f 80 db 54 d4 5b b2 bc db
| 31 f9 2f 72 74 50 29 b5 d4 1a 0b 9b 5d 16 c3 e3
| c5 19 92 61 ca 1d 5c 59 8d 17 6d eb 9e f1 f7 8e
| f2 4f 95 36 d2 61 13 0d 21 59 30 43 d0 a7 db fc
| 44 03 2f 7c ea 5d 46 de 8a 1e ab 41 cc 3b 82 6a
| e3 e4 e8 fd bc 6a 5b 5a 14 e3 04 1d 07 a7 63 c9
| fb a0 bf 21 12 d6 dc 56 9c f2 c6 ed d1 50 87 1d
| e5 52 53 7f aa de 42 4a 1c 20 06 19 9b 02 8a c8
| 26 28 e5 cf 31 36 4e af c4 f7 04 58 fe 07 81 f8
| 05 ec dc c5 db 41 2c 92 24 93 bc 8b 96 64 0b ad
| 1e af e2 99 88 42 bb 63 d9 6b 84 1f 73 d7 63 46
| 5c df ac 36 1f df 41 7d 50 c1 eb ba 2b 31 09 43
| 67 8b 23 ee f2 db 6d eb c1 1f 81 d4 ff 02 03 01
| 00 01 a3 7b 30 79 30 09 06 03 55 1d 13 04 02 30
| 00 30 2c 06 09 60 86 48 01 86 f8 42 01 0d 04 1f
| 16 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72 61
| 74 65 64 20 43 65 72 74 69 66 69 63 61 74 65 30
| 1d 06 03 55 1d 0e 04 16 04 14 ca e4 d6 35 05 8e
| a1 ec 5a fc 15 21 e0 0d 2e f8 4e f5 2d 00 30 1f
| 06 03 55 1d 23 04 18 30 16 80 14 bd 58 6a 09 8b
| e1 13 99 8c c3 f8 46 ec e4 29 de 94 53 85 74 30
| 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 82
| 02 01 00 73 80 b0 cf 1d c1 7d 89 df 9b ac 2a e0
| 62 d1 c2 00 dc 49 c8 6d 1b 88 72 d8 9e 61 e9 da
| 3b 38 13 ef 2d d7 ba 02 dd 97 4f 67 01 86 67 56
| 25 2b 56 7d 57 84 44 73 4e 07 0f 2e 9c fa ac b3
| a3 e1 4c 2d 17 b4 29 e9 d4 f7 53 4b 76 ff ab 23
| 7a cc 4c e1 fd 02 52 d6 39 3a 17 ac f4 76 cf 64
| 32 fa 08 31 6c 2a 1b d1 fc 20 a3 10 c4 1c 55 b1
| a6 4d af 35 61 4c 7d 16 bc 22 c9 cc d2 20 8b 74
| 6b 95 39 7c 9e 93 1a 69 1f 0d d1 73 0a 4f 94 43
| 9f 40 93 31 d1 e8 d4 8d 71 4f f5 d3 ec bb 36 1b
| 92 96 7c 97 89 8d 23 be 79 9b f1 f2 db c3 a9 fc
| 97 a7 c6 44 0f 4a 5b 35 10 28 8a 55 3c 1c 5d 3b
| 19 14 2b c3 40 8f 8f b6 96 78 50 b0 11 64 68 9a
| e2 8c 39 b2 06 a2 43 38 fc fe 85 38 fa 62 c1 b1
| d0 36 31 2c c4 6a c8 55 c3 c4 ee 99 b9 7e b6 e9
| d5 de d5 61 89 7f d5 63 f1 ae 63 54 c6 b6 43 b3
| 9f 6c 68 7f 70 bb 2d d8 eb 29 6d 24 c0 52 b8 14
| 19 be 0c 6e ce c8 96 ef b8 ef 6e 4b 73 4a a5 74
| fc 52 db 00 cb 71 bc 55 79 a7 79 6d 29 3d 7c 04
| b4 d3 20 b4 e3 ec 01 29 65 c2 d7 6c 48 2b 8c 36
| cd 05 3f c3 be a0 46 58 99 dc 3f 38 f9 e5 c2 9d
| 59 d4 08 af c4 91 ac 11 4c 28 a2 90 e0 a3 ff d3
| 45 0e 54 db 9f 44 45 ea c0 53 9e d5 fb c3 2b 58
| ab 4f 4e df e5 02 21 4c 79 02 bf f6 0e dc 25 da
| 9a 41 35 63 03 29 c8 c7 42 44 f5 fa 1c 0f 92 a1
| 0f bc 03 39 f9 59 63 fd 31 16 71 35 1e 32 4a 2d
| 8f ab 09 54 6c dc b5 65 f7 fb c8 7a 51 9e c1 1b
| bc ba 78 70 94 4a 0f f9 69 d1 b2 f6 84 6b f6 df
| bb e5 1a 9f 93 45 0f 4d 8c af df 48 34 dc 78 ff
| 7f 5e 07 34 16 2f 8e be 97 9e 7d 17 57 21 72 b0
| 4c d7 d1 2a 7e 8d e3 65 31 d9 3e f3 bb 28 5f f7
| 0c 7f 45 81 bc aa b2 1e 93 05 c8 9d 2a 94 ca a8
| c8 f4 b4
| L1 - tbsCertificate:
| 30 82 03 a7 a0 03 02 01 02 02 01 02 30 0d 06 09
| 2a 86 48 86 f7 0d 01 01 05 05 00 30 70 31 0b 30
| 09 06 03 55 04 06 13 02 41 55 31 20 30 1e 06 03
| 55 04 0a 13 17 4a 6f 74 75 6e 20 41 75 73 74 72
| 61 6c 69 61 20 50 74 79 20 4c 74 64 31 0f 30 0d
| 06 03 55 04 03 13 06 56 50 4e 20 43 41 31 2e 30
| 2c 06 09 2a 86 48 86 f7 0d 01 09 01 16 1f 72 65
| 63 65 70 74 69 6f 6e 5f 62 72 6f 6f 6b 6c 79 6e
| 40 6a 6f 74 75 6e 2e 63 6f 6d 2e 61 75 30 1e 17
| 0d 31 30 30 37 32 36 30 38 31 37 34 33 5a 17 0d
| 33 30 30 37 32 31 30 38 31 37 34 33 5a 30 59 31
| 0b 30 09 06 03 55 04 06 13 02 41 55 31 11 30 0f
| 06 03 55 04 08 13 08 56 69 63 74 6f 72 69 61 31
| 20 30 1e 06 03 55 04 0a 13 17 4a 6f 74 75 6e 20
| 41 75 73 74 72 61 6c 69 61 20 50 74 79 20 4c 74
| 64 31 15 30 13 06 03 55 04 03 13 0c 44 65 72 72
| 69 6d 75 74 20 56 50 4e 30 82 02 22 30 0d 06 09
| 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 02 0f 00
| 30 82 02 0a 02 82 02 01 00 b7 75 9e 38 cf d7 0d
| 17 56 89 24 e6 2e 52 c1 50 39 b4 87 16 30 02 88
| 82 c3 da 59 9b 0a 69 f7 71 e5 71 ca ac a3 2f c7
| 45 b2 73 1a be 81 dd 15 ad 71 f8 62 b8 90 6f 76
| fb 87 22 be 06 15 69 5c f5 55 0d d4 10 70 6a f3
| 02 b4 5c 3e 9f a9 c2 45 d6 3d 83 85 0c 05 7c 66
| d0 d6 29 9a db 50 f7 78 bc 8d 55 bb 21 12 ce dd
| 32 90 55 ee 7f 82 cb 92 6a be 28 8e 6e 2e f3 87
| 4c fa 2e 94 39 20 14 9a 40 84 bf 28 a2 3c 29 07
| cb 24 2b f9 9b e5 4c 62 61 2f 30 7d d1 af b4 d0
| de 87 13 4e 07 c6 c6 e6 ab dc b9 ab b7 70 d9 06
| f1 71 e5 f2 fa d3 15 f2 10 e3 c0 50 84 b9 ef a1
| 5a 84 da dd 02 06 97 a4 e4 5c 0c da 4e 48 03 57
| e2 aa a8 30 1f 11 61 e1 5f 05 cc 31 98 75 a6 4d
| 9f d7 15 bc 99 6e 2d e6 b4 69 e2 48 12 5c 31 a7
| ce 78 6b 59 ae 88 f6 2c 32 94 85 14 24 10 ec a1
| 56 51 a9 af 31 f0 b3 ad 66 9e c8 bf 92 d4 c0 96
| fc e5 f4 54 68 92 71 7a 36 32 45 de b7 d0 90 5e
| 90 2f 87 de c6 bc 15 2a 4e f6 36 71 6c c2 76 7a
| a9 82 66 e4 f9 7c 11 5a 06 b5 5c ef 4a 19 f1 19
| e7 98 54 5f 80 db 54 d4 5b b2 bc db 31 f9 2f 72
| 74 50 29 b5 d4 1a 0b 9b 5d 16 c3 e3 c5 19 92 61
| ca 1d 5c 59 8d 17 6d eb 9e f1 f7 8e f2 4f 95 36
| d2 61 13 0d 21 59 30 43 d0 a7 db fc 44 03 2f 7c
| ea 5d 46 de 8a 1e ab 41 cc 3b 82 6a e3 e4 e8 fd
| bc 6a 5b 5a 14 e3 04 1d 07 a7 63 c9 fb a0 bf 21
| 12 d6 dc 56 9c f2 c6 ed d1 50 87 1d e5 52 53 7f
| aa de 42 4a 1c 20 06 19 9b 02 8a c8 26 28 e5 cf
| 31 36 4e af c4 f7 04 58 fe 07 81 f8 05 ec dc c5
| db 41 2c 92 24 93 bc 8b 96 64 0b ad 1e af e2 99
| 88 42 bb 63 d9 6b 84 1f 73 d7 63 46 5c df ac 36
| 1f df 41 7d 50 c1 eb ba 2b 31 09 43 67 8b 23 ee
| f2 db 6d eb c1 1f 81 d4 ff 02 03 01 00 01 a3 7b
| 30 79 30 09 06 03 55 1d 13 04 02 30 00 30 2c 06
| 09 60 86 48 01 86 f8 42 01 0d 04 1f 16 1d 4f 70
| 65 6e 53 53 4c 20 47 65 6e 65 72 61 74 65 64 20
| 43 65 72 74 69 66 69 63 61 74 65 30 1d 06 03 55
| 1d 0e 04 16 04 14 ca e4 d6 35 05 8e a1 ec 5a fc
| 15 21 e0 0d 2e f8 4e f5 2d 00 30 1f 06 03 55 1d
| 23 04 18 30 16 80 14 bd 58 6a 09 8b e1 13 99 8c
| c3 f8 46 ec e4 29 de 94 53 85 74
| L2 - DEFAULT v1:
| L3 - version:
| 02
| v3
| L2 - serialNumber:
| 02
| L2 - signature:
| L3 - algorithmIdentifier:
| L4 - algorithm:
| 'sha-1WithRSAEncryption'
| L4 - parameters:
| L2 - issuer:
| 30 70 31 0b 30 09 06 03 55 04 06 13 02 41 55 31
| 20 30 1e 06 03 55 04 0a 13 17 4a 6f 74 75 6e 20
| 41 75 73 74 72 61 6c 69 61 20 50 74 79 20 4c 74
| 64 31 0f 30 0d 06 03 55 04 03 13 06 56 50 4e 20
| 43 41 31 2e 30 2c 06 09 2a 86 48 86 f7 0d 01 09
| 01 16 1f 72 65 63 65 70 74 69 6f 6e 5f 62 72 6f
| 6f 6b 6c 79 6e 40 6a 6f 74 75 6e 2e 63 6f 6d 2e
| 61 75
| 'C=XX, O=company, CN=VPN CA, E=reception_sitea at company.com'
| L2 - validity:
| L3 - notBefore:
| L4 - utcTime:
| 'Jul 26 08:17:43 UTC 2010'
| L3 - notAfter:
| L4 - utcTime:
| 'Jul 21 08:17:43 UTC 2030'
| L2 - subject:
| 30 59 31 0b 30 09 06 03 55 04 06 13 02 41 55 31
| 11 30 0f 06 03 55 04 08 13 08 56 69 63 74 6f 72
| 69 61 31 20 30 1e 06 03 55 04 0a 13 17 4a 6f 74
| 75 6e 20 41 75 73 74 72 61 6c 69 61 20 50 74 79
| 20 4c 74 64 31 15 30 13 06 03 55 04 03 13 0c 44
| 65 72 72 69 6d 75 74 20 56 50 4e
| 'C=XX, ST=state, O=company, CN=siteb VPN'
| L2 - subjectPublicKeyInfo:
| L3 - algorithm:
| L4 - algorithmIdentifier:
| L5 - algorithm:
| 'rsaEncryption'
| L5 - parameters:
| L3 - subjectPublicKey:
| L4 - RSAPublicKey:
| 30 82 02 0a 02 82 02 01 00 b7 75 9e 38 cf d7 0d
| 17 56 89 24 e6 2e 52 c1 50 39 b4 87 16 30 02 88
| 82 c3 da 59 9b 0a 69 f7 71 e5 71 ca ac a3 2f c7
| 45 b2 73 1a be 81 dd 15 ad 71 f8 62 b8 90 6f 76
| fb 87 22 be 06 15 69 5c f5 55 0d d4 10 70 6a f3
| 02 b4 5c 3e 9f a9 c2 45 d6 3d 83 85 0c 05 7c 66
| d0 d6 29 9a db 50 f7 78 bc 8d 55 bb 21 12 ce dd
| 32 90 55 ee 7f 82 cb 92 6a be 28 8e 6e 2e f3 87
| 4c fa 2e 94 39 20 14 9a 40 84 bf 28 a2 3c 29 07
| cb 24 2b f9 9b e5 4c 62 61 2f 30 7d d1 af b4 d0
| de 87 13 4e 07 c6 c6 e6 ab dc b9 ab b7 70 d9 06
| f1 71 e5 f2 fa d3 15 f2 10 e3 c0 50 84 b9 ef a1
| 5a 84 da dd 02 06 97 a4 e4 5c 0c da 4e 48 03 57
| e2 aa a8 30 1f 11 61 e1 5f 05 cc 31 98 75 a6 4d
| 9f d7 15 bc 99 6e 2d e6 b4 69 e2 48 12 5c 31 a7
| ce 78 6b 59 ae 88 f6 2c 32 94 85 14 24 10 ec a1
| 56 51 a9 af 31 f0 b3 ad 66 9e c8 bf 92 d4 c0 96
| fc e5 f4 54 68 92 71 7a 36 32 45 de b7 d0 90 5e
| 90 2f 87 de c6 bc 15 2a 4e f6 36 71 6c c2 76 7a
| a9 82 66 e4 f9 7c 11 5a 06 b5 5c ef 4a 19 f1 19
| e7 98 54 5f 80 db 54 d4 5b b2 bc db 31 f9 2f 72
| 74 50 29 b5 d4 1a 0b 9b 5d 16 c3 e3 c5 19 92 61
| ca 1d 5c 59 8d 17 6d eb 9e f1 f7 8e f2 4f 95 36
| d2 61 13 0d 21 59 30 43 d0 a7 db fc 44 03 2f 7c
| ea 5d 46 de 8a 1e ab 41 cc 3b 82 6a e3 e4 e8 fd
| bc 6a 5b 5a 14 e3 04 1d 07 a7 63 c9 fb a0 bf 21
| 12 d6 dc 56 9c f2 c6 ed d1 50 87 1d e5 52 53 7f
| aa de 42 4a 1c 20 06 19 9b 02 8a c8 26 28 e5 cf
| 31 36 4e af c4 f7 04 58 fe 07 81 f8 05 ec dc c5
| db 41 2c 92 24 93 bc 8b 96 64 0b ad 1e af e2 99
| 88 42 bb 63 d9 6b 84 1f 73 d7 63 46 5c df ac 36
| 1f df 41 7d 50 c1 eb ba 2b 31 09 43 67 8b 23 ee
| f2 db 6d eb c1 1f 81 d4 ff 02 03 01 00 01
| L5 - modulus:
| 00 b7 75 9e 38 cf d7 0d 17 56 89 24 e6 2e 52 c1
| 50 39 b4 87 16 30 02 88 82 c3 da 59 9b 0a 69 f7
| 71 e5 71 ca ac a3 2f c7 45 b2 73 1a be 81 dd 15
| ad 71 f8 62 b8 90 6f 76 fb 87 22 be 06 15 69 5c
| f5 55 0d d4 10 70 6a f3 02 b4 5c 3e 9f a9 c2 45
| d6 3d 83 85 0c 05 7c 66 d0 d6 29 9a db 50 f7 78
| bc 8d 55 bb 21 12 ce dd 32 90 55 ee 7f 82 cb 92
| 6a be 28 8e 6e 2e f3 87 4c fa 2e 94 39 20 14 9a
| 40 84 bf 28 a2 3c 29 07 cb 24 2b f9 9b e5 4c 62
| 61 2f 30 7d d1 af b4 d0 de 87 13 4e 07 c6 c6 e6
| ab dc b9 ab b7 70 d9 06 f1 71 e5 f2 fa d3 15 f2
| 10 e3 c0 50 84 b9 ef a1 5a 84 da dd 02 06 97 a4
| e4 5c 0c da 4e 48 03 57 e2 aa a8 30 1f 11 61 e1
| 5f 05 cc 31 98 75 a6 4d 9f d7 15 bc 99 6e 2d e6
| b4 69 e2 48 12 5c 31 a7 ce 78 6b 59 ae 88 f6 2c
| 32 94 85 14 24 10 ec a1 56 51 a9 af 31 f0 b3 ad
| 66 9e c8 bf 92 d4 c0 96 fc e5 f4 54 68 92 71 7a
| 36 32 45 de b7 d0 90 5e 90 2f 87 de c6 bc 15 2a
| 4e f6 36 71 6c c2 76 7a a9 82 66 e4 f9 7c 11 5a
| 06 b5 5c ef 4a 19 f1 19 e7 98 54 5f 80 db 54 d4
| 5b b2 bc db 31 f9 2f 72 74 50 29 b5 d4 1a 0b 9b
| 5d 16 c3 e3 c5 19 92 61 ca 1d 5c 59 8d 17 6d eb
| 9e f1 f7 8e f2 4f 95 36 d2 61 13 0d 21 59 30 43
| d0 a7 db fc 44 03 2f 7c ea 5d 46 de 8a 1e ab 41
| cc 3b 82 6a e3 e4 e8 fd bc 6a 5b 5a 14 e3 04 1d
| 07 a7 63 c9 fb a0 bf 21 12 d6 dc 56 9c f2 c6 ed
| d1 50 87 1d e5 52 53 7f aa de 42 4a 1c 20 06 19
| 9b 02 8a c8 26 28 e5 cf 31 36 4e af c4 f7 04 58
| fe 07 81 f8 05 ec dc c5 db 41 2c 92 24 93 bc 8b
| 96 64 0b ad 1e af e2 99 88 42 bb 63 d9 6b 84 1f
| 73 d7 63 46 5c df ac 36 1f df 41 7d 50 c1 eb ba
| 2b 31 09 43 67 8b 23 ee f2 db 6d eb c1 1f 81 d4
| ff
| L5 - publicExponent:
| 01 00 01
| L2 - optional extensions:
| L3 - extensions:
| L4 - extension:
| L5 - extnID:
| 'basicConstraints'
| L5 - critical:
| FALSE
| L5 - extnValue:
| 30 00
| L6 - basicConstraints:
| L7 - CA:
| FALSE
| L4 - extension:
| L5 - extnID:
| 'nsComment'
| L5 - critical:
| FALSE
| L5 - extnValue:
| 16 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72 61
| 74 65 64 20 43 65 72 74 69 66 69 63 61 74 65
| L6 - nsComment:
| 'OpenSSL Generated Certificate'
| L4 - extension:
| L5 - extnID:
| 'subjectKeyIdentifier'
| L5 - critical:
| FALSE
| L5 - extnValue:
| 04 14 ca e4 d6 35 05 8e a1 ec 5a fc 15 21 e0 0d
| 2e f8 4e f5 2d 00
| L6 - keyIdentifier:
| ca e4 d6 35 05 8e a1 ec 5a fc 15 21 e0 0d 2e f8
| 4e f5 2d 00
| L4 - extension:
| L5 - extnID:
| 'authorityKeyIdentifier'
| L5 - critical:
| FALSE
| L5 - extnValue:
| 30 16 80 14 bd 58 6a 09 8b e1 13 99 8c c3 f8 46
| ec e4 29 de 94 53 85 74
| L6 - authorityKeyIdentifier:
| L7 - keyIdentifier:
| 80 14 bd 58 6a 09 8b e1 13 99 8c c3 f8 46 ec e4
| 29 de 94 53 85 74
| L8 - keyIdentifier:
| bd 58 6a 09 8b e1 13 99 8c c3 f8 46 ec e4 29 de
| 94 53 85 74
| L1 - signatureAlgorithm:
| L2 - algorithmIdentifier:
| L3 - algorithm:
| 'sha-1WithRSAEncryption'
| L3 - parameters:
| L1 - signatureValue:
| 00 73 80 b0 cf 1d c1 7d 89 df 9b ac 2a e0 62 d1
| c2 00 dc 49 c8 6d 1b 88 72 d8 9e 61 e9 da 3b 38
| 13 ef 2d d7 ba 02 dd 97 4f 67 01 86 67 56 25 2b
| 56 7d 57 84 44 73 4e 07 0f 2e 9c fa ac b3 a3 e1
| 4c 2d 17 b4 29 e9 d4 f7 53 4b 76 ff ab 23 7a cc
| 4c e1 fd 02 52 d6 39 3a 17 ac f4 76 cf 64 32 fa
| 08 31 6c 2a 1b d1 fc 20 a3 10 c4 1c 55 b1 a6 4d
| af 35 61 4c 7d 16 bc 22 c9 cc d2 20 8b 74 6b 95
| 39 7c 9e 93 1a 69 1f 0d d1 73 0a 4f 94 43 9f 40
| 93 31 d1 e8 d4 8d 71 4f f5 d3 ec bb 36 1b 92 96
| 7c 97 89 8d 23 be 79 9b f1 f2 db c3 a9 fc 97 a7
| c6 44 0f 4a 5b 35 10 28 8a 55 3c 1c 5d 3b 19 14
| 2b c3 40 8f 8f b6 96 78 50 b0 11 64 68 9a e2 8c
| 39 b2 06 a2 43 38 fc fe 85 38 fa 62 c1 b1 d0 36
| 31 2c c4 6a c8 55 c3 c4 ee 99 b9 7e b6 e9 d5 de
| d5 61 89 7f d5 63 f1 ae 63 54 c6 b6 43 b3 9f 6c
| 68 7f 70 bb 2d d8 eb 29 6d 24 c0 52 b8 14 19 be
| 0c 6e ce c8 96 ef b8 ef 6e 4b 73 4a a5 74 fc 52
| db 00 cb 71 bc 55 79 a7 79 6d 29 3d 7c 04 b4 d3
| 20 b4 e3 ec 01 29 65 c2 d7 6c 48 2b 8c 36 cd 05
| 3f c3 be a0 46 58 99 dc 3f 38 f9 e5 c2 9d 59 d4
| 08 af c4 91 ac 11 4c 28 a2 90 e0 a3 ff d3 45 0e
| 54 db 9f 44 45 ea c0 53 9e d5 fb c3 2b 58 ab 4f
| 4e df e5 02 21 4c 79 02 bf f6 0e dc 25 da 9a 41
| 35 63 03 29 c8 c7 42 44 f5 fa 1c 0f 92 a1 0f bc
| 03 39 f9 59 63 fd 31 16 71 35 1e 32 4a 2d 8f ab
| 09 54 6c dc b5 65 f7 fb c8 7a 51 9e c1 1b bc ba
| 78 70 94 4a 0f f9 69 d1 b2 f6 84 6b f6 df bb e5
| 1a 9f 93 45 0f 4d 8c af df 48 34 dc 78 ff 7f 5e
| 07 34 16 2f 8e be 97 9e 7d 17 57 21 72 b0 4c d7
| d1 2a 7e 8d e3 65 31 d9 3e f3 bb 28 5f f7 0c 7f
| 45 81 bc aa b2 1e 93 05 c8 9d 2a 94 ca a8 c8 f4
| b4
| not before : Jul 26 08:17:43 UTC 2010
| current time: Aug 02 09:27:23 UTC 2010
| not after : Jul 21 08:17:43 UTC 2030
| certificate is valid
| keyid: *AwEAAbd1n
| Modulus:
0xb7759e38cfd70d17568924e62e52c15039b4871630028882c3da599b0a69f771e571caaca32fc745b2731abe81dd15ad71f862b8906f76fb8722be0615695cf5550dd410706af302b45c3e9fa9c245d63d83850c057c66d0d6299adb50f778bc8d55bb2112cedd329055ee7f82cb926abe288e6e2ef3874cfa2e943920149a4084bf28a23c2907cb242bf99be54c62612f307dd1afb4d0de87134e07c6c6e6abdcb9abb770d906f171e5f2fad315f210e3c05084b9efa15a84dadd020697a4e45c0cda4e480357e2aaa8301f1161e15f05cc319875a64d9fd715bc996e2de6b469e248125c31a7ce786b59ae88f62c329485142410eca15651a9af31f0b3ad669ec8bf92d4c096fce5f4546892717a363245deb7d0905e902f87dec6bc152a4ef636716cc2767aa98266e4f97c115a06b55cef4a19f119e798545f80db54d45bb2bcdb31f92f72745029b5d41a0b9b5d16c3e3c5199261ca1d5c598d176deb9ef1f78ef24f9536d261130d21593043d0a7dbfc44032f7cea5d46de8a1eab41cc3b826ae3e4e8fdbc6a5b5a14e3041d07a763c9fba0bf2112d6dc569cf2c6edd150871de552537faade424a1c2006199b028ac82628e5cf31364eafc4f70458fe0781f805ecdcc5db412c922493bc8b96640bad1eafe2998842bb63d96b841f73d763465cdfac361fdf417d50c1ebba2b310943678b23eef2
| PublicExponent: 0x10001
| certs and keys locked by 'add_x509cert'
| x509 cert inserted
| certs and keys unlocked by 'add_x509cert'
| alg_info_addref() alg_info->ref_cnt=1
| alg_info_addref() alg_info->ref_cnt=1
added connection description "company"
| 192.168.5.0/24===192.168.5.2[C=XX, ST=state, O=company, CN=siteb
VPN]...<peer's fw's public ip>[C=XX, ST=state, O=company, CN=sitea VPN]===
192.168.0.0/24
| ike_life: 10800s; ipsec_life: 3600s; rekey_margin: 540s; rekey_fuzz: 100%;
keyingtries: 3; policy: RSASIG+ENCRYPT+TUNNEL+PFS
| next event EVENT_REINIT_SECRET in 3600 seconds
|
| *received whack message
| creating state object #1 at 0xb77e6408
| ICOOKIE: 11 47 e1 b8 ed 32 ac a4
| RCOOKIE: 00 00 00 00 00 00 00 00
| peer: a5 e4 67 ba
| state hash entry 20
| inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #1
| Queuing pending Quick Mode with <peer's fw's public ip> "company"
"company" #1: initiating Main Mode
| **emit ISAKMP Message:
| initiator cookie:
| 11 47 e1 b8 ed 32 ac a4
| responder cookie:
| 00 00 00 00 00 00 00 00
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| ***emit ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_VID
| DOI: ISAKMP_DOI_IPSEC
| ****emit IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| 7_128-2-14,
| ****emit ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| proposal number: 0
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****emit ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| transform number: 0
| transform ID: KEY_IKE
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_TYPE
| length/value: 1
| [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_DURATION
| length/value: 10800
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_ENCRYPTION_ALGORITHM
| length/value: 7
| [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_HASH_ALGORITHM
| length/value: 2
| [2 is OAKLEY_SHA]
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_KEY_LENGTH
| length/value: 128
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 3
| [3 is OAKLEY_RSA_SIG]
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_GROUP_DESCRIPTION
| length/value: 14
| [14 is OAKLEY_GROUP_MODP2048]
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| emitting length of ISAKMP Proposal Payload: 44
| emitting length of ISAKMP Security Association Payload: 56
| out_vendorid(): sending [strongSwan 4.2.4]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID cd 57 92 d4 b7 0f 02 99 a6 a1 37 3d e2 36 d2 ac
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [Cisco-Unity]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2 74 cc 01 00
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [XAUTH]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 8 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 09 00 26 89 df d6 b7 12
| emitting length of ISAKMP Vendor ID Payload: 12
| out_vendorid(): sending [Dead Peer Detection]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [RFC 3947]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-03]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-02]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-02_n]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-00]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| emitting length of ISAKMP Vendor ID Payload: 20
| emitting length of ISAKMP Message: 256
| sending 256 bytes for main_outI1 through eth0 to <peer's fw's public
ip>:500:
| 11 47 e1 b8 ed 32 ac a4 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
| next event EVENT_RETRANSMIT in 10 seconds for #1
|
| *received 176 bytes from <peer's fw's public ip>:500 on eth0
| 11 47 e1 b8 ed 32 ac a4 05 e6 ed 3b 49 50 e0 6a
| 01 10 02 00 00 00 00 00 00 00 00 b0 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 00 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| **parse ISAKMP Message:
| initiator cookie:
| 11 47 e1 b8 ed 32 ac a4
| responder cookie:
| 05 e6 ed 3b 49 50 e0 6a
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 176
| ICOOKIE: 11 47 e1 b8 ed 32 ac a4
| RCOOKIE: 05 e6 ed 3b 49 50 e0 6a
| peer: a5 e4 67 ba
| state hash entry 28
| state object not found
| ICOOKIE: 11 47 e1 b8 ed 32 ac a4
| RCOOKIE: 00 00 00 00 00 00 00 00
| peer: a5 e4 67 ba
| state hash entry 20
| state object #1 found, in STATE_MAIN_I1
| ***parse ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 56
| DOI: ISAKMP_DOI_IPSEC
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 12
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 20
"company" #1: ignoring Vendor ID payload [strongSwan 4.2.4]
"company" #1: ignoring Vendor ID payload [Cisco-Unity]
"company" #1: received Vendor ID payload [XAUTH]
"company" #1: received Vendor ID payload [Dead Peer Detection]
"company" #1: received Vendor ID payload [RFC 3947]
| ****parse IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| ****parse ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 44
| proposal number: 0
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****parse ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| length: 36
| transform number: 0
| transform ID: KEY_IKE
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_TYPE
| length/value: 1
| [1 is OAKLEY_LIFE_SECONDS]
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_DURATION
| length/value: 10800
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_ENCRYPTION_ALGORITHM
| length/value: 7
| [7 is OAKLEY_AES_CBC]
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_HASH_ALGORITHM
| length/value: 2
| [2 is OAKLEY_SHA]
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_KEY_LENGTH
| length/value: 128
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 3
| [3 is OAKLEY_RSA_SIG]
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_GROUP_DESCRIPTION
| length/value: 14
| [14 is OAKLEY_GROUP_MODP2048]
| Oakley Transform 0 accepted
"company" #1: enabling possible NAT-traversal with method 3
| **emit ISAKMP Message:
| initiator cookie:
| 11 47 e1 b8 ed 32 ac a4
| responder cookie:
| 05 e6 ed 3b 49 50 e0 6a
| next payload type: ISAKMP_NEXT_KE
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| Local DH secret:
| 03 90 ec 68 07 43 a3 43 eb 82 7a b1 42 d3 c8 9f
| 24 66 13 a4 52 2b 72 39 2e 6f 37 80 5b 73 a5 7f
| Public DH value sent:
| 65 c3 78 99 4d 9d 35 61 36 ea 68 d7 8b 9d 7e d4
| 4d f0 92 1f 54 de c4 23 4f 62 dd a6 2c 67 e3 e1
| 5b 10 2a 83 e7 5a c8 71 c9 d6 60 39 6c 19 6c fb
| 8c 4d d7 16 ba f1 6d 12 99 16 71 26 09 15 79 19
| 10 f2 87 6a 6f 10 98 9c 9f 89 8b d6 31 84 d2 68
| 52 c5 6f 78 50 fd 77 e1 df fd 2a 78 48 67 d1 22
| 89 2b 18 c7 3e 1e 48 20 c4 b8 fc 77 ff d3 f5 15
| 72 8a 44 01 ad 86 50 ca 1a 3f c3 23 02 af f1 d8
| 07 53 b4 96 93 e6 64 61 24 da 65 18 10 48 71 c7
| fe f7 8f ca a9 61 0a 77 e5 7f 8c 63 e5 15 9f 83
| ba 64 17 2c 8d 6c a1 29 6c 9b 8b fe 43 4f d0 6a
| ec 6a 85 9b 3e 24 c7 fa 8b e2 b1 3b 46 c9 bd 32
| 0d 97 08 34 de d8 ab 43 a6 b8 3f 6f fd a6 6f 48
| 52 14 2e c4 a9 e8 7f 1d 50 33 c8 05 90 12 2a d9
| 03 53 2b 4a 75 38 2f 1d f1 7b 92 b3 c7 07 c5 10
| 03 e2 ce 96 a8 18 3c 67 0a 23 d2 a5 60 a4 c8 f9
| ***emit ISAKMP Key Exchange Payload:
| next payload type: ISAKMP_NEXT_NONCE
| emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload
| keyex value 65 c3 78 99 4d 9d 35 61 36 ea 68 d7 8b 9d 7e d4
| 4d f0 92 1f 54 de c4 23 4f 62 dd a6 2c 67 e3 e1
| 5b 10 2a 83 e7 5a c8 71 c9 d6 60 39 6c 19 6c fb
| 8c 4d d7 16 ba f1 6d 12 99 16 71 26 09 15 79 19
| 10 f2 87 6a 6f 10 98 9c 9f 89 8b d6 31 84 d2 68
| 52 c5 6f 78 50 fd 77 e1 df fd 2a 78 48 67 d1 22
| 89 2b 18 c7 3e 1e 48 20 c4 b8 fc 77 ff d3 f5 15
| 72 8a 44 01 ad 86 50 ca 1a 3f c3 23 02 af f1 d8
| 07 53 b4 96 93 e6 64 61 24 da 65 18 10 48 71 c7
| fe f7 8f ca a9 61 0a 77 e5 7f 8c 63 e5 15 9f 83
| ba 64 17 2c 8d 6c a1 29 6c 9b 8b fe 43 4f d0 6a
| ec 6a 85 9b 3e 24 c7 fa 8b e2 b1 3b 46 c9 bd 32
| 0d 97 08 34 de d8 ab 43 a6 b8 3f 6f fd a6 6f 48
| 52 14 2e c4 a9 e8 7f 1d 50 33 c8 05 90 12 2a d9
| 03 53 2b 4a 75 38 2f 1d f1 7b 92 b3 c7 07 c5 10
| 03 e2 ce 96 a8 18 3c 67 0a 23 d2 a5 60 a4 c8 f9
| emitting length of ISAKMP Key Exchange Payload: 260
| ***emit ISAKMP Nonce Payload:
| next payload type: ISAKMP_NEXT_NAT-D
| emitting 16 raw bytes of Ni into ISAKMP Nonce Payload
| Ni a4 d6 80 aa d5 46 49 de dc a1 96 c6 79 c1 ba 52
| emitting length of ISAKMP Nonce Payload: 20
| sending NATD payloads
| _natd_hash: hasher=0xb77ca620(20)
| _natd_hash: icookie=
| 11 47 e1 b8 ed 32 ac a4
| _natd_hash: rcookie=
| 05 e6 ed 3b 49 50 e0 6a
| _natd_hash: ip= a5 e4 67 ba
| _natd_hash: port=62465
| _natd_hash: hash= ba 20 b9 64 d1 19 32 57 9b 5c 94 07 dc fe f8 d2
| f8 7f 8b 96
| ***emit ISAKMP NAT-D Payload:
| next payload type: ISAKMP_NEXT_NAT-D
| emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload
| NAT-D ba 20 b9 64 d1 19 32 57 9b 5c 94 07 dc fe f8 d2
| f8 7f 8b 96
| emitting length of ISAKMP NAT-D Payload: 24
| _natd_hash: hasher=0xb77ca620(20)
| _natd_hash: icookie=
| 11 47 e1 b8 ed 32 ac a4
| _natd_hash: rcookie=
| 05 e6 ed 3b 49 50 e0 6a
| _natd_hash: ip= c0 a8 05 02
| _natd_hash: port=62465
| _natd_hash: hash= 5e b4 ce 6e f1 c3 90 e0 af 5f b0 a5 6d f6 a1 ed
| b5 8b 0b bc
| ***emit ISAKMP NAT-D Payload:
| next payload type: ISAKMP_NEXT_NONE
| emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload
| NAT-D 5e b4 ce 6e f1 c3 90 e0 af 5f b0 a5 6d f6 a1 ed
| b5 8b 0b bc
| emitting length of ISAKMP NAT-D Payload: 24
| emitting length of ISAKMP Message: 356
| ICOOKIE: 11 47 e1 b8 ed 32 ac a4
| RCOOKIE: 00 00 00 00 00 00 00 00
| peer: a5 e4 67 ba
| state hash entry 20
| ICOOKIE: 11 47 e1 b8 ed 32 ac a4
| RCOOKIE: 05 e6 ed 3b 49 50 e0 6a
| peer: a5 e4 67 ba
| state hash entry 28
| sending 356 bytes for STATE_MAIN_I1 through eth0 to <peer's fw's public
ip>:500:
| 11 47 e1 b8 ed 32 ac a4 05 e6 ed 3b 49 50 e0 6a
| 04 10 02 00 00 00 00 00 00 00 01 64 0a 00 01 04
| 65 c3 78 99 4d 9d 35 61 36 ea 68 d7 8b 9d 7e d4
| 4d f0 92 1f 54 de c4 23 4f 62 dd a6 2c 67 e3 e1
| 5b 10 2a 83 e7 5a c8 71 c9 d6 60 39 6c 19 6c fb
| 8c 4d d7 16 ba f1 6d 12 99 16 71 26 09 15 79 19
| 10 f2 87 6a 6f 10 98 9c 9f 89 8b d6 31 84 d2 68
| 52 c5 6f 78 50 fd 77 e1 df fd 2a 78 48 67 d1 22
| 89 2b 18 c7 3e 1e 48 20 c4 b8 fc 77 ff d3 f5 15
| 72 8a 44 01 ad 86 50 ca 1a 3f c3 23 02 af f1 d8
| 07 53 b4 96 93 e6 64 61 24 da 65 18 10 48 71 c7
| fe f7 8f ca a9 61 0a 77 e5 7f 8c 63 e5 15 9f 83
| ba 64 17 2c 8d 6c a1 29 6c 9b 8b fe 43 4f d0 6a
| ec 6a 85 9b 3e 24 c7 fa 8b e2 b1 3b 46 c9 bd 32
| 0d 97 08 34 de d8 ab 43 a6 b8 3f 6f fd a6 6f 48
| 52 14 2e c4 a9 e8 7f 1d 50 33 c8 05 90 12 2a d9
| 03 53 2b 4a 75 38 2f 1d f1 7b 92 b3 c7 07 c5 10
| 03 e2 ce 96 a8 18 3c 67 0a 23 d2 a5 60 a4 c8 f9
| 14 00 00 14 a4 d6 80 aa d5 46 49 de dc a1 96 c6
| 79 c1 ba 52 14 00 00 18 ba 20 b9 64 d1 19 32 57
| 9b 5c 94 07 dc fe f8 d2 f8 7f 8b 96 00 00 00 18
| 5e b4 ce 6e f1 c3 90 e0 af 5f b0 a5 6d f6 a1 ed
| b5 8b 0b bc
| inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
| next event EVENT_RETRANSMIT in 10 seconds for #1
|
| *received 364 bytes from <peer's fw's public ip>:500 on eth0
| 11 47 e1 b8 ed 32 ac a4 05 e6 ed 3b 49 50 e0 6a
| 04 10 02 00 00 00 00 00 00 00 01 6c 0a 00 01 04
| 79 5e 5b ca 4e a9 7e 20 b9 f0 5c be ee da 41 e3
| 06 2b db 03 96 47 86 8e fa 05 26 21 8f 80 b1 52
| 57 a2 1c 93 8d 2a c0 6b 2b 0a d7 01 92 ce a1 8a
| 18 96 ae a9 b2 00 46 90 33 b2 99 59 ca 7e db 6b
| 43 5a 29 e7 c9 c2 84 68 05 68 57 a5 ff a0 f6 68
| ca 4b b1 0f bc a8 2f 29 25 d5 b7 14 43 74 23 1e
| fa fd 79 df 36 5c c2 65 2f 91 3b 7f 81 5a 90 c3
| ca e3 4d 19 4e 52 10 e7 6e 77 87 2c 56 ad 4c 40
| 93 2c 86 ec 2e 57 86 86 ed 7d 85 f4 18 55 52 0d
| a8 7c 43 f0 a2 17 e1 2d 9a 47 a0 80 ed bf 85 f3
| 7e 68 7b e3 75 52 a9 41 aa 96 4d 89 02 38 0f 03
| 57 0a 25 96 5a 0e 70 92 50 92 fe e9 db bf 1b 0f
| 49 45 77 ce 8a b8 a1 09 5d b5 e8 d7 d2 89 e3 d0
| 3d 2d 9d eb a0 52 91 6d 4d f8 8b a1 a4 af 16 40
| 2b f7 3b 2f fc 81 78 a0 ed 56 a4 7c ac 29 be 0c
| f9 ff c2 22 4e 22 8e d5 19 ba 94 3a f5 45 a4 88
| 07 00 00 14 b5 5d 45 16 f5 91 85 db 46 08 d3 0e
| 0a 80 5c 54 14 00 00 05 04 14 00 00 18 f7 25 56
| fa 59 5f 57 0b 4f 65 28 82 ee 39 3b 1d 56 fc 0b
| d3 00 00 00 18 68 82 7d e3 30 da 2e ca ab 55 77
| f5 52 c1 ae f7 ad 04 c1 c4 00 00 00
| **parse ISAKMP Message:
| initiator cookie:
| 11 47 e1 b8 ed 32 ac a4
| responder cookie:
| 05 e6 ed 3b 49 50 e0 6a
| next payload type: ISAKMP_NEXT_KE
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 364
| ICOOKIE: 11 47 e1 b8 ed 32 ac a4
| RCOOKIE: 05 e6 ed 3b 49 50 e0 6a
| peer: a5 e4 67 ba
| state hash entry 28
| state object #1 found, in STATE_MAIN_I2
| ***parse ISAKMP Key Exchange Payload:
| next payload type: ISAKMP_NEXT_NONCE
| length: 260
| ***parse ISAKMP Nonce Payload:
| next payload type: ISAKMP_NEXT_CR
| length: 20
| ***parse ISAKMP Certificate RequestPayload:
| next payload type: ISAKMP_NEXT_NAT-D
| length: 5
| cert type: CERT_X509_SIGNATURE
| ***parse ISAKMP NAT-D Payload:
| next payload type: ISAKMP_NEXT_NAT-D
| length: 24
| ***parse ISAKMP NAT-D Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 24
| removing 3 bytes of padding
| **emit ISAKMP Message:
| initiator cookie:
| 11 47 e1 b8 ed 32 ac a4
| responder cookie:
| 05 e6 ed 3b 49 50 e0 6a
| next payload type: ISAKMP_NEXT_ID
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: ISAKMP_FLAG_ENCRYPTION
| message ID: 00 00 00 00
| DH public value received:
| 79 5e 5b ca 4e a9 7e 20 b9 f0 5c be ee da 41 e3
| 06 2b db 03 96 47 86 8e fa 05 26 21 8f 80 b1 52
| 57 a2 1c 93 8d 2a c0 6b 2b 0a d7 01 92 ce a1 8a
| 18 96 ae a9 b2 00 46 90 33 b2 99 59 ca 7e db 6b
| 43 5a 29 e7 c9 c2 84 68 05 68 57 a5 ff a0 f6 68
| ca 4b b1 0f bc a8 2f 29 25 d5 b7 14 43 74 23 1e
| fa fd 79 df 36 5c c2 65 2f 91 3b 7f 81 5a 90 c3
| ca e3 4d 19 4e 52 10 e7 6e 77 87 2c 56 ad 4c 40
| 93 2c 86 ec 2e 57 86 86 ed 7d 85 f4 18 55 52 0d
| a8 7c 43 f0 a2 17 e1 2d 9a 47 a0 80 ed bf 85 f3
| 7e 68 7b e3 75 52 a9 41 aa 96 4d 89 02 38 0f 03
| 57 0a 25 96 5a 0e 70 92 50 92 fe e9 db bf 1b 0f
| 49 45 77 ce 8a b8 a1 09 5d b5 e8 d7 d2 89 e3 d0
| 3d 2d 9d eb a0 52 91 6d 4d f8 8b a1 a4 af 16 40
| 2b f7 3b 2f fc 81 78 a0 ed 56 a4 7c ac 29 be 0c
| f9 ff c2 22 4e 22 8e d5 19 ba 94 3a f5 45 a4 88
| CR
| requested CA: '%any'
| compute_dh_shared(): time elapsed (OAKLEY_GROUP_MODP2048): 3984 usec
| DH shared secret:
| d8 de fd 47 f7 57 87 c8 9c 03 ac b9 df f0 8d e8
| 1d 68 fb 9c ab 03 80 36 0f ea 1c ff c7 3a 20 5b
| 4b 6d fc e5 ae 4b 79 a9 53 64 05 db b8 8c e7 f2
| 89 c3 ed 6c 39 98 cc e3 34 5c f6 4d 0a 32 47 ac
| d1 50 10 a7 9d e1 70 80 d3 fb b2 63 6b d0 bd 7e
| 1f b7 6e ef fa 61 31 dc 2a b1 45 81 67 91 99 21
| 0a 6f ff 54 9d 1f 03 81 5a f3 a6 c5 44 b3 a5 10
| 3f 8d 16 dd e7 c6 e1 25 4d 48 13 4c 89 ef 24 9c
| f7 fc ba 48 44 0c 6b 1a 5e 48 33 9c 51 05 8d e0
| 75 cb 79 d3 43 22 f4 e7 3b 9f 9c 17 43 a8 b4 e0
| 14 08 53 0f 6d 36 b8 f1 21 6f a4 e5 c3 85 79 8d
| cf 24 7a 76 a4 82 2d 6e ec 1f 7e 1e a7 2a 2e 8d
| e4 55 e7 71 5e f7 23 f0 bd ff b2 71 d1 ed b0 47
| 6c 6e c7 a3 3c e0 ce be 79 33 d7 ca cb db 4a 0f
| 6a 77 49 ec bd d1 7b 32 51 d0 d3 6c 27 29 bb dc
| fa 72 19 66 22 6d 21 33 ed bc d5 b7 21 d2 86 8b
| DH_i: 65 c3 78 99 4d 9d 35 61 36 ea 68 d7 8b 9d 7e d4
| 4d f0 92 1f 54 de c4 23 4f 62 dd a6 2c 67 e3 e1
| 5b 10 2a 83 e7 5a c8 71 c9 d6 60 39 6c 19 6c fb
| 8c 4d d7 16 ba f1 6d 12 99 16 71 26 09 15 79 19
| 10 f2 87 6a 6f 10 98 9c 9f 89 8b d6 31 84 d2 68
| 52 c5 6f 78 50 fd 77 e1 df fd 2a 78 48 67 d1 22
| 89 2b 18 c7 3e 1e 48 20 c4 b8 fc 77 ff d3 f5 15
| 72 8a 44 01 ad 86 50 ca 1a 3f c3 23 02 af f1 d8
| 07 53 b4 96 93 e6 64 61 24 da 65 18 10 48 71 c7
| fe f7 8f ca a9 61 0a 77 e5 7f 8c 63 e5 15 9f 83
| ba 64 17 2c 8d 6c a1 29 6c 9b 8b fe 43 4f d0 6a
| ec 6a 85 9b 3e 24 c7 fa 8b e2 b1 3b 46 c9 bd 32
| 0d 97 08 34 de d8 ab 43 a6 b8 3f 6f fd a6 6f 48
| 52 14 2e c4 a9 e8 7f 1d 50 33 c8 05 90 12 2a d9
| 03 53 2b 4a 75 38 2f 1d f1 7b 92 b3 c7 07 c5 10
| 03 e2 ce 96 a8 18 3c 67 0a 23 d2 a5 60 a4 c8 f9
| DH_r: 79 5e 5b ca 4e a9 7e 20 b9 f0 5c be ee da 41 e3
| 06 2b db 03 96 47 86 8e fa 05 26 21 8f 80 b1 52
| 57 a2 1c 93 8d 2a c0 6b 2b 0a d7 01 92 ce a1 8a
| 18 96 ae a9 b2 00 46 90 33 b2 99 59 ca 7e db 6b
| 43 5a 29 e7 c9 c2 84 68 05 68 57 a5 ff a0 f6 68
| ca 4b b1 0f bc a8 2f 29 25 d5 b7 14 43 74 23 1e
| fa fd 79 df 36 5c c2 65 2f 91 3b 7f 81 5a 90 c3
| ca e3 4d 19 4e 52 10 e7 6e 77 87 2c 56 ad 4c 40
| 93 2c 86 ec 2e 57 86 86 ed 7d 85 f4 18 55 52 0d
| a8 7c 43 f0 a2 17 e1 2d 9a 47 a0 80 ed bf 85 f3
| 7e 68 7b e3 75 52 a9 41 aa 96 4d 89 02 38 0f 03
| 57 0a 25 96 5a 0e 70 92 50 92 fe e9 db bf 1b 0f
| 49 45 77 ce 8a b8 a1 09 5d b5 e8 d7 d2 89 e3 d0
| 3d 2d 9d eb a0 52 91 6d 4d f8 8b a1 a4 af 16 40
| 2b f7 3b 2f fc 81 78 a0 ed 56 a4 7c ac 29 be 0c
| f9 ff c2 22 4e 22 8e d5 19 ba 94 3a f5 45 a4 88
| Skeyid: 9b 3a 83 b4 c1 b6 71 c1 58 c8 7a db 6b 5a d0 08
| 7d ee a0 ed
| Skeyid_d: a0 e2 9f 69 9e 82 fd 04 39 63 5b a6 f8 29 1f 54
| 3b 10 b8 71
| Skeyid_a: 1d d3 12 b6 97 43 a4 1d 07 dc 6d 92 39 74 82 cc
| cf 09 ce f3
| Skeyid_e: d2 d7 ef 8b dc af d4 ff fc 2d d9 da a2 11 15 e0
| 89 79 2d 25
| enc key: d2 d7 ef 8b dc af d4 ff fc 2d d9 da a2 11 15 e0
| IV: 1c 1c 24 76 0d c4 f8 fa 32 a1 5b d0 cf 25 cc 1d
| c7 e0 97 a7
| _natd_hash: hasher=0xb77ca620(20)
| _natd_hash: icookie=
| 11 47 e1 b8 ed 32 ac a4
| _natd_hash: rcookie=
| 05 e6 ed 3b 49 50 e0 6a
| _natd_hash: ip= c0 a8 05 02
| _natd_hash: port=62465
| _natd_hash: hash= 5e b4 ce 6e f1 c3 90 e0 af 5f b0 a5 6d f6 a1 ed
| b5 8b 0b bc
| NAT_TRAVERSAL_NAT_BHND_ME
| expected NAT-D: 5e b4 ce 6e f1 c3 90 e0 af 5f b0 a5 6d f6 a1 ed
| b5 8b 0b bc
| received NAT-D: f7 25 56 fa 59 5f 57 0b 4f 65 28 82 ee 39 3b 1d
| 56 fc 0b d3
| _natd_hash: hasher=0xb77ca620(20)
| _natd_hash: icookie=
| 11 47 e1 b8 ed 32 ac a4
| _natd_hash: rcookie=
| 05 e6 ed 3b 49 50 e0 6a
| _natd_hash: ip= a5 e4 67 ba
| _natd_hash: port=62465
| _natd_hash: hash= ba 20 b9 64 d1 19 32 57 9b 5c 94 07 dc fe f8 d2
| f8 7f 8b 96
| NAT_TRAVERSAL_NAT_BHND_PEER
| expected NAT-D: ba 20 b9 64 d1 19 32 57 9b 5c 94 07 dc fe f8 d2
| f8 7f 8b 96
| received NAT-D: 68 82 7d e3 30 da 2e ca ab 55 77 f5 52 c1 ae f7
| ad 04 c1 c4
"company" #1: NAT-Traversal: Result using RFC 3947: both are NATed
| inserting event EVENT_NAT_T_KEEPALIVE, timeout in 20 seconds
| ***emit ISAKMP Identification Payload (IPsec DOI):
| next payload type: ISAKMP_NEXT_CERT
| ID type: ID_DER_ASN1_DN
| Protocol ID: 0
| port: 0
| emitting 91 raw bytes of my identity into ISAKMP Identification Payload
(IPsec DOI)
| my identity 30 59 31 0b 30 09 06 03 55 04 06 13 02 41 55 31
| 11 30 0f 06 03 55 04 08 13 08 56 69 63 74 6f 72
| 69 61 31 20 30 1e 06 03 55 04 0a 13 17 4a 6f 74
| 75 6e 20 41 75 73 74 72 61 6c 69 61 20 50 74 79
| 20 4c 74 64 31 15 30 13 06 03 55 04 03 13 0c 44
| 65 72 72 69 6d 75 74 20 56 50 4e
| emitting length of ISAKMP Identification Payload (IPsec DOI): 99
| our certificate policy is SEND_IF_ASKED
"company" #1: we have a cert and are sending it upon request
| ***emit ISAKMP Certificate Payload:
| next payload type: ISAKMP_NEXT_CR
| cert encoding: CERT_X509_SIGNATURE
| emitting 1475 raw bytes of CERT into ISAKMP Certificate Payload
| CERT 30 82 05 bf 30 82 03 a7 a0 03 02 01 02 02 01 02
| 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30
| 70 31 0b 30 09 06 03 55 04 06 13 02 41 55 31 20
| 30 1e 06 03 55 04 0a 13 17 4a 6f 74 75 6e 20 41
| 75 73 74 72 61 6c 69 61 20 50 74 79 20 4c 74 64
| 31 0f 30 0d 06 03 55 04 03 13 06 56 50 4e 20 43
| 41 31 2e 30 2c 06 09 2a 86 48 86 f7 0d 01 09 01
| 16 1f 72 65 63 65 70 74 69 6f 6e 5f 62 72 6f 6f
| 6b 6c 79 6e 40 6a 6f 74 75 6e 2e 63 6f 6d 2e 61
| 75 30 1e 17 0d 31 30 30 37 32 36 30 38 31 37 34
| 33 5a 17 0d 33 30 30 37 32 31 30 38 31 37 34 33
| 5a 30 59 31 0b 30 09 06 03 55 04 06 13 02 41 55
| 31 11 30 0f 06 03 55 04 08 13 08 56 69 63 74 6f
| 72 69 61 31 20 30 1e 06 03 55 04 0a 13 17 4a 6f
| 74 75 6e 20 41 75 73 74 72 61 6c 69 61 20 50 74
| 79 20 4c 74 64 31 15 30 13 06 03 55 04 03 13 0c
| 44 65 72 72 69 6d 75 74 20 56 50 4e 30 82 02 22
| 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03
| 82 02 0f 00 30 82 02 0a 02 82 02 01 00 b7 75 9e
| 38 cf d7 0d 17 56 89 24 e6 2e 52 c1 50 39 b4 87
| 16 30 02 88 82 c3 da 59 9b 0a 69 f7 71 e5 71 ca
| ac a3 2f c7 45 b2 73 1a be 81 dd 15 ad 71 f8 62
| b8 90 6f 76 fb 87 22 be 06 15 69 5c f5 55 0d d4
| 10 70 6a f3 02 b4 5c 3e 9f a9 c2 45 d6 3d 83 85
| 0c 05 7c 66 d0 d6 29 9a db 50 f7 78 bc 8d 55 bb
| 21 12 ce dd 32 90 55 ee 7f 82 cb 92 6a be 28 8e
| 6e 2e f3 87 4c fa 2e 94 39 20 14 9a 40 84 bf 28
| a2 3c 29 07 cb 24 2b f9 9b e5 4c 62 61 2f 30 7d
| d1 af b4 d0 de 87 13 4e 07 c6 c6 e6 ab dc b9 ab
| b7 70 d9 06 f1 71 e5 f2 fa d3 15 f2 10 e3 c0 50
| 84 b9 ef a1 5a 84 da dd 02 06 97 a4 e4 5c 0c da
| 4e 48 03 57 e2 aa a8 30 1f 11 61 e1 5f 05 cc 31
| 98 75 a6 4d 9f d7 15 bc 99 6e 2d e6 b4 69 e2 48
| 12 5c 31 a7 ce 78 6b 59 ae 88 f6 2c 32 94 85 14
| 24 10 ec a1 56 51 a9 af 31 f0 b3 ad 66 9e c8 bf
| 92 d4 c0 96 fc e5 f4 54 68 92 71 7a 36 32 45 de
| b7 d0 90 5e 90 2f 87 de c6 bc 15 2a 4e f6 36 71
| 6c c2 76 7a a9 82 66 e4 f9 7c 11 5a 06 b5 5c ef
| 4a 19 f1 19 e7 98 54 5f 80 db 54 d4 5b b2 bc db
| 31 f9 2f 72 74 50 29 b5 d4 1a 0b 9b 5d 16 c3 e3
| c5 19 92 61 ca 1d 5c 59 8d 17 6d eb 9e f1 f7 8e
| f2 4f 95 36 d2 61 13 0d 21 59 30 43 d0 a7 db fc
| 44 03 2f 7c ea 5d 46 de 8a 1e ab 41 cc 3b 82 6a
| e3 e4 e8 fd bc 6a 5b 5a 14 e3 04 1d 07 a7 63 c9
| fb a0 bf 21 12 d6 dc 56 9c f2 c6 ed d1 50 87 1d
| e5 52 53 7f aa de 42 4a 1c 20 06 19 9b 02 8a c8
| 26 28 e5 cf 31 36 4e af c4 f7 04 58 fe 07 81 f8
| 05 ec dc c5 db 41 2c 92 24 93 bc 8b 96 64 0b ad
| 1e af e2 99 88 42 bb 63 d9 6b 84 1f 73 d7 63 46
| 5c df ac 36 1f df 41 7d 50 c1 eb ba 2b 31 09 43
| 67 8b 23 ee f2 db 6d eb c1 1f 81 d4 ff 02 03 01
| 00 01 a3 7b 30 79 30 09 06 03 55 1d 13 04 02 30
| 00 30 2c 06 09 60 86 48 01 86 f8 42 01 0d 04 1f
| 16 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72 61
| 74 65 64 20 43 65 72 74 69 66 69 63 61 74 65 30
| 1d 06 03 55 1d 0e 04 16 04 14 ca e4 d6 35 05 8e
| a1 ec 5a fc 15 21 e0 0d 2e f8 4e f5 2d 00 30 1f
| 06 03 55 1d 23 04 18 30 16 80 14 bd 58 6a 09 8b
| e1 13 99 8c c3 f8 46 ec e4 29 de 94 53 85 74 30
| 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 82
| 02 01 00 73 80 b0 cf 1d c1 7d 89 df 9b ac 2a e0
| 62 d1 c2 00 dc 49 c8 6d 1b 88 72 d8 9e 61 e9 da
| 3b 38 13 ef 2d d7 ba 02 dd 97 4f 67 01 86 67 56
| 25 2b 56 7d 57 84 44 73 4e 07 0f 2e 9c fa ac b3
| a3 e1 4c 2d 17 b4 29 e9 d4 f7 53 4b 76 ff ab 23
| 7a cc 4c e1 fd 02 52 d6 39 3a 17 ac f4 76 cf 64
| 32 fa 08 31 6c 2a 1b d1 fc 20 a3 10 c4 1c 55 b1
| a6 4d af 35 61 4c 7d 16 bc 22 c9 cc d2 20 8b 74
| 6b 95 39 7c 9e 93 1a 69 1f 0d d1 73 0a 4f 94 43
| 9f 40 93 31 d1 e8 d4 8d 71 4f f5 d3 ec bb 36 1b
| 92 96 7c 97 89 8d 23 be 79 9b f1 f2 db c3 a9 fc
| 97 a7 c6 44 0f 4a 5b 35 10 28 8a 55 3c 1c 5d 3b
| 19 14 2b c3 40 8f 8f b6 96 78 50 b0 11 64 68 9a
| e2 8c 39 b2 06 a2 43 38 fc fe 85 38 fa 62 c1 b1
| d0 36 31 2c c4 6a c8 55 c3 c4 ee 99 b9 7e b6 e9
| d5 de d5 61 89 7f d5 63 f1 ae 63 54 c6 b6 43 b3
| 9f 6c 68 7f 70 bb 2d d8 eb 29 6d 24 c0 52 b8 14
| 19 be 0c 6e ce c8 96 ef b8 ef 6e 4b 73 4a a5 74
| fc 52 db 00 cb 71 bc 55 79 a7 79 6d 29 3d 7c 04
| b4 d3 20 b4 e3 ec 01 29 65 c2 d7 6c 48 2b 8c 36
| cd 05 3f c3 be a0 46 58 99 dc 3f 38 f9 e5 c2 9d
| 59 d4 08 af c4 91 ac 11 4c 28 a2 90 e0 a3 ff d3
| 45 0e 54 db 9f 44 45 ea c0 53 9e d5 fb c3 2b 58
| ab 4f 4e df e5 02 21 4c 79 02 bf f6 0e dc 25 da
| 9a 41 35 63 03 29 c8 c7 42 44 f5 fa 1c 0f 92 a1
| 0f bc 03 39 f9 59 63 fd 31 16 71 35 1e 32 4a 2d
| 8f ab 09 54 6c dc b5 65 f7 fb c8 7a 51 9e c1 1b
| bc ba 78 70 94 4a 0f f9 69 d1 b2 f6 84 6b f6 df
| bb e5 1a 9f 93 45 0f 4d 8c af df 48 34 dc 78 ff
| 7f 5e 07 34 16 2f 8e be 97 9e 7d 17 57 21 72 b0
| 4c d7 d1 2a 7e 8d e3 65 31 d9 3e f3 bb 28 5f f7
| 0c 7f 45 81 bc aa b2 1e 93 05 c8 9d 2a 94 ca a8
| c8 f4 b4
| emitting length of ISAKMP Certificate Payload: 1480
| ***emit ISAKMP Certificate RequestPayload:
| next payload type: ISAKMP_NEXT_SIG
| cert type: CERT_X509_SIGNATURE
| emitting length of ISAKMP Certificate RequestPayload: 5
| hashing 52 bytes of SA
| keyid: *AwEAAbd1n
| Modulus:
0xb7759e38cfd70d17568924e62e52c15039b4871630028882c3da599b0a69f771e571caaca32fc745b2731abe81dd15ad71f862b8906f76fb8722be0615695cf5550dd410706af302b45c3e9fa9c245d63d83850c057c66d0d6299adb50f778bc8d55bb2112cedd329055ee7f82cb926abe288e6e2ef3874cfa2e943920149a4084bf28a23c2907cb242bf99be54c62612f307dd1afb4d0de87134e07c6c6e6abdcb9abb770d906f171e5f2fad315f210e3c05084b9efa15a84dadd020697a4e45c0cda4e480357e2aaa8301f1161e15f05cc319875a64d9fd715bc996e2de6b469e248125c31a7ce786b59ae88f62c329485142410eca15651a9af31f0b3ad669ec8bf92d4c096fce5f4546892717a363245deb7d0905e902f87dec6bc152a4ef636716cc2767aa98266e4f97c115a06b55cef4a19f119e798545f80db54d45bb2bcdb31f92f72745029b5d41a0b9b5d16c3e3c5199261ca1d5c598d176deb9ef1f78ef24f9536d261130d21593043d0a7dbfc44032f7cea5d46de8a1eab41cc3b826ae3e4e8fdbc6a5b5a14e3041d07a763c9fba0bf2112d6dc569cf2c6edd150871de552537faade424a1c2006199b028ac82628e5cf31364eafc4f70458fe0781f805ecdcc5db412c922493bc8b96640bad1eafe2998842bb63d96b841f73d763465cdfac361fdf417d50c1ebba2b310943678b23eef2
| PublicExponent: 0x10001
| signing hash with RSA Key *AwEAAbd1n
| ***emit ISAKMP Signature Payload:
| next payload type: ISAKMP_NEXT_NONE
| emitting 512 raw bytes of SIG_I into ISAKMP Signature Payload
| SIG_I 5a 67 bb ee 32 a0 eb 56 df 3f e2 8f 15 dd 8c af
| f9 30 27 38 85 5d 5d f9 f5 a5 25 bb 67 60 a0 d0
| 65 c5 ed e7 8a 73 c2 1f ef dd 01 50 ae 5b b4 29
| 95 f3 cf ab 99 d0 ad a6 9a b1 8c ef 93 db d7 43
| 1b 23 63 80 d1 ae 27 9a 27 b8 ac 12 1a 68 a4 0d
| 2a 47 0a e2 84 88 59 46 82 f5 30 79 61 4f 5a 3a
| 6d d3 3a f1 9b 8c 0f 69 24 a9 d8 5a ec 96 a9 78
| 2a 11 54 9f d9 22 b9 be 5b 0d 14 3b 75 ff 85 45
| 3c 9a 60 51 37 7e a7 3e 98 78 08 7e 1c 93 65 43
| dc 59 a0 1d 73 d0 04 96 40 48 23 5a 6b 62 4f 6a
| ae a3 60 1a 99 aa c7 36 d4 83 f9 ee 84 d9 bb 55
| 11 34 8e b7 f3 e6 2d 7f bb 95 c6 3f 08 64 ab 12
| b0 41 fc 6b 5a 4d d4 90 37 12 8d 42 de 34 1a 17
| 3f 77 ee e5 b7 72 9e cf db 50 b2 57 7a 33 8d 67
| 6a 34 e2 fd 4b a6 86 bb 74 a7 7f 9f 95 5f 56 c0
| c3 ae c7 1c 9a b8 0a 3f d1 98 1a a9 47 67 6b fa
| a2 12 3c 92 ae e4 86 e0 e4 58 1b 7f 91 f2 e6 aa
| 2d 67 ed d3 97 83 15 c4 e9 f4 30 04 41 2d 24 9d
| 3b aa 7b 0d 54 61 ff a9 c0 bf ac ca a2 0a dc 98
| 48 f5 5c af 32 0c 32 9b 81 00 de 5a 3c 5d 16 89
| 52 34 f9 5f 09 29 85 95 ef b6 45 7e 3f 0b 92 a6
| b1 85 99 32 ef de e2 47 aa 58 7e 44 10 74 54 6e
| af 44 05 05 f9 d1 54 0a 98 4f c6 f6 5e 69 67 51
| 19 9c 27 a0 61 4a 0e 4b 31 1d 2e 84 e4 fe 2d fd
| f7 db 66 5e 9d 69 3e b1 db 4b bf ad ac b4 ce 1e
| 6e 9c dc 13 3e e5 4e 2d e9 39 59 32 f4 8f 62 ee
| a3 e3 39 a5 18 14 0e 5f d4 fb d7 b3 72 dd b6 20
| 0c 36 c1 5a eb 37 b0 68 98 cc 19 c0 5a 78 9a 1f
| ff fd 83 04 3a da ba 8a b9 0b 13 a3 34 40 b5 31
| 3c f9 2f ac 00 16 ae 33 dc 37 35 4b 94 96 4a 02
| ab f6 d4 0e ff 26 a2 8d b7 b5 25 0e f2 ec 01 65
| 00 3d 0d f1 ff 2c 8a d7 c8 ac ff 55 4f ed 9d d9
| emitting length of ISAKMP Signature Payload: 516
| encrypting:
| 06 00 00 63 09 00 00 00 30 59 31 0b 30 09 06 03
| 55 04 06 13 02 41 55 31 11 30 0f 06 03 55 04 08
| 13 08 56 69 63 74 6f 72 69 61 31 20 30 1e 06 03
| 55 04 0a 13 17 4a 6f 74 75 6e 20 41 75 73 74 72
| 61 6c 69 61 20 50 74 79 20 4c 74 64 31 15 30 13
| 06 03 55 04 03 13 0c 44 65 72 72 69 6d 75 74 20
| 56 50 4e 07 00 05 c8 04 30 82 05 bf 30 82 03 a7
| a0 03 02 01 02 02 01 02 30 0d 06 09 2a 86 48 86
| f7 0d 01 01 05 05 00 30 70 31 0b 30 09 06 03 55
| 04 06 13 02 41 55 31 20 30 1e 06 03 55 04 0a 13
| 17 4a 6f 74 75 6e 20 41 75 73 74 72 61 6c 69 61
| 20 50 74 79 20 4c 74 64 31 0f 30 0d 06 03 55 04
| 03 13 06 56 50 4e 20 43 41 31 2e 30 2c 06 09 2a
| 86 48 86 f7 0d 01 09 01 16 1f 72 65 63 65 70 74
| 69 6f 6e 5f 62 72 6f 6f 6b 6c 79 6e 40 6a 6f 74
| 75 6e 2e 63 6f 6d 2e 61 75 30 1e 17 0d 31 30 30
| 37 32 36 30 38 31 37 34 33 5a 17 0d 33 30 30 37
| 32 31 30 38 31 37 34 33 5a 30 59 31 0b 30 09 06
| 03 55 04 06 13 02 41 55 31 11 30 0f 06 03 55 04
| 08 13 08 56 69 63 74 6f 72 69 61 31 20 30 1e 06
| 03 55 04 0a 13 17 4a 6f 74 75 6e 20 41 75 73 74
| 72 61 6c 69 61 20 50 74 79 20 4c 74 64 31 15 30
| 13 06 03 55 04 03 13 0c 44 65 72 72 69 6d 75 74
| 20 56 50 4e 30 82 02 22 30 0d 06 09 2a 86 48 86
| f7 0d 01 01 01 05 00 03 82 02 0f 00 30 82 02 0a
| 02 82 02 01 00 b7 75 9e 38 cf d7 0d 17 56 89 24
| e6 2e 52 c1 50 39 b4 87 16 30 02 88 82 c3 da 59
| 9b 0a 69 f7 71 e5 71 ca ac a3 2f c7 45 b2 73 1a
| be 81 dd 15 ad 71 f8 62 b8 90 6f 76 fb 87 22 be
| 06 15 69 5c f5 55 0d d4 10 70 6a f3 02 b4 5c 3e
| 9f a9 c2 45 d6 3d 83 85 0c 05 7c 66 d0 d6 29 9a
| db 50 f7 78 bc 8d 55 bb 21 12 ce dd 32 90 55 ee
| 7f 82 cb 92 6a be 28 8e 6e 2e f3 87 4c fa 2e 94
| 39 20 14 9a 40 84 bf 28 a2 3c 29 07 cb 24 2b f9
| 9b e5 4c 62 61 2f 30 7d d1 af b4 d0 de 87 13 4e
| 07 c6 c6 e6 ab dc b9 ab b7 70 d9 06 f1 71 e5 f2
| fa d3 15 f2 10 e3 c0 50 84 b9 ef a1 5a 84 da dd
| 02 06 97 a4 e4 5c 0c da 4e 48 03 57 e2 aa a8 30
| 1f 11 61 e1 5f 05 cc 31 98 75 a6 4d 9f d7 15 bc
| 99 6e 2d e6 b4 69 e2 48 12 5c 31 a7 ce 78 6b 59
| ae 88 f6 2c 32 94 85 14 24 10 ec a1 56 51 a9 af
| 31 f0 b3 ad 66 9e c8 bf 92 d4 c0 96 fc e5 f4 54
| 68 92 71 7a 36 32 45 de b7 d0 90 5e 90 2f 87 de
| c6 bc 15 2a 4e f6 36 71 6c c2 76 7a a9 82 66 e4
| f9 7c 11 5a 06 b5 5c ef 4a 19 f1 19 e7 98 54 5f
| 80 db 54 d4 5b b2 bc db 31 f9 2f 72 74 50 29 b5
| d4 1a 0b 9b 5d 16 c3 e3 c5 19 92 61 ca 1d 5c 59
| 8d 17 6d eb 9e f1 f7 8e f2 4f 95 36 d2 61 13 0d
| 21 59 30 43 d0 a7 db fc 44 03 2f 7c ea 5d 46 de
| 8a 1e ab 41 cc 3b 82 6a e3 e4 e8 fd bc 6a 5b 5a
| 14 e3 04 1d 07 a7 63 c9 fb a0 bf 21 12 d6 dc 56
| 9c f2 c6 ed d1 50 87 1d e5 52 53 7f aa de 42 4a
| 1c 20 06 19 9b 02 8a c8 26 28 e5 cf 31 36 4e af
| c4 f7 04 58 fe 07 81 f8 05 ec dc c5 db 41 2c 92
| 24 93 bc 8b 96 64 0b ad 1e af e2 99 88 42 bb 63
| d9 6b 84 1f 73 d7 63 46 5c df ac 36 1f df 41 7d
| 50 c1 eb ba 2b 31 09 43 67 8b 23 ee f2 db 6d eb
| c1 1f 81 d4 ff 02 03 01 00 01 a3 7b 30 79 30 09
| 06 03 55 1d 13 04 02 30 00 30 2c 06 09 60 86 48
| 01 86 f8 42 01 0d 04 1f 16 1d 4f 70 65 6e 53 53
| 4c 20 47 65 6e 65 72 61 74 65 64 20 43 65 72 74
| 69 66 69 63 61 74 65 30 1d 06 03 55 1d 0e 04 16
| 04 14 ca e4 d6 35 05 8e a1 ec 5a fc 15 21 e0 0d
| 2e f8 4e f5 2d 00 30 1f 06 03 55 1d 23 04 18 30
| 16 80 14 bd 58 6a 09 8b e1 13 99 8c c3 f8 46 ec
| e4 29 de 94 53 85 74 30 0d 06 09 2a 86 48 86 f7
| 0d 01 01 05 05 00 03 82 02 01 00 73 80 b0 cf 1d
| c1 7d 89 df 9b ac 2a e0 62 d1 c2 00 dc 49 c8 6d
| 1b 88 72 d8 9e 61 e9 da 3b 38 13 ef 2d d7 ba 02
| dd 97 4f 67 01 86 67 56 25 2b 56 7d 57 84 44 73
| 4e 07 0f 2e 9c fa ac b3 a3 e1 4c 2d 17 b4 29 e9
| d4 f7 53 4b 76 ff ab 23 7a cc 4c e1 fd 02 52 d6
| 39 3a 17 ac f4 76 cf 64 32 fa 08 31 6c 2a 1b d1
| fc 20 a3 10 c4 1c 55 b1 a6 4d af 35 61 4c 7d 16
| bc 22 c9 cc d2 20 8b 74 6b 95 39 7c 9e 93 1a 69
| 1f 0d d1 73 0a 4f 94 43 9f 40 93 31 d1 e8 d4 8d
| 71 4f f5 d3 ec bb 36 1b 92 96 7c 97 89 8d 23 be
| 79 9b f1 f2 db c3 a9 fc 97 a7 c6 44 0f 4a 5b 35
| 10 28 8a 55 3c 1c 5d 3b 19 14 2b c3 40 8f 8f b6
| 96 78 50 b0 11 64 68 9a e2 8c 39 b2 06 a2 43 38
| fc fe 85 38 fa 62 c1 b1 d0 36 31 2c c4 6a c8 55
| c3 c4 ee 99 b9 7e b6 e9 d5 de d5 61 89 7f d5 63
| f1 ae 63 54 c6 b6 43 b3 9f 6c 68 7f 70 bb 2d d8
| eb 29 6d 24 c0 52 b8 14 19 be 0c 6e ce c8 96 ef
| b8 ef 6e 4b 73 4a a5 74 fc 52 db 00 cb 71 bc 55
| 79 a7 79 6d 29 3d 7c 04 b4 d3 20 b4 e3 ec 01 29
| 65 c2 d7 6c 48 2b 8c 36 cd 05 3f c3 be a0 46 58
| 99 dc 3f 38 f9 e5 c2 9d 59 d4 08 af c4 91 ac 11
| 4c 28 a2 90 e0 a3 ff d3 45 0e 54 db 9f 44 45 ea
| c0 53 9e d5 fb c3 2b 58 ab 4f 4e df e5 02 21 4c
| 79 02 bf f6 0e dc 25 da 9a 41 35 63 03 29 c8 c7
| 42 44 f5 fa 1c 0f 92 a1 0f bc 03 39 f9 59 63 fd
| 31 16 71 35 1e 32 4a 2d 8f ab 09 54 6c dc b5 65
| f7 fb c8 7a 51 9e c1 1b bc ba 78 70 94 4a 0f f9
| 69 d1 b2 f6 84 6b f6 df bb e5 1a 9f 93 45 0f 4d
| 8c af df 48 34 dc 78 ff 7f 5e 07 34 16 2f 8e be
| 97 9e 7d 17 57 21 72 b0 4c d7 d1 2a 7e 8d e3 65
| 31 d9 3e f3 bb 28 5f f7 0c 7f 45 81 bc aa b2 1e
| 93 05 c8 9d 2a 94 ca a8 c8 f4 b4 09 00 00 05 04
| 00 00 02 04 5a 67 bb ee 32 a0 eb 56 df 3f e2 8f
| 15 dd 8c af f9 30 27 38 85 5d 5d f9 f5 a5 25 bb
| 67 60 a0 d0 65 c5 ed e7 8a 73 c2 1f ef dd 01 50
| ae 5b b4 29 95 f3 cf ab 99 d0 ad a6 9a b1 8c ef
| 93 db d7 43 1b 23 63 80 d1 ae 27 9a 27 b8 ac 12
| 1a 68 a4 0d 2a 47 0a e2 84 88 59 46 82 f5 30 79
| 61 4f 5a 3a 6d d3 3a f1 9b 8c 0f 69 24 a9 d8 5a
| ec 96 a9 78 2a 11 54 9f d9 22 b9 be 5b 0d 14 3b
| 75 ff 85 45 3c 9a 60 51 37 7e a7 3e 98 78 08 7e
| 1c 93 65 43 dc 59 a0 1d 73 d0 04 96 40 48 23 5a
| 6b 62 4f 6a ae a3 60 1a 99 aa c7 36 d4 83 f9 ee
| 84 d9 bb 55 11 34 8e b7 f3 e6 2d 7f bb 95 c6 3f
| 08 64 ab 12 b0 41 fc 6b 5a 4d d4 90 37 12 8d 42
| de 34 1a 17 3f 77 ee e5 b7 72 9e cf db 50 b2 57
| 7a 33 8d 67 6a 34 e2 fd 4b a6 86 bb 74 a7 7f 9f
| 95 5f 56 c0 c3 ae c7 1c 9a b8 0a 3f d1 98 1a a9
| 47 67 6b fa a2 12 3c 92 ae e4 86 e0 e4 58 1b 7f
| 91 f2 e6 aa 2d 67 ed d3 97 83 15 c4 e9 f4 30 04
| 41 2d 24 9d 3b aa 7b 0d 54 61 ff a9 c0 bf ac ca
| a2 0a dc 98 48 f5 5c af 32 0c 32 9b 81 00 de 5a
| 3c 5d 16 89 52 34 f9 5f 09 29 85 95 ef b6 45 7e
| 3f 0b 92 a6 b1 85 99 32 ef de e2 47 aa 58 7e 44
| 10 74 54 6e af 44 05 05 f9 d1 54 0a 98 4f c6 f6
| 5e 69 67 51 19 9c 27 a0 61 4a 0e 4b 31 1d 2e 84
| e4 fe 2d fd f7 db 66 5e 9d 69 3e b1 db 4b bf ad
| ac b4 ce 1e 6e 9c dc 13 3e e5 4e 2d e9 39 59 32
| f4 8f 62 ee a3 e3 39 a5 18 14 0e 5f d4 fb d7 b3
| 72 dd b6 20 0c 36 c1 5a eb 37 b0 68 98 cc 19 c0
| 5a 78 9a 1f ff fd 83 04 3a da ba 8a b9 0b 13 a3
| 34 40 b5 31 3c f9 2f ac 00 16 ae 33 dc 37 35 4b
| 94 96 4a 02 ab f6 d4 0e ff 26 a2 8d b7 b5 25 0e
| f2 ec 01 65 00 3d 0d f1 ff 2c 8a d7 c8 ac ff 55
| 4f ed 9d d9
| emitting 12 zero bytes of encryption padding into ISAKMP Message
| encrypting using OAKLEY_AES_CBC
| next IV: 07 c8 0e 39 c3 1a b7 c1 4f 17 88 60 d0 cd 39 6b
| emitting length of ISAKMP Message: 2140
| NAT-T: floating to port 4500
| NAT-T: using interface eth0:4500
| sending 2140 bytes for STATE_MAIN_I2 through eth0 to <peer's fw's public
ip>:4500:
| 11 47 e1 b8 ed 32 ac a4 05 e6 ed 3b 49 50 e0 6a
| 05 10 02 01 00 00 00 00 00 00 08 5c 3c 52 54 d8
| cd 11 73 6a aa f4 f1 8c e2 22 82 45 f6 1c 68 0a
| 19 51 50 1d af b3 56 11 85 e1 d7 1b 2d 54 31 10
| cb 5b 1e 4c 2d 41 c7 1d 9d a7 3f c6 a5 a0 0a fb
| a6 97 7d 8a a1 0e 71 24 46 ae ad 52 c9 d3 a3 6f
| 80 04 5d c1 45 7b ee 95 0a c8 e1 44 be 25 71 c8
| 11 5a 1e 50 a7 e8 75 0a e6 d7 a5 c7 27 24 1f 76
| 8d ab 31 58 f7 dc e8 ba 0d ec d0 0a d9 9a 0b 5a
| 5b 6c 94 8a 45 aa 53 3e c5 d5 a4 2d dd 6a 46 53
| 79 47 48 f4 e8 86 1d 18 50 a8 d8 1b 0f ef 6b ba
| 5d ac d5 80 80 9a d0 e8 50 ce 30 1f b9 6b be a0
| bc 97 f0 f0 14 19 7d 0a 68 0c 19 71 42 a3 37 f1
| 09 e1 44 ea a6 db 22 1c e9 93 e6 2b 6e e4 25 a8
| 22 51 1e eb d9 cf c5 b4 b8 49 f2 e6 f3 48 41 e0
| ef ed 22 a4 44 1d c2 65 71 50 b4 0c 21 9c eb 77
| 70 f4 02 2c 0c eb 51 8d 46 6b 6e 62 09 75 1a f8
| c5 3b f9 21 5d a0 bd ac 83 e4 07 19 04 48 79 ad
| c5 22 71 bb 8e 65 0c a8 cb db 9b fe e9 2b 94 87
| 1d 6a e3 c4 e6 16 73 3a f3 f9 41 23 41 39 c0 11
| 79 43 77 e3 33 1e 5f c5 4e 59 f7 96 a2 b6 b2 a4
| dd 3d ed f8 ec 98 9f 0a d9 39 a7 fa f6 fb 85 9d
| 19 dc 53 8f d0 e3 7e 7b 6b 09 bf a3 d1 af 51 02
| 82 34 0b 87 3d 23 c4 a6 a7 4a ef 31 f9 07 e1 60
| 6d 7c dc 2b d3 08 98 93 b3 d6 a0 fa 90 93 14 4f
| d7 ef 48 a0 2e e8 5f 75 e8 8b 16 3d 8a f3 98 77
| 6c a9 bc f0 a8 1c 2f 1f 6c 5f 25 84 6f 21 29 da
| ca 2f 6a 3c 83 50 6e fa 55 4e d9 9d 7c 88 2b b7
| 7b a8 91 ad 0e 06 f6 72 22 ba 9d f1 fb 65 9a 22
| 02 97 c3 5c 5b 29 12 d6 11 c3 74 d0 88 ad af 72
| f7 4e 0b f5 a1 96 9b 31 37 74 37 a2 ad 6f 75 12
| b9 89 7c 6c 53 bf 90 a8 2e a7 22 04 d3 9c df 12
| df ca c6 44 7c b2 1b 31 a3 07 8e 07 0e cd d5 ec
| 51 10 70 d2 ea 11 e7 ce 36 4f 96 db e5 41 7e c4
| 0d 36 bd 24 d6 b3 6e 4f ac b1 df 1e 52 a1 8d fe
| 8a c1 06 48 3f e3 53 b2 4f 4b 12 55 96 05 42 8a
| 7f ef ca 89 88 0a ff 59 16 48 73 cf aa 75 b5 05
| 7f c1 b0 f3 d0 9e f3 69 c8 60 d7 42 a1 1d c7 66
| 20 6b 67 da 37 76 fb 4a 31 77 08 7c 72 b1 0e f3
| f9 cd 03 b4 e4 57 83 d1 56 d5 0a fc 0c 33 00 e9
| 55 64 7c d3 9b 64 d6 c9 98 50 19 52 8d 5a 0e e0
| 56 5d 1c d3 71 06 6f 7a 24 c8 46 a7 0c 94 a0 8b
| c5 d7 ed 94 47 87 c3 7a 8a a8 c4 20 e4 fe ee 78
| be d7 37 b5 9b 71 5c 45 e6 5c 07 8c 63 23 fe 03
| fe 25 c9 f9 f5 33 9c cc be fe e3 cb 5f a6 b9 99
| fc 1d 87 b4 0c f3 64 e3 22 fb 3f 90 67 12 4f ff
| c1 95 21 83 1b fc 2f d7 e0 8c 84 50 24 17 20 e0
| 76 6a 8c 40 76 5d c9 a9 b7 58 14 0b e8 5a e4 b5
| bd a1 18 ec 22 3d d2 73 6c 19 38 f3 1c 1f 83 cd
| 6c 3a ae 0f 0d 06 e1 77 57 ca 33 ca 69 d2 05 94
| bc e2 35 b4 6c a0 e8 20 66 47 da f5 63 6a b8 fa
| 61 18 96 6c 72 47 51 3a 9e 69 df ba af 86 06 a3
| b1 22 5d 2c 7c c9 0a 47 2d 4e 8b d7 d1 7f b5 61
| 67 5c 15 60 4f de e2 a0 cb 57 79 0b 68 34 8a c0
| 8c a0 d5 27 c6 84 72 a9 65 46 70 f3 98 04 89 e6
| 96 b7 92 6b ec 14 6e 23 b7 bd 6b 22 07 a5 b3 f6
| c3 af 41 21 6a 4d e9 31 9e a4 5c 20 39 94 a4 e7
| fe 4a 43 b3 09 e1 bd 54 28 bb 74 ce 6e 9e 5c 06
| b6 e1 7d d4 ce ce c7 db ed 9a f4 99 97 48 d6 5b
| e6 69 bd 14 06 0d f8 07 6f 62 ba 2d da 0d 50 78
| 9d ea 49 d1 40 88 51 70 89 22 40 14 2b ed 75 c2
| e6 bf fc 6a 81 a5 71 7c 96 dd b7 21 71 78 aa 6f
| 09 eb 92 9a 8f 01 62 2d 4d a8 71 75 ab d8 95 1a
| 8c ba 04 4b 54 2d dc 71 7b 25 f9 4f 5f c7 df 03
| e5 0e 5e ad 20 ed b3 d5 17 7c d2 94 48 44 dc a8
| be 9b fe 3e cf 31 4b 7e ac a6 99 ad e5 20 5a bc
| 05 86 ee 7a 69 bb b0 a5 1b 8b 1d 3c b4 20 d1 72
| 72 8b fe 75 2a b3 e7 35 d1 28 5a 64 ab bc db 0d
| 22 b2 b7 44 6b 3b 36 1e 51 16 5d 68 a3 9c ca e4
| 7d 2b 2d 1d a3 5f ca 53 e6 20 2d cb 8d 2e 69 6f
| 8c 65 fb 42 7d 63 40 e7 4a b7 7f 66 50 27 c7 21
| e2 39 7a fa cc 81 57 ea 4f 29 e1 55 05 75 75 06
| 3e ae 46 26 47 da d1 78 41 2b 6b 47 ad 2e 76 e0
| ee 46 49 2d 56 60 44 8c 9b 62 c0 95 be 30 09 9f
| a7 9b 91 8b 2a c9 d4 a4 64 8a 2c ac 4d c8 d0 8c
| 08 42 fa d0 9d 5f 32 be c4 4d a4 d0 f4 2e 1a 2a
| c0 f8 5f b3 1a 9d 59 9b 56 54 35 bb 33 01 39 87
| 68 04 b7 f4 1d ff 41 1f dc 96 28 c6 7b 4e b0 75
| 56 5e 66 19 4a 4f 06 eb 25 1e 67 b1 8f 08 df c4
| 62 ae 83 a4 79 a9 da 7d 7c 0b dc 26 77 03 d3 3c
| ca af d4 6a 2a 1c aa 4e 09 bd 6b c6 3a 83 3a f5
| ca 6a 41 d8 75 2e 4f 64 f9 d5 1d a2 c8 df f4 bd
| ce 1f d1 e7 f4 f5 9c 18 7a 8a 83 ed 94 7d d4 36
| c5 8c df ee 88 5e ed 22 44 51 60 ad a9 dc 26 c5
| a6 ac 0e eb 82 5d d6 dc 66 c5 0e 20 b7 bd 71 be
| cb 75 78 c0 b4 fe a8 b7 6c 36 51 33 42 a5 44 bb
| b1 71 33 d2 ad b7 24 88 d2 d2 4a b9 0b 72 e0 cd
| d1 1b d0 06 bc 7a 6f 36 31 da 81 52 3d dc 16 ee
| 19 a0 4b d1 84 af f9 71 f5 04 ba c8 6f 7f 31 b5
| f6 eb e7 b9 3f 9a 5e 54 e1 1c ba e6 82 57 6f cb
| 51 eb 60 ed 04 98 cd 27 bc bc 05 a4 50 d6 c6 42
| b4 c5 19 ea 4f eb 8e 92 e0 28 d0 ff e6 68 6c c0
| 6d 68 13 a2 b2 2f 2c 1e 87 00 65 18 61 ff 7b 38
| 76 a1 e4 02 a0 16 06 f4 16 80 62 74 49 7c d5 9a
| 86 d9 af 3d 7e ba 76 70 bd 53 e7 8f d7 3c 2f 4c
| 76 c5 41 39 0e f5 95 03 1f 2e 88 00 a2 9a 7e 9a
| ab 97 bc 5b 33 ff 87 0c c2 d0 57 8f 3b 55 d2 7a
| e1 35 88 ef d2 e0 44 58 7c 08 04 50 86 26 95 03
| 4c 32 26 52 de a0 15 6f 69 9d 25 bc e3 9e a8 49
| e2 f7 93 5b b7 5a 7e 7b bc ad 54 5f dd ba 13 10
| db 8f d2 38 58 e5 23 ba 0a 56 1f b1 9b 3a 06 62
| 45 41 ad a7 cf 85 b8 f0 9e e8 c6 26 81 c3 65 5a
| 99 97 3a 7b 0a 26 9b 1e d2 16 84 db ee ba 40 93
| fa 1e 88 6b 5b f2 e9 ea 48 4d 0c 44 58 31 54 bb
| ef 31 d6 17 0d e4 d6 8f 28 5d 4f c7 b5 91 32 d0
| 31 66 f9 ce 21 94 10 48 bb 21 a2 25 5a ad 05 85
| 55 10 a8 6e 38 8b e9 4e 79 ab 94 92 73 1c 7d e3
| 9e d2 79 fe 16 31 c9 df c5 99 d2 d9 8e b4 43 56
| f4 b2 87 52 71 17 ad f3 63 9d 88 ea eb 89 e2 ae
| f4 64 61 21 ba 1c 66 b3 58 6f 6b 68 d1 b3 d9 4e
| d1 8b 14 e7 87 12 ea 6f fa 30 83 ec 6d f6 a9 72
| 27 23 1a 4c eb 8e 8c af 0b 6f 06 36 8b 2a 45 40
| 22 25 e6 2d b3 37 42 3f f9 44 6c 6a b9 b4 ba 8b
| 7b 2c bc b1 97 fe 41 60 c9 c6 3d 4f f0 13 a3 b4
| 7e a8 8c 25 b0 ac d1 8e c4 ea bb df e1 65 58 5b
| d2 89 a5 78 e8 bb ec b3 17 96 73 bb d8 a5 c1 c5
| a8 bf 83 e1 7c fd 11 08 99 a3 56 58 ed e5 12 f7
| be 5e 8b ca 93 05 7c b7 49 08 5c 34 e7 b6 96 7c
| 0c 57 d8 b0 74 d8 88 58 98 94 55 cc f0 e6 f6 75
| 38 32 5e ba 21 3f 34 94 d3 56 24 1d 93 d0 52 0f
| 69 73 c7 3a f3 77 e3 eb c3 79 bd 63 a0 df 78 d4
| 98 c2 75 3d 3b b0 22 03 18 91 c8 1b 76 7c 7c fd
| 1b 9c 7c cf 51 9f a9 bd 01 ab 81 8a 1e 6c 56 22
| b5 91 f2 c8 6b bf ff 33 1a 51 2d 7b 42 82 cf 1a
| 67 ad f8 9e 35 6a 6d ca da 6d a3 b0 05 ae 40 4e
| 36 d0 65 9c b9 75 f2 6c b8 ed 2d 0a bf 18 e2 69
| 9c 25 7c 56 bf 8a fe ea 1a e2 d4 83 21 f8 17 be
| a8 56 00 88 4c f7 01 73 19 53 81 14 42 dc 48 7e
| ae db e0 9b bc 3b 30 2f a6 ef 16 29 61 54 c8 ad
| f3 7a b4 c8 4c 91 73 e5 55 a6 72 e1 e6 94 9e e2
| 97 29 f9 0c 5b 0b de 0b eb 91 fc a7 09 a3 4e 16
| 71 b3 f8 53 3f 52 c0 3e 05 d0 3f 9c 59 76 16 0d
| 8c 21 e0 b0 ff 38 37 0b 4f 68 87 0f 07 c8 0e 39
| c3 1a b7 c1 4f 17 88 60 d0 cd 39 6b
| inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
| next event EVENT_RETRANSMIT in 10 seconds for #1
|
| *received 256 bytes from <peer's fw's public ip>:500 on eth0
| a3 c0 50 38 88 fa 29 3a 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| **parse ISAKMP Message:
| initiator cookie:
| a3 c0 50 38 88 fa 29 3a
| responder cookie:
| 00 00 00 00 00 00 00 00
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 256
| ***parse ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 56
| DOI: ISAKMP_DOI_IPSEC
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 12
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 20
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[strongSwan 4.2.4]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[Cisco-Unity]
packet from <peer's fw's public ip>:500: received Vendor ID payload [XAUTH]
packet from <peer's fw's public ip>:500: received Vendor ID payload [Dead
Peer Detection]
packet from <peer's fw's public ip>:500: received Vendor ID payload [RFC
3947]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
| ****parse IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| ****parse ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 44
| proposal number: 0
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****parse ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| length: 36
| transform number: 0
| transform ID: KEY_IKE
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_TYPE
| length/value: 1
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_DURATION
| length/value: 10800
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_ENCRYPTION_ALGORITHM
| length/value: 7
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_HASH_ALGORITHM
| length/value: 2
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_KEY_LENGTH
| length/value: 128
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 3
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_GROUP_DESCRIPTION
| length/value: 14
| preparse_isakmp_policy: peer requests RSASIG authentication
packet from <peer's fw's public ip>:500: initial Main Mode message received
on 192.168.5.2:500 but no connection has been authorized with policy=RSASIG
| next event EVENT_RETRANSMIT in 1 seconds for #1
|
| *time to handle event
| event after this is EVENT_NAT_T_KEEPALIVE in 10 seconds
| handling event EVENT_RETRANSMIT for <peer's fw's public ip> "company" #1
| sending 2140 bytes for EVENT_RETRANSMIT through eth0 to <peer's fw's
public ip>:4500:
| 11 47 e1 b8 ed 32 ac a4 05 e6 ed 3b 49 50 e0 6a
| 05 10 02 01 00 00 00 00 00 00 08 5c 3c 52 54 d8
| cd 11 73 6a aa f4 f1 8c e2 22 82 45 f6 1c 68 0a
| 19 51 50 1d af b3 56 11 85 e1 d7 1b 2d 54 31 10
| cb 5b 1e 4c 2d 41 c7 1d 9d a7 3f c6 a5 a0 0a fb
| a6 97 7d 8a a1 0e 71 24 46 ae ad 52 c9 d3 a3 6f
| 80 04 5d c1 45 7b ee 95 0a c8 e1 44 be 25 71 c8
| 11 5a 1e 50 a7 e8 75 0a e6 d7 a5 c7 27 24 1f 76
| 8d ab 31 58 f7 dc e8 ba 0d ec d0 0a d9 9a 0b 5a
| 5b 6c 94 8a 45 aa 53 3e c5 d5 a4 2d dd 6a 46 53
| 79 47 48 f4 e8 86 1d 18 50 a8 d8 1b 0f ef 6b ba
| 5d ac d5 80 80 9a d0 e8 50 ce 30 1f b9 6b be a0
| bc 97 f0 f0 14 19 7d 0a 68 0c 19 71 42 a3 37 f1
| 09 e1 44 ea a6 db 22 1c e9 93 e6 2b 6e e4 25 a8
| 22 51 1e eb d9 cf c5 b4 b8 49 f2 e6 f3 48 41 e0
| ef ed 22 a4 44 1d c2 65 71 50 b4 0c 21 9c eb 77
| 70 f4 02 2c 0c eb 51 8d 46 6b 6e 62 09 75 1a f8
| c5 3b f9 21 5d a0 bd ac 83 e4 07 19 04 48 79 ad
| c5 22 71 bb 8e 65 0c a8 cb db 9b fe e9 2b 94 87
| 1d 6a e3 c4 e6 16 73 3a f3 f9 41 23 41 39 c0 11
| 79 43 77 e3 33 1e 5f c5 4e 59 f7 96 a2 b6 b2 a4
| dd 3d ed f8 ec 98 9f 0a d9 39 a7 fa f6 fb 85 9d
| 19 dc 53 8f d0 e3 7e 7b 6b 09 bf a3 d1 af 51 02
| 82 34 0b 87 3d 23 c4 a6 a7 4a ef 31 f9 07 e1 60
| 6d 7c dc 2b d3 08 98 93 b3 d6 a0 fa 90 93 14 4f
| d7 ef 48 a0 2e e8 5f 75 e8 8b 16 3d 8a f3 98 77
| 6c a9 bc f0 a8 1c 2f 1f 6c 5f 25 84 6f 21 29 da
| ca 2f 6a 3c 83 50 6e fa 55 4e d9 9d 7c 88 2b b7
| 7b a8 91 ad 0e 06 f6 72 22 ba 9d f1 fb 65 9a 22
| 02 97 c3 5c 5b 29 12 d6 11 c3 74 d0 88 ad af 72
| f7 4e 0b f5 a1 96 9b 31 37 74 37 a2 ad 6f 75 12
| b9 89 7c 6c 53 bf 90 a8 2e a7 22 04 d3 9c df 12
| df ca c6 44 7c b2 1b 31 a3 07 8e 07 0e cd d5 ec
| 51 10 70 d2 ea 11 e7 ce 36 4f 96 db e5 41 7e c4
| 0d 36 bd 24 d6 b3 6e 4f ac b1 df 1e 52 a1 8d fe
| 8a c1 06 48 3f e3 53 b2 4f 4b 12 55 96 05 42 8a
| 7f ef ca 89 88 0a ff 59 16 48 73 cf aa 75 b5 05
| 7f c1 b0 f3 d0 9e f3 69 c8 60 d7 42 a1 1d c7 66
| 20 6b 67 da 37 76 fb 4a 31 77 08 7c 72 b1 0e f3
| f9 cd 03 b4 e4 57 83 d1 56 d5 0a fc 0c 33 00 e9
| 55 64 7c d3 9b 64 d6 c9 98 50 19 52 8d 5a 0e e0
| 56 5d 1c d3 71 06 6f 7a 24 c8 46 a7 0c 94 a0 8b
| c5 d7 ed 94 47 87 c3 7a 8a a8 c4 20 e4 fe ee 78
| be d7 37 b5 9b 71 5c 45 e6 5c 07 8c 63 23 fe 03
| fe 25 c9 f9 f5 33 9c cc be fe e3 cb 5f a6 b9 99
| fc 1d 87 b4 0c f3 64 e3 22 fb 3f 90 67 12 4f ff
| c1 95 21 83 1b fc 2f d7 e0 8c 84 50 24 17 20 e0
| 76 6a 8c 40 76 5d c9 a9 b7 58 14 0b e8 5a e4 b5
| bd a1 18 ec 22 3d d2 73 6c 19 38 f3 1c 1f 83 cd
| 6c 3a ae 0f 0d 06 e1 77 57 ca 33 ca 69 d2 05 94
| bc e2 35 b4 6c a0 e8 20 66 47 da f5 63 6a b8 fa
| 61 18 96 6c 72 47 51 3a 9e 69 df ba af 86 06 a3
| b1 22 5d 2c 7c c9 0a 47 2d 4e 8b d7 d1 7f b5 61
| 67 5c 15 60 4f de e2 a0 cb 57 79 0b 68 34 8a c0
| 8c a0 d5 27 c6 84 72 a9 65 46 70 f3 98 04 89 e6
| 96 b7 92 6b ec 14 6e 23 b7 bd 6b 22 07 a5 b3 f6
| c3 af 41 21 6a 4d e9 31 9e a4 5c 20 39 94 a4 e7
| fe 4a 43 b3 09 e1 bd 54 28 bb 74 ce 6e 9e 5c 06
| b6 e1 7d d4 ce ce c7 db ed 9a f4 99 97 48 d6 5b
| e6 69 bd 14 06 0d f8 07 6f 62 ba 2d da 0d 50 78
| 9d ea 49 d1 40 88 51 70 89 22 40 14 2b ed 75 c2
| e6 bf fc 6a 81 a5 71 7c 96 dd b7 21 71 78 aa 6f
| 09 eb 92 9a 8f 01 62 2d 4d a8 71 75 ab d8 95 1a
| 8c ba 04 4b 54 2d dc 71 7b 25 f9 4f 5f c7 df 03
| e5 0e 5e ad 20 ed b3 d5 17 7c d2 94 48 44 dc a8
| be 9b fe 3e cf 31 4b 7e ac a6 99 ad e5 20 5a bc
| 05 86 ee 7a 69 bb b0 a5 1b 8b 1d 3c b4 20 d1 72
| 72 8b fe 75 2a b3 e7 35 d1 28 5a 64 ab bc db 0d
| 22 b2 b7 44 6b 3b 36 1e 51 16 5d 68 a3 9c ca e4
| 7d 2b 2d 1d a3 5f ca 53 e6 20 2d cb 8d 2e 69 6f
| 8c 65 fb 42 7d 63 40 e7 4a b7 7f 66 50 27 c7 21
| e2 39 7a fa cc 81 57 ea 4f 29 e1 55 05 75 75 06
| 3e ae 46 26 47 da d1 78 41 2b 6b 47 ad 2e 76 e0
| ee 46 49 2d 56 60 44 8c 9b 62 c0 95 be 30 09 9f
| a7 9b 91 8b 2a c9 d4 a4 64 8a 2c ac 4d c8 d0 8c
| 08 42 fa d0 9d 5f 32 be c4 4d a4 d0 f4 2e 1a 2a
| c0 f8 5f b3 1a 9d 59 9b 56 54 35 bb 33 01 39 87
| 68 04 b7 f4 1d ff 41 1f dc 96 28 c6 7b 4e b0 75
| 56 5e 66 19 4a 4f 06 eb 25 1e 67 b1 8f 08 df c4
| 62 ae 83 a4 79 a9 da 7d 7c 0b dc 26 77 03 d3 3c
| ca af d4 6a 2a 1c aa 4e 09 bd 6b c6 3a 83 3a f5
| ca 6a 41 d8 75 2e 4f 64 f9 d5 1d a2 c8 df f4 bd
| ce 1f d1 e7 f4 f5 9c 18 7a 8a 83 ed 94 7d d4 36
| c5 8c df ee 88 5e ed 22 44 51 60 ad a9 dc 26 c5
| a6 ac 0e eb 82 5d d6 dc 66 c5 0e 20 b7 bd 71 be
| cb 75 78 c0 b4 fe a8 b7 6c 36 51 33 42 a5 44 bb
| b1 71 33 d2 ad b7 24 88 d2 d2 4a b9 0b 72 e0 cd
| d1 1b d0 06 bc 7a 6f 36 31 da 81 52 3d dc 16 ee
| 19 a0 4b d1 84 af f9 71 f5 04 ba c8 6f 7f 31 b5
| f6 eb e7 b9 3f 9a 5e 54 e1 1c ba e6 82 57 6f cb
| 51 eb 60 ed 04 98 cd 27 bc bc 05 a4 50 d6 c6 42
| b4 c5 19 ea 4f eb 8e 92 e0 28 d0 ff e6 68 6c c0
| 6d 68 13 a2 b2 2f 2c 1e 87 00 65 18 61 ff 7b 38
| 76 a1 e4 02 a0 16 06 f4 16 80 62 74 49 7c d5 9a
| 86 d9 af 3d 7e ba 76 70 bd 53 e7 8f d7 3c 2f 4c
| 76 c5 41 39 0e f5 95 03 1f 2e 88 00 a2 9a 7e 9a
| ab 97 bc 5b 33 ff 87 0c c2 d0 57 8f 3b 55 d2 7a
| e1 35 88 ef d2 e0 44 58 7c 08 04 50 86 26 95 03
| 4c 32 26 52 de a0 15 6f 69 9d 25 bc e3 9e a8 49
| e2 f7 93 5b b7 5a 7e 7b bc ad 54 5f dd ba 13 10
| db 8f d2 38 58 e5 23 ba 0a 56 1f b1 9b 3a 06 62
| 45 41 ad a7 cf 85 b8 f0 9e e8 c6 26 81 c3 65 5a
| 99 97 3a 7b 0a 26 9b 1e d2 16 84 db ee ba 40 93
| fa 1e 88 6b 5b f2 e9 ea 48 4d 0c 44 58 31 54 bb
| ef 31 d6 17 0d e4 d6 8f 28 5d 4f c7 b5 91 32 d0
| 31 66 f9 ce 21 94 10 48 bb 21 a2 25 5a ad 05 85
| 55 10 a8 6e 38 8b e9 4e 79 ab 94 92 73 1c 7d e3
| 9e d2 79 fe 16 31 c9 df c5 99 d2 d9 8e b4 43 56
| f4 b2 87 52 71 17 ad f3 63 9d 88 ea eb 89 e2 ae
| f4 64 61 21 ba 1c 66 b3 58 6f 6b 68 d1 b3 d9 4e
| d1 8b 14 e7 87 12 ea 6f fa 30 83 ec 6d f6 a9 72
| 27 23 1a 4c eb 8e 8c af 0b 6f 06 36 8b 2a 45 40
| 22 25 e6 2d b3 37 42 3f f9 44 6c 6a b9 b4 ba 8b
| 7b 2c bc b1 97 fe 41 60 c9 c6 3d 4f f0 13 a3 b4
| 7e a8 8c 25 b0 ac d1 8e c4 ea bb df e1 65 58 5b
| d2 89 a5 78 e8 bb ec b3 17 96 73 bb d8 a5 c1 c5
| a8 bf 83 e1 7c fd 11 08 99 a3 56 58 ed e5 12 f7
| be 5e 8b ca 93 05 7c b7 49 08 5c 34 e7 b6 96 7c
| 0c 57 d8 b0 74 d8 88 58 98 94 55 cc f0 e6 f6 75
| 38 32 5e ba 21 3f 34 94 d3 56 24 1d 93 d0 52 0f
| 69 73 c7 3a f3 77 e3 eb c3 79 bd 63 a0 df 78 d4
| 98 c2 75 3d 3b b0 22 03 18 91 c8 1b 76 7c 7c fd
| 1b 9c 7c cf 51 9f a9 bd 01 ab 81 8a 1e 6c 56 22
| b5 91 f2 c8 6b bf ff 33 1a 51 2d 7b 42 82 cf 1a
| 67 ad f8 9e 35 6a 6d ca da 6d a3 b0 05 ae 40 4e
| 36 d0 65 9c b9 75 f2 6c b8 ed 2d 0a bf 18 e2 69
| 9c 25 7c 56 bf 8a fe ea 1a e2 d4 83 21 f8 17 be
| a8 56 00 88 4c f7 01 73 19 53 81 14 42 dc 48 7e
| ae db e0 9b bc 3b 30 2f a6 ef 16 29 61 54 c8 ad
| f3 7a b4 c8 4c 91 73 e5 55 a6 72 e1 e6 94 9e e2
| 97 29 f9 0c 5b 0b de 0b eb 91 fc a7 09 a3 4e 16
| 71 b3 f8 53 3f 52 c0 3e 05 d0 3f 9c 59 76 16 0d
| 8c 21 e0 b0 ff 38 37 0b 4f 68 87 0f 07 c8 0e 39
| c3 1a b7 c1 4f 17 88 60 d0 cd 39 6b
| inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #1
| next event EVENT_NAT_T_KEEPALIVE in 10 seconds
|
| *received 364 bytes from <peer's fw's public ip>:500 on eth0
| 11 47 e1 b8 ed 32 ac a4 05 e6 ed 3b 49 50 e0 6a
| 04 10 02 00 00 00 00 00 00 00 01 6c 0a 00 01 04
| 79 5e 5b ca 4e a9 7e 20 b9 f0 5c be ee da 41 e3
| 06 2b db 03 96 47 86 8e fa 05 26 21 8f 80 b1 52
| 57 a2 1c 93 8d 2a c0 6b 2b 0a d7 01 92 ce a1 8a
| 18 96 ae a9 b2 00 46 90 33 b2 99 59 ca 7e db 6b
| 43 5a 29 e7 c9 c2 84 68 05 68 57 a5 ff a0 f6 68
| ca 4b b1 0f bc a8 2f 29 25 d5 b7 14 43 74 23 1e
| fa fd 79 df 36 5c c2 65 2f 91 3b 7f 81 5a 90 c3
| ca e3 4d 19 4e 52 10 e7 6e 77 87 2c 56 ad 4c 40
| 93 2c 86 ec 2e 57 86 86 ed 7d 85 f4 18 55 52 0d
| a8 7c 43 f0 a2 17 e1 2d 9a 47 a0 80 ed bf 85 f3
| 7e 68 7b e3 75 52 a9 41 aa 96 4d 89 02 38 0f 03
| 57 0a 25 96 5a 0e 70 92 50 92 fe e9 db bf 1b 0f
| 49 45 77 ce 8a b8 a1 09 5d b5 e8 d7 d2 89 e3 d0
| 3d 2d 9d eb a0 52 91 6d 4d f8 8b a1 a4 af 16 40
| 2b f7 3b 2f fc 81 78 a0 ed 56 a4 7c ac 29 be 0c
| f9 ff c2 22 4e 22 8e d5 19 ba 94 3a f5 45 a4 88
| 07 00 00 14 b5 5d 45 16 f5 91 85 db 46 08 d3 0e
| 0a 80 5c 54 14 00 00 05 04 14 00 00 18 f7 25 56
| fa 59 5f 57 0b 4f 65 28 82 ee 39 3b 1d 56 fc 0b
| d3 00 00 00 18 68 82 7d e3 30 da 2e ca ab 55 77
| f5 52 c1 ae f7 ad 04 c1 c4 00 00 00
| **parse ISAKMP Message:
| initiator cookie:
| 11 47 e1 b8 ed 32 ac a4
| responder cookie:
| 05 e6 ed 3b 49 50 e0 6a
| next payload type: ISAKMP_NEXT_KE
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 364
| ICOOKIE: 11 47 e1 b8 ed 32 ac a4
| RCOOKIE: 05 e6 ed 3b 49 50 e0 6a
| peer: a5 e4 67 ba
| state hash entry 28
| state object #1 found, in STATE_MAIN_I3
"company" #1: discarding duplicate packet; already STATE_MAIN_I3
| next event EVENT_NAT_T_KEEPALIVE in 10 seconds
|
| *time to handle event
| event after this is EVENT_RETRANSMIT in 10 seconds
| next event EVENT_RETRANSMIT in 10 seconds for #1
|
| *received 256 bytes from <peer's fw's public ip>:500 on eth0
| a3 c0 50 38 88 fa 29 3a 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| **parse ISAKMP Message:
| initiator cookie:
| a3 c0 50 38 88 fa 29 3a
| responder cookie:
| 00 00 00 00 00 00 00 00
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 256
| ***parse ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 56
| DOI: ISAKMP_DOI_IPSEC
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 12
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 20
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[strongSwan 4.2.4]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[Cisco-Unity]
packet from <peer's fw's public ip>:500: received Vendor ID payload [XAUTH]
packet from <peer's fw's public ip>:500: received Vendor ID payload [Dead
Peer Detection]
packet from <peer's fw's public ip>:500: received Vendor ID payload [RFC
3947]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
| ****parse IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| ****parse ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 44
| proposal number: 0
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****parse ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| length: 36
| transform number: 0
| transform ID: KEY_IKE
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_TYPE
| length/value: 1
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_DURATION
| length/value: 10800
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_ENCRYPTION_ALGORITHM
| length/value: 7
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_HASH_ALGORITHM
| length/value: 2
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_KEY_LENGTH
| length/value: 128
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 3
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_GROUP_DESCRIPTION
| length/value: 14
| preparse_isakmp_policy: peer requests RSASIG authentication
packet from <peer's fw's public ip>:500: initial Main Mode message received
on 192.168.5.2:500 but no connection has been authorized with policy=RSASIG
| next event EVENT_RETRANSMIT in 1 seconds for #1
|
| *time to handle event
| event after this is EVENT_REINIT_SECRET in 3569 seconds
| handling event EVENT_RETRANSMIT for <peer's fw's public ip> "company" #1
| sending 2140 bytes for EVENT_RETRANSMIT through eth0 to <peer's fw's
public ip>:4500:
| 11 47 e1 b8 ed 32 ac a4 05 e6 ed 3b 49 50 e0 6a
| 05 10 02 01 00 00 00 00 00 00 08 5c 3c 52 54 d8
| cd 11 73 6a aa f4 f1 8c e2 22 82 45 f6 1c 68 0a
| 19 51 50 1d af b3 56 11 85 e1 d7 1b 2d 54 31 10
| cb 5b 1e 4c 2d 41 c7 1d 9d a7 3f c6 a5 a0 0a fb
| a6 97 7d 8a a1 0e 71 24 46 ae ad 52 c9 d3 a3 6f
| 80 04 5d c1 45 7b ee 95 0a c8 e1 44 be 25 71 c8
| 11 5a 1e 50 a7 e8 75 0a e6 d7 a5 c7 27 24 1f 76
| 8d ab 31 58 f7 dc e8 ba 0d ec d0 0a d9 9a 0b 5a
| 5b 6c 94 8a 45 aa 53 3e c5 d5 a4 2d dd 6a 46 53
| 79 47 48 f4 e8 86 1d 18 50 a8 d8 1b 0f ef 6b ba
| 5d ac d5 80 80 9a d0 e8 50 ce 30 1f b9 6b be a0
| bc 97 f0 f0 14 19 7d 0a 68 0c 19 71 42 a3 37 f1
| 09 e1 44 ea a6 db 22 1c e9 93 e6 2b 6e e4 25 a8
| 22 51 1e eb d9 cf c5 b4 b8 49 f2 e6 f3 48 41 e0
| ef ed 22 a4 44 1d c2 65 71 50 b4 0c 21 9c eb 77
| 70 f4 02 2c 0c eb 51 8d 46 6b 6e 62 09 75 1a f8
| c5 3b f9 21 5d a0 bd ac 83 e4 07 19 04 48 79 ad
| c5 22 71 bb 8e 65 0c a8 cb db 9b fe e9 2b 94 87
| 1d 6a e3 c4 e6 16 73 3a f3 f9 41 23 41 39 c0 11
| 79 43 77 e3 33 1e 5f c5 4e 59 f7 96 a2 b6 b2 a4
| dd 3d ed f8 ec 98 9f 0a d9 39 a7 fa f6 fb 85 9d
| 19 dc 53 8f d0 e3 7e 7b 6b 09 bf a3 d1 af 51 02
| 82 34 0b 87 3d 23 c4 a6 a7 4a ef 31 f9 07 e1 60
| 6d 7c dc 2b d3 08 98 93 b3 d6 a0 fa 90 93 14 4f
| d7 ef 48 a0 2e e8 5f 75 e8 8b 16 3d 8a f3 98 77
| 6c a9 bc f0 a8 1c 2f 1f 6c 5f 25 84 6f 21 29 da
| ca 2f 6a 3c 83 50 6e fa 55 4e d9 9d 7c 88 2b b7
| 7b a8 91 ad 0e 06 f6 72 22 ba 9d f1 fb 65 9a 22
| 02 97 c3 5c 5b 29 12 d6 11 c3 74 d0 88 ad af 72
| f7 4e 0b f5 a1 96 9b 31 37 74 37 a2 ad 6f 75 12
| b9 89 7c 6c 53 bf 90 a8 2e a7 22 04 d3 9c df 12
| df ca c6 44 7c b2 1b 31 a3 07 8e 07 0e cd d5 ec
| 51 10 70 d2 ea 11 e7 ce 36 4f 96 db e5 41 7e c4
| 0d 36 bd 24 d6 b3 6e 4f ac b1 df 1e 52 a1 8d fe
| 8a c1 06 48 3f e3 53 b2 4f 4b 12 55 96 05 42 8a
| 7f ef ca 89 88 0a ff 59 16 48 73 cf aa 75 b5 05
| 7f c1 b0 f3 d0 9e f3 69 c8 60 d7 42 a1 1d c7 66
| 20 6b 67 da 37 76 fb 4a 31 77 08 7c 72 b1 0e f3
| f9 cd 03 b4 e4 57 83 d1 56 d5 0a fc 0c 33 00 e9
| 55 64 7c d3 9b 64 d6 c9 98 50 19 52 8d 5a 0e e0
| 56 5d 1c d3 71 06 6f 7a 24 c8 46 a7 0c 94 a0 8b
| c5 d7 ed 94 47 87 c3 7a 8a a8 c4 20 e4 fe ee 78
| be d7 37 b5 9b 71 5c 45 e6 5c 07 8c 63 23 fe 03
| fe 25 c9 f9 f5 33 9c cc be fe e3 cb 5f a6 b9 99
| fc 1d 87 b4 0c f3 64 e3 22 fb 3f 90 67 12 4f ff
| c1 95 21 83 1b fc 2f d7 e0 8c 84 50 24 17 20 e0
| 76 6a 8c 40 76 5d c9 a9 b7 58 14 0b e8 5a e4 b5
| bd a1 18 ec 22 3d d2 73 6c 19 38 f3 1c 1f 83 cd
| 6c 3a ae 0f 0d 06 e1 77 57 ca 33 ca 69 d2 05 94
| bc e2 35 b4 6c a0 e8 20 66 47 da f5 63 6a b8 fa
| 61 18 96 6c 72 47 51 3a 9e 69 df ba af 86 06 a3
| b1 22 5d 2c 7c c9 0a 47 2d 4e 8b d7 d1 7f b5 61
| 67 5c 15 60 4f de e2 a0 cb 57 79 0b 68 34 8a c0
| 8c a0 d5 27 c6 84 72 a9 65 46 70 f3 98 04 89 e6
| 96 b7 92 6b ec 14 6e 23 b7 bd 6b 22 07 a5 b3 f6
| c3 af 41 21 6a 4d e9 31 9e a4 5c 20 39 94 a4 e7
| fe 4a 43 b3 09 e1 bd 54 28 bb 74 ce 6e 9e 5c 06
| b6 e1 7d d4 ce ce c7 db ed 9a f4 99 97 48 d6 5b
| e6 69 bd 14 06 0d f8 07 6f 62 ba 2d da 0d 50 78
| 9d ea 49 d1 40 88 51 70 89 22 40 14 2b ed 75 c2
| e6 bf fc 6a 81 a5 71 7c 96 dd b7 21 71 78 aa 6f
| 09 eb 92 9a 8f 01 62 2d 4d a8 71 75 ab d8 95 1a
| 8c ba 04 4b 54 2d dc 71 7b 25 f9 4f 5f c7 df 03
| e5 0e 5e ad 20 ed b3 d5 17 7c d2 94 48 44 dc a8
| be 9b fe 3e cf 31 4b 7e ac a6 99 ad e5 20 5a bc
| 05 86 ee 7a 69 bb b0 a5 1b 8b 1d 3c b4 20 d1 72
| 72 8b fe 75 2a b3 e7 35 d1 28 5a 64 ab bc db 0d
| 22 b2 b7 44 6b 3b 36 1e 51 16 5d 68 a3 9c ca e4
| 7d 2b 2d 1d a3 5f ca 53 e6 20 2d cb 8d 2e 69 6f
| 8c 65 fb 42 7d 63 40 e7 4a b7 7f 66 50 27 c7 21
| e2 39 7a fa cc 81 57 ea 4f 29 e1 55 05 75 75 06
| 3e ae 46 26 47 da d1 78 41 2b 6b 47 ad 2e 76 e0
| ee 46 49 2d 56 60 44 8c 9b 62 c0 95 be 30 09 9f
| a7 9b 91 8b 2a c9 d4 a4 64 8a 2c ac 4d c8 d0 8c
| 08 42 fa d0 9d 5f 32 be c4 4d a4 d0 f4 2e 1a 2a
| c0 f8 5f b3 1a 9d 59 9b 56 54 35 bb 33 01 39 87
| 68 04 b7 f4 1d ff 41 1f dc 96 28 c6 7b 4e b0 75
| 56 5e 66 19 4a 4f 06 eb 25 1e 67 b1 8f 08 df c4
| 62 ae 83 a4 79 a9 da 7d 7c 0b dc 26 77 03 d3 3c
| ca af d4 6a 2a 1c aa 4e 09 bd 6b c6 3a 83 3a f5
| ca 6a 41 d8 75 2e 4f 64 f9 d5 1d a2 c8 df f4 bd
| ce 1f d1 e7 f4 f5 9c 18 7a 8a 83 ed 94 7d d4 36
| c5 8c df ee 88 5e ed 22 44 51 60 ad a9 dc 26 c5
| a6 ac 0e eb 82 5d d6 dc 66 c5 0e 20 b7 bd 71 be
| cb 75 78 c0 b4 fe a8 b7 6c 36 51 33 42 a5 44 bb
| b1 71 33 d2 ad b7 24 88 d2 d2 4a b9 0b 72 e0 cd
| d1 1b d0 06 bc 7a 6f 36 31 da 81 52 3d dc 16 ee
| 19 a0 4b d1 84 af f9 71 f5 04 ba c8 6f 7f 31 b5
| f6 eb e7 b9 3f 9a 5e 54 e1 1c ba e6 82 57 6f cb
| 51 eb 60 ed 04 98 cd 27 bc bc 05 a4 50 d6 c6 42
| b4 c5 19 ea 4f eb 8e 92 e0 28 d0 ff e6 68 6c c0
| 6d 68 13 a2 b2 2f 2c 1e 87 00 65 18 61 ff 7b 38
| 76 a1 e4 02 a0 16 06 f4 16 80 62 74 49 7c d5 9a
| 86 d9 af 3d 7e ba 76 70 bd 53 e7 8f d7 3c 2f 4c
| 76 c5 41 39 0e f5 95 03 1f 2e 88 00 a2 9a 7e 9a
| ab 97 bc 5b 33 ff 87 0c c2 d0 57 8f 3b 55 d2 7a
| e1 35 88 ef d2 e0 44 58 7c 08 04 50 86 26 95 03
| 4c 32 26 52 de a0 15 6f 69 9d 25 bc e3 9e a8 49
| e2 f7 93 5b b7 5a 7e 7b bc ad 54 5f dd ba 13 10
| db 8f d2 38 58 e5 23 ba 0a 56 1f b1 9b 3a 06 62
| 45 41 ad a7 cf 85 b8 f0 9e e8 c6 26 81 c3 65 5a
| 99 97 3a 7b 0a 26 9b 1e d2 16 84 db ee ba 40 93
| fa 1e 88 6b 5b f2 e9 ea 48 4d 0c 44 58 31 54 bb
| ef 31 d6 17 0d e4 d6 8f 28 5d 4f c7 b5 91 32 d0
| 31 66 f9 ce 21 94 10 48 bb 21 a2 25 5a ad 05 85
| 55 10 a8 6e 38 8b e9 4e 79 ab 94 92 73 1c 7d e3
| 9e d2 79 fe 16 31 c9 df c5 99 d2 d9 8e b4 43 56
| f4 b2 87 52 71 17 ad f3 63 9d 88 ea eb 89 e2 ae
| f4 64 61 21 ba 1c 66 b3 58 6f 6b 68 d1 b3 d9 4e
| d1 8b 14 e7 87 12 ea 6f fa 30 83 ec 6d f6 a9 72
| 27 23 1a 4c eb 8e 8c af 0b 6f 06 36 8b 2a 45 40
| 22 25 e6 2d b3 37 42 3f f9 44 6c 6a b9 b4 ba 8b
| 7b 2c bc b1 97 fe 41 60 c9 c6 3d 4f f0 13 a3 b4
| 7e a8 8c 25 b0 ac d1 8e c4 ea bb df e1 65 58 5b
| d2 89 a5 78 e8 bb ec b3 17 96 73 bb d8 a5 c1 c5
| a8 bf 83 e1 7c fd 11 08 99 a3 56 58 ed e5 12 f7
| be 5e 8b ca 93 05 7c b7 49 08 5c 34 e7 b6 96 7c
| 0c 57 d8 b0 74 d8 88 58 98 94 55 cc f0 e6 f6 75
| 38 32 5e ba 21 3f 34 94 d3 56 24 1d 93 d0 52 0f
| 69 73 c7 3a f3 77 e3 eb c3 79 bd 63 a0 df 78 d4
| 98 c2 75 3d 3b b0 22 03 18 91 c8 1b 76 7c 7c fd
| 1b 9c 7c cf 51 9f a9 bd 01 ab 81 8a 1e 6c 56 22
| b5 91 f2 c8 6b bf ff 33 1a 51 2d 7b 42 82 cf 1a
| 67 ad f8 9e 35 6a 6d ca da 6d a3 b0 05 ae 40 4e
| 36 d0 65 9c b9 75 f2 6c b8 ed 2d 0a bf 18 e2 69
| 9c 25 7c 56 bf 8a fe ea 1a e2 d4 83 21 f8 17 be
| a8 56 00 88 4c f7 01 73 19 53 81 14 42 dc 48 7e
| ae db e0 9b bc 3b 30 2f a6 ef 16 29 61 54 c8 ad
| f3 7a b4 c8 4c 91 73 e5 55 a6 72 e1 e6 94 9e e2
| 97 29 f9 0c 5b 0b de 0b eb 91 fc a7 09 a3 4e 16
| 71 b3 f8 53 3f 52 c0 3e 05 d0 3f 9c 59 76 16 0d
| 8c 21 e0 b0 ff 38 37 0b 4f 68 87 0f 07 c8 0e 39
| c3 1a b7 c1 4f 17 88 60 d0 cd 39 6b
| inserting event EVENT_RETRANSMIT, timeout in 40 seconds for #1
| next event EVENT_RETRANSMIT in 40 seconds for #1
|
| *received 364 bytes from <peer's fw's public ip>:500 on eth0
| 11 47 e1 b8 ed 32 ac a4 05 e6 ed 3b 49 50 e0 6a
| 04 10 02 00 00 00 00 00 00 00 01 6c 0a 00 01 04
| 79 5e 5b ca 4e a9 7e 20 b9 f0 5c be ee da 41 e3
| 06 2b db 03 96 47 86 8e fa 05 26 21 8f 80 b1 52
| 57 a2 1c 93 8d 2a c0 6b 2b 0a d7 01 92 ce a1 8a
| 18 96 ae a9 b2 00 46 90 33 b2 99 59 ca 7e db 6b
| 43 5a 29 e7 c9 c2 84 68 05 68 57 a5 ff a0 f6 68
| ca 4b b1 0f bc a8 2f 29 25 d5 b7 14 43 74 23 1e
| fa fd 79 df 36 5c c2 65 2f 91 3b 7f 81 5a 90 c3
| ca e3 4d 19 4e 52 10 e7 6e 77 87 2c 56 ad 4c 40
| 93 2c 86 ec 2e 57 86 86 ed 7d 85 f4 18 55 52 0d
| a8 7c 43 f0 a2 17 e1 2d 9a 47 a0 80 ed bf 85 f3
| 7e 68 7b e3 75 52 a9 41 aa 96 4d 89 02 38 0f 03
| 57 0a 25 96 5a 0e 70 92 50 92 fe e9 db bf 1b 0f
| 49 45 77 ce 8a b8 a1 09 5d b5 e8 d7 d2 89 e3 d0
| 3d 2d 9d eb a0 52 91 6d 4d f8 8b a1 a4 af 16 40
| 2b f7 3b 2f fc 81 78 a0 ed 56 a4 7c ac 29 be 0c
| f9 ff c2 22 4e 22 8e d5 19 ba 94 3a f5 45 a4 88
| 07 00 00 14 b5 5d 45 16 f5 91 85 db 46 08 d3 0e
| 0a 80 5c 54 14 00 00 05 04 14 00 00 18 f7 25 56
| fa 59 5f 57 0b 4f 65 28 82 ee 39 3b 1d 56 fc 0b
| d3 00 00 00 18 68 82 7d e3 30 da 2e ca ab 55 77
| f5 52 c1 ae f7 ad 04 c1 c4 00 00 00
| **parse ISAKMP Message:
| initiator cookie:
| 11 47 e1 b8 ed 32 ac a4
| responder cookie:
| 05 e6 ed 3b 49 50 e0 6a
| next payload type: ISAKMP_NEXT_KE
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 364
| ICOOKIE: 11 47 e1 b8 ed 32 ac a4
| RCOOKIE: 05 e6 ed 3b 49 50 e0 6a
| peer: a5 e4 67 ba
| state hash entry 28
| state object #1 found, in STATE_MAIN_I3
"company" #1: discarding duplicate packet; already STATE_MAIN_I3
| next event EVENT_RETRANSMIT in 40 seconds for #1
|
| *received 256 bytes from <peer's fw's public ip>:500 on eth0
| 12 a9 c2 ad 00 f4 08 df 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| **parse ISAKMP Message:
| initiator cookie:
| 12 a9 c2 ad 00 f4 08 df
| responder cookie:
| 00 00 00 00 00 00 00 00
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 256
| ***parse ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 56
| DOI: ISAKMP_DOI_IPSEC
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 12
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 20
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[strongSwan 4.2.4]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[Cisco-Unity]
packet from <peer's fw's public ip>:500: received Vendor ID payload [XAUTH]
packet from <peer's fw's public ip>:500: received Vendor ID payload [Dead
Peer Detection]
packet from <peer's fw's public ip>:500: received Vendor ID payload [RFC
3947]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
| ****parse IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| ****parse ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 44
| proposal number: 0
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****parse ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| length: 36
| transform number: 0
| transform ID: KEY_IKE
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_TYPE
| length/value: 1
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_DURATION
| length/value: 10800
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_ENCRYPTION_ALGORITHM
| length/value: 7
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_HASH_ALGORITHM
| length/value: 2
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_KEY_LENGTH
| length/value: 128
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 3
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_GROUP_DESCRIPTION
| length/value: 14
| preparse_isakmp_policy: peer requests RSASIG authentication
packet from <peer's fw's public ip>:500: initial Main Mode message received
on 192.168.5.2:500 but no connection has been authorized with policy=RSASIG
| next event EVENT_RETRANSMIT in 1 seconds for #1
|
| *time to handle event
| event after this is EVENT_REINIT_SECRET in 3529 seconds
| handling event EVENT_RETRANSMIT for <peer's fw's public ip> "company" #1
"company" #1: max number of retransmissions (2) reached STATE_MAIN_I3.
Possible authentication failure: no acceptable response to our first
encrypted message
"company" #1: starting keying attempt 2 of at most 3
| creating state object #2 at 0xb77e7c10
| ICOOKIE: 48 42 5d 28 b3 f2 41 99
| RCOOKIE: 00 00 00 00 00 00 00 00
| peer: a5 e4 67 ba
| state hash entry 22
| inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #2
"company" #2: initiating Main Mode to replace #1
| **emit ISAKMP Message:
| initiator cookie:
| 48 42 5d 28 b3 f2 41 99
| responder cookie:
| 00 00 00 00 00 00 00 00
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| ***emit ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_VID
| DOI: ISAKMP_DOI_IPSEC
| ****emit IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| 7_128-2-14,
| ****emit ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| proposal number: 0
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****emit ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| transform number: 0
| transform ID: KEY_IKE
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_TYPE
| length/value: 1
| [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_DURATION
| length/value: 10800
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_ENCRYPTION_ALGORITHM
| length/value: 7
| [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_HASH_ALGORITHM
| length/value: 2
| [2 is OAKLEY_SHA]
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_KEY_LENGTH
| length/value: 128
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 3
| [3 is OAKLEY_RSA_SIG]
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_GROUP_DESCRIPTION
| length/value: 14
| [14 is OAKLEY_GROUP_MODP2048]
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| emitting length of ISAKMP Proposal Payload: 44
| emitting length of ISAKMP Security Association Payload: 56
| out_vendorid(): sending [strongSwan 4.2.4]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID cd 57 92 d4 b7 0f 02 99 a6 a1 37 3d e2 36 d2 ac
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [Cisco-Unity]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2 74 cc 01 00
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [XAUTH]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 8 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 09 00 26 89 df d6 b7 12
| emitting length of ISAKMP Vendor ID Payload: 12
| out_vendorid(): sending [Dead Peer Detection]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [RFC 3947]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-03]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-02]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-02_n]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-00]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| emitting length of ISAKMP Vendor ID Payload: 20
| emitting length of ISAKMP Message: 256
| sending 256 bytes for main_outI1 through eth0 to <peer's fw's public
ip>:4500:
| 48 42 5d 28 b3 f2 41 99 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #2
| ICOOKIE: 11 47 e1 b8 ed 32 ac a4
| RCOOKIE: 05 e6 ed 3b 49 50 e0 6a
| peer: a5 e4 67 ba
| state hash entry 28
| next event EVENT_RETRANSMIT in 10 seconds for #2
|
| *received 256 bytes from <peer's fw's public ip>:500 on eth0
| 12 a9 c2 ad 00 f4 08 df 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| **parse ISAKMP Message:
| initiator cookie:
| 12 a9 c2 ad 00 f4 08 df
| responder cookie:
| 00 00 00 00 00 00 00 00
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 256
| ***parse ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 56
| DOI: ISAKMP_DOI_IPSEC
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 12
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 20
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[strongSwan 4.2.4]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[Cisco-Unity]
packet from <peer's fw's public ip>:500: received Vendor ID payload [XAUTH]
packet from <peer's fw's public ip>:500: received Vendor ID payload [Dead
Peer Detection]
packet from <peer's fw's public ip>:500: received Vendor ID payload [RFC
3947]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
| ****parse IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| ****parse ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 44
| proposal number: 0
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****parse ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| length: 36
| transform number: 0
| transform ID: KEY_IKE
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_TYPE
| length/value: 1
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_DURATION
| length/value: 10800
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_ENCRYPTION_ALGORITHM
| length/value: 7
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_HASH_ALGORITHM
| length/value: 2
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_KEY_LENGTH
| length/value: 128
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 3
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_GROUP_DESCRIPTION
| length/value: 14
| preparse_isakmp_policy: peer requests RSASIG authentication
packet from <peer's fw's public ip>:500: initial Main Mode message received
on 192.168.5.2:500 but no connection has been authorized with policy=RSASIG
| next event EVENT_RETRANSMIT in 1 seconds for #2
|
| *time to handle event
| event after this is EVENT_REINIT_SECRET in 3519 seconds
| handling event EVENT_RETRANSMIT for <peer's fw's public ip> "company" #2
| sending 256 bytes for EVENT_RETRANSMIT through eth0 to <peer's fw's public
ip>:4500:
| 48 42 5d 28 b3 f2 41 99 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #2
| next event EVENT_RETRANSMIT in 20 seconds for #2
|
| *received 256 bytes from <peer's fw's public ip>:500 on eth0
| 12 a9 c2 ad 00 f4 08 df 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| **parse ISAKMP Message:
| initiator cookie:
| 12 a9 c2 ad 00 f4 08 df
| responder cookie:
| 00 00 00 00 00 00 00 00
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 256
| ***parse ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 56
| DOI: ISAKMP_DOI_IPSEC
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 12
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 20
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[strongSwan 4.2.4]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[Cisco-Unity]
packet from <peer's fw's public ip>:500: received Vendor ID payload [XAUTH]
packet from <peer's fw's public ip>:500: received Vendor ID payload [Dead
Peer Detection]
packet from <peer's fw's public ip>:500: received Vendor ID payload [RFC
3947]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
| ****parse IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| ****parse ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 44
| proposal number: 0
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****parse ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| length: 36
| transform number: 0
| transform ID: KEY_IKE
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_TYPE
| length/value: 1
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_DURATION
| length/value: 10800
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_ENCRYPTION_ALGORITHM
| length/value: 7
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_HASH_ALGORITHM
| length/value: 2
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_KEY_LENGTH
| length/value: 128
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 3
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_GROUP_DESCRIPTION
| length/value: 14
| preparse_isakmp_policy: peer requests RSASIG authentication
packet from <peer's fw's public ip>:500: initial Main Mode message received
on 192.168.5.2:500 but no connection has been authorized with policy=RSASIG
| next event EVENT_RETRANSMIT in 1 seconds for #2
|
| *time to handle event
| event after this is EVENT_REINIT_SECRET in 3499 seconds
| handling event EVENT_RETRANSMIT for <peer's fw's public ip> "company" #2
| sending 256 bytes for EVENT_RETRANSMIT through eth0 to <peer's fw's public
ip>:4500:
| 48 42 5d 28 b3 f2 41 99 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| inserting event EVENT_RETRANSMIT, timeout in 40 seconds for #2
| next event EVENT_RETRANSMIT in 40 seconds for #2
|
| *received 256 bytes from <peer's fw's public ip>:500 on eth0
| ca 62 5e 73 fe fd 1a 03 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| **parse ISAKMP Message:
| initiator cookie:
| ca 62 5e 73 fe fd 1a 03
| responder cookie:
| 00 00 00 00 00 00 00 00
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 256
| ***parse ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 56
| DOI: ISAKMP_DOI_IPSEC
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 12
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 20
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[strongSwan 4.2.4]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[Cisco-Unity]
packet from <peer's fw's public ip>:500: received Vendor ID payload [XAUTH]
packet from <peer's fw's public ip>:500: received Vendor ID payload [Dead
Peer Detection]
packet from <peer's fw's public ip>:500: received Vendor ID payload [RFC
3947]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
| ****parse IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| ****parse ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 44
| proposal number: 0
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****parse ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| length: 36
| transform number: 0
| transform ID: KEY_IKE
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_TYPE
| length/value: 1
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_DURATION
| length/value: 10800
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_ENCRYPTION_ALGORITHM
| length/value: 7
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_HASH_ALGORITHM
| length/value: 2
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_KEY_LENGTH
| length/value: 128
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 3
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_GROUP_DESCRIPTION
| length/value: 14
| preparse_isakmp_policy: peer requests RSASIG authentication
packet from <peer's fw's public ip>:500: initial Main Mode message received
on 192.168.5.2:500 but no connection has been authorized with policy=RSASIG
| next event EVENT_RETRANSMIT in 1 seconds for #2
|
| *time to handle event
| event after this is EVENT_REINIT_SECRET in 3459 seconds
| handling event EVENT_RETRANSMIT for <peer's fw's public ip> "company" #2
"company" #2: max number of retransmissions (2) reached STATE_MAIN_I1. No
response (or no acceptable response) to our first IKE message
"company" #2: starting keying attempt 3 of at most 3
| creating state object #3 at 0xb77e6408
| ICOOKIE: 1c 82 2b 72 55 d3 e1 60
| RCOOKIE: 00 00 00 00 00 00 00 00
| peer: a5 e4 67 ba
| state hash entry 20
| inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #3
"company" #3: initiating Main Mode to replace #2
| **emit ISAKMP Message:
| initiator cookie:
| 1c 82 2b 72 55 d3 e1 60
| responder cookie:
| 00 00 00 00 00 00 00 00
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| ***emit ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_VID
| DOI: ISAKMP_DOI_IPSEC
| ****emit IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| 7_128-2-14,
| ****emit ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| proposal number: 0
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****emit ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| transform number: 0
| transform ID: KEY_IKE
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_TYPE
| length/value: 1
| [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_DURATION
| length/value: 10800
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_ENCRYPTION_ALGORITHM
| length/value: 7
| [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_HASH_ALGORITHM
| length/value: 2
| [2 is OAKLEY_SHA]
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_KEY_LENGTH
| length/value: 128
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 3
| [3 is OAKLEY_RSA_SIG]
| ******emit ISAKMP Oakley attribute:
| af+type: OAKLEY_GROUP_DESCRIPTION
| length/value: 14
| [14 is OAKLEY_GROUP_MODP2048]
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| emitting length of ISAKMP Proposal Payload: 44
| emitting length of ISAKMP Security Association Payload: 56
| out_vendorid(): sending [strongSwan 4.2.4]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID cd 57 92 d4 b7 0f 02 99 a6 a1 37 3d e2 36 d2 ac
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [Cisco-Unity]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2 74 cc 01 00
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [XAUTH]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 8 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 09 00 26 89 df d6 b7 12
| emitting length of ISAKMP Vendor ID Payload: 12
| out_vendorid(): sending [Dead Peer Detection]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [RFC 3947]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-03]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-02]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID cd 60 46 43 35 df 21 f8 7c fd b2 fc 68 b6 a4 48
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-02_n]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vendorid(): sending [draft-ietf-ipsec-nat-t-ike-00]
| ***emit ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| emitting length of ISAKMP Vendor ID Payload: 20
| emitting length of ISAKMP Message: 256
| sending 256 bytes for main_outI1 through eth0 to <peer's fw's public
ip>:4500:
| 1c 82 2b 72 55 d3 e1 60 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #3
| ICOOKIE: 48 42 5d 28 b3 f2 41 99
| RCOOKIE: 00 00 00 00 00 00 00 00
| peer: a5 e4 67 ba
| state hash entry 22
| next event EVENT_RETRANSMIT in 10 seconds for #3
|
| *received 256 bytes from <peer's fw's public ip>:500 on eth0
| ca 62 5e 73 fe fd 1a 03 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| **parse ISAKMP Message:
| initiator cookie:
| ca 62 5e 73 fe fd 1a 03
| responder cookie:
| 00 00 00 00 00 00 00 00
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 256
| ***parse ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 56
| DOI: ISAKMP_DOI_IPSEC
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 12
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 20
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[strongSwan 4.2.4]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[Cisco-Unity]
packet from <peer's fw's public ip>:500: received Vendor ID payload [XAUTH]
packet from <peer's fw's public ip>:500: received Vendor ID payload [Dead
Peer Detection]
packet from <peer's fw's public ip>:500: received Vendor ID payload [RFC
3947]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
| ****parse IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| ****parse ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 44
| proposal number: 0
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****parse ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| length: 36
| transform number: 0
| transform ID: KEY_IKE
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_TYPE
| length/value: 1
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_DURATION
| length/value: 10800
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_ENCRYPTION_ALGORITHM
| length/value: 7
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_HASH_ALGORITHM
| length/value: 2
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_KEY_LENGTH
| length/value: 128
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 3
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_GROUP_DESCRIPTION
| length/value: 14
| preparse_isakmp_policy: peer requests RSASIG authentication
packet from <peer's fw's public ip>:500: initial Main Mode message received
on 192.168.5.2:500 but no connection has been authorized with policy=RSASIG
| next event EVENT_RETRANSMIT in 1 seconds for #3
|
| *time to handle event
| event after this is EVENT_REINIT_SECRET in 3449 seconds
| handling event EVENT_RETRANSMIT for <peer's fw's public ip> "company" #3
| sending 256 bytes for EVENT_RETRANSMIT through eth0 to <peer's fw's public
ip>:4500:
| 1c 82 2b 72 55 d3 e1 60 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| inserting event EVENT_RETRANSMIT, timeout in 20 seconds for #3
| next event EVENT_RETRANSMIT in 20 seconds for #3
|
| *received 256 bytes from <peer's fw's public ip>:500 on eth0
| ca 62 5e 73 fe fd 1a 03 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| **parse ISAKMP Message:
| initiator cookie:
| ca 62 5e 73 fe fd 1a 03
| responder cookie:
| 00 00 00 00 00 00 00 00
| next payload type: ISAKMP_NEXT_SA
| ISAKMP version: ISAKMP Version 1.0
| exchange type: ISAKMP_XCHG_IDPROT
| flags: none
| message ID: 00 00 00 00
| length: 256
| ***parse ISAKMP Security Association Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 56
| DOI: ISAKMP_DOI_IPSEC
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 12
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_VID
| length: 20
| ***parse ISAKMP Vendor ID Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 20
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[strongSwan 4.2.4]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[Cisco-Unity]
packet from <peer's fw's public ip>:500: received Vendor ID payload [XAUTH]
packet from <peer's fw's public ip>:500: received Vendor ID payload [Dead
Peer Detection]
packet from <peer's fw's public ip>:500: received Vendor ID payload [RFC
3947]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
packet from <peer's fw's public ip>:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
| ****parse IPsec DOI SIT:
| IPsec DOI SIT: SIT_IDENTITY_ONLY
| ****parse ISAKMP Proposal Payload:
| next payload type: ISAKMP_NEXT_NONE
| length: 44
| proposal number: 0
| protocol ID: PROTO_ISAKMP
| SPI size: 0
| number of transforms: 1
| *****parse ISAKMP Transform Payload (ISAKMP):
| next payload type: ISAKMP_NEXT_NONE
| length: 36
| transform number: 0
| transform ID: KEY_IKE
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_TYPE
| length/value: 1
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_LIFE_DURATION
| length/value: 10800
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_ENCRYPTION_ALGORITHM
| length/value: 7
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_HASH_ALGORITHM
| length/value: 2
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_KEY_LENGTH
| length/value: 128
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_AUTHENTICATION_METHOD
| length/value: 3
| ******parse ISAKMP Oakley attribute:
| af+type: OAKLEY_GROUP_DESCRIPTION
| length/value: 14
| preparse_isakmp_policy: peer requests RSASIG authentication
packet from <peer's fw's public ip>:500: initial Main Mode message received
on 192.168.5.2:500 but no connection has been authorized with policy=RSASIG
| next event EVENT_RETRANSMIT in 1 seconds for #3
|
| *time to handle event
| event after this is EVENT_REINIT_SECRET in 3429 seconds
| handling event EVENT_RETRANSMIT for <peer's fw's public ip> "company" #3
| sending 256 bytes for EVENT_RETRANSMIT through eth0 to <peer's fw's public
ip>:4500:
| 1c 82 2b 72 55 d3 e1 60 00 00 00 00 00 00 00 00
| 01 10 02 00 00 00 00 00 00 00 01 00 0d 00 00 38
| 00 00 00 01 00 00 00 01 00 00 00 2c 00 01 00 01
| 00 00 00 24 00 01 00 00 80 0b 00 01 80 0c 2a 30
| 80 01 00 07 80 02 00 02 80 0e 00 80 80 03 00 03
| 80 04 00 0e 0d 00 00 14 cd 57 92 d4 b7 0f 02 99
| a6 a1 37 3d e2 36 d2 ac 0d 00 00 14 12 f5 f2 8c
| 45 71 68 a9 70 2d 9f e2 74 cc 01 00 0d 00 00 0c
| 09 00 26 89 df d6 b7 12 0d 00 00 14 af ca d7 13
| 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 0d 00 00 14
| 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
| 0d 00 00 14 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92
| 15 52 9d 56 0d 00 00 14 cd 60 46 43 35 df 21 f8
| 7c fd b2 fc 68 b6 a4 48 0d 00 00 14 90 cb 80 91
| 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f 00 00 00 14
| 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
| inserting event EVENT_RETRANSMIT, timeout in 40 seconds for #3
| next event EVENT_RETRANSMIT in 40 seconds for #3
|
| *time to handle event
| event after this is EVENT_REINIT_SECRET in 3389 seconds
| handling event EVENT_RETRANSMIT for <peer's fw's public ip> "company" #3
"company" #3: max number of retransmissions (2) reached STATE_MAIN_I1. No
response (or no acceptable response) to our first IKE message
| ICOOKIE: 1c 82 2b 72 55 d3 e1 60
| RCOOKIE: 00 00 00 00 00 00 00 00
| peer: a5 e4 67 ba
| state hash entry 20
| next event EVENT_REINIT_SECRET in 3389 seconds
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20100802/b2d508fc/attachment.html>
More information about the Users
mailing list