[strongSwan] strongSwan + Windows 7 + IKEv2 + MSCHAPv2 (Username and password)
Kerschbaum, Sven
sven.kerschbaum at siemens.com
Fri May 7 09:49:21 CEST 2010
Dear strongSwan community,
since a few days I am trying to get IKEv2 (MSCHAPv2, username and password) running. But still without success.
The configuration I used is as follows:
Windows 7 (Release) ===> strongSwan 4.3.2 (openSuse 10.2)
I configured Windows 7 and strongSwan as described in the following source: http://wiki.strongswan.org/wiki/1/Win7EapMultipleConfig
Trying to authenticate returns the following error message on Windows 7:
"Verifying username and password... Error 13843: Invalid payload received"
The strongSwan log looks as follows:
01[DMN] Starting IKEv2 charon daemon (strongSwan 4.3.2)
01[CFG] loading ca certificates from '/usr/local/etc/ipsec.d/cacerts'
01[LIB] userx encoded => 101 bytes @ 0x808fdcf
01[LIB] 0: 30 63 31 10 30 0E 06 03 55 04 0A 13 07 53 69 65 0c1.0...U....Sie
01[LIB] 16: 6D 65 6E 73 31 0C 30 0A 06 03 55 04 0B 13 03 41 mens1.0...U....A
01[LIB] 32: 54 53 31 12 30 10 06 03 55 04 07 13 09 4E 75 72 TS1.0...U....Nur
01[LIB] 48: 65 6D 62 65 72 67 31 10 30 0E 06 03 55 04 08 13 emberg1.0...U...
01[LIB] 64: 07 42 61 76 61 72 69 61 31 0B 30 09 06 03 55 04 .Bavaria1.0...U.
01[LIB] 80: 06 13 02 44 45 31 0E 30 0C 06 03 55 04 03 13 05 ...DE1.0...U....
01[LIB] 96: 69 6B 65 63 61 ikeca
01[LIB] userx encoded => 101 bytes @ 0x808fe54
01[LIB] 0: 30 63 31 10 30 0E 06 03 55 04 0A 13 07 53 69 65 0c1.0...U....Sie
01[LIB] 16: 6D 65 6E 73 31 0C 30 0A 06 03 55 04 0B 13 03 41 mens1.0...U....A
01[LIB] 32: 54 53 31 12 30 10 06 03 55 04 07 13 09 4E 75 72 TS1.0...U....Nur
01[LIB] 48: 65 6D 62 65 72 67 31 10 30 0E 06 03 55 04 08 13 emberg1.0...U...
01[LIB] 64: 07 42 61 76 61 72 69 61 31 0B 30 09 06 03 55 04 .Bavaria1.0...U.
01[LIB] 80: 06 13 02 44 45 31 0E 30 0C 06 03 55 04 03 13 05 ...DE1.0...U....
01[LIB] 96: 69 6B 65 63 61 ikeca
01[LIB] hash input userx => 140 bytes @ 0x80907d8
01[LIB] 0: 30 81 89 02 81 81 00 9C 2F 95 20 6B 1B 11 0D 7A 0......./. k...z
01[LIB] 16: 1D C3 E4 A8 2D CE D5 6D E3 07 8B E8 5C 5D 1A 07 ....-..m....\]..
01[LIB] 32: A1 D2 3C EA B1 5F AE 4C 98 F4 C9 5E E5 DF 25 A7 ..<.._.L...^..%.
01[LIB] 48: 99 2B C8 05 7C 04 F6 ED B0 C2 FA 25 84 EB B7 30 .+..|......%...0
01[LIB] 64: 1E 0A AC 47 C9 A2 B3 84 45 05 FE 17 EA 04 08 E8 ...G....E.......
01[LIB] 80: 02 7F 6F 9B 4F 37 AC B9 65 E8 65 D7 23 99 E1 92 ..o.O7..e.e.#...
01[LIB] 96: 3D 0C D6 5B 9D A1 B1 9B 50 D3 0E 96 F7 E1 47 9F =..[....P.....G.
01[LIB] 112: C6 30 23 C8 F8 85 0E 04 DF AB 83 B4 A4 52 C1 0B .0#..........R..
01[LIB] 128: 8F 35 38 51 0B 2D 75 02 03 01 00 01 .58Q.-u.....
01[LIB] hash output userx => 20 bytes @ 0x8090868
01[LIB] 0: 55 CD D8 E4 3C C4 BE 01 12 25 09 ED AB 68 1A AC U...<....%...h..
01[LIB] 16: 1E B0 C0 A1 ....
01[LIB] userx encoded => 20 bytes @ 0x8090868
01[LIB] 0: 55 CD D8 E4 3C C4 BE 01 12 25 09 ED AB 68 1A AC U...<....%...h..
01[LIB] 16: 1E B0 C0 A1 ....
01[LIB] hash input userx => 162 bytes @ 0x80909d0
01[LIB] 0: 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 0..0...*.H......
01[LIB] 16: 05 00 03 81 8D 00 30 81 89 02 81 81 00 9C 2F 95 ......0......./.
01[LIB] 32: 20 6B 1B 11 0D 7A 1D C3 E4 A8 2D CE D5 6D E3 07 k...z....-..m..
01[LIB] 48: 8B E8 5C 5D 1A 07 A1 D2 3C EA B1 5F AE 4C 98 F4 ..\]....<.._.L..
01[LIB] 64: C9 5E E5 DF 25 A7 99 2B C8 05 7C 04 F6 ED B0 C2 .^..%..+..|.....
01[LIB] 80: FA 25 84 EB B7 30 1E 0A AC 47 C9 A2 B3 84 45 05 .%...0...G....E.
01[LIB] 96: FE 17 EA 04 08 E8 02 7F 6F 9B 4F 37 AC B9 65 E8 ........o.O7..e.
01[LIB] 112: 65 D7 23 99 E1 92 3D 0C D6 5B 9D A1 B1 9B 50 D3 e.#...=..[....P.
01[LIB] 128: 0E 96 F7 E1 47 9F C6 30 23 C8 F8 85 0E 04 DF AB ....G..0#.......
01[LIB] 144: 83 B4 A4 52 C1 0B 8F 35 38 51 0B 2D 75 02 03 01 ...R...58Q.-u...
01[LIB] 160: 00 01 ..
01[LIB] hash output userx => 20 bytes @ 0x8090938
01[LIB] 0: 95 E0 B8 F0 CF DF 6A 3C 9B 39 45 57 78 1C 41 45 ......j<.9EWx.AE
01[LIB] 16: 12 B0 33 6F ..3o
01[LIB] userx encoded => 20 bytes @ 0x8090938
01[LIB] 0: 95 E0 B8 F0 CF DF 6A 3C 9B 39 45 57 78 1C 41 45 ......j<.9EWx.AE
01[LIB] 16: 12 B0 33 6F ..3o
01[LIB] userx encoded => 20 bytes @ 0x808ff9e
01[LIB] 0: 55 CD D8 E4 3C C4 BE 01 12 25 09 ED AB 68 1A AC U...<....%...h..
01[LIB] 16: 1E B0 C0 A1 ....
01[LIB] hash input userx => 785 bytes @ 0x808fda8
01[LIB] 0: 30 82 03 0D 30 82 02 76 A0 03 02 01 02 02 09 00 0...0..v........
01[LIB] 16: B4 9F 78 3E 3E 76 A5 42 30 0D 06 09 2A 86 48 86 ..x>>v.B0...*.H.
01[LIB] 32: F7 0D 01 01 04 05 00 30 63 31 10 30 0E 06 03 55 .......0c1.0...U
01[LIB] 48: 04 0A 13 07 53 69 65 6D 65 6E 73 31 0C 30 0A 06 ....Siemens1.0..
01[LIB] 64: 03 55 04 0B 13 03 41 54 53 31 12 30 10 06 03 55 .U....ATS1.0...U
01[LIB] 80: 04 07 13 09 4E 75 72 65 6D 62 65 72 67 31 10 30 ....Nuremberg1.0
01[LIB] 96: 0E 06 03 55 04 08 13 07 42 61 76 61 72 69 61 31 ...U....Bavaria1
01[LIB] 112: 0B 30 09 06 03 55 04 06 13 02 44 45 31 0E 30 0C .0...U....DE1.0.
01[LIB] 128: 06 03 55 04 03 13 05 69 6B 65 63 61 30 1E 17 0D ..U....ikeca0...
01[LIB] 144: 30 39 31 32 31 38 31 34 30 32 31 34 5A 17 0D 31 091218140214Z..1
01[LIB] 160: 31 31 32 31 38 31 34 30 32 31 34 5A 30 63 31 10 11218140214Z0c1.
01[LIB] 176: 30 0E 06 03 55 04 0A 13 07 53 69 65 6D 65 6E 73 0...U....Siemens
01[LIB] 192: 31 0C 30 0A 06 03 55 04 0B 13 03 41 54 53 31 12 1.0...U....ATS1.
01[LIB] 208: 30 10 06 03 55 04 07 13 09 4E 75 72 65 6D 62 65 0...U....Nurembe
01[LIB] 224: 72 67 31 10 30 0E 06 03 55 04 08 13 07 42 61 76 rg1.0...U....Bav
01[LIB] 240: 61 72 69 61 31 0B 30 09 06 03 55 04 06 13 02 44 aria1.0...U....D
01[LIB] 256: 45 31 0E 30 0C 06 03 55 04 03 13 05 69 6B 65 63 E1.0...U....ikec
01[LIB] 272: 61 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 a0..0...*.H.....
01[LIB] 288: 01 05 00 03 81 8D 00 30 81 89 02 81 81 00 9C 2F .......0......./
01[LIB] 304: 95 20 6B 1B 11 0D 7A 1D C3 E4 A8 2D CE D5 6D E3 . k...z....-..m.
01[LIB] 320: 07 8B E8 5C 5D 1A 07 A1 D2 3C EA B1 5F AE 4C 98 ...\]....<.._.L.
01[LIB] 336: F4 C9 5E E5 DF 25 A7 99 2B C8 05 7C 04 F6 ED B0 ..^..%..+..|....
01[LIB] 352: C2 FA 25 84 EB B7 30 1E 0A AC 47 C9 A2 B3 84 45 ..%...0...G....E
01[LIB] 368: 05 FE 17 EA 04 08 E8 02 7F 6F 9B 4F 37 AC B9 65 .........o.O7..e
01[LIB] 384: E8 65 D7 23 99 E1 92 3D 0C D6 5B 9D A1 B1 9B 50 .e.#...=..[....P
01[LIB] 400: D3 0E 96 F7 E1 47 9F C6 30 23 C8 F8 85 0E 04 DF .....G..0#......
01[LIB] 416: AB 83 B4 A4 52 C1 0B 8F 35 38 51 0B 2D 75 02 03 ....R...58Q.-u..
01[LIB] 432: 01 00 01 A3 81 C8 30 81 C5 30 0C 06 03 55 1D 13 ......0..0...U..
01[LIB] 448: 04 05 30 03 01 01 FF 30 1D 06 03 55 1D 0E 04 16 ..0....0...U....
01[LIB] 464: 04 14 55 CD D8 E4 3C C4 BE 01 12 25 09 ED AB 68 ..U...<....%...h
01[LIB] 480: 1A AC 1E B0 C0 A1 30 81 95 06 03 55 1D 23 04 81 ......0....U.#..
01[LIB] 496: 8D 30 81 8A 80 14 55 CD D8 E4 3C C4 BE 01 12 25 .0....U...<....%
01[LIB] 512: 09 ED AB 68 1A AC 1E B0 C0 A1 A1 67 A4 65 30 63 ...h.......g.e0c
01[LIB] 528: 31 10 30 0E 06 03 55 04 0A 13 07 53 69 65 6D 65 1.0...U....Sieme
01[LIB] 544: 6E 73 31 0C 30 0A 06 03 55 04 0B 13 03 41 54 53 ns1.0...U....ATS
01[LIB] 560: 31 12 30 10 06 03 55 04 07 13 09 4E 75 72 65 6D 1.0...U....Nurem
01[LIB] 576: 62 65 72 67 31 10 30 0E 06 03 55 04 08 13 07 42 berg1.0...U....B
01[LIB] 592: 61 76 61 72 69 61 31 0B 30 09 06 03 55 04 06 13 avaria1.0...U...
01[LIB] 608: 02 44 45 31 0E 30 0C 06 03 55 04 03 13 05 69 6B .DE1.0...U....ik
01[LIB] 624: 65 63 61 82 09 00 B4 9F 78 3E 3E 76 A5 42 30 0D eca.....x>>v.B0.
01[LIB] 640: 06 09 2A 86 48 86 F7 0D 01 01 04 05 00 03 81 81 ..*.H...........
01[LIB] 656: 00 8A C7 24 FC 4C AE F7 CF FA CF 3B 5D 98 57 B1 ...$.L.....;].W.
01[LIB] 672: 94 81 5B 3C B5 83 FC BC FC 17 9F FE 1F C0 E6 8A ..[<............
01[LIB] 688: C0 CB 2A 8D A5 1F E6 53 9E 77 3C 91 79 1C 02 FB ..*....S.w<.y...
01[LIB] 704: D6 27 D2 DC D7 2E D1 30 48 0C 98 D5 72 C5 26 A2 .'.....0H...r.&.
01[LIB] 720: 0B DA F4 85 5C 12 79 F8 59 67 07 C6 C0 0A C6 34 ....\.y.Yg.....4
01[LIB] 736: 35 4F 6A 01 4F 12 68 57 D5 C6 C2 07 A2 BD 5C 52 5Oj.O.hW......\R
01[LIB] 752: 01 E2 A3 8A CB 31 71 DE 9C 23 F9 A6 EE 49 75 38 .....1q..#...Iu8
01[LIB] 768: 94 2B 75 54 EA FA E2 5D 5C D5 62 9D 91 7D 5F 4C .+uT...]\.b..}_L
01[LIB] 784: 22 "
01[LIB] hash output userx => 20 bytes @ 0x808fd90
01[LIB] 0: 1D 63 B8 CD F2 BA 81 4F F1 58 25 B2 1B DF 70 2A .c.....O.X%...p*
01[LIB] 16: 00 95 B5 73 ...s
01[LIB] loaded certificate file '/usr/local/etc/ipsec.d/cacerts/cacert.pem'
01[CFG] loading aa certificates from '/usr/local/etc/ipsec.d/aacerts'
01[CFG] loading ocsp signer certificates from '/usr/local/etc/ipsec.d/ocspcerts'
01[CFG] loading attribute certificates from '/usr/local/etc/ipsec.d/acerts'
01[CFG] loading crls from '/usr/local/etc/ipsec.d/crls'
01[CFG] loading secrets from '/usr/local/etc/ipsec.secrets'
01[LIB] hash input userx => 140 bytes @ 0x808e288
01[LIB] 0: 30 81 89 02 81 81 00 AA 3C 16 C2 3D FA 4A FC D7 0.......<..=.J..
01[LIB] 16: 08 17 9C 54 F2 D5 35 71 AB 22 6C F8 90 40 B6 D0 ...T..5q."l.. at ..
01[LIB] 32: EE B0 C3 EF 73 46 DD 9E CA EB DD EE 08 2E 77 66 ....sF........wf
01[LIB] 48: C9 63 99 5A 69 BF 03 E9 B7 C0 5B E2 D5 95 4E DD .c.Zi.....[...N.
01[LIB] 64: 28 F4 50 8B 2B 05 B6 20 85 65 A2 E8 11 98 74 67 (.P.+.. .e....tg
01[LIB] 80: FF 9D C1 38 14 5F 75 72 41 84 54 45 E8 F0 F7 48 ...8._urA.TE...H
01[LIB] 96: 0F EF 25 EB 2F A7 4C 38 20 03 C1 E8 EF F0 75 85 ..%./.L8 .....u.
01[LIB] 112: F8 72 FC B8 19 81 43 63 70 5C 75 AC 5C 3B 7C 44 .r....Ccp\u.\;|D
01[LIB] 128: E6 1A 7E 39 56 2A 23 02 03 01 00 01 ..~9V*#.....
01[LIB] hash output userx => 20 bytes @ 0x80906b0
01[LIB] 0: E5 C7 4A 32 CF 5A A1 C1 D5 83 B5 2D 7F 85 F0 4B ..J2.Z.....-...K
01[LIB] 16: 90 C0 AD 0F ....
01[LIB] userx encoded => 20 bytes @ 0x80906b0
01[LIB] 0: E5 C7 4A 32 CF 5A A1 C1 D5 83 B5 2D 7F 85 F0 4B ..J2.Z.....-...K
01[LIB] 16: 90 C0 AD 0F ....
01[LIB] hash input userx => 162 bytes @ 0x808e178
01[LIB] 0: 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 0..0...*.H......
01[LIB] 16: 05 00 03 81 8D 00 30 81 89 02 81 81 00 AA 3C 16 ......0.......<.
01[LIB] 32: C2 3D FA 4A FC D7 08 17 9C 54 F2 D5 35 71 AB 22 .=.J.....T..5q."
01[LIB] 48: 6C F8 90 40 B6 D0 EE B0 C3 EF 73 46 DD 9E CA EB l.. at ......sF<mailto:l.. at ......sF>....
01[LIB] 64: DD EE 08 2E 77 66 C9 63 99 5A 69 BF 03 E9 B7 C0 ....wf.c.Zi.....
01[LIB] 80: 5B E2 D5 95 4E DD 28 F4 50 8B 2B 05 B6 20 85 65 [...N.(.P.+.. .e
01[LIB] 96: A2 E8 11 98 74 67 FF 9D C1 38 14 5F 75 72 41 84 ....tg...8._urA.
01[LIB] 112: 54 45 E8 F0 F7 48 0F EF 25 EB 2F A7 4C 38 20 03 TE...H..%./.L8 .
01[LIB] 128: C1 E8 EF F0 75 85 F8 72 FC B8 19 81 43 63 70 5C ....u..r....Ccp\
01[LIB] 144: 75 AC 5C 3B 7C 44 E6 1A 7E 39 56 2A 23 02 03 01 u.\;|D..~9V*#...
01[LIB] 160: 00 01 ..
01[LIB] hash output userx => 20 bytes @ 0x80906b0
01[LIB] 0: 55 7C FE B0 AE 3F 9C 76 39 EB 7D FC 46 09 7C 2D U|...?.v9.}.F.|-
01[LIB] 16: 59 D9 7A 64 Y.zd
01[LIB] userx encoded => 20 bytes @ 0x80906b0
01[LIB] 0: 55 7C FE B0 AE 3F 9C 76 39 EB 7D FC 46 09 7C 2D U|...?.v9.}.F.|-
01[LIB] 16: 59 D9 7A 64 Y.zd
01[CFG] loaded private key file '/usr/local/etc/ipsec.d/private/clientkey.pem'
01[CFG] loaded EAP secret for test
01[DMN] loaded plugins: aes des sha1 sha2 md5 fips-prf random x509 pubkey xcbc hmac gmp stroke eap-identity eap-mschapv2
01[JOB] spawning 16 worker threads
02[CFG] received stroke: add connection 'host-host'
02[CFG] left nor right host is our side, assuming left=local
02[LIB] userx encoded => 101 bytes @ 0x8091417
02[LIB] 0: 30 63 31 10 30 0E 06 03 55 04 0A 13 07 53 69 65 0c1.0...U....Sie
02[LIB] 16: 6D 65 6E 73 31 0C 30 0A 06 03 55 04 0B 13 03 41 mens1.0...U....A
02[LIB] 32: 54 53 31 12 30 10 06 03 55 04 07 13 09 4E 75 72 TS1.0...U....Nur
02[LIB] 48: 65 6D 62 65 72 67 31 10 30 0E 06 03 55 04 08 13 emberg1.0...U...
02[LIB] 64: 07 42 61 76 61 72 69 61 31 0B 30 09 06 03 55 04 .Bavaria1.0...U.
02[LIB] 80: 06 13 02 44 45 31 0E 30 0C 06 03 55 04 03 13 05 ...DE1.0...U....
02[LIB] 96: 69 6B 65 63 61 ikeca
02[LIB] userx encoded => 88 bytes @ 0x809149c
02[LIB] 0: 30 56 31 0B 30 09 06 03 55 04 06 13 02 44 45 31 0V1.0...U....DE1
02[LIB] 16: 10 30 0E 06 03 55 04 08 13 07 42 61 76 61 72 69 .0...U....Bavari
02[LIB] 32: 61 31 10 30 0E 06 03 55 04 0A 13 07 53 69 65 6D a1.0...U....Siem
02[LIB] 48: 65 6E 73 31 0F 30 0D 06 03 55 04 0B 13 06 61 6E ens1.0...U....an
02[LIB] 64: 64 65 72 65 31 12 30 10 06 03 55 04 03 13 09 69 dere1.0...U....i
02[LIB] 80: 6B 65 63 6C 69 65 6E 74 keclient
02[LIB] hash input userx => 140 bytes @ 0x80924c0
02[LIB] 0: 30 81 89 02 81 81 00 AA 3C 16 C2 3D FA 4A FC D7 0.......<..=.J..
02[LIB] 16: 08 17 9C 54 F2 D5 35 71 AB 22 6C F8 90 40 B6 D0 ...T..5q."l.. at ..
02[LIB] 32: EE B0 C3 EF 73 46 DD 9E CA EB DD EE 08 2E 77 66 ....sF........wf
02[LIB] 48: C9 63 99 5A 69 BF 03 E9 B7 C0 5B E2 D5 95 4E DD .c.Zi.....[...N.
02[LIB] 64: 28 F4 50 8B 2B 05 B6 20 85 65 A2 E8 11 98 74 67 (.P.+.. .e....tg
02[LIB] 80: FF 9D C1 38 14 5F 75 72 41 84 54 45 E8 F0 F7 48 ...8._urA.TE...H
02[LIB] 96: 0F EF 25 EB 2F A7 4C 38 20 03 C1 E8 EF F0 75 85 ..%./.L8 .....u.
02[LIB] 112: F8 72 FC B8 19 81 43 63 70 5C 75 AC 5C 3B 7C 44 .r....Ccp\u.\;|D
02[LIB] 128: E6 1A 7E 39 56 2A 23 02 03 01 00 01 ..~9V*#.....
02[LIB] hash output userx => 20 bytes @ 0x8092550
02[LIB] 0: E5 C7 4A 32 CF 5A A1 C1 D5 83 B5 2D 7F 85 F0 4B ..J2.Z.....-...K
02[LIB] 16: 90 C0 AD 0F ....
02[LIB] userx encoded => 20 bytes @ 0x8092550
02[LIB] 0: E5 C7 4A 32 CF 5A A1 C1 D5 83 B5 2D 7F 85 F0 4B ..J2.Z.....-...K
02[LIB] 16: 90 C0 AD 0F ....
02[LIB] hash input userx => 162 bytes @ 0x80926b8
02[LIB] 0: 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 0..0...*.H......
02[LIB] 16: 05 00 03 81 8D 00 30 81 89 02 81 81 00 AA 3C 16 ......0.......<.
02[LIB] 32: C2 3D FA 4A FC D7 08 17 9C 54 F2 D5 35 71 AB 22 .=.J.....T..5q."
02[LIB] 48: 6C F8 90 40 B6 D0 EE B0 C3 EF 73 46 DD 9E CA EB l.. at ......sF<mailto:l.. at ......sF>....
02[LIB] 64: DD EE 08 2E 77 66 C9 63 99 5A 69 BF 03 E9 B7 C0 ....wf.c.Zi.....
02[LIB] 80: 5B E2 D5 95 4E DD 28 F4 50 8B 2B 05 B6 20 85 65 [...N.(.P.+.. .e
02[LIB] 96: A2 E8 11 98 74 67 FF 9D C1 38 14 5F 75 72 41 84 ....tg...8._urA.
02[LIB] 112: 54 45 E8 F0 F7 48 0F EF 25 EB 2F A7 4C 38 20 03 TE...H..%./.L8 .
02[LIB] 128: C1 E8 EF F0 75 85 F8 72 FC B8 19 81 43 63 70 5C ....u..r....Ccp\
02[LIB] 144: 75 AC 5C 3B 7C 44 E6 1A 7E 39 56 2A 23 02 03 01 u.\;|D..~9V*#...
02[LIB] 160: 00 01 ..
02[LIB] hash output userx => 20 bytes @ 0x8092620
02[LIB] 0: 55 7C FE B0 AE 3F 9C 76 39 EB 7D FC 46 09 7C 2D U|...?.v9.}.F.|-
02[LIB] 16: 59 D9 7A 64 Y.zd
02[LIB] userx encoded => 20 bytes @ 0x8092620
02[LIB] 0: 55 7C FE B0 AE 3F 9C 76 39 EB 7D FC 46 09 7C 2D U|...?.v9.}.F.|-
02[LIB] 16: 59 D9 7A 64 Y.zd
02[LIB] userx encoded => 9 bytes @ 0x80915c9
02[LIB] 0: 69 6B 65 63 6C 69 65 6E 74 ikeclient
02[LIB] hash input userx => 632 bytes @ 0x80913f8
02[LIB] 0: 30 82 02 74 30 82 01 DD A0 03 02 01 02 02 01 02 0..t0...........
02[LIB] 16: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 04 05 00 30 0...*.H........0
02[LIB] 32: 63 31 10 30 0E 06 03 55 04 0A 13 07 53 69 65 6D c1.0...U....Siem
02[LIB] 48: 65 6E 73 31 0C 30 0A 06 03 55 04 0B 13 03 41 54 ens1.0...U....AT
02[LIB] 64: 53 31 12 30 10 06 03 55 04 07 13 09 4E 75 72 65 S1.0...U....Nure
02[LIB] 80: 6D 62 65 72 67 31 10 30 0E 06 03 55 04 08 13 07 mberg1.0...U....
02[LIB] 96: 42 61 76 61 72 69 61 31 0B 30 09 06 03 55 04 06 Bavaria1.0...U..
02[LIB] 112: 13 02 44 45 31 0E 30 0C 06 03 55 04 03 13 05 69 ..DE1.0...U....i
02[LIB] 128: 6B 65 63 61 30 1E 17 0D 30 39 31 32 31 38 31 34 keca0...09121814
02[LIB] 144: 30 33 30 36 5A 17 0D 31 31 31 32 31 38 31 34 30 0306Z..111218140
02[LIB] 160: 33 30 36 5A 30 56 31 0B 30 09 06 03 55 04 06 13 306Z0V1.0...U...
02[LIB] 176: 02 44 45 31 10 30 0E 06 03 55 04 08 13 07 42 61 .DE1.0...U....Ba
02[LIB] 192: 76 61 72 69 61 31 10 30 0E 06 03 55 04 0A 13 07 varia1.0...U....
02[LIB] 208: 53 69 65 6D 65 6E 73 31 0F 30 0D 06 03 55 04 0B Siemens1.0...U..
02[LIB] 224: 13 06 61 6E 64 65 72 65 31 12 30 10 06 03 55 04 ..andere1.0...U.
02[LIB] 240: 03 13 09 69 6B 65 63 6C 69 65 6E 74 30 81 9F 30 ...ikeclient0..0
02[LIB] 256: 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 81 ...*.H..........
02[LIB] 272: 8D 00 30 81 89 02 81 81 00 AA 3C 16 C2 3D FA 4A ..0.......<..=.J
02[LIB] 288: FC D7 08 17 9C 54 F2 D5 35 71 AB 22 6C F8 90 40 .....T..5q."l..@
02[LIB] 304: B6 D0 EE B0 C3 EF 73 46 DD 9E CA EB DD EE 08 2E ......sF........
02[LIB] 320: 77 66 C9 63 99 5A 69 BF 03 E9 B7 C0 5B E2 D5 95 wf.c.Zi.....[...
02[LIB] 336: 4E DD 28 F4 50 8B 2B 05 B6 20 85 65 A2 E8 11 98 N.(.P.+.. .e....
02[LIB] 352: 74 67 FF 9D C1 38 14 5F 75 72 41 84 54 45 E8 F0 tg...8._urA.TE..
02[LIB] 368: F7 48 0F EF 25 EB 2F A7 4C 38 20 03 C1 E8 EF F0 .H..%./.L8 .....
02[LIB] 384: 75 85 F8 72 FC B8 19 81 43 63 70 5C 75 AC 5C 3B u..r....Ccp\u.\;
02[LIB] 400: 7C 44 E6 1A 7E 39 56 2A 23 02 03 01 00 01 A3 45 |D..~9V*#......E
02[LIB] 416: 30 43 30 0B 06 03 55 1D 0F 04 04 03 02 05 A0 30 0C0...U........0
02[LIB] 432: 13 06 03 55 1D 25 04 0C 30 0A 06 08 2B 06 01 05 ...U.%..0...+...
02[LIB] 448: 05 07 03 02 30 14 06 03 55 1D 11 04 0D 30 0B 82 ....0...U....0..
02[LIB] 464: 09 69 6B 65 63 6C 69 65 6E 74 30 09 06 03 55 1D .ikeclient0...U.
02[LIB] 480: 13 04 02 30 00 30 0D 06 09 2A 86 48 86 F7 0D 01 ...0.0...*.H....
02[LIB] 496: 01 04 05 00 03 81 81 00 76 19 D1 31 DC 9E 5B 61 ........v..1..[a
02[LIB] 512: AD 7F 96 59 7E 53 3C 71 99 D2 5D 25 90 F8 57 2B ...Y~S<q..]%..W+
02[LIB] 528: 63 0C A1 15 C1 3E 32 89 C1 FB 7C CE 8D 3B 01 CD c....>2...|..;..
02[LIB] 544: 17 45 5D 1E 02 50 97 74 35 1F 42 35 C6 0A CA 21 .E]..P.t5.B5...!
02[LIB] 560: 27 38 39 6C AE D8 5C 0E 32 62 E8 FF 2D AC 18 28 '89l..\.2b..-..(
02[LIB] 576: 76 76 5A 7C 07 D1 F2 24 90 0C 5E EE E4 7E 84 EA vvZ|...$..^..~..
02[LIB] 592: DE BA FE 94 7A 85 72 61 0A 9C EF 6A 8D 6C 54 A4 ....z.ra...j.lT.
02[LIB] 608: 7E 5C 5F 90 1F 2C F8 08 30 25 91 F7 59 60 58 D7 ~\_..,..0%..Y`X.
02[LIB] 624: 2E 6F 9D CD E2 18 C1 AF .o......
02[LIB] hash output userx => 20 bytes @ 0x80913e0
02[LIB] 0: A1 EA 8C 1C E0 6C 07 03 2F BD F5 8B 2F 3B 7D 2D .....l../.../;}-
02[LIB] 16: 8F D1 BA 87 ....
02[LIB] loaded certificate file '/usr/local/etc/ipsec.d/certs/clientcert.pem'
02[CFG] peerid 192.168.10.90 not confirmed by certificate, defaulting to subject DN: C=DE, ST=Bavaria, O=Siemens, OU=andere, CN=ikeclient
02[CFG] added configuration 'host-host'
07[LIB] hash input userx => 528 bytes @ 0x8093150
07[LIB] 0: D9 01 E7 46 94 21 C2 A0 00 00 00 00 00 00 00 00 ...F.!..........
07[LIB] 16: 21 20 22 08 00 00 00 00 00 00 02 10 22 00 01 00 ! "........."...
07[LIB] 32: 02 00 00 28 01 01 00 04 03 00 00 08 01 00 00 03 ...(............
07[LIB] 48: 03 00 00 08 03 00 00 02 03 00 00 08 02 00 00 02 ................
07[LIB] 64: 00 00 00 08 04 00 00 02 02 00 00 2C 02 01 00 04 ...........,....
07[LIB] 80: 03 00 00 0C 01 00 00 0C 80 0E 01 00 03 00 00 08 ................
07[LIB] 96: 03 00 00 02 03 00 00 08 02 00 00 02 00 00 00 08 ................
07[LIB] 112: 04 00 00 02 02 00 00 28 03 01 00 04 03 00 00 08 .......(........
07[LIB] 128: 01 00 00 03 03 00 00 08 03 00 00 0C 03 00 00 08 ................
07[LIB] 144: 02 00 00 05 00 00 00 08 04 00 00 02 02 00 00 2C ...............,
07[LIB] 160: 04 01 00 04 03 00 00 0C 01 00 00 0C 80 0E 01 00 ................
07[LIB] 176: 03 00 00 08 03 00 00 0C 03 00 00 08 02 00 00 05 ................
07[LIB] 192: 00 00 00 08 04 00 00 02 02 00 00 28 05 01 00 04 ...........(....
07[LIB] 208: 03 00 00 08 01 00 00 03 03 00 00 08 03 00 00 0D ................
07[LIB] 224: 03 00 00 08 02 00 00 06 00 00 00 08 04 00 00 02 ................
07[LIB] 240: 00 00 00 2C 06 01 00 04 03 00 00 0C 01 00 00 0C ...,............
07[LIB] 256: 80 0E 01 00 03 00 00 08 03 00 00 0D 03 00 00 08 ................
07[LIB] 272: 02 00 00 06 00 00 00 08 04 00 00 02 28 00 00 88 ............(...
07[LIB] 288: 00 02 00 00 42 F0 E6 F9 09 F4 9F 5E A1 BF E9 74 ....B......^...t
07[LIB] 304: E4 E6 30 92 98 9F 46 BC F8 6D E9 E0 61 B1 7B AA ..0...F..m..a.{.
07[LIB] 320: D6 67 DD AA 1E 92 60 F7 C5 25 9E D2 0B 6C 98 A8 .g....`..%...l..
07[LIB] 336: 5E 8A 6F 23 06 2A BC C7 E1 DA CE D4 13 0A EC 55 ^.o#.*.........U
07[LIB] 352: 4F E1 84 CA 65 7A B2 8F 91 9E 8E 9B 97 37 97 4E O...ez.......7.N
07[LIB] 368: 34 49 C9 1B 7A 5F 3B 50 33 90 65 C5 74 50 48 B4 4I..z_;P3.e.tPH.
07[LIB] 384: 7C 1A 84 6E BC CE C5 1C A2 92 A9 EF C5 A5 3E 04 |..n..........>.
07[LIB] 400: 3C 7A 6A 1C C4 51 96 1D 45 56 6A 3B 3E 3D DC BC <zj..Q..EVj;>=..
07[LIB] 416: 86 CA D3 05 29 00 00 34 DC F1 C9 0B 76 F5 BC EE ....)..4....v...
07[LIB] 432: AE C1 F8 AA 0C 98 7D 12 63 D9 9D 9C 9C 6F 83 98 ......}.c....o..
07[LIB] 448: 8F 09 C1 4B A3 09 AB 3E 81 F3 F4 AC 5E 08 F5 00 ...K...>....^...
07[LIB] 464: BA 56 CE 4B A8 7C F1 6E 29 00 00 1C 00 00 40 04 .V.K.|.n)..... at .
07[LIB] 480: 2D CA 2E 82 E7 D6 B6 C5 64 83 B0 4D 48 4C BC 88 -.......d..MHL..
07[LIB] 496: 6E 25 60 78 00 00 00 1C 00 00 40 05 A6 51 D7 35 n%`x...... at ..Q.5<mailto:n%`x...... at ..Q.5>
07[LIB] 512: 67 80 BD 0F 6B 3D 21 CD 4A 2D 83 7D 17 9B E3 D7 g...k=!.J-.}....
07[LIB] hash output userx => 20 bytes @ 0x808f868
07[LIB] 0: 59 CF AC 2A E8 70 77 FC 16 DD 3C F6 0E BC 1E EF Y..*.pw...<.....
07[LIB] 16: 61 10 59 B8 a.Y.
07[LIB] userx encoded => 0 bytes @ (nil)
07[LIB] userx encoded => 0 bytes @ (nil)
07[NET] received packet: from 192.168.10.12[500] to 192.168.10.90[500]
07[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
07[IKE] 192.168.10.12 is initiating an IKE_SA
07[LIB] hash input userx => 22 bytes @ 0x8096f58
07[LIB] 0: D9 01 E7 46 94 21 C2 A0 00 00 00 00 00 00 00 00 ...F.!..........
07[LIB] 16: C0 A8 0A 5A 01 F4 ...Z..
07[LIB] hash output userx => 20 bytes @ 0x80960b8
07[LIB] 0: A6 51 D7 35 67 80 BD 0F 6B 3D 21 CD 4A 2D 83 7D .Q.5g...k=!.J-.}
07[LIB] 16: 17 9B E3 D7 ....
07[LIB] hash input userx => 22 bytes @ 0x8096f58
07[LIB] 0: D9 01 E7 46 94 21 C2 A0 00 00 00 00 00 00 00 00 ...F.!..........
07[LIB] 16: C0 A8 0A 0C 01 F4 ......
07[LIB] hash output userx => 20 bytes @ 0x8096d08
07[LIB] 0: 2D CA 2E 82 E7 D6 B6 C5 64 83 B0 4D 48 4C BC 88 -.......d..MHL..
07[LIB] 16: 6E 25 60 78 n%`x
07[LIB] hash input userx => 22 bytes @ 0x8096900
07[LIB] 0: D9 01 E7 46 94 21 C2 A0 6C 04 BF 5D 6C D7 6A 58 ...F.!..l..]l.jX
07[LIB] 16: C0 A8 0A 5A 01 F4 ...Z..
07[LIB] hash output userx => 20 bytes @ 0x8095b58
07[LIB] 0: B2 C8 DE 93 F7 FF 27 7F 08 7D D9 EC 2B FF 45 F5 ......'..}..+.E.
07[LIB] 16: E6 CE CC F1 ....
07[LIB] hash input userx => 22 bytes @ 0x8096900
07[LIB] 0: D9 01 E7 46 94 21 C2 A0 6C 04 BF 5D 6C D7 6A 58 ...F.!..l..]l.jX
07[LIB] 16: C0 A8 0A 0C 01 F4 ......
07[LIB] hash output userx => 20 bytes @ 0x8095b58
07[LIB] 0: 04 48 90 7E 30 49 96 D6 A8 A0 92 C5 4B 53 9F 9A .H.~0I......KS..
07[LIB] 16: 3F A7 C9 6F ?..o
07[IKE] sending cert request for "O=Siemens, OU=ATS, L=Nuremberg, ST=Bavaria, C=DE, CN=ikeca"
07[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
07[NET] sending packet: from 192.168.10.90[500] to 192.168.10.12[500]
08[NET] received packet: from 192.168.10.12[4500] to 192.168.10.90[4500]
08[ENC] data before decryption => 296 bytes @ 0x8096458
08[ENC] 0: F3 75 7D 6B 4B B1 22 DF 70 BB 95 5D 6C 26 A2 82 .u}kK.".p..]l&..
08[ENC] 16: BC ED 3B CA A8 0D 6B F4 24 B3 13 50 04 09 9C D5 ..;...k.$..P....
08[ENC] 32: F1 00 81 6F B0 56 D8 2A 15 40 50 EB 10 07 F5 9A ...o.V.*. at P<mailto:...o.V.*. at P>.....
08[ENC] 48: FE 62 EA 0F D8 F7 F1 E9 06 11 FB E5 B8 78 C2 83 .b...........x..
08[ENC] 64: D6 54 45 6C 80 74 18 45 AD 0C 55 D4 47 A3 EB 96 .TEl.t.E..U.G...
08[ENC] 80: 5C D1 FF B2 2A EA 6B ED 0D 02 8E AF 1B 66 00 BC \...*.k......f..
08[ENC] 96: B8 46 A7 35 1B 59 C8 6D E1 00 92 81 B2 C4 F0 50 .F.5.Y.m.......P
08[ENC] 112: 3B 92 40 EA 8B 35 DC 20 44 F9 02 2F FC 93 BD 91 ;. at ..5. D../....
08[ENC] 128: 64 1F 30 C2 AE B0 9E 69 2E B0 EF 9E FD 66 BB DE d.0....i.....f..
08[ENC] 144: 44 EE 54 4D 23 47 1D BB 99 DE 74 E0 3D E9 77 3C D.TM#G....t.=.w<
08[ENC] 160: AC F1 0C F2 96 19 39 10 31 E7 9B 65 98 7E E2 A7 ......9.1..e.~..
08[ENC] 176: EB CA B0 C1 8A 04 B3 31 7B 63 69 44 77 83 BD 74 .......1{ciDw..t
08[ENC] 192: E9 F1 75 80 62 D9 56 D9 B7 5F E2 9D 58 4C 70 9E ..u.b.V.._..XLp.
08[ENC] 208: 00 D3 E6 46 CA 20 53 DE BD 63 68 F8 6E 40 D0 8B ...F. S..ch.n at ..
08[ENC] 224: 91 A5 81 F8 A1 43 7F B5 ED AA 2B 93 A0 DE 7B 01 .....C....+...{.
08[ENC] 240: B6 5A 4B A4 05 2C C5 90 09 39 91 FD FA 34 74 B4 .ZK..,...9...4t.
08[ENC] 256: 99 DF 09 1A 92 7D AB 30 95 C1 54 CB 7B 69 06 A1 .....}.0..T.{i..
08[ENC] 272: BB 40 66 99 DF 6F 05 31 9F DE E6 16 36 6A D5 09 . at f..o.1....6j<mailto:. at f..o.1....6j>..
08[ENC] 288: 53 39 82 76 9F 60 22 79 S9.v.`"y
08[ENC] data after decryption with padding => 296 bytes @ 0x8095440
08[ENC] 0: 26 00 00 0C 01 00 00 00 C0 A8 0A 0C 29 00 00 19 &...........)...
08[ENC] 16: 04 95 E0 B8 F0 CF DF 6A 3C 9B 39 45 57 78 1C 41 .......j<.9EWx.A
08[ENC] 32: 45 12 B0 33 6F 2F 00 00 08 00 00 40 0C 21 00 00 E..3o/..... at .!..
08[ENC] 48: 28 01 00 00 00 00 01 00 04 C0 A8 03 09 00 03 00 (...............
08[ENC] 64: 00 00 04 00 00 5B A0 00 00 00 08 00 00 00 0A 00 .....[..........
08[ENC] 80: 00 5B A1 00 00 2C 00 00 50 02 00 00 28 01 03 04 .[...,..P...(...
08[ENC] 96: 03 67 0E 00 E2 03 00 00 0C 01 00 00 0C 80 0E 01 .g..............
08[ENC] 112: 00 03 00 00 08 03 00 00 02 00 00 00 08 05 00 00 ................
08[ENC] 128: 00 00 00 00 24 02 03 04 03 67 0E 00 E2 03 00 00 ....$....g......
08[ENC] 144: 08 01 00 00 03 03 00 00 08 03 00 00 02 00 00 00 ................
08[ENC] 160: 08 05 00 00 00 2D 00 00 40 02 00 00 00 08 00 00 .....-.. at .......
08[ENC] 176: 28 00 00 FF FF 00 00 00 00 00 00 00 00 00 00 00 (...............
08[ENC] 192: 00 00 00 00 00 FF FF FF FF FF FF FF FF FF FF FF ................
08[ENC] 208: FF FF FF FF FF 07 00 00 10 00 00 FF FF 00 00 00 ................
08[ENC] 224: 00 FF FF FF FF 00 00 00 40 02 00 00 00 08 00 00 ........ at .......
08[ENC] 240: 28 00 00 FF FF 00 00 00 00 00 00 00 00 00 00 00 (...............
08[ENC] 256: 00 00 00 00 00 FF FF FF FF FF FF FF FF FF FF FF ................
08[ENC] 272: FF FF FF FF FF 07 00 00 10 00 00 FF FF 00 00 00 ................
08[ENC] 288: 00 FF FF FF FF 00 00 02 ........
08[ENC] unknown attribute type INTERNAL_IP4_SERVER
08[ENC] unknown attribute type INTERNAL_IP6_SERVER
08[ENC] parsed IKE_AUTH request 1 [ IDi CERTREQ N(MOBIKE_SUP) CP SA TSi TSr ]
08[LIB] userx encoded => 20 bytes @ 0x808f880
08[LIB] 0: 95 E0 B8 F0 CF DF 6A 3C 9B 39 45 57 78 1C 41 45 ......j<.9EWx.AE
08[LIB] 16: 12 B0 33 6F ..3o
08[IKE] received cert request for "O=Siemens, OU=ATS, L=Nuremberg, ST=Bavaria, C=DE, CN=ikeca"
08[LIB] userx encoded => 0 bytes @ (nil)
08[LIB] userx encoded => 4 bytes @ 0x808ed60
08[LIB] 0: C0 A8 0A 0C ....
08[CFG] looking for peer configs matching 192.168.10.90[%any]...192.168.10.12[192.168.10.12]
08[CFG] selected peer config 'host-host'
08[IKE] initiating EAP-Identity request
08[IKE] peer supports MOBIKE
08[IKE] IDx' => 92 bytes @ 0xb4d59100
08[IKE] 0: 09 00 00 00 30 56 31 0B 30 09 06 03 55 04 06 13 ....0V1.0...U...
08[IKE] 16: 02 44 45 31 10 30 0E 06 03 55 04 08 13 07 42 61 .DE1.0...U....Ba
08[IKE] 32: 76 61 72 69 61 31 10 30 0E 06 03 55 04 0A 13 07 varia1.0...U....
08[IKE] 48: 53 69 65 6D 65 6E 73 31 0F 30 0D 06 03 55 04 0B Siemens1.0...U..
08[IKE] 64: 13 06 61 6E 64 65 72 65 31 12 30 10 06 03 55 04 ..andere1.0...U.
08[IKE] 80: 03 13 09 69 6B 65 63 6C 69 65 6E 74 ...ikeclient
08[IKE] skp' => 20 bytes @ 0x80953f8
08[IKE] 0: 67 8F 2B 7A A7 5C 7F D2 74 3A 00 C5 DF 41 E6 01 g.+z.\..t:...A..
08[IKE] 16: 01 2D 6F B7 .-o.
08[IKE] octets = message + nonce + prf(Sk_px, IDx') => 401 bytes @ 0x8094bf0
08[IKE] 0: D9 01 E7 46 94 21 C2 A0 6C 04 BF 5D 6C D7 6A 58 ...F.!..l..]l.jX
08[IKE] 16: 21 20 22 20 00 00 00 00 00 00 01 4D 22 00 00 2C ! " .......M"..,
08[IKE] 32: 00 00 00 28 01 01 00 04 03 00 00 08 01 00 00 03 ...(............
08[IKE] 48: 03 00 00 08 03 00 00 02 03 00 00 08 02 00 00 02 ................
08[IKE] 64: 00 00 00 08 04 00 00 02 28 00 00 88 00 02 00 00 ........(.......
08[IKE] 80: 55 80 FB 1E 23 0E 26 05 D4 49 BF AD FC 33 BF EE U...#.&..I...3..
08[IKE] 96: 5D B8 70 87 02 52 5E EB F9 F9 D9 16 8A F1 C0 78 ].p..R^........x
08[IKE] 112: EF AE D9 05 DC 99 1A 31 5F 23 FF 3B 1D 18 BD 11 .......1_#.;....
08[IKE] 128: 03 A0 A3 37 67 74 E1 7B A5 77 AB B9 85 B1 51 66 ...7gt.{.w....Qf
08[IKE] 144: FF BF 91 24 2B AE DD 0F 9B 7C B5 19 C3 BF 46 9E ...$+....|....F.
08[IKE] 160: F3 D0 61 99 80 21 F6 11 37 BC 1F 21 3E 15 B7 7A ..a..!..7..!>..z
08[IKE] 176: 78 6D 2A 5C 17 1D 11 CC 5E 93 4B FC 89 68 8F 3D xm*\....^.K..h.=
08[IKE] 192: 87 4F F1 CE 5F A0 10 36 C1 3C A6 F9 AA 2A 16 BF .O.._..6.<...*..
08[IKE] 208: 29 00 00 24 5C 08 D8 FE 5E 41 52 3C D7 9D E8 B6 )..$\...^AR<....
08[IKE] 224: A9 1B 0D 3D 18 73 AD 9E E5 B9 8A 4E DD 29 4B C1 ...=.s.....N.)K.
08[IKE] 240: 6A E7 09 CB 29 00 00 1C 00 00 40 04 B2 C8 DE 93 j...)..... at .....
08[IKE] 256: F7 FF 27 7F 08 7D D9 EC 2B FF 45 F5 E6 CE CC F1 ..'..}..+.E.....
08[IKE] 272: 26 00 00 1C 00 00 40 05 04 48 90 7E 30 49 96 D6 &..... at ..H.~0I<mailto:&..... at ..H.~0I>..
08[IKE] 288: A8 A0 92 C5 4B 53 9F 9A 3F A7 C9 6F 29 00 00 19 ....KS..?..o)...
08[IKE] 304: 04 95 E0 B8 F0 CF DF 6A 3C 9B 39 45 57 78 1C 41 .......j<.9EWx.A
08[IKE] 320: 45 12 B0 33 6F 00 00 00 08 00 00 40 14 DC F1 C9 E..3o...... at ....
08[IKE] 336: 0B 76 F5 BC EE AE C1 F8 AA 0C 98 7D 12 63 D9 9D .v.........}.c..
08[IKE] 352: 9C 9C 6F 83 98 8F 09 C1 4B A3 09 AB 3E 81 F3 F4 ..o.....K...>...
08[IKE] 368: AC 5E 08 F5 00 BA 56 CE 4B A8 7C F1 6E D3 3F 98 .^....V.K.|.n.?.
08[IKE] 384: 6B FC FD 76 3A 04 A1 49 9C A6 76 A5 67 05 7B 10 k..v:..I..v.g.{.
08[IKE] 400: DA .
08[LIB] hash input userx => 401 bytes @ 0x8094bf0
08[LIB] 0: D9 01 E7 46 94 21 C2 A0 6C 04 BF 5D 6C D7 6A 58 ...F.!..l..]l.jX
08[LIB] 16: 21 20 22 20 00 00 00 00 00 00 01 4D 22 00 00 2C ! " .......M"..,
08[LIB] 32: 00 00 00 28 01 01 00 04 03 00 00 08 01 00 00 03 ...(............
08[LIB] 48: 03 00 00 08 03 00 00 02 03 00 00 08 02 00 00 02 ................
08[LIB] 64: 00 00 00 08 04 00 00 02 28 00 00 88 00 02 00 00 ........(.......
08[LIB] 80: 55 80 FB 1E 23 0E 26 05 D4 49 BF AD FC 33 BF EE U...#.&..I...3..
08[LIB] 96: 5D B8 70 87 02 52 5E EB F9 F9 D9 16 8A F1 C0 78 ].p..R^........x
08[LIB] 112: EF AE D9 05 DC 99 1A 31 5F 23 FF 3B 1D 18 BD 11 .......1_#.;....
08[LIB] 128: 03 A0 A3 37 67 74 E1 7B A5 77 AB B9 85 B1 51 66 ...7gt.{.w....Qf
08[LIB] 144: FF BF 91 24 2B AE DD 0F 9B 7C B5 19 C3 BF 46 9E ...$+....|....F.
08[LIB] 160: F3 D0 61 99 80 21 F6 11 37 BC 1F 21 3E 15 B7 7A ..a..!..7..!>..z
08[LIB] 176: 78 6D 2A 5C 17 1D 11 CC 5E 93 4B FC 89 68 8F 3D xm*\....^.K..h.=
08[LIB] 192: 87 4F F1 CE 5F A0 10 36 C1 3C A6 F9 AA 2A 16 BF .O.._..6.<...*..
08[LIB] 208: 29 00 00 24 5C 08 D8 FE 5E 41 52 3C D7 9D E8 B6 )..$\...^AR<....
08[LIB] 224: A9 1B 0D 3D 18 73 AD 9E E5 B9 8A 4E DD 29 4B C1 ...=.s.....N.)K.
08[LIB] 240: 6A E7 09 CB 29 00 00 1C 00 00 40 04 B2 C8 DE 93 j...)..... at .....
08[LIB] 256: F7 FF 27 7F 08 7D D9 EC 2B FF 45 F5 E6 CE CC F1 ..'..}..+.E.....
08[LIB] 272: 26 00 00 1C 00 00 40 05 04 48 90 7E 30 49 96 D6 &..... at ..H.~0I<mailto:&..... at ..H.~0I>..
08[LIB] 288: A8 A0 92 C5 4B 53 9F 9A 3F A7 C9 6F 29 00 00 19 ....KS..?..o)...
08[LIB] 304: 04 95 E0 B8 F0 CF DF 6A 3C 9B 39 45 57 78 1C 41 .......j<.9EWx.A
08[LIB] 320: 45 12 B0 33 6F 00 00 00 08 00 00 40 14 DC F1 C9 E..3o...... at ....
08[LIB] 336: 0B 76 F5 BC EE AE C1 F8 AA 0C 98 7D 12 63 D9 9D .v.........}.c..
08[LIB] 352: 9C 9C 6F 83 98 8F 09 C1 4B A3 09 AB 3E 81 F3 F4 ..o.....K...>...
08[LIB] 368: AC 5E 08 F5 00 BA 56 CE 4B A8 7C F1 6E D3 3F 98 .^....V.K.|.n.?.
08[LIB] 384: 6B FC FD 76 3A 04 A1 49 9C A6 76 A5 67 05 7B 10 k..v:..I..v.g.{.
08[LIB] 400: DA .
08[LIB] hash output userx => 20 bytes @ 0x8094910
08[LIB] 0: AA D2 BE E2 93 82 36 43 12 A3 25 79 23 D8 93 B4 ......6C..%y#...
08[LIB] 16: 4F 0E FE F1 O...
08[IKE] authentication of 'C=DE, ST=Bavaria, O=Siemens, OU=andere, CN=ikeclient' (myself) with RSA signature successful
08[ENC] generating IKE_AUTH response 1 [ IDr AUTH EAP ]
08[NET] sending packet: from 192.168.10.90[4500] to 192.168.10.12[4500]
09[JOB] deleting half open IKE_SA after timeout
10[LIB] hash input userx => 528 bytes @ 0x8094758
10[LIB] 0: 4C E4 6B 7C 95 CB F8 42 00 00 00 00 00 00 00 00 L.k|...B........
10[LIB] 16: 21 20 22 08 00 00 00 00 00 00 02 10 22 00 01 00 ! "........."...
10[LIB] 32: 02 00 00 28 01 01 00 04 03 00 00 08 01 00 00 03 ...(............
10[LIB] 48: 03 00 00 08 03 00 00 02 03 00 00 08 02 00 00 02 ................
10[LIB] 64: 00 00 00 08 04 00 00 02 02 00 00 2C 02 01 00 04 ...........,....
10[LIB] 80: 03 00 00 0C 01 00 00 0C 80 0E 01 00 03 00 00 08 ................
10[LIB] 96: 03 00 00 02 03 00 00 08 02 00 00 02 00 00 00 08 ................
10[LIB] 112: 04 00 00 02 02 00 00 28 03 01 00 04 03 00 00 08 .......(........
10[LIB] 128: 01 00 00 03 03 00 00 08 03 00 00 0C 03 00 00 08 ................
10[LIB] 144: 02 00 00 05 00 00 00 08 04 00 00 02 02 00 00 2C ...............,
10[LIB] 160: 04 01 00 04 03 00 00 0C 01 00 00 0C 80 0E 01 00 ................
10[LIB] 176: 03 00 00 08 03 00 00 0C 03 00 00 08 02 00 00 05 ................
10[LIB] 192: 00 00 00 08 04 00 00 02 02 00 00 28 05 01 00 04 ...........(....
10[LIB] 208: 03 00 00 08 01 00 00 03 03 00 00 08 03 00 00 0D ................
10[LIB] 224: 03 00 00 08 02 00 00 06 00 00 00 08 04 00 00 02 ................
10[LIB] 240: 00 00 00 2C 06 01 00 04 03 00 00 0C 01 00 00 0C ...,............
10[LIB] 256: 80 0E 01 00 03 00 00 08 03 00 00 0D 03 00 00 08 ................
10[LIB] 272: 02 00 00 06 00 00 00 08 04 00 00 02 28 00 00 88 ............(...
10[LIB] 288: 00 02 00 00 E5 C2 8C 18 32 F5 46 2E 8C 58 3B 47 ........2.F..X;G
10[LIB] 304: 7A FB 66 9F 66 24 0F B2 1E F9 3E 16 E9 D6 0F 92 z.f.f$....>.....
10[LIB] 320: 59 08 A7 F3 1C 98 83 23 74 FC 38 6D 80 D7 42 21 Y......#t.8m..B!
10[LIB] 336: 80 65 32 1A 34 E0 74 D7 BC 81 75 0F 6F BF 09 A2 .e2.4.t...u.o...
10[LIB] 352: 7A CF CA 36 49 1A 92 B9 AD F7 17 91 41 49 ED A5 z..6I.......AI..
10[LIB] 368: 5B D8 28 5F 8A B9 2B 4E 50 42 17 B5 5E 1C 2F 9A [.(_..+NPB..^./.
10[LIB] 384: 65 4A 5F 84 27 89 BA 26 EA C1 3C F4 EA 4F 5E E3 eJ_.'..&..<..O^.
10[LIB] 400: 54 33 4F 18 4F 55 FB D0 0F 05 81 FF 07 37 30 4A T3O.OU.......70J
10[LIB] 416: 77 05 0C 5D 29 00 00 34 79 2A 3D E5 DD 92 93 63 w..])..4y*=....c
10[LIB] 432: D7 DA 5B 3F 9E AB 2C C3 66 16 35 F9 50 1F 21 46 ..[?..,.f.5.P.!F
10[LIB] 448: C1 F4 D1 49 E2 F1 A2 A0 2A E0 C2 48 BD BA B6 9D ...I....*..H....
10[LIB] 464: 31 86 35 59 3F B8 DD E1 29 00 00 1C 00 00 40 04 1.5Y?...)..... at .
10[LIB] 480: F2 F9 3A 5C F5 F4 0B A4 0C A2 48 DD D9 DF C7 47 ..:\......H....G
10[LIB] 496: 68 FA B6 AF 00 00 00 1C 00 00 40 05 26 2A C5 23 h......... at .&*.#
10[LIB] 512: 54 29 1D 7B E2 AA ED E9 7A 61 EF 9C 0C DD 9C 8B T).{....za......
10[LIB] hash output userx => 20 bytes @ 0x8092030
10[LIB] 0: 32 95 AD B7 B0 27 FC D2 29 C4 D4 34 3C BD 47 63 2....'..)..4<.Gc
10[LIB] 16: F5 C0 D7 C1 ....
10[LIB] userx encoded => 0 bytes @ (nil)
10[LIB] userx encoded => 0 bytes @ (nil)
10[NET] received packet: from 192.168.10.12[500] to 192.168.10.90[500]
10[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
10[IKE] 192.168.10.12 is initiating an IKE_SA
10[LIB] hash input userx => 22 bytes @ 0x8096fb0
10[LIB] 0: 4C E4 6B 7C 95 CB F8 42 00 00 00 00 00 00 00 00 L.k|...B........
10[LIB] 16: C0 A8 0A 5A 01 F4 ...Z..
10[LIB] hash output userx => 20 bytes @ 0x80960b0
10[LIB] 0: 26 2A C5 23 54 29 1D 7B E2 AA ED E9 7A 61 EF 9C &*.#T).{....za..
10[LIB] 16: 0C DD 9C 8B ....
10[LIB] hash input userx => 22 bytes @ 0x8096fb0
10[LIB] 0: 4C E4 6B 7C 95 CB F8 42 00 00 00 00 00 00 00 00 L.k|...B........
10[LIB] 16: C0 A8 0A 0C 01 F4 ......
10[LIB] hash output userx => 20 bytes @ 0x8093930
10[LIB] 0: F2 F9 3A 5C F5 F4 0B A4 0C A2 48 DD D9 DF C7 47 ..:\......H....G
10[LIB] 16: 68 FA B6 AF h...
10[LIB] hash input userx => 22 bytes @ 0x80968d8
10[LIB] 0: 4C E4 6B 7C 95 CB F8 42 28 3A FD 97 FD F1 8F 70 L.k|...B(:.....p
10[LIB] 16: C0 A8 0A 5A 01 F4 ...Z..
10[LIB] hash output userx => 20 bytes @ 0x8093930
10[LIB] 0: 31 3C FC CB 39 37 65 AF 84 AC B2 EF C4 BE EE A3 1<..97e.........
10[LIB] 16: CA 45 F6 BE .E..
10[LIB] hash input userx => 22 bytes @ 0x80968d8
10[LIB] 0: 4C E4 6B 7C 95 CB F8 42 28 3A FD 97 FD F1 8F 70 L.k|...B(:.....p
10[LIB] 16: C0 A8 0A 0C 01 F4 ......
10[LIB] hash output userx => 20 bytes @ 0x8093930
10[LIB] 0: 1D 62 E3 2E 89 88 91 BF 23 B4 4C 98 78 31 C0 3A .b......#.L.x1.:
10[LIB] 16: D0 80 42 98 ..B.
10[IKE] sending cert request for "O=Siemens, OU=ATS, L=Nuremberg, ST=Bavaria, C=DE, CN=ikeca"
10[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
10[NET] sending packet: from 192.168.10.90[500] to 192.168.10.12[500]
11[NET] received packet: from 192.168.10.12[4500] to 192.168.10.90[4500]
11[ENC] data before decryption => 296 bytes @ 0x8095f38
11[ENC] 0: B4 C0 4F 27 0E 20 C8 39 4C 82 40 44 3F 9E 97 8D ..O'. .9L. at D<mailto:.9L. at D>?...
11[ENC] 16: 72 35 02 66 1B E7 46 24 46 99 EC FE 65 86 E9 31 r5.f..F$F...e..1
11[ENC] 32: F4 CF 73 A6 4C 53 1E B2 57 DE A2 5D 01 3A 22 BF ..s.LS..W..].:".
11[ENC] 48: 0E 73 97 0D C0 10 EA A0 42 07 3F 22 F8 86 D5 21 .s......B.?"...!
11[ENC] 64: 28 A1 41 C5 23 60 E1 F7 F9 B1 A1 12 F6 D3 01 CB (.A.#`..........
11[ENC] 80: 54 86 9B 4F 0D 0D 0D 0C 1D 76 A9 3B 74 2C 95 AF T..O.....v.;t,..
11[ENC] 96: F9 BB 0A 65 71 DA 94 CD 64 6E 0D BA 4B EA 52 64 ...eq...dn..K.Rd
11[ENC] 112: DA 65 AF BA B1 67 87 51 5D F9 BB 65 D9 7C 91 8E .e...g.Q]..e.|..
11[ENC] 128: 29 97 8E 88 C9 7D EC 2E E4 8D 5B 81 BD BF 13 D9 )....}....[.....
11[ENC] 144: 45 D9 86 77 AE 47 D1 08 4D B5 4C 20 0C E2 0C DD E..w.G..M.L ....
11[ENC] 160: 56 DC 38 BD 19 6C E3 54 6C 99 B3 09 24 31 AD 14 V.8..l.Tl...$1..
11[ENC] 176: E1 C6 B8 D3 87 52 15 8D E6 C9 70 41 EE 10 11 7C .....R....pA...|
11[ENC] 192: A6 27 AD 22 D3 15 4B C5 A4 10 CA 2D 9C 22 8A D9 .'."..K....-."..
11[ENC] 208: 1A D4 0F D5 B9 49 46 93 FA 32 BE 50 32 54 51 B5 .....IF..2.P2TQ.
11[ENC] 224: C4 40 95 74 AA 38 E7 A9 8F DF E1 27 3B 65 04 E3 . at .t.8.....';e<mailto:. at .t.8.....';e>..
11[ENC] 240: 1F E6 8E CF F3 B8 00 7E 18 26 DF 3D 7C 34 55 CB .......~.&.=|4U.
11[ENC] 256: 4E CF 7B 3A 60 0D 9B FF E9 5D 01 33 CB C0 60 4E N.{:`....].3..`N
11[ENC] 272: 7E CD 02 04 51 B2 09 0E 3E 69 62 34 A0 8C 07 46 ~...Q...>ib4...F
11[ENC] 288: B6 09 FA F5 C0 7C 9F E2 .....|..
11[ENC] data after decryption with padding => 296 bytes @ 0x80944b0
11[ENC] 0: 26 00 00 0C 01 00 00 00 C0 A8 0A 0C 29 00 00 19 &...........)...
11[ENC] 16: 04 95 E0 B8 F0 CF DF 6A 3C 9B 39 45 57 78 1C 41 .......j<.9EWx.A
11[ENC] 32: 45 12 B0 33 6F 2F 00 00 08 00 00 40 0C 21 00 00 E..3o/..... at .!..
11[ENC] 48: 28 01 00 00 00 00 01 00 04 C0 A8 03 09 00 03 00 (...............
11[ENC] 64: 00 00 04 00 00 5B A0 00 00 00 08 00 00 00 0A 00 .....[..........
11[ENC] 80: 00 5B A1 00 00 2C 00 00 50 02 00 00 28 01 03 04 .[...,..P...(...
11[ENC] 96: 03 77 4A 33 0F 03 00 00 0C 01 00 00 0C 80 0E 01 .wJ3............
11[ENC] 112: 00 03 00 00 08 03 00 00 02 00 00 00 08 05 00 00 ................
11[ENC] 128: 00 00 00 00 24 02 03 04 03 77 4A 33 0F 03 00 00 ....$....wJ3....
11[ENC] 144: 08 01 00 00 03 03 00 00 08 03 00 00 02 00 00 00 ................
11[ENC] 160: 08 05 00 00 00 2D 00 00 40 02 00 00 00 08 00 00 .....-.. at .......
11[ENC] 176: 28 00 00 FF FF 00 00 00 00 00 00 00 00 00 00 00 (...............
11[ENC] 192: 00 00 00 00 00 FF FF FF FF FF FF FF FF FF FF FF ................
11[ENC] 208: FF FF FF FF FF 07 00 00 10 00 00 FF FF 00 00 00 ................
11[ENC] 224: 00 FF FF FF FF 00 00 00 40 02 00 00 00 08 00 00 ........ at .......
11[ENC] 240: 28 00 00 FF FF 00 00 00 00 00 00 00 00 00 00 00 (...............
11[ENC] 256: 00 00 00 00 00 FF FF FF FF FF FF FF FF FF FF FF ................
11[ENC] 272: FF FF FF FF FF 07 00 00 10 00 00 FF FF 00 00 00 ................
11[ENC] 288: 00 FF FF FF FF 00 00 02 ........
11[ENC] unknown attribute type INTERNAL_IP4_SERVER
11[ENC] unknown attribute type INTERNAL_IP6_SERVER
11[ENC] parsed IKE_AUTH request 1 [ IDi CERTREQ N(MOBIKE_SUP) CP SA TSi TSr ]
11[LIB] userx encoded => 20 bytes @ 0x8096f98
11[LIB] 0: 95 E0 B8 F0 CF DF 6A 3C 9B 39 45 57 78 1C 41 45 ......j<.9EWx.AE
11[LIB] 16: 12 B0 33 6F ..3o
11[IKE] received cert request for "O=Siemens, OU=ATS, L=Nuremberg, ST=Bavaria, C=DE, CN=ikeca"
11[LIB] userx encoded => 0 bytes @ (nil)
11[LIB] userx encoded => 4 bytes @ 0x808ebb0
11[LIB] 0: C0 A8 0A 0C ....
11[CFG] looking for peer configs matching 192.168.10.90[%any]...192.168.10.12[192.168.10.12]
11[CFG] selected peer config 'host-host'
11[IKE] initiating EAP-Identity request
11[IKE] peer supports MOBIKE
11[IKE] IDx' => 92 bytes @ 0xb3556100
11[IKE] 0: 09 00 00 00 30 56 31 0B 30 09 06 03 55 04 06 13 ....0V1.0...U...
11[IKE] 16: 02 44 45 31 10 30 0E 06 03 55 04 08 13 07 42 61 .DE1.0...U....Ba
11[IKE] 32: 76 61 72 69 61 31 10 30 0E 06 03 55 04 0A 13 07 varia1.0...U....
11[IKE] 48: 53 69 65 6D 65 6E 73 31 0F 30 0D 06 03 55 04 0B Siemens1.0...U..
11[IKE] 64: 13 06 61 6E 64 65 72 65 31 12 30 10 06 03 55 04 ..andere1.0...U.
11[IKE] 80: 03 13 09 69 6B 65 63 6C 69 65 6E 74 ...ikeclient
11[IKE] skp' => 20 bytes @ 0x8096bc0
11[IKE] 0: 5A 23 09 B5 F6 57 6C 45 CD D1 80 13 A5 91 84 69 Z#...WlE.......i
11[IKE] 16: F2 DB 60 50 ..`P
11[IKE] octets = message + nonce + prf(Sk_px, IDx') => 401 bytes @ 0x8093138
11[IKE] 0: 4C E4 6B 7C 95 CB F8 42 28 3A FD 97 FD F1 8F 70 L.k|...B(:.....p
11[IKE] 16: 21 20 22 20 00 00 00 00 00 00 01 4D 22 00 00 2C ! " .......M"..,
11[IKE] 32: 00 00 00 28 01 01 00 04 03 00 00 08 01 00 00 03 ...(............
11[IKE] 48: 03 00 00 08 03 00 00 02 03 00 00 08 02 00 00 02 ................
11[IKE] 64: 00 00 00 08 04 00 00 02 28 00 00 88 00 02 00 00 ........(.......
11[IKE] 80: B9 E0 9C D3 40 E2 31 0F D8 C9 AB 94 97 36 56 B2 .... at .1......6V<mailto:.... at .1......6V>.
11[IKE] 96: 66 CE 98 11 3F 98 0C 15 EC DB BE FF 47 57 44 C9 f...?.......GWD.
11[IKE] 112: 21 6A 6C 99 9B 19 00 84 2C 5B 46 2C 7D B1 EA DA !jl.....,[F,}...
11[IKE] 128: 28 57 A5 33 3C B1 2E 56 D7 0F 36 0D 28 42 D3 98 (W.3<..V..6.(B..
11[IKE] 144: 2B 86 2B 2B EF A0 3A 16 12 53 06 72 C0 24 70 8C +.++..:..S.r.$p.
11[IKE] 160: 04 18 99 C0 9A BA D7 C2 CE 39 27 65 68 E1 FB
Any hints are welcome! Thanks in advance!
A vmware image with an working strongSwan configuration for IKEv2 + MSCHAPv2 (username/password) would also be useful!
Kind regards,
Sven Kerschbaum
Siemens AG
Industry Sector Industry Automation Division
mailto:sven.kerschbaum at siemens.com
<http://www.siemens.com/automation>http://www.siemens.com/automation
Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Gerhard Cromme
Managing Board: Peter Loescher, Chairman, President and Chief Executive Officer;
Wolfgang Dehen, Heinrich Hiesinger, Joe Kaeser, Barbara Kux, Hermann Requardt,
Siegfried Russwurm, Peter Y. Solmssen
Registered offices: Berlin and Munich;
Commercial registries: Berlin Charlottenburg, HRB 12300, Munich, HRB 6684
WEEE-Reg.-No. DE 23691322
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20100507/961269ff/attachment.html>
More information about the Users
mailing list