[strongSwan] Strongswan 4.4.0, Juniper ScreenOS, XAUTH, and RSA authentication failed
Fritz Stauffer
fstauffer at apo.nmsu.edu
Wed May 19 17:47:16 CEST 2010
I have this mostly working, except, Juniper's ScreenOS returns the INTERNAL_IP4_ADDRESS and INTERNAL_IP4_NETMASK in the XAUTH Status, which is unexpected and causes a failed XAUTH status. I saw another post mentioning a Juniper XAUTH problem, and the comment that it is different than the Cisco XAUTH protocol.
So, is there a work around, patch, configuration that I need to try?
Thank you,
-Fritz
Here's the ipsec.conf file:
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
plutodebug=all
#crlcheckinterval=180
strictcrlpolicy=no
charonstart=no
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
authby=xauthrsasig
xauth=client
conn home
left=192.41.211.219
leftid=Fritz.Stauffer.01
leftsourceip=%modeconfig
leftcert=frs.pem
rightcert=fw.pem
leftfirewall=yes
right=192.41.211.136
rightid=@vpn.apo.nmsu.edu
rightsubnet=10.80.1.0/24
auto=add
Here's the relevant part of the log showing the failure:
May 19 08:29:32 xmail2 pluto[18798]: | certificate is valid
May 19 08:29:32 xmail2 pluto[18798]: | authcert list locked by 'verify_x509cert'
May 19 08:29:32 xmail2 pluto[18798]: | issuer cacert found
May 19 08:29:32 xmail2 pluto[18798]: | signature verification:
May 19 08:29:32 xmail2 pluto[18798]: | L0 - digestInfo:
May 19 08:29:32 xmail2 pluto[18798]: | => 35 bytes @ 0x824e285
May 19 08:29:32 xmail2 pluto[18798]: | 0: 30 21 30 09 06 05 2B 0E 03 02 1A 05 00 04 14 42 0!0...+........B
May 19 08:29:32 xmail2 pluto[18798]: | 16: 03 BF DD 65 12 54 43 CF 95 DC 8B 20 A8 4D 5E 2B ...e.TC.... .M^+
May 19 08:29:32 xmail2 pluto[18798]: | 32: 3B 48 18 ;H.
May 19 08:29:32 xmail2 pluto[18798]: | L1 - digestAlgorithm:
May 19 08:29:32 xmail2 pluto[18798]: | L2 - algorithmIdentifier:
May 19 08:29:32 xmail2 pluto[18798]: | L3 - algorithm:
May 19 08:29:32 xmail2 pluto[18798]: | 'sha-1'
May 19 08:29:32 xmail2 pluto[18798]: | L1 - digest:
May 19 08:29:32 xmail2 pluto[18798]: | => 20 bytes @ 0x824e294
May 19 08:29:32 xmail2 pluto[18798]: | 0: 42 03 BF DD 65 12 54 43 CF 95 DC 8B 20 A8 4D 5E B...e.TC.... .M^
May 19 08:29:32 xmail2 pluto[18798]: | 16: 2B 3B 48 18 +;H.
May 19 08:29:32 xmail2 pluto[18798]: | certificate signature is valid
May 19 08:29:32 xmail2 pluto[18798]: | authcert list unlocked by 'verify_x509cert'
May 19 08:29:32 xmail2 pluto[18798]: | crl list locked by 'verify_by_crl'
May 19 08:29:32 xmail2 pluto[18798]: | crl list unlocked by 'verify_by_crl'
May 19 08:29:32 xmail2 pluto[18798]: "home" #1: crl not found
May 19 08:29:32 xmail2 pluto[18798]: "home" #1: certificate status unknown
May 19 08:29:32 xmail2 pluto[18798]: | subject: 'C=US, ST=New Mexico, L=Sunspot, O=ARC, OU=Apache Point Obs., CN=APO, E=workers at apo.nmsu.edu'
May 19 08:29:32 xmail2 pluto[18798]: | issuer: 'C=US, ST=New Mexico, L=Sunspot, O=ARC, OU=Apache Point Obs., CN=APO, E=workers at apo.nmsu.edu'
May 19 08:29:32 xmail2 pluto[18798]: | authkey: cb:cc:4d:07:47:1b:cc:91:a4:c4:c3:2b:32:87:6b:55:a7:4b:5b:fa
May 19 08:29:32 xmail2 pluto[18798]: | certificate is valid
May 19 08:29:32 xmail2 pluto[18798]: | authcert list locked by 'verify_x509cert'
May 19 08:29:32 xmail2 pluto[18798]: | issuer cacert found
May 19 08:29:32 xmail2 pluto[18798]: | certificate signature is valid
May 19 08:29:32 xmail2 pluto[18798]: | authcert list unlocked by 'verify_x509cert'
May 19 08:29:32 xmail2 pluto[18798]: | reached self-signed root ca with a path length of 0
May 19 08:29:32 xmail2 pluto[18798]: | Public key validated
May 19 08:29:32 xmail2 pluto[18798]: | unref key: 0x8248c38 0x8248f48 cnt 1 'O=APO, CN=0162092009004949, CN=rsa-key, CN=vpn.apo.nmsu.edu, CN=APO VPN Firewall'
May 19 08:29:32 xmail2 pluto[18798]: | ref key: 0x824bd58 0x824c020 cnt 0 'O=APO, CN=0162092009004949, CN=rsa-key, CN=vpn.apo.nmsu.edu, CN=APO VPN Firewall'
May 19 08:29:32 xmail2 pluto[18798]: | unref key: 0x8248c98 0x8248f48 cnt 1 'vpn.apo.nmsu.edu'
May 19 08:29:32 xmail2 pluto[18798]: | ref key: 0x824bdb8 0x824c020 cnt 0 'vpn.apo.nmsu.edu'
May 19 08:29:32 xmail2 pluto[18798]: | hashing 84 bytes of SA
May 19 08:29:32 xmail2 pluto[18798]: | XAUTHInitRSA check passed with keyid f0:d3:f7:21:e6:af:26:85:e6:c0:3f:ab:a7:61:1c:24:2c:ee:09:d3
May 19 08:29:32 xmail2 pluto[18798]: | ref key: 0x824bdb8 0x824c020 cnt 1 'vpn.apo.nmsu.edu'
May 19 08:29:32 xmail2 pluto[18798]: | authentication succeeded
May 19 08:29:32 xmail2 pluto[18798]: | peer CA: "C=US, ST=New Mexico, L=Sunspot, O=ARC, OU=Apache Point Obs., CN=APO, E=workers at apo.nmsu.edu"
May 19 08:29:32 xmail2 pluto[18798]: | required CA: "PoA"
May 19 08:29:32 xmail2 pluto[18798]: | inserting event EVENT_SA_REPLACE, timeout in 3269 seconds for #1
May 19 08:29:32 xmail2 pluto[18798]: "home" #1: ISAKMP SA established
May 19 08:29:32 xmail2 pluto[18798]: | waiting for XAUTH request from server
May 19 08:29:32 xmail2 pluto[18798]: | next event EVENT_SA_REPLACE in 3269 seconds for #1
May 19 08:29:35 xmail2 pluto[18798]: |
May 19 08:29:35 xmail2 pluto[18798]: | *received 76 bytes from 192.41.211.136:500 on eth0
May 19 08:29:35 xmail2 pluto[18798]: | 45 20 de 28 97 da 23 a6 16 51 67 e8 aa 09 15 af
May 19 08:29:35 xmail2 pluto[18798]: | 08 10 06 01 9f ce a9 68 00 00 00 4c d1 b5 c8 1d
May 19 08:29:35 xmail2 pluto[18798]: | 9d d1 d6 bb d6 c3 3e 10 85 ff 07 76 c4 d7 be 3e
May 19 08:29:35 xmail2 pluto[18798]: | c3 15 49 87 6a 72 47 da ff 93 1a 04 4c ce 96 2f
May 19 08:29:35 xmail2 pluto[18798]: | ca be e9 f7 48 95 a9 b0 01 f7 bf 46
May 19 08:29:35 xmail2 pluto[18798]: | **parse ISAKMP Message:
May 19 08:29:35 xmail2 pluto[18798]: | initiator cookie:
May 19 08:29:35 xmail2 pluto[18798]: | 45 20 de 28 97 da 23 a6
May 19 08:29:35 xmail2 pluto[18798]: | responder cookie:
May 19 08:29:35 xmail2 pluto[18798]: | 16 51 67 e8 aa 09 15 af
May 19 08:29:35 xmail2 pluto[18798]: | next payload type: ISAKMP_NEXT_HASH
May 19 08:29:35 xmail2 pluto[18798]: | ISAKMP version: ISAKMP Version 1.0
May 19 08:29:35 xmail2 pluto[18798]: | exchange type: ISAKMP_XCHG_MODE_CFG
May 19 08:29:35 xmail2 pluto[18798]: | flags: ISAKMP_FLAG_ENCRYPTION
May 19 08:29:35 xmail2 pluto[18798]: | message ID: 9f ce a9 68
May 19 08:29:35 xmail2 pluto[18798]: | length: 76
May 19 08:29:35 xmail2 pluto[18798]: | ICOOKIE: 45 20 de 28 97 da 23 a6
May 19 08:29:35 xmail2 pluto[18798]: | RCOOKIE: 16 51 67 e8 aa 09 15 af
May 19 08:29:35 xmail2 pluto[18798]: | peer: c0 29 d3 88
May 19 08:29:35 xmail2 pluto[18798]: | state hash entry 0
May 19 08:29:35 xmail2 pluto[18798]: | state object not found
May 19 08:29:35 xmail2 pluto[18798]: | ICOOKIE: 45 20 de 28 97 da 23 a6
May 19 08:29:35 xmail2 pluto[18798]: | RCOOKIE: 16 51 67 e8 aa 09 15 af
May 19 08:29:35 xmail2 pluto[18798]: | peer: c0 29 d3 88
May 19 08:29:35 xmail2 pluto[18798]: | state hash entry 0
May 19 08:29:35 xmail2 pluto[18798]: | state object #1 found, in STATE_MAIN_I4
May 19 08:29:35 xmail2 pluto[18798]: | last Phase 1 IV: 12 7f c7 5c 01 ef 67 63 a9 3b 92 d2 3f 6a f0 13
May 19 08:29:35 xmail2 pluto[18798]: | computed Phase 2 IV:
May 19 08:29:35 xmail2 pluto[18798]: | 77 60 73 29 2c 52 71 fc df 49 98 49 c0 05 e0 50
May 19 08:29:35 xmail2 pluto[18798]: | 81 0c 68 f6
May 19 08:29:35 xmail2 pluto[18798]: | received encrypted packet from 192.41.211.136:500
May 19 08:29:35 xmail2 pluto[18798]: | decrypting 48 bytes using algorithm AES_CBC
May 19 08:29:35 xmail2 pluto[18798]: | decrypted:
May 19 08:29:35 xmail2 pluto[18798]: | 0e 00 00 18 12 dc 30 6d d1 33 e1 48 17 42 1e e5
May 19 08:29:35 xmail2 pluto[18798]: | 2e 57 5b 71 d5 89 ba 6b 00 00 00 14 01 00 29 bb
May 19 08:29:35 xmail2 pluto[18798]: | c0 88 00 00 40 89 00 00 40 8a 00 00 00 00 00 00
May 19 08:29:35 xmail2 pluto[18798]: | next IV: 4c ce 96 2f ca be e9 f7 48 95 a9 b0 01 f7 bf 46
May 19 08:29:35 xmail2 pluto[18798]: | ***parse ISAKMP Hash Payload:
May 19 08:29:35 xmail2 pluto[18798]: | next payload type: ISAKMP_NEXT_MODECFG
May 19 08:29:35 xmail2 pluto[18798]: | length: 24
May 19 08:29:35 xmail2 pluto[18798]: | ***parse ISAKMP Mode Attribute:
May 19 08:29:35 xmail2 pluto[18798]: | next payload type: ISAKMP_NEXT_NONE
May 19 08:29:35 xmail2 pluto[18798]: | length: 20
May 19 08:29:35 xmail2 pluto[18798]: | Attr Msg Type: ISAKMP_CFG_REQUEST
May 19 08:29:35 xmail2 pluto[18798]: | Identifier: 10683
May 19 08:29:35 xmail2 pluto[18798]: | removing 4 bytes of padding
May 19 08:29:35 xmail2 pluto[18798]: | **emit ISAKMP Message:
May 19 08:29:35 xmail2 pluto[18798]: | initiator cookie:
May 19 08:29:35 xmail2 pluto[18798]: | 45 20 de 28 97 da 23 a6
May 19 08:29:35 xmail2 pluto[18798]: | responder cookie:
May 19 08:29:35 xmail2 pluto[18798]: | 16 51 67 e8 aa 09 15 af
May 19 08:29:35 xmail2 pluto[18798]: | next payload type: ISAKMP_NEXT_HASH
May 19 08:29:35 xmail2 pluto[18798]: | ISAKMP version: ISAKMP Version 1.0
May 19 08:29:35 xmail2 pluto[18798]: | exchange type: ISAKMP_XCHG_MODE_CFG
May 19 08:29:35 xmail2 pluto[18798]: | flags: ISAKMP_FLAG_ENCRYPTION
May 19 08:29:35 xmail2 pluto[18798]: | message ID: 9f ce a9 68
May 19 08:29:35 xmail2 pluto[18798]: "home" #1: parsing XAUTH request
May 19 08:29:35 xmail2 pluto[18798]: | ModeCfg HASH computed:
May 19 08:29:35 xmail2 pluto[18798]: | 12 dc 30 6d d1 33 e1 48 17 42 1e e5 2e 57 5b 71
May 19 08:29:35 xmail2 pluto[18798]: | d5 89 ba 6b
May 19 08:29:35 xmail2 pluto[18798]: | ****parse ISAKMP ModeCfg attribute:
May 19 08:29:35 xmail2 pluto[18798]: | ModeCfg attr type: XAUTH_TYPE
May 19 08:29:35 xmail2 pluto[18798]: | length/value: 0
May 19 08:29:35 xmail2 pluto[18798]: | ****parse ISAKMP ModeCfg attribute:
May 19 08:29:35 xmail2 pluto[18798]: | ModeCfg attr type: XAUTH_USER_NAME
May 19 08:29:35 xmail2 pluto[18798]: | length/value: 0
May 19 08:29:35 xmail2 pluto[18798]: | ****parse ISAKMP ModeCfg attribute:
May 19 08:29:35 xmail2 pluto[18798]: | ModeCfg attr type: XAUTH_USER_PASSWORD
May 19 08:29:35 xmail2 pluto[18798]: | length/value: 0
May 19 08:29:35 xmail2 pluto[18798]: | my xauth user name is '35m.xauth'
May 19 08:29:35 xmail2 pluto[18798]: "home" #1: sending XAUTH reply
May 19 08:29:35 xmail2 pluto[18798]: | ***emit ISAKMP Hash Payload:
May 19 08:29:35 xmail2 pluto[18798]: | next payload type: ISAKMP_NEXT_MODECFG
May 19 08:29:35 xmail2 pluto[18798]: | emitting 20 zero bytes of HASH into ISAKMP Hash Payload
May 19 08:29:35 xmail2 pluto[18798]: | emitting length of ISAKMP Hash Payload: 24
May 19 08:29:35 xmail2 pluto[18798]: | ***emit ISAKMP Mode Attribute:
May 19 08:29:35 xmail2 pluto[18798]: | next payload type: ISAKMP_NEXT_NONE
May 19 08:29:35 xmail2 pluto[18798]: | Attr Msg Type: ISAKMP_CFG_REPLY
May 19 08:29:35 xmail2 pluto[18798]: | Identifier: 10683
May 19 08:29:35 xmail2 pluto[18798]: | ****emit ISAKMP ModeCfg attribute:
May 19 08:29:35 xmail2 pluto[18798]: | ModeCfg attr type: XAUTH_TYPE
May 19 08:29:35 xmail2 pluto[18798]: | length/value: 0
May 19 08:29:35 xmail2 pluto[18798]: | ****emit ISAKMP ModeCfg attribute:
May 19 08:29:35 xmail2 pluto[18798]: | ModeCfg attr type: XAUTH_USER_NAME
May 19 08:29:35 xmail2 pluto[18798]: | emitting 9 raw bytes of xauth_user_name into ISAKMP ModeCfg attribute
May 19 08:29:35 xmail2 pluto[18798]: | xauth_user_name 33 35 6d 2e 78 61 75 74 68
May 19 08:29:35 xmail2 pluto[18798]: | emitting length of ISAKMP ModeCfg attribute: 9
May 19 08:29:35 xmail2 pluto[18798]: | ****emit ISAKMP ModeCfg attribute:
May 19 08:29:35 xmail2 pluto[18798]: | ModeCfg attr type: XAUTH_USER_PASSWORD
May 19 08:29:35 xmail2 pluto[18798]: | emitting 6 raw bytes of xauth_user_password into ISAKMP ModeCfg attribute
May 19 08:29:35 xmail2 pluto[18798]: | xauth_user_password 66 6f 65 6e 69 78
May 19 08:29:35 xmail2 pluto[18798]: | emitting length of ISAKMP ModeCfg attribute: 6
May 19 08:29:35 xmail2 pluto[18798]: | emitting 1 zero bytes of message padding into ISAKMP Mode Attribute
May 19 08:29:35 xmail2 pluto[18798]: | emitting length of ISAKMP Mode Attribute: 36
May 19 08:29:35 xmail2 pluto[18798]: | ModeCfg HASH computed:
May 19 08:29:35 xmail2 pluto[18798]: | 99 3a 07 a9 a1 2d e2 ca 3e 4e 33 20 7d c2 ca 77
May 19 08:29:35 xmail2 pluto[18798]: | aa 23 97 6b
May 19 08:29:35 xmail2 pluto[18798]: | emitting length of ISAKMP Message: 88
May 19 08:29:35 xmail2 pluto[18798]: | encrypting:
May 19 08:29:35 xmail2 pluto[18798]: | 0e 00 00 18 99 3a 07 a9 a1 2d e2 ca 3e 4e 33 20
May 19 08:29:35 xmail2 pluto[18798]: | 7d c2 ca 77 aa 23 97 6b 00 00 00 24 02 00 29 bb
May 19 08:29:35 xmail2 pluto[18798]: | c0 88 00 00 40 89 00 09 33 35 6d 2e 78 61 75 74
May 19 08:29:35 xmail2 pluto[18798]: | 68 40 8a 00 06 66 6f 65 6e 69 78 00
May 19 08:29:35 xmail2 pluto[18798]: | emitting 4 zero bytes of encryption padding into ISAKMP Message
May 19 08:29:35 xmail2 pluto[18798]: | encrypting using AES_CBC
May 19 08:29:35 xmail2 pluto[18798]: | next IV: d5 3e f3 a7 61 ce 18 c6 de 0d 79 24 00 b4 c2 ef
May 19 08:29:35 xmail2 pluto[18798]: | emitting length of ISAKMP Message: 92
May 19 08:29:35 xmail2 pluto[18798]: | sending 92 bytes for STATE_XAUTH_I0 through eth0 to 192.41.211.136:500:
May 19 08:29:35 xmail2 pluto[18798]: | 45 20 de 28 97 da 23 a6 16 51 67 e8 aa 09 15 af
May 19 08:29:35 xmail2 pluto[18798]: | 08 10 06 01 9f ce a9 68 00 00 00 5c d7 81 21 46
May 19 08:29:35 xmail2 pluto[18798]: | 08 26 94 12 9d 94 a2 09 b7 7c 15 83 d8 25 af eb
May 19 08:29:35 xmail2 pluto[18798]: | ed eb f4 14 95 93 64 ed 42 6b 45 a0 d8 6f 33 f0
May 19 08:29:35 xmail2 pluto[18798]: | 5c ab 23 2b a2 50 71 9f 21 75 34 57 d5 3e f3 a7
May 19 08:29:35 xmail2 pluto[18798]: | 61 ce 18 c6 de 0d 79 24 00 b4 c2 ef
May 19 08:29:35 xmail2 pluto[18798]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
May 19 08:29:35 xmail2 pluto[18798]: | next event EVENT_RETRANSMIT in 10 seconds for #1
May 19 08:29:35 xmail2 pluto[18798]: |
May 19 08:29:35 xmail2 pluto[18798]: | *received 92 bytes from 192.41.211.136:500 on eth0
May 19 08:29:35 xmail2 pluto[18798]: | 45 20 de 28 97 da 23 a6 16 51 67 e8 aa 09 15 af
May 19 08:29:35 xmail2 pluto[18798]: | 08 10 06 01 97 a0 26 71 00 00 00 5c a6 04 fc 51
May 19 08:29:35 xmail2 pluto[18798]: | cb 2e 66 26 0a 9f 86 0e 09 10 17 c0 2f ad db 8f
May 19 08:29:35 xmail2 pluto[18798]: | cb ae a7 3b 01 1c 90 c5 98 cb 93 7b 12 3f 83 23
May 19 08:29:35 xmail2 pluto[18798]: | 62 ba 9f 2d 13 0e 07 44 2a 48 b4 d1 90 db eb 7e
May 19 08:29:35 xmail2 pluto[18798]: | 7a 00 1c 6e 46 21 31 b5 c8 a6 7e 3c
May 19 08:29:35 xmail2 pluto[18798]: | **parse ISAKMP Message:
May 19 08:29:35 xmail2 pluto[18798]: | initiator cookie:
May 19 08:29:35 xmail2 pluto[18798]: | 45 20 de 28 97 da 23 a6
May 19 08:29:35 xmail2 pluto[18798]: | responder cookie:
May 19 08:29:35 xmail2 pluto[18798]: | 16 51 67 e8 aa 09 15 af
May 19 08:29:35 xmail2 pluto[18798]: | next payload type: ISAKMP_NEXT_HASH
May 19 08:29:35 xmail2 pluto[18798]: | ISAKMP version: ISAKMP Version 1.0
May 19 08:29:35 xmail2 pluto[18798]: | exchange type: ISAKMP_XCHG_MODE_CFG
May 19 08:29:35 xmail2 pluto[18798]: | flags: ISAKMP_FLAG_ENCRYPTION
May 19 08:29:35 xmail2 pluto[18798]: | message ID: 97 a0 26 71
May 19 08:29:35 xmail2 pluto[18798]: | length: 92
May 19 08:29:35 xmail2 pluto[18798]: | ICOOKIE: 45 20 de 28 97 da 23 a6
May 19 08:29:35 xmail2 pluto[18798]: | RCOOKIE: 16 51 67 e8 aa 09 15 af
May 19 08:29:35 xmail2 pluto[18798]: | peer: c0 29 d3 88
May 19 08:29:35 xmail2 pluto[18798]: | state hash entry 0
May 19 08:29:35 xmail2 pluto[18798]: | state object not found
May 19 08:29:35 xmail2 pluto[18798]: | ICOOKIE: 45 20 de 28 97 da 23 a6
May 19 08:29:35 xmail2 pluto[18798]: | RCOOKIE: 16 51 67 e8 aa 09 15 af
May 19 08:29:35 xmail2 pluto[18798]: | peer: c0 29 d3 88
May 19 08:29:35 xmail2 pluto[18798]: | state hash entry 0
May 19 08:29:35 xmail2 pluto[18798]: | state object #1 found, in STATE_XAUTH_I1
May 19 08:29:35 xmail2 pluto[18798]: | last Phase 1 IV: 12 7f c7 5c 01 ef 67 63 a9 3b 92 d2 3f 6a f0 13
May 19 08:29:35 xmail2 pluto[18798]: | computed Phase 2 IV:
May 19 08:29:35 xmail2 pluto[18798]: | 5b d2 9b f2 d0 09 c7 a8 da a5 4e 7f 57 66 16 01
May 19 08:29:35 xmail2 pluto[18798]: | 39 82 be 04
May 19 08:29:35 xmail2 pluto[18798]: | received encrypted packet from 192.41.211.136:500
May 19 08:29:35 xmail2 pluto[18798]: | decrypting 64 bytes using algorithm AES_CBC
May 19 08:29:35 xmail2 pluto[18798]: | decrypted:
May 19 08:29:35 xmail2 pluto[18798]: | 0e 00 00 18 99 32 eb e4 e8 b2 21 af 96 45 8a 62
May 19 08:29:35 xmail2 pluto[18798]: | b3 cc 23 bf 74 cf 9c b5 00 00 00 18 03 00 29 bb
May 19 08:29:35 xmail2 pluto[18798]: | 00 01 00 04 c0 a8 fe 01 00 02 00 04 ff ff ff ff
May 19 08:29:35 xmail2 pluto[18798]: | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
May 19 08:29:35 xmail2 pluto[18798]: | next IV: 90 db eb 7e 7a 00 1c 6e 46 21 31 b5 c8 a6 7e 3c
May 19 08:29:35 xmail2 pluto[18798]: | ***parse ISAKMP Hash Payload:
May 19 08:29:35 xmail2 pluto[18798]: | next payload type: ISAKMP_NEXT_MODECFG
May 19 08:29:35 xmail2 pluto[18798]: | length: 24
May 19 08:29:35 xmail2 pluto[18798]: | ***parse ISAKMP Mode Attribute:
May 19 08:29:35 xmail2 pluto[18798]: | next payload type: ISAKMP_NEXT_NONE
May 19 08:29:35 xmail2 pluto[18798]: | length: 24
May 19 08:29:35 xmail2 pluto[18798]: | Attr Msg Type: ISAKMP_CFG_SET
May 19 08:29:35 xmail2 pluto[18798]: | Identifier: 10683
May 19 08:29:35 xmail2 pluto[18798]: | removing 16 bytes of padding
May 19 08:29:35 xmail2 pluto[18798]: | **emit ISAKMP Message:
May 19 08:29:35 xmail2 pluto[18798]: | initiator cookie:
May 19 08:29:35 xmail2 pluto[18798]: | 45 20 de 28 97 da 23 a6
May 19 08:29:35 xmail2 pluto[18798]: | responder cookie:
May 19 08:29:35 xmail2 pluto[18798]: | 16 51 67 e8 aa 09 15 af
May 19 08:29:35 xmail2 pluto[18798]: | next payload type: ISAKMP_NEXT_HASH
May 19 08:29:35 xmail2 pluto[18798]: | ISAKMP version: ISAKMP Version 1.0
May 19 08:29:35 xmail2 pluto[18798]: | exchange type: ISAKMP_XCHG_MODE_CFG
May 19 08:29:35 xmail2 pluto[18798]: | flags: ISAKMP_FLAG_ENCRYPTION
May 19 08:29:35 xmail2 pluto[18798]: | message ID: 97 a0 26 71
May 19 08:29:35 xmail2 pluto[18798]: "home" #1: parsing XAUTH status
May 19 08:29:35 xmail2 pluto[18798]: | ModeCfg HASH computed:
May 19 08:29:35 xmail2 pluto[18798]: | 99 32 eb e4 e8 b2 21 af 96 45 8a 62 b3 cc 23 bf
May 19 08:29:35 xmail2 pluto[18798]: | 74 cf 9c b5
May 19 08:29:35 xmail2 pluto[18798]: | ****parse ISAKMP ModeCfg attribute:
May 19 08:29:35 xmail2 pluto[18798]: | ModeCfg attr type: INTERNAL_IP4_ADDRESS
May 19 08:29:35 xmail2 pluto[18798]: | length/value: 4
May 19 08:29:35 xmail2 pluto[18798]: | ****parse ISAKMP ModeCfg attribute:
May 19 08:29:35 xmail2 pluto[18798]: | ModeCfg attr type: INTERNAL_IP4_NETMASK
May 19 08:29:35 xmail2 pluto[18798]: | length/value: 4
May 19 08:29:35 xmail2 pluto[18798]: "home" #1: extended authentication failed
May 19 08:29:35 xmail2 pluto[18798]: "home" #1: sending XAUTH ack
May 19 08:29:35 xmail2 pluto[18798]: | ***emit ISAKMP Hash Payload:
May 19 08:29:35 xmail2 pluto[18798]: | next payload type: ISAKMP_NEXT_MODECFG
May 19 08:29:35 xmail2 pluto[18798]: | emitting 20 zero bytes of HASH into ISAKMP Hash Payload
May 19 08:29:35 xmail2 pluto[18798]: | emitting length of ISAKMP Hash Payload: 24
May 19 08:29:35 xmail2 pluto[18798]: | ***emit ISAKMP Mode Attribute:
May 19 08:29:35 xmail2 pluto[18798]: | next payload type: ISAKMP_NEXT_NONE
May 19 08:29:35 xmail2 pluto[18798]: | Attr Msg Type: ISAKMP_CFG_ACK
May 19 08:29:35 xmail2 pluto[18798]: | Identifier: 10683
May 19 08:29:35 xmail2 pluto[18798]: | emitting length of ISAKMP Mode Attribute: 8
May 19 08:29:35 xmail2 pluto[18798]: | ModeCfg HASH computed:
More information about the Users
mailing list