[strongSwan] Strongswan OpenVPN client

Gia T. Nguyen gia.nguyen at metronome-software.com
Tue Jan 8 00:22:39 CET 2013


Many thanks!  That was it.


;-)

On 1/7/13 6:11 PM, "Andreas Steffen" <andreas.steffen at strongswan.org>
wrote:

>Hello,
>
>the VPN gateway must assign a virtual IP address to your Android Client:
>
>I/charon  (17492): 15[IKE] received INTERNAL_ADDRESS_FAILURE notify, no
>CHILD_SA built
>
>On a strongSwan gateway Ttis can be done by defining a dynamic address
>pool, e.g.
>
>    rightsourceip=10.0.1.0/24
>
>Regards
>
>Andreas
>
>On 07.01.2013 23:02, Gia T. Nguyen wrote:
>> Samsung Nexus III Android client.
>>
>> I've included the host IP as the SubjectAltName in the certificates and
>> have seemed to get over that error, but I am still not able to connect:
>>
>> Error:  Failure to connect to VPN, Authentication Failed.
>>
>> Any hint on where to look next would be appreciated.
>> Regards,
>>
>> I/charon  (17492): 00[DMN] loaded plugins: androidbridge charon
>> android-log openssl fips-prf random nonce pubkey pkcs1 pkcs8 pem xcbc
>> hmac socket-default eap-identity eap-mschapv2 eap-md5 eap-gtc
>> I/charon  (17492): 00[JOB] spawning 16 worker threads
>> I/charon  (17492): 16[CFG] loaded user certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' and private key
>> I/charon  (17492): 16[CFG] loaded CA certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com'
>> I/charon  (17492): 16[IKE] initiating IKE_SA android[1] to 192.168.24.18
>> I/charon  (17492): 16[ENC] generating IKE_SA_INIT request 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) ]
>> I/charon  (17492): 16[NET] sending packet: from 192.168.24.11[58445] to
>> 192.168.24.18[500]
>> I/charon  (17492): 01[NET] received packet: from 192.168.24.18[500] to
>> 192.168.24.11[58445]
>> I/charon  (17492): 01[ENC] parsed IKE_SA_INIT response 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
>> I/charon  (17492): 01[IKE] faking NAT situation to enforce UDP
>>encapsulation
>> I/charon  (17492): 01[IKE] received cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 01[IKE] sending cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 01[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' (myself) with RSA
>> signature successful
>> I/charon  (17492): 01[IKE] sending end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11"
>> I/charon  (17492): 01[IKE] establishing CHILD_SA android
>> I/charon  (17492): 01[ENC] generating IKE_AUTH request 1 [ IDi CERT
>> N(INIT_CONTACT) CERTREQ AUTH CP(ADDR DNS) SA TSi TSr N(MOBIKE_SUP)
>> N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
>> I/charon  (17492): 01[NET] sending packet: from 192.168.24.11[37948] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 05[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[37948]
>> I/charon  (17492): 05[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH
>> N(AUTH_LFT) N(MOBIKE_SUP) N(NO_ADD_ADDR) N(INT_ADDR_FAIL) ]
>> I/charon  (17492): 05[IKE] received end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 05[CFG]   using certificate "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 05[CFG]   using trusted ca certificate "C=US,
>> ST=VIRGINIA, L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 05[CFG]   reached self-signed root ca with a path
>> length of 0
>> I/charon  (17492): 05[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18' with RSA signature
>> successful
>> I/charon  (17492): 05[IKE] IKE_SA android[1] established between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 05[IKE] scheduling rekeying in 35599s
>> I/charon  (17492): 05[IKE] maximum IKE_SA lifetime 36199s
>> I/charon  (17492): 05[IKE] received INTERNAL_ADDRESS_FAILURE notify, no
>> CHILD_SA built
>> I/charon  (17492): 05[IKE] closing IKE_SA due CHILD_SA setup failure
>> I/charon  (17492): 05[IKE] received AUTH_LIFETIME of 3346s, scheduling
>> reauthentication in 2746s
>> I/charon  (17492): 05[IKE] peer supports MOBIKE
>> I/charon  (17492): 02[IKE] deleting IKE_SA android[1] between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 02[IKE] sending DELETE for IKE_SA android[1]
>> I/charon  (17492): 02[ENC] generating INFORMATIONAL request 2 [ D ]
>> I/charon  (17492): 02[NET] sending packet: from 192.168.24.11[37948] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 06[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[37948]
>> I/charon  (17492): 06[ENC] parsed INFORMATIONAL response 2 [ ]
>> I/charon  (17492): 06[IKE] IKE_SA deleted
>> I/charon  (17492): 00[LIB] intentionally leaking private key reference
>> due to a bug in the framework
>> I/charon  (17492): 00[DMN] loaded plugins: androidbridge charon
>> android-log openssl fips-prf random nonce pubkey pkcs1 pkcs8 pem xcbc
>> hmac socket-default eap-identity eap-mschapv2 eap-md5 eap-gtc
>> I/charon  (17492): 00[JOB] spawning 16 worker threads
>> I/charon  (17492): 07[CFG] loaded user certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' and private key
>> I/charon  (17492): 07[CFG] loaded CA certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com'
>> I/charon  (17492): 07[IKE] initiating IKE_SA android[2] to 192.168.24.18
>> I/charon  (17492): 07[ENC] generating IKE_SA_INIT request 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) ]
>> I/charon  (17492): 07[NET] sending packet: from 192.168.24.11[49017] to
>> 192.168.24.18[500]
>> I/charon  (17492): 01[NET] received packet: from 192.168.24.18[500] to
>> 192.168.24.11[49017]
>> I/charon  (17492): 01[ENC] parsed IKE_SA_INIT response 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
>> I/charon  (17492): 01[IKE] faking NAT situation to enforce UDP
>>encapsulation
>> I/charon  (17492): 01[IKE] received cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 01[IKE] sending cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 01[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' (myself) with RSA
>> signature successful
>> I/charon  (17492): 01[IKE] sending end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11"
>> I/charon  (17492): 01[IKE] establishing CHILD_SA android
>> I/charon  (17492): 01[ENC] generating IKE_AUTH request 1 [ IDi CERT
>> N(INIT_CONTACT) CERTREQ AUTH CP(ADDR DNS) SA TSi TSr N(MOBIKE_SUP)
>> N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
>> I/charon  (17492): 01[NET] sending packet: from 192.168.24.11[54864] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 04[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[54864]
>> I/charon  (17492): 04[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH
>> N(AUTH_LFT) N(MOBIKE_SUP) N(NO_ADD_ADDR) N(INT_ADDR_FAIL) ]
>> I/charon  (17492): 04[IKE] received end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 04[CFG]   using certificate "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 04[CFG]   using trusted ca certificate "C=US,
>> ST=VIRGINIA, L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 04[CFG]   reached self-signed root ca with a path
>> length of 0
>> I/charon  (17492): 04[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18' with RSA signature
>> successful
>> I/charon  (17492): 04[IKE] IKE_SA android[2] established between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 04[IKE] scheduling rekeying in 35530s
>> I/charon  (17492): 04[IKE] maximum IKE_SA lifetime 36130s
>> I/charon  (17492): 04[IKE] received INTERNAL_ADDRESS_FAILURE notify, no
>> CHILD_SA built
>> I/charon  (17492): 04[IKE] closing IKE_SA due CHILD_SA setup failure
>> I/charon  (17492): 04[IKE] received AUTH_LIFETIME of 3259s, scheduling
>> reauthentication in 2659s
>> I/charon  (17492): 04[IKE] peer supports MOBIKE
>> I/charon  (17492): 05[IKE] deleting IKE_SA android[2] between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 05[IKE] sending DELETE for IKE_SA android[2]
>> I/charon  (17492): 05[ENC] generating INFORMATIONAL request 2 [ D ]
>> I/charon  (17492): 05[NET] sending packet: from 192.168.24.11[54864] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 14[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[54864]
>> I/charon  (17492): 14[ENC] parsed INFORMATIONAL response 2 [ ]
>> I/charon  (17492): 14[IKE] IKE_SA deleted
>> I/charon  (17492): 00[LIB] intentionally leaking private key reference
>> due to a bug in the framework
>> I/charon  (17492): 00[DMN] loaded plugins: androidbridge charon
>> android-log openssl fips-prf random nonce pubkey pkcs1 pkcs8 pem xcbc
>> hmac socket-default eap-identity eap-mschapv2 eap-md5 eap-gtc
>> I/charon  (17492): 00[JOB] spawning 16 worker threads
>> I/charon  (17492): 07[CFG] loaded user certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' and private key
>> I/charon  (17492): 07[CFG] loaded CA certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com'
>> I/charon  (17492): 07[IKE] initiating IKE_SA android[3] to 192.168.24.18
>> I/charon  (17492): 07[ENC] generating IKE_SA_INIT request 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) ]
>> I/charon  (17492): 07[NET] sending packet: from 192.168.24.11[57516] to
>> 192.168.24.18[500]
>> I/charon  (17492): 03[IKE] retransmit 1 of request with message ID 0
>> I/charon  (17492): 03[NET] sending packet: from 192.168.24.11[57516] to
>> 192.168.24.18[500]
>> I/charon  (17492): 14[IKE] retransmit 2 of request with message ID 0
>> I/charon  (17492): 14[NET] sending packet: from 192.168.24.11[57516] to
>> 192.168.24.18[500]
>> I/charon  (17492): 01[NET] received packet: from 192.168.24.18[500] to
>> 192.168.24.11[57516]
>> I/charon  (17492): 01[ENC] parsed IKE_SA_INIT response 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
>> I/charon  (17492): 01[IKE] faking NAT situation to enforce UDP
>>encapsulation
>> I/charon  (17492): 01[IKE] received cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 01[IKE] sending cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 01[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' (myself) with RSA
>> signature successful
>> I/charon  (17492): 01[IKE] sending end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11"
>> I/charon  (17492): 01[IKE] establishing CHILD_SA android
>> I/charon  (17492): 01[ENC] generating IKE_AUTH request 1 [ IDi CERT
>> N(INIT_CONTACT) CERTREQ AUTH CP(ADDR DNS) SA TSi TSr N(MOBIKE_SUP)
>> N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
>> I/charon  (17492): 01[NET] sending packet: from 192.168.24.11[54831] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 15[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[54831]
>> I/charon  (17492): 15[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH
>> N(AUTH_LFT) N(MOBIKE_SUP) N(NO_ADD_ADDR) N(INT_ADDR_FAIL) ]
>> I/charon  (17492): 15[IKE] received end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 15[CFG]   using certificate "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 15[CFG]   using trusted ca certificate "C=US,
>> ST=VIRGINIA, L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 15[CFG]   reached self-signed root ca with a path
>> length of 0
>> I/charon  (17492): 15[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18' with RSA signature
>> successful
>> I/charon  (17492): 15[IKE] IKE_SA android[3] established between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 15[IKE] scheduling rekeying in 35465s
>> I/charon  (17492): 15[IKE] maximum IKE_SA lifetime 36065s
>> I/charon  (17492): 15[IKE] received INTERNAL_ADDRESS_FAILURE notify, no
>> CHILD_SA built
>> I/charon  (17492): 15[IKE] closing IKE_SA due CHILD_SA setup failure
>> I/charon  (17492): 15[IKE] received AUTH_LIFETIME of 3394s, scheduling
>> reauthentication in 2794s
>> I/charon  (17492): 15[IKE] peer supports MOBIKE
>> I/charon  (17492): 02[IKE] deleting IKE_SA android[3] between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 02[IKE] sending DELETE for IKE_SA android[3]
>> I/charon  (17492): 02[ENC] generating INFORMATIONAL request 2 [ D ]
>> I/charon  (17492): 02[NET] sending packet: from 192.168.24.11[54831] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 13[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[54831]
>> I/charon  (17492): 13[ENC] parsed INFORMATIONAL response 2 [ ]
>> I/charon  (17492): 13[IKE] IKE_SA deleted
>> I/charon  (17492): 00[LIB] intentionally leaking private key reference
>> due to a bug in the framework
>> I/charon  (17492): 00[DMN] loaded plugins: androidbridge charon
>> android-log openssl fips-prf random nonce pubkey pkcs1 pkcs8 pem xcbc
>> hmac socket-default eap-identity eap-mschapv2 eap-md5 eap-gtc
>> I/charon  (17492): 00[JOB] spawning 16 worker threads
>> I/charon  (17492): 15[CFG] loaded user certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' and private key
>> I/charon  (17492): 15[CFG] loaded CA certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com'
>> I/charon  (17492): 15[IKE] initiating IKE_SA android[4] to 192.168.24.18
>> I/charon  (17492): 15[ENC] generating IKE_SA_INIT request 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) ]
>> I/charon  (17492): 15[NET] sending packet: from 192.168.24.11[55665] to
>> 192.168.24.18[500]
>> I/charon  (17492): 02[NET] received packet: from 192.168.24.18[500] to
>> 192.168.24.11[55665]
>> I/charon  (17492): 02[ENC] parsed IKE_SA_INIT response 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
>> I/charon  (17492): 02[IKE] faking NAT situation to enforce UDP
>>encapsulation
>> I/charon  (17492): 02[IKE] received cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 02[IKE] sending cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 02[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' (myself) with RSA
>> signature successful
>> I/charon  (17492): 02[IKE] sending end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11"
>> I/charon  (17492): 02[IKE] establishing CHILD_SA android
>> I/charon  (17492): 02[ENC] generating IKE_AUTH request 1 [ IDi CERT
>> N(INIT_CONTACT) CERTREQ AUTH CP(ADDR DNS) SA TSi TSr N(MOBIKE_SUP)
>> N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
>> I/charon  (17492): 02[NET] sending packet: from 192.168.24.11[49192] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 03[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[49192]
>> I/charon  (17492): 03[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH
>> N(AUTH_LFT) N(MOBIKE_SUP) N(NO_ADD_ADDR) N(INT_ADDR_FAIL) ]
>> I/charon  (17492): 03[IKE] received end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 03[CFG]   using certificate "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 03[CFG]   using trusted ca certificate "C=US,
>> ST=VIRGINIA, L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 03[CFG]   reached self-signed root ca with a path
>> length of 0
>> I/charon  (17492): 03[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18' with RSA signature
>> successful
>> I/charon  (17492): 03[IKE] IKE_SA android[4] established between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 03[IKE] scheduling rekeying in 35830s
>> I/charon  (17492): 03[IKE] maximum IKE_SA lifetime 36430s
>> I/charon  (17492): 03[IKE] received INTERNAL_ADDRESS_FAILURE notify, no
>> CHILD_SA built
>> I/charon  (17492): 03[IKE] closing IKE_SA due CHILD_SA setup failure
>> I/charon  (17492): 03[IKE] received AUTH_LIFETIME of 3410s, scheduling
>> reauthentication in 2810s
>> I/charon  (17492): 03[IKE] peer supports MOBIKE
>> I/charon  (17492): 10[IKE] deleting IKE_SA android[4] between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 10[IKE] sending DELETE for IKE_SA android[4]
>> I/charon  (17492): 10[ENC] generating INFORMATIONAL request 2 [ D ]
>> I/charon  (17492): 10[NET] sending packet: from 192.168.24.11[49192] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 07[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[49192]
>> I/charon  (17492): 07[ENC] parsed INFORMATIONAL response 2 [ ]
>> I/charon  (17492): 07[IKE] IKE_SA deleted
>> I/charon  (17492): 00[LIB] intentionally leaking private key reference
>> due to a bug in the framework
>> I/charon  (17492): 00[DMN] loaded plugins: androidbridge charon
>> android-log openssl fips-prf random nonce pubkey pkcs1 pkcs8 pem xcbc
>> hmac socket-default eap-identity eap-mschapv2 eap-md5 eap-gtc
>> I/charon  (17492): 00[JOB] spawning 16 worker threads
>> I/charon  (17492): 06[CFG] loaded user certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' and private key
>> I/charon  (17492): 06[CFG] loaded CA certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com'
>> I/charon  (17492): 06[IKE] initiating IKE_SA android[5] to 192.168.24.18
>> I/charon  (17492): 06[ENC] generating IKE_SA_INIT request 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) ]
>> I/charon  (17492): 06[NET] sending packet: from 192.168.24.11[35807] to
>> 192.168.24.18[500]
>> I/charon  (17492): 09[NET] received packet: from 192.168.24.18[500] to
>> 192.168.24.11[35807]
>> I/charon  (17492): 09[ENC] parsed IKE_SA_INIT response 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
>> I/charon  (17492): 09[IKE] faking NAT situation to enforce UDP
>>encapsulation
>> I/charon  (17492): 09[IKE] sending cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 09[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' (myself) with RSA
>> signature successful
>> I/charon  (17492): 09[IKE] establishing CHILD_SA android
>> I/charon  (17492): 09[ENC] generating IKE_AUTH request 1 [ IDi
>> N(INIT_CONTACT) CERTREQ AUTH CP(ADDR DNS) SA TSi TSr N(MOBIKE_SUP)
>> N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
>> I/charon  (17492): 09[NET] sending packet: from 192.168.24.11[53700] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 14[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[53700]
>> I/charon  (17492): 14[ENC] parsed IKE_AUTH response 1 [ N(AUTH_FAILED) ]
>> I/charon  (17492): 14[IKE] received AUTHENTICATION_FAILED notify error
>> I/charon  (17492): 00[LIB] intentionally leaking private key reference
>> due to a bug in the framework
>> I/charon  (17492): 00[DMN] loaded plugins: androidbridge charon
>> android-log openssl fips-prf random nonce pubkey pkcs1 pkcs8 pem xcbc
>> hmac socket-default eap-identity eap-mschapv2 eap-md5 eap-gtc
>> I/charon  (17492): 00[JOB] spawning 16 worker threads
>> I/charon  (17492): 15[CFG] loaded user certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' and private key
>> I/charon  (17492): 15[CFG] loaded CA certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com'
>> I/charon  (17492): 15[IKE] initiating IKE_SA android[6] to 192.168.24.18
>> I/charon  (17492): 15[ENC] generating IKE_SA_INIT request 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) ]
>> I/charon  (17492): 15[NET] sending packet: from 192.168.24.11[48308] to
>> 192.168.24.18[500]
>> I/charon  (17492): 06[NET] received packet: from 192.168.24.18[500] to
>> 192.168.24.11[48308]
>> I/charon  (17492): 06[ENC] parsed IKE_SA_INIT response 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
>> I/charon  (17492): 06[IKE] faking NAT situation to enforce UDP
>>encapsulation
>> I/charon  (17492): 06[IKE] sending cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 06[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' (myself) with RSA
>> signature successful
>> I/charon  (17492): 06[IKE] establishing CHILD_SA android
>> I/charon  (17492): 06[ENC] generating IKE_AUTH request 1 [ IDi
>> N(INIT_CONTACT) CERTREQ AUTH CP(ADDR DNS) SA TSi TSr N(MOBIKE_SUP)
>> N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
>> I/charon  (17492): 06[NET] sending packet: from 192.168.24.11[47129] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 07[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[47129]
>> I/charon  (17492): 07[ENC] parsed IKE_AUTH response 1 [ N(AUTH_FAILED) ]
>> I/charon  (17492): 07[IKE] received AUTHENTICATION_FAILED notify error
>> I/charon  (17492): 00[LIB] intentionally leaking private key reference
>> due to a bug in the framework
>> I/charon  (17492): 00[DMN] loaded plugins: androidbridge charon
>> android-log openssl fips-prf random nonce pubkey pkcs1 pkcs8 pem xcbc
>> hmac socket-default eap-identity eap-mschapv2 eap-md5 eap-gtc
>> I/charon  (17492): 00[JOB] spawning 16 worker threads
>> I/charon  (17492): 14[CFG] loaded user certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' and private key
>> I/charon  (17492): 14[CFG] loaded CA certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com'
>> I/charon  (17492): 14[IKE] initiating IKE_SA android[7] to 192.168.24.18
>> I/charon  (17492): 14[ENC] generating IKE_SA_INIT request 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) ]
>> I/charon  (17492): 14[NET] sending packet: from 192.168.24.11[45478] to
>> 192.168.24.18[500]
>> I/charon  (17492): 12[NET] received packet: from 192.168.24.18[500] to
>> 192.168.24.11[45478]
>> I/charon  (17492): 12[ENC] parsed IKE_SA_INIT response 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
>> I/charon  (17492): 12[IKE] faking NAT situation to enforce UDP
>>encapsulation
>> I/charon  (17492): 12[IKE] received cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 12[IKE] sending cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 12[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' (myself) with RSA
>> signature successful
>> I/charon  (17492): 12[IKE] sending end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11"
>> I/charon  (17492): 12[IKE] establishing CHILD_SA android
>> I/charon  (17492): 12[ENC] generating IKE_AUTH request 1 [ IDi CERT
>> N(INIT_CONTACT) CERTREQ AUTH CP(ADDR DNS) SA TSi TSr N(MOBIKE_SUP)
>> N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
>> I/charon  (17492): 12[NET] sending packet: from 192.168.24.11[47752] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 04[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[47752]
>> I/charon  (17492): 04[ENC] parsed IKE_AUTH response 1 [ IDr AUTH
>> N(AUTH_LFT) N(MOBIKE_SUP) N(NO_ADD_ADDR) N(INT_ADDR_FAIL) ]
>> I/charon  (17492): 04[IKE] no trusted RSA public key found for 'C=US,
>> ST=VIRGINIA, L=RESTON, O=Metronome Software LLC, CN=192.168.24.18'
>> I/charon  (17492): 00[LIB] intentionally leaking private key reference
>> due to a bug in the framework
>> I/charon  (17492): 00[DMN] loaded plugins: androidbridge charon
>> android-log openssl fips-prf random nonce pubkey pkcs1 pkcs8 pem xcbc
>> hmac socket-default eap-identity eap-mschapv2 eap-md5 eap-gtc
>> I/charon  (17492): 00[JOB] spawning 16 worker threads
>> I/charon  (17492): 13[CFG] loaded user certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' and private key
>> I/charon  (17492): 13[CFG] loaded CA certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com'
>> I/charon  (17492): 13[IKE] initiating IKE_SA android[8] to 192.168.24.18
>> I/charon  (17492): 13[ENC] generating IKE_SA_INIT request 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) ]
>> I/charon  (17492): 13[NET] sending packet: from 192.168.24.11[48026] to
>> 192.168.24.18[500]
>> I/charon  (17492): 08[NET] received packet: from 192.168.24.18[500] to
>> 192.168.24.11[48026]
>> I/charon  (17492): 08[ENC] parsed IKE_SA_INIT response 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
>> I/charon  (17492): 08[IKE] faking NAT situation to enforce UDP
>>encapsulation
>> I/charon  (17492): 08[IKE] received cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 08[IKE] sending cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 08[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' (myself) with RSA
>> signature successful
>> I/charon  (17492): 08[IKE] sending end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11"
>> I/charon  (17492): 08[IKE] establishing CHILD_SA android
>> I/charon  (17492): 08[ENC] generating IKE_AUTH request 1 [ IDi CERT
>> N(INIT_CONTACT) CERTREQ AUTH CP(ADDR DNS) SA TSi TSr N(MOBIKE_SUP)
>> N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
>> I/charon  (17492): 08[NET] sending packet: from 192.168.24.11[44651] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 07[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[44651]
>> I/charon  (17492): 07[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH
>> N(AUTH_LFT) N(MOBIKE_SUP) N(NO_ADD_ADDR) N(INT_ADDR_FAIL) ]
>> I/charon  (17492): 07[IKE] received end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 07[CFG]   using certificate "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 07[CFG]   using trusted ca certificate "C=US,
>> ST=VIRGINIA, L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 07[CFG]   reached self-signed root ca with a path
>> length of 0
>> I/charon  (17492): 07[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18' with RSA signature
>> successful
>> I/charon  (17492): 07[IKE] IKE_SA android[8] established between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 07[IKE] scheduling rekeying in 35896s
>> I/charon  (17492): 07[IKE] maximum IKE_SA lifetime 36496s
>> I/charon  (17492): 07[IKE] received INTERNAL_ADDRESS_FAILURE notify, no
>> CHILD_SA built
>> I/charon  (17492): 07[IKE] closing IKE_SA due CHILD_SA setup failure
>> I/charon  (17492): 07[IKE] received AUTH_LIFETIME of 2779s, scheduling
>> reauthentication in 2179s
>> I/charon  (17492): 07[IKE] peer supports MOBIKE
>> I/charon  (17492): 05[IKE] deleting IKE_SA android[8] between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 05[IKE] sending DELETE for IKE_SA android[8]
>> I/charon  (17492): 05[ENC] generating INFORMATIONAL request 2 [ D ]
>> I/charon  (17492): 05[NET] sending packet: from 192.168.24.11[44651] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 04[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[44651]
>> I/charon  (17492): 04[ENC] parsed INFORMATIONAL response 2 [ ]
>> I/charon  (17492): 04[IKE] IKE_SA deleted
>> I/charon  (17492): 00[LIB] intentionally leaking private key reference
>> due to a bug in the framework
>> I/charon  (17492): 00[DMN] loaded plugins: androidbridge charon
>> android-log openssl fips-prf random nonce pubkey pkcs1 pkcs8 pem xcbc
>> hmac socket-default eap-identity eap-mschapv2 eap-md5 eap-gtc
>> I/charon  (17492): 00[JOB] spawning 16 worker threads
>> I/charon  (17492): 15[CFG] loaded user certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' and private key
>> I/charon  (17492): 15[CFG] loaded CA certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com'
>> I/charon  (17492): 15[IKE] initiating IKE_SA android[9] to 192.168.24.18
>> I/charon  (17492): 15[ENC] generating IKE_SA_INIT request 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) ]
>> I/charon  (17492): 15[NET] sending packet: from 192.168.24.11[36984] to
>> 192.168.24.18[500]
>> I/charon  (17492): 08[NET] received packet: from 192.168.24.18[500] to
>> 192.168.24.11[36984]
>> I/charon  (17492): 08[ENC] parsed IKE_SA_INIT response 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
>> I/charon  (17492): 08[IKE] faking NAT situation to enforce UDP
>>encapsulation
>> I/charon  (17492): 08[IKE] received cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 08[IKE] sending cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 08[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' (myself) with RSA
>> signature successful
>> I/charon  (17492): 08[IKE] sending end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11"
>> I/charon  (17492): 08[IKE] establishing CHILD_SA android
>> I/charon  (17492): 08[ENC] generating IKE_AUTH request 1 [ IDi CERT
>> N(INIT_CONTACT) CERTREQ AUTH CP(ADDR DNS) SA TSi TSr N(MOBIKE_SUP)
>> N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
>> I/charon  (17492): 08[NET] sending packet: from 192.168.24.11[40920] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 11[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[40920]
>> I/charon  (17492): 11[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH
>> N(AUTH_LFT) N(MOBIKE_SUP) N(NO_ADD_ADDR) N(INT_ADDR_FAIL) ]
>> I/charon  (17492): 11[IKE] received end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 11[CFG]   using certificate "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 11[CFG]   using trusted ca certificate "C=US,
>> ST=VIRGINIA, L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 11[CFG]   reached self-signed root ca with a path
>> length of 0
>> I/charon  (17492): 11[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18' with RSA signature
>> successful
>> I/charon  (17492): 11[IKE] IKE_SA android[9] established between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 11[IKE] scheduling rekeying in 35644s
>> I/charon  (17492): 11[IKE] maximum IKE_SA lifetime 36244s
>> I/charon  (17492): 11[IKE] received INTERNAL_ADDRESS_FAILURE notify, no
>> CHILD_SA built
>> I/charon  (17492): 11[IKE] closing IKE_SA due CHILD_SA setup failure
>> I/charon  (17492): 11[IKE] received AUTH_LIFETIME of 2933s, scheduling
>> reauthentication in 2333s
>> I/charon  (17492): 11[IKE] peer supports MOBIKE
>> I/charon  (17492): 14[IKE] deleting IKE_SA android[9] between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 14[IKE] sending DELETE for IKE_SA android[9]
>> I/charon  (17492): 14[ENC] generating INFORMATIONAL request 2 [ D ]
>> I/charon  (17492): 14[NET] sending packet: from 192.168.24.11[40920] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 05[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[40920]
>> I/charon  (17492): 05[ENC] parsed INFORMATIONAL response 2 [ ]
>> I/charon  (17492): 05[IKE] IKE_SA deleted
>> I/charon  (17492): 00[LIB] intentionally leaking private key reference
>> due to a bug in the framework
>> I/charon  (17492): 00[DMN] loaded plugins: androidbridge charon
>> android-log openssl fips-prf random nonce pubkey pkcs1 pkcs8 pem xcbc
>> hmac socket-default eap-identity eap-mschapv2 eap-md5 eap-gtc
>> I/charon  (17492): 00[JOB] spawning 16 worker threads
>> I/charon  (17492): 13[CFG] loaded user certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' and private key
>> I/charon  (17492): 13[CFG] loaded CA certificate 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com'
>> I/charon  (17492): 13[IKE] initiating IKE_SA android[10] to 
>>192.168.24.18
>> I/charon  (17492): 13[ENC] generating IKE_SA_INIT request 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) ]
>> I/charon  (17492): 13[NET] sending packet: from 192.168.24.11[53254] to
>> 192.168.24.18[500]
>> I/charon  (17492): 16[NET] received packet: from 192.168.24.18[500] to
>> 192.168.24.11[53254]
>> I/charon  (17492): 16[ENC] parsed IKE_SA_INIT response 0 [ SA KE No
>> N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
>> I/charon  (17492): 16[IKE] faking NAT situation to enforce UDP 
>>encapsulation
>> I/charon  (17492): 16[IKE] received cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 16[IKE] sending cert request for "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 16[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11' (myself) with RSA
>> signature successful
>> I/charon  (17492): 16[IKE] sending end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.11"
>> I/charon  (17492): 16[IKE] establishing CHILD_SA android
>> I/charon  (17492): 16[ENC] generating IKE_AUTH request 1 [ IDi CERT
>> N(INIT_CONTACT) CERTREQ AUTH CP(ADDR DNS) SA TSi TSr N(MOBIKE_SUP)
>> N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
>> I/charon  (17492): 16[NET] sending packet: from 192.168.24.11[55504] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 03[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[55504]
>> I/charon  (17492): 03[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH
>> N(AUTH_LFT) N(MOBIKE_SUP) N(NO_ADD_ADDR) N(INT_ADDR_FAIL) ]
>> I/charon  (17492): 03[IKE] received end entity cert "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 03[CFG]   using certificate "C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18"
>> I/charon  (17492): 03[CFG]   using trusted ca certificate "C=US,
>> ST=VIRGINIA, L=RESTON, O=Metronome Software LLC, CN=mns-lan.com"
>> I/charon  (17492): 03[CFG]   reached self-signed root ca with a path
>> length of 0
>> I/charon  (17492): 03[IKE] authentication of 'C=US, ST=VIRGINIA,
>> L=RESTON, O=Metronome Software LLC, CN=192.168.24.18' with RSA signature
>> successful
>> I/charon  (17492): 03[IKE] IKE_SA android[10] established between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 03[IKE] scheduling rekeying in 35778s
>> I/charon  (17492): 03[IKE] maximum IKE_SA lifetime 36378s
>> I/charon  (17492): 03[IKE] received INTERNAL_ADDRESS_FAILURE notify, no
>> CHILD_SA built
>> I/charon  (17492): 03[IKE] closing IKE_SA due CHILD_SA setup failure
>> I/charon  (17492): 03[IKE] received AUTH_LIFETIME of 2881s, scheduling
>> reauthentication in 2281s
>> I/charon  (17492): 03[IKE] peer supports MOBIKE
>> I/charon  (17492): 02[IKE] deleting IKE_SA android[10] between
>> 192.168.24.11[C=US, ST=VIRGINIA, L=RESTON, O=Metronome Software LLC,
>> CN=192.168.24.11]...192.168.24.18[C=US, ST=VIRGINIA, L=RESTON,
>> O=Metronome Software LLC, CN=192.168.24.18]
>> I/charon  (17492): 02[IKE] sending DELETE for IKE_SA android[10]
>> I/charon  (17492): 02[ENC] generating INFORMATIONAL request 2 [ D ]
>> I/charon  (17492): 02[NET] sending packet: from 192.168.24.11[55504] to
>> 192.168.24.18[4500]
>> I/charon  (17492): 01[NET] received packet: from 192.168.24.18[4500] to
>> 192.168.24.11[55504]
>> I/charon  (17492): 01[ENC] parsed INFORMATIONAL response 2 [ ]
>> I/charon  (17492): 01[IKE] IKE_SA deleted
>> I/charon  (17492): 00[LIB] intentionally leaking private key reference
>> due to a bug in the framework
>>
>======================================================================
>Andreas Steffen                         andreas.steffen at strongswan.org
>strongSwan - the Linux VPN Solution!                www.strongswan.org
>Institute for Internet Technologies and Applications
>University of Applied Sciences Rapperswil
>CH-8640 Rapperswil (Switzerland)
>===========================================================[ITA-HSR]==
>






More information about the Users mailing list