[strongSwan] Can't connect to peer network(showing INVALID_SYNTAX error).
李雄飞
imiskolee at gmail.com
Sun Apr 8 11:45:52 CEST 2018
hi,All:
i am trying to create a vpn tunle with strongswan(peer network is VFrame
platform),but its has a issue. below is detail.
can someone ask me some questions:
1 what's mean INVALID_SYNTAX error?
1.1 i already put /var/log/syslog below for you check.
1.2 i already put tcpdump result of udp:500 log blow for you check.
1.3 i already put terimal std output beblow for you check.
2. any cule of the error?
3. maybe other issue.
*VPN Configurtion:IKE Phase 1 Proposal:Exchange Mode: IKEV2DH Group: Group
2Encryption Method: 3desAuthentication Method: sha1IK2 Phase 2
Proposal:Protocol: ESPDH Group: n/aEncryption Method: AES-256Authentication
Method: SHA-256*
==========================
strongswan version:
# ipsec --version
# Linux strongSwan U5.6.2/K4.4.0-119-generic
==========================
ipsec.conf
config setup
charondebug="dmn 2, mgr 2, ike 2, chd 2, job 2, cfg 2, knl 2, net 2,
enc 2, lib 2"
conn %default
ikelifetime=8h
keylife=8h
rekeymargin=3m
authby=psk
keyexchange=ikev2
mobike=no
ike=3des-sha-modp2048!
esp=aes256-sha256
conn net-net
left=159.*.*.*
#leftsubnet=10.0.0.1
leftsubnet=159.*.*.*/32
leftid=bindo
right=4.*.*.*
rightsubnet=64.*.*.*/32
rightid=4.*.*.*
auto=add
==========================
std output:
initiating IKE_SA net-net[2] to 4.*.*.*
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP)
N(HASH_ALG) ]
sending packet: from 159.*.*.*[500] to 4.*.*.*[500] (316 bytes)
received packet: from 4.*.*.*[500] to 159.*.*.*[500] (337 bytes)
parsed IKE_SA_INIT response 0 [ SA KE No CERTREQ N(NATD_S_IP) N(NATD_D_IP)
V ]
received unknown vendor ID:
2a:67:75:d0:ad:2a:a7:88:7c:33:fe:1d:68:ba:f3:08:96:6f:00:01
received 1 cert requests for an unknown ca
authentication of '159.*.*.*' (myself) with pre-shared key
establishing CHILD_SA net-net
generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH SA TSi TSr
N(EAP_ONLY) ]
sending packet: from 159.*.*.*[500] to 4.*.*.*[500] (220 bytes)
received packet: from 4.*.*.*[500] to 159.*.*.*[500] (68 bytes)
parsed IKE_AUTH response 1 [ N(INVAL_SYN) ]
*received INVALID_SYNTAX notify error*
establishing connection 'net-net' failed
==========================
/var/log/syslog
Apr 8 09:19:42 vantiv charon: 08[JOB] watched FD 19 ready to read
Apr 8 09:19:42 vantiv charon: 08[JOB] watcher going to poll() 7 fds
Apr 8 09:19:42 vantiv charon: 08[JOB] watcher got notification, rebuilding
Apr 8 09:19:42 vantiv charon: 08[JOB] watcher going to poll() 8 fds
Apr 8 09:19:42 vantiv charon: 13[CFG] received stroke: initiate 'net-net'
Apr 8 09:19:42 vantiv charon: 05[MGR] checkout IKE_SA by config
Apr 8 09:19:42 vantiv charon: 05[MGR] created IKE_SA (unnamed)[4]
Apr 8 09:19:42 vantiv charon: 05[IKE] queueing IKE_VENDOR task
Apr 8 09:19:42 vantiv charon: 05[IKE] queueing IKE_INIT task
Apr 8 09:19:42 vantiv charon: 05[IKE] queueing IKE_NATD task
Apr 8 09:19:42 vantiv charon: 05[IKE] queueing IKE_CERT_PRE task
Apr 8 09:19:42 vantiv charon: 05[IKE] queueing IKE_AUTH task
Apr 8 09:19:42 vantiv charon: 05[IKE] queueing IKE_CERT_POST task
Apr 8 09:19:42 vantiv charon: 05[IKE] queueing IKE_CONFIG task
Apr 8 09:19:42 vantiv charon: 05[IKE] queueing IKE_AUTH_LIFETIME task
Apr 8 09:19:42 vantiv charon: 05[IKE] queueing CHILD_CREATE task
Apr 8 09:19:42 vantiv charon: 05[IKE] activating new tasks
Apr 8 09:19:42 vantiv charon: 05[IKE] activating IKE_VENDOR task
Apr 8 09:19:42 vantiv charon: 05[IKE] activating IKE_INIT task
Apr 8 09:19:42 vantiv charon: 05[IKE] activating IKE_NATD task
Apr 8 09:19:42 vantiv charon: 05[IKE] activating IKE_CERT_PRE task
Apr 8 09:19:42 vantiv charon: 05[IKE] activating IKE_AUTH task
Apr 8 09:19:42 vantiv charon: 05[IKE] activating IKE_CERT_POST task
Apr 8 09:19:42 vantiv charon: 05[IKE] activating IKE_CONFIG task
Apr 8 09:19:42 vantiv charon: 05[IKE] activating CHILD_CREATE task
Apr 8 09:19:42 vantiv charon: 05[IKE] activating IKE_AUTH_LIFETIME task
Apr 8 09:19:42 vantiv charon: 05[IKE] initiating IKE_SA net-net[4] to
4.*.*.*
Apr 8 09:19:42 vantiv charon: 05[IKE] IKE_SA net-net[4] state change:
CREATED => CONNECTING
Apr 8 09:19:42 vantiv charon: 05[LIB] size of DH secret exponent: 1023 bits
Apr 8 09:19:42 vantiv charon: 05[CFG] configured proposals:
IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Apr 8 09:19:42 vantiv charon: 05[ENC] added payload of type
SECURITY_ASSOCIATION to message
Apr 8 09:19:42 vantiv charon: 05[ENC] added payload of type KEY_EXCHANGE
to message
Apr 8 09:19:42 vantiv charon: 05[ENC] added payload of type NONCE to
message
Apr 8 09:19:42 vantiv charon: 05[ENC] added payload of type NOTIFY to
message
Apr 8 09:19:42 vantiv charon: message repeated 2 times: [ 05[ENC] added
payload of type NOTIFY to message]
Apr 8 09:19:42 vantiv charon: 05[ENC] order payloads in message
Apr 8 09:19:42 vantiv charon: 05[ENC] added payload of type
SECURITY_ASSOCIATION to message
Apr 8 09:19:42 vantiv charon: 05[ENC] added payload of type KEY_EXCHANGE
to message
Apr 8 09:19:42 vantiv charon: 05[ENC] added payload of type NONCE to
message
Apr 8 09:19:42 vantiv charon: 05[ENC] added payload of type NOTIFY to
message
Apr 8 09:19:42 vantiv charon: message repeated 2 times: [ 05[ENC] added
payload of type NOTIFY to message]
Apr 8 09:19:42 vantiv charon: 05[ENC] generating IKE_SA_INIT request 0 [
SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ]
Apr 8 09:19:42 vantiv charon: 05[ENC] not encrypting payloads
Apr 8 09:19:42 vantiv charon: 05[ENC] generating payload of type HEADER
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 0 IKE_SPI
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 1 IKE_SPI
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 2 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 3 U_INT_4
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 4 U_INT_4
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 5 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 8 FLAG
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 9 FLAG
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 10 FLAG
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 11 FLAG
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 12 FLAG
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 13 FLAG
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 14 U_INT_32
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 15 HEADER_LENGTH
Apr 8 09:19:42 vantiv charon: 05[ENC] generating HEADER payload finished
Apr 8 09:19:42 vantiv charon: 05[ENC] generating payload of type
SECURITY_ASSOCIATION
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 0 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 1 FLAG
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 10 (1258)
Apr 8 09:19:42 vantiv charon: 05[ENC] generating payload of type
SECURITY_ASSOCIATION
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 0 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 1 RESERVED_BYTE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 2 PAYLOAD_LENGTH
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 3 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 4 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 5 SPI_SIZE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 6 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 7 SPI
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 8 (1261)
Apr 8 09:19:42 vantiv charon: 05[ENC] generating payload of type
TRANSFORM_SUBSTRUCTURE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 0 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 1 RESERVED_BYTE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 2 PAYLOAD_LENGTH
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 3 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 4 RESERVED_BYTE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 5 U_INT_16
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 6 (1262)
Apr 8 09:19:42 vantiv charon: 05[ENC] generating TRANSFORM_SUBSTRUCTURE
payload finished
Apr 8 09:19:42 vantiv charon: 05[ENC] generating payload of type
TRANSFORM_SUBSTRUCTURE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 0 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 1 RESERVED_BYTE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 2 PAYLOAD_LENGTH
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 3 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 4 RESERVED_BYTE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 5 U_INT_16
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 6 (1262)
Apr 8 09:19:42 vantiv charon: 05[ENC] generating TRANSFORM_SUBSTRUCTURE
payload finished
Apr 8 09:19:42 vantiv charon: 05[ENC] generating payload of type
TRANSFORM_SUBSTRUCTURE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 0 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 1 RESERVED_BYTE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 2 PAYLOAD_LENGTH
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 3 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 4 RESERVED_BYTE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 5 U_INT_16
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 6 (1262)
Apr 8 09:19:42 vantiv charon: 05[ENC] generating TRANSFORM_SUBSTRUCTURE
payload finished
Apr 8 09:19:42 vantiv charon: 05[ENC] generating payload of type
TRANSFORM_SUBSTRUCTURE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 0 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 1 RESERVED_BYTE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 2 PAYLOAD_LENGTH
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 3 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 4 RESERVED_BYTE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 5 U_INT_16
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 6 (1262)
Apr 8 09:19:42 vantiv charon: 05[ENC] generating TRANSFORM_SUBSTRUCTURE
payload finished
Apr 8 09:19:42 vantiv charon: 05[ENC] generating SECURITY_ASSOCIATION
payload finished
Apr 8 09:19:42 vantiv charon: 05[ENC] generating SECURITY_ASSOCIATION
payload finished
Apr 8 09:19:42 vantiv charon: 05[ENC] generating payload of type
KEY_EXCHANGE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 0 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 1 FLAG
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 10 U_INT_16
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 11 RESERVED_BYTE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 12 RESERVED_BYTE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 13 CHUNK_DATA
Apr 8 09:19:42 vantiv charon: 05[ENC] generating KEY_EXCHANGE payload
finished
Apr 8 09:19:42 vantiv charon: 05[ENC] generating payload of type NONCE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 0 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 1 FLAG
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 10 CHUNK_DATA
Apr 8 09:19:42 vantiv charon: 05[ENC] generating NONCE payload finished
Apr 8 09:19:42 vantiv charon: 05[ENC] generating payload of type NOTIFY
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 0 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 1 FLAG
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 10 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 11 SPI_SIZE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 12 U_INT_16
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 13 SPI
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 14 CHUNK_DATA
Apr 8 09:19:42 vantiv charon: 05[ENC] generating NOTIFY payload finished
Apr 8 09:19:42 vantiv charon: 05[ENC] generating payload of type NOTIFY
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 0 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 1 FLAG
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 10 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 11 SPI_SIZE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 12 U_INT_16
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 13 SPI
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 14 CHUNK_DATA
Apr 8 09:19:42 vantiv charon: 05[ENC] generating NOTIFY payload finished
Apr 8 09:19:42 vantiv charon: 05[ENC] generating payload of type NOTIFY
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 0 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 1 FLAG
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 10 U_INT_8
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 11 SPI_SIZE
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 12 U_INT_16
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 13 SPI
Apr 8 09:19:42 vantiv charon: 05[ENC] generating rule 14 CHUNK_DATA
Apr 8 09:19:42 vantiv charon: 05[ENC] generating NOTIFY payload finished
Apr 8 09:19:42 vantiv charon: 05[NET] sending packet: from 159.*.*.*[500]
to 4.*.*.*[500] (316 bytes)
Apr 8 09:19:42 vantiv charon: 10[NET] sending packet: from 159.*.*.*[500]
to 4.*.*.*[500]
Apr 8 09:19:42 vantiv charon: 07[JOB] next event in 3s 999ms, waiting
Apr 8 09:19:42 vantiv charon: 05[MGR] checkin IKE_SA net-net[4]
Apr 8 09:19:43 vantiv charon: 09[NET] received packet: from 4.*.*.*[500]
to 159.*.*.*[500]
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing header of message
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing HEADER payload, 337 bytes
left
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 0 IKE_SPI
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 1 IKE_SPI
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 2 U_INT_8
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 3 U_INT_4
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 4 U_INT_4
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 5 U_INT_8
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 8 FLAG
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 9 FLAG
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 10 FLAG
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 11 FLAG
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 12 FLAG
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 13 FLAG
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 14 U_INT_32
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 15 HEADER_LENGTH
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing HEADER payload finished
Apr 8 09:19:43 vantiv charon: 09[ENC] parsed a IKE_SA_INIT response header
Apr 8 09:19:43 vantiv charon: 09[NET] waiting for data on sockets
Apr 8 09:19:43 vantiv charon: 12[MGR] checkout IKE_SA by message
Apr 8 09:19:43 vantiv charon: 12[MGR] IKE_SA net-net[4] successfully
checked out
Apr 8 09:19:43 vantiv charon: 12[NET] received packet: from 4.*.*.*[500]
to 159.*.*.*[500] (337 bytes)
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing body of message, first
payload is SECURITY_ASSOCIATION
Apr 8 09:19:43 vantiv charon: 12[ENC] starting parsing a
SECURITY_ASSOCIATION payload
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing SECURITY_ASSOCIATION
payload, 309 bytes left
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 10 (1258)
Apr 8 09:19:43 vantiv charon: 12[ENC] 40 bytes left, parsing recursively
PROPOSAL_SUBSTRUCTURE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing PROPOSAL_SUBSTRUCTURE
payload, 305 bytes left
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 1 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 2 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 3 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 4 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 5 SPI_SIZE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 6 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 7 SPI
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 8 (1260)
Apr 8 09:19:43 vantiv charon: 12[ENC] 32 bytes left, parsing recursively
TRANSFORM_SUBSTRUCTURE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing TRANSFORM_SUBSTRUCTURE
payload, 297 bytes left
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 1 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 2 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 3 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 4 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 5 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 6 (1262)
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing TRANSFORM_SUBSTRUCTURE
payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] 24 bytes left, parsing recursively
TRANSFORM_SUBSTRUCTURE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing TRANSFORM_SUBSTRUCTURE
payload, 289 bytes left
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 1 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 2 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 3 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 4 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 5 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 6 (1262)
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing TRANSFORM_SUBSTRUCTURE
payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] 16 bytes left, parsing recursively
TRANSFORM_SUBSTRUCTURE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing TRANSFORM_SUBSTRUCTURE
payload, 281 bytes left
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 1 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 2 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 3 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 4 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 5 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 6 (1262)
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing TRANSFORM_SUBSTRUCTURE
payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] 8 bytes left, parsing recursively
TRANSFORM_SUBSTRUCTURE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing TRANSFORM_SUBSTRUCTURE
payload, 273 bytes left
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 1 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 2 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 3 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 4 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 5 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 6 (1262)
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing TRANSFORM_SUBSTRUCTURE
payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing PROPOSAL_SUBSTRUCTURE
payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing SECURITY_ASSOCIATION payload
finished
Apr 8 09:19:43 vantiv charon: 12[ENC] verifying payload of type
SECURITY_ASSOCIATION
Apr 8 09:19:43 vantiv charon: 12[ENC] SECURITY_ASSOCIATION payload
verified, adding to payload list
Apr 8 09:19:43 vantiv charon: 12[ENC] starting parsing a KEY_EXCHANGE
payload
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing KEY_EXCHANGE payload, 265
bytes left
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 10 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 11 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 12 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 13 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing KEY_EXCHANGE payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] verifying payload of type
KEY_EXCHANGE
Apr 8 09:19:43 vantiv charon: 12[ENC] KEY_EXCHANGE payload verified,
adding to payload list
Apr 8 09:19:43 vantiv charon: 12[ENC] starting parsing a NONCE payload
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing NONCE payload, 129 bytes left
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 10 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing NONCE payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] verifying payload of type NONCE
Apr 8 09:19:43 vantiv charon: 12[ENC] NONCE payload verified, adding to
payload list
Apr 8 09:19:43 vantiv charon: 12[ENC] starting parsing a CERTREQ payload
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing CERTREQ payload, 105 bytes
left
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 10 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 11 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing CERTREQ payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] verifying payload of type CERTREQ
Apr 8 09:19:43 vantiv charon: 12[ENC] CERTREQ payload verified, adding to
payload list
Apr 8 09:19:43 vantiv charon: 12[ENC] starting parsing a NOTIFY payload
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing NOTIFY payload, 80 bytes left
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 10 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 11 SPI_SIZE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 12 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 13 SPI
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 14 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing NOTIFY payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] verifying payload of type NOTIFY
Apr 8 09:19:43 vantiv charon: 12[ENC] NOTIFY payload verified, adding to
payload list
Apr 8 09:19:43 vantiv charon: 12[ENC] starting parsing a NOTIFY payload
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing NOTIFY payload, 52 bytes left
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 10 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 11 SPI_SIZE
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 12 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 13 SPI
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 14 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing NOTIFY payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] verifying payload of type NOTIFY
Apr 8 09:19:43 vantiv charon: 12[ENC] NOTIFY payload verified, adding to
payload list
Apr 8 09:19:43 vantiv charon: 12[ENC] starting parsing a VENDOR_ID payload
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing VENDOR_ID payload, 24 bytes
left
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing rule 10 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 12[ENC] parsing VENDOR_ID payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] verifying payload of type VENDOR_ID
Apr 8 09:19:43 vantiv charon: 12[ENC] VENDOR_ID payload verified, adding
to payload list
Apr 8 09:19:43 vantiv charon: 12[ENC] process payload of type
SECURITY_ASSOCIATION
Apr 8 09:19:43 vantiv charon: 12[ENC] process payload of type KEY_EXCHANGE
Apr 8 09:19:43 vantiv charon: 12[ENC] process payload of type NONCE
Apr 8 09:19:43 vantiv charon: 12[ENC] process payload of type CERTREQ
Apr 8 09:19:43 vantiv charon: 12[ENC] process payload of type NOTIFY
Apr 8 09:19:43 vantiv charon: 12[ENC] process payload of type NOTIFY
Apr 8 09:19:43 vantiv charon: 12[ENC] process payload of type VENDOR_ID
Apr 8 09:19:43 vantiv charon: 12[ENC] verifying message structure
Apr 8 09:19:43 vantiv charon: 12[ENC] found payload of type NOTIFY
Apr 8 09:19:43 vantiv charon: 12[ENC] found payload of type NOTIFY
Apr 8 09:19:43 vantiv charon: 12[ENC] found payload of type
SECURITY_ASSOCIATION
Apr 8 09:19:43 vantiv charon: 12[ENC] found payload of type KEY_EXCHANGE
Apr 8 09:19:43 vantiv charon: 12[ENC] found payload of type NONCE
Apr 8 09:19:43 vantiv charon: 12[ENC] found payload of type CERTREQ
Apr 8 09:19:43 vantiv charon: 12[ENC] found payload of type VENDOR_ID
Apr 8 09:19:43 vantiv charon: 12[ENC] parsed IKE_SA_INIT response 0 [ SA
KE No CERTREQ N(NATD_S_IP) N(NATD_D_IP) V ]
Apr 8 09:19:43 vantiv charon: 12[ENC] received unknown vendor ID:
2a:67:75:d0:ad:2a:a7:88:7c:33:fe:1d:68:ba:f3:08:96:6f:00:01
Apr 8 09:19:43 vantiv charon: 12[CFG] selecting proposal:
Apr 8 09:19:43 vantiv charon: 12[CFG] proposal matches
Apr 8 09:19:43 vantiv charon: 12[CFG] received proposals:
IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Apr 8 09:19:43 vantiv charon: 12[CFG] configured proposals:
IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Apr 8 09:19:43 vantiv charon: 12[CFG] selected proposal:
IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Apr 8 09:19:43 vantiv charon: 12[IKE] received cert request for unknown ca
with keyid f7:94:ed:49:de:90:2f:31:96:9a:42:9d:24:51:8d:0f:af:1b:ad:23
Apr 8 09:19:43 vantiv charon: 12[IKE] received 1 cert requests for an
unknown ca
Apr 8 09:19:43 vantiv charon: 12[IKE] reinitiating already active tasks
Apr 8 09:19:43 vantiv charon: 12[IKE] IKE_CERT_PRE task
Apr 8 09:19:43 vantiv charon: 12[IKE] IKE_AUTH task
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type NOTIFY to
message
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type ID_RESPONDER
to message
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type ID_INITIATOR
to message
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type NOTIFY to
message
Apr 8 09:19:43 vantiv charon: 12[IKE] authentication of '159.*.*.*'
(myself) with pre-shared key
Apr 8 09:19:43 vantiv charon: 12[IKE] successfully created shared key MAC
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type AUTH to message
Apr 8 09:19:43 vantiv charon: 12[IKE] establishing CHILD_SA net-net
Apr 8 09:19:43 vantiv charon: 12[CFG] proposing traffic selectors for us:
Apr 8 09:19:43 vantiv charon: 12[CFG] 159.*.*.*/32
Apr 8 09:19:43 vantiv charon: 12[CFG] proposing traffic selectors for
other:
Apr 8 09:19:43 vantiv charon: 12[CFG] 64.*.*.*/32
Apr 8 09:19:43 vantiv charon: 12[CFG] configured proposals:
ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Apr 8 09:19:43 vantiv charon: 12[KNL] got SPI cd79edd3
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type
SECURITY_ASSOCIATION to message
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type TS_INITIATOR
to message
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type TS_RESPONDER
to message
Apr 8 09:19:43 vantiv charon: 12[ENC] order payloads in message
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type ID_INITIATOR
to message
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type NOTIFY to
message
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type ID_RESPONDER
to message
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type AUTH to message
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type
SECURITY_ASSOCIATION to message
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type TS_INITIATOR
to message
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type TS_RESPONDER
to message
Apr 8 09:19:43 vantiv charon: 12[ENC] added payload of type NOTIFY to
message
Apr 8 09:19:43 vantiv charon: 12[ENC] generating IKE_AUTH request 1 [ IDi
N(INIT_CONTACT) IDr AUTH SA TSi TSr N(EAP_ONLY) ]
Apr 8 09:19:43 vantiv charon: 12[ENC] insert payload ID_INITIATOR into
encrypted payload
Apr 8 09:19:43 vantiv charon: 12[ENC] insert payload NOTIFY into encrypted
payload
Apr 8 09:19:43 vantiv charon: 12[ENC] insert payload ID_RESPONDER into
encrypted payload
Apr 8 09:19:43 vantiv charon: 12[ENC] insert payload AUTH into encrypted
payload
Apr 8 09:19:43 vantiv charon: 12[ENC] insert payload SECURITY_ASSOCIATION
into encrypted payload
Apr 8 09:19:43 vantiv charon: 12[ENC] insert payload TS_INITIATOR into
encrypted payload
Apr 8 09:19:43 vantiv charon: 12[ENC] insert payload TS_RESPONDER into
encrypted payload
Apr 8 09:19:43 vantiv charon: 12[ENC] insert payload NOTIFY into encrypted
payload
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type HEADER
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 IKE_SPI
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 IKE_SPI
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 U_INT_4
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 U_INT_4
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 8 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 9 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 10 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 11 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 12 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 13 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 14 U_INT_32
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 15 HEADER_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating HEADER payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type
ID_INITIATOR
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 10 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 11 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 12 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 13 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 14 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 12[ENC] generating ID_INITIATOR payload
finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type NOTIFY
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 10 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 11 SPI_SIZE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 12 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 13 SPI
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 14 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 12[ENC] generating NOTIFY payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type
ID_RESPONDER
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 10 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 11 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 12 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 13 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 14 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 12[ENC] generating ID_RESPONDER payload
finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type AUTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 10 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 11 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 12 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 13 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 14 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 12[ENC] generating AUTH payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type
SECURITY_ASSOCIATION
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 10 (1258)
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type
SECURITY_ASSOCIATION
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 SPI_SIZE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 7 SPI
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 8 (1261)
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type
TRANSFORM_SUBSTRUCTURE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 (1262)
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type
TRANSFORM_ATTRIBUTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 ATTRIBUTE_FORMAT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 ATTRIBUTE_TYPE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2
ATTRIBUTE_LENGTH_OR_VALUE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 ATTRIBUTE_VALUE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating TRANSFORM_ATTRIBUTE
payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating TRANSFORM_SUBSTRUCTURE
payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type
TRANSFORM_SUBSTRUCTURE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 (1262)
Apr 8 09:19:43 vantiv charon: 12[ENC] generating TRANSFORM_SUBSTRUCTURE
payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type
TRANSFORM_SUBSTRUCTURE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 (1262)
Apr 8 09:19:43 vantiv charon: 12[ENC] generating TRANSFORM_SUBSTRUCTURE
payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating SECURITY_ASSOCIATION
payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating SECURITY_ASSOCIATION
payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type
TS_INITIATOR
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 10 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 11 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 12 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 13 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 14 (1264)
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type
TRAFFIC_SELECTOR_SUBSTRUCTURE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 TS_TYPE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 ADDRESS
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 ADDRESS
Apr 8 09:19:43 vantiv charon: 12[ENC] generating
TRAFFIC_SELECTOR_SUBSTRUCTURE payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating TS_INITIATOR payload
finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type
TS_RESPONDER
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 10 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 11 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 12 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 13 RESERVED_BYTE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 14 (1264)
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type
TRAFFIC_SELECTOR_SUBSTRUCTURE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 TS_TYPE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 ADDRESS
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 ADDRESS
Apr 8 09:19:43 vantiv charon: 12[ENC] generating
TRAFFIC_SELECTOR_SUBSTRUCTURE payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating TS_RESPONDER payload
finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type NOTIFY
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 10 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 11 SPI_SIZE
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 12 U_INT_16
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 13 SPI
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 14 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 12[ENC] generating NOTIFY payload finished
Apr 8 09:19:43 vantiv charon: 12[ENC] generated content in encrypted
payload
Apr 8 09:19:43 vantiv charon: 12[ENC] generating payload of type ENCRYPTED
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 1 U_INT_8
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 2 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 12[ENC] generating rule 3 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 12[ENC] generating ENCRYPTED payload finished
Apr 8 09:19:43 vantiv charon: 12[NET] sending packet: from 159.*.*.*[500]
to 4.*.*.*[500] (220 bytes)
Apr 8 09:19:43 vantiv charon: 10[NET] sending packet: from 159.*.*.*[500]
to 4.*.*.*[500]
Apr 8 09:19:43 vantiv charon: 07[JOB] next event in 3s 697ms, waiting
Apr 8 09:19:43 vantiv charon: 12[MGR] checkin IKE_SA net-net[4]
Apr 8 09:19:43 vantiv charon: 12[MGR] check-in of IKE_SA successful.
Apr 8 09:19:43 vantiv charon: 09[NET] received packet: from 4.*.*.*[500]
to 159.*.*.*[500]
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing header of message
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing HEADER payload, 68 bytes left
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 0 IKE_SPI
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 1 IKE_SPI
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 2 U_INT_8
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 3 U_INT_4
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 4 U_INT_4
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 5 U_INT_8
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 8 FLAG
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 9 FLAG
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 10 FLAG
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 11 FLAG
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 12 FLAG
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 13 FLAG
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 14 U_INT_32
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing rule 15 HEADER_LENGTH
Apr 8 09:19:43 vantiv charon: 09[ENC] parsing HEADER payload finished
Apr 8 09:19:43 vantiv charon: 09[ENC] parsed a IKE_AUTH response header
Apr 8 09:19:43 vantiv charon: 09[NET] waiting for data on sockets
Apr 8 09:19:43 vantiv charon: 16[MGR] checkout IKE_SA by message
Apr 8 09:19:43 vantiv charon: 16[MGR] IKE_SA net-net[4] successfully
checked out
Apr 8 09:19:43 vantiv charon: 16[NET] received packet: from 4.*.*.*[500]
to 159.*.*.*[500] (68 bytes)
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing body of message, first
payload is ENCRYPTED
Apr 8 09:19:43 vantiv charon: 16[ENC] starting parsing a ENCRYPTED payload
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing ENCRYPTED payload, 40 bytes
left
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 1 U_INT_8
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 2 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 3 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing ENCRYPTED payload finished
Apr 8 09:19:43 vantiv charon: 16[ENC] verifying payload of type ENCRYPTED
Apr 8 09:19:43 vantiv charon: 16[ENC] ENCRYPTED payload verified, adding
to payload list
Apr 8 09:19:43 vantiv charon: 16[ENC] ENCRYPTED payload found, stop parsing
Apr 8 09:19:43 vantiv charon: 16[ENC] process payload of type ENCRYPTED
Apr 8 09:19:43 vantiv charon: 16[ENC] found an encrypted payload
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing NOTIFY payload, 8 bytes left
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 0 U_INT_8
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 1 FLAG
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 2 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 3 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 4 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 5 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 6 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 7 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 8 RESERVED_BIT
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 9 PAYLOAD_LENGTH
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 10 U_INT_8
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 11 SPI_SIZE
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 12 U_INT_16
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 13 SPI
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing rule 14 CHUNK_DATA
Apr 8 09:19:43 vantiv charon: 16[ENC] parsing NOTIFY payload finished
Apr 8 09:19:43 vantiv charon: 16[ENC] parsed content of encrypted payload
Apr 8 09:19:43 vantiv charon: 16[ENC] insert decrypted payload of type
NOTIFY at end of list
Apr 8 09:19:43 vantiv charon: 16[ENC] verifying message structure
Apr 8 09:19:43 vantiv charon: 16[ENC] found payload of type NOTIFY
Apr 8 09:19:43 vantiv charon: 16[ENC] parsed IKE_AUTH response 1 [
N(INVAL_SYN) ]
Apr 8 09:19:43 vantiv charon: 16[IKE] received INVALID_SYNTAX notify error
Apr 8 09:19:43 vantiv charon: 16[KNL] deleting SAD entry with SPI cd79edd3
(mark 0/0x00000000)
Apr 8 09:19:43 vantiv charon: 08[JOB] watcher got notification, rebuilding
Apr 8 09:19:43 vantiv charon: 08[JOB] watcher going to poll() 8 fds
Apr 8 09:19:43 vantiv charon: 16[KNL] deleted SAD entry with SPI cd79edd3
(mark 0/0x00000000)
Apr 8 09:19:43 vantiv charon: 16[MGR] checkin and destroy IKE_SA net-net[4]
Apr 8 09:19:43 vantiv charon: 16[IKE] IKE_SA net-net[4] state change:
CONNECTING => DESTROYING
Apr 8 09:19:43 vantiv charon: 16[MGR] check-in and destroy of IKE_SA
successful
Apr 8 09:19:46 vantiv charon: 07[JOB] got event, queuing job for execution
Apr 8 09:19:46 vantiv charon: 07[JOB] next event in 301ms, waiting
Apr 8 09:19:46 vantiv charon: 04[MGR] checkout IKE_SA
Apr 8 09:19:47 vantiv charon: 07[JOB] got event, queuing job for execution
Apr 8 09:19:47 vantiv charon: 07[JOB] no events, waiting
Apr 8 09:19:47 vantiv charon: 02[MGR] checkout IKE_SA
==========================
tcpdump -i eth0 udp port 500 -vv -X
09:19:12.068335 IP (tos 0x0, ttl 64, id 64390, offset 0, flags [DF], proto
UDP (17), length 344)
159.*.*.*.isakmp > 4.*.*.*.isakmp: [bad udp cksum 0x7de2 -> 0x5c9c!]
isakmp 2.0 msgid 00000000 cookie 9f0505ac1ecc1754->0000000000000000:
parent_sa ikev2_init[I]:
(sa: len=40
(p: #1 protoid=isakmp transform=4 len=40
(t: #1 type=encr id=3des )
(t: #2 type=integ id=hmac-sha )
(t: #3 type=prf id=hmac-sha )
(t: #4 type=dh id=modp1024 )))
(v2ke: len=128 group=modp1024)
(nonce: len=32
nonce=(b297e9f0d87c090582ef061b15e5ae3943701fd8f4fa36bb07153e6c42f1910a) )
(n: prot_id=#0 type=16388(nat_detection_source_ip))
(n: prot_id=#0 type=16389(nat_detection_destination_ip))
(n: prot_id=#0 type=16431(status))
0x0000: 4500 0158 fb86 4000 4011 c181 9f41 8d80 E..X.. at .@....A..
0x0010: 0435 4b96 01f4 01f4 0144 7de2 9f05 05ac .5K......D}.....
0x0020: 1ecc 1754 0000 0000 0000 0000 2120 2208 ...T........!.".
0x0030: 0000 0000 0000 013c 2200 002c 0000 0028 .......<"..,...(
0x0040: 0101 0004 0300 0008 0100 0003 0300 0008 ................
0x0050: 0300 0002 0300 0008 0200 0002 0000 0008 ................
0x0060: 0400 0002 2800 0088 0002 0000 1f4c 76bf ....(........Lv.
0x0070: 083a a0d0 8c21 b82a 77b9 cf22 3e3c dbe7 .:...!.*w.."><..
0x0080: beaa 28ac 15fd 1f2e 2ed8 13cf b8e6 0ea3 ..(.............
0x0090: 8c88 317c 3470 6f0b a7fa cb56 1a3c 7400 ..1|4po....V.<t.
0x00a0: 9018 5a12 2d1a e19f 7898 e5a0 5aa7 1d8f ..Z.-...x...Z...
0x00b0: a22c 5ad8 c4ea aa00 3d62 c54b a876 0e03 .,Z.....=b.K.v..
0x00c0: d16d 6756 7577 0eff f7f8 6e1b b9bd 3c08 .mgVuw....n...<.
0x00d0: 9a59 5488 0652 a639 9397 ebee cb68 4000 .YT..R.9.....h at .
0x00e0: 72e5 30c3 316f bcc8 65e0 331a 2900 0024 r.0.1o..e.3.)..$
0x00f0: b297 e9f0 d87c 0905 82ef 061b 15e5 ae39 .....|.........9
0x0100: 4370 1fd8 f4fa 36bb 0715 3e6c 42f1 910a Cp....6...>lB...
0x0110: 2900 001c 0000 4004 8332 00a1 0af9 68b2 )..... at ..2....h.
0x0120: 4210 8cbb d03b 0ae1 c5f5 636e 2900 001c B....;....cn)...
0x0130: 0000 4005 a27d 1eeb 36f6 f4c9 3d39 67ae .. at ..}..6...=9g.
0x0140: 5225 8230 815d 7345 0000 0010 0000 402f R%.0.]sE......@/
0x0150: 0001 0002 0003 0004 ........
09:19:12.316113 IP (tos 0x0, ttl 241, id 32455, offset 0, flags [none],
proto UDP (17), length 365)
4.*.*.*.isakmp > 159.*.*.*.isakmp: [no cksum] isakmp 2.0 msgid 00000000
cookie 9f0505ac1ecc1754->e2271350a483850c: parent_sa ikev2_init[R]:
(sa: len=40
(p: #1 protoid=isakmp transform=4 len=40
(t: #1 type=encr id=3des )
(t: #2 type=integ id=hmac-sha )
(t: #3 type=prf id=hmac-sha )
(t: #4 type=dh id=modp1024 )))
(v2ke: len=128 group=modp1024)
(nonce: len=20 nonce=(bfd8134995d3ca18d9f52af6602a9f41eeb8a805) )
(v2cr: len=21)
(n: prot_id=#0 type=16388(nat_detection_source_ip))
(n: prot_id=#0 type=16389(nat_detection_destination_ip))
(v2vid: len=20 vid=*gu..*..|3..h....o..)
0x0000: 4500 016d 7ec7 0000 f111 cd2b 0435 4b96 E..m~......+.5K.
0x0010: 9f41 8d80 01f4 01f4 0159 0000 9f05 05ac .A.......Y......
0x0020: 1ecc 1754 e227 1350 a483 850c 2120 2220 ...T.'.P....!.".
0x0030: 0000 0000 0000 0151 2200 002c 0000 0028 .......Q"..,...(
0x0040: 0101 0004 0300 0008 0100 0003 0300 0008 ................
0x0050: 0300 0002 0300 0008 0200 0002 0000 0008 ................
0x0060: 0400 0002 2800 0088 0002 0000 c5c9 c40c ....(...........
0x0070: 8ac6 46a2 2565 fec8 6945 2659 da83 acfa ..F.%e..iE&Y....
0x0080: 3339 8ff1 7fec ac2c 5d84 31a4 0e14 8ae7 39.....,].1.....
0x0090: c9b7 34e3 1acf 8ddf 97f3 f132 88c6 59bb ..4........2..Y.
0x00a0: b26c 035b a9e4 983e 9dbc 8ae4 a2ca 54e8 .l.[...>......T.
0x00b0: 205b adef 00b7 7243 60ec 81e3 47b7 51d6 .[....rC`...G.Q.
0x00c0: 16b9 0820 1ea9 b97b 768c 41d3 6499 aeab .......{v.A.d...
0x00d0: 8591 593f 07cb e3da 54c1 20f3 b615 a21b ..Y?....T.......
0x00e0: eace 3ae1 e42d c91a def3 bd8f 2600 0018 ..:..-......&...
0x00f0: bfd8 1349 95d3 ca18 d9f5 2af6 602a 9f41 ...I......*.`*.A
0x0100: eeb8 a805 2900 0019 04f7 94ed 49de 902f ....).......I../
0x0110: 3196 9a42 9d24 518d 0faf 1bad 2329 0000 1..B.$Q.....#)..
0x0120: 1c00 0040 0417 63ad 140a 56d4 1708 afa3 ... at ..c...V.....
0x0130: 4e98 3a22 f65f 4ffd 682b 0000 1c00 0040 N.:"._O.h+.....@
0x0140: 0572 69b2 a94c ef0b 96d7 3494 8a71 29b5 .ri..L....4..q).
0x0150: a2e1 d26a 0a00 0000 182a 6775 d0ad 2aa7 ...j.....*gu..*.
0x0160: 887c 33fe 1d68 baf3 0896 6f00 01 .|3..h....o..
09:19:12.355282 IP (tos 0x0, ttl 64, id 64398, offset 0, flags [DF], proto
UDP (17), length 248)
159.*.*.*.isakmp > 4.*.*.*.isakmp: [bad udp cksum 0x7d82 -> 0x76d0!]
isakmp 2.0 msgid 00000001 cookie 9f0505ac1ecc1754->e2271350a483850c:
child_sa ikev2_auth[I]:
(v2e: len=188)
0x0000: 4500 00f8 fb8e 4000 4011 c1d9 9f41 8d80 E..... at .@....A..
0x0010: 0435 4b96 01f4 01f4 00e4 7d82 9f05 05ac .5K.......}.....
0x0020: 1ecc 1754 e227 1350 a483 850c 2e20 2308 ...T.'.P......#.
0x0030: 0000 0001 0000 00dc 2300 00c0 6ad9 e716 ........#...j...
0x0040: a1dd 4899 4920 4603 2bee 3d53 cbf5 1094 ..H.I.F.+.=S....
0x0050: 7183 5bcd f099 f2d2 ae0e ebe2 ee8b 9179 q.[............y
0x0060: 00b8 d96a 6f87 f2c9 0316 f602 3735 0eba ...jo.......75..
0x0070: eb0f 953b df4f 0daf 47e1 17a4 c821 205d ...;.O..G....!.]
0x0080: 4cd5 7b7f e3b3 47f2 59b4 a118 2435 02bd L.{...G.Y...$5..
0x0090: 01b3 e2f8 dd10 c3e1 7420 3595 2cc8 b551 ........t.5.,..Q
0x00a0: 149d 3d20 bca3 75dc 33e7 ad41 798b 41bc ..=...u.3..Ay.A.
0x00b0: 5119 5a81 c210 614d bad7 77e1 6b01 49bd Q.Z...aM..w.k.I.
0x00c0: 2bdc 3f76 139e 38af 4c6d fddc 5fd5 7717 +.?v..8.Lm.._.w.
0x00d0: a630 f382 6d4b fead 1457 7593 5aa1 6333 .0..mK...Wu.Z.c3
0x00e0: 2840 ba2b b6f4 0def 3544 10ed 12cf 9000 (@.+....5D......
0x00f0: de8f 5d1e 0b38 8eaa ..]..8..
09:19:12.596927 IP (tos 0x0, ttl 241, id 47110, offset 0, flags [none],
proto UDP (17), length 96)
4.*.*.*.isakmp > 159.*.*.*.isakmp: [no cksum] isakmp 2.0 msgid 00000001
cookie 9f0505ac1ecc1754->e2271350a483850c: child_sa ikev2_auth[R]:
(v2e: len=36)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180408/36591912/attachment-0001.html>
More information about the Users
mailing list